480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) getresuid(&(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000180)) [ 533.341086] FAULT_INJECTION: forcing a failure. [ 533.341086] name failslab, interval 1, probability 0, space 0, times 0 [ 533.368133] CPU: 1 PID: 26800 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 533.375181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.384537] Call Trace: [ 533.387136] dump_stack+0x138/0x19c 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 533.390789] should_fail.cold+0x10f/0x159 [ 533.394953] should_failslab+0xdb/0x130 [ 533.398967] kmem_cache_alloc_node+0x28a/0x780 [ 533.403565] __alloc_skb+0x9c/0x500 [ 533.407194] ? skb_scrub_packet+0x4b0/0x4b0 [ 533.411526] ? netlink_has_listeners+0x20a/0x330 [ 533.416292] kobject_uevent_env+0x74c/0xc41 [ 533.420632] kobject_uevent+0x20/0x26 [ 533.424440] lo_ioctl+0x11d3/0x1c70 [ 533.428077] ? loop_probe+0x160/0x160 [ 533.431891] blkdev_ioctl+0x983/0x1880 [ 533.435784] ? blkpg_ioctl+0x980/0x980 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 533.439686] ? __might_sleep+0x93/0xb0 [ 533.443576] ? __fget+0x210/0x370 [ 533.447034] block_ioctl+0xde/0x120 [ 533.450664] ? blkdev_fallocate+0x3b0/0x3b0 [ 533.454993] do_vfs_ioctl+0x7b9/0x1070 [ 533.458897] ? selinux_file_mprotect+0x5d0/0x5d0 [ 533.463657] ? lock_downgrade+0x6e0/0x6e0 [ 533.467813] ? ioctl_preallocate+0x1c0/0x1c0 [ 533.472222] ? __fget+0x237/0x370 [ 533.475682] ? security_file_ioctl+0x8f/0xc0 [ 533.480103] SyS_ioctl+0x8f/0xc0 [ 533.483470] ? do_vfs_ioctl+0x1070/0x1070 [ 533.487632] do_syscall_64+0x1eb/0x630 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 533.491526] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 533.496411] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 533.501601] RIP: 0033:0x458c07 [ 533.504791] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 533.512508] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 0000000000458c07 [ 533.519806] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 533.527080] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 533.534347] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 533.541618] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:37 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0) read$rfkill(r1, &(0x7f0000000040), 0x8) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:37 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, 0x0) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 4 (fault-call:0 fault-nth:33): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:37 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 533.822531] FAULT_INJECTION: forcing a failure. [ 533.822531] name failslab, interval 1, probability 0, space 0, times 0 [ 533.849889] CPU: 0 PID: 26843 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 533.856920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 533.856926] Call Trace: [ 533.856947] dump_stack+0x138/0x19c [ 533.856969] should_fail.cold+0x10f/0x159 [ 533.856986] should_failslab+0xdb/0x130 [ 533.857004] kmem_cache_alloc_node_trace+0x283/0x770 [ 533.857021] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 533.857040] __kmalloc_node_track_caller+0x3d/0x80 [ 533.857055] __kmalloc_reserve.isra.0+0x40/0xe0 [ 533.857070] __alloc_skb+0xcf/0x500 [ 533.857082] ? skb_scrub_packet+0x4b0/0x4b0 [ 533.857102] ? netlink_has_listeners+0x20a/0x330 [ 533.891772] kobject_uevent_env+0x74c/0xc41 [ 533.891795] kobject_uevent+0x20/0x26 18:53:37 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 533.891807] lo_ioctl+0x11d3/0x1c70 [ 533.891829] ? loop_probe+0x160/0x160 [ 533.929576] blkdev_ioctl+0x983/0x1880 [ 533.933467] ? blkpg_ioctl+0x980/0x980 [ 533.937367] ? __might_sleep+0x93/0xb0 [ 533.941258] ? __fget+0x210/0x370 [ 533.944718] block_ioctl+0xde/0x120 [ 533.948350] ? blkdev_fallocate+0x3b0/0x3b0 [ 533.952679] do_vfs_ioctl+0x7b9/0x1070 [ 