00000180)={0x4c00000000000000, 0x5000, 0x6, 0x4}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r5, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r4, 0xae80, 0x0) 14:33:09 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:09 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='dtrfs\"', &(0x7f0000000080)='./file0\x00', 0x10001, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 372.950110] net_ratelimit: 14 callbacks suppressed [ 372.950118] protocol 88fb is buggy, dev hsr_slave_0 [ 372.960191] protocol 88fb is buggy, dev hsr_slave_1 14:33:09 executing program 2 (fault-call:3 fault-nth:14): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:09 executing program 3 (fault-call:0 fault-nth:13): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:10 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000", 0x3f, 0x10000}], 0x0, 0x0) [ 373.118624] FAULT_INJECTION: forcing a failure. [ 373.118624] name failslab, interval 1, probability 0, space 0, times 0 [ 373.169989] FAULT_INJECTION: forcing a failure. [ 373.169989] name failslab, interval 1, probability 0, space 0, times 0 [ 373.183068] CPU: 0 PID: 18646 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 373.190118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.199496] Call Trace: [ 373.202098] dump_stack+0x142/0x197 [ 373.205915] should_fail.cold+0x10f/0x159 [ 373.210081] should_failslab+0xdb/0x130 [ 373.214092] kmem_cache_alloc+0x2d7/0x780 [ 373.218253] ? __mutex_unlock_slowpath+0x71/0x800 [ 373.223893] ? __lock_is_held+0xb6/0x140 [ 373.228057] __kernfs_new_node+0x70/0x420 [ 373.232300] kernfs_new_node+0x80/0xf0 [ 373.236251] __kernfs_create_file+0x46/0x323 [ 373.240674] sysfs_add_file_mode_ns+0x1e4/0x450 [ 373.245446] internal_create_group+0x232/0x7b0 [ 373.250036] sysfs_create_group+0x20/0x30 [ 373.254369] lo_ioctl+0x1176/0x1ce0 [ 373.258003] ? loop_probe+0x160/0x160 [ 373.261807] blkdev_ioctl+0x96b/0x1860 [ 373.265706] ? blkpg_ioctl+0x980/0x980 [ 373.270047] ? __might_sleep+0x93/0xb0 [ 373.273935] ? __fget+0x210/0x370 [ 373.277655] block_ioctl+0xde/0x120 [ 373.281489] ? blkdev_fallocate+0x3b0/0x3b0 [ 373.286453] do_vfs_ioctl+0x7ae/0x1060 [ 373.290785] ? selinux_file_mprotect+0x5d0/0x5d0 [ 373.295551] ? lock_downgrade+0x740/0x740 [ 373.299784] ? ioctl_preallocate+0x1c0/0x1c0 [ 373.304279] ? __fget+0x237/0x370 [ 373.307820] ? security_file_ioctl+0x89/0xb0 [ 373.312228] SyS_ioctl+0x8f/0xc0 [ 373.315765] ? do_vfs_ioctl+0x1060/0x1060 [ 373.320320] do_syscall_64+0x1e8/0x640 [ 373.324633] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.329493] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 373.334677] RIP: 0033:0x45a4a7 [ 373.337855] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 373.345581] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 373.352847] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 373.360304] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 373.368541] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 373.376869] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 373.384454] protocol 88fb is buggy, dev hsr_slave_0 [ 373.390087] protocol 88fb is buggy, dev hsr_slave_1 [ 373.398333] CPU: 1 PID: 18652 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 373.405556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.414992] Call Trace: [ 373.417600] dump_stack+0x142/0x197 [ 373.421329] should_fail.cold+0x10f/0x159 [ 373.425569] should_failslab+0xdb/0x130 [ 373.429550] kmem_cache_alloc+0x2d7/0x780 [ 373.433696] ? trace_hardirqs_on+0x10/0x10 [ 373.437933] ? save_trace+0x290/0x290 [ 373.441739] __kernfs_new_node+0x70/0x420 [ 373.446324] kernfs_new_node+0x80/0xf0 [ 373.450219] kernfs_create_dir_ns+0x41/0x140 [ 373.454625] internal_create_group+0xea/0x7b0 [ 373.459138] sysfs_create_group+0x20/0x30 [ 373.463295] lo_ioctl+0x1176/0x1ce0 [ 373.466922] ? loop_probe+0x160/0x160 [ 373.470736] blkdev_ioctl+0x96b/0x1860 [ 373.475583] ? blkpg_ioctl+0x980/0x980 [ 373.479475] ? __might_sleep+0x93/0xb0 [ 373.483357] ? __fget+0x210/0x370 [ 373.486807] block_ioctl+0xde/0x120 [ 373.490517] ? blkdev_fallocate+0x3b0/0x3b0 [ 373.494839] do_vfs_ioctl+0x7ae/0x1060 [ 373.498729] ? selinux_file_mprotect+0x5d0/0x5d0 [ 373.503654] ? lock_downgrade+0x740/0x740 [ 373.507804] ? ioctl_preallocate+0x1c0/0x1c0 [ 373.512647] ? __fget+0x237/0x370 [ 373.516465] ? security_file_ioctl+0x89/0xb0 [ 373.520871] SyS_ioctl+0x8f/0xc0 [ 373.524231] ? do_vfs_ioctl+0x1060/0x1060 [ 373.528983] do_syscall_64+0x1e8/0x640 [ 373.532860] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.537811] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 373.543166] RIP: 0033:0x45a4a7 [ 373.546436] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 373.554415] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 373.562298] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 373.569659] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 373.576925] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 373.584280] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:10 executing program 1: timer_create(0x5, &(0x7f00000001c0)={0x0, 0x8, 0x2, @thr={&(0x7f0000000000)="f759418d860e35fc28238593a23b1976590cf74bfcb0fa5d43ee1e328a1971bf019617d2a8c10d4f5310f294062e55587404cf6add6343b6ab01284d95896e9a03dd04905ff546df6a40f2065de422c6cb4bc47d9c727f138f5fc8e313e80f70c619a240f1bd1b97ba396db3d3db0b74f2c45433e69fe1564286fdf815aba5ab6523cfc2db7f", &(0x7f00000000c0)="68116b1b6f4ab65945442a58260a2cb4e5a4de3e4781e4138421ea2d25aaefc3b8be8cdb9c36407218c60c1dad1885f188de89a336518e7f9e77a40cd509401d5fa9e27948f820ae9b8483e2d69e818281c85933b3e1326107b7c2bdabd7032f2bd753adb32a87ae25c2a04baeaeb2f496aed21537505d818202229f7fc3f490e064652e4c07cf9b5b313f4497c231892185fde8a3e411ef66efcf714c988dacb7e880d29281da5f1570cec1a5fe7ae0c9f3ac757fd3431cae3bb8774080ea110177e992"}}, &(0x7f0000000200)=0x0) openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/attr/keycreate\x00', 0x2, 0x0) timer_gettime(r0, &(0x7f0000000240)) 14:33:10 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000", 0x3f, 0x10000}], 0x0, 0x0) [ 373.695100] print_req_error: I/O error, dev loop0, sector 128 14:33:10 executing program 2 (fault-call:3 fault-nth:15): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:10 executing program 3 (fault-call:0 fault-nth:14): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:10 executing program 1: chdir(&(0x7f0000000080)='./file0\x00') syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_NMI(r1, 0xae9a) 14:33:10 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f424852", 0x44, 0x10000}], 0x0, 0x0) [ 373.830104] protocol 88fb is buggy, dev hsr_slave_0 [ 373.835209] protocol 88fb is buggy, dev hsr_slave_1 [ 373.951835] FAULT_INJECTION: forcing a failure. [ 373.951835] name failslab, interval 1, probability 0, space 0, times 0 [ 373.965420] CPU: 0 PID: 18691 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 373.972456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.981896] Call Trace: [ 373.984482] dump_stack+0x142/0x197 [ 373.988188] should_fail.cold+0x10f/0x159 [ 373.993301] should_failslab+0xdb/0x130 [ 373.997975] kmem_cache_alloc+0x2d7/0x780 [ 374.002989] ? wait_for_completion+0x420/0x420 [ 374.007561] __kernfs_new_node+0x70/0x420 [ 374.011804] kernfs_new_node+0x80/0xf0 [ 374.015939] __kernfs_create_file+0x46/0x323 [ 374.020426] sysfs_add_file_mode_ns+0x1e4/0x450 [ 374.025517] internal_create_group+0x232/0x7b0 [ 374.030436] sysfs_create_group+0x20/0x30 [ 374.035002] lo_ioctl+0x1176/0x1ce0 [ 374.038712] ? loop_probe+0x160/0x160 [ 374.043044] blkdev_ioctl+0x96b/0x1860 [ 374.047260] ? blkpg_ioctl+0x980/0x980 [ 374.051395] ? __might_sleep+0x93/0xb0 [ 374.055699] ? __fget+0x210/0x370 [ 374.060093] block_ioctl+0xde/0x120 [ 374.063876] ? blkdev_fallocate+0x3b0/0x3b0 [ 374.068445] do_vfs_ioctl+0x7ae/0x1060 [ 374.072664] ? selinux_file_mprotect+0x5d0/0x5d0 [ 374.077489] ? lock_downgrade+0x740/0x740 [ 374.081982] ? ioctl_preallocate+0x1c0/0x1c0 [ 374.086720] ? __fget+0x237/0x370 [ 374.090163] ? security_file_ioctl+0x89/0xb0 [ 374.094818] SyS_ioctl+0x8f/0xc0 [ 374.098200] ? do_vfs_ioctl+0x1060/0x1060 [ 374.102688] do_syscall_64+0x1e8/0x640 [ 374.106585] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.111416] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 374.116765] RIP: 0033:0x45a4a7 [ 374.120300] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 374.128599] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 374.136297] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 374.144171] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 374.152437] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 374.160210] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 374.170811] protocol 88fb is buggy, dev hsr_slave_0 [ 374.175995] protocol 88fb is buggy, dev hsr_slave_1 [ 374.184286] FAULT_INJECTION: forcing a failure. [ 374.184286] name failslab, interval 1, probability 0, space 0, times 0 [ 374.204247] CPU: 0 PID: 18692 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 374.211463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.221158] Call Trace: [ 374.221177] dump_stack+0x142/0x197 [ 374.221198] should_fail.cold+0x10f/0x159 [ 374.227396] should_failslab+0xdb/0x130 [ 374.235483] kmem_cache_alloc+0x2d7/0x780 [ 374.239637] ? __mutex_unlock_slowpath+0x71/0x800 [ 374.244488] ? __lock_is_held+0xb6/0x140 [ 374.248561] __kernfs_new_node+0x70/0x420 [ 374.252821] kernfs_new_node+0x80/0xf0 [ 374.256715] __kernfs_create_file+0x46/0x323 [ 374.261123] sysfs_add_file_mode_ns+0x1e4/0x450 [ 374.265812] internal_create_group+0x232/0x7b0 [ 374.270383] sysfs_create_group+0x20/0x30 [ 374.274528] lo_ioctl+0x1176/0x1ce0 [ 374.278141] ? loop_probe+0x160/0x160 [ 374.282025] blkdev_ioctl+0x96b/0x1860 [ 374.285910] ? blkpg_ioctl+0x980/0x980 [ 374.289787] ? __might_sleep+0x93/0xb0 [ 374.293662] ? __fget+0x210/0x370 [ 374.297104] block_ioctl+0xde/0x120 [ 374.300713] ? blkdev_fallocate+0x3b0/0x3b0 [ 374.305023] do_vfs_ioctl+0x7ae/0x1060 [ 374.308908] ? selinux_file_mprotect+0x5d0/0x5d0 [ 374.313651] ? lock_downgrade+0x740/0x740 [ 374.317785] ? ioctl_preallocate+0x1c0/0x1c0 [ 374.322175] ? __fget+0x237/0x370 [ 374.325616] ? security_file_ioctl+0x89/0xb0 [ 374.330366] SyS_ioctl+0x8f/0xc0 [ 374.333790] ? do_vfs_ioctl+0x1060/0x1060 [ 374.337957] do_syscall_64+0x1e8/0x640 [ 374.341840] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.346678] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 374.351862] RIP: 0033:0x45a4a7 [ 374.355090] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 374.362788] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 374.370079] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 374.377337] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 374.384602] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 374.391879] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 374.400194] protocol 88fb is buggy, dev hsr_slave_0 [ 374.405315] protocol 88fb is buggy, dev hsr_slave_1 14:33:11 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1, 0x2000) recvmsg$kcm(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000180)=""/184, 0xb8}, {&(0x7f0000000240)=""/247, 0xf7}, {&(0x7f0000000100)=""/53, 0x35}, {&(0x7f0000000440)=""/74, 0x4a}, {&(0x7f00000004c0)=""/221, 0xdd}, {&(0x7f00000005c0)=""/252, 0xfc}], 0x6, &(0x7f0000000740)=""/123, 0x7b}, 0x2100) r5 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r5, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb], 0x0, 0x12000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:11 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:11 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20ncci\x00', 0x40, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x810}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0xd0, r1, 0x410, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_MEDIA={0x50, 0x5, [@TIPC_NLA_MEDIA_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x92e9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}]}]}, @TIPC_NLA_BEARER={0x44, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @local}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x6, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x6e}}}}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x2}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0xfaf37344771db2ee}, 0x10020) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r1, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) flock(r0, 0x2) 14:33:11 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f424852", 0x44, 0x10000}], 0x0, 0x0) 14:33:11 executing program 2 (fault-call:3 fault-nth:16): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:11 executing program 3 (fault-call:0 fault-nth:15): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 374.623404] FAULT_INJECTION: forcing a failure. [ 374.623404] name failslab, interval 1, probability 0, space 0, times 0 [ 374.651314] audit: type=1400 audit(1574173991.542:97): avc: denied { lock } for pid=18713 comm="syz-executor.1" path="socket:[77174]" dev="sockfs" ino=77174 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 374.667224] CPU: 0 PID: 18722 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 374.687004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.696726] Call Trace: [ 374.699339] dump_stack+0x142/0x197 [ 374.703161] should_fail.cold+0x10f/0x159 [ 374.707324] should_failslab+0xdb/0x130 [ 374.711391] kmem_cache_alloc+0x2d7/0x780 [ 374.715635] ? wait_for_completion+0x420/0x420 [ 374.720231] __kernfs_new_node+0x70/0x420 [ 374.724397] kernfs_new_node+0x80/0xf0 [ 374.728272] __kernfs_create_file+0x46/0x323 [ 374.733038] sysfs_add_file_mode_ns+0x1e4/0x450 [ 374.737955] internal_create_group+0x232/0x7b0 [ 374.742528] sysfs_create_group+0x20/0x30 [ 374.746834] lo_ioctl+0x1176/0x1ce0 [ 374.750451] ? loop_probe+0x160/0x160 [ 374.754415] blkdev_ioctl+0x96b/0x1860 [ 374.758285] ? blkpg_ioctl+0x980/0x980 [ 374.762167] ? __might_sleep+0x93/0xb0 [ 374.766129] ? __fget+0x210/0x370 [ 374.769571] block_ioctl+0xde/0x120 [ 374.773358] ? blkdev_fallocate+0x3b0/0x3b0 [ 374.778183] do_vfs_ioctl+0x7ae/0x1060 [ 374.782936] ? selinux_file_mprotect+0x5d0/0x5d0 [ 374.787714] ? lock_downgrade+0x740/0x740 [ 374.791847] ? ioctl_preallocate+0x1c0/0x1c0 [ 374.796255] ? __fget+0x237/0x370 [ 374.799698] ? security_file_ioctl+0x89/0xb0 [ 374.804201] SyS_ioctl+0x8f/0xc0 [ 374.807639] ? do_vfs_ioctl+0x1060/0x1060 [ 374.811771] do_syscall_64+0x1e8/0x640 [ 374.815822] ? trace_hardirqs_off_thunk+0x1a/0x1c 14:33:11 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f424852", 0x44, 0x10000}], 0x0, 0x0) [ 374.820931] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 374.826362] RIP: 0033:0x45a4a7 [ 374.829621] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 374.837312] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 374.844568] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 374.851838] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 374.859190] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 374.866987] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 374.893327] FAULT_INJECTION: forcing a failure. [ 374.893327] name failslab, interval 1, probability 0, space 0, times 0 [ 374.906489] CPU: 0 PID: 18734 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 374.913785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.924026] Call Trace: [ 374.929137] dump_stack+0x142/0x197 [ 374.932946] should_fail.cold+0x10f/0x159 [ 374.937267] should_failslab+0xdb/0x130 [ 374.941765] kmem_cache_alloc+0x2d7/0x780 [ 374.945910] ? wait_for_completion+0x420/0x420 [ 374.950602] __kernfs_new_node+0x70/0x420 [ 374.954750] kernfs_new_node+0x80/0xf0 [ 374.959241] __kernfs_create_file+0x46/0x323 [ 374.965213] sysfs_add_file_mode_ns+0x1e4/0x450 [ 374.970055] internal_create_group+0x232/0x7b0 [ 374.974643] sysfs_create_group+0x20/0x30 [ 374.978964] lo_ioctl+0x1176/0x1ce0 [ 374.982592] ? loop_probe+0x160/0x160 [ 374.986501] blkdev_ioctl+0x96b/0x1860 [ 374.990384] ? blkpg_ioctl+0x980/0x980 [ 374.994480] ? __might_sleep+0x93/0xb0 [ 374.998512] ? __fget+0x210/0x370 [ 375.002137] block_ioctl+0xde/0x120 [ 375.005787] ? blkdev_fallocate+0x3b0/0x3b0 [ 375.010379] do_vfs_ioctl+0x7ae/0x1060 [ 375.014262] ? selinux_file_mprotect+0x5d0/0x5d0 [ 375.019010] ? lock_downgrade+0x740/0x740 [ 375.023170] ? ioctl_preallocate+0x1c0/0x1c0 [ 375.027584] ? __fget+0x237/0x370 [ 375.031064] ? security_file_ioctl+0x89/0xb0 [ 375.035622] SyS_ioctl+0x8f/0xc0 [ 375.038993] ? do_vfs_ioctl+0x1060/0x1060 [ 375.043164] do_syscall_64+0x1e8/0x640 [ 375.047068] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.051917] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 375.057096] RIP: 0033:0x45a4a7 [ 375.060293] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 375.067996] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 375.075259] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 375.082520] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 375.089785] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 375.097217] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:12 executing program 1: syz_open_dev$vivid(&(0x7f0000000000)='/dev/video#\x00', 0x2, 0x2) 14:33:12 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 14:33:12 executing program 2 (fault-call:3 fault-nth:17): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:12 executing program 3 (fault-call:0 fault-nth:16): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:12 executing program 1: r0 = open(&(0x7f0000000080)='./file0\x00', 0x400, 0x80) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0)={0x7}, 0x4) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x3c, 0x10000}], 0x0, 0x0) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000140)={0x3e73, 0x0, 0x50, 0x6, 0x17, 0x4, 0x53, 0x7, 0x1f, 0x8000, 0x4, 0xfffffff7}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r2, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) pwrite64(r1, &(0x7f0000000180)="bf6cee37ba72b1908bc8f55c267df58dac776cffdf50036a9d32b31a27a61d0e6d932cd957e5262953c7003069829f281d29da7f5468bdf20e411565d68013d9d0bc966a302510f183533de070f416796d59e15d7ee80b18b3e7f265e0850f22fd5f59cbfc0f876750b8aae4c260ba2ad40af98549f56377fc5c422ea53f40dd3264c58578bc9df368de17078de3683453a5095b7116b888460b0de5f24cdd33a0", 0xa1, 0x1f) [ 375.382678] FAULT_INJECTION: forcing a failure. [ 375.382678] name failslab, interval 1, probability 0, space 0, times 0 [ 375.385556] FAULT_INJECTION: forcing a failure. [ 375.385556] name failslab, interval 1, probability 0, space 0, times 0 [ 375.403424] CPU: 1 PID: 18762 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 375.412448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.424178] Call Trace: [ 375.426794] dump_stack+0x142/0x197 [ 375.430615] should_fail.cold+0x10f/0x159 [ 375.434771] should_failslab+0xdb/0x130 [ 375.438743] kmem_cache_alloc+0x2d7/0x780 [ 375.443156] ? wait_for_completion+0x420/0x420 [ 375.447825] __kernfs_new_node+0x70/0x420 [ 375.451965] kernfs_new_node+0x80/0xf0 [ 375.455946] __kernfs_create_file+0x46/0x323 [ 375.460356] sysfs_add_file_mode_ns+0x1e4/0x450 [ 375.465024] internal_create_group+0x232/0x7b0 [ 375.469608] sysfs_create_group+0x20/0x30 [ 375.473756] lo_ioctl+0x1176/0x1ce0 [ 375.477374] ? loop_probe+0x160/0x160 [ 375.481165] blkdev_ioctl+0x96b/0x1860 [ 375.485045] ? blkpg_ioctl+0x980/0x980 [ 375.488925] ? __might_sleep+0x93/0xb0 [ 375.492805] ? __fget+0x210/0x370 [ 375.496275] block_ioctl+0xde/0x120 [ 375.499909] ? blkdev_fallocate+0x3b0/0x3b0 [ 375.504229] do_vfs_ioctl+0x7ae/0x1060 [ 375.508120] ? selinux_file_mprotect+0x5d0/0x5d0 [ 375.512868] ? lock_downgrade+0x740/0x740 [ 375.517029] ? ioctl_preallocate+0x1c0/0x1c0 [ 375.521507] ? __fget+0x237/0x370 [ 375.524967] ? security_file_ioctl+0x89/0xb0 [ 375.529382] SyS_ioctl+0x8f/0xc0 [ 375.532747] ? do_vfs_ioctl+0x1060/0x1060 [ 375.536905] do_syscall_64+0x1e8/0x640 [ 375.540783] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.545647] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 375.550838] RIP: 0033:0x45a4a7 [ 375.554043] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 375.561744] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 375.569005] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 375.576262] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 375.576268] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 375.576273] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 375.578654] CPU: 1 PID: 18765 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 375.590882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.590887] Call Trace: [ 375.590903] dump_stack+0x142/0x197 [ 375.590920] should_fail.cold+0x10f/0x159 [ 375.590935] should_failslab+0xdb/0x130 [ 375.590944] kmem_cache_alloc+0x2d7/0x780 [ 375.590953] ? wait_for_completion+0x420/0x420 [ 375.590969] __kernfs_new_node+0x70/0x420 [ 375.643958] kernfs_new_node+0x80/0xf0 [ 375.647874] __kernfs_create_file+0x46/0x323 [ 375.652303] sysfs_add_file_mode_ns+0x1e4/0x450 [ 375.656980] internal_create_group+0x232/0x7b0 [ 375.661582] sysfs_create_group+0x20/0x30 [ 375.665742] lo_ioctl+0x1176/0x1ce0 [ 375.669388] ? loop_probe+0x160/0x160 [ 375.673192] blkdev_ioctl+0x96b/0x1860 [ 375.677091] ? blkpg_ioctl+0x980/0x980 [ 375.680982] ? __might_sleep+0x93/0xb0 [ 375.684872] ? __fget+0x210/0x370 [ 375.688331] block_ioctl+0xde/0x120 [ 375.691958] ? blkdev_fallocate+0x3b0/0x3b0 [ 375.696290] do_vfs_ioctl+0x7ae/0x1060 [ 375.700187] ? selinux_file_mprotect+0x5d0/0x5d0 [ 375.704947] ? lock_downgrade+0x740/0x740 [ 375.709108] ? ioctl_preallocate+0x1c0/0x1c0 [ 375.709122] ? __fget+0x237/0x370 [ 375.709139] ? security_file_ioctl+0x89/0xb0 [ 375.709160] SyS_ioctl+0x8f/0xc0 [ 375.717085] ? do_vfs_ioctl+0x1060/0x1060 [ 375.717100] do_syscall_64+0x1e8/0x640 [ 375.717117] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.737724] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 375.742919] RIP: 0033:0x45a4a7 [ 375.742924] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 375.742933] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 375.742937] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 375.742942] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 375.742947] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 375.742952] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:12 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x10000000000000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000680)=[&(0x7f0000000180)='vmnet1:em1\x00', &(0x7f00000001c0)='.\x00', &(0x7f0000000640)='/dev/kvm\x00'], &(0x7f0000000800)=[&(0x7f00000006c0)='/dev/kvm\x00', &(0x7f0000000700)='/dev/kvm\x00', &(0x7f0000000740)='/dev/kvm\x00', &(0x7f0000000780)='self]posix_acl_access\x00', &(0x7f00000007c0)='/dev/kvm\x00']) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) recvmsg$can_raw(r6, &(0x7f00000005c0)={&(0x7f0000000200)=@can={0x1d, 0x0}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)=""/225, 0xe1}, {&(0x7f0000000100)=""/47, 0x2f}, {&(0x7f0000000440)=""/244, 0xf4}], 0x3, &(0x7f0000000580)=""/51, 0x33}, 0x0) connect$packet(r4, &(0x7f0000000600)={0x11, 0x0, r7, 0x1, 0xb9, 0x6, @random="4a19710701d8"}, 0x14) 14:33:12 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) 14:33:12 executing program 1: r0 = open(&(0x7f0000000080)='.\x00', 0x80000, 0x989c3e88722d13d7) getresgid(&(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180)=0x0) ioctl$TUNSETGROUP(r0, 0x400454ce, r1) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x5b4aed9acb37afc5, 0x0) 14:33:12 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:12 executing program 3 (fault-call:0 fault-nth:17): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:12 executing program 2 (fault-call:3 fault-nth:18): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 376.079493] FAULT_INJECTION: forcing a failure. [ 376.079493] name failslab, interval 1, probability 0, space 0, times 0 [ 376.087910] FAULT_INJECTION: forcing a failure. [ 376.087910] name failslab, interval 1, probability 0, space 0, times 0 [ 376.109079] CPU: 0 PID: 18803 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 376.116223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.125589] Call Trace: [ 376.128189] dump_stack+0x142/0x197 [ 376.131819] should_fail.cold+0x10f/0x159 [ 376.135963] should_failslab+0xdb/0x130 [ 376.139925] kmem_cache_alloc+0x2d7/0x780 [ 376.144075] ? wait_for_completion+0x420/0x420 [ 376.148649] __kernfs_new_node+0x70/0x420 [ 376.152803] kernfs_new_node+0x80/0xf0 [ 376.156696] __kernfs_create_file+0x46/0x323 [ 376.161186] sysfs_add_file_mode_ns+0x1e4/0x450 [ 376.165848] internal_create_group+0x232/0x7b0 [ 376.170432] sysfs_create_group+0x20/0x30 [ 376.174573] lo_ioctl+0x1176/0x1ce0 [ 376.178196] ? loop_probe+0x160/0x160 [ 376.181998] blkdev_ioctl+0x96b/0x1860 [ 376.185870] ? blkpg_ioctl+0x980/0x980 [ 376.189748] ? __might_sleep+0x93/0xb0 [ 376.193620] ? __fget+0x210/0x370 [ 376.197063] block_ioctl+0xde/0x120 [ 376.200676] ? blkdev_fallocate+0x3b0/0x3b0 [ 376.204985] do_vfs_ioctl+0x7ae/0x1060 [ 376.208860] ? selinux_file_mprotect+0x5d0/0x5d0 [ 376.213608] ? lock_downgrade+0x740/0x740 [ 376.217750] ? ioctl_preallocate+0x1c0/0x1c0 [ 376.222151] ? __fget+0x237/0x370 [ 376.225600] ? security_file_ioctl+0x89/0xb0 [ 376.229999] SyS_ioctl+0x8f/0xc0 [ 376.233354] ? do_vfs_ioctl+0x1060/0x1060 [ 376.237495] do_syscall_64+0x1e8/0x640 [ 376.241373] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.246208] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 376.252683] RIP: 0033:0x45a4a7 [ 376.255864] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.263570] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 376.270832] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 376.278090] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 376.285350] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 376.292614] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 376.299893] CPU: 1 PID: 18804 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 376.306926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.316270] Call Trace: [ 376.318851] dump_stack+0x142/0x197 [ 376.322479] should_fail.cold+0x10f/0x159 [ 376.326785] should_failslab+0xdb/0x130 [ 376.330757] kmem_cache_alloc+0x2d7/0x780 [ 376.334892] ? wait_for_completion+0x420/0x420 [ 376.339464] __kernfs_new_node+0x70/0x420 [ 376.343600] kernfs_new_node+0x80/0xf0 [ 376.347488] __kernfs_create_file+0x46/0x323 [ 376.351881] sysfs_add_file_mode_ns+0x1e4/0x450 [ 376.356554] internal_create_group+0x232/0x7b0 [ 376.361125] sysfs_create_group+0x20/0x30 [ 376.365259] lo_ioctl+0x1176/0x1ce0 [ 376.368870] ? loop_probe+0x160/0x160 [ 376.372655] blkdev_ioctl+0x96b/0x1860 [ 376.376523] ? blkpg_ioctl+0x980/0x980 [ 376.380402] ? __might_sleep+0x93/0xb0 [ 376.384272] ? __fget+0x210/0x370 [ 376.387713] block_ioctl+0xde/0x120 [ 376.391324] ? blkdev_fallocate+0x3b0/0x3b0 [ 376.395627] do_vfs_ioctl+0x7ae/0x1060 [ 376.399497] ? selinux_file_mprotect+0x5d0/0x5d0 [ 376.404235] ? lock_downgrade+0x740/0x740 [ 376.408369] ? ioctl_preallocate+0x1c0/0x1c0 [ 376.412762] ? __fget+0x237/0x370 [ 376.416203] ? security_file_ioctl+0x89/0xb0 [ 376.420613] SyS_ioctl+0x8f/0xc0 [ 376.423971] ? do_vfs_ioctl+0x1060/0x1060 [ 376.428120] do_syscall_64+0x1e8/0x640 [ 376.432007] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.436938] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 376.442250] RIP: 0033:0x45a4a7 [ 376.445432] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.453161] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 376.460418] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 376.468458] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 14:33:13 executing program 1: r0 = syz_open_dev$vbi(&(0x7f0000000380)='/dev/vbi#\x00', 0x0, 0x2) setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f00000003c0)=0x8, 0x4) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 376.475737] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 376.482997] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:13 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f4248526653", 0x46, 0x10000}], 0x0, 0x0) [ 376.547699] print_req_error: I/O error, dev loop0, sector 128 14:33:13 executing program 3 (fault-call:0 fault-nth:18): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:13 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 14:33:13 executing program 2 (fault-call:3 fault-nth:19): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:13 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) [ 376.833502] FAULT_INJECTION: forcing a failure. [ 376.833502] name failslab, interval 1, probability 0, space 0, times 0 [ 376.845465] FAULT_INJECTION: forcing a failure. [ 376.845465] name failslab, interval 1, probability 0, space 0, times 0 [ 376.878721] CPU: 1 PID: 18838 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 376.885784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.895144] Call Trace: [ 376.897748] dump_stack+0x142/0x197 [ 376.901420] should_fail.cold+0x10f/0x159 [ 376.905582] should_failslab+0xdb/0x130 [ 376.909566] kmem_cache_alloc+0x2d7/0x780 [ 376.913729] ? wait_for_completion+0x420/0x420 [ 376.918408] __kernfs_new_node+0x70/0x420 [ 376.922570] kernfs_new_node+0x80/0xf0 [ 376.926466] __kernfs_create_file+0x46/0x323 [ 376.930885] sysfs_add_file_mode_ns+0x1e4/0x450 [ 376.935568] internal_create_group+0x232/0x7b0 [ 376.940159] sysfs_create_group+0x20/0x30 [ 376.944308] lo_ioctl+0x1176/0x1ce0 [ 376.947938] ? loop_probe+0x160/0x160 [ 376.952011] blkdev_ioctl+0x96b/0x1860 [ 376.955903] ? blkpg_ioctl+0x980/0x980 [ 376.959803] ? __might_sleep+0x93/0xb0 [ 376.963693] ? __fget+0x210/0x370 [ 376.967152] block_ioctl+0xde/0x120 [ 376.970778] ? blkdev_fallocate+0x3b0/0x3b0 [ 376.975097] do_vfs_ioctl+0x7ae/0x1060 [ 376.978992] ? selinux_file_mprotect+0x5d0/0x5d0 [ 376.983750] ? lock_downgrade+0x740/0x740 [ 376.983763] ? ioctl_preallocate+0x1c0/0x1c0 [ 376.983775] ? __fget+0x237/0x370 [ 376.992314] ? security_file_ioctl+0x89/0xb0 [ 376.992328] SyS_ioctl+0x8f/0xc0 [ 376.992336] ? do_vfs_ioctl+0x1060/0x1060 [ 376.992348] do_syscall_64+0x1e8/0x640 [ 376.992357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.992372] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 376.992380] RIP: 0033:0x45a4a7 [ 376.992385] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.992395] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 376.992400] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 376.992405] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 376.992410] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 376.992415] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 376.998841] CPU: 1 PID: 18840 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 377.076345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.085857] Call Trace: [ 377.088456] dump_stack+0x142/0x197 [ 377.096635] should_fail.cold+0x10f/0x159 [ 377.100770] should_failslab+0xdb/0x130 [ 377.104742] kmem_cache_alloc+0x2d7/0x780 [ 377.108872] ? wait_for_completion+0x420/0x420 [ 377.113461] __kernfs_new_node+0x70/0x420 [ 377.117598] kernfs_new_node+0x80/0xf0 [ 377.121471] __kernfs_create_file+0x46/0x323 [ 377.125870] sysfs_add_file_mode_ns+0x1e4/0x450 [ 377.130533] internal_create_group+0x232/0x7b0 [ 377.135115] sysfs_create_group+0x20/0x30 [ 377.139264] lo_ioctl+0x1176/0x1ce0 [ 377.142878] ? loop_probe+0x160/0x160 [ 377.146669] blkdev_ioctl+0x96b/0x1860 [ 377.150556] ? blkpg_ioctl+0x980/0x980 [ 377.154433] ? __might_sleep+0x93/0xb0 [ 377.158390] ? __fget+0x210/0x370 [ 377.161844] block_ioctl+0xde/0x120 [ 377.165492] ? blkdev_fallocate+0x3b0/0x3b0 [ 377.169824] do_vfs_ioctl+0x7ae/0x1060 [ 377.173726] ? selinux_file_mprotect+0x5d0/0x5d0 [ 377.178511] ? lock_downgrade+0x740/0x740 [ 377.182682] ? ioctl_preallocate+0x1c0/0x1c0 [ 377.187087] ? __fget+0x237/0x370 [ 377.190536] ? security_file_ioctl+0x89/0xb0 [ 377.194940] SyS_ioctl+0x8f/0xc0 [ 377.198298] ? do_vfs_ioctl+0x1060/0x1060 [ 377.202462] do_syscall_64+0x1e8/0x640 [ 377.206348] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.211198] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 377.216373] RIP: 0033:0x45a4a7 [ 377.219567] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.227257] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 377.234596] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 377.241849] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 377.249199] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 377.256451] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:14 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x200000}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:14 executing program 1: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x88042, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)={0x30, r2, 0x805, 0x0, 0x0, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x1, 0x2a05}}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_GET_NETID(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2200008}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r2, 0x200, 0x70bd2a, 0x25dfdbfd, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x2, 0x440000) 14:33:14 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f", 0x47, 0x10000}], 0x0, 0x0) 14:33:14 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:14 executing program 2 (fault-call:3 fault-nth:20): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:14 executing program 3 (fault-call:0 fault-nth:19): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:14 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48}], 0x0, 0x0) 14:33:14 executing program 1: syz_mount_image$btrfs(&(0x7f0000000200)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) futimesat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={{}, {0x77359400}}) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, 0x0) setuid(r1) r2 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc) r3 = getegid() chown(&(0x7f0000000140)='./file0\x00', r1, r3) [ 377.704644] FAULT_INJECTION: forcing a failure. [ 377.704644] name failslab, interval 1, probability 0, space 0, times 0 [ 377.711525] FAULT_INJECTION: forcing a failure. [ 377.711525] name failslab, interval 1, probability 0, space 0, times 0 [ 377.728659] CPU: 1 PID: 18888 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 377.735706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.735711] Call Trace: [ 377.735730] dump_stack+0x142/0x197 [ 377.735749] should_fail.cold+0x10f/0x159 [ 377.735764] should_failslab+0xdb/0x130 [ 377.735773] kmem_cache_alloc+0x2d7/0x780 [ 377.735782] ? wait_for_completion+0x420/0x420 [ 377.735799] __kernfs_new_node+0x70/0x420 [ 377.735812] kernfs_new_node+0x80/0xf0 [ 377.735824] __kernfs_create_file+0x46/0x323 [ 377.735837] sysfs_add_file_mode_ns+0x1e4/0x450 [ 377.735852] internal_create_group+0x232/0x7b0 [ 377.735869] sysfs_create_group+0x20/0x30 [ 377.735879] lo_ioctl+0x1176/0x1ce0 [ 377.735891] ? loop_probe+0x160/0x160 [ 377.755575] blkdev_ioctl+0x96b/0x1860 [ 377.755586] ? blkpg_ioctl+0x980/0x980 [ 377.755606] ? __might_sleep+0x93/0xb0 [ 377.813351] ? __fget+0x210/0x370 [ 377.816821] block_ioctl+0xde/0x120 [ 377.820439] ? blkdev_fallocate+0x3b0/0x3b0 [ 377.824765] do_vfs_ioctl+0x7ae/0x1060 [ 377.828666] ? selinux_file_mprotect+0x5d0/0x5d0 [ 377.833409] ? lock_downgrade+0x740/0x740 [ 377.837542] ? ioctl_preallocate+0x1c0/0x1c0 [ 377.841943] ? __fget+0x237/0x370 [ 377.845395] ? security_file_ioctl+0x89/0xb0 [ 377.849813] SyS_ioctl+0x8f/0xc0 [ 377.853168] ? do_vfs_ioctl+0x1060/0x1060 [ 377.857304] do_syscall_64+0x1e8/0x640 [ 377.861179] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.866018] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 377.871207] RIP: 0033:0x45a4a7 [ 377.874386] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.882093] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 377.889365] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 377.896624] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 377.903884] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 377.911143] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 377.918422] CPU: 0 PID: 18889 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 377.925452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.925457] Call Trace: [ 377.925473] dump_stack+0x142/0x197 [ 377.925490] should_fail.cold+0x10f/0x159 [ 377.925505] should_failslab+0xdb/0x130 [ 377.925514] kmem_cache_alloc+0x2d7/0x780 [ 377.925527] ? wait_for_completion+0x420/0x420 [ 377.941089] __kernfs_new_node+0x70/0x420 [ 377.941103] kernfs_new_node+0x80/0xf0 [ 377.941117] __kernfs_create_file+0x46/0x323 [ 377.941130] sysfs_add_file_mode_ns+0x1e4/0x450 [ 377.941143] internal_create_group+0x232/0x7b0 [ 377.941158] sysfs_create_group+0x20/0x30 [ 377.949272] lo_ioctl+0x1176/0x1ce0 [ 377.949287] ? loop_probe+0x160/0x160 [ 377.949300] blkdev_ioctl+0x96b/0x1860 [ 377.949310] ? blkpg_ioctl+0x980/0x980 [ 377.949325] ? __might_sleep+0x93/0xb0 [ 377.949335] ? __fget+0x210/0x370 [ 378.006250] block_ioctl+0xde/0x120 [ 378.009862] ? blkdev_fallocate+0x3b0/0x3b0 [ 378.014168] do_vfs_ioctl+0x7ae/0x1060 [ 378.018040] ? selinux_file_mprotect+0x5d0/0x5d0 [ 378.022778] ? lock_downgrade+0x740/0x740 [ 378.026921] ? ioctl_preallocate+0x1c0/0x1c0 [ 378.031313] ? __fget+0x237/0x370 [ 378.034756] ? security_file_ioctl+0x89/0xb0 [ 378.039235] SyS_ioctl+0x8f/0xc0 [ 378.042582] ? do_vfs_ioctl+0x1060/0x1060 [ 378.046716] do_syscall_64+0x1e8/0x640 [ 378.050604] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.055434] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 378.060607] RIP: 0033:0x45a4a7 [ 378.063779] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.071480] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 378.078745] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 378.085999] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 378.093262] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 378.100515] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 378.110116] net_ratelimit: 14 callbacks suppressed [ 378.110122] protocol 88fb is buggy, dev hsr_slave_0 [ 378.115124] protocol 88fb is buggy, dev hsr_slave_1 14:33:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48}], 0x0, 0x0) 14:33:15 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0xc0100, 0x0) connect$pptp(r0, &(0x7f00000000c0)={0x18, 0x2, {0x3, @rand_addr=0x6}}, 0x1e) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:15 executing program 2 (fault-call:3 fault-nth:21): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:15 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48}], 0x0, 0x0) [ 378.381171] FAULT_INJECTION: forcing a failure. [ 378.381171] name failslab, interval 1, probability 0, space 0, times 0 [ 378.393758] CPU: 0 PID: 18923 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 378.400798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.410435] Call Trace: [ 378.410455] dump_stack+0x142/0x197 [ 378.410474] should_fail.cold+0x10f/0x159 [ 378.410490] should_failslab+0xdb/0x130 [ 378.426622] kmem_cache_alloc_node+0x287/0x780 [ 378.431225] __alloc_skb+0x9c/0x500 [ 378.434853] ? skb_scrub_packet+0x4b0/0x4b0 [ 378.439264] ? netlink_has_listeners+0x20a/0x330 [ 378.444027] kobject_uevent_env+0x781/0xc23 [ 378.448346] ? internal_create_group+0x49a/0x7b0 [ 378.453145] kobject_uevent+0x20/0x26 [ 378.456948] lo_ioctl+0x11e7/0x1ce0 [ 378.460578] ? loop_probe+0x160/0x160 [ 378.464492] blkdev_ioctl+0x96b/0x1860 [ 378.468381] ? blkpg_ioctl+0x980/0x980 [ 378.472276] ? __might_sleep+0x93/0xb0 [ 378.476163] ? __fget+0x210/0x370 [ 378.479623] block_ioctl+0xde/0x120 [ 378.483250] ? blkdev_fallocate+0x3b0/0x3b0 [ 378.487575] do_vfs_ioctl+0x7ae/0x1060 [ 378.491461] ? selinux_file_mprotect+0x5d0/0x5d0 [ 378.491473] ? lock_downgrade+0x740/0x740 [ 378.491485] ? ioctl_preallocate+0x1c0/0x1c0 [ 378.491496] ? __fget+0x237/0x370 [ 378.491513] ? security_file_ioctl+0x89/0xb0 [ 378.491526] SyS_ioctl+0x8f/0xc0 [ 378.491534] ? do_vfs_ioctl+0x1060/0x1060 [ 378.491548] do_syscall_64+0x1e8/0x640 [ 378.491560] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.500442] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 378.500451] RIP: 0033:0x45a4a7 [ 378.500456] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.500468] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 378.500473] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 378.500478] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 378.500483] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 378.500489] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 378.553985] protocol 88fb is buggy, dev hsr_slave_0 [ 378.554457] protocol 88fb is buggy, dev hsr_slave_1 [ 378.555078] protocol 88fb is buggy, dev hsr_slave_0 [ 378.555505] protocol 88fb is buggy, dev hsr_slave_1 14:33:15 executing program 3 (fault-call:0 fault-nth:20): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:15 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$BLKSECTGET(r4, 0x1267, &(0x7f0000000000)) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r6, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:33:15 executing program 2 (fault-call:3 fault-nth:22): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 378.739674] FAULT_INJECTION: forcing a failure. [ 378.739674] name failslab, interval 1, probability 0, space 0, times 0 [ 378.776368] CPU: 1 PID: 18939 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 378.783429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.792796] Call Trace: [ 378.795398] dump_stack+0x142/0x197 [ 378.799041] should_fail.cold+0x10f/0x159 [ 378.803198] should_failslab+0xdb/0x130 [ 378.803230] FAULT_INJECTION: forcing a failure. [ 378.803230] name failslab, interval 1, probability 0, space 0, times 0 [ 378.807182] kmem_cache_alloc+0x2d7/0x780 [ 378.822512] ? wait_for_completion+0x420/0x420 [ 378.827089] __kernfs_new_node+0x70/0x420 [ 378.831224] kernfs_new_node+0x80/0xf0 [ 378.835113] __kernfs_create_file+0x46/0x323 [ 378.839520] sysfs_add_file_mode_ns+0x1e4/0x450 [ 378.844177] internal_create_group+0x232/0x7b0 [ 378.848761] sysfs_create_group+0x20/0x30 [ 378.852900] lo_ioctl+0x1176/0x1ce0 [ 378.856531] ? loop_probe+0x160/0x160 [ 378.860322] blkdev_ioctl+0x96b/0x1860 [ 378.864290] ? blkpg_ioctl+0x980/0x980 [ 378.868169] ? __might_sleep+0x93/0xb0 [ 378.872041] ? __fget+0x210/0x370 [ 378.875485] block_ioctl+0xde/0x120 [ 378.879113] ? blkdev_fallocate+0x3b0/0x3b0 [ 378.883419] do_vfs_ioctl+0x7ae/0x1060 [ 378.887292] ? selinux_file_mprotect+0x5d0/0x5d0 [ 378.892031] ? lock_downgrade+0x740/0x740 [ 378.896163] ? ioctl_preallocate+0x1c0/0x1c0 [ 378.900559] ? __fget+0x237/0x370 [ 378.904002] ? security_file_ioctl+0x89/0xb0 [ 378.908396] SyS_ioctl+0x8f/0xc0 [ 378.911760] ? do_vfs_ioctl+0x1060/0x1060 [ 378.915899] do_syscall_64+0x1e8/0x640 [ 378.919770] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.924614] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 378.929785] RIP: 0033:0x45a4a7 [ 378.932962] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.940832] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 378.948107] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 378.955361] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 378.962633] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 378.969992] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 378.977264] CPU: 0 PID: 18944 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 378.984277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.984282] Call Trace: [ 378.984297] dump_stack+0x142/0x197 [ 378.984314] should_fail.cold+0x10f/0x159 [ 378.984330] should_failslab+0xdb/0x130 [ 378.984340] kmem_cache_alloc_node+0x287/0x780 [ 378.984356] __alloc_skb+0x9c/0x500 [ 378.996263] ? skb_scrub_packet+0x4b0/0x4b0 [ 378.996277] ? netlink_has_listeners+0x20a/0x330 [ 378.996292] kobject_uevent_env+0x781/0xc23 [ 378.996302] ? internal_create_group+0x49a/0x7b0 [ 378.996318] kobject_uevent+0x20/0x26 [ 379.038091] lo_ioctl+0x11e7/0x1ce0 [ 379.041716] ? loop_probe+0x160/0x160 [ 379.045529] blkdev_ioctl+0x96b/0x1860 [ 379.049409] ? blkpg_ioctl+0x980/0x980 [ 379.053302] ? __might_sleep+0x93/0xb0 [ 379.057208] ? __fget+0x210/0x370 [ 379.060658] block_ioctl+0xde/0x120 [ 379.064302] ? blkdev_fallocate+0x3b0/0x3b0 [ 379.068616] do_vfs_ioctl+0x7ae/0x1060 [ 379.072503] ? selinux_file_mprotect+0x5d0/0x5d0 [ 379.077254] ? lock_downgrade+0x740/0x740 [ 379.081409] ? ioctl_preallocate+0x1c0/0x1c0 [ 379.085840] ? __fget+0x237/0x370 [ 379.089298] ? security_file_ioctl+0x89/0xb0 [ 379.093708] SyS_ioctl+0x8f/0xc0 [ 379.097066] ? do_vfs_ioctl+0x1060/0x1060 [ 379.101214] do_syscall_64+0x1e8/0x640 [ 379.105094] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.109935] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 379.115117] RIP: 0033:0x45a4a7 [ 379.118303] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 379.126002] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 379.133261] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 14:33:16 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xb1c4, 0x180) ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000140)={0x2f, 0x0, 0x4, 0x20000000, {}, {0x4, 0x8, 0xcc, 0x4b, 0xb1, 0x0, "7cdc84d2"}, 0x0, 0x0, @userptr=0xfffffffffffff7e0, 0x4}) [ 379.140530] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 379.147792] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 379.155057] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:16 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:16 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:16 executing program 3 (fault-call:0 fault-nth:21): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:16 executing program 2 (fault-call:3 fault-nth:23): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 379.270103] protocol 88fb is buggy, dev hsr_slave_0 [ 379.275236] protocol 88fb is buggy, dev hsr_slave_1 [ 379.318030] FAULT_INJECTION: forcing a failure. [ 379.318030] name failslab, interval 1, probability 0, space 0, times 0 [ 379.330146] CPU: 1 PID: 18963 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 379.337183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.346540] Call Trace: [ 379.349134] dump_stack+0x142/0x197 [ 379.352778] should_fail.cold+0x10f/0x159 [ 379.356937] should_failslab+0xdb/0x130 [ 379.360918] __kmalloc+0x2f0/0x7a0 [ 379.364474] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 379.369932] ? kobject_uevent_env+0x378/0xc23 [ 379.374434] ? rcu_read_lock_sched_held+0x110/0x130 [ 379.379553] ? kobject_get_path+0xbb/0x1a0 [ 379.383799] kobject_get_path+0xbb/0x1a0 [ 379.387878] ? devm_device_remove_groups+0x50/0x50 [ 379.392814] kobject_uevent_env+0x39c/0xc23 [ 379.397150] ? internal_create_group+0x49a/0x7b0 [ 379.401922] kobject_uevent+0x20/0x26 [ 379.405727] lo_ioctl+0x11e7/0x1ce0 [ 379.409443] ? loop_probe+0x160/0x160 [ 379.413343] blkdev_ioctl+0x96b/0x1860 [ 379.417232] ? blkpg_ioctl+0x980/0x980 [ 379.421130] ? __might_sleep+0x93/0xb0 [ 379.425037] ? __fget+0x210/0x370 [ 379.428506] block_ioctl+0xde/0x120 [ 379.432143] ? blkdev_fallocate+0x3b0/0x3b0 [ 379.436467] do_vfs_ioctl+0x7ae/0x1060 [ 379.440358] ? selinux_file_mprotect+0x5d0/0x5d0 [ 379.445116] ? lock_downgrade+0x740/0x740 [ 379.449270] ? ioctl_preallocate+0x1c0/0x1c0 [ 379.453692] ? __fget+0x237/0x370 [ 379.457154] ? security_file_ioctl+0x89/0xb0 [ 379.461561] SyS_ioctl+0x8f/0xc0 [ 379.464934] ? do_vfs_ioctl+0x1060/0x1060 [ 379.469090] do_syscall_64+0x1e8/0x640 [ 379.472977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.477825] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 379.484575] RIP: 0033:0x45a4a7 [ 379.487759] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 379.495479] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 379.502747] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 379.510033] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 379.517297] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 379.524561] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 379.570444] FAULT_INJECTION: forcing a failure. [ 379.570444] name failslab, interval 1, probability 0, space 0, times 0 [ 379.581774] CPU: 1 PID: 18970 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 379.588794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.590354] protocol 88fb is buggy, dev hsr_slave_0 [ 379.598144] Call Trace: [ 379.598164] dump_stack+0x142/0x197 [ 379.598183] should_fail.cold+0x10f/0x159 [ 379.598207] should_failslab+0xdb/0x130 [ 379.604009] protocol 88fb is buggy, dev hsr_slave_1 [ 379.605813] kmem_cache_alloc_node_trace+0x280/0x770 [ 379.605829] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 379.633126] __kmalloc_node_track_caller+0x3d/0x80 [ 379.638058] __kmalloc_reserve.isra.0+0x40/0xe0 [ 379.642765] __alloc_skb+0xcf/0x500 [ 379.646477] ? skb_scrub_packet+0x4b0/0x4b0 [ 379.652445] ? netlink_has_listeners+0x20a/0x330 [ 379.657200] kobject_uevent_env+0x781/0xc23 [ 379.661514] ? internal_create_group+0x49a/0x7b0 [ 379.666272] kobject_uevent+0x20/0x26 [ 379.670064] lo_ioctl+0x11e7/0x1ce0 [ 379.673695] ? loop_probe+0x160/0x160 [ 379.677497] blkdev_ioctl+0x96b/0x1860 [ 379.681386] ? blkpg_ioctl+0x980/0x980 [ 379.685271] ? __might_sleep+0x93/0xb0 [ 379.689155] ? __fget+0x210/0x370 [ 379.692604] block_ioctl+0xde/0x120 [ 379.696232] ? blkdev_fallocate+0x3b0/0x3b0 [ 379.700548] do_vfs_ioctl+0x7ae/0x1060 [ 379.704429] ? selinux_file_mprotect+0x5d0/0x5d0 [ 379.709177] ? lock_downgrade+0x740/0x740 [ 379.713319] ? ioctl_preallocate+0x1c0/0x1c0 [ 379.717724] ? __fget+0x237/0x370 [ 379.721206] ? security_file_ioctl+0x89/0xb0 [ 379.725617] SyS_ioctl+0x8f/0xc0 [ 379.728977] ? do_vfs_ioctl+0x1060/0x1060 [ 379.733120] do_syscall_64+0x1e8/0x640 [ 379.737001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.741844] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 379.747047] RIP: 0033:0x45a4a7 [ 379.750229] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 379.757932] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 14:33:16 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000140)='./file0\x00', 0x2, 0x1ee, &(0x7f0000000040), 0x2001800, 0x0) [ 379.765203] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 379.772551] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 379.779823] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 379.787094] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:16 executing program 3 (fault-call:0 fault-nth:22): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 379.936317] FAULT_INJECTION: forcing a failure. [ 379.936317] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 379.948151] CPU: 0 PID: 18982 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 379.955179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.955186] Call Trace: [ 379.967144] dump_stack+0x142/0x197 [ 379.970788] should_fail.cold+0x10f/0x159 [ 379.974939] __alloc_pages_nodemask+0x1d6/0x7a0 [ 379.979610] ? __alloc_pages_slowpath+0x2930/0x2930 [ 379.984622] cache_grow_begin+0x80/0x400 [ 379.989710] kmem_cache_alloc_trace+0x6b2/0x790 [ 379.994383] ? kernfs_put+0x35e/0x490 [ 379.998194] ? devm_device_remove_groups+0x50/0x50 [ 380.003110] kobject_uevent_env+0x378/0xc23 [ 380.008892] ? internal_create_group+0x49a/0x7b0 [ 380.013637] kobject_uevent+0x20/0x26 [ 380.017419] lo_ioctl+0x11e7/0x1ce0 [ 380.021046] ? loop_probe+0x160/0x160 [ 380.024831] blkdev_ioctl+0x96b/0x1860 [ 380.028703] ? blkpg_ioctl+0x980/0x980 [ 380.032580] ? __might_sleep+0x93/0xb0 [ 380.036463] ? __fget+0x210/0x370 [ 380.039901] block_ioctl+0xde/0x120 [ 380.043522] ? blkdev_fallocate+0x3b0/0x3b0 [ 380.047825] do_vfs_ioctl+0x7ae/0x1060 [ 380.051699] ? selinux_file_mprotect+0x5d0/0x5d0 [ 380.056438] ? lock_downgrade+0x740/0x740 [ 380.060666] ? ioctl_preallocate+0x1c0/0x1c0 [ 380.065074] ? __fget+0x237/0x370 [ 380.068519] ? security_file_ioctl+0x89/0xb0 [ 380.072913] SyS_ioctl+0x8f/0xc0 [ 380.076274] ? do_vfs_ioctl+0x1060/0x1060 [ 380.080406] do_syscall_64+0x1e8/0x640 [ 380.084275] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.089107] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 380.094294] RIP: 0033:0x45a4a7 [ 380.097470] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 380.105161] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 380.112414] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 380.119788] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 380.127057] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 14:33:17 executing program 2 (fault-call:3 fault-nth:24): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 380.134329] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 380.220303] FAULT_INJECTION: forcing a failure. [ 380.220303] name failslab, interval 1, probability 0, space 0, times 0 [ 380.235107] CPU: 1 PID: 18991 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 380.242174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.242181] Call Trace: [ 380.242199] dump_stack+0x142/0x197 [ 380.242218] should_fail.cold+0x10f/0x159 [ 380.242235] should_failslab+0xdb/0x130 [ 380.242246] kmem_cache_alloc_node+0x287/0x780 [ 380.242268] __alloc_skb+0x9c/0x500 [ 380.242279] ? skb_scrub_packet+0x4b0/0x4b0 [ 380.242294] ? netlink_has_listeners+0x20a/0x330 [ 380.242309] kobject_uevent_env+0x781/0xc23 [ 380.242326] kobject_uevent+0x20/0x26 [ 380.242336] lo_ioctl+0x11e7/0x1ce0 [ 380.242349] ? loop_probe+0x160/0x160 [ 380.242361] blkdev_ioctl+0x96b/0x1860 [ 380.242371] ? blkpg_ioctl+0x980/0x980 [ 380.242388] ? __might_sleep+0x93/0xb0 [ 380.242396] ? __fget+0x210/0x370 [ 380.242410] block_ioctl+0xde/0x120 14:33:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x52180, 0x6a8d48da8972f594) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x5) [ 380.242420] ? blkdev_fallocate+0x3b0/0x3b0 [ 380.242431] do_vfs_ioctl+0x7ae/0x1060 [ 380.242443] ? selinux_file_mprotect+0x5d0/0x5d0 [ 380.242452] ? lock_downgrade+0x740/0x740 [ 380.242464] ? ioctl_preallocate+0x1c0/0x1c0 [ 380.242475] ? __fget+0x237/0x370 [ 380.242493] ? security_file_ioctl+0x89/0xb0 [ 380.242507] SyS_ioctl+0x8f/0xc0 [ 380.242516] ? do_vfs_ioctl+0x1060/0x1060 [ 380.242529] do_syscall_64+0x1e8/0x640 [ 380.242538] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.242554] entry_SYSCALL_64_after_hwframe+0x42/0xb7 14:33:17 executing program 2 (fault-call:3 fault-nth:25): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 380.242562] RIP: 0033:0x45a4a7 [ 380.242568] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 380.242579] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 380.242585] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 380.242591] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 380.242597] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 380.242603] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 380.566152] FAULT_INJECTION: forcing a failure. [ 380.566152] name failslab, interval 1, probability 0, space 0, times 0 [ 380.587128] CPU: 0 PID: 19009 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 380.594174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.603535] Call Trace: [ 380.606134] dump_stack+0x142/0x197 [ 380.609857] should_fail.cold+0x10f/0x159 [ 380.614015] should_failslab+0xdb/0x130 [ 380.618001] kmem_cache_alloc_node+0x287/0x780 [ 380.622597] __alloc_skb+0x9c/0x500 [ 380.626226] ? skb_scrub_packet+0x4b0/0x4b0 [ 380.630553] ? netlink_has_listeners+0x20a/0x330 [ 380.635331] kobject_uevent_env+0x781/0xc23 [ 380.635348] kobject_uevent+0x20/0x26 [ 380.643472] lo_ioctl+0x11e7/0x1ce0 [ 380.643487] ? loop_probe+0x160/0x160 [ 380.643500] blkdev_ioctl+0x96b/0x1860 [ 380.643509] ? blkpg_ioctl+0x980/0x980 [ 380.643528] ? __might_sleep+0x93/0xb0 [ 380.643536] ? __fget+0x210/0x370 [ 380.643549] block_ioctl+0xde/0x120 [ 380.669906] ? blkdev_fallocate+0x3b0/0x3b0 [ 380.674280] do_vfs_ioctl+0x7ae/0x1060 [ 380.678172] ? selinux_file_mprotect+0x5d0/0x5d0 [ 380.682943] ? lock_downgrade+0x740/0x740 [ 380.687087] ? ioctl_preallocate+0x1c0/0x1c0 [ 380.691509] ? __fget+0x237/0x370 [ 380.695080] ? security_file_ioctl+0x89/0xb0 [ 380.699496] SyS_ioctl+0x8f/0xc0 [ 380.702876] ? do_vfs_ioctl+0x1060/0x1060 [ 380.707030] do_syscall_64+0x1e8/0x640 [ 380.710911] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.715750] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 380.720925] RIP: 0033:0x45a4a7 [ 380.724111] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 380.731816] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 380.739071] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 380.746338] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 380.753590] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 14:33:17 executing program 3 (fault-call:0 fault-nth:23): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:17 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 380.760856] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:17 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) accept4$inet(0xffffffffffffffff, 0x0, &(0x7f0000000180)=0xce, 0x4a35bd026d5660b7) r6 = open(0x0, 0x60002, 0x0) getsockopt$TIPC_SOCK_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x84, &(0x7f0000000000), &(0x7f0000000100)=0x72) ioctl$KDGKBDIACR(r6, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = dup2(r7, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$CAPI_MANUFACTURER_CMD(r8, 0xc0104320, &(0x7f00000002c0)={0x7ff, &(0x7f00000001c0)="b42f12bf6d0a92700619a6a6e7f287c8ff3f53d9304d454e489f3d553290badd366e1d4ea92e1be83ceeaf6d2645c2c3659fb25c28efcad361f135e3d744e436447bd9d1f37cd67697bfc4f61162261ff3d745aef9632bc6177c3ee4e3340af08ef85ef65d63d4e4fbd03b5872ee78a02a83886456806b196dcc26be7891dac8fb64235f0a6dec84fdafa4f854a068663447c8958c3dd8838998679c6bafefced843a07fb9d45b387c357f49d4f66c864a6fa9a77499dc913708b5380173cabffe2659a7b5416e07277ee382be55ffcc9e5c62ea6d9bce01c7311bda"}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:17 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f00000000c0)=0x7, 0x4) [ 380.964890] FAULT_INJECTION: forcing a failure. [ 380.964890] name failslab, interval 1, probability 0, space 0, times 0 [ 381.028108] CPU: 1 PID: 19025 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 381.035167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.044528] Call Trace: [ 381.047134] dump_stack+0x142/0x197 [ 381.050773] should_fail.cold+0x10f/0x159 [ 381.054928] should_failslab+0xdb/0x130 [ 381.058906] kmem_cache_alloc_node+0x287/0x780 [ 381.063499] __alloc_skb+0x9c/0x500 [ 381.067134] ? skb_scrub_packet+0x4b0/0x4b0 [ 381.071459] ? netlink_has_listeners+0x20a/0x330 [ 381.076223] kobject_uevent_env+0x781/0xc23 [ 381.080558] kobject_uevent+0x20/0x26 [ 381.084362] lo_ioctl+0x11e7/0x1ce0 [ 381.087991] ? loop_probe+0x160/0x160 [ 381.091805] blkdev_ioctl+0x96b/0x1860 [ 381.095702] ? blkpg_ioctl+0x980/0x980 [ 381.099599] ? __might_sleep+0x93/0xb0 [ 381.103493] ? __fget+0x210/0x370 [ 381.106949] block_ioctl+0xde/0x120 [ 381.110574] ? blkdev_fallocate+0x3b0/0x3b0 [ 381.114894] do_vfs_ioctl+0x7ae/0x1060 [ 381.118783] ? selinux_file_mprotect+0x5d0/0x5d0 [ 381.123532] ? lock_downgrade+0x740/0x740 [ 381.127674] ? ioctl_preallocate+0x1c0/0x1c0 [ 381.132078] ? __fget+0x237/0x370 [ 381.135532] ? security_file_ioctl+0x89/0xb0 [ 381.140890] SyS_ioctl+0x8f/0xc0 [ 381.144249] ? do_vfs_ioctl+0x1060/0x1060 [ 381.148398] do_syscall_64+0x1e8/0x640 [ 381.152278] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.157126] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.162309] RIP: 0033:0x45a4a7 [ 381.165490] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.173192] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 381.180452] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 381.187711] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 381.194984] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 381.202246] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:18 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:18 executing program 2 (fault-call:3 fault-nth:26): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 381.313206] FAULT_INJECTION: forcing a failure. [ 381.313206] name failslab, interval 1, probability 0, space 0, times 0 [ 381.326618] CPU: 1 PID: 19047 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 381.333661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.343372] Call Trace: [ 381.345980] dump_stack+0x142/0x197 [ 381.349658] should_fail.cold+0x10f/0x159 [ 381.353824] should_failslab+0xdb/0x130 [ 381.357803] kmem_cache_alloc_node+0x287/0x780 [ 381.365293] __alloc_skb+0x9c/0x500 [ 381.368928] ? skb_scrub_packet+0x4b0/0x4b0 [ 381.373265] ? netlink_has_listeners+0x20a/0x330 [ 381.378034] kobject_uevent_env+0x781/0xc23 [ 381.382373] kobject_uevent+0x20/0x26 [ 381.386180] lo_ioctl+0x11e7/0x1ce0 [ 381.389815] ? loop_probe+0x160/0x160 [ 381.393622] blkdev_ioctl+0x96b/0x1860 [ 381.397519] ? blkpg_ioctl+0x980/0x980 [ 381.401419] ? __might_sleep+0x93/0xb0 [ 381.405312] ? __fget+0x210/0x370 [ 381.408778] block_ioctl+0xde/0x120 [ 381.412411] ? blkdev_fallocate+0x3b0/0x3b0 [ 381.416731] do_vfs_ioctl+0x7ae/0x1060 [ 381.420628] ? selinux_file_mprotect+0x5d0/0x5d0 [ 381.425417] ? lock_downgrade+0x740/0x740 [ 381.429571] ? ioctl_preallocate+0x1c0/0x1c0 [ 381.433995] ? __fget+0x237/0x370 [ 381.437459] ? security_file_ioctl+0x89/0xb0 [ 381.441874] SyS_ioctl+0x8f/0xc0 [ 381.445252] ? do_vfs_ioctl+0x1060/0x1060 [ 381.449408] do_syscall_64+0x1e8/0x640 [ 381.453472] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.458324] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.463519] RIP: 0033:0x45a4a7 [ 381.466734] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.474444] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 381.481796] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 381.481802] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 381.481807] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 381.481813] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:18 executing program 3 (fault-call:0 fault-nth:24): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:18 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:18 executing program 1: openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x0, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:18 executing program 2 (fault-call:3 fault-nth:27): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 381.690697] FAULT_INJECTION: forcing a failure. [ 381.690697] name failslab, interval 1, probability 0, space 0, times 0 [ 381.708483] CPU: 1 PID: 19061 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 381.715529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.724884] Call Trace: [ 381.727474] dump_stack+0x142/0x197 [ 381.731121] should_fail.cold+0x10f/0x159 [ 381.735282] should_failslab+0xdb/0x130 [ 381.739264] kmem_cache_alloc_node_trace+0x280/0x770 [ 381.744371] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 381.749834] __kmalloc_node_track_caller+0x3d/0x80 [ 381.754754] __kmalloc_reserve.isra.0+0x40/0xe0 [ 381.759408] __alloc_skb+0xcf/0x500 [ 381.763016] ? skb_scrub_packet+0x4b0/0x4b0 [ 381.767322] ? netlink_has_listeners+0x20a/0x330 [ 381.772062] kobject_uevent_env+0x781/0xc23 [ 381.776364] ? internal_create_group+0x49a/0x7b0 [ 381.781109] kobject_uevent+0x20/0x26 [ 381.784892] lo_ioctl+0x11e7/0x1ce0 [ 381.788504] ? loop_probe+0x160/0x160 [ 381.792291] blkdev_ioctl+0x96b/0x1860 [ 381.796159] ? blkpg_ioctl+0x980/0x980 [ 381.800044] ? __might_sleep+0x93/0xb0 [ 381.803913] ? __fget+0x210/0x370 [ 381.807354] block_ioctl+0xde/0x120 [ 381.810961] ? blkdev_fallocate+0x3b0/0x3b0 [ 381.815276] do_vfs_ioctl+0x7ae/0x1060 [ 381.819147] ? selinux_file_mprotect+0x5d0/0x5d0 [ 381.823891] ? lock_downgrade+0x740/0x740 [ 381.828020] ? ioctl_preallocate+0x1c0/0x1c0 [ 381.832411] ? __fget+0x237/0x370 [ 381.835848] ? security_file_ioctl+0x89/0xb0 [ 381.840412] SyS_ioctl+0x8f/0xc0 [ 381.843759] ? do_vfs_ioctl+0x1060/0x1060 [ 381.847889] do_syscall_64+0x1e8/0x640 [ 381.851759] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.856589] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.861759] RIP: 0033:0x45a4a7 [ 381.864928] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.872617] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 381.879868] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 381.887295] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 381.894555] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 381.901814] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 381.922212] FAULT_INJECTION: forcing a failure. [ 381.922212] name failslab, interval 1, probability 0, space 0, times 0 [ 381.939769] CPU: 1 PID: 19071 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 381.946809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.956161] Call Trace: [ 381.956180] dump_stack+0x142/0x197 [ 381.956200] should_fail.cold+0x10f/0x159 [ 381.956216] should_failslab+0xdb/0x130 [ 381.956225] kmem_cache_alloc_node+0x287/0x780 [ 381.956242] __alloc_skb+0x9c/0x500 [ 381.956253] ? skb_scrub_packet+0x4b0/0x4b0 [ 381.956267] ? netlink_has_listeners+0x20a/0x330 [ 381.956280] kobject_uevent_env+0x781/0xc23 [ 381.992939] kobject_uevent+0x20/0x26 [ 381.996746] lo_ioctl+0x11e7/0x1ce0 [ 382.000379] ? loop_probe+0x160/0x160 [ 382.004190] blkdev_ioctl+0x96b/0x1860 [ 382.008077] ? blkpg_ioctl+0x980/0x980 [ 382.011980] ? __might_sleep+0x93/0xb0 [ 382.015869] ? __fget+0x210/0x370 [ 382.019326] block_ioctl+0xde/0x120 [ 382.022949] ? blkdev_fallocate+0x3b0/0x3b0 [ 382.027273] do_vfs_ioctl+0x7ae/0x1060 [ 382.031167] ? selinux_file_mprotect+0x5d0/0x5d0 [ 382.035918] ? lock_downgrade+0x740/0x740 [ 382.040070] ? ioctl_preallocate+0x1c0/0x1c0 [ 382.044484] ? __fget+0x237/0x370 [ 382.047949] ? security_file_ioctl+0x89/0xb0 [ 382.052364] SyS_ioctl+0x8f/0xc0 [ 382.055725] ? do_vfs_ioctl+0x1060/0x1060 [ 382.059874] do_syscall_64+0x1e8/0x640 [ 382.063764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.068611] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 382.073802] RIP: 0033:0x45a4a7 [ 382.076985] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 382.084698] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 382.091974] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 382.099243] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 382.106510] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 382.113792] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:19 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:19 executing program 3 (fault-call:0 fault-nth:25): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:19 executing program 2 (fault-call:3 fault-nth:28): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 382.285494] FAULT_INJECTION: forcing a failure. [ 382.285494] name failslab, interval 1, probability 0, space 0, times 0 [ 382.297989] CPU: 0 PID: 19092 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 382.305020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.314392] Call Trace: [ 382.316978] dump_stack+0x142/0x197 [ 382.320612] should_fail.cold+0x10f/0x159 [ 382.324764] should_failslab+0xdb/0x130 [ 382.324779] kmem_cache_alloc_node_trace+0x280/0x770 [ 382.324796] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 382.333851] __kmalloc_node_track_caller+0x3d/0x80 [ 382.333866] __kmalloc_reserve.isra.0+0x40/0xe0 [ 382.333877] __alloc_skb+0xcf/0x500 [ 382.333885] ? skb_scrub_packet+0x4b0/0x4b0 [ 382.333897] ? netlink_has_listeners+0x20a/0x330 [ 382.333911] kobject_uevent_env+0x781/0xc23 [ 382.333933] kobject_uevent+0x20/0x26 [ 382.369688] lo_ioctl+0x11e7/0x1ce0 [ 382.373328] ? loop_probe+0x160/0x160 [ 382.377127] blkdev_ioctl+0x96b/0x1860 [ 382.381017] ? blkpg_ioctl+0x980/0x980 [ 382.384910] ? __might_sleep+0x93/0xb0 [ 382.388793] ? __fget+0x210/0x370 [ 382.392251] block_ioctl+0xde/0x120 [ 382.395877] ? blkdev_fallocate+0x3b0/0x3b0 [ 382.400194] do_vfs_ioctl+0x7ae/0x1060 [ 382.404083] ? selinux_file_mprotect+0x5d0/0x5d0 [ 382.408836] ? lock_downgrade+0x740/0x740 [ 382.412988] ? ioctl_preallocate+0x1c0/0x1c0 [ 382.417398] ? __fget+0x237/0x370 [ 382.420859] ? security_file_ioctl+0x89/0xb0 [ 382.425272] SyS_ioctl+0x8f/0xc0 [ 382.428641] ? do_vfs_ioctl+0x1060/0x1060 [ 382.432912] do_syscall_64+0x1e8/0x640 [ 382.436807] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.441662] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 382.446852] RIP: 0033:0x45a4a7 [ 382.450042] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 382.457751] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 382.465020] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 382.472305] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 382.472311] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 382.472316] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 382.499087] FAULT_INJECTION: forcing a failure. [ 382.499087] name failslab, interval 1, probability 0, space 0, times 0 [ 382.522000] CPU: 1 PID: 19094 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 382.529064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.529068] Call Trace: [ 382.529085] dump_stack+0x142/0x197 [ 382.529104] should_fail.cold+0x10f/0x159 [ 382.529121] should_failslab+0xdb/0x130 [ 382.529131] kmem_cache_alloc_node_trace+0x280/0x770 [ 382.529146] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 382.529160] __kmalloc_node_track_caller+0x3d/0x80 [ 382.529176] __kmalloc_reserve.isra.0+0x40/0xe0 [ 382.529190] __alloc_skb+0xcf/0x500 [ 382.576507] ? skb_scrub_packet+0x4b0/0x4b0 [ 382.580824] ? netlink_has_listeners+0x20a/0x330 [ 382.585576] kobject_uevent_env+0x781/0xc23 [ 382.589886] kobject_uevent+0x20/0x26 [ 382.593675] lo_ioctl+0x11e7/0x1ce0 [ 382.597309] ? loop_probe+0x160/0x160 [ 382.601101] blkdev_ioctl+0x96b/0x1860 [ 382.604985] ? blkpg_ioctl+0x980/0x980 [ 382.608912] ? __might_sleep+0x93/0xb0 [ 382.612786] ? __fget+0x210/0x370 [ 382.616293] block_ioctl+0xde/0x120 [ 382.619902] ? blkdev_fallocate+0x3b0/0x3b0 [ 382.624215] do_vfs_ioctl+0x7ae/0x1060 [ 382.628102] ? selinux_file_mprotect+0x5d0/0x5d0 [ 382.632845] ? lock_downgrade+0x740/0x740 [ 382.637116] ? ioctl_preallocate+0x1c0/0x1c0 [ 382.641521] ? __fget+0x237/0x370 [ 382.644980] ? security_file_ioctl+0x89/0xb0 [ 382.649388] SyS_ioctl+0x8f/0xc0 [ 382.652749] ? do_vfs_ioctl+0x1060/0x1060 [ 382.656895] do_syscall_64+0x1e8/0x640 [ 382.660778] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.665621] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 382.670794] RIP: 0033:0x45a4a7 [ 382.673961] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 382.681659] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 382.688926] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 382.696188] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 382.703445] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 382.710727] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:19 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:19 executing program 3 (fault-call:0 fault-nth:26): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:19 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000680)='/dev/cachefiles\x00', 0x2000, 0x0) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000006c0)="e87738fbe1d9c5222576b3ef6f5307877d67d63f413732cebfd4") getresuid(&(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000480)=0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000600)='/dev/autofs\x00', 0x10800, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0x40405515, &(0x7f0000000640)={0x9, 0x2, 0x1, 0x10000, '\x00', 0x2}) syz_mount_image$jfs(&(0x7f0000000080)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0x6, 0x2, &(0x7f0000000280)=[{&(0x7f0000000140)="ec6f89c6f352b8e46a4c576d2bc5db1e9bb24073842fafad4c536adec7a79087639dd4a412ca8b74d097eb7347dee652918e3be4863e5dd93eb7b0c9eaae553e994dcbca0b411d4af742792cbd8b52a89876408afd4e9dd17700e394139f08e1ea754ad7b7513c848b43f3e36551ec", 0x6f, 0x6}, {&(0x7f00000001c0)="27f8ff7931f908463b18dfdfd8c40f0de0c27a9da1307e2e073e41502577166f1d5a46a896581a35d859af2d16b8a7a1fe96fa86f3d7f3ce79c2f4da0623246800e049428dd10a9d63e6a3bbb850fe436518c27b0860b9e7db1a054c202590d9e8ce44b3aece568cafd9a137ed48d244633b71354cfad466a92fe5be1bb13057550b82c7ad8c91a1f2e7f7d3fdc718b4f3a64c127f6d22b0396e8374ceae55bde888d4aabbd1", 0xa6, 0xdbb5}], 0xb00042, &(0x7f00000004c0)={[{@gid={'gid', 0x3d, r0}}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}, {@nodiscard='nodiscard'}, {@integrity='integrity'}, {@usrquota='usrquota'}, {@grpquota='grpquota'}], [{@smackfsroot={'smackfsroot', 0x3d, 'md5sumnodev'}}, {@smackfshat={'smackfshat', 0x3d, 'btrfs\x00'}}, {@func={'func', 0x3d, 'CREDS_CHECK'}}, {@uid_eq={'uid', 0x3d, r2}}, {@obj_user={'obj_user', 0x3d, 'vmnet0wlan1mime_type@$%eth0{trustedppp1'}}, {@fsmagic={'fsmagic', 0x3d, 0x7}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'btrfs\x00'}}, {@seclabel='seclabel'}]}) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f0000000800)={0x2000, 0x118000}) r7 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000700)={0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xc}}}, 0x3, 0x1, 0x4, 0x20, 0x2}, &(0x7f00000007c0)=0x98) [ 382.986002] FAULT_INJECTION: forcing a failure. [ 382.986002] name failslab, interval 1, probability 0, space 0, times 0 [ 383.003651] CPU: 0 PID: 19120 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 383.010692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.020066] Call Trace: [ 383.022664] dump_stack+0x142/0x197 [ 383.026313] should_fail.cold+0x10f/0x159 [ 383.030474] should_failslab+0xdb/0x130 [ 383.034457] kmem_cache_alloc_node_trace+0x280/0x770 [ 383.039573] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 383.045022] __kmalloc_node_track_caller+0x3d/0x80 [ 383.049952] __kmalloc_reserve.isra.0+0x40/0xe0 [ 383.054620] __alloc_skb+0xcf/0x500 [ 383.058246] ? skb_scrub_packet+0x4b0/0x4b0 [ 383.062572] ? netlink_has_listeners+0x20a/0x330 [ 383.067331] kobject_uevent_env+0x781/0xc23 [ 383.071656] kobject_uevent+0x20/0x26 [ 383.075451] lo_ioctl+0x11e7/0x1ce0 [ 383.079080] ? loop_probe+0x160/0x160 [ 383.082880] blkdev_ioctl+0x96b/0x1860 [ 383.086761] ? blkpg_ioctl+0x980/0x980 [ 383.090651] ? __might_sleep+0x93/0xb0 [ 383.094711] ? __fget+0x210/0x370 [ 383.098170] block_ioctl+0xde/0x120 [ 383.101797] ? blkdev_fallocate+0x3b0/0x3b0 [ 383.106110] do_vfs_ioctl+0x7ae/0x1060 [ 383.109993] ? selinux_file_mprotect+0x5d0/0x5d0 [ 383.114743] ? lock_downgrade+0x740/0x740 [ 383.118886] ? ioctl_preallocate+0x1c0/0x1c0 [ 383.123288] ? __fget+0x237/0x370 [ 383.126740] ? security_file_ioctl+0x89/0xb0 [ 383.131150] SyS_ioctl+0x8f/0xc0 [ 383.134512] ? do_vfs_ioctl+0x1060/0x1060 [ 383.138658] do_syscall_64+0x1e8/0x640 [ 383.142539] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.147382] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 383.152561] RIP: 0033:0x45a4a7 [ 383.155741] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 383.163443] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 383.170707] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 383.177969] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 383.185232] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 383.192495] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 383.510161] net_ratelimit: 16 callbacks suppressed [ 383.510167] protocol 88fb is buggy, dev hsr_slave_0 [ 383.520255] protocol 88fb is buggy, dev hsr_slave_1 [ 383.750128] protocol 88fb is buggy, dev hsr_slave_0 [ 383.755290] protocol 88fb is buggy, dev hsr_slave_1 14:33:20 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:20 executing program 2 (fault-call:3 fault-nth:29): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:20 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r1, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) fstatfs(r0, &(0x7f0000000000)=""/38) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r6, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f0000000000)={r7, @in, 0xfffc}, 0x90) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r7, 0x6}, &(0x7f0000000180)=0x8) r8 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r8, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r10 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r10, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r9, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r9, 0xae80, 0x0) 14:33:20 executing program 1: r0 = open(&(0x7f0000000080)='./file0\x00', 0xa636c5c64342f560, 0x20) ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000140)={0x0, 0x0, [], @raw_data=[0x0, 0xffffffff, 0xffff, 0x7fff, 0x4, 0x6, 0xff, 0x3, 0x33d4, 0x4, 0x34d, 0x3, 0x1, 0x5, 0x9, 0xffff, 0x1, 0xff, 0x4, 0xb3, 0x4, 0x8, 0x10001, 0x20, 0x8, 0x6, 0x32c, 0x1, 0x2, 0x9, 0x81, 0x8]}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x1) 14:33:20 executing program 3 (fault-call:0 fault-nth:27): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:20 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 384.076481] FAULT_INJECTION: forcing a failure. [ 384.076481] name failslab, interval 1, probability 0, space 0, times 0 [ 384.088026] CPU: 1 PID: 19143 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 384.095049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.105455] Call Trace: [ 384.108047] dump_stack+0x142/0x197 [ 384.111686] should_fail.cold+0x10f/0x159 [ 384.115842] should_failslab+0xdb/0x130 [ 384.119821] kmem_cache_alloc_node_trace+0x280/0x770 [ 384.124929] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 384.130386] __kmalloc_node_track_caller+0x3d/0x80 [ 384.135322] __kmalloc_reserve.isra.0+0x40/0xe0 [ 384.139994] __alloc_skb+0xcf/0x500 [ 384.143619] ? skb_scrub_packet+0x4b0/0x4b0 [ 384.147940] ? netlink_has_listeners+0x20a/0x330 [ 384.152701] kobject_uevent_env+0x781/0xc23 [ 384.157034] kobject_uevent+0x20/0x26 [ 384.160836] lo_ioctl+0x11e7/0x1ce0 [ 384.164470] ? loop_probe+0x160/0x160 [ 384.168270] blkdev_ioctl+0x96b/0x1860 [ 384.172157] ? blkpg_ioctl+0x980/0x980 [ 384.176053] ? __might_sleep+0x93/0xb0 [ 384.179937] ? __fget+0x210/0x370 [ 384.183394] block_ioctl+0xde/0x120 [ 384.187021] ? blkdev_fallocate+0x3b0/0x3b0 [ 384.191343] do_vfs_ioctl+0x7ae/0x1060 [ 384.195252] ? selinux_file_mprotect+0x5d0/0x5d0 [ 384.200007] ? lock_downgrade+0x740/0x740 [ 384.204170] ? ioctl_preallocate+0x1c0/0x1c0 [ 384.208582] ? __fget+0x237/0x370 [ 384.212044] ? security_file_ioctl+0x89/0xb0 [ 384.216452] SyS_ioctl+0x8f/0xc0 [ 384.216462] ? do_vfs_ioctl+0x1060/0x1060 [ 384.216477] do_syscall_64+0x1e8/0x640 [ 384.216486] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.216504] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.216512] RIP: 0033:0x45a4a7 [ 384.216518] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.216529] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 384.216535] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 384.216540] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 384.216546] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 384.216551] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 384.246838] FAULT_INJECTION: forcing a failure. [ 384.246838] name failslab, interval 1, probability 0, space 0, times 0 [ 384.276986] CPU: 1 PID: 19140 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 384.304944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.314301] Call Trace: [ 384.316888] dump_stack+0x142/0x197 [ 384.320527] should_fail.cold+0x10f/0x159 [ 384.324682] should_failslab+0xdb/0x130 [ 384.328654] kmem_cache_alloc_node+0x287/0x780 [ 384.333248] __alloc_skb+0x9c/0x500 [ 384.336877] ? skb_scrub_packet+0x4b0/0x4b0 [ 384.341204] ? netlink_has_listeners+0x20a/0x330 [ 384.345971] kobject_uevent_env+0x781/0xc23 [ 384.350401] kobject_uevent+0x20/0x26 [ 384.354207] lo_ioctl+0x11e7/0x1ce0 [ 384.357840] ? loop_probe+0x160/0x160 [ 384.361629] blkdev_ioctl+0x96b/0x1860 [ 384.365507] ? blkpg_ioctl+0x980/0x980 [ 384.369385] ? __might_sleep+0x93/0xb0 [ 384.373253] ? __fget+0x210/0x370 [ 384.376691] block_ioctl+0xde/0x120 [ 384.380307] ? blkdev_fallocate+0x3b0/0x3b0 [ 384.384612] do_vfs_ioctl+0x7ae/0x1060 [ 384.388491] ? selinux_file_mprotect+0x5d0/0x5d0 [ 384.393247] ? lock_downgrade+0x740/0x740 [ 384.397378] ? ioctl_preallocate+0x1c0/0x1c0 [ 384.401771] ? __fget+0x237/0x370 [ 384.405213] ? security_file_ioctl+0x89/0xb0 [ 384.409608] SyS_ioctl+0x8f/0xc0 [ 384.412955] ? do_vfs_ioctl+0x1060/0x1060 [ 384.417085] do_syscall_64+0x1e8/0x640 [ 384.420955] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.426747] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.431926] RIP: 0033:0x45a4a7 [ 384.435107] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.442809] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 384.450062] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 384.457316] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 384.464571] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 384.471827] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 384.479349] protocol 88fb is buggy, dev hsr_slave_0 [ 384.484467] protocol 88fb is buggy, dev hsr_slave_1 14:33:21 executing program 3 (fault-call:0 fault-nth:28): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:21 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:21 executing program 1: r0 = open(&(0x7f0000000080)='./file0\x00', 0x21a0, 0x4b) ioctl$FIONREAD(r0, 0x541b, &(0x7f00000000c0)) r1 = syz_open_dev$midi(&(0x7f0000000180)='/dev\x00\xcb\b\x00', 0xf4c, 0x141302) recvfrom(r0, &(0x7f0000000140)=""/48, 0x30, 0x1, &(0x7f00000001c0)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x0, 0x3, 0x1, 0x1, {0xa, 0x4e23, 0x6, @mcast2, 0x8}}}, 0x80) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$CAN_RAW_FILTER(r3, 0x65, 0x1, &(0x7f0000000240), 0x0) 14:33:21 executing program 2 (fault-call:3 fault-nth:30): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 384.765874] FAULT_INJECTION: forcing a failure. [ 384.765874] name failslab, interval 1, probability 0, space 0, times 0 [ 384.789899] CPU: 0 PID: 19168 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 384.796947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.806472] Call Trace: [ 384.806492] dump_stack+0x142/0x197 [ 384.806509] should_fail.cold+0x10f/0x159 [ 384.806524] should_failslab+0xdb/0x130 [ 384.812723] kmem_cache_alloc_node+0x287/0x780 [ 384.812745] __alloc_skb+0x9c/0x500 [ 384.812757] ? skb_scrub_packet+0x4b0/0x4b0 [ 384.812769] ? netlink_has_listeners+0x20a/0x330 [ 384.812784] kobject_uevent_env+0x781/0xc23 [ 384.842423] kobject_uevent+0x20/0x26 [ 384.846225] lo_ioctl+0x11e7/0x1ce0 [ 384.849867] ? loop_probe+0x160/0x160 [ 384.853671] blkdev_ioctl+0x96b/0x1860 [ 384.857563] ? blkpg_ioctl+0x980/0x980 [ 384.861455] ? __might_sleep+0x93/0xb0 [ 384.865341] ? __fget+0x210/0x370 [ 384.868793] block_ioctl+0xde/0x120 [ 384.872420] ? blkdev_fallocate+0x3b0/0x3b0 [ 384.876747] do_vfs_ioctl+0x7ae/0x1060 [ 384.880634] ? selinux_file_mprotect+0x5d0/0x5d0 [ 384.885402] ? lock_downgrade+0x740/0x740 [ 384.889553] ? ioctl_preallocate+0x1c0/0x1c0 [ 384.893961] ? __fget+0x237/0x370 [ 384.897428] ? security_file_ioctl+0x89/0xb0 [ 384.901838] SyS_ioctl+0x8f/0xc0 [ 384.905203] ? do_vfs_ioctl+0x1060/0x1060 [ 384.909351] do_syscall_64+0x1e8/0x640 [ 384.913236] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.918084] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.923270] RIP: 0033:0x45a4a7 [ 384.926458] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 384.934172] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 384.941435] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 384.941441] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 384.941445] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 384.941450] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 384.956737] protocol 88fb is buggy, dev hsr_slave_0 [ 384.957035] protocol 88fb is buggy, dev hsr_slave_1 [ 384.957655] protocol 88fb is buggy, dev hsr_slave_0 [ 384.958030] protocol 88fb is buggy, dev hsr_slave_1 [ 385.021904] FAULT_INJECTION: forcing a failure. [ 385.021904] name failslab, interval 1, probability 0, space 0, times 0 [ 385.039675] CPU: 0 PID: 19182 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 385.046782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.056155] Call Trace: [ 385.058737] dump_stack+0x142/0x197 [ 385.062354] should_fail.cold+0x10f/0x159 [ 385.066502] should_failslab+0xdb/0x130 [ 385.070462] kmem_cache_alloc_node+0x287/0x780 [ 385.075032] __alloc_skb+0x9c/0x500 [ 385.078640] ? skb_scrub_packet+0x4b0/0x4b0 [ 385.082962] ? netlink_has_listeners+0x20a/0x330 [ 385.087702] kobject_uevent_env+0x781/0xc23 [ 385.092011] kobject_uevent+0x20/0x26 [ 385.095795] lo_ioctl+0x11e7/0x1ce0 [ 385.099408] ? loop_probe+0x160/0x160 [ 385.103201] blkdev_ioctl+0x96b/0x1860 [ 385.107068] ? blkpg_ioctl+0x980/0x980 [ 385.110941] ? __might_sleep+0x93/0xb0 [ 385.114819] ? __fget+0x210/0x370 [ 385.118263] block_ioctl+0xde/0x120 [ 385.121872] ? blkdev_fallocate+0x3b0/0x3b0 [ 385.127131] do_vfs_ioctl+0x7ae/0x1060 [ 385.131011] ? selinux_file_mprotect+0x5d0/0x5d0 [ 385.135756] ? lock_downgrade+0x740/0x740 [ 385.139974] ? ioctl_preallocate+0x1c0/0x1c0 [ 385.144370] ? __fget+0x237/0x370 [ 385.147813] ? security_file_ioctl+0x89/0xb0 [ 385.152205] SyS_ioctl+0x8f/0xc0 [ 385.155554] ? do_vfs_ioctl+0x1060/0x1060 [ 385.160204] do_syscall_64+0x1e8/0x640 [ 385.164073] ? trace_hardirqs_off_thunk+0x1a/0x1c 14:33:22 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 385.168901] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 385.174072] RIP: 0033:0x45a4a7 [ 385.177337] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 385.185031] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 385.192280] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 385.199541] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 385.206890] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 385.214177] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:22 executing program 3 (fault-call:0 fault-nth:29): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x5}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f00000002c0)=[{{&(0x7f0000000540)=@isdn, 0xfdae, &(0x7f00000005c0), 0x0, &(0x7f0000002e80)=""/51, 0x33}}, {{&(0x7f0000002ec0)=@nfc_llcp, 0x80, &(0x7f0000000180)=[{0x0}, {&(0x7f00000030c0)=""/207, 0xcf}], 0x2, &(0x7f0000003300)=""/4096, 0x1000}}, {{&(0x7f0000004300)=@caif=@util, 0x80, 0x0, 0x0, &(0x7f0000000600)=""/168, 0xa8}}], 0x3, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) getpid() fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x24000) ioctl$EXT4_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)) io_setup(0x8, &(0x7f00000004c0)) accept$netrom(r3, &(0x7f0000000480)={{0x3, @null}, [@bcast, @default, @default, @rose, @bcast, @null, @null, @netrom]}, &(0x7f00000000c0)=0x48) r4 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x24000) r5 = dup(r4) r6 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x0) ftruncate(r6, 0x2007fff) sendfile(r5, r6, 0x0, 0x8000fffffffe) ioctl$PPPIOCGCHAN(r5, 0x80047437, &(0x7f0000000140)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:22 executing program 2 (fault-call:3 fault-nth:31): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 385.361703] FAULT_INJECTION: forcing a failure. [ 385.361703] name failslab, interval 1, probability 0, space 0, times 0 [ 385.387485] CPU: 1 PID: 19200 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 385.394538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.403897] Call Trace: [ 385.406496] dump_stack+0x142/0x197 [ 385.410142] should_fail.cold+0x10f/0x159 [ 385.414303] should_failslab+0xdb/0x130 [ 385.418291] kmem_cache_alloc_node+0x287/0x780 [ 385.422897] __alloc_skb+0x9c/0x500 [ 385.426521] ? skb_scrub_packet+0x4b0/0x4b0 [ 385.430843] ? netlink_has_listeners+0x20a/0x330 [ 385.435685] kobject_uevent_env+0x781/0xc23 [ 385.440015] kobject_uevent+0x20/0x26 [ 385.443810] lo_ioctl+0x11e7/0x1ce0 [ 385.447432] ? loop_probe+0x160/0x160 [ 385.451228] blkdev_ioctl+0x96b/0x1860 [ 385.455112] ? blkpg_ioctl+0x980/0x980 [ 385.459007] ? __might_sleep+0x93/0xb0 [ 385.462891] ? __fget+0x210/0x370 [ 385.466359] block_ioctl+0xde/0x120 [ 385.469981] ? blkdev_fallocate+0x3b0/0x3b0 [ 385.474296] do_vfs_ioctl+0x7ae/0x1060 [ 385.478176] ? selinux_file_mprotect+0x5d0/0x5d0 [ 385.482932] ? lock_downgrade+0x740/0x740 [ 385.487072] ? ioctl_preallocate+0x1c0/0x1c0 [ 385.491479] ? __fget+0x237/0x370 [ 385.494933] ? security_file_ioctl+0x89/0xb0 [ 385.499337] SyS_ioctl+0x8f/0xc0 [ 385.502698] ? do_vfs_ioctl+0x1060/0x1060 [ 385.506845] do_syscall_64+0x1e8/0x640 [ 385.510725] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.515566] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 385.520762] RIP: 0033:0x45a4a7 [ 385.523942] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 385.531644] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 385.538917] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 385.546197] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 385.553461] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 385.560721] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 385.582437] FAULT_INJECTION: forcing a failure. [ 385.582437] name failslab, interval 1, probability 0, space 0, times 0 [ 385.602667] CPU: 1 PID: 19206 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 385.609716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.619075] Call Trace: [ 385.621677] dump_stack+0x142/0x197 [ 385.625324] should_fail.cold+0x10f/0x159 [ 385.629483] should_failslab+0xdb/0x130 [ 385.633461] kmem_cache_alloc_node+0x287/0x780 [ 385.638058] __alloc_skb+0x9c/0x500 [ 385.641692] ? skb_scrub_packet+0x4b0/0x4b0 [ 385.646030] ? netlink_has_listeners+0x20a/0x330 [ 385.650793] kobject_uevent_env+0x781/0xc23 [ 385.655127] kobject_uevent+0x20/0x26 [ 385.658940] lo_ioctl+0x11e7/0x1ce0 [ 385.662574] ? loop_probe+0x160/0x160 [ 385.666379] blkdev_ioctl+0x96b/0x1860 [ 385.670270] ? blkpg_ioctl+0x980/0x980 [ 385.674166] ? __might_sleep+0x93/0xb0 [ 385.678057] ? __fget+0x210/0x370 [ 385.681516] block_ioctl+0xde/0x120 [ 385.685146] ? blkdev_fallocate+0x3b0/0x3b0 [ 385.689472] do_vfs_ioctl+0x7ae/0x1060 [ 385.693364] ? selinux_file_mprotect+0x5d0/0x5d0 [ 385.698121] ? lock_downgrade+0x740/0x740 [ 385.702272] ? ioctl_preallocate+0x1c0/0x1c0 [ 385.706686] ? __fget+0x237/0x370 [ 385.710148] ? security_file_ioctl+0x89/0xb0 [ 385.714556] SyS_ioctl+0x8f/0xc0 [ 385.714567] ? do_vfs_ioctl+0x1060/0x1060 [ 385.714581] do_syscall_64+0x1e8/0x640 [ 385.714589] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.714605] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 385.714613] RIP: 0033:0x45a4a7 [ 385.714618] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 385.714628] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 385.714634] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 385.714640] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 385.714645] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 385.714651] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:23 executing program 2 (fault-call:3 fault-nth:32): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:23 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:23 executing program 3 (fault-call:0 fault-nth:30): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:23 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:23 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r6) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = dup2(r8, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) r11 = dup2(r10, r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) r12 = socket$inet6_tcp(0xa, 0x1, 0x0) r13 = dup2(r12, r12) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0xabeb) ioctl$TIOCGWINSZ(r7, 0x5413, &(0x7f0000000180)) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$KVM_SET_VAPIC_ADDR(r5, 0x4008ae93, &(0x7f0000000000)=0xd000) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) pipe2(&(0x7f00000001c0)={0xffffffffffffffff}, 0x4000) ioctl$UFFDIO_REGISTER(r14, 0xc020aa00, &(0x7f0000000200)={{&(0x7f000000f000/0x2000)=nil, 0x2000}, 0x2}) r15 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r15, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) write$P9_RXATTRWALK(r5, &(0x7f0000000100)={0xf, 0x1f, 0x1, 0xf87d}, 0xf) [ 386.385503] FAULT_INJECTION: forcing a failure. [ 386.385503] name failslab, interval 1, probability 0, space 0, times 0 [ 386.399710] CPU: 