533.956570] ? selinux_file_mprotect+0x5d0/0x5d0 [ 533.961324] ? lock_downgrade+0x6e0/0x6e0 [ 533.965473] ? ioctl_preallocate+0x1c0/0x1c0 [ 533.969875] ? __fget+0x237/0x370 [ 533.973317] ? security_file_ioctl+0x8f/0xc0 [ 533.977709] SyS_ioctl+0x8f/0xc0 [ 533.981057] ? do_vfs_ioctl+0x1070/0x1070 [ 533.985195] do_syscall_64+0x1eb/0x630 [ 533.989158] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 533.993998] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 533.999176] RIP: 0033:0x458c07 [ 534.002359] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 534.010752] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 0000000000458c07 18:53:37 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000200)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d7f0640cac6a29d59db0c987c3e576592542fd4ae352c821ee708496b2534658d3dd722c11ae386ab88c7a6593502d210f9e29223f85fbe6bcc46f41ff7b51ec3a7962bbc8c44", 0x8e, 0x3}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:37 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 534.018003] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 534.025251] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 534.032597] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 534.039882] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:37 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00') r2 = accept$inet(r1, 0xffffffffffffffff, &(0x7f0000000280)) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000140)={[0x11000, 0x100000, 0xd000, 0x100000], 0x80000, 0xa, 0x6}) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f00000000c0)={0x1, 0x2, 0x0, 0x5a5}) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f00000001c0)={0x200, 0x20, 0x9, 0x102, 0x2, [{0x0, 0x8000, 0xd, 0x0, 0x0, 0x100}, {0x8, 0x1, 0x979, 0x0, 0x0, 0x1704}]}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x80000000, 0x0, &(0x7f0000000400), 0x0, 0x0) 18:53:38 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 4 (fault-call:0 fault-nth:34): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) getresuid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f0000000200)=0x0) fsetxattr$security_capability(r0, &(0x7f00000000c0)='security.capability\x00', &(0x7f0000000240)=@v3={0x3000000, [{0x8}, {0x1f, 0x3}], r1}, 0x18, 0x2) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:38 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 534.397479] FAULT_INJECTION: forcing a failure. [ 534.397479] name failslab, interval 1, probability 0, space 0, times 0 [ 534.432710] CPU: 0 PID: 26889 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 534.439756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 534.449113] Call Trace: [ 534.451721] dump_stack+0x138/0x19c [ 534.455363] should_fail.cold+0x10f/0x159 [ 534.459521] should_failslab+0xdb/0x130 [ 534.463500] kmem_cache_alloc_node_trace+0x283/0x770 [ 534.468601] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 534.474039] __kmalloc_node_track_caller+0x3d/0x80 [ 534.478952] __kmalloc_reserve.isra.0+0x40/0xe0 [ 534.483603] __alloc_skb+0xcf/0x500 [ 534.487252] ? skb_scrub_packet+0x4b0/0x4b0 [ 534.491559] ? netlink_has_listeners+0x20a/0x330 [ 534.496297] kobject_uevent_env+0x74c/0xc41 [ 534.500606] kobject_uevent+0x20/0x26 [ 534.504400] lo_ioctl+0x11d3/0x1c70 [ 534.508015] ? loop_probe+0x160/0x160 [ 534.511797] blkdev_ioctl+0x983/0x1880 [ 534.515662] ? blkpg_ioctl+0x980/0x980 [ 534.519532] ? __might_sleep+0x93/0xb0 [ 534.523396] ? __fget+0x210/0x370 [ 534.526841] block_ioctl+0xde/0x120 [ 534.530463] ? blkdev_fallocate+0x3b0/0x3b0 [ 534.534766] do_vfs_ioctl+0x7b9/0x1070 [ 534.538639] ? selinux_file_mprotect+0x5d0/0x5d0 [ 534.543376] ? lock_downgrade+0x6e0/0x6e0 [ 534.547527] ? ioctl_preallocate+0x1c0/0x1c0 [ 534.551918] ? __fget+0x237/0x370 [ 534.555362] ? security_file_ioctl+0x8f/0xc0 [ 534.559754] SyS_ioctl+0x8f/0xc0 [ 534.563107] ? do_vfs_ioctl+0x1070/0x1070 [ 534.567241] do_syscall_64+0x1eb/0x630 [ 