0 PID: 19232 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 386.406750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.416103] Call Trace: [ 386.418701] dump_stack+0x142/0x197 [ 386.422333] should_fail.cold+0x10f/0x159 [ 386.426487] should_failslab+0xdb/0x130 [ 386.430468] kmem_cache_alloc_node_trace+0x280/0x770 [ 386.435572] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 386.441031] __kmalloc_node_track_caller+0x3d/0x80 [ 386.445968] __kmalloc_reserve.isra.0+0x40/0xe0 [ 386.450641] __alloc_skb+0xcf/0x500 [ 386.454276] ? skb_scrub_packet+0x4b0/0x4b0 [ 386.458602] ? netlink_has_listeners+0x20a/0x330 [ 386.463360] kobject_uevent_env+0x781/0xc23 [ 386.467695] kobject_uevent+0x20/0x26 [ 386.471494] lo_ioctl+0x11e7/0x1ce0 [ 386.475119] ? loop_probe+0x160/0x160 [ 386.478921] blkdev_ioctl+0x96b/0x1860 [ 386.482813] ? blkpg_ioctl+0x980/0x980 [ 386.486703] ? __might_sleep+0x93/0xb0 [ 386.490588] ? __fget+0x210/0x370 [ 386.494055] block_ioctl+0xde/0x120 [ 386.497679] ? blkdev_fallocate+0x3b0/0x3b0 [ 386.502005] do_vfs_ioctl+0x7ae/0x1060 [ 386.505899] ? selinux_file_mprotect+0x5d0/0x5d0 [ 386.510656] ? lock_downgrade+0x740/0x740 [ 386.514801] ? ioctl_preallocate+0x1c0/0x1c0 [ 386.519205] ? __fget+0x237/0x370 [ 386.522656] ? security_file_ioctl+0x89/0xb0 [ 386.527060] SyS_ioctl+0x8f/0xc0 [ 386.530424] ? do_vfs_ioctl+0x1060/0x1060 [ 386.534567] do_syscall_64+0x1e8/0x640 [ 386.538446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.543289] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 386.548470] RIP: 0033:0x45a4a7 [ 386.551654] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 386.559357] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 386.566616] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 386.575870] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 386.583128] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 386.590388] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 386.609926] FAULT_INJECTION: forcing a failure. [ 386.609926] name failslab, interval 1, probability 0, space 0, times 0 [ 386.633698] CPU: 0 PID: 19234 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 386.640739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.650092] Call Trace: [ 386.652677] dump_stack+0x142/0x197 [ 386.656307] should_fail.cold+0x10f/0x159 [ 386.660455] should_failslab+0xdb/0x130 [ 386.664428] kmem_cache_alloc_node+0x287/0x780 [ 386.669010] __alloc_skb+0x9c/0x500 [ 386.672631] ? skb_scrub_packet+0x4b0/0x4b0 [ 386.676949] ? netlink_has_listeners+0x20a/0x330 [ 386.681701] kobject_uevent_env+0x781/0xc23 [ 386.686026] kobject_uevent+0x20/0x26 [ 386.689817] lo_ioctl+0x11e7/0x1ce0 [ 386.693440] ? loop_probe+0x160/0x160 [ 386.697241] blkdev_ioctl+0x96b/0x1860 [ 386.701121] ? blkpg_ioctl+0x980/0x980 [ 386.705041] ? __might_sleep+0x93/0xb0 [ 386.708920] ? __fget+0x210/0x370 [ 386.712372] block_ioctl+0xde/0x120 [ 386.715991] ? blkdev_fallocate+0x3b0/0x3b0 [ 386.720311] do_vfs_ioctl+0x7ae/0x1060 [ 386.724190] ? selinux_file_mprotect+0x5d0/0x5d0 [ 386.728940] ? lock_downgrade+0x740/0x740 [ 386.733079] ? ioctl_preallocate+0x1c0/0x1c0 [ 386.737479] ? __fget+0x237/0x370 [ 386.740930] ? security_file_ioctl+0x89/0xb0 [ 386.745332] SyS_ioctl+0x8f/0xc0 [ 386.748689] ? do_vfs_ioctl+0x1060/0x1060 [ 386.752836] do_syscall_64+0x1e8/0x640 [ 386.756715] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.761559] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 386.766737] RIP: 0033:0x45a4a7 [ 386.769916] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 386.777618] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 386.784879] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 386.792151] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 386.799593] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 386.806856] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:23 executing program 2 (fault-call:3 fault-nth:33): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:23 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 14:33:23 executing program 3 (fault-call:0 fault-nth:31): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 387.073541] FAULT_INJECTION: forcing a failure. [ 387.073541] name failslab, interval 1, probability 0, space 0, times 0 [ 387.098396] CPU: 0 PID: 19263 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 387.105477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.114829] Call Trace: [ 387.117427] dump_stack+0x142/0x197 [ 387.121066] should_fail.cold+0x10f/0x159 [ 387.121084] should_failslab+0xdb/0x130 [ 387.121096] kmem_cache_alloc_node+0x287/0x780 [ 387.121114] __alloc_skb+0x9c/0x500 [ 387.129220] ? skb_scrub_packet+0x4b0/0x4b0 [ 387.129235] ? netlink_has_listeners+0x20a/0x330 [ 387.129248] kobject_uevent_env+0x781/0xc23 [ 387.129264] kobject_uevent+0x20/0x26 [ 387.155253] lo_ioctl+0x11e7/0x1ce0 [ 387.158862] ? loop_probe+0x160/0x160 [ 387.162644] blkdev_ioctl+0x96b/0x1860 [ 387.166522] ? blkpg_ioctl+0x980/0x980 [ 387.170409] ? __might_sleep+0x93/0xb0 [ 387.174277] ? __fget+0x210/0x370 [ 387.177717] block_ioctl+0xde/0x120 [ 387.181332] ? blkdev_fallocate+0x3b0/0x3b0 [ 387.185635] do_vfs_ioctl+0x7ae/0x1060 [ 387.189512] ? selinux_file_mprotect+0x5d0/0x5d0 [ 387.194252] ? lock_downgrade+0x740/0x740 [ 387.198379] ? ioctl_preallocate+0x1c0/0x1c0 [ 387.202776] ? __fget+0x237/0x370 [ 387.206214] ? security_file_ioctl+0x89/0xb0 [ 387.214002] SyS_ioctl+0x8f/0xc0 [ 387.217350] ? do_vfs_ioctl+0x1060/0x1060 [ 387.221490] do_syscall_64+0x1e8/0x640 [ 387.225359] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.230197] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.235364] RIP: 0033:0x45a4a7 [ 387.238541] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 387.246230] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 387.253493] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 387.260757] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 14:33:24 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:24 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 387.268006] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 387.275370] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 387.287809] FAULT_INJECTION: forcing a failure. [ 387.287809] name failslab, interval 1, probability 0, space 0, times 0 [ 387.328701] CPU: 1 PID: 19270 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 387.335746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.345107] Call Trace: [ 387.347696] dump_stack+0x142/0x197 [ 387.351324] should_fail.cold+0x10f/0x159 [ 387.355468] should_failslab+0xdb/0x130 [ 387.359440] kmem_cache_alloc_node+0x287/0x780 [ 387.364027] __alloc_skb+0x9c/0x500 [ 387.367648] ? skb_scrub_packet+0x4b0/0x4b0 [ 387.371967] ? netlink_has_listeners+0x20a/0x330 [ 387.376719] kobject_uevent_env+0x781/0xc23 [ 387.381044] kobject_uevent+0x20/0x26 [ 387.384838] lo_ioctl+0x11e7/0x1ce0 [ 387.388463] ? loop_probe+0x160/0x160 [ 387.392257] blkdev_ioctl+0x96b/0x1860 [ 387.396136] ? blkpg_ioctl+0x980/0x980 [ 387.400029] ? __might_sleep+0x93/0xb0 [ 387.404427] ? __fget+0x210/0x370 [ 387.407880] block_ioctl+0xde/0x120 [ 387.411498] ? blkdev_fallocate+0x3b0/0x3b0 [ 387.415829] do_vfs_ioctl+0x7ae/0x1060 [ 387.419720] ? selinux_file_mprotect+0x5d0/0x5d0 [ 387.424480] ? lock_downgrade+0x740/0x740 [ 387.428642] ? ioctl_preallocate+0x1c0/0x1c0 [ 387.433049] ? __fget+0x237/0x370 [ 387.436522] ? security_file_ioctl+0x89/0xb0 [ 387.440936] SyS_ioctl+0x8f/0xc0 [ 387.444303] ? do_vfs_ioctl+0x1060/0x1060 [ 387.448449] do_syscall_64+0x1e8/0x640 [ 387.452337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.457181] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.462365] RIP: 0033:0x45a4a7 [ 387.465547] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 14:33:24 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000180)={{&(0x7f0000000080)=""/90, 0x5a}, &(0x7f0000000140), 0x8e23db7fef17e96f}, 0x20) [ 387.473246] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 387.480503] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 387.487762] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 387.495025] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 387.502286] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:24 executing program 2 (fault-call:3 fault-nth:34): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:24 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 387.695406] FAULT_INJECTION: forcing a failure. [ 387.695406] name failslab, interval 1, probability 0, space 0, times 0 [ 387.709832] CPU: 0 PID: 19291 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 387.716872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.726231] Call Trace: [ 387.728831] dump_stack+0x142/0x197 [ 387.732473] should_fail.cold+0x10f/0x159 [ 387.736635] should_failslab+0xdb/0x130 [ 387.740615] kmem_cache_alloc_node+0x287/0x780 [ 387.745209] __alloc_skb+0x9c/0x500 [ 387.749541] ? skb_scrub_packet+0x4b0/0x4b0 [ 387.753864] ? netlink_has_listeners+0x20a/0x330 [ 387.758618] kobject_uevent_env+0x781/0xc23 [ 387.762953] kobject_uevent+0x20/0x26 [ 387.766748] lo_ioctl+0x11e7/0x1ce0 [ 387.770375] ? loop_probe+0x160/0x160 [ 387.774176] blkdev_ioctl+0x96b/0x1860 [ 387.778066] ? blkpg_ioctl+0x980/0x980 [ 387.781958] ? __might_sleep+0x93/0xb0 [ 387.785846] ? __fget+0x210/0x370 [ 387.789307] block_ioctl+0xde/0x120 [ 387.792950] ? blkdev_fallocate+0x3b0/0x3b0 [ 387.797269] do_vfs_ioctl+0x7ae/0x1060 [ 387.801163] ? selinux_file_mprotect+0x5d0/0x5d0 [ 387.805921] ? lock_downgrade+0x740/0x740 [ 387.810072] ? ioctl_preallocate+0x1c0/0x1c0 [ 387.814482] ? __fget+0x237/0x370 [ 387.817941] ? security_file_ioctl+0x89/0xb0 [ 387.822348] SyS_ioctl+0x8f/0xc0 [ 387.825723] ? do_vfs_ioctl+0x1060/0x1060 [ 387.829874] do_syscall_64+0x1e8/0x640 [ 387.833760] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.838611] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.843796] RIP: 0033:0x45a4a7 [ 387.846977] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 387.854686] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 387.862063] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 387.869330] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 387.869336] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 387.869341] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:25 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:25 executing program 3 (fault-call:0 fault-nth:32): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:25 executing program 2 (fault-call:3 fault-nth:35): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:25 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) statfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) [ 388.178133] FAULT_INJECTION: forcing a failure. [ 388.178133] name failslab, interval 1, probability 0, space 0, times 0 [ 388.190554] CPU: 0 PID: 19319 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 388.197587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.206945] Call Trace: [ 388.209544] dump_stack+0x142/0x197 [ 388.213703] should_fail.cold+0x10f/0x159 [ 388.217864] should_failslab+0xdb/0x130 [ 388.221846] kmem_cache_alloc_node_trace+0x280/0x770 [ 388.226957] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 388.232419] __kmalloc_node_track_caller+0x3d/0x80 [ 388.237356] __kmalloc_reserve.isra.0+0x40/0xe0 [ 388.242544] __alloc_skb+0xcf/0x500 [ 388.246187] ? skb_scrub_packet+0x4b0/0x4b0 [ 388.250510] ? netlink_has_listeners+0x20a/0x330 [ 388.255268] kobject_uevent_env+0x781/0xc23 [ 388.259594] kobject_uevent+0x20/0x26 [ 388.263398] lo_ioctl+0x11e7/0x1ce0 [ 388.267024] ? loop_probe+0x160/0x160 [ 388.270831] blkdev_ioctl+0x96b/0x1860 [ 388.274724] ? blkpg_ioctl+0x980/0x980 [ 388.278739] ? __might_sleep+0x93/0xb0 [ 388.282641] ? __fget+0x210/0x370 [ 388.286191] block_ioctl+0xde/0x120 [ 388.289821] ? blkdev_fallocate+0x3b0/0x3b0 [ 388.294143] do_vfs_ioctl+0x7ae/0x1060 [ 388.298034] ? selinux_file_mprotect+0x5d0/0x5d0 [ 388.302791] ? lock_downgrade+0x740/0x740 [ 388.306943] ? ioctl_preallocate+0x1c0/0x1c0 [ 388.311355] ? __fget+0x237/0x370 [ 388.314815] ? security_file_ioctl+0x89/0xb0 [ 388.319225] SyS_ioctl+0x8f/0xc0 [ 388.322601] ? do_vfs_ioctl+0x1060/0x1060 [ 388.326749] do_syscall_64+0x1e8/0x640 [ 388.330642] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.335759] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.340950] RIP: 0033:0x45a4a7 [ 388.344133] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 388.344145] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 388.344150] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 388.344156] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 14:33:25 executing program 4: r0 = getpid() socketpair(0x5, 0x80003, 0x9f, &(0x7f0000000000)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={0x0, @in={{0x2, 0x4e20, @broadcast}}, [0x4, 0x100000000, 0x1, 0xfffffffffffffffa, 0x2, 0x10001, 0xffffffffffff8937, 0x2, 0x80000000, 0x4, 0x8, 0x200, 0x2, 0x2, 0x7]}, &(0x7f0000000100)=0x100) sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r5, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 388.344161] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 388.344173] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 388.389925] FAULT_INJECTION: forcing a failure. [ 388.389925] name failslab, interval 1, probability 0, space 0, times 0 [ 388.419443] CPU: 1 PID: 19321 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 388.426516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.435879] Call Trace: [ 388.438575] dump_stack+0x142/0x197 [ 388.442224] should_fail.cold+0x10f/0x159 [ 388.446390] should_failslab+0xdb/0x130 [ 388.450806] kmem_cache_alloc+0x2d7/0x780 [ 388.454967] ? selinux_file_mprotect+0x5d0/0x5d0 [ 388.459731] ? lock_downgrade+0x740/0x740 [ 388.464058] ? ioctl_preallocate+0x1c0/0x1c0 14:33:25 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = dup2(r5, r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 388.468483] getname_flags+0xcb/0x580 [ 388.472297] SyS_mkdir+0x7e/0x200 [ 388.475741] ? SyS_mkdirat+0x210/0x210 [ 388.475753] ? do_syscall_64+0x53/0x640 [ 388.475765] ? SyS_mkdirat+0x210/0x210 [ 388.487503] do_syscall_64+0x1e8/0x640 [ 388.491391] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.496243] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.501431] RIP: 0033:0x459a57 [ 388.504620] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 388.512328] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 388.519686] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 388.526964] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 388.534234] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 388.541496] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:25 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x705000, 0x0) write$P9_RLERRORu(r0, &(0x7f00000000c0)={0x15, 0x7, 0x2, {{0x8, 'vmnet1&\''}, 0x71b267b}}, 0x15) 14:33:25 executing program 2 (fault-call:3 fault-nth:36): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:25 executing program 3 (fault-call:0 fault-nth:33): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 388.630114] net_ratelimit: 14 callbacks suppressed [ 388.630119] protocol 88fb is buggy, dev hsr_slave_0 [ 388.640185] protocol 88fb is buggy, dev hsr_slave_1 [ 388.734272] FAULT_INJECTION: forcing a failure. [ 388.734272] name failslab, interval 1, probability 0, space 0, times 0 [ 388.751574] CPU: 0 PID: 19355 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 388.758714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.768077] Call Trace: [ 388.768099] dump_stack+0x142/0x197 [ 388.768120] should_fail.cold+0x10f/0x159 [ 388.768137] should_failslab+0xdb/0x130 [ 388.768147] kmem_cache_alloc_node_trace+0x280/0x770 [ 388.768161] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 388.768175] __kmalloc_node_track_caller+0x3d/0x80 [ 388.768189] __kmalloc_reserve.isra.0+0x40/0xe0 [ 388.768201] __alloc_skb+0xcf/0x500 [ 388.768211] ? skb_scrub_packet+0x4b0/0x4b0 [ 388.768222] ? netlink_has_listeners+0x20a/0x330 [ 388.768235] kobject_uevent_env+0x781/0xc23 [ 388.768252] kobject_uevent+0x20/0x26 [ 388.774442] lo_ioctl+0x11e7/0x1ce0 [ 388.782534] ? loop_probe+0x160/0x160 [ 388.782557] blkdev_ioctl+0x96b/0x1860 [ 388.782565] ? blkpg_ioctl+0x980/0x980 [ 388.782581] ? __might_sleep+0x93/0xb0 [ 388.842639] ? __fget+0x210/0x370 [ 388.846094] block_ioctl+0xde/0x120 [ 388.849720] ? blkdev_fallocate+0x3b0/0x3b0 [ 388.854033] do_vfs_ioctl+0x7ae/0x1060 [ 388.857915] ? selinux_file_mprotect+0x5d0/0x5d0 [ 388.862661] ? lock_downgrade+0x740/0x740 [ 388.866801] ? ioctl_preallocate+0x1c0/0x1c0 [ 388.871203] ? __fget+0x237/0x370 [ 388.874655] ? security_file_ioctl+0x89/0xb0 [ 388.879058] SyS_ioctl+0x8f/0xc0 [ 388.882415] ? do_vfs_ioctl+0x1060/0x1060 [ 388.886562] do_syscall_64+0x1e8/0x640 [ 388.890446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.895295] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.900499] RIP: 0033:0x45a4a7 [ 388.903694] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 388.912444] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 388.919711] RDX: 0000000000000007 RSI: 0000000000004c00 RDI: 0000000000000008 [ 388.926974] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 14:33:25 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 388.934248] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 388.941527] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 388.976855] FAULT_INJECTION: forcing a failure. [ 388.976855] name failslab, interval 1, probability 0, space 0, times 0 [ 389.035513] CPU: 1 PID: 19359 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 389.042570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.051949] Call Trace: [ 389.054544] dump_stack+0x142/0x197 [ 389.058187] should_fail.cold+0x10f/0x159 [ 389.062343] should_failslab+0xdb/0x130 [ 389.066319] kmem_cache_alloc_node_trace+0x280/0x770 [ 389.072209] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 389.077666] __kmalloc_node_track_caller+0x3d/0x80 [ 389.082613] __kmalloc_reserve.isra.0+0x40/0xe0 [ 389.087283] __alloc_skb+0xcf/0x500 [ 389.090910] ? skb_scrub_packet+0x4b0/0x4b0 [ 389.095234] ? netlink_has_listeners+0x20a/0x330 [ 389.099994] kobject_uevent_env+0x781/0xc23 [ 389.104327] kobject_uevent+0x20/0x26 [ 389.108226] lo_ioctl+0x11e7/0x1ce0 [ 389.111859] ? loop_probe+0x160/0x160 [ 389.115666] blkdev_ioctl+0x96b/0x1860 [ 389.119636] ? blkpg_ioctl+0x980/0x980 [ 389.123531] ? __might_sleep+0x93/0xb0 [ 389.127417] ? __fget+0x210/0x370 [ 389.130878] block_ioctl+0xde/0x120 [ 389.134510] ? blkdev_fallocate+0x3b0/0x3b0 [ 389.138836] do_vfs_ioctl+0x7ae/0x1060 [ 389.138851] ? selinux_file_mprotect+0x5d0/0x5d0 [ 389.138863] ? lock_downgrade+0x740/0x740 [ 389.138874] ? ioctl_preallocate+0x1c0/0x1c0 [ 389.138888] ? __fget+0x237/0x370 [ 389.138905] ? security_file_ioctl+0x89/0xb0 [ 389.138916] SyS_ioctl+0x8f/0xc0 [ 389.138928] ? do_vfs_ioctl+0x1060/0x1060 [ 389.147547] do_syscall_64+0x1e8/0x640 [ 389.147556] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.147574] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 389.147583] RIP: 0033:0x45a4a7 [ 389.147588] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 389.147600] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 389.147606] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 389.147611] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 389.147617] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 389.147622] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:26 executing program 2 (fault-call:3 fault-nth:37): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 389.147830] protocol 88fb is buggy, dev hsr_slave_0 [ 389.232824] protocol 88fb is buggy, dev hsr_slave_1 [ 389.232915] protocol 88fb is buggy, dev hsr_slave_0 [ 389.242923] protocol 88fb is buggy, dev hsr_slave_1 14:33:26 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:26 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 389.356779] FAULT_INJECTION: forcing a failure. [ 389.356779] name failslab, interval 1, probability 0, space 0, times 0 [ 389.395985] CPU: 1 PID: 19372 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 389.403038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.412821] Call Trace: [ 389.412840] dump_stack+0x142/0x197 [ 389.412859] should_fail.cold+0x10f/0x159 [ 389.412876] should_failslab+0xdb/0x130 [ 389.419061] kmem_cache_alloc+0x2d7/0x780 [ 389.419072] ? __d_lookup+0x3a2/0x670 [ 389.419085] ? mark_held_locks+0xb1/0x100 [ 389.419095] ? d_lookup+0xe5/0x240 [ 389.442852] __d_alloc+0x2d/0x9f0 [ 389.446313] d_alloc+0x4d/0x270 [ 389.449596] __lookup_hash+0x58/0x180 [ 389.453400] filename_create+0x16c/0x430 [ 389.457467] ? kern_path_mountpoint+0x40/0x40 [ 389.461976] SyS_mkdir+0x92/0x200 [ 389.465435] ? SyS_mkdirat+0x210/0x210 [ 389.469323] ? do_syscall_64+0x53/0x640 [ 389.473302] ? SyS_mkdirat+0x210/0x210 [ 389.477200] do_syscall_64+0x1e8/0x640 [ 389.481088] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.485949] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 389.485958] RIP: 0033:0x459a57 [ 389.485964] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 14:33:26 executing program 3 (fault-call:0 fault-nth:34): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 389.485975] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 389.485981] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 389.485985] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 389.485997] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 389.518140] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 389.565590] FAULT_INJECTION: forcing a failure. [ 389.565590] name failslab, interval 1, probability 0, space 0, times 0 [ 389.605367] CPU: 0 PID: 19387 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 389.612416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.621777] Call Trace: [ 389.624367] dump_stack+0x142/0x197 [ 389.628005] should_fail.cold+0x10f/0x159 [ 389.632162] should_failslab+0xdb/0x130 [ 389.636142] kmem_cache_alloc_node_trace+0x280/0x770 [ 389.641256] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 389.646711] __kmalloc_node_track_caller+0x3d/0x80 [ 389.651661] __kmalloc_reserve.isra.0+0x40/0xe0 [ 389.656334] __alloc_skb+0xcf/0x500 [ 389.659962] ? skb_scrub_packet+0x4b0/0x4b0 [ 389.664293] ? netlink_has_listeners+0x20a/0x330 [ 389.669059] kobject_uevent_env+0x781/0xc23 [ 389.673390] kobject_uevent+0x20/0x26 [ 389.677194] lo_ioctl+0x11e7/0x1ce0 [ 389.680829] ? loop_probe+0x160/0x160 [ 389.684805] blkdev_ioctl+0x96b/0x1860 [ 389.688694] ? blkpg_ioctl+0x980/0x980 [ 389.692586] ? __might_sleep+0x93/0xb0 [ 389.696473] ? __fget+0x210/0x370 [ 389.699956] block_ioctl+0xde/0x120 [ 389.703582] ? blkdev_fallocate+0x3b0/0x3b0 [ 389.707910] do_vfs_ioctl+0x7ae/0x1060 [ 389.711803] ? selinux_file_mprotect+0x5d0/0x5d0 [ 389.716559] ? lock_downgrade+0x740/0x740 [ 389.716575] ? ioctl_preallocate+0x1c0/0x1c0 [ 389.725102] ? __fget+0x237/0x370 [ 389.725120] ? security_file_ioctl+0x89/0xb0 [ 389.725133] SyS_ioctl+0x8f/0xc0 [ 389.725142] ? do_vfs_ioctl+0x1060/0x1060 [ 389.725155] do_syscall_64+0x1e8/0x640 [ 389.725168] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.750143] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 389.755332] RIP: 0033:0x45a4a7 [ 389.758515] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 389.766223] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 389.773490] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 389.780756] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 389.788127] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 389.795397] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 389.811392] protocol 88fb is buggy, dev hsr_slave_0 [ 389.817062] protocol 88fb is buggy, dev hsr_slave_1 14:33:26 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0xffffffffffffffb0}], 0x1, 0x0, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000000)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000100)=0x18) r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_PPC_GET_PVINFO(r2, 0x4080aea1, &(0x7f00000001c0)=""/237) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r6 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r6, 0x4b4a, 0x0) prctl$PR_MCE_KILL_GET(0x22) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x442, 0x0) mknod(&(0x7f0000000180)='./file0\x00', 0x6, 0x1) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r5, 0xae80, 0x0) 14:33:26 executing program 2 (fault-call:3 fault-nth:38): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 389.990126] protocol 88fb is buggy, dev hsr_slave_0 [ 389.995297] protocol 88fb is buggy, dev hsr_slave_1 [ 390.003304] FAULT_INJECTION: forcing a failure. [ 390.003304] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 390.015135] CPU: 1 PID: 19405 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 390.022167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.031536] Call Trace: [ 390.034137] dump_stack+0x142/0x197 14:33:26 executing program 3 (fault-call:0 fault-nth:35): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 390.037797] should_fail.cold+0x10f/0x159 [ 390.041976] __alloc_pages_nodemask+0x1d6/0x7a0 [ 390.047781] ? fs_reclaim_acquire+0x20/0x20 [ 390.052111] ? __alloc_pages_slowpath+0x2930/0x2930 [ 390.057145] cache_grow_begin+0x80/0x400 [ 390.061215] kmem_cache_alloc+0x6a6/0x780 [ 390.065367] ? selinux_file_mprotect+0x5d0/0x5d0 [ 390.070125] ? lock_downgrade+0x740/0x740 [ 390.074285] getname_flags+0xcb/0x580 [ 390.078128] SyS_mkdir+0x7e/0x200 [ 390.081587] ? SyS_mkdirat+0x210/0x210 [ 390.085483] ? do_syscall_64+0x53/0x640 14:33:27 executing program 1: r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/btrfs-control\x00', 0x40, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, 0x0, 0x180) r4 = getpgid(0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=0x0) r6 = gettid() bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x6d, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40), &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r6, 0xffffffffffffffff, 0x0, 0x0, 0x0, r7}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r7}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r7}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r5, 0xffffffffffffffff, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r7}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r4, 0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', r7}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, r3, 0x0, 0x0, 0x0, r7}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000000)='/loproc(\x00', r7}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000700)={r7}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000140)='\x00', r7}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r0, r2, 0x0, 0x6, &(0x7f0000000040)='btrfs\x00', r7}, 0x30) write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f00000000c0)={0x25, 0x37, 0x2, {0x1, 0x2, 0xfff, r8, 0x7, 'keyring'}}, 0x25) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x8, 0x0) [ 390.089464] ? SyS_mkdirat+0x210/0x210 [ 390.093364] do_syscall_64+0x1e8/0x640 [ 390.097256] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.102113] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.107305] RIP: 0033:0x459a57 [ 390.110498] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 390.118208] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 390.125602] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 390.132872] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 14:33:27 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0) recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/229, 0xe5}, {&(0x7f0000000340)=""/187, 0xbb}, {&(0x7f0000000080)=""/46, 0x2e}], 0x3, &(0x7f0000000400)=""/157, 0x9d}, 0x10000) [ 390.140142] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 390.147410] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 390.178787] FAULT_INJECTION: forcing a failure. [ 390.178787] name failslab, interval 1, probability 0, space 0, times 0 [ 390.190995] CPU: 1 PID: 19415 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 390.198032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.207389] Call Trace: [ 390.209990] dump_stack+0x142/0x197 [ 390.213628] should_fail.cold+0x10f/0x159 [ 390.213648] should_failslab+0xdb/0x130 [ 390.221758] kmem_cache_alloc_node_trace+0x280/0x770 [ 390.221773] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 390.221784] __kmalloc_node_track_caller+0x3d/0x80 [ 390.221795] __kmalloc_reserve.isra.0+0x40/0xe0 [ 390.221805] __alloc_skb+0xcf/0x500 [ 390.221813] ? skb_scrub_packet+0x4b0/0x4b0 [ 390.221825] ? netlink_has_listeners+0x20a/0x330 [ 390.221839] kobject_uevent_env+0x781/0xc23 [ 390.221855] kobject_uevent+0x20/0x26 [ 390.264095] lo_ioctl+0x11e7/0x1ce0 [ 390.267727] ? loop_probe+0x160/0x160 [ 390.271648] blkdev_ioctl+0x96b/0x1860 [ 390.275523] ? blkpg_ioctl+0x980/0x980 [ 390.279403] ? __might_sleep+0x93/0xb0 [ 390.283278] ? __fget+0x210/0x370 [ 390.286724] block_ioctl+0xde/0x120 [ 390.290697] ? blkdev_fallocate+0x3b0/0x3b0 [ 390.295005] do_vfs_ioctl+0x7ae/0x1060 [ 390.298879] ? selinux_file_mprotect+0x5d0/0x5d0 [ 390.303619] ? lock_downgrade+0x740/0x740 [ 390.308183] ? ioctl_preallocate+0x1c0/0x1c0 [ 390.312576] ? __fget+0x237/0x370 [ 390.316018] ? security_file_ioctl+0x89/0xb0 [ 390.320426] SyS_ioctl+0x8f/0xc0 [ 390.323775] ? do_vfs_ioctl+0x1060/0x1060 [ 390.327908] do_syscall_64+0x1e8/0x640 [ 390.331783] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.336614] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.341789] RIP: 0033:0x45a4a7 [ 390.344961] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 390.352652] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 000000000045a4a7 [ 390.359918] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 390.367171] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 390.374433] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 390.381699] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:27 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x705000, 0x0) write$P9_RLERRORu(r0, &(0x7f00000000c0)={0x15, 0x7, 0x2, {{0x8, 'vmnet1&\''}, 0x71b267b}}, 0x15) 14:33:27 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r6, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) r8 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x110002, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r8, 0x10e, 0x1, &(0x7f00000001c0)=0x4, 0x4) fcntl$setownex(r5, 0xf, &(0x7f0000000100)={0x0, r7}) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:27 executing program 3 (fault-call:0 fault-nth:36): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:27 executing program 2 (fault-call:3 fault-nth:39): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:27 executing program 1: mremap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000, 0x2, &(0x7f0000ffc000/0x1000)=nil) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 390.624880] FAULT_INJECTION: forcing a failure. [ 390.624880] name failslab, interval 1, probability 0, space 0, times 0 [ 390.673050] FAULT_INJECTION: forcing a failure. [ 390.673050] name failslab, interval 1, probability 0, space 0, times 0 [ 390.687094] CPU: 1 PID: 19444 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 390.694133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.703490] Call Trace: [ 390.706089] dump_stack+0x142/0x197 [ 390.710002] should_fail.cold+0x10f/0x159 [ 390.714163] should_failslab+0xdb/0x130 [ 390.718143] kmem_cache_alloc+0x2d7/0x780 [ 390.722285] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 390.727734] ? ext4_sync_fs+0x800/0x800 [ 390.731701] ext4_alloc_inode+0x1d/0x610 [ 390.735758] alloc_inode+0x64/0x180 [ 390.739371] new_inode_pseudo+0x19/0xf0 [ 390.743337] new_inode+0x1f/0x40 [ 390.746690] __ext4_new_inode+0x32c/0x4860 [ 390.750925] ? avc_has_perm+0x2df/0x4b0 [ 390.754904] ? ext4_free_inode+0x1210/0x1210 [ 390.759357] ? dquot_get_next_dqblk+0x160/0x160 [ 390.764019] ext4_mkdir+0x331/0xc20 [ 390.767672] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 390.772418] ? security_inode_mkdir+0xd0/0x110 [ 390.776988] vfs_mkdir+0x3ca/0x610 [ 390.780525] SyS_mkdir+0x1b7/0x200 [ 390.784061] ? SyS_mkdirat+0x210/0x210 [ 390.787948] ? do_syscall_64+0x53/0x640 [ 390.791920] ? SyS_mkdirat+0x210/0x210 [ 390.795826] do_syscall_64+0x1e8/0x640 [ 390.799702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.804546] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.809723] RIP: 0033:0x459a57 [ 390.812904] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 390.820607] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 390.827875] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 390.835131] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 390.842390] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 390.849655] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 390.863909] CPU: 0 PID: 19451 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 390.870944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.880384] Call Trace: [ 390.882977] dump_stack+0x142/0x197 [ 390.886700] should_fail.cold+0x10f/0x159 [ 390.890857] should_failslab+0xdb/0x130 [ 390.894834] kmem_cache_alloc+0x2d7/0x780 [ 390.898984] ? selinux_file_mprotect+0x5d0/0x5d0 [ 390.903744] ? lock_downgrade+0x740/0x740 [ 390.907898] ? ioctl_preallocate+0x1c0/0x1c0 [ 390.912324] getname_flags+0xcb/0x580 [ 390.916130] SyS_mkdir+0x7e/0x200 [ 390.919583] ? SyS_mkdirat+0x210/0x210 [ 390.923476] ? do_syscall_64+0x53/0x640 [ 390.927445] ? SyS_mkdirat+0x210/0x210 [ 390.931326] do_syscall_64+0x1e8/0x640 [ 390.935206] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.940048] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.946185] RIP: 0033:0x459a57 [ 390.949365] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 390.957068] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 390.964328] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 14:33:27 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:27 executing program 2 (fault-call:3 fault-nth:40): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 390.971590] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 390.978850] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 390.986391] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 391.005604] print_req_error: I/O error, dev loop0, sector 128 14:33:27 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:27 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='\x00\x101\x00\x11J', &(0x7f0000000100)='./file0\x00', 0x3, 0x1, &(0x7f0000000040), 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x381200, 0x0) write$FUSE_INIT(r0, &(0x7f00000001c0)={0x50, 0x0, 0x3, {0x7, 0x1f, 0x6, 0x10, 0x8, 0xb74b, 0xd34, 0x9}}, 0x50) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) 14:33:28 executing program 3 (fault-call:0 fault-nth:37): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 391.182057] FAULT_INJECTION: forcing a failure. [ 391.182057] name failslab, interval 1, probability 0, space 0, times 0 [ 391.193637] CPU: 1 PID: 19475 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 391.200747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.210109] Call Trace: [ 391.212705] dump_stack+0x142/0x197 [ 391.216336] should_fail.cold+0x10f/0x159 [ 391.220491] should_failslab+0xdb/0x130 [ 391.224468] __kmalloc+0x71/0x7a0 [ 391.227925] ? mls_compute_context_len+0x3f6/0x5e0 [ 391.232855] ? context_struct_to_string+0x33a/0x630 [ 391.237880] context_struct_to_string+0x33a/0x630 [ 391.242731] ? security_load_policycaps+0x320/0x320 [ 391.247752] security_sid_to_context_core+0x18a/0x200 [ 391.252947] security_sid_to_context_force+0x2b/0x40 [ 391.258053] selinux_inode_init_security+0x493/0x700 [ 391.263172] ? selinux_inode_create+0x30/0x30 [ 391.267676] ? kfree+0x20a/0x270 [ 391.271056] security_inode_init_security+0x18d/0x360 [ 391.276252] ? ext4_init_acl+0x1f0/0x1f0 [ 391.280314] ? security_kernel_post_read_file+0xd0/0xd0 [ 391.285667] ? posix_acl_create+0xf5/0x3a0 [ 391.289891] ? ext4_set_acl+0x400/0x400 [ 391.293859] ? lock_downgrade+0x740/0x740 [ 391.298000] ext4_init_security+0x34/0x40 [ 391.302138] __ext4_new_inode+0x3385/0x4860 [ 391.306453] ? ext4_free_inode+0x1210/0x1210 [ 391.310850] ? dquot_get_next_dqblk+0x160/0x160 [ 391.315508] ext4_mkdir+0x331/0xc20 [ 391.319123] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 391.323867] ? security_inode_mkdir+0xd0/0x110 [ 391.328434] vfs_mkdir+0x3ca/0x610 [ 391.331960] SyS_mkdir+0x1b7/0x200 [ 391.335485] ? SyS_mkdirat+0x210/0x210 [ 391.339366] ? do_syscall_64+0x53/0x640 [ 391.343325] ? SyS_mkdirat+0x210/0x210 [ 391.347201] do_syscall_64+0x1e8/0x640 [ 391.351074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.355907] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.361080] RIP: 0033:0x459a57 [ 391.364251] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 391.371942] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 391.379198] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 391.386448] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 391.393800] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 391.401069] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 391.416586] FAULT_INJECTION: forcing a failure. [ 391.416586] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 391.428561] CPU: 0 PID: 19479 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 391.435588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.444945] Call Trace: [ 391.447548] dump_stack+0x142/0x197 [ 391.451198] should_fail.cold+0x10f/0x159 [ 391.455350] __alloc_pages_nodemask+0x1d6/0x7a0 [ 391.460027] ? fs_reclaim_acquire+0x20/0x20 [ 391.464354] ? __alloc_pages_slowpath+0x2930/0x2930 [ 391.469379] cache_grow_begin+0x80/0x400 [ 391.473454] kmem_cache_alloc+0x6a6/0x780 [ 391.477608] ? selinux_file_mprotect+0x5d0/0x5d0 [ 391.482367] ? lock_downgrade+0x740/0x740 [ 391.486516] getname_flags+0xcb/0x580 [ 391.486531] SyS_mkdir+0x7e/0x200 [ 391.486542] ? SyS_mkdirat+0x210/0x210 [ 391.486552] ? do_syscall_64+0x53/0x640 [ 391.486563] ? SyS_mkdirat+0x210/0x210 [ 391.493810] do_syscall_64+0x1e8/0x640 [ 391.493819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.493837] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.493851] RIP: 0033:0x459a57 [ 391.522889] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 391.530606] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 391.537875] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 391.545139] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 391.552408] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 391.559678] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:28 executing program 2 (fault-call:3 fault-nth:41): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:28 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:28 executing program 1: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) sendmsg$sock(r0, &(0x7f0000000440)={&(0x7f0000000080)=@xdp={0x2c, 0x4, r4, 0x5}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)="f9ce7836a95bc994d89b192b3237200d0db5bb83d20e9b3955454fd450ea059229f8d4172aa52e3768b614c6f635e29f1d83cafee8dfccd0950d18cae7d367379a9df00ade7d0ee6773954154d458db1ee4aef9439896bfd43443460baf73c901a2b518cb65e9204a09f2c0f32cb1d62173e38a745f6b545dfae126aa51895e54f4094b0bcde7b3a4ea8060d77db1ebb49c3b044624a5072f63f14ca57d6895a8327b2a4c7cf219142c56cd0fd6239ca5ca67d893afbe61d5b723e04", 0xbc}, {&(0x7f0000000200)="9060327ba225fedcb82f8d568518d7a7de577a7192da7fd2c457ecae834739e188f84167c6acafa38d52e7efe2c88988cc9c1a9a910377885cc557a22a92d58a", 0x40}, {&(0x7f0000000340)="bb3de05514e278aef3933598317e60d42bf5dd3f87f4230d8a5e611fd32cf9b4b2c65dcdf18a56501044fd2e9633da9a7be3afd2f3d498c97c186ad2a247455488041b6d3883dd57b438a17cd1f602714afda7d80caedfb1b52692207e2df13621d17c26a9a51d53e45d743f85f50d96ee9a489b15d1235fc838c547fced88b480457d5d45f31abe5cfdae86d16d7d5ea70b99a80405165af5f7941910f3cd898d4defdeb4bc5519871324dbfe0a89803225cf8724acdf55eb1ddda8a6cc38bdcbab63116e6a0512c0a26358f2cd7e956f8ab43ec7bdbb8d97bcbc6d5276", 0xde}], 0x3, &(0x7f0000000280)=[@timestamping={{0x14, 0x1, 0x25, 0x7}}], 0x18}, 0x10) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 391.781109] FAULT_INJECTION: forcing a failure. [ 391.781109] name failslab, interval 1, probability 0, space 0, times 0 [ 391.817584] CPU: 1 PID: 19499 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 391.825760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.835122] Call Trace: [ 391.835143] dump_stack+0x142/0x197 [ 391.835162] should_fail.cold+0x10f/0x159 [ 391.835177] should_failslab+0xdb/0x130 [ 391.835188] kmem_cache_alloc+0x2d7/0x780 [ 391.835196] ? __debug_object_init+0x171/0x8e0 [ 391.835206] ? ext4_alloc_inode+0x1d/0x610 [ 391.835223] selinux_inode_alloc_security+0xb6/0x2a0 [ 391.835235] security_inode_alloc+0x94/0xd0 [ 391.835246] inode_init_always+0x552/0xaf0 [ 391.835256] alloc_inode+0x81/0x180 [ 391.879673] new_inode_pseudo+0x19/0xf0 [ 391.883641] new_inode+0x1f/0x40 [ 391.886991] __ext4_new_inode+0x32c/0x4860 [ 391.891222] ? avc_has_perm+0x2df/0x4b0 [ 391.895272] ? ext4_free_inode+0x1210/0x1210 [ 391.899682] ? dquot_get_next_dqblk+0x160/0x160 [ 391.904344] ext4_mkdir+0x331/0xc20 [ 391.907961] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 391.912614] ? security_inode_mkdir+0xd0/0x110 [ 391.917181] vfs_mkdir+0x3ca/0x610 [ 391.920708] SyS_mkdir+0x1b7/0x200 [ 391.924320] ? SyS_mkdirat+0x210/0x210 [ 391.928191] ? do_syscall_64+0x53/0x640 [ 391.932150] ? SyS_mkdirat+0x210/0x210 [ 391.936030] do_syscall_64+0x1e8/0x640 [ 391.939899] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.944732] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.949906] RIP: 0033:0x459a57 [ 391.953079] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 391.960769] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 391.968019] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 391.975271] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 391.982523] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 391.989776] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:29 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4cb, 0x2000000, 0x0, 0x0, 0x0, 0x3], 0x105002, 0x40000}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:29 executing program 3 (fault-call:0 fault-nth:38): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:29 executing program 2 (fault-call:3 fault-nth:42): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:29 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x6, &(0x7f0000000400)=[{&(0x7f0000000140)="dc02c47265f0dd784ce6808d37a7560c1f5108ba52e02372c17953175d0a64ac64973d56e00f295867f58b6ea041f1703e489f32c823fd306a43202f02ce14d906fb3d27aa73923e46683c4fedd949970b690030f7332e671c4d38cac57aa7f358706de449f8dce75db32e8ce2adbaf3df1860feeb6d28354779d1afeee2ad193f77d37d883726be6da7e71a7053b269244a2dda00", 0x95, 0x2}, {&(0x7f0000000080)="0a6e698588a88f7b3e6a6f423c21cafe3ebd1ec7d65adcf7018a79410a606c1836db0de984618bc44c0b641de9fa0abe0a706511a219574d18187c65bbf93d420e12462c682f781565c19b0e98da289b3a963fffabb0bf9bf3794955e3ce3a3db44272960b2b1a9edacd7508", 0x6c, 0x7f}, {&(0x7f0000000200)="c21f20e5a4fc0a3847a8663c496858ab92cf9d3e2b365c95428f937091497e83b007079d20e1d5f219b706c5baf20fbc4a9d6017518e58027e4c9e2413d1ed662ea91629ec204b78dfeac764ff4dcb999ff0708533df6590f2d3573e0631df2740957317c1d0a3b64ffbb12563ddadac4a6dc55deb334b6c46045091900fee2c6ef857ced6", 0x85, 0x401}, {&(0x7f0000000340)="0cc0dd546b105e94566e2cf3900262bb4fbc35608e9bee8000f94be6e8ed81905679ae247556859933ae2314432965e6e793728ab6e26ee70c710b75162bec8d66baa0b51ee0d46c348e705ab92f27a8cef525c7e32fde5f6d15b47a8c6d31e2d8c4bee767421d30d8f9f3c6ea52b028f57a241671aaeaff2c2532a546581df75af577303dffbad1b9c5c6de6422a99bdf3da62f30fd8bd0eac014419dd7504bd60d", 0xa2, 0x6}, {&(0x7f0000001540)="369624d7f63cc4965779e9323c1a1601bef35cc5eb0a945f420e84b5367bf5da9e59025c88dd536529a4039dd51d7036469f1b2cbf3491a080693105b26060036bda4c2b1c68830db07a5f43cb58285bf6dfd84397f9cc5fdb05b78f6337d68dc43e601c8776f86dd23b8548c381cb78a06709dbeeb59147326aef536eb34e7feb66731b2f675340445c5c3eb5cd5816bbe64ad2b1d14c0058e625f4da2c9cc20ca594b9e741aaf97128093ba68864e873f9df9df651f2a70db3438fba8aba576e9f2ebc97cd9dfa0e9fccd0eba4a8f4240558e3d44dbbe600eb892713c3414c453daf0b02525a396907bd5ca62e33e71f8761ecfdfdd13719d3e62edbad4a6cde395d9781a68b898a50c416503d4019d1030c2c591f7e2be11dc0c2c3ff3936e662e821ca7881751ff55801bf32852d2246c03fa6f135fef7f84142c80c790678d5328bbd08b215508871ce269335521c23e112e50e7840574ddb77945ab12bd9437dfd576904338d851ce17c83834f6daf06c51bd542920cc2ab0b7ba3e65b6a74be47e21f94b887c7de07143f5605cee718997e0d14ff8aae21b92ae818c55dc036db63c1bf796f503ef3ca38f9a7f4c110be798a4e6bd7c5931a993adfd215678ae100b1a0aedc6d42de7d3a8ab4a254871c3e282417a83314225584d8571839488149bb354e588ba16b96fbcfb358bb53daf78fb80fda1f269e311363c2577a419014a5ccc75ce1b7150c3b1b5f2059c6cbc8637e4f4872b706338015390d97ee5fdd8114f950f78f6aadc22b5e698ba8413ec2d376ec4f3358bb91ec4bf300abe2e842d073a526293fce99f6391aba730adc09debf67d0cc82f5a18a6be941fad74faaa5d0b940801791ab5b6f1f36086807ebc84641123a525c715e22a96f0c8fa26e3a6b3610608028ecd92dfb86a07d7b74bf1522b9cc90677542c1e01b133402011bc47aeaf1ed1253430fa43604ced430209b7f26e0a12ba1c5bee655dd983571f720a65d0e579b65b37f3a1e42789791f9d218cbc1b091ccba761b1670b783916868740572caefae9b943d620bfa5296bb8e357d7f7c9832bddc58ed743b1ca2882a3de35acc2695fbd6bb371737e1064cd97b9f7072a0c69289ff4f165d99665d8def1442a3abdc753a3e657bc2ac996814e4d91fa32eef0f719c1896aa9398fc3c7eaaabd986ef780cd354eda8e0ba79e9478c5505ed1905d5737851f4b0679269102ce61dc035bb5b6ff56e54f7ced686ee7a034316cae141d10857d3e18961e83c9a13fa85e29f806869afb280d86d32647753288ca1f352022e115e862d8a109d9388f2239dc75fe5c22ef9437a41721255618648c37f1d5222335b37d863ae209b085c25aff0326dec1af86d770303e352688afa82c11ef3f96625982b4a8199f6d2d6efe7d1895e34afeec59891f31795be9cb30873f854743d6fbb120f2bde737049b492dab19d69abedc56a0d60f0d0fdf4070568113e461917e982b42946bd7dedac2a7b35de866b5485bd7d06c10437982883338d7387e7c47de2e7c0a08645b59efda2672cf0f38e3a4cadd65ca448ddeceab1d08614e5014eac81d5cbffa261400879262e394319572fb7dbdbc732199ed56fc8f35d544bd60bc7267e7de4b00642294acd7a4a9696b4ff4e376ff2cf8c722e9281144c97f4504c13588db721c283db0e0c7539ee6765edf1e06a167d94ad09b1a0df997da4e84bfbb3926cf231a4339e545b8b3b47001ea5c15bee65ce84d199a2797bbd67a8e33a1443d39076d4afbca49477e29957416c3a65863a4b32a9b2a47168b1f0e05d0bdd0883d1eff717182f5943119fdcae8e52bf149cea7a50c0067b01e15fbc8ab4befe289959bb85a22f80beb0a9e354cdf4086d0fb966a1964b4e3eefe6ee25f20b33ce2747c41771ef7f81395a39701c3e1f03dde85bdafb55a02b1030c276eabab6716f72e8c16c089e4cc7089b85fc743b714228d39178754497dc7fb5bda6ef1e6bdef61310ae2d6f2001e43e20ac009d20129f15b3c6636425de2e92f17ef8e34879be057e02e76fbd2c516d3a939fad92a43bc7584f865d6ae956facffd1dc688d6b24f0978a60e34904b7a6e3975b6d683bc13e604a7ab2f6cc4a8e85a3fd45673486d053a02512cfc95d5da47b2676b60326a26b2ebb6f2fd102367de00c258aad713918e74d36aac2c32536f603e8fcc956e146a3b62b47aea038acf2a5a1b3a4bdbadbdad20746f5963c06d072688221c1ad9789b96a656dbf364edc4c7de5df78befffcafb3d038777e13d87cad0812fbbbd6ce62dee3d4c6a654f90af68b76fc30c7864018ef17a3d2367bbb8aa7875daf9ffb221b63549bdc4ccbaf2291e6ca30870fee0991c9afdbb7faa27b793612aa0843514349ee4ccfec0334653be10427de0b657f25f2adc694d2341c0356370d50517cc710cd9d3430592410fd3acb4ed8789ca76c1180dd5abc550e026ac2117fdd5fb5a0a9c13a1edb65a67dcc5e65eb37ff141c520c4f620ca31a4e2e676ff864f4fe9214ce1e833d469892de40e78322724a45a63fd1548491640ed58e0c4326e0e510e94772d0602cd31c170c80d68c5c69dfc7a09a84b2a18bfe9be1c754f3729dddb183c9dd4b0dbb7fff7cbd67e0d12783fae1d609f534b022a8fa13e947033ad2ee3e482be460b9bc07847d4ecc5293f8e19fbf9b70ea44b5331bf8313f366e2edad05f2e165e3510433fa7d298071d15f199d8ab8d42702e3840e3954bf3ccf7f0ac0efc7b2794eff58799b9003b74e8fd854e93de036233c1aeb3ed281e2672222a1c7230394b1331d25dcdda3639479a75fd0b841048338a63e2c62cc20a7f676d6b4c5c9312fd639bcd0456cf5fc3f48bdbfa28ad76d06f179acc118a4cf70581143ef0413aa63e76479e6f60c7b3b8e877588e1670dc4f53d5efe90920dfa5432fb320ed1ecf23c62596b41a29f9c8903b0a3bdd851eed457ccb414f53362a46263e820808c0756c35778a1642573b1f2834f3c1c3cea691d7dc234ff10886316fc6062acf5d93d2030b367dbdfd9603754e3fdd5d8302f8db10f4e7aa42992a4ca24122adf972fde7d313467d63c506e73fa08ee066d1e0d7319bf26c8ad537d8b4e80b384f96f740d044ffd4056f6ecfd779183fa7eba15e582bef2f49bf93da479ec48ed93ff2763a2d40fd3e260460882dbae0c260e16248fff5a99dd366b2b8aaa6b22f0dbaeae2b43653c41f332555fec81c49000da41055aa193e00b477ef2e8de967e496f5963190a03fa4dc25f6630c4480ed3bd6990b36718540fd28d08c9f03ab978e2c5e7c9075326082addc183eff7981454602f669bad3cb02bf067fe24b416d4320b4ba656ba54279b832e19c563727e564aa6c78b857255992558b8c64a20f9e150a5e6d95a7386785e4576a2994eba02539ec1b9ea73518e3d56b12e9648f93cf677d6ec761e323bf0f53dd2139db3a42eb55a1242ee78ed4324d5c0eefd39f58b812c386676cab31dde9a82dd149aae097e37fc2b233b78ab43832d4373c58e01ababfd810e96f3f5b21e389c1f53833a5609b6fd81e753286e662db240218b40a501d0b9b27bc12400b2ad4fa7ff15026d6812e44701e3f908d83b801c099c6b45bda8306c35f5845e290c1ab0698742db45802d269c14e563fae2f86533b09a0df348e0bfb3df8acf0c4d28e0f7a545910770fdcafdbcf0a7f2b2c53155e499cd2563dbf5f970cd7b3e6b2ba69081f423f075c713666a8a8741c3284ad7f73d41b242c714f9ca2107bfc68a405e57e0e038f4d3afa582ab6c176395d5b1146d9441615573770132fb2e021c6a9fc6f10b6c094e1b8196231076c9da6a610b1cd0198085f3e0fc3d804011ab581bb7b7bf803dc0c98cc6137f8a905c1a35ca61715916d68c5a8f5ca8185b5d7201779d4f254f2714b2611707dcfdcfcbfed1b46fbddff34df05a4d305d6d9ad14d95a5ffccc97d0c30060fa4b437a6bf1c0c19526ba869da33ff5a8a8bd3ba3a32ef1f2937b24429a9d96e71a7169f1ad7cc2a16ea19628d6ca497c1110708067c584099678d26172bdf6a353b2e3e048fa6d088f644b2f1fd521bdd28b743c60c97eaf46eb943e63d7862b65ad4ea7416e9e40d2df47014d5c5d0bb4c89d2fb074187f1a8cb97d6e686d2ebf7fa800322233fa9e78b1bdcd983432e5b0ffca9291143d430ee9d069f6769301fe319f19daa129862275e75b604c43cd5d93c58c0acb1e35c9ff2da8d0654f6468b32a53a6c5d9d98dab04741eb0b892124de171d8869222a438a271a98e60dd7afa357aff8ef743c9c6e594fa35654d9f09b83702c860f8100cd6b3b337e22f14b6bd4c6d816d137324047bf4de5aa27914b416d258b514f96cca453de42ddb7cf467fc9339aca27b9c0db1d9e8c8da94335f29d122233cde79a49e09413fdeec4472a92bcfd416a2140a1d84fe01ce28ad53d199214389bda8bb3d4f65af318a9d44d6377dca79c9e2579dcc2d68cc2758453fb58c42a8e5b1a0c28bb28ca9d44ef05aba24f7b39898b4bb67156df3920db78a868b4471ae5561898c92a35e12140518ec3de68370be497766ce3a79c4a8aa97292ce020e293bc4df408c0600fe241450feed642623b3eba5af0d14bcd0cb90fd1b4d95926c8956caec5723ecb6f9902b8a1daa8480b701294d931410f41a431da1035b7e8ab7f0f072b4cd1eb45bfc8e8cfda08f06f4ae6778b3bf349ca4868b7d98970ef8fbcd0ed3cc703a83ac800cce97e46725232734af875b39154148f76783c01a4fcd733c34a5698a780f33c35281df12c0358aa42ec4706a899594c037bcca0be72e70a8e8f49454894af14a33e47fe004b4bfb32f81e6c7d2e4063c82a11459e1c8ce524a337ea2628f5c1f256faf43f0e886b1bf7c3ad1a54b6c5deb3cb7095fa0b62b20a6910d77256a1e79f0aa8bccd6536ab4a653ed25e84de978b74c217af22210d9233d7c86bfa093579ffcf67e3d1189b0fbd88fd2f92b55d8ef952fbef99a72789b050e3dd4eeb33cc53521ad4863d90d1bb332e86023a16e5e4d9921865668927db3f82ae5b7ee2f396583dc006df5b5af89a75b0d1ba93f70593f82e182b4bc6ff94b6642def3e81b3172bf403db81a5cee94199bc90875f1c228f14d3dbf1abd5f0adc6df140e6dbbf5c89a91c1693897f5926fc80604a6202e0e02c70be2351b6bcd65d5c6dd708f4fc4b2feebe8e921b269fcab817d5843316ada9079ef50d39b50d52ad39d64dc9cd1abce56cdfd7ddc2d8552d6f42593c97de3ac91ac4bd6bfe19d0dd285b2da6d8490078060c3d891ce3b53ffc33b28b841780ab4ac5a8bffcc1724cc4c52054eb46f3cee4e665e5b200dabbf858812d57108a66ccb27b981d7fd8a5cda454281fbb09af0bc857d426eab57d576783df1a77c5e12d0443fdd5733aeee780d695597eb9fcc34c3a1afe82d35849bc32478ebea0e0ae81bbb088cb6f5d1a96a3977df36e8731c2d02bca17f73ffa407eae9efc150a2a103d49a58ea9c65425207542e0f3768b532fce5325208a934442594a1479998fca61a833b5238a0c5eeaf209d48f93e972e28553605ce8da056e17ecf8193dc18affcd9fd21fd786afbaec5839d4deb72550464ff7564a15bd9667189b8ef91912486256d10c1980f0226cfdcc69def8df3528f494ae9014e550388e07baa961faa0911266d5ff72e1b2939039d633daccab6f92e1c7aecf66d97a36b314461918650748415dfae06807c51e40973c2549ec4d3e68eb36910a5b5d16c731dd1eecd5f714c94039407429e706617de58e01841c30a794f2988125f1f527e09d6fcc3d3aa49fa45809b100e3b5eb660f451492bfb134a7883877410e3b7649028a5107a9d396262d9b16f53e9454f2940a85e987f4b83e041a84b03acc3bb77c781cbf3117103950329cdc0c4277ca5b28c46a8a314b8e5e269aa958a2eec91e1d5c12ff9e8f1720c88df35b4299e26df3", 0x1095, 0xfffffffffffff2e9}, {&(0x7f0000001400)="d4f747120eacf0cb2f96d4573022bec023679fccf8104ca0c9d5e689b6a1bd2367afe9b928c5cccf2a91a95a4b8382f6c536092cd355768ee000cdc8df699f05aa7bbf759f5be760ef1845c46f3205b24b34b373", 0x54, 0xfff}], 0x0, 0x0) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x80000, 0x0) setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f00000002c0)=0xfffffffa, 0x4) [ 392.208451] FAULT_INJECTION: forcing a failure. [ 392.208451] name failslab, interval 1, probability 0, space 0, times 0 [ 392.226982] FAULT_INJECTION: forcing a failure. [ 392.226982] name failslab, interval 1, probability 0, space 0, times 0 [ 392.236476] CPU: 1 PID: 19518 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 392.245244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.255119] Call Trace: [ 392.257710] dump_stack+0x142/0x197 [ 392.261498] should_fail.cold+0x10f/0x159 [ 392.265661] should_failslab+0xdb/0x130 [ 392.269642] __kmalloc+0x2f0/0x7a0 [ 392.273186] ? ext4_find_extent+0x709/0x960 [ 392.277518] ext4_find_extent+0x709/0x960 [ 392.281670] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 392.287122] ext4_ext_map_blocks+0x1a3/0x4fa0 [ 392.291616] ? save_trace+0x290/0x290 [ 392.295422] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 392.300436] ? __lock_is_held+0xb6/0x140 [ 392.304503] ? lock_acquire+0x16f/0x430 [ 392.308475] ? ext4_map_blocks+0x402/0x17c0 [ 392.312802] ext4_map_blocks+0xd3c/0x17c0 [ 392.316947] ? __lock_is_held+0xb6/0x140 [ 392.321001] ? check_preemption_disabled+0x3c/0x250 [ 392.326111] ? ext4_issue_zeroout+0x160/0x160 [ 392.330605] ? __brelse+0x50/0x60 [ 392.334057] ext4_getblk+0xac/0x450 [ 392.337684] ? ext4_iomap_begin+0x8a0/0x8a0 [ 392.342001] ? ext4_free_inode+0x1210/0x1210 [ 392.346413] ext4_bread+0x6e/0x1a0 [ 392.349946] ? ext4_getblk+0x450/0x450 [ 392.353833] ext4_append+0x14b/0x360 [ 392.357547] ext4_mkdir+0x531/0xc20 [ 392.361193] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 392.365859] ? security_inode_mkdir+0xd0/0x110 [ 392.370434] vfs_mkdir+0x3ca/0x610 [ 392.373975] SyS_mkdir+0x1b7/0x200 [ 392.377510] ? SyS_mkdirat+0x210/0x210 [ 392.381396] ? do_syscall_64+0x53/0x640 [ 392.385366] ? SyS_mkdirat+0x210/0x210 [ 392.389249] do_syscall_64+0x1e8/0x640 [ 392.393487] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.398334] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.403520] RIP: 0033:0x459a57 [ 392.406706] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 392.414410] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 392.421689] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 392.428973] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 392.436247] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 392.443520] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 392.481203] CPU: 1 PID: 19517 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 392.488262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.497620] Call Trace: [ 392.500207] dump_stack+0x142/0x197 [ 392.503835] should_fail.cold+0x10f/0x159 [ 392.507993] should_failslab+0xdb/0x130 [ 392.511975] kmem_cache_alloc+0x2d7/0x780 [ 392.516124] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 392.521574] ? ext4_sync_fs+0x800/0x800 [ 392.525543] ext4_alloc_inode+0x1d/0x610 [ 392.529611] alloc_inode+0x64/0x180 [ 392.533233] new_inode_pseudo+0x19/0xf0 [ 392.537200] new_inode+0x1f/0x40 [ 392.540562] __ext4_new_inode+0x32c/0x4860 [ 392.544818] ? avc_has_perm+0x2df/0x4b0 [ 392.548788] ? ext4_free_inode+0x1210/0x1210 [ 392.553196] ? dquot_get_next_dqblk+0x160/0x160 [ 392.557869] ext4_mkdir+0x331/0xc20 [ 392.561500] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 392.566166] ? security_inode_mkdir+0xd0/0x110 [ 392.571533] vfs_mkdir+0x3ca/0x610 [ 392.575075] SyS_mkdir+0x1b7/0x200 [ 392.578610] ? SyS_mkdirat+0x210/0x210 [ 392.582586] ? do_syscall_64+0x53/0x640 [ 392.586553] ? SyS_mkdirat+0x210/0x210 [ 392.590437] do_syscall_64+0x1e8/0x640 [ 392.594318] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.599163] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.604347] RIP: 0033:0x459a57 [ 392.607528] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 392.615250] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 392.622515] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 392.629788] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 392.637052] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 392.644331] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:29 executing program 3 (fault-call:0 fault-nth:39): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:29 executing program 2 (fault-call:3 fault-nth:43): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 392.840775] FAULT_INJECTION: forcing a failure. [ 392.840775] name failslab, interval 1, probability 0, space 0, times 0 [ 392.853430] CPU: 1 PID: 19541 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 392.860468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.869934] Call Trace: [ 392.869951] dump_stack+0x142/0x197 [ 392.869969] should_fail.cold+0x10f/0x159 [ 392.876159] should_failslab+0xdb/0x130 [ 392.884266] kmem_cache_alloc+0x2d7/0x780 [ 392.887180] FAULT_INJECTION: forcing a failure. [ 392.887180] name failslab, interval 1, probability 0, space 0, times 0 [ 392.888411] ? __d_lookup+0x3a2/0x670 [ 392.888423] ? mark_held_locks+0xb1/0x100 [ 392.888432] ? d_lookup+0xe5/0x240 [ 392.888451] __d_alloc+0x2d/0x9f0 [ 392.914498] d_alloc+0x4d/0x270 [ 392.917763] __lookup_hash+0x58/0x180 [ 392.921548] filename_create+0x16c/0x430 [ 392.925596] ? kern_path_mountpoint+0x40/0x40 [ 392.930079] SyS_mkdir+0x92/0x200 [ 392.933517] ? SyS_mkdirat+0x210/0x210 [ 392.937386] ? do_syscall_64+0x53/0x640 [ 392.941343] ? SyS_mkdirat+0x210/0x210 [ 392.945216] do_syscall_64+0x1e8/0x640 [ 392.949086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.953921] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.959095] RIP: 0033:0x459a57 [ 392.962268] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 392.970056] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 392.977309] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 392.984647] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 392.991900] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 392.999170] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 393.006439] CPU: 0 PID: 19546 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 393.013457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.022817] Call Trace: [ 393.025421] dump_stack+0x142/0x197 [ 393.029065] should_fail.cold+0x10f/0x159 [ 393.033227] ? __es_tree_search.isra.0+0x15f/0x1c0 [ 393.038426] should_failslab+0xdb/0x130 [ 393.042410] kmem_cache_alloc+0x47/0x780 [ 393.046486] __es_insert_extent+0x26c/0xe60 [ 393.050812] ext4_es_insert_extent+0x1f0/0x590 [ 393.055393] ? check_preemption_disabled+0x3c/0x250 [ 393.060424] ? ext4_es_find_delayed_extent_range+0x960/0x960 [ 393.066317] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 393.071783] ? ext4_es_find_delayed_extent_range+0x31d/0x960 [ 393.077585] ext4_ext_put_gap_in_cache+0xcb/0x110 [ 393.082419] ? ext4_zeroout_es+0x170/0x170 [ 393.086640] ? ext4_find_extent+0x64c/0x960 [ 393.090952] ext4_ext_map_blocks+0x1d4b/0x4fa0 [ 393.095533] ? save_trace+0x290/0x290 [ 393.099322] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 393.104320] ? __lock_is_held+0xb6/0x140 [ 393.108371] ? lock_acquire+0x16f/0x430 [ 393.112329] ? ext4_map_blocks+0x402/0x17c0 [ 393.116638] ext4_map_blocks+0xd3c/0x17c0 [ 393.120770] ? __lock_is_held+0xb6/0x140 [ 393.124813] ? check_preemption_disabled+0x3c/0x250 [ 393.129817] ? ext4_issue_zeroout+0x160/0x160 [ 393.134295] ? __brelse+0x50/0x60 [ 393.137735] ext4_getblk+0xac/0x450 [ 393.141347] ? ext4_iomap_begin+0x8a0/0x8a0 [ 393.145654] ? ext4_free_inode+0x1210/0x1210 [ 393.150047] ext4_bread+0x6e/0x1a0 [ 393.153755] ? ext4_getblk+0x450/0x450 [ 393.157634] ext4_append+0x14b/0x360 [ 393.161339] ext4_mkdir+0x531/0xc20 [ 393.164959] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 393.169625] ? security_inode_mkdir+0xd0/0x110 [ 393.174192] vfs_mkdir+0x3ca/0x610 [ 393.177716] SyS_mkdir+0x1b7/0x200 [ 393.181255] ? SyS_mkdirat+0x210/0x210 [ 393.185127] ? do_syscall_64+0x53/0x640 [ 393.189090] ? SyS_mkdirat+0x210/0x210 [ 393.192967] do_syscall_64+0x1e8/0x640 [ 393.196864] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.201713] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.207037] RIP: 0033:0x459a57 [ 393.210226] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 393.217927] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 393.225187] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 393.232453] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 393.239706] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 393.246959] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:30 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:30 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000140)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x110802, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = dup2(r7, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NS_GET_OWNER_UID(r8, 0xb704, &(0x7f00000000c0)=0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@rand_addr=0x2, @in=@remote, 0x4e21, 0x1, 0x4e21, 0x7, 0x2, 0x20, 0x80, 0xf51b3d985907a85e, r6, r9}, {0x6, 0x1c0000000, 0x100000001, 0x6, 0x8, 0x4c32, 0xffffffff, 0xfffffffffffff801}, {0xe9b, 0x14000000, 0x2, 0xc14b}, 0x3, 0x6e6bb6, 0x0, 0x0, 0x2}, {{@in=@loopback, 0x4d4, 0x6c}, 0xa, @in=@rand_addr=0x7, 0x3504, 0x3, 0x3, 0x6, 0x4, 0x3, 0xfffffffb}}, 0xe8) 14:33:30 executing program 3 (fault-call:0 fault-nth:40): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:30 executing program 2 (fault-call:3 fault-nth:44): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 393.433414] FAULT_INJECTION: forcing a failure. [ 393.433414] name failslab, interval 1, probability 0, space 0, times 0 [ 393.444955] CPU: 0 PID: 19560 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 393.451996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.461374] Call Trace: [ 393.463970] dump_stack+0x142/0x197 [ 393.467612] should_fail.cold+0x10f/0x159 [ 393.471926] should_failslab+0xdb/0x130 [ 393.475883] __kmalloc+0x71/0x7a0 [ 393.479322] ? mls_compute_context_len+0x3f6/0x5e0 [ 393.484236] ? context_struct_to_string+0x33a/0x630 [ 393.489240] context_struct_to_string+0x33a/0x630 [ 393.494081] ? security_load_policycaps+0x320/0x320 [ 393.499086] security_sid_to_context_core+0x18a/0x200 [ 393.504351] security_sid_to_context_force+0x2b/0x40 [ 393.509550] selinux_inode_init_security+0x493/0x700 [ 393.514651] ? selinux_inode_create+0x30/0x30 [ 393.519130] ? kfree+0x20a/0x270 [ 393.522485] security_inode_init_security+0x18d/0x360 [ 393.527660] ? ext4_init_acl+0x1f0/0x1f0 [ 393.531707] ? security_kernel_post_read_file+0xd0/0xd0 [ 393.537053] ? posix_acl_create+0xf5/0x3a0 [ 393.541305] ? ext4_set_acl+0x400/0x400 [ 393.545264] ? lock_downgrade+0x740/0x740 [ 393.549424] ext4_init_security+0x34/0x40 [ 393.553557] __ext4_new_inode+0x3385/0x4860 [ 393.557873] ? ext4_free_inode+0x1210/0x1210 [ 393.562272] ? dquot_get_next_dqblk+0x160/0x160 [ 393.566929] ext4_mkdir+0x331/0xc20 [ 393.570546] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 393.575201] ? security_inode_mkdir+0xd0/0x110 [ 393.579768] vfs_mkdir+0x3ca/0x610 [ 393.583293] SyS_mkdir+0x1b7/0x200 [ 393.586828] ? SyS_mkdirat+0x210/0x210 [ 393.590698] ? do_syscall_64+0x53/0x640 [ 393.594657] ? SyS_mkdirat+0x210/0x210 [ 393.598528] do_syscall_64+0x1e8/0x640 [ 393.602417] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.607248] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.612420] RIP: 0033:0x459a57 [ 393.615595] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 393.623287] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 14:33:30 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 393.630538] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 393.638829] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 393.646081] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 393.653337] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 393.674793] FAULT_INJECTION: forcing a failure. [ 393.674793] name failslab, interval 1, probability 0, space 0, times 0 [ 393.697913] CPU: 0 PID: 19569 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 393.704977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.714355] Call Trace: [ 393.716968] dump_stack+0x142/0x197 [ 393.720602] should_fail.cold+0x10f/0x159 [ 393.724757] should_failslab+0xdb/0x130 [ 393.728741] __kmalloc+0x2f0/0x7a0 [ 393.732285] ? check_preemption_disabled+0x3c/0x250 [ 393.737307] ? ext4_find_extent+0x709/0x960 [ 393.741642] ext4_find_extent+0x709/0x960 [ 393.745812] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 393.751269] ext4_ext_map_blocks+0x1a3/0x4fa0 [ 393.755772] ? save_trace+0x290/0x290 [ 393.759586] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 393.764616] ? __lock_is_held+0xb6/0x140 [ 393.768701] ? lock_acquire+0x16f/0x430 [ 393.772681] ? ext4_map_blocks+0x829/0x17c0 [ 393.777015] ext4_map_blocks+0x881/0x17c0 [ 393.781171] ? ext4_issue_zeroout+0x160/0x160 [ 393.785669] ? __brelse+0x50/0x60 [ 393.789135] ext4_getblk+0xac/0x450 [ 393.792767] ? ext4_iomap_begin+0x8a0/0x8a0 [ 393.797094] ? ext4_free_inode+0x1210/0x1210 [ 393.801509] ext4_bread+0x6e/0x1a0 [ 393.805046] ? ext4_getblk+0x450/0x450 [ 393.808939] ext4_append+0x14b/0x360 [ 393.812661] ext4_mkdir+0x531/0xc20 [ 393.816303] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 393.820978] ? security_inode_mkdir+0xd0/0x110 [ 393.825564] vfs_mkdir+0x3ca/0x610 [ 393.829109] SyS_mkdir+0x1b7/0x200 [ 393.832661] ? SyS_mkdirat+0x210/0x210 [ 393.836550] ? do_syscall_64+0x53/0x640 [ 393.840537] ? SyS_mkdirat+0x210/0x210 [ 393.844515] do_syscall_64+0x1e8/0x640 [ 393.848403] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.853256] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.858449] RIP: 0033:0x459a57 [ 393.861733] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 393.869447] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 393.876719] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 14:33:30 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x3e512bef}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f00000000c0)={&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000140)=""/167, 0xa7}) [ 393.883988] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 393.891344] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 393.898615] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:30 executing program 2 (fault-call:3 fault-nth:45): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:30 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="bbf2000000000022e898f7959f2d7566d1dfd8250000000c0000000c0005000800010069620000"], 0x20}}, 0x0) r6 = fcntl$dupfd(r4, 0x0, r1) bind$isdn(r6, &(0x7f0000000740)={0x22, 0x9, 0x2, 0x2, 0x8}, 0x6) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r7 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r7, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r8, r8) r9 = accept$inet6(r8, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev}, &(0x7f0000000100)=0x1c) ioctl$sock_inet_SIOCGIFNETMASK(r9, 0x891b, &(0x7f0000000180)={'dummy0\x00', {0x2, 0x4e24, @multicast2}}) getsockopt$inet_sctp6_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:30 executing program 3 (fault-call:0 fault-nth:41): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 394.070286] net_ratelimit: 16 callbacks suppressed [ 394.070291] protocol 88fb is buggy, dev hsr_slave_0 [ 394.080361] protocol 88fb is buggy, dev hsr_slave_1 14:33:31 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 394.150162] protocol 88fb is buggy, dev hsr_slave_0 [ 394.155293] protocol 88fb is buggy, dev hsr_slave_1 14:33:31 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000240)={0x2, 0x6, 0x8000, 0x2, 0x0}, &(0x7f0000000280)=0x10) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000340)={r3, 0x40}, 0x8) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) r6 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000380)='/selinux/commit_pending_bools\x00', 0x1, 0x0) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00') sendmsg$TIPC_NL_PUBL_GET(r6, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x94, r7, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x9}]}, @TIPC_NLA_LINK={0x40, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0x4}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6a3c68ac}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffb}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1a}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x40000}, 0x82) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000000)={r5, @in, 0xfffc}, 0x90) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={r5, @in6={{0xa, 0x4e21, 0x7, @loopback, 0xffffffff}}, 0x4, 0x9, 0xb48, 0x1, 0x10}, &(0x7f0000000080)=0x98) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r8, 0x6, 0x292c}, &(0x7f0000000200)=0xc) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 394.193276] FAULT_INJECTION: forcing a failure. [ 394.193276] name failslab, interval 1, probability 0, space 0, times 0 [ 394.231742] FAULT_INJECTION: forcing a failure. [ 394.231742] name failslab, interval 1, probability 0, space 0, times 0 [ 394.243123] CPU: 0 PID: 19605 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 394.250146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.259525] Call Trace: [ 394.259546] dump_stack+0x142/0x197 [ 394.259566] should_fail.cold+0x10f/0x159 [ 394.259582] should_failslab+0xdb/0x130 [ 394.259592] __kmalloc+0x71/0x7a0 [ 394.259609] ? mls_compute_context_len+0x3f6/0x5e0 [ 394.277376] ? context_struct_to_string+0x33a/0x630 [ 394.277391] context_struct_to_string+0x33a/0x630 [ 394.277405] ? security_load_policycaps+0x320/0x320 [ 394.277420] security_sid_to_context_core+0x18a/0x200 [ 394.277433] security_sid_to_context_force+0x2b/0x40 [ 394.307472] selinux_inode_init_security+0x493/0x700 [ 394.312587] ? selinux_inode_create+0x30/0x30 [ 394.317091] ? kfree+0x20a/0x270 [ 394.320474] security_inode_init_security+0x18d/0x360 [ 394.325738] ? ext4_init_acl+0x1f0/0x1f0 [ 394.329787] ? security_kernel_post_read_file+0xd0/0xd0 [ 394.335153] ? posix_acl_create+0xf5/0x3a0 [ 394.339385] ? ext4_set_acl+0x400/0x400 [ 394.343356] ? lock_downgrade+0x740/0x740 [ 394.347514] ext4_init_security+0x34/0x40 [ 394.351659] __ext4_new_inode+0x3385/0x4860 [ 394.355998] ? ext4_free_inode+0x1210/0x1210 [ 394.360412] ? dquot_get_next_dqblk+0x160/0x160 [ 394.365083] ext4_mkdir+0x331/0xc20 [ 394.368714] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 394.373385] ? security_inode_mkdir+0xd0/0x110 [ 394.377961] vfs_mkdir+0x3ca/0x610 [ 394.381492] SyS_mkdir+0x1b7/0x200 [ 394.385021] ? SyS_mkdirat+0x210/0x210 [ 394.388910] ? do_syscall_64+0x53/0x640 [ 394.392880] ? SyS_mkdirat+0x210/0x210 [ 394.396841] do_syscall_64+0x1e8/0x640 [ 394.400717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.405574] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.410840] RIP: 0033:0x459a57 [ 394.414015] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 394.421719] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 394.428990] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 394.436267] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 394.443555] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 394.450823] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 394.458117] CPU: 1 PID: 19596 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 394.465316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.474675] Call Trace: [ 394.477272] dump_stack+0x142/0x197 [ 394.480919] should_fail.cold+0x10f/0x159 [ 394.485165] should_failslab+0xdb/0x130 [ 394.489148] __kmalloc+0x2f0/0x7a0 [ 394.492797] ? check_preemption_disabled+0x3c/0x250 [ 394.497913] ? ext4_find_extent+0x709/0x960 [ 394.502250] ext4_find_extent+0x709/0x960 [ 394.506407] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 394.511868] ext4_ext_map_blocks+0x1a3/0x4fa0 [ 394.516377] ? save_trace+0x290/0x290 [ 394.520190] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 394.520202] ? __lock_is_held+0xb6/0x140 [ 394.520216] ? lock_acquire+0x16f/0x430 [ 394.520226] ? ext4_map_blocks+0x829/0x17c0 [ 394.520242] ext4_map_blocks+0x881/0x17c0 [ 394.520258] ? ext4_issue_zeroout+0x160/0x160 [ 394.520269] ? __brelse+0x50/0x60 [ 394.520285] ext4_getblk+0xac/0x450 [ 394.520295] ? ext4_iomap_begin+0x8a0/0x8a0 [ 394.520306] ? ext4_free_inode+0x1210/0x1210 [ 394.529459] ext4_bread+0x6e/0x1a0 [ 394.529470] ? ext4_getblk+0x450/0x450 [ 394.529483] ext4_append+0x14b/0x360 [ 394.573157] ext4_mkdir+0x531/0xc20 [ 394.576777] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 394.581433] ? security_inode_mkdir+0xd0/0x110 [ 394.585999] vfs_mkdir+0x3ca/0x610 [ 394.589522] SyS_mkdir+0x1b7/0x200 [ 394.593065] ? SyS_mkdirat+0x210/0x210 [ 394.596937] ? do_syscall_64+0x53/0x640 [ 394.600903] ? SyS_mkdirat+0x210/0x210 [ 394.604774] do_syscall_64+0x1e8/0x640 [ 394.608741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.613579] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.618774] RIP: 0033:0x459a57 [ 394.621947] RSP: 002b:00007f9c983c2a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 394.629638] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 394.636921] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 14:33:31 executing program 3 (fault-call:0 fault-nth:42): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 394.644179] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 394.651434] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 394.658686] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 394.790721] FAULT_INJECTION: forcing a failure. [ 394.790721] name failslab, interval 1, probability 0, space 0, times 0 [ 394.802055] CPU: 1 PID: 19618 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 394.809077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.818523] Call Trace: [ 394.821142] dump_stack+0x142/0x197 [ 394.824811] should_fail.cold+0x10f/0x159 [ 394.828970] should_failslab+0xdb/0x130 [ 394.832953] __kmalloc+0x71/0x7a0 [ 394.836414] ? mls_compute_context_len+0x3f6/0x5e0 [ 394.841354] ? context_struct_to_string+0x33a/0x630 [ 394.846372] context_struct_to_string+0x33a/0x630 [ 394.851229] ? security_load_policycaps+0x320/0x320 [ 394.856345] security_sid_to_context_core+0x18a/0x200 [ 394.861543] security_sid_to_context_force+0x2b/0x40 [ 394.866652] selinux_inode_init_security+0x493/0x700 [ 394.871764] ? selinux_inode_create+0x30/0x30 [ 394.876260] ? kfree+0x20a/0x270 [ 394.879631] security_inode_init_security+0x18d/0x360 [ 394.884825] ? ext4_init_acl+0x1f0/0x1f0 [ 394.888888] ? security_kernel_post_read_file+0xd0/0xd0 [ 394.894253] ? posix_acl_create+0xf5/0x3a0 [ 394.898614] ? ext4_set_acl+0x400/0x400 [ 394.902591] ? lock_downgrade+0x740/0x740 [ 394.906746] ext4_init_security+0x34/0x40 [ 394.910907] __ext4_new_inode+0x3385/0x4860 [ 394.915264] ? ext4_free_inode+0x1210/0x1210 [ 394.919678] ? dquot_get_next_dqblk+0x160/0x160 [ 394.924356] ext4_mkdir+0x331/0xc20 [ 394.928014] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 394.932689] ? security_inode_mkdir+0xd0/0x110 [ 394.937288] vfs_mkdir+0x3ca/0x610 [ 394.940833] SyS_mkdir+0x1b7/0x200 [ 394.944394] ? SyS_mkdirat+0x210/0x210 [ 394.948285] ? do_syscall_64+0x53/0x640 [ 394.952268] ? SyS_mkdirat+0x210/0x210 [ 394.952283] do_syscall_64+0x1e8/0x640 [ 394.952293] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.952310] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.952320] RIP: 0033:0x459a57 [ 394.952325] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 394.952337] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 394.952347] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 394.960097] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 394.960103] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 394.960108] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 395.026047] audit: type=1400 audit(1574174011.912:98): avc: denied { bind } for pid=19590 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 [ 395.050054] protocol 88fb is buggy, dev hsr_slave_0 [ 395.050113] protocol 88fb is buggy, dev hsr_slave_1 14:33:32 executing program 3 (fault-call:0 fault-nth:43): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:32 executing program 2 (fault-call:3 fault-nth:46): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:32 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x20, &(0x7f0000ffc000/0x4000)=nil) shmctl$IPC_STAT(r0, 0x2, &(0x7f0000004940)=""/239) r1 = socket$bt_rfcomm(0x1f, 0x3, 0x3) recvmmsg(r1, &(0x7f0000004740)=[{{&(0x7f0000000080)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)}, {&(0x7f0000000180)=""/235, 0xeb}], 0x2, &(0x7f0000000340)=""/91, 0x5b}, 0x3}, {{&(0x7f00000003c0)=@generic, 0x80, &(0x7f0000001540)=[{&(0x7f0000000440)=""/223, 0xdf}, {&(0x7f0000000540)=""/4096, 0x1000}], 0x2}, 0x8}, {{&(0x7f0000001580)=@rc, 0x80, &(0x7f0000001740)=[{&(0x7f0000001600)=""/189, 0xbd}, {&(0x7f00000016c0)=""/103, 0x67}], 0x2, &(0x7f0000001780)=""/14, 0xe}, 0x8001}, {{&(0x7f00000017c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000002d40)=[{&(0x7f0000001840)=""/4096, 0x1000}, {&(0x7f0000002840)=""/18, 0x12}, {&(0x7f0000002880)=""/164, 0xa4}, {&(0x7f0000002940)=""/181, 0xb5}, {&(0x7f0000002a00)=""/171, 0xab}, {&(0x7f0000002ac0)=""/169, 0xa9}, {&(0x7f0000002b80)=""/27, 0x1b}, {&(0x7f0000002bc0)=""/157, 0x9d}, {&(0x7f0000002c80)=""/175, 0xaf}], 0x9, &(0x7f0000002e00)=""/39, 0x27}, 0x9}, {{0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000002e40)=""/96, 0x60}, {&(0x7f0000002ec0)=""/109, 0x6d}], 0x2, &(0x7f0000002f80)=""/4096, 0x1000}, 0x1ff}, {{&(0x7f0000003f80)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000004440)=[{&(0x7f0000004000)=""/136, 0x88}, {&(0x7f00000040c0)=""/215, 0xd7}, {&(0x7f00000041c0)=""/152, 0x98}, {&(0x7f0000004280)=""/170, 0xaa}, {&(0x7f0000004340)=""/232, 0xe8}], 0x5, &(0x7f00000044c0)=""/54, 0x36}, 0x1}, {{&(0x7f0000004500)=@caif=@rfm, 0x80, &(0x7f0000004640)=[{&(0x7f0000004580)=""/149, 0x95}], 0x1, &(0x7f0000004680)=""/133, 0x85}, 0x9}], 0x7, 0x20, &(0x7f0000004900)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:32 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:32 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 395.379644] FAULT_INJECTION: forcing a failure. [ 395.379644] name failslab, interval 1, probability 0, space 0, times 0 [ 395.379946] FAULT_INJECTION: forcing a failure. [ 395.379946] name failslab, interval 1, probability 0, space 0, times 0 [ 395.402295] CPU: 1 PID: 19646 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 395.409317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.418678] Call Trace: [ 395.421269] dump_stack+0x142/0x197 [ 395.424902] should_fail.cold+0x10f/0x159 [ 395.429045] ? __es_tree_search.isra.0+0x15f/0x1c0 [ 395.433979] should_failslab+0xdb/0x130 [ 395.437947] kmem_cache_alloc+0x47/0x780 [ 395.442020] __es_insert_extent+0x26c/0xe60 [ 395.446347] ext4_es_insert_extent+0x1f0/0x590 [ 395.450931] ? check_preemption_disabled+0x3c/0x250 [ 395.455948] ? ext4_es_find_delayed_extent_range+0x960/0x960 [ 395.461738] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 395.467190] ? ext4_es_find_delayed_extent_range+0x31d/0x960 [ 395.472990] ext4_ext_put_gap_in_cache+0xcb/0x110 [ 395.477822] ? ext4_zeroout_es+0x170/0x170 [ 395.482049] ? ext4_find_extent+0x64c/0x960 [ 395.486370] ext4_ext_map_blocks+0x1d4b/0x4fa0 [ 395.490948] ? save_trace+0x290/0x290 [ 395.494748] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 395.499754] ? __lock_is_held+0xb6/0x140 [ 395.503899] ? lock_acquire+0x16f/0x430 [ 395.507865] ? ext4_map_blocks+0x402/0x17c0 [ 395.513150] ext4_map_blocks+0xd3c/0x17c0 [ 395.517304] ? __lock_is_held+0xb6/0x140 [ 395.521360] ? check_preemption_disabled+0x3c/0x250 [ 395.526378] ? ext4_issue_zeroout+0x160/0x160 [ 395.530868] ? __brelse+0x50/0x60 [ 395.534322] ext4_getblk+0xac/0x450 [ 395.537938] ? ext4_iomap_begin+0x8a0/0x8a0 [ 395.542256] ? ext4_free_inode+0x1210/0x1210 [ 395.546657] ext4_bread+0x6e/0x1a0 [ 395.550191] ? ext4_getblk+0x450/0x450 [ 395.554071] ext4_append+0x14b/0x360 [ 395.557770] ext4_mkdir+0x531/0xc20 [ 395.561393] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 395.566065] ? security_inode_mkdir+0xd0/0x110 [ 395.570647] vfs_mkdir+0x3ca/0x610 [ 395.574183] SyS_mkdir+0x1b7/0x200 [ 395.577711] ? SyS_mkdirat+0x210/0x210 [ 395.581590] ? do_syscall_64+0x53/0x640 [ 395.585565] ? SyS_mkdirat+0x210/0x210 [ 395.589454] do_syscall_64+0x1e8/0x640 [ 395.593334] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.598700] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.603884] RIP: 0033:0x459a57 [ 395.607067] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 395.614763] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 395.622024] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 395.629295] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 395.636558] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 395.643820] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 395.652122] protocol 88fb is buggy, dev hsr_slave_0 [ 395.657207] protocol 88fb is buggy, dev hsr_slave_1 [ 395.662335] protocol 88fb is buggy, dev hsr_slave_0 [ 395.664053] CPU: 0 PID: 19647 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 395.667382] protocol 88fb is buggy, dev hsr_slave_1 [ 395.674439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.674442] Call Trace: [ 395.674457] dump_stack+0x142/0x197 [ 395.674473] should_fail.cold+0x10f/0x159 [ 395.674490] should_failslab+0xdb/0x130 [ 395.704810] kmem_cache_alloc+0x2d7/0x780 [ 395.708942] ? rcu_read_lock_sched_held+0x110/0x130 [ 395.713940] ? __mark_inode_dirty+0x2b7/0x1040 [ 395.718512] ext4_mb_new_blocks+0x509/0x3990 [ 395.722903] ? ext4_find_extent+0x709/0x960 [ 395.727216] ext4_ext_map_blocks+0x26cd/0x4fa0 [ 395.731785] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 395.736784] ? __lock_is_held+0xb6/0x140 [ 395.740832] ? lock_acquire+0x16f/0x430 [ 395.744794] ext4_map_blocks+0x881/0x17c0 [ 395.748928] ? ext4_issue_zeroout+0x160/0x160 [ 395.753406] ? __brelse+0x50/0x60 [ 395.756855] ext4_getblk+0xac/0x450 [ 395.760464] ? ext4_iomap_begin+0x8a0/0x8a0 [ 395.764768] ? ext4_free_inode+0x1210/0x1210 [ 395.769162] ext4_bread+0x6e/0x1a0 [ 395.772690] ? ext4_getblk+0x450/0x450 [ 395.776562] ext4_append+0x14b/0x360 [ 395.780259] ext4_mkdir+0x531/0xc20 [ 395.783874] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 395.788528] ? security_inode_mkdir+0xd0/0x110 [ 395.793091] vfs_mkdir+0x3ca/0x610 [ 395.796612] SyS_mkdir+0x1b7/0x200 [ 395.800136] ? SyS_mkdirat+0x210/0x210 [ 395.804014] ? do_syscall_64+0x53/0x640 [ 395.807969] ? SyS_mkdirat+0x210/0x210 [ 395.811838] do_syscall_64+0x1e8/0x640 [ 395.815708] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.820538] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.825708] RIP: 0033:0x459a57 [ 395.828877] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 395.836569] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 395.843821] RDX: 0000000000000007 RSI: 00000000000001ff RDI: 0000000020000100 [ 395.851077] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 395.858327] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000007 [ 395.865576] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:32 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x9], 0x0, 0x100}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:32 executing program 2 (fault-call:3 fault-nth:47): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:32 executing program 3 (fault-call:0 fault-nth:44): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:32 executing program 1: getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000140)={'filter\x00', 0xd0, "bef7e3349173c16883c8f46bec6517a58cf015d53ee08f30de803711807dd1362c6d3bc80a4fa1d9ca78bb914b6d3c5722623110fe76d32d38414a064e6f44441824edf65f9a40561e53a7f3bdcc431f8c2f4cd6a1fd2c91bab4291cd22495d0a1e5c267c1a682fabf130ef7b7f23a4e0161559a3995571a760b35cc1c97af5eacc12ecf048230c6cc87767d108aae6fc9e4481e962f21a268322c78c252de763966a59cc2f9d9ed3df882cc7d3e113a34b3b71667ece69a473faa207dfb8e0fd7223c783a20cecee64dfa1defb4dd19"}, &(0x7f0000000080)=0xf4) syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000200fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 396.018094] FAULT_INJECTION: forcing a failure. [ 396.018094] name failslab, interval 1, probability 0, space 0, times 0 [ 396.089265] CPU: 1 PID: 19666 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 396.096329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.105687] Call Trace: [ 396.105707] dump_stack+0x142/0x197 [ 396.105726] should_fail.cold+0x10f/0x159 [ 396.105745] should_failslab+0xdb/0x130 [ 396.105757] __kmalloc_track_caller+0x2ec/0x790 [ 396.105773] ? strndup_user+0x62/0xf0 [ 396.105784] memdup_user+0x26/0xa0 [ 396.105795] strndup_user+0x62/0xf0 [ 396.112015] SyS_mount+0x3c/0x120 [ 396.112026] ? copy_mnt_ns+0x8c0/0x8c0 [ 396.112041] do_syscall_64+0x1e8/0x640 [ 396.112051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.112070] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.112077] RIP: 0033:0x45d08a [ 396.112081] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 396.112091] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 396.112100] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 396.182314] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 396.189576] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 396.196838] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:33 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockname$tipc(r1, &(0x7f0000000080)=@name, &(0x7f00000000c0)=0x10) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 396.303458] FAULT_INJECTION: forcing a failure. [ 396.303458] name failslab, interval 1, probability 0, space 0, times 0 [ 396.314830] CPU: 0 PID: 19680 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 396.321865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.331219] Call Trace: [ 396.333810] dump_stack+0x142/0x197 [ 396.337442] should_fail.cold+0x10f/0x159 [ 396.341598] ? __es_tree_search.isra.0+0x15f/0x1c0 [ 396.346536] should_failslab+0xdb/0x130 [ 396.350508] kmem_cache_alloc+0x47/0x780 [ 396.354579] __es_insert_extent+0x26c/0xe60 [ 396.358904] ext4_es_insert_extent+0x1f0/0x590 [ 396.363484] ? check_preemption_disabled+0x3c/0x250 [ 396.368504] ? ext4_es_find_delayed_extent_range+0x960/0x960 [ 396.374305] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 396.379762] ? ext4_es_find_delayed_extent_range+0x31d/0x960 [ 396.385563] ext4_ext_put_gap_in_cache+0xcb/0x110 [ 396.390415] ? ext4_zeroout_es+0x170/0x170 [ 396.394656] ? ext4_find_extent+0x64c/0x960 [ 396.398988] ext4_ext_map_blocks+0x1d4b/0x4fa0 [ 396.403576] ? save_trace+0x290/0x290 [ 396.407385] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 396.412515] ? __lock_is_held+0xb6/0x140 [ 396.416588] ? lock_acquire+0x16f/0x430 [ 396.420575] ? ext4_map_blocks+0x402/0x17c0 [ 396.424914] ext4_map_blocks+0xd3c/0x17c0 [ 396.429065] ? __lock_is_held+0xb6/0x140 [ 396.433127] ? check_preemption_disabled+0x3c/0x250 [ 396.438162] ? ext4_issue_zeroout+0x160/0x160 [ 396.442659] ? __brelse+0x50/0x60 [ 396.446120] ext4_getblk+0xac/0x450 [ 396.449751] ? ext4_iomap_begin+0x8a0/0x8a0 [ 396.454073] ? ext4_free_inode+0x1210/0x1210 [ 396.458489] ext4_bread+0x6e/0x1a0 [ 396.462035] ? ext4_getblk+0x450/0x450 [ 396.465926] ext4_append+0x14b/0x360 [ 396.469647] ext4_mkdir+0x531/0xc20 [ 396.473280] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 396.477955] ? security_inode_mkdir+0xd0/0x110 [ 396.482542] vfs_mkdir+0x3ca/0x610 [ 396.486083] SyS_mkdir+0x1b7/0x200 [ 396.489627] ? SyS_mkdirat+0x210/0x210 [ 396.493520] ? do_syscall_64+0x53/0x640 [ 396.497494] ? SyS_mkdirat+0x210/0x210 [ 396.501379] do_syscall_64+0x1e8/0x640 [ 396.505266] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.510125] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.515323] RIP: 0033:0x459a57 [ 396.518508] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 396.526210] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 396.526216] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 396.526221] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 396.526226] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 396.526231] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:33 executing program 2 (fault-call:3 fault-nth:48): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:33 executing program 3 (fault-call:0 fault-nth:45): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 396.776144] FAULT_INJECTION: forcing a failure. [ 396.776144] name failslab, interval 1, probability 0, space 0, times 0 [ 396.793378] CPU: 0 PID: 19703 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 396.800446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.809804] Call Trace: [ 396.812395] dump_stack+0x142/0x197 [ 396.816014] should_fail.cold+0x10f/0x159 [ 396.820148] should_failslab+0xdb/0x130 [ 396.824106] __kmalloc_track_caller+0x2ec/0x790 [ 396.828767] ? strndup_user+0x62/0xf0 [ 396.832550] memdup_user+0x26/0xa0 [ 396.836088] strndup_user+0x62/0xf0 [ 396.839698] SyS_mount+0x3c/0x120 [ 396.843131] ? copy_mnt_ns+0x8c0/0x8c0 [ 396.847000] do_syscall_64+0x1e8/0x640 [ 396.850867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.855694] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.860863] RIP: 0033:0x45d08a [ 396.864033] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:33:33 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:33 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x10001, 0x0) [ 396.871728] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 396.878980] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 396.886232] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 396.893483] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 396.900733] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 396.931901] FAULT_INJECTION: forcing a failure. [ 396.931901] name failslab, interval 1, probability 0, space 0, times 0 [ 396.943537] CPU: 1 PID: 19708 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 396.950590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.959950] Call Trace: [ 396.962549] dump_stack+0x142/0x197 [ 396.966176] should_fail.cold+0x10f/0x159 [ 396.970337] ? __es_tree_search.isra.0+0x15f/0x1c0 [ 396.975277] should_failslab+0xdb/0x130 [ 396.979258] kmem_cache_alloc+0x47/0x780 [ 396.983330] __es_insert_extent+0x26c/0xe60 [ 396.987663] ext4_es_insert_extent+0x1f0/0x590 [ 396.992243] ? check_preemption_disabled+0x3c/0x250 [ 396.997265] ? ext4_es_find_delayed_extent_range+0x960/0x960 [ 397.003069] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 397.008521] ? ext4_es_find_delayed_extent_range+0x31d/0x960 [ 397.014329] ext4_ext_put_gap_in_cache+0xcb/0x110 [ 397.019172] ? ext4_zeroout_es+0x170/0x170 [ 397.023418] ? ext4_find_extent+0x64c/0x960 [ 397.027747] ext4_ext_map_blocks+0x1d4b/0x4fa0 [ 397.032329] ? save_trace+0x290/0x290 [ 397.036141] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 397.041169] ? __lock_is_held+0xb6/0x140 [ 397.045228] ? lock_acquire+0x16f/0x430 [ 397.049221] ? ext4_map_blocks+0x402/0x17c0 [ 397.053560] ext4_map_blocks+0xd3c/0x17c0 [ 397.057715] ? __lock_is_held+0xb6/0x140 [ 397.061796] ? check_preemption_disabled+0x3c/0x250 [ 397.066824] ? ext4_issue_zeroout+0x160/0x160 [ 397.071323] ? __brelse+0x50/0x60 [ 397.074780] ext4_getblk+0xac/0x450 [ 397.078410] ? ext4_iomap_begin+0x8a0/0x8a0 14:33:34 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 397.082732] ? ext4_free_inode+0x1210/0x1210 [ 397.087144] ext4_bread+0x6e/0x1a0 [ 397.090693] ? ext4_getblk+0x450/0x450 [ 397.094578] ext4_append+0x14b/0x360 [ 397.098295] ext4_mkdir+0x531/0xc20 [ 397.101932] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 