534.571107] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 534.575935] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 534.581105] RIP: 0033:0x458c07 [ 534.584316] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 534.592010] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 0000000000458c07 [ 534.599257] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 534.606507] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 534.613755] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 534.621012] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:38 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x5, {0x0, 0x0, 0x2, 0x2, 0x9, 0x6}, 0x4, 0x400}, 0xe) write$P9_RLERRORu(r0, &(0x7f0000000140)={0xd, 0x7, 0x2, {{}, 0x4}}, 0xd) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x15c, 0x0) 18:53:38 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$full(0xffffffffffffff9c, 0xfffffffffffffffd, 0x14000, 0x0) ioctl$PPPIOCSDEBUG(r1, 0x40047440, &(0x7f0000000000)=0x100) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000140)={0x6, 0x9, "ead6a28c8699919d8a9ced334ea21d956a7ec9032bf0f367146e822a5580d954", 0xfff, 0x7f, 0x7, 0x3}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:38 executing program 4 (fault-call:0 fault-nth:35): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 534.879262] FAULT_INJECTION: forcing a failure. [ 534.879262] name failslab, interval 1, probability 0, space 0, times 0 [ 534.912810] CPU: 1 PID: 26928 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 534.919873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 534.929258] Call Trace: [ 534.931851] dump_stack+0x138/0x19c [ 534.935500] should_fail.cold+0x10f/0x159 [ 534.939664] should_failslab+0xdb/0x130 [ 534.943657] kmem_cache_alloc_node_trace+0x283/0x770 [ 534.948772] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 534.954238] __kmalloc_node_track_caller+0x3d/0x80 [ 534.959173] __kmalloc_reserve.isra.0+0x40/0xe0 [ 534.963853] __alloc_skb+0xcf/0x500 [ 534.967495] ? skb_scrub_packet+0x4b0/0x4b0 [ 534.971820] ? netlink_has_listeners+0x20a/0x330 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 534.976586] kobject_uevent_env+0x74c/0xc41 [ 534.980926] kobject_uevent+0x20/0x26 [ 534.984737] lo_ioctl+0x11d3/0x1c70 [ 534.988373] ? loop_probe+0x160/0x160 [ 534.992180] blkdev_ioctl+0x983/0x1880 [ 534.996070] ? blkpg_ioctl+0x980/0x980 [ 534.999971] ? __might_sleep+0x93/0xb0 [ 535.003876] ? __fget+0x210/0x370 [ 535.007826] block_ioctl+0xde/0x120 [ 535.011471] ? blkdev_fallocate+0x3b0/0x3b0 [ 535.015799] do_vfs_ioctl+0x7b9/0x1070 [ 535.019689] ? selinux_file_mprotect+0x5d0/0x5d0 [ 535.024448] ? lock_downgrade+0x6e0/0x6e0 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(0x0, 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 535.028602] ? ioctl_preallocate+0x1c0/0x1c0 [ 535.033024] ? __fget+0x237/0x370 [ 535.036487] ? security_file_ioctl+0x8f/0xc0 [ 535.040911] SyS_ioctl+0x8f/0xc0 [ 535.044277] ? do_vfs_ioctl+0x1070/0x1070 [ 535.048431] do_syscall_64+0x1eb/0x630 [ 535.052323] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 535.057164] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 535.062345] RIP: 0033:0x458c07 [ 535.065533] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 535.073334] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 0000000000458c07 [ 535.080606] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 535.087891] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 535.095162] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 535.102425] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:38 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000200)={{{@in6=@ipv4={[], [], @multicast1}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@remote}}, &(0x7f00000000c0)=0xe8) setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000300)={{{@in6=@mcast2, @in=@local, 0x4e23, 0x81, 0x4e23, 0x78, 0x2, 0x20, 0x20, 0x7f, 0x0, r1}, {0x8, 0x3, 