397.106602] ? security_inode_mkdir+0xd0/0x110 [ 397.111186] vfs_mkdir+0x3ca/0x610 [ 397.114727] SyS_mkdir+0x1b7/0x200 [ 397.118272] ? SyS_mkdirat+0x210/0x210 [ 397.122153] ? do_syscall_64+0x53/0x640 [ 397.126119] ? SyS_mkdirat+0x210/0x210 [ 397.130005] do_syscall_64+0x1e8/0x640 [ 397.133889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.138738] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.143925] RIP: 0033:0x459a57 [ 397.147113] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 397.154823] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 397.162095] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 397.169368] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 397.176639] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 397.183912] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:34 executing program 2 (fault-call:3 fault-nth:49): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 397.272897] FAULT_INJECTION: forcing a failure. [ 397.272897] name failslab, interval 1, probability 0, space 0, times 0 [ 397.294394] CPU: 0 PID: 19725 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 397.301441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.311922] Call Trace: [ 397.311940] dump_stack+0x142/0x197 [ 397.311957] should_fail.cold+0x10f/0x159 [ 397.322330] should_failslab+0xdb/0x130 [ 397.326326] __kmalloc_track_caller+0x2ec/0x790 [ 397.331006] ? strndup_user+0x62/0xf0 [ 397.334817] memdup_user+0x26/0xa0 [ 397.338360] strndup_user+0x62/0xf0 [ 397.341995] SyS_mount+0x3c/0x120 [ 397.345452] ? copy_mnt_ns+0x8c0/0x8c0 [ 397.349344] do_syscall_64+0x1e8/0x640 [ 397.353232] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.358084] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.363276] RIP: 0033:0x45d08a 14:33:34 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='jtrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x264, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0xfffffffffffffeb3, 0x10000}], 0x0, 0x0) [ 397.366464] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 397.374177] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 397.381482] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 397.388752] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 397.396005] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 397.403260] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:34 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) setuid(r5) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x135f17a810702502, 0x2) openat(r6, &(0x7f0000000200)='./file0\x00', 0xe1000, 0x4b) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:34 executing program 3 (fault-call:0 fault-nth:46): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:34 executing program 2 (fault-call:3 fault-nth:50): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 397.628645] FAULT_INJECTION: forcing a failure. [ 397.628645] name failslab, interval 1, probability 0, space 0, times 0 [ 397.644786] FAULT_INJECTION: forcing a failure. [ 397.644786] name failslab, interval 1, probability 0, space 0, times 0 [ 397.653677] CPU: 1 PID: 19745 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 397.663032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.672388] Call Trace: [ 397.674981] dump_stack+0x142/0x197 [ 397.678617] should_fail.cold+0x10f/0x159 [ 397.682776] should_failslab+0xdb/0x130 [ 397.686757] __kmalloc+0x2f0/0x7a0 [ 397.690290] ? check_preemption_disabled+0x3c/0x250 [ 397.695311] ? ext4_find_extent+0x709/0x960 [ 397.699637] ext4_find_extent+0x709/0x960 [ 397.703794] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 397.709247] ext4_ext_map_blocks+0x1a3/0x4fa0 [ 397.713744] ? save_trace+0x290/0x290 [ 397.717553] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 397.722567] ? __lock_is_held+0xb6/0x140 [ 397.726637] ? lock_acquire+0x16f/0x430 [ 397.730617] ? ext4_map_blocks+0x829/0x17c0 [ 397.734939] ext4_map_blocks+0x881/0x17c0 [ 397.739079] ? ext4_issue_zeroout+0x160/0x160 [ 397.743571] ? __brelse+0x50/0x60 [ 397.747034] ext4_getblk+0xac/0x450 [ 397.750673] ? ext4_iomap_begin+0x8a0/0x8a0 [ 397.754990] ? ext4_free_inode+0x1210/0x1210 [ 397.759387] ext4_bread+0x6e/0x1a0 [ 397.762921] ? ext4_getblk+0x450/0x450 [ 397.766804] ext4_append+0x14b/0x360 [ 397.770514] ext4_mkdir+0x531/0xc20 [ 397.774135] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 397.778790] ? security_inode_mkdir+0xd0/0x110 [ 397.783362] vfs_mkdir+0x3ca/0x610 [ 397.786891] SyS_mkdir+0x1b7/0x200 [ 397.790420] ? SyS_mkdirat+0x210/0x210 [ 397.794299] ? do_syscall_64+0x53/0x640 [ 397.798257] ? SyS_mkdirat+0x210/0x210 [ 397.802132] do_syscall_64+0x1e8/0x640 [ 397.806003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.810841] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.816027] RIP: 0033:0x459a57 [ 397.819206] RSP: 002b:00007f875bac5a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 397.826899] RAX: ffffffffffffffda RBX: 0000000020000068 RCX: 0000000000459a57 [ 397.826905] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 397.826910] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 397.826914] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 397.826919] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 397.833681] CPU: 1 PID: 19748 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 397.841536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.841540] Call Trace: [ 397.841556] dump_stack+0x142/0x197 [ 397.841573] should_fail.cold+0x10f/0x159 [ 397.841588] should_failslab+0xdb/0x130 [ 397.841598] __kmalloc_track_caller+0x2ec/0x790 [ 397.841610] ? kasan_check_write+0x14/0x20 [ 397.841619] ? strndup_user+0x62/0xf0 [ 397.841631] memdup_user+0x26/0xa0 [ 397.841641] strndup_user+0x62/0xf0 [ 397.841652] SyS_mount+0x6b/0x120 [ 397.841659] ? copy_mnt_ns+0x8c0/0x8c0 [ 397.841673] do_syscall_64+0x1e8/0x640 [ 397.841681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.841711] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.841719] RIP: 0033:0x45d08a [ 397.841723] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 397.841734] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 397.841739] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 397.841744] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 397.841749] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 14:33:34 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb, 0x0, 0x0, 0x9], 0x0, 0x100}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 397.841755] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:34 executing program 3 (fault-call:0 fault-nth:47): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:34 executing program 2 (fault-call:3 fault-nth:51): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 398.126926] FAULT_INJECTION: forcing a failure. [ 398.126926] name failslab, interval 1, probability 0, space 0, times 0 [ 398.147409] FAULT_INJECTION: forcing a failure. [ 398.147409] name failslab, interval 1, probability 0, space 0, times 0 [ 398.192445] CPU: 0 PID: 19767 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 398.199502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.208887] Call Trace: [ 398.211492] dump_stack+0x142/0x197 [ 398.215121] should_fail.cold+0x10f/0x159 [ 398.219266] should_failslab+0xdb/0x130 [ 398.223229] kmem_cache_alloc+0x2d7/0x780 [ 398.227380] ? lock_downgrade+0x740/0x740 [ 398.231532] alloc_vfsmnt+0x28/0x7d0 [ 398.235257] vfs_kern_mount.part.0+0x2a/0x3d0 [ 398.239752] do_mount+0x417/0x27d0 [ 398.243286] ? copy_mount_options+0x5c/0x2f0 [ 398.247697] ? rcu_read_lock_sched_held+0x110/0x130 [ 398.252718] ? copy_mount_string+0x40/0x40 [ 398.256946] ? copy_mount_options+0x1fe/0x2f0 [ 398.261434] SyS_mount+0xab/0x120 [ 398.264879] ? copy_mnt_ns+0x8c0/0x8c0 [ 398.268774] do_syscall_64+0x1e8/0x640 [ 398.272656] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.277493] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 398.282675] RIP: 0033:0x45d08a [ 398.285853] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 398.293572] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 398.300835] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 398.308090] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 398.315345] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 398.322599] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 398.329870] CPU: 1 PID: 19763 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 398.336893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.346249] Call Trace: [ 398.348850] dump_stack+0x142/0x197 [ 398.352478] should_fail.cold+0x10f/0x159 [ 398.356612] should_failslab+0xdb/0x130 [ 398.360570] __kmalloc_track_caller+0x2ec/0x790 [ 398.365224] ? strndup_user+0x62/0xf0 [ 398.369004] memdup_user+0x26/0xa0 [ 398.372531] strndup_user+0x62/0xf0 [ 398.376153] SyS_mount+0x3c/0x120 [ 398.379588] ? copy_mnt_ns+0x8c0/0x8c0 [ 398.383460] do_syscall_64+0x1e8/0x640 [ 398.387338] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.392167] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 398.397339] RIP: 0033:0x45d08a [ 398.400516] RSP: 002b:00007f875bac5a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 398.408208] RAX: ffffffffffffffda RBX: 00007f875bac5b40 RCX: 000000000045d08a [ 398.415458] RDX: 00007f875bac5ae0 RSI: 0000000020000100 RDI: 00007f875bac5b00 [ 398.422710] RBP: 0000000000000001 R08: 00007f875bac5b40 R09: 00007f875bac5ae0 [ 398.429961] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 14:33:35 executing program 1: r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/policy\x00', 0x0, 0x0) accept4$llc(r0, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000100)=0x10, 0x100800) getgid() r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="55470d2f88f25dfa9f45824102378d56bbfe94635b7e80db81d64bc51f667a21ee9635bb6c5b2d9e257a", @ANYRES16=r1, @ANYBLOB="000125bd7000fedbdf25010000001c0002000800080008000000080006000200000008000e004e21000054000200080003000400000008000300010000000800080001000100080006000500000008000b00020000000800070002000000080006000100000008000e004e210000080002004e21000008000e004e200000180001001400030000000000000000000000ffffac1414aa"], 0x9c}, 0x1, 0x0, 0x0, 0x4002000}, 0x4) [ 398.437222] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:35 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:35 executing program 2 (fault-call:3 fault-nth:52): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 398.640719] FAULT_INJECTION: forcing a failure. [ 398.640719] name failslab, interval 1, probability 0, space 0, times 0 [ 398.664568] CPU: 0 PID: 19786 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 398.671627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.680990] Call Trace: [ 398.683594] dump_stack+0x142/0x197 [ 398.687240] should_fail.cold+0x10f/0x159 [ 398.691412] should_failslab+0xdb/0x130 [ 398.695407] kmem_cache_alloc+0x2d7/0x780 [ 398.699555] ? cache_grow_end.part.0+0x92/0x160 [ 398.704223] getname_flags+0xcb/0x580 [ 398.708020] ? lock_downgrade+0x740/0x740 [ 398.712172] user_path_at_empty+0x2f/0x50 [ 398.716314] do_mount+0x12b/0x27d0 [ 398.719850] ? copy_mount_options+0x5c/0x2f0 [ 398.724255] ? rcu_read_lock_sched_held+0x110/0x130 [ 398.729439] ? copy_mount_string+0x40/0x40 [ 398.733671] ? copy_mount_options+0x1fe/0x2f0 [ 398.738161] SyS_mount+0xab/0x120 [ 398.741636] ? copy_mnt_ns+0x8c0/0x8c0 [ 398.745524] do_syscall_64+0x1e8/0x640 [ 398.749406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.754249] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 398.759432] RIP: 0033:0x45d08a [ 398.762615] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 398.770320] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 398.777580] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 14:33:35 executing program 3 (fault-call:0 fault-nth:48): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 398.784842] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 398.792102] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 398.799365] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 398.866001] FAULT_INJECTION: forcing a failure. [ 398.866001] name failslab, interval 1, probability 0, space 0, times 0 [ 398.877591] CPU: 1 PID: 19796 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 398.884614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.893968] Call Trace: [ 398.896596] dump_stack+0x142/0x197 [ 398.900226] should_fail.cold+0x10f/0x159 [ 398.900243] should_failslab+0xdb/0x130 [ 398.900250] kmem_cache_alloc+0x47/0x780 14:33:35 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x41b500, 0x0) [ 398.900261] ? lock_downgrade+0x740/0x740 [ 398.900277] __sigqueue_alloc+0x1da/0x400 [ 398.900288] __send_signal+0x1a2/0x1280 [ 398.900295] ? lock_acquire+0x16f/0x430 [ 398.900310] send_signal+0x49/0xc0 [ 398.900321] force_sig_info+0x243/0x350 [ 398.900340] force_sig_info_fault.constprop.0+0x1c6/0x2b0 [ 398.900351] ? is_prefetch.isra.0+0x350/0x350 [ 398.900365] ? trace_raw_output_x86_exceptions+0x140/0x140 [ 398.900380] __bad_area_nosemaphore+0x1dc/0x2a0 [ 398.956934] bad_area+0x69/0x80 [ 398.960219] __do_page_fault+0x86f/0xb80 [ 398.964462] ? vmalloc_fault+0xe30/0xe30 [ 398.968533] ? page_fault+0x2f/0x50 [ 398.972167] do_page_fault+0x71/0x511 [ 398.975971] ? page_fault+0x2f/0x50 [ 398.979594] page_fault+0x45/0x50 [ 398.983049] RIP: 0033:0x45423f [ 398.986234] RSP: 002b:00007f875bac5a88 EFLAGS: 00010283 [ 398.991593] RAX: 00007f875bac5b40 RBX: 0000000020000068 RCX: 0000000000000000 [ 398.998866] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f875bac5b40 [ 399.006132] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a 14:33:35 executing program 2 (fault-call:3 fault-nth:53): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 399.013399] R10: 0000000000000075 R11: 00000000004e76c0 R12: 0000000000000004 [ 399.020668] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 399.096282] FAULT_INJECTION: forcing a failure. [ 399.096282] name failslab, interval 1, probability 0, space 0, times 0 [ 399.107876] CPU: 1 PID: 19809 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 399.114907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.125128] Call Trace: [ 399.125150] dump_stack+0x142/0x197 [ 399.125169] should_fail.cold+0x10f/0x159 [ 399.125185] should_failslab+0xdb/0x130 [ 399.125195] kmem_cache_alloc+0x2d7/0x780 [ 399.125203] ? cache_grow_end.part.0+0x92/0x160 [ 399.125219] getname_flags+0xcb/0x580 [ 399.125229] ? lock_downgrade+0x740/0x740 [ 399.125243] user_path_at_empty+0x2f/0x50 [ 399.125253] do_mount+0x12b/0x27d0 [ 399.125262] ? copy_mount_options+0x5c/0x2f0 [ 399.125273] ? rcu_read_lock_sched_held+0x110/0x130 [ 399.125284] ? copy_mount_string+0x40/0x40 [ 399.177838] ? copy_mount_options+0x1fe/0x2f0 [ 399.182344] SyS_mount+0xab/0x120 [ 399.185793] ? copy_mnt_ns+0x8c0/0x8c0 [ 399.189688] do_syscall_64+0x1e8/0x640 [ 399.193576] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.198430] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 399.203621] RIP: 0033:0x45d08a [ 399.206812] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 399.214519] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 399.221790] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 399.229067] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 399.236339] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 399.243790] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 399.270114] net_ratelimit: 14 callbacks suppressed [ 399.270119] protocol 88fb is buggy, dev hsr_slave_0 [ 399.280362] protocol 88fb is buggy, dev hsr_slave_1 14:33:36 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000180)={{0x5000, 0x4, 0x9, 0x5, 0x7, 0x1, 0x81, 0x9, 0x3, 0x80, 0x6, 0x2}, {0x0, 0x3000, 0x4, 0x5, 0x9, 0x7f, 0x1, 0x9, 0x3, 0x2, 0x0, 0x8}, {0xcab8ed8e9c95c200, 0x1000, 0x7, 0x2, 0x0, 0x76, 0x8, 0x6, 0x2a, 0x2, 0x5, 0x8}, {0x4, 0x1000, 0x9, 0x7, 0x20, 0x9, 0xa8, 0x9, 0x2, 0x9, 0x1, 0xb2}, {0x3000, 0x3000, 0x10, 0x2, 0x40, 0xcf, 0x3, 0x0, 0x7, 0x6, 0x4}, {0x10000, 0xd000, 0xe, 0x5, 0x0, 0x0, 0x5, 0x2, 0x8, 0x0, 0x0, 0x40}, {0x1, 0x1, 0x14, 0x7, 0x40, 0x81, 0x2, 0x3, 0x0, 0xfb, 0x4, 0x1}, {0x100000, 0x1d001, 0x10, 0x20, 0x8, 0x6, 0x8, 0x80, 0x50, 0x80, 0x40, 0x5}, {0x68b390f6fa1ef418, 0x4008}, {0x1, 0x3000}, 0x8, 0x0, 0x125924d2da4bea25, 0x400700, 0x4, 0x1, 0xd000, [0x7fffffff, 0x100, 0x97c, 0x5]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:36 executing program 3 (fault-call:0 fault-nth:49): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:36 executing program 1: r0 = syz_open_dev$radio(&(0x7f0000000180)='/dev/radio#\x00', 0x0, 0x2) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0xc028ae92, &(0x7f00000001c0)={0x6, 0x1000}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x6, 0x1, &(0x7f0000000040)=[{&(0x7f0000000200)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) setxattr$security_evm(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000140)=@v1={0x2, "3961fa543b66622e5c84b035d52a2dbb6e6b47"}, 0x14, 0x1) [ 399.455116] FAULT_INJECTION: forcing a failure. [ 399.455116] name failslab, interval 1, probability 0, space 0, times 0 [ 399.466360] CPU: 1 PID: 19822 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 399.473393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.482796] Call Trace: [ 399.485385] dump_stack+0x142/0x197 [ 399.485402] should_fail.cold+0x10f/0x159 [ 399.485416] should_failslab+0xdb/0x130 [ 399.493163] kmem_cache_alloc+0x47/0x780 [ 399.493175] ? lock_downgrade+0x740/0x740 [ 399.493189] __sigqueue_alloc+0x1da/0x400 [ 399.493200] __send_signal+0x1a2/0x1280 [ 399.493209] ? lock_acquire+0x16f/0x430 [ 399.493225] send_signal+0x49/0xc0 [ 399.493236] force_sig_info+0x243/0x350 [ 399.493254] force_sig_info_fault.constprop.0+0x1c6/0x2b0 [ 399.530530] ? is_prefetch.isra.0+0x350/0x350 [ 399.535031] ? trace_raw_output_x86_exceptions+0x140/0x140 [ 399.535048] __bad_area_nosemaphore+0x1dc/0x2a0 [ 399.546276] bad_area+0x69/0x80 [ 399.546288] __do_page_fault+0x86f/0xb80 [ 399.546302] ? vmalloc_fault+0xe30/0xe30 [ 399.557665] ? page_fault+0x2f/0x50 [ 399.561288] do_page_fault+0x71/0x511 [ 399.561299] ? page_fault+0x2f/0x50 [ 399.561309] page_fault+0x45/0x50 [ 399.561317] RIP: 0033:0x45423f [ 399.561321] RSP: 002b:00007f875bac5a88 EFLAGS: 00010283 [ 399.561330] RAX: 00007f875bac5b40 RBX: 0000000020000068 RCX: 0000000000000000 [ 399.561335] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f875bac5b40 [ 399.561341] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 399.561346] R10: 0000000000000075 R11: 00000000004e76c0 R12: 0000000000000004 [ 399.561351] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:36 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:36 executing program 2 (fault-call:3 fault-nth:54): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:36 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:36 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r6, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) r7 = dup3(r5, 0xffffffffffffffff, 0xc0000) ioctl$KVM_SET_ONE_REG(r7, 0x4010aeac, &(0x7f0000000000)={0x80, 0x7}) 14:33:36 executing program 3 (fault-call:0 fault-nth:50): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 399.772574] FAULT_INJECTION: forcing a failure. [ 399.772574] name failslab, interval 1, probability 0, space 0, times 0 [ 399.786173] CPU: 0 PID: 19849 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 399.793215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.802575] Call Trace: [ 399.805178] dump_stack+0x142/0x197 [ 399.808847] should_fail.cold+0x10f/0x159 [ 399.813022] should_failslab+0xdb/0x130 [ 399.816996] kmem_cache_alloc+0x2d7/0x780 [ 399.821147] ? lock_downgrade+0x740/0x740 [ 399.825300] alloc_vfsmnt+0x28/0x7d0 [ 399.829020] vfs_kern_mount.part.0+0x2a/0x3d0 [ 399.833520] do_mount+0x417/0x27d0 [ 399.837058] ? copy_mount_options+0x5c/0x2f0 [ 399.841462] ? rcu_read_lock_sched_held+0x110/0x130 [ 399.846480] ? copy_mount_string+0x40/0x40 [ 399.850718] ? copy_mount_options+0x1fe/0x2f0 [ 399.855212] SyS_mount+0xab/0x120 [ 399.858657] ? copy_mnt_ns+0x8c0/0x8c0 [ 399.862549] do_syscall_64+0x1e8/0x640 [ 399.866435] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.871282] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 399.876464] RIP: 0033:0x45d08a [ 399.879651] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 399.887359] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 399.894801] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 399.902158] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 399.909427] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 14:33:36 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x80000000000, 0xaaaaaaaaaaaab4b, &(0x7f0000000040), 0x0, 0x0) [ 399.916697] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 399.930608] protocol 88fb is buggy, dev hsr_slave_0 [ 399.936133] protocol 88fb is buggy, dev hsr_slave_1 [ 399.941645] protocol 88fb is buggy, dev hsr_slave_0 [ 399.946975] protocol 88fb is buggy, dev hsr_slave_1 [ 400.008198] FAULT_INJECTION: forcing a failure. [ 400.008198] name failslab, interval 1, probability 0, space 0, times 0 14:33:36 executing program 2 (fault-call:3 fault-nth:55): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 400.135999] CPU: 0 PID: 19855 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 400.143060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.152423] Call Trace: [ 400.155023] dump_stack+0x142/0x197 [ 400.158671] should_fail.cold+0x10f/0x159 [ 400.162839] should_failslab+0xdb/0x130 [ 400.166827] kmem_cache_alloc_trace+0x2e9/0x790 [ 400.171518] ? kasan_check_write+0x14/0x20 [ 400.175760] ? _copy_from_user+0x99/0x110 [ 400.179907] copy_mount_options+0x5c/0x2f0 [ 400.179921] SyS_mount+0x87/0x120 [ 400.179929] ? copy_mnt_ns+0x8c0/0x8c0 [ 400.179941] do_syscall_64+0x1e8/0x640 [ 400.179951] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.187618] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.187628] RIP: 0033:0x45d08a [ 400.187633] RSP: 002b:00007f875bac5a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 400.187643] RAX: ffffffffffffffda RBX: 00007f875bac5b40 RCX: 000000000045d08a [ 400.187653] RDX: 00007f875bac5ae0 RSI: 0000000020000100 RDI: 00007f875bac5b00 14:33:37 executing program 3 (fault-call:0 fault-nth:51): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 400.195394] RBP: 0000000000000001 R08: 00007f875bac5b40 R09: 00007f875bac5ae0 [ 400.195400] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 400.195405] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 400.260639] FAULT_INJECTION: forcing a failure. [ 400.260639] name failslab, interval 1, probability 0, space 0, times 0 [ 400.321712] CPU: 1 PID: 19868 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 400.328771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.338134] Call Trace: [ 400.340773] dump_stack+0x142/0x197 [ 400.344425] should_fail.cold+0x10f/0x159 [ 400.348600] should_failslab+0xdb/0x130 [ 400.352594] __kmalloc_track_caller+0x2ec/0x790 [ 400.357277] ? kstrdup_const+0x48/0x60 [ 400.361542] kstrdup+0x3a/0x70 [ 400.364745] kstrdup_const+0x48/0x60 [ 400.368471] alloc_vfsmnt+0xe5/0x7d0 [ 400.372198] vfs_kern_mount.part.0+0x2a/0x3d0 [ 400.376704] do_mount+0x417/0x27d0 [ 400.380241] ? copy_mount_options+0x5c/0x2f0 [ 400.384649] ? rcu_read_lock_sched_held+0x110/0x130 [ 400.389669] ? copy_mount_string+0x40/0x40 [ 400.390203] protocol 88fb is buggy, dev hsr_slave_0 [ 400.393922] ? copy_mount_options+0x1fe/0x2f0 [ 400.393936] SyS_mount+0xab/0x120 [ 400.393943] ? copy_mnt_ns+0x8c0/0x8c0 [ 400.393957] do_syscall_64+0x1e8/0x640 [ 400.393966] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.399022] protocol 88fb is buggy, dev hsr_slave_1 [ 400.403456] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.403463] RIP: 0033:0x45d08a [ 400.403468] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 400.403478] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 400.403483] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 400.403489] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 400.403496] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 14:33:37 executing program 1: getpeername$netlink(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0xa) [ 400.469664] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 400.477189] protocol 88fb is buggy, dev hsr_slave_0 [ 400.482306] protocol 88fb is buggy, dev hsr_slave_1 14:33:37 executing program 2 (fault-call:3 fault-nth:56): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 400.634584] FAULT_INJECTION: forcing a failure. [ 400.634584] name failslab, interval 1, probability 0, space 0, times 0 [ 400.670726] FAULT_INJECTION: forcing a failure. [ 400.670726] name failslab, interval 1, probability 0, space 0, times 0 [ 400.697844] CPU: 0 PID: 19881 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 400.704910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.714414] Call Trace: [ 400.717000] dump_stack+0x142/0x197 [ 400.720754] should_fail.cold+0x10f/0x159 [ 400.724901] should_failslab+0xdb/0x130 [ 400.728863] kmem_cache_alloc_trace+0x2e9/0x790 [ 400.733524] ? kasan_check_write+0x14/0x20 [ 400.737743] ? _copy_from_user+0x99/0x110 [ 400.741876] copy_mount_options+0x5c/0x2f0 [ 400.746097] SyS_mount+0x87/0x120 [ 400.749531] ? copy_mnt_ns+0x8c0/0x8c0 [ 400.753404] do_syscall_64+0x1e8/0x640 [ 400.757274] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.762106] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.767288] RIP: 0033:0x45d08a [ 400.770459] RSP: 002b:00007f875bac5a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 400.778165] RAX: ffffffffffffffda RBX: 00007f875bac5b40 RCX: 000000000045d08a [ 400.785418] RDX: 00007f875bac5ae0 RSI: 0000000020000100 RDI: 00007f875bac5b00 [ 400.792673] RBP: 0000000000000001 R08: 00007f875bac5b40 R09: 00007f875bac5ae0 [ 400.799939] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 400.807194] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 400.818674] CPU: 1 PID: 19888 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 400.825723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.835110] Call Trace: [ 400.837718] dump_stack+0x142/0x197 [ 400.841368] should_fail.cold+0x10f/0x159 [ 400.845533] should_failslab+0xdb/0x130 [ 400.849523] __kmalloc+0x2f0/0x7a0 [ 400.853072] ? find_held_lock+0x35/0x130 [ 400.857141] ? pcpu_alloc+0xcf0/0x1050 [ 400.861040] ? btrfs_mount+0x19a/0x2b28 [ 400.865027] btrfs_mount+0x19a/0x2b28 [ 400.868835] ? lock_downgrade+0x740/0x740 [ 400.872985] ? find_held_lock+0x35/0x130 [ 400.877050] ? pcpu_alloc+0x3af/0x1050 [ 400.880952] ? btrfs_remount+0x11f0/0x11f0 [ 400.885199] ? rcu_read_lock_sched_held+0x110/0x130 [ 400.890235] ? __lockdep_init_map+0x10c/0x570 [ 400.894836] ? __lockdep_init_map+0x10c/0x570 [ 400.899350] mount_fs+0x97/0x2a1 [ 400.902728] vfs_kern_mount.part.0+0x5e/0x3d0 [ 400.907230] do_mount+0x417/0x27d0 [ 400.910781] ? copy_mount_options+0x5c/0x2f0 [ 400.915194] ? rcu_read_lock_sched_held+0x110/0x130 [ 400.920214] ? copy_mount_string+0x40/0x40 [ 400.924459] ? copy_mount_options+0x1fe/0x2f0 [ 400.928962] SyS_mount+0xab/0x120 [ 400.932422] ? copy_mnt_ns+0x8c0/0x8c0 [ 400.936314] do_syscall_64+0x1e8/0x640 [ 400.940207] ? trace_hardirqs_off_thunk+0x1a/0x1c 14:33:37 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r1, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) r2 = syz_open_dev$dspn(&(0x7f0000000340)='/dev/dsp#\x00', 0x2, 0x0) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f00000003c0)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x28, r3, 0x0, 0x70bd26, 0x25dfdbfc, {}, [@SEG6_ATTR_DST={0x14, 0x1, @mcast2}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008080}, 0x80) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x900004}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x58, r3, 0x14, 0x70bd2c, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4c}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xd00}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x5}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x7ff}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x4]}, @SEG6_ATTR_DST={0x14, 0x1, @rand_addr="208d4781953d7709ecdcc042ff58c008"}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x24008080) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)={0x30, r5, 0x805, 0x0, 0x0, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x0, 0x1, 0x2a05}}}}, 0x30}}, 0x0) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x220000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r5, 0x200, 0x70bd25, 0x25dfdbfd, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800b}, 0x1) [ 400.945056] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.950227] RIP: 0033:0x45d08a [ 400.953403] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 400.961092] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 400.968347] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 400.975601] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 400.982853] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 400.990105] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:37 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:38 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:38 executing program 2 (fault-call:3 fault-nth:57): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:38 executing program 3 (fault-call:0 fault-nth:52): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:38 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) chroot(&(0x7f0000000080)='./file0\x00') r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0x200000, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) pwrite64(r4, &(0x7f0000000440)="9d73a03723e17d0f1cca20f938c478f98c2571d02300e82b268f3c77b16207a186a7e324e0c76d446d12e3d13b673b2f08800141527c18f36e540ae503228a4a3eb971ca6cf644c4238d5f079c18e1a504f33a692418257fb6b20a9b94442b5133ad5727510e73687d6771c2acf4d3f92c03fb5d2fc9d80e7efbdf5e", 0x7c, 0x5) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r6) syz_mount_image$nfs(&(0x7f0000000200)='nfs\x00', &(0x7f0000000240)='./file0\x00', 0x5, 0x2, &(0x7f00000003c0)=[{&(0x7f0000000340)="25c0debdaa17d3332ddfcd5317c899f896bc31745c4587ab10b118ecb79d9995414cc8c2d27bcc5c3de1698ba1c4d81f3a71987e2308ed72130df0c0e7f5d510eccaecaa4123c3bc23aa14", 0x4b, 0x3}, {&(0x7f0000000280)="ade5fd1222ae2713b6cb5a3aa05e21c9e3e2aa1637a164869c03", 0x1a, 0x20}], 0x2020000, &(0x7f0000000400)='btrfs\x00') ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r8, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @loopback}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x1f, &(0x7f0000000000)={r9, @in, 0xfffc}, 0x90) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r7, 0x84, 0x66, &(0x7f00000000c0)={r9, 0x5}, &(0x7f0000000140)=0x8) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f00000001c0)=r1) 14:33:38 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r5 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r5, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) shutdown(r1, 0x1) ioctl$KVM_RUN(r4, 0xae80, 0x0) r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x0, 0x0) ioctl$BINDER_SET_MAX_THREADS(r6, 0x40046205, &(0x7f0000000100)=0x55) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r4, 0xae80, 0x0) [ 401.568661] FAULT_INJECTION: forcing a failure. [ 401.568661] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 401.580547] CPU: 0 PID: 19926 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 401.587562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.596917] Call Trace: [ 401.599531] dump_stack+0x142/0x197 [ 401.603161] should_fail.cold+0x10f/0x159 [ 401.607323] __alloc_pages_nodemask+0x1d6/0x7a0 [ 401.611991] ? fs_reclaim_acquire+0x20/0x20 [ 401.616312] ? __alloc_pages_slowpath+0x2930/0x2930 [ 401.621347] cache_grow_begin+0x80/0x400 [ 401.625408] kmem_cache_alloc+0x6a6/0x780 [ 401.629547] ? __schedule+0x7c0/0x1cd0 [ 401.633510] ? cache_grow_end.part.0+0x92/0x160 [ 401.638175] getname_flags+0xcb/0x580 [ 401.641971] ? trace_hardirqs_on_caller+0x400/0x590 [ 401.646988] user_path_at_empty+0x2f/0x50 [ 401.651136] do_mount+0x12b/0x27d0 [ 401.654770] ? copy_mount_string+0x40/0x40 [ 401.658999] ? copy_mount_options+0x151/0x2f0 [ 401.663493] ? __sanitizer_cov_trace_pc+0x4e/0x60 [ 401.668342] ? copy_mount_options+0x1fe/0x2f0 [ 401.672834] SyS_mount+0xab/0x120 [ 401.676279] ? copy_mnt_ns+0x8c0/0x8c0 [ 401.680165] do_syscall_64+0x1e8/0x640 [ 401.684047] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.688890] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 401.694075] RIP: 0033:0x45d08a [ 401.697256] RSP: 002b:00007f875bac5a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 401.706010] RAX: ffffffffffffffda RBX: 00007f875bac5b40 RCX: 000000000045d08a [ 401.713460] RDX: 00007f875bac5ae0 RSI: 0000000020000100 RDI: 00007f875bac5b00 [ 401.720719] RBP: 0000000000000001 R08: 00007f875bac5b40 R09: 00007f875bac5ae0 [ 401.727985] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 401.735246] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 401.745972] FAULT_INJECTION: forcing a failure. [ 401.745972] name failslab, interval 1, probability 0, space 0, times 0 [ 401.771486] CPU: 1 PID: 19927 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 401.778567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.787928] Call Trace: [ 401.790677] dump_stack+0x142/0x197 [ 401.794329] should_fail.cold+0x10f/0x159 [ 401.798506] should_failslab+0xdb/0x130 [ 401.802505] __kmalloc+0x2f0/0x7a0 [ 401.806046] ? find_held_lock+0x35/0x130 [ 401.810118] ? pcpu_alloc+0xcf0/0x1050 [ 401.814008] ? btrfs_mount+0x19a/0x2b28 [ 401.817984] btrfs_mount+0x19a/0x2b28 [ 401.821785] ? lock_downgrade+0x740/0x740 [ 401.825932] ? find_held_lock+0x35/0x130 [ 401.829993] ? pcpu_alloc+0x3af/0x1050 [ 401.833884] ? btrfs_remount+0x11f0/0x11f0 [ 401.838131] ? rcu_read_lock_sched_held+0x110/0x130 [ 401.843163] ? __lockdep_init_map+0x10c/0x570 [ 401.847661] ? __lockdep_init_map+0x10c/0x570 [ 401.852165] mount_fs+0x97/0x2a1 [ 401.855541] vfs_kern_mount.part.0+0x5e/0x3d0 [ 401.860039] do_mount+0x417/0x27d0 [ 401.863575] ? copy_mount_options+0x5c/0x2f0 [ 401.867979] ? rcu_read_lock_sched_held+0x110/0x130 [ 401.873007] ? copy_mount_string+0x40/0x40 [ 401.877249] ? copy_mount_options+0x1fe/0x2f0 [ 401.881784] SyS_mount+0xab/0x120 [ 401.885231] ? copy_mnt_ns+0x8c0/0x8c0 [ 401.889123] do_syscall_64+0x1e8/0x640 [ 401.893008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.897856] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 401.903041] RIP: 0033:0x45d08a [ 401.906240] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 401.913959] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a 14:33:38 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 401.921224] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 401.921232] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 401.921237] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 401.921242] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:38 executing program 1: r0 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0) write$selinux_user(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="7379733d616d4f75375a628101208b623f18ea6563745f723a696e6574645f706f675f743a73b621"], 0x28) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:38 executing program 2 (fault-call:3 fault-nth:58): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:38 executing program 3 (fault-call:0 fault-nth:53): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 402.126419] FAULT_INJECTION: forcing a failure. [ 402.126419] name failslab, interval 1, probability 0, space 0, times 0 [ 402.139046] CPU: 1 PID: 19951 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 402.146093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.155452] Call Trace: [ 402.158064] dump_stack+0x142/0x197 [ 402.161712] should_fail.cold+0x10f/0x159 [ 402.165868] should_failslab+0xdb/0x130 [ 402.165883] kmem_cache_alloc+0x2d7/0x780 [ 402.174002] ? check_preemption_disabled+0x3c/0x250 [ 402.174018] alloc_vfsmnt+0x28/0x7d0 [ 402.174030] vfs_kern_mount.part.0+0x2a/0x3d0 [ 402.174041] ? find_held_lock+0x35/0x130 [ 402.174058] vfs_kern_mount+0x40/0x60 [ 402.174072] btrfs_mount+0x3ce/0x2b28 [ 402.174081] ? lock_downgrade+0x740/0x740 [ 402.174089] ? find_held_lock+0x35/0x130 [ 402.174100] ? pcpu_alloc+0x3af/0x1050 [ 402.174114] ? btrfs_remount+0x11f0/0x11f0 [ 402.174128] ? rcu_read_lock_sched_held+0x110/0x130 [ 402.174146] ? __lockdep_init_map+0x10c/0x570 [ 402.184913] FAULT_INJECTION: forcing a failure. [ 402.184913] name failslab, interval 1, probability 0, space 0, times 0 [ 402.187366] ? __lockdep_init_map+0x10c/0x570 [ 402.187387] mount_fs+0x97/0x2a1 [ 402.195230] vfs_kern_mount.part.0+0x5e/0x3d0 [ 402.195243] do_mount+0x417/0x27d0 [ 402.203166] ? copy_mount_options+0x5c/0x2f0 [ 402.203177] ? rcu_read_lock_sched_held+0x110/0x130 [ 402.203187] ? copy_mount_string+0x40/0x40 [ 402.203198] ? copy_mount_options+0x1fe/0x2f0 [ 402.203210] SyS_mount+0xab/0x120 [ 402.203217] ? copy_mnt_ns+0x8c0/0x8c0 [ 402.203229] do_syscall_64+0x1e8/0x640 [ 402.203237] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.203253] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.203261] RIP: 0033:0x45d08a [ 402.203267] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 402.203277] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 402.203282] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 402.203290] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 402.323687] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 402.330944] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 402.338416] CPU: 0 PID: 19956 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 402.345440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.354820] Call Trace: [ 402.357418] dump_stack+0x142/0x197 [ 402.361055] should_fail.cold+0x10f/0x159 [ 402.365205] should_failslab+0xdb/0x130 [ 402.369186] kmem_cache_alloc+0x2d7/0x780 [ 402.373340] ? lock_downgrade+0x740/0x740 [ 402.377493] alloc_vfsmnt+0x28/0x7d0 [ 402.381213] vfs_kern_mount.part.0+0x2a/0x3d0 [ 402.385714] do_mount+0x417/0x27d0 [ 402.389600] ? copy_mount_options+0x5c/0x2f0 [ 402.394011] ? rcu_read_lock_sched_held+0x110/0x130 [ 402.399032] ? copy_mount_string+0x40/0x40 [ 402.403270] ? copy_mount_options+0x1fe/0x2f0 [ 402.407773] SyS_mount+0xab/0x120 [ 402.411313] ? copy_mnt_ns+0x8c0/0x8c0 [ 402.415208] do_syscall_64+0x1e8/0x640 [ 402.419097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.424123] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.429312] RIP: 0033:0x45d08a [ 402.432496] RSP: 002b:00007f875bac5a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 402.440210] RAX: ffffffffffffffda RBX: 00007f875bac5b40 RCX: 000000000045d08a [ 402.447484] RDX: 00007f875bac5ae0 RSI: 0000000020000100 RDI: 00007f875bac5b00 [ 402.454757] RBP: 0000000000000001 R08: 00007f875bac5b40 R09: 00007f875bac5ae0 [ 402.462032] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 402.469295] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 14:33:39 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:39 executing program 3 (fault-call:0 fault-nth:54): syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:39 executing program 2 (fault-call:3 fault-nth:59): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:39 executing program 1: syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000080)='./file0\x00', 0x2000000000022ea, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x10, 0x0) 14:33:39 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$sndctrl(&(0x7f0000000240)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000280)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x4, 0x23b, 0x8, 0x0, 0x0, 0x0, 'syz0\x00', 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000180)={{0x9, 0x0, 0x3ff, 0x80, 'syz1\x00', 0x101}, 0x3, 0x200, 0x1, r0, 0x4, 0x9, 'syz0\x00', &(0x7f0000000100)=['\\}usertrusted\x00', '^-}:\x00', '\xbf-\xf8self*_/\x00', '#lo^md5sum+\x00'], 0x2a, [], [0x3f, 0x9, 0x2, 0x472b]}) [ 402.711632] FAULT_INJECTION: forcing a failure. [ 402.711632] name failslab, interval 1, probability 0, space 0, times 0 [ 402.729007] FAULT_INJECTION: forcing a failure. [ 402.729007] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 402.734668] CPU: 1 PID: 19978 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 402.747863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.757214] Call Trace: [ 402.759800] dump_stack+0x142/0x197 [ 402.763415] should_fail.cold+0x10f/0x159 [ 402.767550] should_failslab+0xdb/0x130 [ 402.771508] __kmalloc_track_caller+0x2ec/0x790 [ 402.776163] ? kstrdup_const+0x48/0x60 [ 402.780033] kstrdup+0x3a/0x70 [ 402.783214] kstrdup_const+0x48/0x60 [ 402.786911] alloc_vfsmnt+0xe5/0x7d0 [ 402.790608] vfs_kern_mount.part.0+0x2a/0x3d0 [ 402.795085] ? find_held_lock+0x35/0x130 [ 402.799134] vfs_kern_mount+0x40/0x60 [ 402.802920] btrfs_mount+0x3ce/0x2b28 [ 402.806703] ? lock_downgrade+0x740/0x740 [ 402.810839] ? find_held_lock+0x35/0x130 [ 402.814882] ? pcpu_alloc+0x3af/0x1050 [ 402.818756] ? btrfs_remount+0x11f0/0x11f0 [ 402.822977] ? rcu_read_lock_sched_held+0x110/0x130 [ 402.827987] ? __lockdep_init_map+0x10c/0x570 [ 402.832481] ? __lockdep_init_map+0x10c/0x570 [ 402.836980] mount_fs+0x97/0x2a1 [ 402.840459] vfs_kern_mount.part.0+0x5e/0x3d0 [ 402.844953] do_mount+0x417/0x27d0 [ 402.848510] ? retint_kernel+0x2d/0x2d [ 402.852413] ? copy_mount_string+0x40/0x40 [ 402.856641] ? copy_mount_options+0x199/0x2f0 [ 402.861128] ? copy_mount_options+0x1fe/0x2f0 [ 402.865619] SyS_mount+0xab/0x120 [ 402.869060] ? copy_mnt_ns+0x8c0/0x8c0 [ 402.872941] do_syscall_64+0x1e8/0x640 [ 402.876816] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.881651] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.886822] RIP: 0033:0x45d08a [ 402.889992] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 402.897687] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 402.904944] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 402.912206] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 402.919476] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 402.926735] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 402.934023] CPU: 0 PID: 19980 Comm: syz-executor.3 Not tainted 4.14.154 #0 [ 402.941050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.950499] Call Trace: [ 402.953097] dump_stack+0x142/0x197 [ 402.956736] should_fail.cold+0x10f/0x159 [ 402.960891] __alloc_pages_nodemask+0x1d6/0x7a0 [ 402.965561] ? fs_reclaim_acquire+0x20/0x20 [ 402.969907] ? __alloc_pages_slowpath+0x2930/0x2930 [ 402.974935] cache_grow_begin+0x80/0x400 [ 402.978998] kmem_cache_alloc+0x6a6/0x780 [ 402.983141] ? cache_grow_end.part.0+0x92/0x160 [ 402.987816] getname_flags+0xcb/0x580 [ 402.991617] ? lock_downgrade+0x740/0x740 [ 402.995763] user_path_at_empty+0x2f/0x50 [ 402.999914] do_mount+0x12b/0x27d0 [ 403.003452] ? copy_mount_options+0x5c/0x2f0 [ 403.007874] ? rcu_read_lock_sched_held+0x110/0x130 [ 403.013072] ? copy_mount_string+0x40/0x40 [ 403.017312] ? copy_mount_options+0x1fe/0x2f0 [ 403.021809] SyS_mount+0xab/0x120 [ 403.025261] ? copy_mnt_ns+0x8c0/0x8c0 [ 403.029156] do_syscall_64+0x1e8/0x640 [ 403.033039] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.037890] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.043079] RIP: 0033:0x45d08a [ 403.046266] RSP: 002b:00007f875bac5a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 403.053974] RAX: ffffffffffffffda RBX: 00007f875bac5b40 RCX: 000000000045d08a 14:33:39 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:40 executing program 2 (fault-call:3 fault-nth:60): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 403.053980] RDX: 00007f875bac5ae0 RSI: 0000000020000100 RDI: 00007f875bac5b00 [ 403.053985] RBP: 0000000000000001 R08: 00007f875bac5b40 R09: 00007f875bac5ae0 [ 403.053990] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 403.053994] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000003 [ 403.214984] FAULT_INJECTION: forcing a failure. [ 403.214984] name failslab, interval 1, probability 0, space 0, times 0 [ 403.249983] CPU: 0 PID: 19997 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 403.257041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.266414] Call Trace: [ 403.269017] dump_stack+0x142/0x197 [ 403.272654] should_fail.cold+0x10f/0x159 [ 403.276803] should_failslab+0xdb/0x130 [ 403.280779] __kmalloc_track_caller+0x2ec/0x790 [ 403.285448] ? unwind_get_return_address+0x61/0xa0 [ 403.290393] ? __save_stack_trace+0x7b/0xd0 [ 403.294709] ? btrfs_parse_early_options+0xa3/0x310 [ 403.299721] kstrdup+0x3a/0x70 [ 403.302906] btrfs_parse_early_options+0xa3/0x310 [ 403.307748] ? save_trace+0x290/0x290 [ 403.311542] ? btrfs_freeze+0xc0/0xc0 [ 403.315332] ? find_next_bit+0x28/0x30 [ 403.319217] ? pcpu_alloc+0xcf0/0x1050 [ 403.323103] ? find_held_lock+0x35/0x130 [ 403.327160] ? pcpu_alloc+0xcf0/0x1050 [ 403.331049] btrfs_mount+0x11d/0x2b28 [ 403.334845] ? lock_downgrade+0x740/0x740 [ 403.339072] ? find_held_lock+0x35/0x130 [ 403.343126] ? pcpu_alloc+0x3af/0x1050 [ 403.347013] ? _find_next_bit+0xee/0x120 [ 403.351075] ? check_preemption_disabled+0x3c/0x250 [ 403.356098] ? btrfs_remount+0x11f0/0x11f0 [ 403.360332] ? rcu_read_lock_sched_held+0x110/0x130 [ 403.365355] ? __lockdep_init_map+0x10c/0x570 [ 403.369850] ? __lockdep_init_map+0x10c/0x570 [ 403.374343] mount_fs+0x97/0x2a1 [ 403.377707] vfs_kern_mount.part.0+0x5e/0x3d0 [ 403.382198] ? find_held_lock+0x35/0x130 [ 403.386260] vfs_kern_mount+0x40/0x60 [ 403.390067] btrfs_mount+0x3ce/0x2b28 [ 403.393962] ? lock_downgrade+0x740/0x740 [ 403.398102] ? find_held_lock+0x35/0x130 [ 403.402155] ? pcpu_alloc+0x3af/0x1050 [ 403.406046] ? btrfs_remount+0x11f0/0x11f0 [ 403.410283] ? rcu_read_lock_sched_held+0x110/0x130 [ 403.415304] ? __lockdep_init_map+0x10c/0x570 [ 403.419797] ? __lockdep_init_map+0x10c/0x570 [ 403.424291] mount_fs+0x97/0x2a1 [ 403.427676] vfs_kern_mount.part.0+0x5e/0x3d0 [ 403.433224] do_mount+0x417/0x27d0 [ 403.436794] ? copy_mount_options+0x5c/0x2f0 [ 403.441202] ? rcu_read_lock_sched_held+0x110/0x130 [ 403.446217] ? copy_mount_string+0x40/0x40 [ 403.450464] ? copy_mount_options+0x1fe/0x2f0 [ 403.454967] SyS_mount+0xab/0x120 [ 403.458409] ? copy_mnt_ns+0x8c0/0x8c0 [ 403.462289] do_syscall_64+0x1e8/0x640 [ 403.466170] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.471020] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.476224] RIP: 0033:0x45d08a [ 403.479407] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 403.487109] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 403.494374] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 403.501638] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 403.508900] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 403.516163] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:40 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff60ea3299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f424852c3535f4d", 0x48, 0x10000}], 0x2001, 0x0) 14:33:40 executing program 2 (fault-call:3 fault-nth:61): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:40 executing program 3: openat$userio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/userio\x00', 0x0, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='htrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x6, &(0x7f0000001400)=[{&(0x7f0000000080)="cf5eb961828d9ae40baa9870289d0c88c8fdcf6c7970350b91d1125d89ea5ec8ea6ef86c5f1acc2b8ef87007bd680218f4284542b93f2ae6df33a89de6a3d06014cb25a08900f94809cfae2ddc", 0x4d, 0x1000}, {&(0x7f0000000140)="9dce498b24ca288bb5ad55987d4f84086cd4aa714f18376079857f544d9e12816b7a2ac39be3a43483f9d39fc448998caa852fd3c7c2a952744e4683412819bc70a7f49975e2442e949b6eb67b60a5790118cf2b564d00110531cdb23213af05ad616184aaef32026609f384990535196881748a36b3e2e35a253e9f3ed982aea89ecd8d4112bf3dda587629ad", 0x8d, 0x2bc}, {&(0x7f0000000200)="5c28262a3f5007229a85ed7eab08b09a6bfd8d8b99607c3b46be1f44f0305205f8120bd0eacafdca82e464efcf5083671c23", 0x32, 0x7}, {&(0x7f0000000340)="b18c75eee066db5dd7ec677310723e2441453f7b124ed017220cf0b758c7a75df9263573a93fd8a9dc013dfc4bd1512fa6fec3c8e28af54472f908a7044e31732f9cc3bb6874235aa70b09489630984d969e4f50ff8731bf70a82682d289b15ce4b282fd658c464bc17905c2430f33ad985eed7caa3654e6effe2501ab8f168850d56b937306611d377d6ca9e6c5e2c71e09679666de54d6aed0c82d61b66c84501769cb2b45b06dee4fbb46ca19d4c2", 0xb0, 0x400}, {&(0x7f0000000240)="f774742c267ff8fe8e3b", 0xa, 0x2}, {&(0x7f0000000400)="298ca86fe0498a0d741223e84e4786c6242a5994ed92795eb93f7c88f36e1d3eadc9be79cdfe2256c45bb870fdd4196c844b878e710d546e42f215e7dcf1eb539fa98129a6301f35c0bd615e40abaeec6bb3585f72b8cc3e0f7c11f0f7048c2700f5c6d5083558576ef7b69d56a8a2164f0d5a0433d3bd40e2ce727afb1ee17f82d0a5d4bbabe364a8558d7bd2ad4405d3f4b78f9cf86862cade496f8fee2872c11aab17cb6a9c0f9962300e292cef91d9198d69b0bcae91a6f74b596330cce5c63e56e81db3569a60905d9b9117cb8c16eaf96bcd4f9cc97bb7af9e3ecd5c2e2516cb7438d7fe7bda05afcf7a3367c2ee7f8e63a57e4741d794aca9dc0de4507bb69c46e3efa0f228b1fa371308209e64a4ed4ee8e1625a39ca5f24f954795478573e089a9bf4dbe3632faf8b597810c246cff492367f96e0fa0e9a5358f9570cc2250a3d19ac21fc8304d424b74a627d4d7401df578388cb1ec693ba68d1d82cbbbb7af9f7a64aea182cac5bf49117c06172011bc7559c489f49bb9569b47200190a25871838ac103352d9961f1d3c6d46d5d4846c37585389bb68d8aa99ac79e367f5b3dd3da7dedc2d1987b1fb18291ae25275c491d18243a109b7052e2d8e24ebdf9956bb71598982419dd629d48cca8d875b4c501a55c90581f63922d4d5ad1a91b864edeb197b3fe05eaf7682b1f79f7cd01c8a81794091f51a3cac6c84328fc1113edc34be81ca0090cc0c09512646b2ce33c50b859bb75c544b858c474a6ad01607ebcaf19fa8b3faa8244281da0daa8ceab25da70ea8df1c79a934568c5fa3b6a43a4b80e185a72f5d506ecc39e9a5033ba8e839ef687858546573ee26bc544b6a64f79aef0615db412ef6038550a80d73565f8967a1201b79333fe17fda40ff3e1e19f7000f4790aed638be88a87c32dc877a9e251a2fcb8272bde5ee6f7b04a4a1f715b4e7fc148697055fd142d9ae7f1c4d24f0cc241e13d8fc0defefea88cd1c00c939e0f7b25a1b7e3ae9291fb256969d40cc037e5f7f56aba5319f48333fb1f96fe244d72f3a3ff6c98d3cb68a20c6b8ca63eacecf8621389d5c0e6ae76c2b24e3aa4fba220acd8686129b3f7ebfcf832c0ada2e315cb1d248a70e636624ce269be337497320d89b7741b5381fb2d06781a03ee78157d74a584c4e46828b668d6256de2312833b97b4e5f00522fde611df2c8b61b414adcb24697fcc95a32dd19934277b8079f2ca18dc74a536adc49dc2fa1400695495a74e428dea44014f39c2b8162c79948af586b1746c767fd4fe14069a629f8906e2fbe492e595defe83fda3fa3fe615e4ef0a59f04fd2882d6c15dc47a264e55fc3c11a4c3cd055ca0765509c2819af2b995d80f10bb2dd69659f12f4756166cd1c98450eb138eb03a7d192a69a9d7dbbc3f27a0524b46a9804822b4b1d82c9e7b8da3082f094c7c8a595f77c7280ca9e4b527fae832f783eae6784b306bf51375cab71f135953930290cae4b78045b313e9cd52f6aafb63f23f0a0652d8396f4ad4892d36e9c0d9eeae2c1819c96f8d98841f7c91e620c0de0cef34cf85fbff0bfc943a70143ff32a492aa2d1b2ec11efff16a1c4d005aaeb36d51907cc706063a1582ad8bad2178b63d6aae0fa98e9617815ced1ad5f65ef6486b9833a523c8e182e5552a11b0cb55df99adcac0eff8d31ce58995213ec73773661b53934c88d315c7ae3cb93780c85c1cf122e493dc634811c359b027b4536e0670b8a14cef0c1937c0f149d0f76165af5a8424379f8ba441c1418ebf65a2ccecc1711d103aa0b261f50ac95562adb96a275fa319ce468a1d0a3170b014ec95611c9a8559c6ac3b426a36514c7807e7487c6661dbcf7245d591a48b2cd770f5102cabf75a07d66f3c1d62a960afae0634789468c28cbe3a85485d8f63c6684dcc905022b83176e45062b08b8e30f18a1dae6e032d4676d1658326c113835fae6dd85f78e09366a700ce8272ce814a97a49a049c9fa17d7bcbbbcc3d7e88f9577b52306680d8ef63cfa26fa63b84c14d268eaab7e1ba7dc672eb7728f7c1ab826bfb62df6eba1c3c9bb11e384e10606c9be29ccc8516a0b08a6ce4ea7ed542c3701c5b777a3b2aa5d6fb075aff60770c8533ea4c2b4275bd8da436711ecf0b670011f90e2b1a9b70362757208c436345c72ba88602ff44faa2b1c892f6c2778a000c8c4503dc9060d759db863ab77a3d328a354ab0f3232c2d4e1c14bbb1181adcbeddcc2ef768b75387c98f8fd3a9039babc928b21ef9517560d2cd416532da5152fa5d4f7b66eebd76dd2558085b5fca3e101bc10484f693d49229ca3d98763e246dc03a89f1e7c29a1960f13c900dfae5dcbaa91e303cd76b7d39b1f271ebfcd21e9a914cea0f4f3957dadb686bbbd818e8293f0919e62cee057bb31b52b4991fed6aa7a084c16e742f775b9c5455af862923fd6dac8759e9b279e7027db1fc18a9a2d2bf2b235d151906623413ad727fc6e90e91bc8692f1d0fdb9f6a9e3a4b8d90d150cc45b13b8b5e63c74aea514cad2e906ff3680f9cc4896e7c4b7c9611abef50ed5150ba8df6aff12bf1e947c23f120216625a223300a023b8e2681aeeb2b8239bd0c5bec1e97ed0b1c16c77460e2156cb99ca979951589f531a095c50cc9d96353d05b478029282fef1e9c01b1f6142b960683f8efe68d39459ebd7c64c46ae16d3fc660ca25dea2d225e0f2a4854990accec779672645376231a13aa5dd37c1808e6c5a3a14dee960f8a664903be0264f877058adc9bba044b6374c293aa15ab6ee6a49dd7a93aca4a5706208221bb01d72e944943542fbba4bc22d0ffe0ab66414ac56db5b80fa3299214c00b548434f3bf6de2a53988f5c8b8fffa2e546c2fdf58c2802970c827a43cf714f6fbac892d337468ae0ada8e7f619a077aa40a4233bd132180497a6473053acfde6440baf86a0788dc9e8d554828fb0d79b6b5b4c0cfb9e2b8b0963b29aabb4983757c4ae7b99ff2390b6bc178416d96e6f0e2f082ad2d0d0b5a1cc587767c06e93cbd9a84d730c0f1220eaa77a1fa98ef6f9f0bcf7ddddd3762145b382d147b1af755d059a6c147ddee08fbaec019ed071b341f864224e42f6b519e165cd4d04ce8f56bbd204cc2c0756431b3a4af85fed8b5c8d3e45e635d221c3fba480765c45fba5deac813edb0644d1441be494d0c85ca4a20535845ef4277f8bc845a70ac9a828e7a0ec17d4150c726c1e96f46a9b46952e5f8b3035042f00fa1864a7e8cc2550dce4217b2e7d4b28d42fddee5fb9175b4c5441ab76023c49fc3da6a0ca9aa7ad50ab94bbe492ec9923f92c6b559fb90437d2e3b592932c1ce801f40e77c1a9fd18d39eec6e2944ff0c953e638da64d6389098e51b40acc2a6bbc99e1ab58750d6588249f19679c658422d8817f63a2a1efb4f653760f25df093bf6439aae1860155e1b0de7d6b1af6b3430bc7233e9326a61878bac6aeafda682616281e5dd6ddda1ddb763cbebe6b9762bd916de31e327161984f554364662b83bfbee73192162103635cdc30b6662b820e53bc72669e5a50d4c64b9a817f6240d88191a590973697e9caaa32c89b12c03ea85418b29b753fa262cb2ff6c6b1282262f4bc1961d9fb738f9f1a573b732648de18927dc3e462dfff5c12af0ce4491e5107a6a34cd3699d5e1b9fdf794be6ab59fd4510bc2fd017016658d1e3345452d209de3083f2eb00d082a2288a7770197f4be83a6f2a4fca0847babbe43db078dd3476fe037c050193262b2b421855c108bebfc994937bb3ca3b00de495d7ced568c46f51278f2c841c5fe4796298eccede0509656c11fc4698f139644917e8c9f4c9f897ae0360aa1b63260181bd5bd0d18f15e597b072ad6d0498445d2037996ce1b8d9319a222896163edec08161c9f2e864d6183fee0aabee08bfe833ffd294b0242c0451ba8a2a44496304f7c3def9cd5b516d95b7c1925fbd0def7e7907b9149846fcbb20262d83f61ba6b50ae214baa74fd46385ed0a1ab4a11837a8c1d2dd2f0589c08409053a936e0bb2d962ae6d1f0d3a02bbf7c9083888c0da66747e48fc38acae14d58623d8f93dc93ab0c867331168ca5ee612372b1da00c1ee9641a0e5f8b14202a1ed0a480ed20c96747eaa2bb34786cc61c6fabaff1c72526ab33994c44def29fcf904a31ddc242247521c8a7230b44bf17487bcc7b57a66390880221380bfe6b6fdcf145fa887a7670412d82a13d5515b4e88e91bd1b9f0728479d7b6ebb4f8b150a6a1c6635a2b7fd0e83a78e27ed9937bbf54819b7c4fb770a487a34344dd5e15d9e74f319f072067de38f8d8bdd67f41542f0e5655a44c4d73a39f34a4d1b8c7e4676841b588fe6eaf7bf5c153f167b64c958d3e2b1f9562edc095f0b9853b01680175a381ce388f94714ab960ce8c2ae518993193af27c07779276b89e659bf592eab5c3c5ebb60a72b38ba6d54187858f430cc0f069fb8afd50b01f0357d7b7abe24f049900738bf64ca6b81316ec49c172c57f06dae2b11f70f2cd4d4d801966406d5c7dc5fbfc3f5c49454f09055cae7d7723f063c1582a08d5d4194dea3ad123437cee9b21142ff5c634ac82e71a9b342102154ebddf216442f2568877679caf161a2b2bf224e0e6b32af8f33b22ee00f3340b0a7b6c60ab36bbab0af91c3557e00586a3018170b58b307ae6c71ac1e88bdce3e43cfe159193ee36f9ca1a16c4ad41362bd3d9bdd1e965f8ba2024c2a497bbb4c4719ec4295a7f3ed62cba428ada34aca3e1ba04f5494e164341b9d5694b5a0ab194ad264b666620372d0c11558156f734c0d859e4272e7931c5580282682fcb7e004e506e6faccd02c47ea036f916a20424a2d9d1b3360c0d718c58c31af8c56cdda2917f0d2ac118507fb8cc259ee2b54802be5972adc51655b8a2261ad4d0fc0df834eb0b5e1ad52cdd55ec46b1d3b8caf56a92d233ba2b851557722f626653b52f74ba09e65ecb538b9b8855eb6a5d38609a55ddafb973f722168e763c41d75e8c7124c5a5cac7838554ccc33658812c441384b67b7ac35375e8b1ae8768172b04a2a8c0899ceac3b860bc70065253256a80b7cfe803ebe158acd3df4d485e7271542c8d39f00dc48a4128da3973b2d3f54552514819769121025b429e2f24ae2a3538299723f7a1df2dc9833bcc102e773cb4d643cd154c6ffcf7bbdb9abb0bfa114c2f754906af0ccf869dc0bfb169f80dac84aec248678dd77419aa10f93201ac39dc4b89bd24f2a4b2fc36db4e6624b63c161a1384c7a2094be65f915ebdbf9435121113600ce8a258eae0bf87067facc092e09fa25bbc2061ac361bce43c7451bb2d58a92e330f8a776c962d9deac7c1a721cfc4a1414fd60085cc54c0e58d08d232afc398c5e6383eaf4013cd39de8bb6a14afcf233203cbf0b3991ad9564ce858cfc965fe25982c2d9d228a2b5af969dc6c0c83055eed81be8655103247cfc3aa25717a527e08c3ee0b783b8353580756852c2c30b38b345de544ef1e34a07c0dfc521292c779e261c84231a51edfc069a47dea1262c8b9a56620090f4409cfa20c3d97306334aa38f1076e95c9ccfbb1272f6a2b72b066425285304f2d21672cc284ee03a918b1a8c54ef2b436f6f587f28fcb76f95cef0d06e86ffb8c701ca237524191d9f88aa2de94513717a4bc648c43d9b90e6a0b87b55ec0d556ee1b6c60e36421fcf319784f3b3f711c99f852bfe3fc1f3bf4129f3c363f7c6f2c8a4534354dc9cce122ffea120e4fcdb1433be9", 0x1000, 0x3}], 0x0, 0x0) 14:33:40 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 403.693437] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present 14:33:40 executing program 1: r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x4080, 0x0) ioctl$BLKROTATIONAL(r0, 0x127e, &(0x7f00000000c0)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) mkdirat$cgroup(r0, &(0x7f0000000140)='syz0\x00', 0x1ff) [ 403.828966] FAULT_INJECTION: forcing a failure. [ 403.828966] name failslab, interval 1, probability 0, space 0, times 0 [ 403.847428] CPU: 1 PID: 20027 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 403.854479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.863839] Call Trace: [ 403.866438] dump_stack+0x142/0x197 [ 403.870079] should_fail.cold+0x10f/0x159 [ 403.874248] should_failslab+0xdb/0x130 [ 403.879796] __kmalloc_track_caller+0x2ec/0x790 [ 403.884475] ? kstrdup_const+0x48/0x60 [ 403.888370] kstrdup+0x3a/0x70 [ 403.891571] kstrdup_const+0x48/0x60 [ 403.895311] alloc_vfsmnt+0xe5/0x7d0 [ 403.899041] vfs_kern_mount.part.0+0x2a/0x3d0 [ 403.903543] ? find_held_lock+0x35/0x130 [ 403.907611] vfs_kern_mount+0x40/0x60 [ 403.911430] btrfs_mount+0x3ce/0x2b28 [ 403.915239] ? lock_downgrade+0x740/0x740 [ 403.920608] ? find_held_lock+0x35/0x130 [ 403.924674] ? pcpu_alloc+0x3af/0x1050 [ 403.928572] ? btrfs_remount+0x11f0/0x11f0 [ 403.932817] ? rcu_read_lock_sched_held+0x110/0x130 [ 403.937853] ? __lockdep_init_map+0x10c/0x570 [ 403.942348] ? __lockdep_init_map+0x10c/0x570 [ 403.946850] mount_fs+0x97/0x2a1 [ 403.950222] vfs_kern_mount.part.0+0x5e/0x3d0 [ 403.954722] do_mount+0x417/0x27d0 [ 403.958274] ? copy_mount_options+0x5c/0x2f0 [ 403.958739] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present [ 403.962682] ? rcu_read_lock_sched_held+0x110/0x130 [ 403.962696] ? copy_mount_string+0x40/0x40 [ 403.962710] ? copy_mount_options+0x1fe/0x2f0 [ 403.962722] SyS_mount+0xab/0x120 [ 403.962730] ? copy_mnt_ns+0x8c0/0x8c0 [ 403.962743] do_syscall_64+0x1e8/0x640 [ 403.962752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.962766] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.962774] RIP: 0033:0x45d08a [ 403.962779] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 403.962788] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 403.962792] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 14:33:40 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x400, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xffffff28}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) modify_ldt$read(0x0, &(0x7f0000000180)=""/251, 0xfb) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 403.962797] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 403.962802] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 403.962811] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:41 executing program 2 (fault-call:3 fault-nth:62): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:41 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000040), 0x108002, 0x0) lsetxattr$security_evm(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='security.evm\x00', &(0x7f00000000c0)=@ng={0x4, 0x9, "e2d6c7f4771dad204db0"}, 0xc, 0x1) [ 404.222302] FAULT_INJECTION: forcing a failure. [ 404.222302] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 404.258151] CPU: 1 PID: 20054 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 404.265741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.275248] Call Trace: [ 404.277838] dump_stack+0x142/0x197 [ 404.281467] should_fail.cold+0x10f/0x159 [ 404.285608] ? __might_sleep+0x93/0xb0 [ 404.289488] __alloc_pages_nodemask+0x1d6/0x7a0 [ 404.294146] ? check_preemption_disabled+0x3c/0x250 [ 404.299580] ? __alloc_pages_slowpath+0x2930/0x2930 [ 404.304584] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 404.310029] ? __alloc_pages_nodemask+0x639/0x7a0 [ 404.314865] alloc_pages_current+0xec/0x1e0 [ 404.319172] ? btrfs_parse_early_options+0x1a2/0x310 [ 404.324265] __get_free_pages+0xf/0x40 [ 404.328133] get_zeroed_page+0x11/0x20 [ 404.332004] selinux_sb_copy_data+0x2a/0x390 [ 404.336401] security_sb_copy_data+0x75/0xb0 [ 404.340794] parse_security_options+0x37/0xa0 [ 404.345274] btrfs_mount+0x2bb/0x2b28 [ 404.349060] ? lock_downgrade+0x740/0x740 [ 404.353191] ? find_held_lock+0x35/0x130 [ 404.357236] ? pcpu_alloc+0x3af/0x1050 [ 404.361112] ? btrfs_remount+0x11f0/0x11f0 [ 404.365342] ? rcu_read_lock_sched_held+0x110/0x130 [ 404.370349] ? __lockdep_init_map+0x10c/0x570 [ 404.374830] mount_fs+0x97/0x2a1 [ 404.378204] vfs_kern_mount.part.0+0x5e/0x3d0 [ 404.382709] ? find_held_lock+0x35/0x130 [ 404.386944] vfs_kern_mount+0x40/0x60 [ 404.390753] btrfs_mount+0x3ce/0x2b28 [ 404.394547] ? lock_downgrade+0x740/0x740 [ 404.398682] ? find_held_lock+0x35/0x130 [ 404.402730] ? pcpu_alloc+0x3af/0x1050 [ 404.406611] ? btrfs_remount+0x11f0/0x11f0 [ 404.410845] ? rcu_read_lock_sched_held+0x110/0x130 [ 404.415884] ? __lockdep_init_map+0x10c/0x570 [ 404.420367] ? __lockdep_init_map+0x10c/0x570 [ 404.424868] mount_fs+0x97/0x2a1 [ 404.428221] vfs_kern_mount.part.0+0x5e/0x3d0 [ 404.432713] do_mount+0x417/0x27d0 [ 404.436242] ? copy_mount_options+0x5c/0x2f0 [ 404.440657] ? rcu_read_lock_sched_held+0x110/0x130 [ 404.445683] ? copy_mount_string+0x40/0x40 [ 404.449911] ? copy_mount_options+0x1fe/0x2f0 [ 404.454391] SyS_mount+0xab/0x120 [ 404.457830] ? copy_mnt_ns+0x8c0/0x8c0 [ 404.461705] do_syscall_64+0x1e8/0x640 [ 404.465577] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.470411] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 404.475585] RIP: 0033:0x45d08a [ 404.478861] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 404.486554] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 404.493809] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 404.501088] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 404.508530] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 404.516406] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:41 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1b0, &(0x7f0000000040), 0x40010, 0x0) 14:33:41 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000140)=""/129) [ 404.550127] net_ratelimit: 16 callbacks suppressed [ 404.550133] protocol 88fb is buggy, dev hsr_slave_0 [ 404.555188] protocol 88fb is buggy, dev hsr_slave_1 14:33:41 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 404.630800] protocol 88fb is buggy, dev hsr_slave_0 [ 404.636668] protocol 88fb is buggy, dev hsr_slave_1 14:33:41 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x20900) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000000)={r2, @in, 0xfffc}, 0x90) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={r2, 0x4, 0x10}, 0xc) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:41 executing program 2 (fault-call:3 fault-nth:63): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:41 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x1}) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) r1 = getpid() r2 = getpid() rt_tgsigqueueinfo(r1, r2, 0x13, &(0x7f0000000180)) ptrace(0x10, r1) ptrace$poke(0x4209, r1, &(0x7f00000000c0), 0x0) dup2(r0, r0) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 404.881864] FAULT_INJECTION: forcing a failure. [ 404.881864] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 404.955502] CPU: 0 PID: 20084 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 404.962566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.971928] Call Trace: [ 404.974533] dump_stack+0x142/0x197 [ 404.978192] should_fail.cold+0x10f/0x159 [ 404.982352] ? __might_sleep+0x93/0xb0 [ 404.986258] __alloc_pages_nodemask+0x1d6/0x7a0 [ 404.990959] ? __alloc_pages_slowpath+0x2930/0x2930 [ 404.995982] ? lock_downgrade+0x740/0x740 [ 405.000141] alloc_pages_current+0xec/0x1e0 [ 405.000169] __page_cache_alloc+0x248/0x3e0 [ 405.000181] do_read_cache_page+0x625/0xfc0 [ 405.000189] ? blkdev_writepages+0xd0/0xd0 [ 405.000204] ? find_get_pages_contig+0xaa0/0xaa0 [ 405.008820] ? blkdev_get+0xb0/0x8e0 [ 405.017365] ? dput.part.0+0x170/0x750 [ 405.017380] ? bd_may_claim+0xd0/0xd0 [ 405.025839] ? path_put+0x50/0x70 [ 405.025850] ? lookup_bdev.part.0+0xe1/0x160 [ 405.025864] read_cache_page_gfp+0x6e/0x90 [ 405.025879] btrfs_read_disk_super+0xdd/0x440 [ 405.025892] btrfs_scan_one_device+0xc6/0x400 [ 405.025909] ? device_list_add+0x8d0/0x8d0 [ 405.059860] ? __free_pages+0x54/0x90 [ 405.059871] ? free_pages+0x46/0x50 [ 405.059890] btrfs_mount+0x2e3/0x2b28 [ 405.059904] ? lock_downgrade+0x740/0x740 [ 405.067306] ? find_held_lock+0x35/0x130 [ 405.067319] ? pcpu_alloc+0x3af/0x1050 [ 405.067341] ? btrfs_remount+0x11f0/0x11f0 [ 405.067355] ? rcu_read_lock_sched_held+0x110/0x130 [ 405.092467] ? __lockdep_init_map+0x10c/0x570 [ 405.096980] mount_fs+0x97/0x2a1 [ 405.100355] vfs_kern_mount.part.0+0x5e/0x3d0 [ 405.105041] ? find_held_lock+0x35/0x130 [ 405.109104] vfs_kern_mount+0x40/0x60 [ 405.112903] btrfs_mount+0x3ce/0x2b28 [ 405.117045] ? lock_downgrade+0x740/0x740 [ 405.121188] ? find_held_lock+0x35/0x130 [ 405.125243] ? pcpu_alloc+0x3af/0x1050 [ 405.129134] ? btrfs_remount+0x11f0/0x11f0 [ 405.133366] ? rcu_read_lock_sched_held+0x110/0x130 [ 405.138388] ? __lockdep_init_map+0x10c/0x570 [ 405.142884] ? __lockdep_init_map+0x10c/0x570 [ 405.147374] mount_fs+0x97/0x2a1 [ 405.150739] vfs_kern_mount.part.0+0x5e/0x3d0 [ 405.155231] do_mount+0x417/0x27d0 [ 405.158761] ? copy_mount_options+0x5c/0x2f0 [ 405.163163] ? rcu_read_lock_sched_held+0x110/0x130 [ 405.168173] ? copy_mount_string+0x40/0x40 [ 405.172405] ? copy_mount_options+0x1fe/0x2f0 [ 405.176894] SyS_mount+0xab/0x120 [ 405.180340] ? copy_mnt_ns+0x8c0/0x8c0 [ 405.184227] do_syscall_64+0x1e8/0x640 [ 405.188116] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.192969] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 405.198163] RIP: 0033:0x45d08a 14:33:41 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$BLKSECDISCARD(r4, 0x127d, &(0x7f0000000000)=0x9) [ 405.201345] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 405.209046] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 405.216306] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 405.223571] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 405.230832] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 405.238108] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:42 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:42 executing program 2 (fault-call:3 fault-nth:64): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:42 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000080)=0xaa, &(0x7f00000000c0)=0x1) setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000140)='tls\x00', 0x4) [ 405.430307] ptrace attach of ""[20106] was attempted by "/root/syz-executor.3"[20119] [ 405.488156] FAULT_INJECTION: forcing a failure. [ 405.488156] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 405.501932] CPU: 1 PID: 20126 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 405.508975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.518332] Call Trace: [ 405.520937] dump_stack+0x142/0x197 [ 405.524597] should_fail.cold+0x10f/0x159 [ 405.528751] ? __might_sleep+0x93/0xb0 [ 405.532647] __alloc_pages_nodemask+0x1d6/0x7a0 [ 405.537308] ? check_preemption_disabled+0x3c/0x250 [ 405.537324] ? __alloc_pages_slowpath+0x2930/0x2930 [ 405.537335] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 405.537348] ? __alloc_pages_nodemask+0x639/0x7a0 [ 405.537363] alloc_pages_current+0xec/0x1e0 [ 405.537372] ? btrfs_parse_early_options+0x1a2/0x310 [ 405.537388] __get_free_pages+0xf/0x40 [ 405.570890] get_zeroed_page+0x11/0x20 [ 405.574760] selinux_sb_copy_data+0x2a/0x390 [ 405.579154] security_sb_copy_data+0x75/0xb0 [ 405.583547] parse_security_options+0x37/0xa0 [ 405.588029] btrfs_mount+0x2bb/0x2b28 [ 405.591820] ? lock_downgrade+0x740/0x740 [ 405.595948] ? find_held_lock+0x35/0x130 [ 405.599999] ? pcpu_alloc+0x3af/0x1050 [ 405.603877] ? btrfs_remount+0x11f0/0x11f0 [ 405.608099] ? rcu_read_lock_sched_held+0x110/0x130 [ 405.613114] ? __lockdep_init_map+0x10c/0x570 [ 405.617593] mount_fs+0x97/0x2a1 [ 405.620943] vfs_kern_mount.part.0+0x5e/0x3d0 [ 405.625428] ? find_held_lock+0x35/0x130 [ 405.629471] vfs_kern_mount+0x40/0x60 [ 405.633256] btrfs_mount+0x3ce/0x2b28 [ 405.637038] ? lock_downgrade+0x740/0x740 [ 405.641167] ? find_held_lock+0x35/0x130 [ 405.645730] ? pcpu_alloc+0x3af/0x1050 [ 405.649604] ? btrfs_remount+0x11f0/0x11f0 [ 405.653827] ? rcu_read_lock_sched_held+0x110/0x130 [ 405.658830] ? __lockdep_init_map+0x10c/0x570 [ 405.663308] ? __lockdep_init_map+0x10c/0x570 [ 405.667787] mount_fs+0x97/0x2a1 [ 405.671138] vfs_kern_mount.part.0+0x5e/0x3d0 [ 405.675624] do_mount+0x417/0x27d0 [ 405.679148] ? copy_mount_options+0x5c/0x2f0 [ 405.683537] ? rcu_read_lock_sched_held+0x110/0x130 [ 405.688534] ? copy_mount_string+0x40/0x40 [ 405.692752] ? copy_mount_options+0x1fe/0x2f0 [ 405.697232] SyS_mount+0xab/0x120 [ 405.700677] ? copy_mnt_ns+0x8c0/0x8c0 [ 405.704546] do_syscall_64+0x1e8/0x640 [ 405.708412] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.714210] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 405.719382] RIP: 0033:0x45d08a [ 405.722562] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 405.730250] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a 14:33:42 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 405.737502] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 405.744755] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 405.752022] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 405.759287] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 405.766752] protocol 88fb is buggy, dev hsr_slave_0 [ 405.771866] protocol 88fb is buggy, dev hsr_slave_1 14:33:42 executing program 2 (fault-call:3 fault-nth:65): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 405.959120] FAULT_INJECTION: forcing a failure. [ 405.959120] name failslab, interval 1, probability 0, space 0, times 0 [ 405.985158] CPU: 0 PID: 20149 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 405.992218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.001580] Call Trace: [ 406.004176] dump_stack+0x142/0x197 [ 406.007821] should_fail.cold+0x10f/0x159 [ 406.011982] should_failslab+0xdb/0x130 [ 406.015963] kmem_cache_alloc_trace+0x2e9/0x790 [ 406.020646] selinux_parse_opts_str+0x42c/0xa30 [ 406.025322] ? selinux_sb_show_options+0xd50/0xd50 [ 406.030260] ? free_pages+0x46/0x50 [ 406.033889] ? selinux_sb_copy_data+0x21e/0x390 [ 406.038564] security_sb_parse_opts_str+0x75/0xb0 [ 406.043414] parse_security_options+0x4e/0xa0 [ 406.048665] btrfs_mount+0x2bb/0x2b28 [ 406.052483] ? lock_downgrade+0x740/0x740 [ 406.056633] ? find_held_lock+0x35/0x130 [ 406.060699] ? pcpu_alloc+0x3af/0x1050 [ 406.064604] ? btrfs_remount+0x11f0/0x11f0 [ 406.068852] ? rcu_read_lock_sched_held+0x110/0x130 [ 406.073889] ? __lockdep_init_map+0x10c/0x570 [ 406.078415] mount_fs+0x97/0x2a1 [ 406.081773] vfs_kern_mount.part.0+0x5e/0x3d0 [ 406.086253] ? find_held_lock+0x35/0x130 [ 406.090563] vfs_kern_mount+0x40/0x60 [ 406.094352] btrfs_mount+0x3ce/0x2b28 [ 406.098137] ? lock_downgrade+0x740/0x740 [ 406.102266] ? find_held_lock+0x35/0x130 [ 406.106311] ? pcpu_alloc+0x3af/0x1050 [ 406.110189] ? btrfs_remount+0x11f0/0x11f0 [ 406.114419] ? rcu_read_lock_sched_held+0x110/0x130 [ 406.119775] ? __lockdep_init_map+0x10c/0x570 [ 406.124258] ? __lockdep_init_map+0x10c/0x570 [ 406.128744] mount_fs+0x97/0x2a1 [ 406.132096] vfs_kern_mount.part.0+0x5e/0x3d0 [ 406.136584] do_mount+0x417/0x27d0 [ 406.140104] ? copy_mount_options+0x5c/0x2f0 [ 406.144506] ? rcu_read_lock_sched_held+0x110/0x130 [ 406.149503] ? copy_mount_string+0x40/0x40 [ 406.153721] ? copy_mount_options+0x1fe/0x2f0 [ 406.158225] SyS_mount+0xab/0x120 [ 406.161674] ? copy_mnt_ns+0x8c0/0x8c0 [ 406.165551] do_syscall_64+0x1e8/0x640 [ 406.169421] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.174353] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.179527] RIP: 0033:0x45d08a [ 406.182703] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 406.190393] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 406.197647] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 14:33:43 executing program 2 (fault-call:3 fault-nth:66): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 406.204911] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 406.212164] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 406.219417] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 406.230139] protocol 88fb is buggy, dev hsr_slave_0 [ 406.235256] protocol 88fb is buggy, dev hsr_slave_1 [ 406.240416] protocol 88fb is buggy, dev hsr_slave_0 [ 406.245479] protocol 88fb is buggy, dev hsr_slave_1 14:33:43 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000140)="24ecabc537f76d6aa9e0d0e8806ec5fc1f168012a5f30c12c3e4f4f8dc586675efd60f693f07fb76dd225956aab7daf4a35c2ec2c99d902b5d593b0bc16666d9b26e06834cfa1365eca292a42db3912e6e0374c00a8815a2105afb6a3a06f06f017edfee18a197f01746da686c697424e50c46e2484a4ff73bf0c63c84af80249462d2e5a2c95abe", 0x88, 0x6ce}, {&(0x7f0000001340)="678df7ef540bdca272e132873492ea62173614ea88ef6127d3e0fda45eff75eacdeca808ded709a10d25fe5c2be756b8e70066e083c8eeea790da410db4d61907d5e4e64e4aafe4efa6e74e47187733c316dc197c675b86001968ac4666fc19dbf910fc6211c23602e7ef5a89102e6c85c3c5a1f51d59e37732cfbcae32d2fab67079e57531b96e15048a7e7d62db35681e119886fa282439cfb02fc64d8c22781840149b03b546b23c5870d23f73b8b9bb0db3fa60e80b517e8b16e32f712bb930c45771aa8c090d3755078df82f1b54c36946d4836f706d2fd02308b4204ef937b7821464e9eedc643287a6dfb4ca3d367eebf6f1fd8cb7a8063e76aac8f4d667595e0377d2b3841de3b7ad5732b3f5c05b6100200a58462fd4a335494be9606c0e5748ed5af643c5083078b8aa9736b698c71d652de8427c76bc181513d422341561f787dbabd8b00e59c815629dd76c5ee64892ef05492ed8b8dd4d6ed7639977720bea51888291d599e508272dc1e91f48682b26e1aa26350c100ef2b985b70da72244c3dc7a41673b8cf0c948fda0bf8ecbce4f8dd3a583a88cd0346af5a2b5e406e3d78ab75dd45b37a22d662a86cd3ccd556e25536e46b52deaab9f9f0182635e6440d9e97d1e855f657e4be80cb03b3e1c489907954e41675fe9972c8f22aa1800c1becffae5569a67a191459d38374972370f74371fb036f10587b659c047eeacd7813d73ce6c9c11c1a96d0b270a9462420bddc6e92cda944769f00668eccb3125aa1ee9d033ba355129d851e617d65a61b8acca9b9f72b7196f055b4b3dc691243a4c0ab76ebe516b40f27c60bb1dd79d83e54247df174f78c906b6db5427065d16235c574c01fbe3904ad4e81ff101fcceb69279dc56c3fc8c69ad35d8b547c40a1c07ba857a71299c2515d3b1236b6d448274e05309c11ed286fdd96bb32f24caf3cab10403f781c1cc224b5269d794100a2ac223cc096f4b733f4e8f8b611d32c8cfd55c47216354a38780a847c81cb929bcb8226034bc51e2257ce78a5dad8213bbb4328541a53e17a99440250b7e801aaba4168a29b985a1c34afec8f93bccb7e1efaaa9bf32c41dcab8d6b828ffc88aa19c1d3d8ada216298a5106b5f3332de671509afac3d694d4d702aa192c9ef1cd8e7da845a619fe3fa8cc0393e2cef52427f378146957447323fc41debd252393e09775631a85bda7422f08b2191d909f5265a037e896227db74215ea336080f9c955dd553fc592c210d5bf84093ced2e4d424739d8a9553871263b107c44ab6241cde59acb54efe1c9dbf5d0c1b7bae5a9a52f0e13d6db8cf90b870fc5e0d83c1182feb77910943d81c9ceaec7979b9ef32f9518df28e93eb6a75713597423ed8cec805dce8710bd5cc4484c20983e4b6ad717b5dd56be0bde3bc756df3213a908be8ad7af46b121e8d6bdadc6952eb525dd18ca4a086c27f18a9241c577281d5dc8b3a38c0c5276c2f09a0a1960e4dda071a5925878a5ca0b4edb972f4718435c6fe90cc2b5003654e41d9718dbf45a730996bc9f799c72d7cc3cfbd753c9f893374bf479065cc35ef07455b5f90bed54fdb10b34ccf566ed674fc68e88af5d4897dc40374f24ef30ca9db6d9d063bb9c1e677bdb5e271028b6f14a51b3f6e45abed9378e8c5d32a18469e0d127ba96485782f5c2925fa1bf43b33324e634ab5aa031c07a808c1efd5fddea458a55995bcfbb0264c791944da196b918ee58543cb89bd5e0a5c2bc9b42fbd454fa349f95e49493f691d86ef86ffaff2069bf8c519b7328a306c69ba1996dbaa38f6ebeba49fe03f4cb09d6d70e7437efc737dbd7619eafbf023b6110ea40a314f1042572223bc9d9d744ca81476c1bd5acfcaf60c674f058779bfc9884f4b5705083d38784c40460a42f9a7a5634d5801a86ae9cdbac3155fa96d022c35bd0b8a2d1e7f33ed33e20bbe20750c97204513ea425af28d55fad4bf67fb8f41d43f9bc6f21aee3919f16cc23fbf1dbe4c955ca9df23944640e94d99dcfdc2c4ad31847d71dd8d3d2438fd200802ee3622705f5bb9b2dbdbb9c7a7f39a2d1c7f5cd50b5858711fad81a569cfe43601349104ac6841eee3925fbc8f78aa1690d269ff5051ca59784f1747e36de33e3d7527718ff5d766d7b7f60e8e672a249ed40bcb6da4f693280a987ff7f93c0a729a9329b7bcb7f40b801771389098ba0a5bd3bce8b662a0a6c797dd7a840f10968fe9a1838de9012f37f0a50e994a18ec9938db314f76786777c524716827a3760dbd3e783fa8c92125c734b12c617703703fb6bafcfab8cb4a6f739c121885bb5042148e0c02fb0a6e1604b7331a5f7ead48c65361c449655ba2ed8521502ce938b4c8a1200cb9097f05455170278e00f73fda5492511fccf000387304c749c18272226e13f6a5524c74c49eb955e71a338182111e30f98dfc9f0696fe5270a208d84550013ce1fed3a0f697a8b2e0efdca23e1ae82203d56b40059ef07b2585a587852ecea766470bb8000db687fb74cb7239fd396a6ceef7041f2478831e5fc2165a2eb86a909634024078b9d901f8414efbdf014274ffcbb663fa41d572d365fd52926dfa2e3a6425a239964dc33053c52944dd87475a787769b29578d1189c9b3f773a14802faa01f580eb22414a51a7e635641b5d69115513f54e89e26e56ef3c2a28aa70d2a6466fa742331729b5819124c053351ec70bb378f3eb2ec6405a93961e57d0b0b4513a6744fae86c248fb9d0ee58750559c50f984b17cce14e5f3172bf8c1eda90056fd1e016f38f8e9e0c4f8c932a82862e7072cf3e528e3a78a57c53692386e3e763b60ef9e1b27638741c421c1b1b18c51db8d767d0af3c71fee7fa1bb65a26448daf6bfe3dfa22e70bf2909c24937b44a53015b96631a74bd195b6ec4648a8bebc02ce959f9dbca721a277397a3e27e96c005cffda369955fb6410f026075f7835dc946876553d555db46cc7626d51ac09001cd48b3867d5552f2c345eff4076f5c0ecba07a5145808e46dcd3c9ac819f9eecce5a4ebed8b6fa2ed6826dd70829da49df8944e3203c7e28cd951486a73b0e3b662c9971357151f1dd1826d1f6c0a5cc30cd7c7ff2b9bd30c86cf4885e8d2a29ee870e6196307e979a7899adc8e763c09c21b3d21050a2e7d6847694a13a171fa65c243c1932c085277ad98a88ae5b39d1ead0fc700dc1730acde7f39d17c95062bd31a673ee994190b258a105e268de05568d7df06c6913919e8b66a6ec79276b5cfc06c55452fe945ee61183fd36e85fcc399b3395cefc6b07a42d7af55aa653f37987601f722df69284def1e8114c34defb6e8c770e39624d5814755173657b9ee2bdcb2841c5bd30e7e2561b9bf88185956baa1d28e99992346036fab6e53fb09d9cb6e76b14efe63709d0892a3b7cedde62ae95a60e55267e293e48cef8a00cbfa4b94a635dcab03b56e1cbd573179a31d6c3cabe296553bfae4791e9fd5942564533e92d5e79cb6794a7b79cdc4d032c29e0f986c04c7009affe083c4c5ec30722c5d2f32d8fe3afdafa9baf3a5019f87d552c7fc6b878664946c03d99ebbd4fd6a6a96ea7f015d92d06448b18ffe8807aa111fc7fc8e007f5f2ff66195ad46b7270089762d57e488cbca30a7b96a354e6e6894c1c313d8649f98b2a29ce88b0e1268a5a048ea375e2a3b6554a446e1bdd0fa1e493eea743112fcd7588ca3ed1c38e7bf7b0f4c8efbd5d504832485a41102e8b524a8807679b2ca91cf78fe49f0928c37896adfd1cc04bf726a03e398c670ed00fdfac93c8b5a0918ffa39205774c265d7b611b69b76ad9c111480056095f9949130d4f186561672cca2bbcb20af2b16bd826e5548c61da49fb59dd4939cc5c12f09324278e83446a36a369cc204dfda285d42ba4812d8d9511cd5a3a6285e43fac0c2a46a561608d61567ea8a2eefa71d5cdedf4a5c0aeb8c6e66673d418f64da3713e59d37ba306d7a9f0d4a17aa1fa897f7628ed0dd55bf033b0ea67bc313f06ee74c12e9c6d4c3b0d8bbe06e18a70f74960bc70ff754c4fb149e8421eee7fe65d2769613fa6c06b70876148fcba8e27545474949f398ab7bde57bcc130f78f884e802e95a9d677b38e456106658089e6a86f18eb9963927cc4c980d29ff6bfe39d512a96b6a69d7a94b8c0ec8780fe05713172ba9db1ddc3d8358ee4ecd09e39036aca11c720018db363c32cbd3a594e61bcd3dc71b26b4e285037cacc54ff5614a3b57ec1d489df653b704a8331d61ff0694c48715f82205815ff709986e87d83c1e4875aa6d2f22994475f73c2a1c571fefa4c22eb7ceeaf99c04ef9add082b09d8d91eef4e8e5b0bdad702abdc253027a7a45ee560cbb7ecc372a1131dff50801118dd919a21ec642306c4db6407f5296270d84750f13c9d038369a976dc7edfd550ed035eeb0b963742bca5d8eef7aaba39c57858505a088f0b6a0c828aa554d3c3c485ab1064f4aca2dc9c85a6406970ceb39b3510e57e32b4890b29dbb242fb81177c48c610475aba75dfafb4e861334ce4c0bf1e2e8b095d08d6c14ecadb543a1881339a802a9f81c5fe3809301f327276110524ae8f474f1b71085e156c85800868ea9fa33c8595f8d44ebac5330630175e875c819f2a37e1b931083b3b91fecda0059bb40af8ac1d5713dfa341e3791236bba53f7892a40f304f275b6f75411beef8e37bacf48ec64b6303fd7f864ab368ea986ba445973325ac7f4967a63af8c92c1435740d01704398e22b05013e9662a3577c16d6a8faf48760323bded3d155b8b76fd54ff28ddb7f44ca6375a60f95ca45518f7a5048fa494a2d418e25eccc4002513eaa09bd6485f200de41d1992085eed14f6c68d40b93641b01980d3bffc6429c9385144f09f2633c7ec3fb0663cbfa0ff8996998f5b5fcdc41c262e3b53c3f958fd3f61786fe15934f6fe3739348f18ffbe6b2914ee6bcf133088d0fed9c3e18f4afbd97241f72e506eb4f263180a6ec4b49bf9564d2789fe7ec719a813620a80dade2afe199982b42573bd9db8c431f1cf94769174aa4064fe2fffb224f96db6bbb6e77b4d5353318ad4c5c4293db688f19a1440630d44e28d77257fc06e0fc12a8edda40979b75ee3c3d50e0eb21a5856b16a9decb712e394d86d8f391c5f0c08cdde51500de7011e090f29914a3a10bea2f8d5ad3aa4e934c94854e2425412c567d0c152f8971d4f5ed1b5d97f7ef14b14b1cdb53e67211e71f7333426252f45621343813989d8d8260549ce0f2efa026eecdb5d6613301cfa0fe654ec790474b460f71d4ad97867b97eb4c159638248b3df29a11a37a770324792eb3adf62c9ec34f16f537166201cc18450e81bc4bb928b8b0ffd1b5e09802cb6ef790fe36f5bf8f3519bae9c334d142599f54bba16aa6b9612064637f8c7fcd0d760c7dbeaecf3591207ac348b26910f056fe1622bac6df7012fa91c8a8b5a546d24717fe25127592b0f6075458eed0df588870164a8aa71b58c2c707dcf9dd667caf3cae31787dbdae7eb301b26fbd94a8d14e83648c0e244c6c4df552fc8feb7c9050a58aa06af05ed129d4edfffd7fe68fc996c389a2a89478f1280feea63761dd7bec16218eb5bd8eeb83407d72169abe7929ad4125cba855d47c5153c60d4450d82fa2a4ba3d0aa0d4a8a7cf46c8aaa0570aa7944058cc01ff25bc68643b4e66d4d22e4892889c1271bc58ac44ff0d84fd528572dee28b1048be7f3dbbee97ab25316ff832bb242c4079ebae7687590461301e1c4e11bddbc5c256bd3e6ff2b5d041eafef2f7f18d17cee725edce8251adba77581b50edf3d5f370070ff0861df8fa7c30a374152e43b6d55", 0x103a, 0x7fff}], 0x40000, 0x0) [ 406.370866] FAULT_INJECTION: forcing a failure. [ 406.370866] name failslab, interval 1, probability 0, space 0, times 0 [ 406.425148] CPU: 1 PID: 20157 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 406.432308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.441671] Call Trace: [ 406.444275] dump_stack+0x142/0x197 [ 406.447932] should_fail.cold+0x10f/0x159 [ 406.452094] should_failslab+0xdb/0x130 [ 406.456075] kmem_cache_alloc+0x2d7/0x780 [ 406.460230] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 406.465334] ? btrfs_scan_one_device+0x89/0x400 [ 406.470009] ? trace_hardirqs_on_caller+0x400/0x590 [ 406.475029] getname_kernel+0x53/0x350 [ 406.478913] kern_path+0x20/0x40 [ 406.482267] lookup_bdev.part.0+0x63/0x160 [ 406.486483] ? blkdev_open+0x260/0x260 [ 406.490352] ? free_hot_cold_page+0x763/0xca0 [ 406.494835] blkdev_get_by_path+0x76/0xf0 [ 406.498968] btrfs_scan_one_device+0x97/0x400 [ 406.503462] ? device_list_add+0x8d0/0x8d0 [ 406.507679] ? __free_pages+0x54/0x90 [ 406.511461] ? free_pages+0x46/0x50 [ 406.515077] btrfs_mount+0x2e3/0x2b28 [ 406.518863] ? lock_downgrade+0x740/0x740 [ 406.522994] ? find_held_lock+0x35/0x130 [ 406.527039] ? pcpu_alloc+0x3af/0x1050 [ 406.530915] ? btrfs_remount+0x11f0/0x11f0 [ 406.535148] ? rcu_read_lock_sched_held+0x110/0x130 [ 406.540168] ? __lockdep_init_map+0x10c/0x570 [ 406.544776] mount_fs+0x97/0x2a1 [ 406.548134] vfs_kern_mount.part.0+0x5e/0x3d0 [ 406.552617] ? find_held_lock+0x35/0x130 [ 406.556669] vfs_kern_mount+0x40/0x60 [ 406.560467] btrfs_mount+0x3ce/0x2b28 [ 406.564256] ? lock_downgrade+0x740/0x740 [ 406.568390] ? find_held_lock+0x35/0x130 [ 406.572445] ? pcpu_alloc+0x3af/0x1050 [ 406.576322] ? btrfs_remount+0x11f0/0x11f0 [ 406.580544] ? rcu_read_lock_sched_held+0x110/0x130 [ 406.585550] ? __lockdep_init_map+0x10c/0x570 [ 406.590037] ? __lockdep_init_map+0x10c/0x570 [ 406.594529] mount_fs+0x97/0x2a1 [ 406.597882] vfs_kern_mount.part.0+0x5e/0x3d0 [ 406.602369] do_mount+0x417/0x27d0 [ 406.605890] ? copy_mount_options+0x5c/0x2f0 [ 406.610283] ? rcu_read_lock_sched_held+0x110/0x130 [ 406.615291] ? copy_mount_string+0x40/0x40 [ 406.619519] ? copy_mount_options+0x1fe/0x2f0 [ 406.623998] SyS_mount+0xab/0x120 [ 406.627432] ? copy_mnt_ns+0x8c0/0x8c0 [ 406.631303] do_syscall_64+0x1e8/0x640 [ 406.635170] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.639997] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.645180] RIP: 0033:0x45d08a [ 406.648350] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 406.656040] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 406.663291] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 14:33:43 executing program 1: r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-monitor\x00', 0x40000, 0x0) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000200)={0x0, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xe}}, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e21, @remote}, 0x14325ebbb7b1f9cb, 0x0, 0x0, 0x0, 0x9, &(0x7f00000001c0)='ip6tnl0\x00', 0x1, 0x3dd, 0x8}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 406.670541] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 406.677795] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 406.685045] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:43 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x440202, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000200)={{{@in=@local, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast2}}, &(0x7f0000000300)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) r8 = dup2(r7, r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) getsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, &(0x7f00000004c0)={{{@in=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@local}}, &(0x7f0000000340)=0xe8) r11 = socket$inet6_tcp(0xa, 0x1, 0x0) r12 = dup2(r11, r11) getsockopt$inet6_IPV6_IPSEC_POLICY(r11, 0x29, 0x22, &(0x7f00000005c0)={{{@in6, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f00000006c0)=0xe8) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='fuseblk\x00', 0x0, &(0x7f0000000ac0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000120000,user_id=', @ANYRESDEC=r5, @ANYBLOB="2c67726f87705f69643dbac4a85ebb911d1e4581deb61c3a0b72f00c3c0f0c8342b86075b9176b4fbc03e50100411007810a769f53a4eadb4200", @ANYRESDEC=r6, @ANYBLOB="2c64656661756c745f7065726d697373696f6e732c626c6b73697a653d3078303030303030303030303030323630302c616c6c6f775f6f746865722c616c6c6c6c6f775f6f7468657224626cecfc7a6b73697a653d3078303030303030303030303030326330302c64656661756c695f7065726d697373696f6e732c626c6b73697a653d3078303030303030303030303030306330302c616c6c6f775f6f746865722c7569643c00"/177, @ANYRESDEC=r10, @ANYBLOB=',fowner<', @ANYRESDEC=r14, @ANYBLOB=',dont_measure,\x00']) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r16 = ioctl$KVM_CREATE_VM(r15, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r17 = ioctl$KVM_CREATE_VCPU(r16, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r16, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r18 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r18, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r17, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r17, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r17, 0xae80, 0x0) r19 = socket$nl_generic(0x10, 0x3, 0x10) r20 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r19, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r20, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) accept4(r19, &(0x7f0000001c80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001d00)=0x80, 0x80400) r22 = socket$nl_generic(0x10, 0x3, 0x10) r23 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r22, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r23, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) r24 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r26 = dup(r25) getsockname$packet(r26, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r24, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=r27, @ANYBLOB="0046aefd79a93a7981002700000000de95824591e4057a1626bb36fb4fff99036f3e052373d360daa6e83c353101fb1e3362040a4b206ffca1756059cddf1c7f05382a0215c318d5183146bab1866790a44c12ec1c457bf9923cf062c65766cb0b0b97b958146e67136b733b7e7aeee6ecac6e006ba4aa76d3db0807f1b34635127d81ab6fb60c39618ce26486d86c519ee8fd189b7221b304c5c8fc317b6e5378a4fa055ab289fb"], 0x28}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r22, 0x8933, &(0x7f0000002040)={'\x00', r4}) r29 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r31 = dup(r30) getsockname$packet(r31, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r29, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r32}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r33 = socket$inet6_tcp(0xa, 0x1, 0x0) r34 = dup2(r33, r33) ioctl$PERF_EVENT_IOC_ENABLE(r34, 0x8912, 0x400200) getsockopt$inet6_mreq(r34, 0x29, 0x1c, &(0x7f0000002140)={@loopback, 0x0}, &(0x7f0000002180)=0x14) r36 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r38 = dup(r37) getsockname$packet(r38, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r36, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r39}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r40 = socket$inet6_tcp(0xa, 0x1, 0x0) r41 = dup2(r40, r40) ioctl$PERF_EVENT_IOC_ENABLE(r41, 0x8912, 0x400200) getsockname$packet(r41, &(0x7f0000000840)={0x11, 0x0, 0x0}, &(0x7f00000022c0)=0xffffffffffffff97) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000002300)={{{@in=@local, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@initdev}}, &(0x7f0000002400)=0xe8) r44 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r46 = dup(r45) getsockname$packet(r46, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r44, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r47}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r49 = dup(r48) getsockname$packet(r49, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) r51 = socket$inet6_tcp(0xa, 0x1, 0x0) r52 = dup2(r51, r51) ioctl$PERF_EVENT_IOC_ENABLE(r52, 0x8912, 0x400200) sendmsg$nl_route(r52, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r50}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r53 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r55 = dup(r54) getsockname$packet(r55, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r53, &(0x7f0000000080)={0x0, 0x86, &(0x7f0000000040)={&(0x7f0000000740)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r56, 0x10}, [@IFLA_BROADCAST={0xc, 0x2, @remote}]}, 0xfffffffffffffeb7}}, 0x0) accept4$packet(r12, &(0x7f00000024c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000002500)=0x14, 0x0) r58 = socket$nl_generic(0x10, 0x3, 0x10) r59 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r58, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x20, r59, 0xa06d01dc2c18f2bb, 0x0, 0x0, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x20}}, 0x0) ioctl$sock_SIOCGIFINDEX(r58, 0x8933, &(0x7f0000003740)={'dummy0\x00', 0x0}) r61 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r63 = dup(r62) getsockname$packet(r63, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r61, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r64}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) sendmsg$TEAM_CMD_PORT_LIST_GET(r8, &(0x7f0000003fc0)={&(0x7f0000000700), 0xc, &(0x7f0000003f80)={&(0x7f0000003780)={0x7d4, 0x0, 0x1930, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8, 0x1, r13}, {0xb0, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r21}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x8000}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r28}, {0xc0, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0xd5c00000}}, {0x8, 0x6, r32}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xfffffffe}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8}, {0x14, 0x4, 'activebackup\x00'}}}]}}, {{0x8, 0x1, r35}, {0xd0, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x2}}, {0x8, 0x6, r39}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1f4000}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r42}, {0x174, 0x2, [{0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0xb62}}, {0x8, 0x6, r43}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r13}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x8000}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8}}, {0x8, 