0x80000000, 0x53f, 0x0, 0x1, 0x4, 0x22}, {0x6, 0xffffffffffffffff, 0x2, 0x63}, 0x3, 0x6e6bbe, 0x2, 0x1, 0x0, 0x3}, {{@in=@empty, 0x4d5, 0x7c}, 0xa, @in6=@rand_addr="30ce998c6d63e35f6bc036c3e39d1beb", 0x3506, 0x4, 0x2, 0x8, 0x5, 0x9f, 0x200}}, 0xe8) 18:53:38 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x1a000, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000140)={0x9, [0x9, 0x6, 0x7fff, 0x800, 0x56a, 0x7, 0x1, 0x3f, 0x3]}, 0x16) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:38 executing program 4 (fault-call:0 fault-nth:36): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:38 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:38 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 2: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) bind$bt_l2cap(r0, &(0x7f00000000c0)={0x1f, 0x5, {0x0, 0x0, 0x2, 0x2, 0x9, 0x6}, 0x4, 0x400}, 0xe) write$P9_RLERRORu(r0, &(0x7f0000000140)={0xd, 0x7, 0x2, {{}, 0x4}}, 0xd) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x15c, 0x0) [ 535.373002] FAULT_INJECTION: forcing a failure. [ 535.373002] name failslab, interval 1, probability 0, space 0, times 0 [ 535.384540] CPU: 1 PID: 26969 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 535.384550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.384554] Call Trace: [ 535.384572] dump_stack+0x138/0x19c [ 535.384596] should_fail.cold+0x10f/0x159 [ 535.411264] should_failslab+0xdb/0x130 [ 535.415237] kmem_cache_alloc+0x2d9/0x780 [ 535.419379] ? selinux_file_mprotect+0x5d0/0x5d0 [ 535.424127] ? lock_downgrade+0x6e0/0x6e0 [ 535.428269] ? ioctl_preallocate+0x1c0/0x1c0 [ 535.432672] getname_flags+0xcb/0x580 [ 535.436468] SyS_mkdir+0x7e/0x200 [ 535.439910] ? SyS_mkdirat+0x210/0x210 [ 535.443801] ? do_syscall_64+0x53/0x630 [ 535.447767] ? SyS_mkdirat+0x210/0x210 [ 535.451653] do_syscall_64+0x1eb/0x630 [ 535.455530] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 535.460372] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 535.465551] RIP: 0033:0x4581b7 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 535.468726] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 535.476424] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 535.483683] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 535.490944] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 535.498205] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 535.505463] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 4 (fault-call:0 fault-nth:37): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:39 executing program 3: syz_emit_ethernet(0x22, &(0x7f0000000140)=ANY=[@ANYBLOB="5d9cf93b5cf1aaaaaaaaaaaa4004fefed2139f330a848aadf5a410f7b9b70679ecf6e570000047e864a239c56f6e1ce6f8"], 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008952, &(0x7f0000000040)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:39 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 535.732211] FAULT_INJECTION: forcing a failure. [ 535.732211] name failslab, interval 1, probability 0, space 0, times 0 [ 535.743950] CPU: 0 PID: 26992 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 535.750975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 535.760328] Call Trace: [ 535.762924] dump_stack+0x138/0x19c [ 535.766570] should_fail.cold+0x10f/0x159 [ 535.770730] should_failslab+0xdb/0x130 [ 535.774709] kmem_cache_alloc_node_trace+0x283/0x770 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 535.779828] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 535.785298] __kmalloc_node_track_caller+0x3d/0x80 [ 535.790237] __kmalloc_reserve.isra.0+0x40/0xe0 [ 535.794917] __alloc_skb+0xcf/0x500 [ 535.798549] ? skb_scrub_packet+0x4b0/0x4b0 [ 535.802894] ? netlink_has_listeners+0x20a/0x330 [ 535.807669] kobject_uevent_env+0x74c/0xc41 [ 535.812009] kobject_uevent+0x20/0x26 [ 535.815813] lo_ioctl+0x11d3/0x1c70 [ 535.819445] ? loop_probe+0x160/0x160 [ 535.823256] blkdev_ioctl+0x983/0x1880 [ 535.827149] ? blkpg_ioctl+0x980/0x980 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 535.831051] ? __might_sleep+0x93/0xb0 [ 535.834937] ? __fget+0x210/0x370 [ 535.838392] block_ioctl+0xde/0x120 [ 535.842021] ? blkdev_fallocate+0x3b0/0x3b0 [ 535.846343] do_vfs_ioctl+0x7b9/0x1070 [ 535.850236] ? selinux_file_mprotect+0x5d0/0x5d0 [ 535.855001] ? lock_downgrade+0x6e0/0x6e0 [ 535.859161] ? ioctl_preallocate+0x1c0/0x1c0 [ 535.863577] ? __fget+0x237/0x370 [ 535.867045] ? security_file_ioctl+0x8f/0xc0 [ 535.871463] SyS_ioctl+0x8f/0xc0 [ 535.875178] ? do_vfs_ioctl+0x1070/0x1070 [ 535.879335] do_syscall_64+0x1eb/0x630 [ 535.883225] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 535.890992] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 535.897223] RIP: 0033:0x458c07 [ 535.900413] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 535.908213] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 0000000000458c07 [ 535.915501] RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000005 [ 535.922775] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 535.930049] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 535.937324] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:39 executing program 4 (fault-call:0 fault-nth:38): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:39 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:39 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 536.193995] FAULT_INJECTION: forcing a failure. [ 536.193995] name failslab, interval 1, probability 0, space 0, times 0 [ 536.212365] CPU: 0 PID: 27042 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 536.219397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.228732] Call Trace: [ 536.231312] dump_stack+0x138/0x19c [ 536.234934] should_fail.cold+0x10f/0x159 [ 536.239079] should_failslab+0xdb/0x130 [ 536.243087] kmem_cache_alloc+0x2d9/0x780 [ 536.247240] ? __d_lookup+0x3a2/0x670 [ 536.251027] ? mark_held_locks+0xb1/0x100 [ 536.255156] ? d_lookup+0xe5/0x240 [ 536.258679] __d_alloc+0x2d/0x9f0 [ 536.262134] d_alloc+0x4d/0x270 [ 536.265415] __lookup_hash+0x58/0x190 [ 536.269199] filename_create+0x16c/0x430 [ 536.273242] ? kern_path_mountpoint+0x40/0x40 [ 536.277731] SyS_mkdir+0x92/0x200 [ 536.281271] ? SyS_mkdirat+0x210/0x210 [ 536.285144] ? do_syscall_64+0x53/0x630 [ 536.289116] ? SyS_mkdirat+0x210/0x210 [ 536.292994] do_syscall_64+0x1eb/0x630 [ 536.296882] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 536.301710] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 536.306882] RIP: 0033:0x4581b7 [ 536.310055] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 536.317757] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 536.325008] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 536.332262] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 18:53:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000040)={0x10001, 0x4, 0x88, 0x4}, 0x10) 18:53:40 executing program 3: r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x40) ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f00000000c0)={0x2, 0x1, 0x5, 0x3, 0x2, 0x7fff}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = syz_open_dev$swradio(&(0x7f0000000700)='/dev/swradio#\x00', 0x0, 0x2) ioctl$VIDIOC_S_PRIORITY(r1, 0x40045644, 0x2) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000540)={{{@in6=@initdev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in=@multicast2}}, &(0x7f0000000640)=0xe8) syz_mount_image$msdos(&(0x7f0000000140)='msdos\x00', &(0x7f0000000180)='./file0\x00', 0x9, 