0x6, r47}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x54}}, {0x8}}}]}}, {{0x8}, {0xec, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r50}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x9}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}]}}, {{0x8, 0x1, r4}, {0x140, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xfffffff8}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x941}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r56}, {0x1a8, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x6}}, {0x8, 0x6, r57}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x6}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x268}}, {0x8}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r60}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x37d}}, {0x8, 0x6, r64}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x101}}}]}}]}, 0x7d4}, 0x1, 0x0, 0x0, 0x10000}, 0x40000) 14:33:43 executing program 2 (fault-call:3 fault-nth:67): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:43 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0xaaaaaaaaaaaad61, &(0x7f0000000440)=[{&(0x7f00000000c0)="2a26284adda3a440a573d6550d", 0x0, 0x9}, {&(0x7f0000000140)="ff05a36ebb8390a297113ec8b7ef5f7826636aa1867b51d53eceab0e55cb25f300f9de75944113d3d1d6aedf", 0x0, 0x3260}, {&(0x7f0000000180)="2d7b5fc232d7b862d4b13f66f0e2468cbcbdf875150895383c9aaf28b189dcb1ec3caacd1874b5c202dbe191c573e002ada03c55ee95ee4eda00089d2c98c78441164ac14c1596fcd8a1c4f6af14ab6f7c", 0x0, 0xd83}, {&(0x7f0000000200)="3436483bf97ee17554efaababee9902dac0a8e8999fd32deec6ebf588012cef9112f51412d5184d1f5bbba1e0c4b26baca516e3919e00b45b56275a5b051b2bb03334fd711f22bdd8fb31a6f7c0c15c53de0b482da0e6f6216aded3348ccc617791dbf152e01815448cd0f8fcfd2bb92", 0x0, 0x24}, {&(0x7f0000000340)="095b5945f708daec8e9ed7a98b7be19e53b1ee38205b6a292f81dcab19d4f697b018ae752ba206e6f012e22113aacf3eaa78290372a5c4dd8e365d6d3b90f27d9af1991a7ac00d1855a9164d64de26a45ca8a3694b98543485f94ff1ed4d10f0db9a6fe00ea6ac8b9f10fd5df6192be65a5f3f6892e08cc8bd1ef38d0a84cb302e9a387a86012a851dcad93534ccb2c5bb147a809f6a2c2138c22f2fd53ccbef0743c0ba4114427070122c448065a86f650738616a65201871fa15a3b6b96d644303", 0x0, 0x1}, {&(0x7f0000000280)="8ea3691a", 0x0, 0x4}], 0x1000, 0x0) [ 406.928978] FAULT_INJECTION: forcing a failure. [ 406.928978] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 406.947674] CPU: 0 PID: 20187 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 406.954725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.964087] Call Trace: [ 406.966690] dump_stack+0x142/0x197 [ 406.970327] should_fail.cold+0x10f/0x159 [ 406.974492] ? __might_sleep+0x93/0xb0 [ 406.978383] __alloc_pages_nodemask+0x1d6/0x7a0 [ 406.983050] ? __alloc_pages_slowpath+0x2930/0x2930 [ 406.988065] ? lock_downgrade+0x740/0x740 [ 406.992225] alloc_pages_current+0xec/0x1e0 [ 406.996552] __page_cache_alloc+0x248/0x3e0 [ 407.000874] do_read_cache_page+0x625/0xfc0 [ 407.005186] ? blkdev_writepages+0xd0/0xd0 [ 407.009419] ? find_get_pages_contig+0xaa0/0xaa0 [ 407.014172] ? blkdev_get+0xb0/0x8e0 [ 407.017878] ? dput.part.0+0x170/0x750 [ 407.021761] ? bd_may_claim+0xd0/0xd0 [ 407.025558] ? path_put+0x50/0x70 [ 407.029003] ? lookup_bdev.part.0+0xe1/0x160 [ 407.033407] read_cache_page_gfp+0x6e/0x90 [ 407.037641] btrfs_read_disk_super+0xdd/0x440 [ 407.042142] btrfs_scan_one_device+0xc6/0x400 [ 407.046636] ? device_list_add+0x8d0/0x8d0 [ 407.050865] ? __free_pages+0x54/0x90 [ 407.054656] ? free_pages+0x46/0x50 [ 407.058278] btrfs_mount+0x2e3/0x2b28 [ 407.062073] ? lock_downgrade+0x740/0x740 [ 407.066211] ? find_held_lock+0x35/0x130 [ 407.070266] ? pcpu_alloc+0x3af/0x1050 [ 407.074152] ? btrfs_remount+0x11f0/0x11f0 [ 407.078386] ? rcu_read_lock_sched_held+0x110/0x130 [ 407.083405] ? __lockdep_init_map+0x10c/0x570 [ 407.087992] mount_fs+0x97/0x2a1 [ 407.091356] vfs_kern_mount.part.0+0x5e/0x3d0 [ 407.095843] ? find_held_lock+0x35/0x130 [ 407.099915] vfs_kern_mount+0x40/0x60 [ 407.103717] btrfs_mount+0x3ce/0x2b28 [ 407.107527] ? lock_downgrade+0x740/0x740 [ 407.111668] ? find_held_lock+0x35/0x130 [ 407.115725] ? pcpu_alloc+0x3af/0x1050 [ 407.119752] ? btrfs_remount+0x11f0/0x11f0 [ 407.124001] ? rcu_read_lock_sched_held+0x110/0x130 [ 407.129034] ? __lockdep_init_map+0x10c/0x570 [ 407.133654] ? __lockdep_init_map+0x10c/0x570 [ 407.138155] mount_fs+0x97/0x2a1 [ 407.141525] vfs_kern_mount.part.0+0x5e/0x3d0 [ 407.146024] do_mount+0x417/0x27d0 [ 407.149561] ? copy_mount_options+0x5c/0x2f0 [ 407.153977] ? rcu_read_lock_sched_held+0x110/0x130 [ 407.158988] ? copy_mount_string+0x40/0x40 [ 407.163225] ? copy_mount_options+0x1fe/0x2f0 [ 407.167716] SyS_mount+0xab/0x120 [ 407.171161] ? copy_mnt_ns+0x8c0/0x8c0 [ 407.175046] do_syscall_64+0x1e8/0x640 [ 407.178926] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.183772] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 407.188953] RIP: 0033:0x45d08a [ 407.192137] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 407.199931] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 407.207194] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 407.214454] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 407.221717] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 14:33:44 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrf\xf3\x00', &(0x7f0000000100)='./file1\x00', 0x0, 0x1d5, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0001000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x40000, 0x0) [ 407.228980] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 407.469363] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 14:33:44 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:44 executing program 2 (fault-call:3 fault-nth:68): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:44 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xbc0000, 0x100) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000140)={0xffffffffffffffff}, 0x111, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f00000001c0)={0x16, 0x98, 0xfa00, {&(0x7f00000000c0), 0x2, r1, 0x1c, 0x3, @in6={0xa, 0x4e22, 0x20, @dev={0xfe, 0x80, [], 0x17}, 0x5}}}, 0xa0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:44 executing program 3: mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000140)=r4) stat(&(0x7f00000001c0)='./file0\x00', 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = dup2(r6, r5) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) read$FUSE(r0, 0x0, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r8 = socket$inet6_tcp(0xa, 0x1, 0x0) r9 = dup2(r8, r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$BLKBSZSET(r9, 0x40081271, &(0x7f0000000080)=0x9) 14:33:44 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 407.668544] FAULT_INJECTION: forcing a failure. [ 407.668544] name failslab, interval 1, probability 0, space 0, times 0 [ 407.680074] CPU: 0 PID: 20223 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 407.687111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.696464] Call Trace: [ 407.699068] dump_stack+0x142/0x197 [ 407.702793] should_fail.cold+0x10f/0x159 [ 407.706945] should_failslab+0xdb/0x130 [ 407.710924] kmem_cache_alloc+0x47/0x780 [ 407.714996] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 407.720623] __radix_tree_create+0x337/0x4d0 [ 407.725042] page_cache_tree_insert+0xa7/0x2d0 [ 407.729632] ? file_check_and_advance_wb_err+0x380/0x380 [ 407.735085] ? debug_smp_processor_id+0x1c/0x20 [ 407.739790] __add_to_page_cache_locked+0x2ab/0x7e0 [ 407.744827] ? find_lock_entry+0x3f0/0x3f0 [ 407.749074] add_to_page_cache_lru+0xf4/0x310 [ 407.753571] ? add_to_page_cache_locked+0x40/0x40 [ 407.758413] ? __page_cache_alloc+0xdd/0x3e0 [ 407.762823] do_read_cache_page+0x64e/0xfc0 [ 407.767494] ? blkdev_writepages+0xd0/0xd0 [ 407.771740] ? find_get_pages_contig+0xaa0/0xaa0 [ 407.776499] ? blkdev_get+0xb0/0x8e0 [ 407.780218] ? dput.part.0+0x170/0x750 [ 407.784112] ? bd_may_claim+0xd0/0xd0 [ 407.787931] ? path_put+0x50/0x70 [ 407.791389] ? lookup_bdev.part.0+0xe1/0x160 [ 407.795805] read_cache_page_gfp+0x6e/0x90 [ 407.800044] btrfs_read_disk_super+0xdd/0x440 [ 407.804548] btrfs_scan_one_device+0xc6/0x400 [ 407.809050] ? device_list_add+0x8d0/0x8d0 [ 407.813288] ? __free_pages+0x54/0x90 [ 407.817085] ? free_pages+0x46/0x50 [ 407.820715] btrfs_mount+0x2e3/0x2b28 [ 407.824515] ? lock_downgrade+0x740/0x740 [ 407.828660] ? find_held_lock+0x35/0x130 [ 407.832730] ? pcpu_alloc+0x3af/0x1050 [ 407.836625] ? btrfs_remount+0x11f0/0x11f0 [ 407.840883] ? rcu_read_lock_sched_held+0x110/0x130 [ 407.845967] ? __lockdep_init_map+0x10c/0x570 [ 407.850477] mount_fs+0x97/0x2a1 [ 407.853845] vfs_kern_mount.part.0+0x5e/0x3d0 [ 407.853856] ? find_held_lock+0x35/0x130 [ 407.853870] vfs_kern_mount+0x40/0x60 [ 407.853885] btrfs_mount+0x3ce/0x2b28 [ 407.853897] ? lock_downgrade+0x740/0x740 [ 407.874235] ? find_held_lock+0x35/0x130 [ 407.878299] ? pcpu_alloc+0x3af/0x1050 [ 407.882205] ? btrfs_remount+0x11f0/0x11f0 [ 407.886449] ? rcu_read_lock_sched_held+0x110/0x130 [ 407.891608] ? __lockdep_init_map+0x10c/0x570 [ 407.896109] ? __lockdep_init_map+0x10c/0x570 [ 407.900616] mount_fs+0x97/0x2a1 [ 407.903999] vfs_kern_mount.part.0+0x5e/0x3d0 [ 407.908511] do_mount+0x417/0x27d0 [ 407.912057] ? copy_mount_options+0x5c/0x2f0 [ 407.916473] ? rcu_read_lock_sched_held+0x110/0x130 [ 407.921501] ? copy_mount_string+0x40/0x40 [ 407.925744] ? copy_mount_options+0x1fe/0x2f0 [ 407.930242] SyS_mount+0xab/0x120 [ 407.930251] ? copy_mnt_ns+0x8c0/0x8c0 [ 407.930265] do_syscall_64+0x1e8/0x640 [ 407.930274] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.930291] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 407.930299] RIP: 0033:0x45d08a [ 407.930304] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 407.930314] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 407.930325] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 407.937640] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 407.937647] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 407.937652] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:44 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) ioctl$DRM_IOCTL_DROP_MASTER(r5, 0x641f) 14:33:44 executing program 2 (fault-call:3 fault-nth:69): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 408.157810] FAULT_INJECTION: forcing a failure. [ 408.157810] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 408.169994] CPU: 0 PID: 20246 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 408.177008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.186449] Call Trace: [ 408.189053] dump_stack+0x142/0x197 [ 408.192714] should_fail.cold+0x10f/0x159 [ 408.196880] __alloc_pages_nodemask+0x1d6/0x7a0 [ 408.201681] ? __alloc_pages_slowpath+0x2930/0x2930 [ 408.206716] cache_grow_begin+0x80/0x400 [ 408.210796] kmem_cache_alloc+0x6a6/0x780 [ 408.214969] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 408.214987] getname_kernel+0x53/0x350 [ 408.215003] kern_path+0x20/0x40 [ 408.215014] lookup_bdev.part.0+0x63/0x160 [ 408.215023] ? blkdev_open+0x260/0x260 [ 408.215034] ? free_hot_cold_page+0x763/0xca0 [ 408.215046] blkdev_get_by_path+0x76/0xf0 [ 408.215060] btrfs_scan_one_device+0x97/0x400 [ 408.215079] ? device_list_add+0x8d0/0x8d0 [ 408.253046] ? __free_pages+0x54/0x90 [ 408.256857] ? free_pages+0x46/0x50 [ 408.260501] btrfs_mount+0x2e3/0x2b28 [ 408.264312] ? lock_downgrade+0x740/0x740 [ 408.268463] ? find_held_lock+0x35/0x130 [ 408.268478] ? pcpu_alloc+0x3af/0x1050 [ 408.268506] ? btrfs_remount+0x11f0/0x11f0 [ 408.268522] ? rcu_read_lock_sched_held+0x110/0x130 [ 408.268542] ? __lockdep_init_map+0x10c/0x570 [ 408.280752] mount_fs+0x97/0x2a1 [ 408.280768] vfs_kern_mount.part.0+0x5e/0x3d0 [ 408.280780] ? find_held_lock+0x35/0x130 [ 408.280792] vfs_kern_mount+0x40/0x60 [ 408.280806] btrfs_mount+0x3ce/0x2b28 [ 408.290568] ? lock_downgrade+0x740/0x740 [ 408.290576] ? find_held_lock+0x35/0x130 [ 408.290588] ? pcpu_alloc+0x3af/0x1050 [ 408.290607] ? btrfs_remount+0x11f0/0x11f0 [ 408.290621] ? rcu_read_lock_sched_held+0x110/0x130 [ 408.290639] ? __lockdep_init_map+0x10c/0x570 [ 408.318593] ? __lockdep_init_map+0x10c/0x570 [ 408.318609] mount_fs+0x97/0x2a1 [ 408.318624] vfs_kern_mount.part.0+0x5e/0x3d0 [ 408.326740] do_mount+0x417/0x27d0 [ 408.326750] ? copy_mount_options+0x5c/0x2f0 [ 408.326762] ? rcu_read_lock_sched_held+0x110/0x130 [ 408.326773] ? copy_mount_string+0x40/0x40 [ 408.326786] ? copy_mount_options+0x1fe/0x2f0 [ 408.370337] SyS_mount+0xab/0x120 [ 408.373815] ? copy_mnt_ns+0x8c0/0x8c0 [ 408.377703] do_syscall_64+0x1e8/0x640 [ 408.381590] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.386435] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.391644] RIP: 0033:0x45d08a [ 408.394840] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 14:33:45 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) dup2(r0, r0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000340)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6c0, 0x330, 0x490, 0x200, 0x200, 0x0, 0x5f0, 0x5f0, 0x5f0, 0x5f0, 0x5f0, 0x6, &(0x7f0000000080), {[{{@uncond, 0x0, 0xc8, 0xf0}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0xd8, 0x7}}}, {{@uncond, 0x0, 0xc8, 0x110}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@local, @ipv4=@loopback, 0xd, 0x27, 0x200}}}, {{@uncond, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@eui64={0x28, 'eui64\x00'}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0xbb0, 0x3f, @ipv4=@dev={0xac, 0x14, 0x14, 0x13}, 0x4e20}}}, {{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@common=@eui64={0x28, 'eui64\x00'}, @inet=@rpfilter={0x28, 'rpfilter\x00'}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@multicast1, @ipv6=@remote, 0x39, 0x30, 0x3f}}}, {{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@dst={0x48, 'dst\x00', 0x0, {0xfffffffc, 0xb, 0x1, [0x8, 0x8, 0x3f, 0x9, 0x0, 0x8, 0xfff9, 0xb8, 0x401, 0x6, 0x6, 0x1, 0x0, 0x2, 0x4, 0x800], 0x3}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x4}}]}, @unspec=@CHECKSUM={0x28, 'CHECKSUM\x00'}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x720) 14:33:45 executing program 3: r0 = syz_open_dev$usbfs(&(0x7f0000000840)='/dev/bus/usb/00#/00#\x00', 0x40000000909, 0x1) ioctl$USBDEVFS_FREE_STREAMS(r0, 0x8008551d, 0x0) fchdir(r0) syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x8, 0x101042) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f00000000c0)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1bb06796136a9d09ca1600b10efd9a00000100000000f701fffffff60000", 0x48, 0x10000}], 0x80, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000040)={@mcast2}, &(0x7f0000000140)=0x14) [ 408.402545] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 408.409832] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 408.417096] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 408.424358] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 408.431636] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:45 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$caif_seqpacket(0x25, 0x5, 0x5) setsockopt$sock_void(r0, 0x1, 0x3f, 0x0, 0x0) 14:33:45 executing program 2 (fault-call:3 fault-nth:70): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:45 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x408000, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) [ 408.731540] FAULT_INJECTION: forcing a failure. [ 408.731540] name failslab, interval 1, probability 0, space 0, times 0 [ 408.761848] CPU: 1 PID: 20284 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 408.768915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.778278] Call Trace: [ 408.780877] dump_stack+0x142/0x197 [ 408.784545] should_fail.cold+0x10f/0x159 [ 408.788700] should_failslab+0xdb/0x130 [ 408.792706] kmem_cache_alloc_trace+0x2e9/0x790 [ 408.797385] ? __kmalloc_node+0x51/0x80 [ 408.801375] btrfs_mount+0x1001/0x2b28 [ 408.805263] ? lock_downgrade+0x740/0x740 [ 408.809408] ? find_held_lock+0x35/0x130 [ 408.813493] ? pcpu_alloc+0x3af/0x1050 [ 408.817395] ? btrfs_remount+0x11f0/0x11f0 [ 408.821639] ? rcu_read_lock_sched_held+0x110/0x130 [ 408.826667] ? __lockdep_init_map+0x10c/0x570 [ 408.831171] mount_fs+0x97/0x2a1 [ 408.831189] vfs_kern_mount.part.0+0x5e/0x3d0 [ 408.831199] ? find_held_lock+0x35/0x130 [ 408.831211] vfs_kern_mount+0x40/0x60 [ 408.831225] btrfs_mount+0x3ce/0x2b28 [ 408.831233] ? lock_downgrade+0x740/0x740 [ 408.831241] ? find_held_lock+0x35/0x130 [ 408.831251] ? pcpu_alloc+0x3af/0x1050 [ 408.831267] ? btrfs_remount+0x11f0/0x11f0 [ 408.831282] ? rcu_read_lock_sched_held+0x110/0x130 [ 408.831302] ? __lockdep_init_map+0x10c/0x570 [ 408.831311] ? __lockdep_init_map+0x10c/0x570 [ 408.831322] mount_fs+0x97/0x2a1 [ 408.831334] vfs_kern_mount.part.0+0x5e/0x3d0 [ 408.831345] do_mount+0x417/0x27d0 [ 408.831357] ? copy_mount_string+0x40/0x40 [ 408.848202] ? copy_mount_options+0x151/0x2f0 [ 408.848216] ? __sanitizer_cov_trace_pc+0x4a/0x60 [ 408.848227] ? copy_mount_options+0x1fe/0x2f0 [ 408.848238] SyS_mount+0xab/0x120 [ 408.848248] ? copy_mnt_ns+0x8c0/0x8c0 [ 408.855837] do_syscall_64+0x1e8/0x640 [ 408.855847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.855864] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.855872] RIP: 0033:0x45d08a [ 408.855877] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 408.897595] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 408.897602] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 408.897607] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 408.897612] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 14:33:45 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4cb, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff7f, 0x8], 0x18000}) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000000)=0x1000) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 408.897620] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x5, 0x104800) setsockopt$rose(r0, 0x104, 0x3, &(0x7f00000000c0)=0x7, 0x4) 14:33:45 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:46 executing program 2 (fault-call:3 fault-nth:71): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 409.320593] FAULT_INJECTION: forcing a failure. [ 409.320593] name failslab, interval 1, probability 0, space 0, times 0 [ 409.345574] CPU: 1 PID: 20318 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 409.352636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.362000] Call Trace: [ 409.364600] dump_stack+0x142/0x197 [ 409.368241] should_fail.cold+0x10f/0x159 [ 409.372410] should_failslab+0xdb/0x130 [ 409.376384] kmem_cache_alloc+0x2d7/0x780 [ 409.380539] ? delete_node+0x1fb/0x690 [ 409.384433] ? save_trace+0x290/0x290 [ 409.388247] alloc_buffer_head+0x24/0xe0 [ 409.393354] alloc_page_buffers+0xb7/0x200 [ 409.397599] create_empty_buffers+0x39/0x480 [ 409.402015] ? __lock_is_held+0xb6/0x140 [ 409.406085] ? check_preemption_disabled+0x3c/0x250 [ 409.411112] create_page_buffers+0x153/0x1c0 [ 409.415532] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 409.420990] block_read_full_page+0xcd/0x960 [ 409.425404] ? set_init_blocksize+0x220/0x220 [ 409.429900] ? __lru_cache_add+0x18a/0x250 [ 409.434142] ? __bread_gfp+0x290/0x290 [ 409.438040] ? add_to_page_cache_lru+0x159/0x310 [ 409.442799] ? add_to_page_cache_locked+0x40/0x40 [ 409.447651] blkdev_readpage+0x1d/0x30 [ 409.451543] do_read_cache_page+0x671/0xfc0 [ 409.455868] ? blkdev_writepages+0xd0/0xd0 [ 409.460150] ? find_get_pages_contig+0xaa0/0xaa0 [ 409.464909] ? blkdev_get+0xb0/0x8e0 [ 409.468621] ? dput.part.0+0x170/0x750 [ 409.472504] ? bd_may_claim+0xd0/0xd0 [ 409.476299] ? path_put+0x50/0x70 [ 409.479763] ? lookup_bdev.part.0+0xe1/0x160 [ 409.484175] read_cache_page_gfp+0x6e/0x90 [ 409.488408] btrfs_read_disk_super+0xdd/0x440 [ 409.492902] btrfs_scan_one_device+0xc6/0x400 [ 409.497396] ? device_list_add+0x8d0/0x8d0 [ 409.501715] ? __free_pages+0x54/0x90 [ 409.505515] ? free_pages+0x46/0x50 [ 409.509143] btrfs_mount+0x2e3/0x2b28 [ 409.512942] ? lock_downgrade+0x740/0x740 [ 409.517086] ? find_held_lock+0x35/0x130 [ 409.521147] ? pcpu_alloc+0x3af/0x1050 [ 409.525045] ? btrfs_remount+0x11f0/0x11f0 [ 409.529284] ? rcu_read_lock_sched_held+0x110/0x130 [ 409.534310] ? __lockdep_init_map+0x10c/0x570 [ 409.538811] mount_fs+0x97/0x2a1 [ 409.542180] vfs_kern_mount.part.0+0x5e/0x3d0 [ 409.546673] ? find_held_lock+0x35/0x130 [ 409.550730] vfs_kern_mount+0x40/0x60 [ 409.554789] btrfs_mount+0x3ce/0x2b28 [ 409.558585] ? lock_downgrade+0x740/0x740 [ 409.562728] ? find_held_lock+0x35/0x130 [ 409.566802] ? pcpu_alloc+0x3af/0x1050 [ 409.570698] ? btrfs_remount+0x11f0/0x11f0 [ 409.574936] ? rcu_read_lock_sched_held+0x110/0x130 [ 409.580053] ? __lockdep_init_map+0x10c/0x570 [ 409.584559] ? __lockdep_init_map+0x10c/0x570 [ 409.589054] mount_fs+0x97/0x2a1 [ 409.592418] vfs_kern_mount.part.0+0x5e/0x3d0 [ 409.596912] do_mount+0x417/0x27d0 [ 409.600443] ? copy_mount_options+0x5c/0x2f0 [ 409.604862] ? rcu_read_lock_sched_held+0x110/0x130 [ 409.610139] ? copy_mount_string+0x40/0x40 [ 409.614377] ? copy_mount_options+0x1fe/0x2f0 [ 409.618871] SyS_mount+0xab/0x120 [ 409.622314] ? copy_mnt_ns+0x8c0/0x8c0 [ 409.626195] do_syscall_64+0x1e8/0x640 [ 409.630073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.634919] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 409.640102] RIP: 0033:0x45d08a [ 409.643284] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 409.650987] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 409.658254] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 14:33:46 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x11b, 0x11b, 0xa, [@typedef={0x6, 0x0, 0x0, 0x8, 0x1}, @func={0x8, 0x0, 0x0, 0xc, 0x1}, @func_proto={0x0, 0x5, 0x0, 0xd, 0x0, [{0x0, 0x2}, {0xb, 0x5}, {0xb, 0x4}, {0x2, 0x1}, {0x2}]}, @datasec={0x2, 0x6, 0x0, 0xf, 0x3, [{0x100, 0x1, 0x9}, {0x2, 0x9, 0x5}, {0x4, 0xd7a}, {0x1, 0xffff, 0x111a}, {0x1, 0x1, 0x8}, {0x3, 0x6, 0x7}], "ee75dc"}, @volatile={0x7, 0x0, 0x0, 0x9, 0x2}, @enum={0x2}, @union={0x6, 0x7, 0x0, 0x5, 0x1, 0x3, [{0x1, 0x3, 0xffffffff}, {0x3, 0x3, 0x6}, {0xe, 0x0, 0x4}, {0xa, 0x0, 0xefb8}, {0x10, 0x3, 0x7}, {0x3, 0x4}, {0x4, 0x4, 0x1}]}]}, {0x0, [0x20, 0x2e, 0x16, 0x2e, 0x0, 0xbe, 0x5f, 0x0]}}, &(0x7f0000000340)=""/190, 0x13e, 0xbe}, 0x20) dup2(r0, 0xffffffffffffffff) 14:33:46 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x408000, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) [ 409.665518] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 409.672802] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 409.680091] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:46 executing program 2 (fault-call:3 fault-nth:72): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:46 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet_sctp(0x2, 0x5, 0x84) finit_module(r0, &(0x7f0000000080)='\xdappp1\x00', 0x2) socket$inet6_udp(0xa, 0x2, 0x0) 14:33:46 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 409.883435] FAULT_INJECTION: forcing a failure. [ 409.883435] name failslab, interval 1, probability 0, space 0, times 0 [ 409.899398] CPU: 1 PID: 20346 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 409.906449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.915812] Call Trace: [ 409.918420] dump_stack+0x142/0x197 [ 409.922063] should_fail.cold+0x10f/0x159 [ 409.926254] should_failslab+0xdb/0x130 [ 409.930236] kmem_cache_alloc_node_trace+0x280/0x770 [ 409.935336] ? mutex_unlock+0xd/0x10 [ 409.939140] ? btrfs_scan_one_device+0xeb/0x400 [ 409.943999] __kmalloc_node+0x3d/0x80 [ 409.947814] kvmalloc_node+0x93/0xe0 [ 409.951538] btrfs_mount+0xf88/0x2b28 [ 409.955346] ? lock_downgrade+0x740/0x740 [ 409.959491] ? find_held_lock+0x35/0x130 [ 409.963542] ? pcpu_alloc+0x3af/0x1050 [ 409.967421] ? btrfs_remount+0x11f0/0x11f0 [ 409.971645] ? rcu_read_lock_sched_held+0x110/0x130 [ 409.976652] ? __lockdep_init_map+0x10c/0x570 [ 409.981135] mount_fs+0x97/0x2a1 [ 409.984488] vfs_kern_mount.part.0+0x5e/0x3d0 [ 409.988964] ? find_held_lock+0x35/0x130 [ 409.993013] vfs_kern_mount+0x40/0x60 [ 409.996799] btrfs_mount+0x3ce/0x2b28 [ 410.000585] ? lock_downgrade+0x740/0x740 [ 410.004714] ? find_held_lock+0x35/0x130 [ 410.008760] ? pcpu_alloc+0x3af/0x1050 [ 410.012640] ? btrfs_remount+0x11f0/0x11f0 [ 410.016862] ? rcu_read_lock_sched_held+0x110/0x130 [ 410.021867] ? __lockdep_init_map+0x10c/0x570 [ 410.026344] ? __lockdep_init_map+0x10c/0x570 [ 410.030860] mount_fs+0x97/0x2a1 [ 410.034215] vfs_kern_mount.part.0+0x5e/0x3d0 [ 410.038699] do_mount+0x417/0x27d0 [ 410.042309] ? retint_kernel+0x2d/0x2d [ 410.046181] ? copy_mount_string+0x40/0x40 [ 410.050415] ? copy_mount_options+0x154/0x2f0 [ 410.054891] ? copy_mount_options+0x1fe/0x2f0 [ 410.059390] SyS_mount+0xab/0x120 [ 410.062833] ? copy_mnt_ns+0x8c0/0x8c0 [ 410.066791] do_syscall_64+0x1e8/0x640 [ 410.070659] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.075489] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 410.080666] RIP: 0033:0x45d08a [ 410.083840] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 410.091544] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 410.098809] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 410.106065] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 410.113333] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 410.120596] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 410.128137] net_ratelimit: 14 callbacks suppressed 14:33:47 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 410.128142] protocol 88fb is buggy, dev hsr_slave_0 [ 410.138201] protocol 88fb is buggy, dev hsr_slave_1 14:33:47 executing program 2 (fault-call:3 fault-nth:73): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:47 executing program 1: openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x480000, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 410.419435] FAULT_INJECTION: forcing a failure. [ 410.419435] name failslab, interval 1, probability 0, space 0, times 0 [ 410.443237] CPU: 0 PID: 20376 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 410.450299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.459902] Call Trace: [ 410.462496] dump_stack+0x142/0x197 [ 410.466125] should_fail.cold+0x10f/0x159 [ 410.470272] should_failslab+0xdb/0x130 [ 410.474238] kmem_cache_alloc_node_trace+0x280/0x770 [ 410.479336] ? mutex_unlock+0xd/0x10 [ 410.483040] ? btrfs_scan_one_device+0xeb/0x400 [ 410.487702] __kmalloc_node+0x3d/0x80 [ 410.491488] kvmalloc_node+0x93/0xe0 [ 410.495188] btrfs_mount+0xf88/0x2b28 [ 410.498975] ? lock_downgrade+0x740/0x740 [ 410.503108] ? find_held_lock+0x35/0x130 [ 410.507167] ? pcpu_alloc+0x3af/0x1050 [ 410.511046] ? btrfs_remount+0x11f0/0x11f0 [ 410.515277] ? rcu_read_lock_sched_held+0x110/0x130 [ 410.520306] ? __lockdep_init_map+0x10c/0x570 [ 410.524791] mount_fs+0x97/0x2a1 [ 410.528146] vfs_kern_mount.part.0+0x5e/0x3d0 [ 410.532626] ? find_held_lock+0x35/0x130 [ 410.536687] vfs_kern_mount+0x40/0x60 [ 410.540475] btrfs_mount+0x3ce/0x2b28 [ 410.545573] ? lock_downgrade+0x740/0x740 [ 410.549707] ? find_held_lock+0x35/0x130 [ 410.553755] ? pcpu_alloc+0x3af/0x1050 [ 410.557635] ? btrfs_remount+0x11f0/0x11f0 [ 410.561860] ? rcu_read_lock_sched_held+0x110/0x130 [ 410.566869] ? __lockdep_init_map+0x10c/0x570 [ 410.571358] ? __lockdep_init_map+0x10c/0x570 [ 410.575843] mount_fs+0x97/0x2a1 [ 410.579215] vfs_kern_mount.part.0+0x5e/0x3d0 [ 410.583701] do_mount+0x417/0x27d0 [ 410.587230] ? copy_mount_options+0x5c/0x2f0 [ 410.591829] ? rcu_read_lock_sched_held+0x110/0x130 [ 410.596852] ? copy_mount_string+0x40/0x40 [ 410.601094] ? copy_mount_options+0x1fe/0x2f0 [ 410.605579] SyS_mount+0xab/0x120 [ 410.609017] ? copy_mnt_ns+0x8c0/0x8c0 [ 410.612901] do_syscall_64+0x1e8/0x640 [ 410.616774] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.621606] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 410.626780] RIP: 0033:0x45d08a [ 410.629957] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 410.637651] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 410.644904] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 410.652168] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 410.659424] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 410.666677] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 410.681033] protocol 88fb is buggy, dev hsr_slave_0 [ 410.686515] protocol 88fb is buggy, dev hsr_slave_1 [ 410.693257] protocol 88fb is buggy, dev hsr_slave_0 [ 410.698795] protocol 88fb is buggy, dev hsr_slave_1 [ 410.790313] protocol 88fb is buggy, dev hsr_slave_0 [ 410.796232] protocol 88fb is buggy, dev hsr_slave_1 14:33:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000080)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001f00000000001fffffff60000005f42485266535f0d7acf361999", 0x4d, 0x10000}], 0x8, 0x0) 14:33:47 executing program 2 (fault-call:3 fault-nth:74): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:47 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@text16={0x10, &(0x7f0000000080)="2e0f38f126098866dfa8a1c00f07baf80c66b851f8608666efbafc0cb00dee6467660f3810cf6766c7442400440000006766c74424022ad16bc46766c744240600000000670f011c24f30fc7752266b80000c0fe0f23d0b89b008ee866353000000f0f23f8b83b008ed866b9800000c00f326635010000000f30", 0x234}], 0x32, 0x0, 0x0, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) r4 = open(0x0, 0x60002, 0x0) ioctl$KDGKBDIACR(r4, 0x4b4a, 0x0) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4cb, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff7f, 0x8], 0x18000}) ioctl$KVM_SET_IDENTITY_MAP_ADDR(0xffffffffffffffff, 0x4008ae48, &(0x7f0000000000)=0x1000) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000140)) ioctl$KVM_RUN(r3, 0xae80, 0x0) 14:33:47 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) lsetxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000140)={'U-', 0x6}, 0x28, 0x1) [ 410.989630] FAULT_INJECTION: forcing a failure. [ 410.989630] name failslab, interval 1, probability 0, space 0, times 0 [ 411.031540] protocol 88fb is buggy, dev hsr_slave_0 [ 411.037078] protocol 88fb is buggy, dev hsr_slave_1 [ 411.037481] CPU: 0 PID: 20397 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 411.049152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.049158] Call Trace: [ 411.049175] dump_stack+0x142/0x197 [ 411.049195] should_fail.cold+0x10f/0x159 [ 411.049216] should_failslab+0xdb/0x130 [ 411.049228] kmem_cache_alloc+0x2d7/0x780 [ 411.077018] ? save_stack_trace+0x16/0x20 [ 411.081179] ? save_stack+0x45/0xd0 [ 411.084802] ? kasan_kmalloc+0xce/0xf0 [ 411.084812] ? kmem_cache_alloc_trace+0x152/0x790 [ 411.084823] ? btrfs_mount+0x1069/0x2b28 [ 411.084831] ? mount_fs+0x97/0x2a1 [ 411.084848] getname_kernel+0x53/0x350 [ 411.093564] kern_path+0x20/0x40 [ 411.093576] lookup_bdev.part.0+0x63/0x160 [ 411.093585] ? blkdev_open+0x260/0x260 [ 411.093596] ? btrfs_open_devices+0x27/0xb0 [ 411.093609] blkdev_get_by_path+0x76/0xf0 [ 411.093619] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 411.093630] __btrfs_open_devices+0x194/0xab0 [ 411.093639] ? check_preemption_disabled+0x3c/0x250 [ 411.093652] ? find_device+0x100/0x100 [ 411.101225] ? btrfs_mount+0x1069/0x2b28 [ 411.101238] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.101255] btrfs_open_devices+0xa4/0xb0 [ 411.101267] btrfs_mount+0x11b4/0x2b28 [ 411.101278] ? lock_downgrade+0x740/0x740 [ 411.101286] ? find_held_lock+0x35/0x130 [ 411.101296] ? pcpu_alloc+0x3af/0x1050 [ 411.101317] ? btrfs_remount+0x11f0/0x11f0 [ 411.101332] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.181359] ? __lockdep_init_map+0x10c/0x570 [ 411.185873] mount_fs+0x97/0x2a1 [ 411.189242] vfs_kern_mount.part.0+0x5e/0x3d0 [ 411.193729] ? find_held_lock+0x35/0x130 [ 411.197787] vfs_kern_mount+0x40/0x60 [ 411.201589] btrfs_mount+0x3ce/0x2b28 [ 411.205386] ? lock_downgrade+0x740/0x740 [ 411.209538] ? find_held_lock+0x35/0x130 [ 411.213600] ? pcpu_alloc+0x3af/0x1050 [ 411.217493] ? btrfs_remount+0x11f0/0x11f0 [ 411.221728] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.226745] ? __lockdep_init_map+0x10c/0x570 [ 411.231236] ? __lockdep_init_map+0x10c/0x570 [ 411.235727] mount_fs+0x97/0x2a1 [ 411.239091] vfs_kern_mount.part.0+0x5e/0x3d0 [ 411.243586] do_mount+0x417/0x27d0 [ 411.247120] ? copy_mount_options+0x5c/0x2f0 [ 411.251521] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.256537] ? copy_mount_string+0x40/0x40 [ 411.260769] ? copy_mount_options+0x1fe/0x2f0 [ 411.265278] SyS_mount+0xab/0x120 [ 411.268741] ? copy_mnt_ns+0x8c0/0x8c0 [ 411.272635] do_syscall_64+0x1e8/0x640 [ 411.276525] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.281381] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.286573] RIP: 0033:0x45d08a [ 411.289756] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 411.297462] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 411.304730] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 411.311993] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 411.319257] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 411.326525] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:48 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) sched_setscheduler(0x0, 0x5, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r31 = getpid() sched_setattr(r31, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:48 executing program 2 (fault-call:3 fault-nth:75): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:48 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) ptrace$peek(0x3, r0, &(0x7f0000000080)) 14:33:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x21040, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f00000000c0)={0x4, &(0x7f00000001c0)=[{}, {}, {}, {}]}) connect$unix(r0, &(0x7f0000000140)=@file={0x1, './file0/file0\x00'}, 0x6e) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000240)=0x9, &(0x7f0000000280)=0x4) [ 411.637617] FAULT_INJECTION: forcing a failure. [ 411.637617] name failslab, interval 1, probability 0, space 0, times 0 [ 411.648859] CPU: 0 PID: 20424 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 411.648867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.648871] Call Trace: [ 411.648891] dump_stack+0x142/0x197 [ 411.648909] should_fail.cold+0x10f/0x159 [ 411.648924] should_failslab+0xdb/0x130 [ 411.668742] kmem_cache_alloc+0x47/0x780 [ 411.668766] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 411.668779] __radix_tree_create+0x337/0x4d0 [ 411.668794] page_cache_tree_insert+0xa7/0x2d0 [ 411.699190] ? file_check_and_advance_wb_err+0x380/0x380 [ 411.704648] ? debug_smp_processor_id+0x1c/0x20 [ 411.709332] __add_to_page_cache_locked+0x2ab/0x7e0 [ 411.714359] ? find_lock_entry+0x3f0/0x3f0 [ 411.718599] ? lock_downgrade+0x740/0x740 [ 411.722742] add_to_page_cache_lru+0xf4/0x310 [ 411.722754] ? add_to_page_cache_locked+0x40/0x40 [ 411.722764] ? __page_cache_alloc+0xdd/0x3e0 [ 411.722778] pagecache_get_page+0x1f5/0x750 [ 411.722795] __getblk_gfp+0x24b/0x710 [ 411.722805] ? lru_add_drain_all+0x18/0x20 [ 411.722822] __bread_gfp+0x2e/0x290 [ 411.732139] btrfs_read_dev_one_super+0x9f/0x270 [ 411.732153] btrfs_read_dev_super+0x5d/0xb0 [ 411.732163] ? btrfs_read_dev_one_super+0x270/0x270 [ 411.732179] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 411.732191] __btrfs_open_devices+0x194/0xab0 [ 411.732201] ? check_preemption_disabled+0x3c/0x250 [ 411.732215] ? find_device+0x100/0x100 [ 411.786094] ? btrfs_mount+0x1069/0x2b28 [ 411.790144] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.795203] btrfs_open_devices+0xa4/0xb0 [ 411.799340] btrfs_mount+0x11b4/0x2b28 [ 411.803212] ? lock_downgrade+0x740/0x740 [ 411.807347] ? find_held_lock+0x35/0x130 [ 411.811404] ? pcpu_alloc+0x3af/0x1050 [ 411.815278] ? btrfs_remount+0x11f0/0x11f0 [ 411.819522] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.824533] ? __lockdep_init_map+0x10c/0x570 [ 411.829018] mount_fs+0x97/0x2a1 [ 411.832374] vfs_kern_mount.part.0+0x5e/0x3d0 [ 411.836864] ? find_held_lock+0x35/0x130 [ 411.840930] vfs_kern_mount+0x40/0x60 [ 411.844717] btrfs_mount+0x3ce/0x2b28 [ 411.848509] ? lock_downgrade+0x740/0x740 [ 411.852648] ? find_held_lock+0x35/0x130 [ 411.856700] ? pcpu_alloc+0x3af/0x1050 [ 411.860579] ? btrfs_remount+0x11f0/0x11f0 [ 411.864803] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.869818] ? __lockdep_init_map+0x10c/0x570 [ 411.874302] ? __lockdep_init_map+0x10c/0x570 [ 411.878784] mount_fs+0x97/0x2a1 [ 411.882144] vfs_kern_mount.part.0+0x5e/0x3d0 [ 411.886796] do_mount+0x417/0x27d0 [ 411.890317] ? copy_mount_options+0x5c/0x2f0 [ 411.894720] ? rcu_read_lock_sched_held+0x110/0x130 [ 411.899720] ? copy_mount_string+0x40/0x40 [ 411.904028] ? copy_mount_options+0x1fe/0x2f0 [ 411.908511] SyS_mount+0xab/0x120 [ 411.911949] ? copy_mnt_ns+0x8c0/0x8c0 [ 411.915829] do_syscall_64+0x1e8/0x640 [ 411.919702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.924534] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.929708] RIP: 0033:0x45d08a [ 411.932882] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 411.940577] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 411.947840] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 411.955103] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 411.962732] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 411.973027] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:48 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 412.096667] bridge0: port 3(gretap0) entered blocking state [ 412.109731] bridge0: port 3(gretap0) entered disabled state [ 412.148804] device gretap0 entered promiscuous mode [ 412.177787] bridge0: port 3(gretap0) entered blocking state [ 412.184113] bridge0: port 3(gretap0) entered forwarding state 14:33:49 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:49 executing program 2 (fault-call:3 fault-nth:76): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x5c, 0x20540) ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f00000000c0)={0x6, 0xd000}) 14:33:49 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaadeb, &(0x7f0000000040), 0x0, 0x0) openat$vimc2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video2\x00', 0x2, 0x0) [ 412.425929] FAULT_INJECTION: forcing a failure. [ 412.425929] name failslab, interval 1, probability 0, space 0, times 0 [ 412.469638] CPU: 0 PID: 20461 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 412.476694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.476699] Call Trace: [ 412.476719] dump_stack+0x142/0x197 [ 412.476740] should_fail.cold+0x10f/0x159 [ 412.476754] should_failslab+0xdb/0x130 [ 412.476767] kmem_cache_alloc+0x2d7/0x780 [ 412.504596] ? save_stack_trace+0x16/0x20 [ 412.504607] ? save_stack+0x45/0xd0 [ 412.504615] ? kasan_kmalloc+0xce/0xf0 [ 412.504623] ? kmem_cache_alloc_trace+0x152/0x790 [ 412.504634] ? btrfs_mount+0x1069/0x2b28 [ 412.504643] ? mount_fs+0x97/0x2a1 [ 412.504654] getname_kernel+0x53/0x350 [ 412.504668] kern_path+0x20/0x40 [ 412.536008] lookup_bdev.part.0+0x63/0x160 [ 412.540254] ? blkdev_open+0x260/0x260 [ 412.544140] ? btrfs_open_devices+0x27/0xb0 [ 412.548468] blkdev_get_by_path+0x76/0xf0 [ 412.552629] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 412.557134] __btrfs_open_devices+0x194/0xab0 [ 412.561630] ? check_preemption_disabled+0x3c/0x250 [ 412.566664] ? find_device+0x100/0x100 [ 412.570553] ? btrfs_mount+0x1069/0x2b28 [ 412.574614] ? rcu_read_lock_sched_held+0x110/0x130 [ 412.579634] btrfs_open_devices+0xa4/0xb0 [ 412.583794] btrfs_mount+0x11b4/0x2b28 [ 412.587688] ? lock_downgrade+0x740/0x740 [ 412.591848] ? find_held_lock+0x35/0x130 [ 412.595909] ? pcpu_alloc+0x3af/0x1050 [ 412.599806] ? btrfs_remount+0x11f0/0x11f0 [ 412.604050] ? rcu_read_lock_sched_held+0x110/0x130 [ 412.609083] ? __lockdep_init_map+0x10c/0x570 [ 412.613591] mount_fs+0x97/0x2a1 [ 412.616964] vfs_kern_mount.part.0+0x5e/0x3d0 [ 412.621459] ? find_held_lock+0x35/0x130 [ 412.625527] vfs_kern_mount+0x40/0x60 [ 412.629337] btrfs_mount+0x3ce/0x2b28 [ 412.633141] ? lock_downgrade+0x740/0x740 [ 412.637289] ? find_held_lock+0x35/0x130 [ 412.641350] ? pcpu_alloc+0x3af/0x1050 [ 412.645247] ? btrfs_remount+0x11f0/0x11f0 [ 412.649490] ? rcu_read_lock_sched_held+0x110/0x130 [ 412.654518] ? __lockdep_init_map+0x10c/0x570 [ 412.659017] ? __lockdep_init_map+0x10c/0x570 [ 412.663520] mount_fs+0x97/0x2a1 [ 412.666897] vfs_kern_mount.part.0+0x5e/0x3d0 [ 412.671397] do_mount+0x417/0x27d0 [ 412.674939] ? copy_mount_options+0x5c/0x2f0 [ 412.679354] ? rcu_read_lock_sched_held+0x110/0x130 [ 412.684375] ? copy_mount_string+0x40/0x40 [ 412.688618] ? copy_mount_options+0x1fe/0x2f0 [ 412.693122] SyS_mount+0xab/0x120 [ 412.696580] ? copy_mnt_ns+0x8c0/0x8c0 [ 412.700478] do_syscall_64+0x1e8/0x640 [ 412.704370] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.709217] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.714405] RIP: 0033:0x45d08a [ 412.717592] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 412.725307] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 412.732582] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 412.739854] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 412.747134] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 412.754429] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:49 executing program 2 (fault-call:3 fault-nth:77): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) prctl$PR_SET_FP_MODE(0x2d, 0x0) syz_init_net_socket$netrom(0x6, 0x5, 0x0) [ 413.017682] FAULT_INJECTION: forcing a failure. [ 413.017682] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 413.029536] CPU: 1 PID: 20490 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 413.036559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.045917] Call Trace: [ 413.048517] dump_stack+0x142/0x197 [ 413.052178] should_fail.cold+0x10f/0x159 [ 413.056340] __alloc_pages_nodemask+0x1d6/0x7a0 [ 413.061020] ? __alloc_pages_slowpath+0x2930/0x2930 [ 413.066049] cache_grow_begin+0x80/0x400 [ 413.070116] kmem_cache_alloc+0x6a6/0x780 [ 413.074262] ? save_stack_trace+0x16/0x20 [ 413.074271] ? save_stack+0x45/0xd0 [ 413.074278] ? kmem_cache_alloc_trace+0x152/0x790 [ 413.074292] getname_kernel+0x53/0x350 [ 413.074302] kern_path+0x20/0x40 [ 413.074314] lookup_bdev.part.0+0x63/0x160 [ 413.082086] ? blkdev_open+0x260/0x260 [ 413.082097] ? btrfs_open_devices+0x27/0xb0 [ 413.082107] blkdev_get_by_path+0x76/0xf0 [ 413.082117] btrfs_get_bdev_and_sb+0x38/0x2e0 14:33:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x3, 0x2) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in=@initdev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@remote}}, &(0x7f0000000280)=0xe8) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) accept4$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14, 0x800) r6 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) getsockname$packet(r8, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r10 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) getsockname$packet(r12, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=r13, @ANYBLOB="00000023000000000800a03c13c30000f73416c506a8b5da60d9439afa94a1639a5f9e0bb064fd60b84177fec804da98e48cb09a96d6eb0cbc135d1b000100008c808e4d10c5609797040c2441571cd9c86146f1da8151689010c0e761800e117d76721a63fcf579e6578c4805eed90f8c519e79833ea2d346640f0d86c6dcb78e60f74554d3c9541e26dbcb7016f1dafd212c1edf6fa01a1591c9d42e63773481d635a6607ec875dd933b56fafee3f4ba6800"/190], 0x28}}, 0x0) r14 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) getsockname$packet(r16, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r14, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r17}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r18 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r20 = dup(r19) getsockname$packet(r20, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r18, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r21}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r22 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r24 = dup(r23) getsockname$packet(r24, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r22, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r25}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r26 = socket$inet6_tcp(0xa, 0x1, 0x0) r27 = dup2(r26, r26) ioctl$PERF_EVENT_IOC_ENABLE(r27, 0x8912, 0x400200) getsockopt$inet_pktinfo(r27, 0x0, 0x8, &(0x7f0000004940)={0x0, @empty}, &(0x7f0000004980)=0xc) r29 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r31 = dup(r30) getsockname$packet(r31, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r29, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r32}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0xf0, &(0x7f00000049c0)={'veth0_to_bond\x00', @ifru_addrs=@xdp={0x2c, 0x4, 0x0, 0x1}}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004fc0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40040000}, 0xc, &(0x7f0000004f80)={&(0x7f0000004a00)={0x57c, r1, 0x300, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r2}, {0x1a0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x80}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r9}}}, {0x6c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x3c, 0x4, [{0x8, 0x5, 0x3, 0x2}, {0x9, 0x75, 0x1, 0x1}, {0x20b, 0x5, 0x2, 0x8}, {0xff00, 0x5, 0x3f, 0x4}, {0x3f, 0x5, 0x2, 0xfffffffd}, {0x4, 0x3, 0xc6, 0x8001}, {0x4, 0x1, 0x3, 0x6}]}}}]}}, {{0x8, 0x1, r13}, {0x60, 0x2, [{0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x7fff, 0x0, 0x8, 0xffffffff}, {0x8, 0x3, 0x5, 0x2}, {0x7, 0x7f, 0x7f, 0x2}, {0x5, 0x0, 0x2e, 0x2}, {0x7fff, 0x80, 0x7, 0x99}]}}}]}}, {{0x8, 0x1, r17}, {0x1a4, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xfc88}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x34, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x2}}, {0x8, 0x6, r21}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r25}, {0x78, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x148000}}}]}}, {{0x8, 0x1, r32}, {0x124, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x20}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r33}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}]}}]}, 0x57c}, 0x1, 0x0, 0x0, 0x8000}, 0x26e269becab0c593) [ 413.082129] __btrfs_open_devices+0x194/0xab0 [ 413.082138] ? check_preemption_disabled+0x3c/0x250 [ 413.082151] ? find_device+0x100/0x100 [ 413.082159] ? btrfs_mount+0x1069/0x2b28 [ 413.082173] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.137686] btrfs_open_devices+0xa4/0xb0 [ 413.141847] btrfs_mount+0x11b4/0x2b28 [ 413.145756] ? lock_downgrade+0x740/0x740 [ 413.149907] ? find_held_lock+0x35/0x130 [ 413.153973] ? pcpu_alloc+0x3af/0x1050 [ 413.157877] ? btrfs_remount+0x11f0/0x11f0 [ 413.162127] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.167151] ? __lockdep_init_map+0x10c/0x570 [ 413.171650] mount_fs+0x97/0x2a1 [ 413.171664] vfs_kern_mount.part.0+0x5e/0x3d0 [ 413.171673] ? find_held_lock+0x35/0x130 [ 413.171686] vfs_kern_mount+0x40/0x60 [ 413.171700] btrfs_mount+0x3ce/0x2b28 [ 413.171709] ? lock_downgrade+0x740/0x740 [ 413.171718] ? find_held_lock+0x35/0x130 [ 413.171728] ? pcpu_alloc+0x3af/0x1050 [ 413.171750] ? btrfs_remount+0x11f0/0x11f0 [ 413.171767] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.171787] ? __lockdep_init_map+0x10c/0x570 [ 413.171798] ? __lockdep_init_map+0x10c/0x570 [ 413.171812] mount_fs+0x97/0x2a1 [ 413.171832] vfs_kern_mount.part.0+0x5e/0x3d0 [ 413.221563] do_mount+0x417/0x27d0 [ 413.221584] ? copy_mount_string+0x40/0x40 [ 413.229430] ? copy_mount_options+0x18f/0x2f0 [ 413.229444] ? __sanitizer_cov_trace_pc+0x31/0x60 [ 413.229456] ? copy_mount_options+0x1fe/0x2f0 [ 413.229467] SyS_mount+0xab/0x120 [ 413.229476] ? copy_mnt_ns+0x8c0/0x8c0 [ 413.258587] do_syscall_64+0x1e8/0x640 [ 413.262484] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.267349] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.272543] RIP: 0033:0x45d08a [ 413.275735] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 413.283619] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 413.290888] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 413.298160] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 413.305534] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 14:33:50 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) sched_setscheduler(0x0, 0x5, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r31 = getpid() sched_setattr(r31, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 413.312807] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 413.320408] bridge0: port 3(gretap0) entered disabled state [ 413.326261] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.333529] bridge0: port 1(bridge_slave_0) entered disabled state 14:33:50 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:50 executing program 2 (fault-call:3 fault-nth:78): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2c220aeb758ed9363209c563b00", @ANYRES16=r3, @ANYBLOB="bbf200000000000000000c0000000c0005000800010069620000"], 0x20}}, 0x0) ioctl$SIOCGSTAMP(r2, 0x8906, &(0x7f00000000c0)) accept4$packet(r1, 0x0, &(0x7f0000000080), 0x1800) [ 413.614123] FAULT_INJECTION: forcing a failure. [ 413.614123] name failslab, interval 1, probability 0, space 0, times 0 [ 413.631864] CPU: 1 PID: 20524 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 413.638912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.648275] Call Trace: [ 413.650881] dump_stack+0x142/0x197 [ 413.654524] should_fail.cold+0x10f/0x159 [ 413.658689] should_failslab+0xdb/0x130 [ 413.662672] kmem_cache_alloc+0x2d7/0x780 [ 413.666826] ? out_of_line_wait_on_bit+0xba/0xd0 [ 413.671587] ? __wait_on_bit+0x130/0x130 [ 413.675661] getname_kernel+0x53/0x350 [ 413.679556] kern_path+0x20/0x40 [ 413.682923] lookup_bdev.part.0+0x63/0x160 [ 413.687185] ? blkdev_open+0x260/0x260 [ 413.691085] ? btrfs_read_dev_super+0x77/0xb0 [ 413.695587] blkdev_get_by_path+0x76/0xf0 [ 413.699736] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 413.704237] __btrfs_open_devices+0x194/0xab0 [ 413.708737] ? find_device+0x100/0x100 [ 413.712628] ? btrfs_mount+0x1069/0x2b28 [ 413.716689] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.721717] btrfs_open_devices+0xa4/0xb0 [ 413.725871] btrfs_mount+0x11b4/0x2b28 [ 413.729764] ? lock_downgrade+0x740/0x740 [ 413.733917] ? find_held_lock+0x35/0x130 [ 413.737988] ? pcpu_alloc+0x3af/0x1050 [ 413.741893] ? btrfs_remount+0x11f0/0x11f0 [ 413.746151] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.751183] ? __lockdep_init_map+0x10c/0x570 [ 413.755688] mount_fs+0x97/0x2a1 [ 413.759073] vfs_kern_mount.part.0+0x5e/0x3d0 [ 413.763570] ? find_held_lock+0x35/0x130 [ 413.767722] vfs_kern_mount+0x40/0x60 [ 413.771531] btrfs_mount+0x3ce/0x2b28 [ 413.775334] ? lock_downgrade+0x740/0x740 [ 413.782007] ? find_held_lock+0x35/0x130 [ 413.786068] ? pcpu_alloc+0x3af/0x1050 [ 413.789967] ? btrfs_remount+0x11f0/0x11f0 [ 413.794209] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.799239] ? __lockdep_init_map+0x10c/0x570 [ 413.803737] ? __lockdep_init_map+0x10c/0x570 [ 413.808238] mount_fs+0x97/0x2a1 [ 413.811610] vfs_kern_mount.part.0+0x5e/0x3d0 [ 413.816112] do_mount+0x417/0x27d0 [ 413.819650] ? copy_mount_options+0x5c/0x2f0 [ 413.824057] ? rcu_read_lock_sched_held+0x110/0x130 [ 413.829077] ? copy_mount_string+0x40/0x40 [ 413.833312] ? copy_mount_options+0x1fe/0x2f0 [ 413.837821] SyS_mount+0xab/0x120 [ 413.841273] ? copy_mnt_ns+0x8c0/0x8c0 [ 413.845167] do_syscall_64+0x1e8/0x640 [ 413.849054] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.853907] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.859120] RIP: 0033:0x45d08a 14:33:50 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = dup2(r1, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_ACCEPT(r2, &(0x7f0000000140)={0x8, 0x120, 0xfa00, {0x2, {0x1f, 0x20, "1d008a1c352e943fd6c8f4d6f11c48284e6f20b4b8d5bdadb1ff251a8859a9617ad77e455955fef3037eedf81a2d3750b58e5510b71c7c0305d4ab3d0aabe37ae52366565a9809ff2233091b7626bd337c3090af2f547c10e02c24bbc4f1ca8868c887e4c3219602923da5bf6b6122b0752592d564c0cbe6d7ee56360cb86ea59cd5f3c0b0a3d3bfcb8a40abcc1b232740e7c923133654486a34ea9868031bff260729996124995645a9cbc473c7686589b7ffd72ca090732dd4226e27e1145a23cfed05ed51e8632943adf85b213ef2b4372c62530d6dd414007bb1c1c9888041f0a15cbd10b6aae65cf717b11bd2c049b4ea5ea4e02f468d1495d71c5ef5f9", 0x1, 0xfa, 0x6, 0xa4, 0x1, 0x5, 0x1, 0x1}}}, 0x128) r3 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$UI_END_FF_ERASE(r3, 0x400c55cb, &(0x7f0000000080)={0x5, 0xffff, 0xdb4a}) [ 413.862310] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 413.870018] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 413.877286] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 413.884553] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 413.891841] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 413.899198] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:50 executing program 0: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x3, 0x2) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000180)={{{@in=@initdev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@remote}}, &(0x7f0000000280)=0xe8) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) accept4$packet(r4, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000380)=0x14, 0x800) r6 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) getsockname$packet(r8, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r9}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r10 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) getsockname$packet(r12, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000001000010800"/20, @ANYRES32=r13, @ANYBLOB="00000023000000000800a03c13c30000f73416c506a8b5da60d9439afa94a1639a5f9e0bb064fd60b84177fec804da98e48cb09a96d6eb0cbc135d1b000100008c808e4d10c5609797040c2441571cd9c86146f1da8151689010c0e761800e117d76721a63fcf579e6578c4805eed90f8c519e79833ea2d346640f0d86c6dcb78e60f74554d3c9541e26dbcb7016f1dafd212c1edf6fa01a1591c9d42e63773481d635a6607ec875dd933b56fafee3f4ba6800"/190], 0x28}}, 0x0) r14 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) getsockname$packet(r16, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r14, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r17}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r18 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r20 = dup(r19) getsockname$packet(r20, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r18, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r21}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r22 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r24 = dup(r23) getsockname$packet(r24, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r22, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r25}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) r26 = socket$inet6_tcp(0xa, 0x1, 0x0) r27 = dup2(r26, r26) ioctl$PERF_EVENT_IOC_ENABLE(r27, 0x8912, 0x400200) getsockopt$inet_pktinfo(r27, 0x0, 0x8, &(0x7f0000004940)={0x0, @empty}, &(0x7f0000004980)=0xc) r29 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r31 = dup(r30) getsockname$packet(r31, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r29, &(0x7f0000000080)={0x0, 0xfffffffffffffe40, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r32}, [@IFLA_PROTO_DOWN={0x8}]}, 0x28}}, 0x0) ioctl$sock_ifreq(0xffffffffffffffff, 0xf0, &(0x7f00000049c0)={'veth0_to_bond\x00', @ifru_addrs=@xdp={0x2c, 0x4, 0x0, 0x1}}) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004fc0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40040000}, 0xc, &(0x7f0000004f80)={&(0x7f0000004a00)={0x57c, r1, 0x300, 0x70bd25, 0x25dfdbfb, {}, [{{0x8, 0x1, r2}, {0x1a0, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x80}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r9}}}, {0x6c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x3c, 0x4, [{0x8, 0x5, 0x3, 0x2}, {0x9, 0x75, 0x1, 0x1}, {0x20b, 0x5, 0x2, 0x8}, {0xff00, 0x5, 0x3f, 0x4}, {0x3f, 0x5, 0x2, 0xfffffffd}, {0x4, 0x3, 0xc6, 0x8001}, {0x4, 0x1, 0x3, 0x6}]}}}]}}, {{0x8, 0x1, r13}, {0x60, 0x2, [{0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x7fff, 0x0, 0x8, 0xffffffff}, {0x8, 0x3, 0x5, 0x2}, {0x7, 0x7f, 0x7f, 0x2}, {0x5, 0x0, 0x2e, 0x2}, {0x7fff, 0x80, 0x7, 0x99}]}}}]}}, {{0x8, 0x1, r17}, {0x1a4, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0xfc88}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x34, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x2}}, {0x8, 0x6, r21}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8}}, {0x8}}}]}}, {{0x8, 0x1, r25}, {0x78, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r28}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x148000}}}]}}, {{0x8, 0x1, r32}, {0x124, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8}, {0x8, 0x4, 0x20}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r33}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}]}}]}, 0x57c}, 0x1, 0x0, 0x0, 0x8000}, 0x26e269becab0c593) 14:33:50 executing program 2 (fault-call:3 fault-nth:79): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 414.072631] bridge0: port 3(gretap0) entered disabled state [ 414.078527] bridge0: port 2(bridge_slave_1) entered disabled state [ 414.085190] bridge0: port 1(bridge_slave_0) entered disabled state 14:33:51 executing program 3: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x80) ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f00000000c0)={@reserved}) syz_mount_image$btrfs(&(0x7f0000000080)='btrf\xdf\xa9', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000000140)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60100005f42485266535f4dfbc95ceed068f53baea5810988f59b400d4c8e067ae5d518655b7415a26aa861b8afa564f9ef457cdfee4dd48c7002d855f518124fccd79cb6d8e04e67795daa42e6b8fd69f5cd6b856e4617ffbed67bb6370d95e7672316565c63145312423863392d0eed9edffffd6357beccc74b5f7e352f28d8e3d703066c250bab7cbc20e9887524ddf1ec446b67a54e00bb1b01e7", 0xd9, 0x10000}], 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = dup2(r3, r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r4, 0x54a3) setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000240)={{0xc, @loopback, 0x4e24, 0x4, 'lblcr\x00', 0x8, 0x4, 0x20}, {@loopback, 0x4e21, 0x2000, 0xfd90, 0x81, 0x6}}, 0x44) 14:33:51 executing program 1: ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f0000000140)={0x100, 0x1, 0xfffffff8, 'queue0\x00', 0x3ff}) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2a, 0x8000) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f00000000c0)=0x2, 0x4) 14:33:51 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 414.212744] FAULT_INJECTION: forcing a failure. [ 414.212744] name failslab, interval 1, probability 0, space 0, times 0 [ 414.275775] CPU: 1 PID: 20552 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 414.282843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.292210] Call Trace: [ 414.294809] dump_stack+0x142/0x197 [ 414.298463] should_fail.cold+0x10f/0x159 [ 414.302630] should_failslab+0xdb/0x130 [ 414.306613] kmem_cache_alloc+0x2d7/0x780 [ 414.310764] ? save_stack_trace+0x16/0x20 [ 414.314911] ? save_stack+0x45/0xd0 [ 414.318539] ? kasan_kmalloc+0xce/0xf0 [ 414.322424] ? kmem_cache_alloc_trace+0x152/0x790 [ 414.327267] ? btrfs_mount+0x1069/0x2b28 [ 414.331331] ? mount_fs+0x97/0x2a1 [ 414.334874] getname_kernel+0x53/0x350 [ 414.338768] kern_path+0x20/0x40 [ 414.342141] lookup_bdev.part.0+0x63/0x160 [ 414.346401] ? blkdev_open+0x260/0x260 [ 414.350287] ? btrfs_open_devices+0x27/0xb0 [ 414.354609] blkdev_get_by_path+0x76/0xf0 [ 414.358760] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 414.363258] __btrfs_open_devices+0x194/0xab0 [ 414.368061] ? check_preemption_disabled+0x3c/0x250 [ 414.373089] ? find_device+0x100/0x100 [ 414.377070] ? btrfs_mount+0x1069/0x2b28 [ 414.381135] ? rcu_read_lock_sched_held+0x110/0x130 [ 414.386161] btrfs_open_devices+0xa4/0xb0 [ 414.390319] btrfs_mount+0x11b4/0x2b28 [ 414.394213] ? lock_downgrade+0x740/0x740 [ 414.398360] ? find_held_lock+0x35/0x130 [ 414.402427] ? pcpu_alloc+0x3af/0x1050 [ 414.406326] ? btrfs_remount+0x11f0/0x11f0 [ 414.410566] ? rcu_read_lock_sched_held+0x110/0x130 [ 414.415600] ? __lockdep_init_map+0x10c/0x570 [ 414.420104] mount_fs+0x97/0x2a1 [ 414.423494] vfs_kern_mount.part.0+0x5e/0x3d0 [ 414.427991] ? find_held_lock+0x35/0x130 [ 414.432067] vfs_kern_mount+0x40/0x60 [ 414.435885] btrfs_mount+0x3ce/0x2b28 [ 414.439690] ? lock_downgrade+0x740/0x740 [ 414.443946] ? find_held_lock+0x35/0x130 [ 414.448013] ? pcpu_alloc+0x3af/0x1050 [ 414.451909] ? btrfs_remount+0x11f0/0x11f0 [ 414.456158] ? rcu_read_lock_sched_held+0x110/0x130 [ 414.461271] ? __lockdep_init_map+0x10c/0x570 [ 414.465768] ? __lockdep_init_map+0x10c/0x570 [ 414.470268] mount_fs+0x97/0x2a1 [ 414.473640] vfs_kern_mount.part.0+0x5e/0x3d0 [ 414.478230] do_mount+0x417/0x27d0 [ 414.481772] ? retint_kernel+0x2d/0x2d [ 414.485667] ? copy_mount_string+0x40/0x40 [ 414.489929] ? copy_mount_options+0x195/0x2f0 [ 414.494425] ? copy_mount_options+0x1fe/0x2f0 [ 414.498928] SyS_mount+0xab/0x120 [ 414.502377] ? copy_mnt_ns+0x8c0/0x8c0 [ 414.506273] do_syscall_64+0x1e8/0x640 [ 414.510161] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.515011] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 414.520199] RIP: 0033:0x45d08a [ 414.523380] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 414.531088] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 414.538353] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 414.545618] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 414.552885] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 414.560154] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 414.604016] IPVS: set_ctl: invalid protocol: 12 127.0.0.1:20004 14:33:51 executing program 2 (fault-call:3 fault-nth:80): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:51 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000080)={0x5, 0xd8, 0x2, 0x7}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = dup2(r2, r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_SUBDEV_S_SELECTION(r3, 0xc040563e, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4, {0x6, 0x23c, 0xc4, 0x1}}) [ 414.832175] FAULT_INJECTION: forcing a failure. [ 414.832175] name failslab, interval 1, probability 0, space 0, times 0 [ 414.844305] CPU: 0 PID: 20584 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 414.851375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.860731] Call Trace: [ 414.863328] dump_stack+0x142/0x197 [ 414.866970] should_fail.cold+0x10f/0x159 [ 414.871119] ? __lock_is_held+0xb6/0x140 [ 414.875209] ? mempool_free+0x1d0/0x1d0 [ 414.879186] should_failslab+0xdb/0x130 [ 414.883168] kmem_cache_alloc+0x47/0x780 [ 414.887236] ? mempool_free+0x1d0/0x1d0 [ 414.891209] mempool_alloc_slab+0x47/0x60 [ 414.895361] mempool_alloc+0x138/0x300 [ 414.899332] ? __find_get_block+0x5c4/0xb10 [ 414.903665] ? remove_element.isra.0+0x1b0/0x1b0 [ 414.908426] ? mark_held_locks+0xb1/0x100 [ 414.912578] ? save_trace+0x290/0x290 [ 414.916401] ? trace_hardirqs_on_caller+0x400/0x590 [ 414.921420] bio_alloc_bioset+0x368/0x680 [ 414.925578] ? bvec_alloc+0x2e0/0x2e0 [ 414.929379] ? __getblk_gfp+0x5c/0x710 [ 414.933273] submit_bh_wbc+0xf6/0x720 [ 414.937080] __bread_gfp+0x106/0x290 [ 414.940798] btrfs_read_dev_one_super+0x9f/0x270 [ 414.945552] btrfs_read_dev_super+0x5d/0xb0 [ 414.949874] ? btrfs_read_dev_one_super+0x270/0x270 [ 414.955164] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 414.959663] __btrfs_open_devices+0x194/0xab0 [ 414.964156] ? check_preemption_disabled+0x3c/0x250 [ 414.969180] ? find_device+0x100/0x100 [ 414.973063] ? btrfs_mount+0x1069/0x2b28 [ 414.977123] ? rcu_read_lock_sched_held+0x110/0x130 [ 414.982145] btrfs_open_devices+0xa4/0xb0 [ 414.986299] btrfs_mount+0x11b4/0x2b28 [ 414.990183] ? lock_downgrade+0x740/0x740 [ 414.994326] ? find_held_lock+0x35/0x130 [ 414.998398] ? pcpu_alloc+0x3af/0x1050 [ 415.002292] ? btrfs_remount+0x11f0/0x11f0 [ 415.006534] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.011664] ? __lockdep_init_map+0x10c/0x570 [ 415.016165] mount_fs+0x97/0x2a1 [ 415.019534] vfs_kern_mount.part.0+0x5e/0x3d0 [ 415.024033] ? find_held_lock+0x35/0x130 [ 415.028106] vfs_kern_mount+0x40/0x60 [ 415.031906] btrfs_mount+0x3ce/0x2b28 [ 415.035707] ? lock_downgrade+0x740/0x740 [ 415.040287] ? find_held_lock+0x35/0x130 [ 415.044353] ? pcpu_alloc+0x3af/0x1050 [ 415.048252] ? btrfs_remount+0x11f0/0x11f0 [ 415.052491] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.057515] ? __lockdep_init_map+0x10c/0x570 [ 415.062019] ? __lockdep_init_map+0x10c/0x570 [ 415.066521] mount_fs+0x97/0x2a1 [ 415.069894] vfs_kern_mount.part.0+0x5e/0x3d0 [ 415.074394] do_mount+0x417/0x27d0 [ 415.077936] ? copy_mount_options+0x5c/0x2f0 [ 415.082352] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.087376] ? copy_mount_string+0x40/0x40 [ 415.091616] ? copy_mount_options+0x1fe/0x2f0 [ 415.096110] SyS_mount+0xab/0x120 [ 415.096118] ? copy_mnt_ns+0x8c0/0x8c0 [ 415.096132] do_syscall_64+0x1e8/0x640 [ 415.096147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.103467] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.103475] RIP: 0033:0x45d08a [ 415.103480] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 415.103490] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 415.103496] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 415.103502] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 415.103507] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 415.103512] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:52 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) sched_setscheduler(0x0, 0x5, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r31 = getpid() sched_setattr(r31, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r1) stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r5) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r6) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, r7) r8 = open(&(0x7f0000000340)='./file0\x00', 0x2a8000, 0x8) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r8, 0x84, 0x15, &(0x7f0000000380)={0xf8}, 0x1) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="02000000010002000000000002000e00", @ANYRES32=r1, @ANYBLOB="02000300", @ANYRES32=r2, @ANYBLOB="02000200", @ANYRES32=r4, @ANYBLOB="0400070000000e0008000000", @ANYRES32=r5, @ANYBLOB="08000400", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r7, @ANYBLOB='\b\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="10000300000000002000040000000000"], 0x5c, 0x1) 14:33:52 executing program 4: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) r31 = getpid() perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:52 executing program 2 (fault-call:3 fault-nth:81): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:52 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={r1, 0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000100)='\x00', r30}, 0x30) sched_setscheduler(0x0, 0x5, &(0x7f0000000380)) perf_event_open(0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r31 = getpid() sched_setattr(r31, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) [ 415.360151] net_ratelimit: 18 callbacks suppressed [ 415.360157] protocol 88fb is buggy, dev hsr_slave_0 [ 415.370280] protocol 88fb is buggy, dev hsr_slave_1 [ 415.397411] FAULT_INJECTION: forcing a failure. [ 415.397411] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 415.409246] CPU: 1 PID: 20607 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 415.416260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.416266] Call Trace: [ 415.416286] dump_stack+0x142/0x197 [ 415.416306] should_fail.cold+0x10f/0x159 [ 415.416327] __alloc_pages_nodemask+0x1d6/0x7a0 [ 415.416341] ? __alloc_pages_slowpath+0x2930/0x2930 [ 415.431907] cache_grow_begin+0x80/0x400 [ 415.431922] kmem_cache_alloc+0x6a6/0x780 [ 415.431932] ? save_stack_trace+0x16/0x20 [ 415.431941] ? save_stack+0x45/0xd0 [ 415.431948] ? kmem_cache_alloc_trace+0x152/0x790 [ 415.431961] getname_kernel+0x53/0x350 [ 415.440754] kern_path+0x20/0x40 [ 415.440766] lookup_bdev.part.0+0x63/0x160 [ 415.440775] ? blkdev_open+0x260/0x260 [ 415.440787] ? btrfs_open_devices+0x27/0xb0 [ 415.440798] blkdev_get_by_path+0x76/0xf0 [ 415.440807] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 415.440819] __btrfs_open_devices+0x194/0xab0 [ 415.440828] ? check_preemption_disabled+0x3c/0x250 [ 415.440841] ? find_device+0x100/0x100 14:33:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="200000000c4d18ab27c328aa3028df533396ad80680cf26ecc5ce16df078a482fe970b0961490f017dd6e83fd0e5f9105b4b15af38a1d81096814c4ec6ad55984d3db1755f76a2a1fecdc6aa3d246cd7bc79d5218a1bb84326da5a8de809243fb2819e129800977c7233b2065adb04accb9b1aa1d0d97501baf48cc5f48461dfbced65af24dd95ecb69aed281236d69e33693a66ee2624bc59775618c7e2d01f0304a85a1520a956c454a86d5ddebedb4621b098b5dd24c5195e07bd46e14b70c8589954eb5de6ca35748a9e8cf150658ec794247d5afc480c5460c41bcd035e37077dae37df7ec2eadacbe0aa2987c7232e00836aebdaf33e9e45314b3d26e16ff471e27c8410c1d1f7fdd2fb02dff6433820db4a69d8d5f81a470b1ad26121a7000000000000ae16f49df5272c9ba6e3", @ANYRES16=r3, @ANYBLOB="bbf200000000000000000c0000000c0005000800010069620000"], 0x20}}, 0x0) sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x42000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x814) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0xc080661a, &(0x7f00000001c0)={{0x0, 0x0, @identifier="c188fbe64c6aee438a1f098cf53f8feb"}}) [ 415.440850] ? btrfs_mount+0x1069/0x2b28 [ 415.440862] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.440877] btrfs_open_devices+0xa4/0xb0 [ 415.440888] btrfs_mount+0x11b4/0x2b28 [ 415.440899] ? lock_downgrade+0x740/0x740 [ 415.440907] ? find_held_lock+0x35/0x130 [ 415.440917] ? pcpu_alloc+0x3af/0x1050 [ 415.440932] ? btrfs_remount+0x11f0/0x11f0 [ 415.440945] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.440964] ? __lockdep_init_map+0x10c/0x570 [ 415.440981] mount_fs+0x97/0x2a1 [ 415.490542] vfs_kern_mount.part.0+0x5e/0x3d0 [ 415.490554] ? find_held_lock+0x35/0x130 [ 415.490568] vfs_kern_mount+0x40/0x60 [ 415.490582] btrfs_mount+0x3ce/0x2b28 [ 415.490591] ? lock_downgrade+0x740/0x740 [ 415.490598] ? find_held_lock+0x35/0x130 [ 415.490607] ? pcpu_alloc+0x3af/0x1050 [ 415.490624] ? btrfs_remount+0x11f0/0x11f0 [ 415.490638] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.490655] ? __lockdep_init_map+0x10c/0x570 [ 415.504627] ? __lockdep_init_map+0x10c/0x570 [ 415.504645] mount_fs+0x97/0x2a1 [ 415.504659] vfs_kern_mount.part.0+0x5e/0x3d0 [ 415.504669] do_mount+0x417/0x27d0 [ 415.504676] ? copy_mount_options+0x5c/0x2f0 [ 415.504686] ? rcu_read_lock_sched_held+0x110/0x130 [ 415.504698] ? copy_mount_string+0x40/0x40 [ 415.504712] ? copy_mount_options+0x1fe/0x2f0 [ 415.504722] SyS_mount+0xab/0x120 [ 415.504728] ? copy_mnt_ns+0x8c0/0x8c0 [ 415.504741] do_syscall_64+0x1e8/0x640 [ 415.504749] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.504766] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.504774] RIP: 0033:0x45d08a [ 415.504779] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 415.504788] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 415.504793] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 415.504800] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 415.521883] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 415.521890] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 14:33:52 executing program 2 (fault-call:3 fault-nth:82): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x166, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0xfffffffffffffe06, 0x10001}], 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = dup2(r0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) recvfrom$inet(r1, &(0x7f0000000140)=""/212, 0xd4, 0x2, &(0x7f0000000080)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) 14:33:52 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaacdb, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x9, 0x800) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) write$input_event(r0, &(0x7f0000000140)={{r1, r2/1000+30000}, 0x17, 0x6, 0x8}, 0x18) [ 415.989043] FAULT_INJECTION: forcing a failure. [ 415.989043] name failslab, interval 1, probability 0, space 0, times 0 [ 416.032436] CPU: 1 PID: 20645 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 416.039502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.048860] Call Trace: [ 416.051462] dump_stack+0x142/0x197 [ 416.055108] should_fail.cold+0x10f/0x159 [ 416.059273] should_failslab+0xdb/0x130 [ 416.063256] kmem_cache_alloc+0x2d7/0x780 [ 416.067419] ? out_of_line_wait_on_bit+0xba/0xd0 [ 416.072181] ? __wait_on_bit+0x130/0x130 [ 416.076262] getname_kernel+0x53/0x350 [ 416.080184] kern_path+0x20/0x40 [ 416.083559] lookup_bdev.part.0+0x63/0x160 [ 416.087802] ? blkdev_open+0x260/0x260 [ 416.091690] ? btrfs_read_dev_super+0x77/0xb0 [ 416.096192] blkdev_get_by_path+0x76/0xf0 [ 416.100604] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 416.105110] __btrfs_open_devices+0x194/0xab0 [ 416.109621] ? find_device+0x100/0x100 [ 416.113516] ? btrfs_mount+0x1069/0x2b28 [ 416.117579] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.122605] btrfs_open_devices+0xa4/0xb0 [ 416.126766] btrfs_mount+0x11b4/0x2b28 [ 416.130673] ? lock_downgrade+0x740/0x740 [ 416.134825] ? find_held_lock+0x35/0x130 [ 416.138885] ? pcpu_alloc+0x3af/0x1050 [ 416.142786] ? btrfs_remount+0x11f0/0x11f0 [ 416.147028] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.152059] ? __lockdep_init_map+0x10c/0x570 [ 416.156575] mount_fs+0x97/0x2a1 [ 416.159949] vfs_kern_mount.part.0+0x5e/0x3d0 [ 416.164461] ? find_held_lock+0x35/0x130 [ 416.168967] vfs_kern_mount+0x40/0x60 [ 416.172779] btrfs_mount+0x3ce/0x2b28 [ 416.176584] ? lock_downgrade+0x740/0x740 [ 416.180739] ? find_held_lock+0x35/0x130 [ 416.184807] ? pcpu_alloc+0x3af/0x1050 [ 416.188704] ? btrfs_remount+0x11f0/0x11f0 [ 416.192947] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.197976] ? __lockdep_init_map+0x10c/0x570 [ 416.202474] ? __lockdep_init_map+0x10c/0x570 [ 416.206976] mount_fs+0x97/0x2a1 [ 416.210373] vfs_kern_mount.part.0+0x5e/0x3d0 [ 416.214957] do_mount+0x417/0x27d0 [ 416.218496] ? copy_mount_options+0x5c/0x2f0 [ 416.222924] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.227946] ? copy_mount_string+0x40/0x40 [ 416.227961] ? copy_mount_options+0x1fe/0x2f0 [ 416.227974] SyS_mount+0xab/0x120 [ 416.227981] ? copy_mnt_ns+0x8c0/0x8c0 [ 416.227994] do_syscall_64+0x1e8/0x640 [ 416.236729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.236747] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 416.236755] RIP: 0033:0x45d08a [ 416.236766] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 416.236778] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 416.276205] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 416.283476] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 416.290748] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 416.298101] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 416.310105] protocol 88fb is buggy, dev hsr_slave_0 [ 416.315379] protocol 88fb is buggy, dev hsr_slave_1 14:33:53 executing program 2 (fault-call:3 fault-nth:83): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f00000002c0)="8da4363ac0ed0200000000000001004d010000000000000000007a0000000000fff6f2a2299748aeb81e1b00b10efd9a000001000000000001fffffff60000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 14:33:53 executing program 1: syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x80400, 0x0, &(0x7f0000000040), 0x0, 0x0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f00000000c0)='./file0\x00', 0x3, 0x5, &(0x7f0000000580)=[{&(0x7f0000000140)="555efa8e5d0eaa0421d52b37c3267a9e06d93b1769dd4f3f1368dc51663bbeb80b1d2f29bf6eb351413e2482fb1b3b66294687c7db07919ebcd07c2417ad0026e9ef61317436ee4dbef164819a3bff18ebbe40fce67dd7237db84960fe9fe5c52994b84f1358276761b616c10ee19d62413de6822465b7281f2644c931013cf3bd0e62b1a04217bfdd288626", 0x8c, 0x1000}, {&(0x7f0000000340)="ee0dadaf38552949d32a0a9b9b6d7c08b1a69cb82b61f973380e217d6b60c45be74ce200c7d549a67d317b9657faf84ef79088a7c24f4d5a23af4e6491b259b0583c9f0aa270d2269b96a068bd76db5e45d1b2fa7aa1697902de5a2a14bbc03fb9bf5dd25b344d4064b583ddfb9a920e94f1dcde7acf41a796390e9140bc6cc01abdee95958a693add42691f1ed4b5a995fb1b37efaac669ee3dd617cc95218f801ae6b794cec2093423e53b79939bae64ceb7b4ddd42fe492b2d4c8c67edae4b63060f21ff457938df00f31374bf17a2d562cb09c8c0543a6", 0xd9, 0x5976}, {&(0x7f0000000440)="98d09d178f5ad74dd7e4be082dd302f85c38b42905ded269e20b311220ced8b1e53f7cdf7a0023fd60d37a120e2ed833698cd6fbc51f3e4eaa270d15a9c0db5b3600e5b455ee16e6b5d9c5c05820ac7f2531d5e4e886bf7beffc838f9bcd65c84c7ce1da1db9d4c833e9cda50caeef0f8ab1cab5d294c4e33b0979c4b9d31c6344cc8e50dbc899e3f09b96835c4f13cf116c062f54d4eee48b7b34c6255d7ec9ecd976af883f374c4a07a309dd33782f16057ffc8712df58d661e28047c0be69eceb10ba893c4b77991e494ebfcf3fe5066682a49b8e281b92d8efd1dede994cd5a47740601e0833c354dce88fbb52351d57b87e0e2bf6e96c4eb5ce", 0xfc, 0xebb5}, {&(0x7f0000000200)="f328a2d61088968c20211acbb853f5831ed59ec0c699cc8fd3758050612a2cc7c2ca147f67016e8dc91667d9b7de92ece23d5dbaf7ea31ac907cca8b75e18b49d306f93a663c11229272f70ec752b82f54cd38fd2b788040d2c3ee63d720db43cedea19dc6a65aab8d4e736278fa9e79123991c2bcb3b95e2864b4fa9edfdc306051b8122b6a568c48c53e3fc65efc450443b5f77ed03e50dba45a", 0x9b, 0xffffffff7fffffff}, {&(0x7f0000000540)="57ad0541183934995fd6a4c9ffa3b7fc457c3d1aa0e82b1b93287b9ccfb2c02851f9ba390a55641298e366", 0x2b, 0x6}], 0x40000, &(0x7f0000000600)=ANY=[@ANYBLOB="757466382c6d66745f7a6f6e655f6d756c7469706c6965723d3078303030303030303030303030303030322c6e6c733d63703933cbe710ef24f32f6330303030303030303030303030303030303030303034302c64697361626c655f7370617273653d6e6f2c756d61736b3d30303030303030303030303030303030303030303133322c66756e633d4d4f44554c455f434845434b2c00"]) [ 416.501689] FAULT_INJECTION: forcing a failure. [ 416.501689] name failslab, interval 1, probability 0, space 0, times 0 [ 416.521225] CPU: 1 PID: 20673 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 416.528271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.537722] Call Trace: [ 416.540325] dump_stack+0x142/0x197 [ 416.543972] should_fail.cold+0x10f/0x159 [ 416.548137] should_failslab+0xdb/0x130 [ 416.552118] kmem_cache_alloc_trace+0x2e9/0x790 [ 416.556802] btrfs_alloc_device+0xa4/0x6a0 [ 416.561036] ? __kmalloc+0x376/0x7a0 [ 416.564752] ? btrfs_find_device_by_devspec+0xf0/0xf0 [ 416.569955] ? __btrfs_close_devices+0x323/0xa90 [ 416.574720] __btrfs_close_devices+0x2c6/0xa90 [ 416.579312] ? btrfs_alloc_device+0x6a0/0x6a0 [ 416.583815] btrfs_close_devices+0x29/0x140 [ 416.589793] btrfs_mount+0x1fd9/0x2b28 [ 416.593685] ? lock_downgrade+0x740/0x740 [ 416.597835] ? find_held_lock+0x35/0x130 [ 416.601885] ? pcpu_alloc+0x3af/0x1050 [ 416.605758] ? btrfs_remount+0x11f0/0x11f0 [ 416.609975] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.614983] ? __lockdep_init_map+0x10c/0x570 [ 416.619460] mount_fs+0x97/0x2a1 [ 416.622813] vfs_kern_mount.part.0+0x5e/0x3d0 [ 416.627289] ? find_held_lock+0x35/0x130 [ 416.631342] vfs_kern_mount+0x40/0x60 [ 416.635146] btrfs_mount+0x3ce/0x2b28 [ 416.638935] ? lock_downgrade+0x740/0x740 [ 416.643064] ? find_held_lock+0x35/0x130 [ 416.647106] ? pcpu_alloc+0x3af/0x1050 [ 416.650996] ? btrfs_remount+0x11f0/0x11f0 [ 416.655287] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.660307] ? __lockdep_init_map+0x10c/0x570 [ 416.664818] ? __lockdep_init_map+0x10c/0x570 [ 416.669313] mount_fs+0x97/0x2a1 [ 416.672678] vfs_kern_mount.part.0+0x5e/0x3d0 [ 416.677178] do_mount+0x417/0x27d0 [ 416.680709] ? copy_mount_options+0x5c/0x2f0 [ 416.685127] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.690134] ? copy_mount_string+0x40/0x40 [ 416.694360] ? copy_mount_options+0x1fe/0x2f0 [ 416.698861] SyS_mount+0xab/0x120 [ 416.702311] ? copy_mnt_ns+0x8c0/0x8c0 [ 416.706192] do_syscall_64+0x1e8/0x640 [ 416.710072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.714925] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 416.720104] RIP: 0033:0x45d08a [ 416.723282] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 416.730975] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 416.738239] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 416.745496] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 14:33:53 executing program 5: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) vmsplice(r3, 0x0, 0x0, 0x0) r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2, 0x3, 0x0, 0x5, 0x80, 0x0, 0x801}, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000180)=@broute={'broute\x00', 0x20, 0x2, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, 0x0}, 0x78) r7 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r7, 0x0, 0x0) r8 = getpgrp(0x0) waitid(0x0, r8, &(0x7f00000002c0), 0x5, 0x0) ptrace$getregs(0xe, r8, 0x9, &(0x7f00000001c0)=""/68) r9 = getpgid(r8) r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00') ioctl$sock_SIOCGPGRP(r10, 0x8904, &(0x7f0000000000)=0x0) r12 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000500)='./cg\xab.\xc4\xd0\xcex\x177\x84\x0e\x95q\xd7\xf7d\xd2\x1di\x04\x18\xa9\xe5%\x12Z\xfdH\xd2\x8cp\xcc\xc4=\'\x00\xab\x1d\x99\x03\x91Kt\x98Q\x8eB\x92\x02p\xc8\\6\x86T\xb1\xfa\xaf\x8c\x8b\x94\xa5\xa2\x8aU\x14&\xab\x9c%\xd0>|\xbc\xe0\xab\xdd\xdd\x93\xf9q\x19\x86F\xd7Y\x19\v\x13\x17\xc0\x1brd.\x17\xad\xd5\x00$\x01\x87\x96\xd3XA\xb3\xb7\x81\xcd6\xd3\xe2\x8e\x8c\xd0\xf4y\xc5\x1e2\xd25\xdc\x0f\xd9\x8f~\'\xe2\xc9mCmA~\x0e\xfch\x94<(\xd3f\xbd\xc3\x91\x017L\x14X\xaf\x99\x90\x8bv\x9b#|z\x9a\x99\xaf\xbd\xb7{qJ>\"\x90\xc8\b\xc6~\rN\x16\xa5\xde\x98\xb3\xb2\xb5\xees]$\x12\xfb\xd1\n\xd5\xbe\xe4\xc4\xfd\x8c\x9e\xa6\x86WQ\xae\xaf\xf8(,\xff#\xe8|f\xcb\xaa\x1e,\xfc\xfa\xefI\x9d=$\x14\x8aI\x85_\xa6\n6\xabZ\xc5N\xa6\x1c\x8c\xd4\xf8z\xcd\\\x98gq\xc8\'\xd3\xb5\xb7\x98s\xd8\x9e}\xbbS\x98\xdc\xfa\xd1\x9b\xdcW\xaa\xe6{q\xae\xfc\b\xf1\xc4\xd9R#<\x1e\x1d2}!\xc1\xfd\xbdS\r\x8a\x11P(\xf5\xdf\xde\xde\x03g\'\x8b\xab7\\\n\x9e\xa8\xe2\x80@\x9f]\x1f,\x88\xfc\xc5\xad\x94\x00V\x8a-\xfbH\xd4\xa4\x9f\xda\x8e\x93\xc0\xbd\xd9qV}B{\xc3\xc6oT\xa9!3\xa9\xe3\x98\x99$d\xec\x9c5\xdd\xea', 0x200002, 0x0) r13 = openat$cgroup_ro(r12, &(0x7f0000000240)='cpuset.memory_pressure\x00', 0x0, 0x0) r14 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r15 = getpid() r16 = socket(0xa, 0x3, 0x8) r17 = syz_open_dev$amidi(&(0x7f0000000340)='/dev/amidi#\x00', 0x9c4, 0x70000) ioctl$sock_inet_SIOCSIFFLAGS(r16, 0x89a2, &(0x7f0000000180)={'bridge0\x00\x00\x01\x00', 0x4}) write$RDMA_USER_CM_CMD_CREATE_ID(r17, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffffffffffff}}}, 0x20) r19 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r19, 0x89e3, &(0x7f0000000000)) r20 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r20, 0x89e3, &(0x7f0000000000)) r21 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r21, 0x89e3, &(0x7f0000000000)) r22 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r22, 0x89e3, &(0x7f0000000000)) r23 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r23, 0x89e3, &(0x7f0000000000)) r24 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r24, 0x89e3, &(0x7f0000000000)) r25 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r25, 0x89e3, &(0x7f0000000000)) r26 = syz_init_net_socket$ax25(0x3, 0x3, 0x0) ioctl$SIOCAX25GETINFOOLD(r26, 0x89e3, &(0x7f0000000000)) sendmsg$key(r16, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)=ANY=[@ANYPTR=&(0x7f0000000840)=ANY=[@ANYRESDEC=r19, @ANYPTR64=&(0x7f0000000800)=ANY=[@ANYRESDEC=0x0, @ANYPTR64], @ANYRES16=r20, @ANYRES64=r21, @ANYRESHEX=0x0], @ANYPTR64=&(0x7f00000009c0)=ANY=[@ANYRESHEX=r12, @ANYRESDEC=r22, @ANYRES32=r23, @ANYPTR=&(0x7f0000000880)=ANY=[@ANYBLOB="7c70a25ef0c7d467cd9fe15e3e6682c14934f8ae4f102a30cbc43734cca4d9d18d9c703a79bb33222dd46b91ed3127405aeffe7a3d5e47be4c686a36fc4cfddcf9bb906be1a0f3912e1dfc348f260880168710a7311d643eadac05b76f180ede446c30da1a8b69a2ae8c9b9e54e50605bddcfcccc7523943661d0f2bb8ab2e8729a2a64f6ed08a29b8461334fda9e1ee625b12f2a51fb1310db3c0743878cb77a4b96f1af775d88f9be0bdc83041bc0f164e817ebca20c317c965e2077a04844fe157ad91025b2a8930352ef119528368862fe6ea8ad19c9ffbb6a79", @ANYRES32=0x0, @ANYRES32=r17, @ANYRESHEX=r24, @ANYPTR, @ANYPTR, @ANYRESHEX=r25, @ANYRES64=0x0, @ANYPTR], @ANYRESDEC=r26], @ANYBLOB="5e977c0c9834d1438d6c74893fcfcee9b4c61781c6866d43bad9cdfc798f2ca541b55a5888cc2a808af3b0c2c1cb76c673484ebb080660ba5cc87d28bffb01055619685892e4b1128a470ff78efbfda69a5506abf9131a9caa1ce23e4beef2b7e9d004574af0bb08d46e1309f69bfb015001d94d7d24341203d0647873c1db308042e7a040912efaf70c83281f710662e4999898b76e7c0b977a335c7fa4acb46333377fad5975302f5b5695bd8c39314bf9847fe1d1a90a1933eead1d3b3666161a1f9bd7bc5f09c5c2c0af7c3864a19b12ae7b555c87e95add2d89e3a179d7d7d9ca5bf590bf54f249ece75c03014d4d6dc68af88d7c01a5892da458b53cceb98cbc1f13184e84c7b10afa1cfff70f6393085242e83b82f2a288d1ad015e4373ee71aed8f042f0b10b5ef9925654a45f97ae5dcefb79556ff5052ea9f6e03523985942ea1bfee9b3d08ed8a908ccafffcfda5e586cc67500"/358], 0xcb}}, 0x24008000) r27 = gettid() sendmsg$key(r16, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000540)=ANY=[@ANYPTR64=&(0x7f0000000640)=ANY=[@ANYRES64, @ANYRESHEX=r18, @ANYRESDEC=r27]], 0xfffffffffffffe56}}, 0x20004850) r28 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r28) timer_create(0x0, &(0x7f0000000000)={0x0, 0x0, 0x1, @tid=r28}, 0x0) kcmp(r28, r28, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) ptrace$setopts(0x4206, r28, 0x0, 0x0) r29 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x5, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={r28, r29, 0x0, 0xc, &(0x7f0000000180)='/dev/amidi#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000018c0)={r27, 0xffffffffffffffff, 0x0, 0xd, &(0x7f0000001880)='bond_slave_0\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r15, 0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000000)='comm\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0xffffffffffffffff, r14, 0x0, 0xd, &(0x7f0000000080)='trusted\\#&>#\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0x0, r13, 0x0, 0x13, &(0x7f0000000280)='em1{bdevbdevvmnet1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r11, r10, 0x0, 0x17, &(0x7f0000000040)='net/ip_vs_stats_percpu\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={r9, r7, 0x0, 0xffffffb4, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_ql\xa5\x15\xba[ax\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r30}, 0xc) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000540)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)='\x00', r30}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000000)={r30}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={r4, 0xffffffffffffffff, 0x0, 0x2d, &(0x7f0000000040)='trusted%:wlan0*+posix_acl_accessvmnet1&wlan1\x00', r30}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000007c0)={r2, r3, 0x0, 0x1, &(0x7f0000000780)='\x00', r30}, 0x30) r31 = getpid() sched_setscheduler(r31, 0x5, &(0x7f0000000380)) perf_event_open(0x0, r31, 0x4, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r32 = getpid() sched_setattr(r32, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000680)="ff5b93baf4715971ba778a4091bf32a5307d1aad95db841680c544d506ab1c3405176a92ebe5ce0025e269e33dba850c0edff31990e83f65d40e8aec1f8801132a4088456b3f9166215a20ce4113818fe8668752a06696602189d19eb27eeb7c7a8fe69d0e65a052a93b5c4cf71bc11c4bc0bc7fbc5637850e7cf553dc9683e2a77d09196b818171d8e2b85add4e45494bc588edfedd7bd8045fa963bdd79c6885fb32e67153a5050367a53907b55917d7f298c40364e253", 0xffffffe1) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7be}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1}, 0x0) syz_read_part_table(0xffff, 0x0, 0x0) 14:33:53 executing program 0: perf_event_open(&(0x7f0000000440)={0x2, 0x0, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYBLOB='d'], 0x1) setsockopt$sock_int(r1, 0x1, 0x200000010, &(0x7f00000000c0)=0x1, 0x4) write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="dd"], 0x1) recvmmsg(r1, &(0x7f0000000040)=[{{0x0, 0x0, &(0x7f0000002b00)=[{&(0x7f0000002a80)=""/95, 0x5f}], 0x1}}], 0x400000000000170, 0x0, 0x0) recvmsg(0xffffffffffffffff, 0x0, 0x100) [ 416.752757] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 416.760024] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 416.772087] ------------[ cut here ]------------ [ 416.776864] kernel BUG at fs/btrfs/volumes.c:890! [ 416.782647] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 416.788015] Modules linked in: [ 416.791213] CPU: 1 PID: 20673 Comm: syz-executor.2 Not tainted 4.14.154 #0 [ 416.798217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.807553] task: ffff88805aef4340 task.stack: ffff88805ab20000 [ 416.813597] RIP: 0010:__btrfs_close_devices+0x7d8/0xa90 [ 416.818952] RSP: 0018:ffff88805ab27700 EFLAGS: 00010246 [ 416.824305] RAX: 0000000000040000 RBX: ffff8880a8a96900 RCX: ffffc9000c06e000 [ 416.831561] RDX: 0000000000040000 RSI: ffffffff8265e758 RDI: 0000000000000282 [ 416.838837] RBP: ffff88805ab277c8 R08: ffff88805aef4340 R09: ffff88805aef4c08 [ 416.846089] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880a6145300 [ 416.853349] R13: ffff8880a8a969c8 R14: fffffffffffffff4 R15: dffffc0000000000 [ 416.860600] FS: 00007f9c983e4700(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000 [ 416.868803] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 416.874676] CR2: 00007ffe8bcc5cec CR3: 0000000050991000 CR4: 00000000001406e0 [ 416.881930] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 416.889284] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 416.896551] Call Trace: [ 416.899129] ? btrfs_alloc_device+0x6a0/0x6a0 [ 416.903605] btrfs_close_devices+0x29/0x140 [ 416.907907] btrfs_mount+0x1fd9/0x2b28 [ 416.911779] ? lock_downgrade+0x740/0x740 [ 416.915907] ? find_held_lock+0x35/0x130 [ 416.919945] ? pcpu_alloc+0x3af/0x1050 [ 416.923814] ? btrfs_remount+0x11f0/0x11f0 [ 416.928030] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.933031] ? __lockdep_init_map+0x10c/0x570 [ 416.937506] mount_fs+0x97/0x2a1 [ 416.940856] vfs_kern_mount.part.0+0x5e/0x3d0 [ 416.945330] ? find_held_lock+0x35/0x130 [ 416.949368] vfs_kern_mount+0x40/0x60 [ 416.953150] btrfs_mount+0x3ce/0x2b28 [ 416.956943] ? lock_downgrade+0x740/0x740 [ 416.961070] ? find_held_lock+0x35/0x130 [ 416.965108] ? pcpu_alloc+0x3af/0x1050 [ 416.968992] ? btrfs_remount+0x11f0/0x11f0 [ 416.973264] ? rcu_read_lock_sched_held+0x110/0x130 [ 416.978354] ? __lockdep_init_map+0x10c/0x570 [ 416.982829] ? __lockdep_init_map+0x10c/0x570 [ 416.987323] mount_fs+0x97/0x2a1 [ 416.990679] vfs_kern_mount.part.0+0x5e/0x3d0 [ 416.995188] do_mount+0x417/0x27d0 [ 416.998707] ? copy_mount_options+0x5c/0x2f0 [ 417.003096] ? rcu_read_lock_sched_held+0x110/0x130 [ 417.008089] ? copy_mount_string+0x40/0x40 [ 417.012308] ? copy_mount_options+0x1fe/0x2f0 [ 417.016955] SyS_mount+0xab/0x120 [ 417.020387] ? copy_mnt_ns+0x8c0/0x8c0 [ 417.024270] do_syscall_64+0x1e8/0x640 [ 417.028135] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.032974] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 417.038146] RIP: 0033:0x45d08a [ 417.041314] RSP: 002b:00007f9c983e3a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 417.049000] RAX: ffffffffffffffda RBX: 00007f9c983e3b40 RCX: 000000000045d08a [ 417.056267] RDX: 00007f9c983e3ae0 RSI: 0000000020000100 RDI: 00007f9c983e3b00 [ 417.063516] RBP: 0000000000000001 R08: 00007f9c983e3b40 R09: 00007f9c983e3ae0 [ 417.070771] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000007 [ 417.078043] R13: 00000000004c9e4d R14: 00000000004e1b50 R15: 0000000000000006 [ 417.085302] Code: c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 59 02 00 00 48 8b 45 80 c7 80 10 01 00 00 00 00 00 00 e9 e2 f8 ff ff e8 78 52 f7 fe <0f> 0b e8 71 52 f7 fe 0f 0b 48 89 f7 e8 67 05 21 ff e9 ad f8 ff [ 417.104417] RIP: __btrfs_close_devices+0x7d8/0xa90 RSP: ffff88805ab27700 [ 417.110139] protocol 88fb is buggy, dev hsr_slave_0 [ 417.111364] protocol 88fb is buggy, dev hsr_slave_0 [ 417.116275] protocol 88fb is buggy, dev hsr_slave_1 [ 417.121287] protocol 88fb is buggy, dev hsr_slave_1 [ 417.131324] protocol 88fb is buggy, dev hsr_slave_0 [ 417.136345] protocol 88fb is buggy, dev hsr_slave_1 [ 417.142507] ---[ end trace 100961240949c4c6 ]--- [ 417.147272] Kernel panic - not syncing: Fatal exception [ 417.147581] kobject: 'loop3' (ffff8880a4a891e0): kobject_uevent_env [ 417.154048] Kernel Offset: disabled [ 417.164038] Rebooting in 86400 seconds..