0x5, &(0x7f0000000380)=[{&(0x7f0000000940)="afba9213bec785ef98ac9c6383d5424e05dab9d91b9b2591c253f81c20402acffbb185df08f6d787ef8318b3ff81a25144b6dc4346bfc012ead47ecab373d48448587901da7f225365af49b172fd162966875701b586d89cba9a63de220206e206f826a2add3466a88911624886f0c45ce888a5615b1deb6e80d390991c955f009c26f1ac304a7b4c391f427b64bcbc7cb356bbaf75d2f6ee8a34d668bd0d323d8ece17e071898ecbe6662c87ecf67f556e1457275388befcf98dfb2aeca1d2af0ac7e40be7e76a15b8f42fd7f522311e621ef9e3a2a5413e0e63ee37e5d045444b97c2fe0a52a5172758c1798c558dbab9769793f3a2ddaa38aca8b357d3921d12a9b822f93e1686913d263c8f4b160a0c1feb3dbae81e127b61ab3d1f944e9188c5bd496c3d6ea34768bdd0c930e81cfb5a8573567f801a8b11411f8b37e8ee19820b8c7724882fef75777cd015ae8bd26146e77d1353cccd0d26188f4bdfbc349edd4629fb300d84a76e0a41d14dc5b4d84debe922d9d88b4edff1b9eb1908597af93b0df11ffe7b7a7c577f4acb55ccaf932fd612092481bae306fd19566f9b0186012e9f92ee99dc4b9155e6361091c9b63359d220da3e71f26bdf8b69a2cd08e2e7d2d43e88cc9d43ca450db5677964ea31265e90736c40a0954e9c0deaabd65c1024b3ef446ea6bc8907302154cfd7083a9c79d9bb7911073769454e5605a59556f25aa96dceb732e2e6e42a98fedd89c7151e849755a498edee6febe1331eab7d6865e981261c0d4bbef610fa37a2f1ea1562d9d53e08f43c93ccfa3796cc8f68d1e1a29ff76a9d28d5c4f83c4dc11bff9d8dca868ab1ebdf67cd70aa35039d236fdc1cde968335637ca43c3d57c22086f88307553d0679721cfec0f8de12d8cd596191c21a067ec80bef0f54761dbf55271f2fcd465815a384b79f50dd5cbd4b220b4854292cc202d86fafbed50b1cee7ea85b4c94c7be7bb1c416a5a2fbf48367b08aa9eb90ba896ca3e8523b627a4e05be32cf6c5d26506f940e518e7b011a7b919ad982becc1551fb08b1316785c1f31ba26979450f6986497db012e7b779b42b35b0119598e42dd8aaac7a6ccce8efb157a2fbc9d21f94b9932550e2e961ae8f244d9b758c9e101f8e4df02cf24e12a993e7e50443f32bf44a5c91faa0fc3cba8a012e0f8280921187b3ae3e60830bbf9bdb4ca02de4fc67d21ae5f5f4153db4045bb3a0ee7b2a8dd78cba1031581b7dee883041c054f7cb45b4f3151b9cc467264ecdead742a2f50bbc5363862f3cd97c2ce35b260a0fe4cd18d6719a3689bf3f0f42bdd4f5b9334371b224443a5e75d805515f45414eb82bd44db24146d9aeb5dff3f2d2004d0f89cb8de0e7eda6319905f8bb92747475ac31cd24ad784f15bcbe39d8a495ab2af9daf1219ae73c74c62c8465b5c92ea86aa3b2c768a461960a3c35c4e6655fcc6a1f79c91b015bd4f574221401787f978b77b56d549fcd1e4a14303f94271d4a111c9a3b141fc03ef2808e3c1acb2a1dfa2a245c4d270201fe028ea18d5b234d591a339a353d660675f3123546ebd5d0779d59438562ddb52d5a827f9304d91700c0f87fbd1923b24b69f04c9edceb067f0a9b659d99bdf50f04944d9d7f5b18c58d57e4ff20ffae4c6457c2277b1f9d3ca288d2dc5810df79738770740bcef8210ae9f27137b44435b9b12e9d4cc339ed78755f57a4066b446e9896b2c1f57ae583a67e3949c9d103e2e67d64eeff1e0867ee56ae414f4803a31c77839e5373ca125f8c89c4977ee2f3165f7c395d4a8bd727be7cccf274d8ef5946689e28de674faedfb5d75ccce29f03f430982966620d0b7e5c72b1d68ee104ec9d6e1c67e9c6ea2fbb5a5dffeda661669ff3cb2b9baf87ab559fa16b08853f5a417cc622df3b81aa2e3032a46b77479e0b1394a0fd6bf1eb13e958abc68798bb2974c4707cf1fa263c751425581924649f27be6c4c51b3d1d15b9847ffd6ef7ceaaeec69546f379db3b04341dce418e830b97395755777f8e12beb89af7a73da42b98c9740ead0e965d817acbab623b565707391031700de07aeebc89ff96aafa9b7da9ab69798a6a76321f4f384b068ebba8d4b3fd898b20b0da0e02fc1ddbdb017e3fada5bcb6485db2acb64e70e42718383109ca093e9b30383c67e25b0eb45356ca0bc3dfb7be8cb32ca8a2a3e9e97b74644a2b4f1f0168f76029cd691d5f47da7a331ffedf35bf2b45aec77ac975111d3c8a9b6eb87a7fa700abe178f060c3b2eb5069cc12292821467879ceaf513701530c69202fa4e8fd63ce0a13c2df36adffeb077350cfc7fce5e1fe8ab9a23990c5fe8325f4eb5f9936e399848b89bbc61df78d68cc7e1a19a8ad88e130a4804cce69378cb74b4b5b231546b8596336406ccbfa8e1bd364722518cc1afbac6188a0424aa2e665c339d35074d35b6ba3e877461fb86bde73b5137329045f97c84be499551fd2640555820f987d24dd846c342c887cd87e30aabed448783f538cfa5109d533e97bca6ba944efc67824e408bb42b76a305117747c9803f544e38086f4a19218d431fef36873922b0f1508d322bc859233b39d06089e5734406c4e39ba01b10569c349b4ac7fe08ff2035b495adeaf933655c3f69530dc4670b3f5985aa8c3e4b3def8506ed56e0e353834c4e8c707561b8c1ab4cb8dbe4956cc61cd1420bcbe5818fbe465d3f24d538f83000e616c2620a9913f97104aafed8bc56e80d7ef071e267931ca30017d864771e379c222522e9b4f76a1db8abf990b9c804f438a19405969ef2e8e9157cc92f9a8906f61ec06adb6068f54e2bb1c4ee789ac3c615dd68197f73510e221d20a868fe12b8ccffa0d683a73515026003075bdc489a4080aea3de945b57b861d6aeb556f5fb6e4c947fc443755a62a1ccf2b1d18edb2c44baa40d4fe7b2faeefe0612a315e1a1d824a641d42a1be98bacabddd86204511b3e38eab0904bc331041ea8de660bd684dc775f66bfbf0c4b60b3c8d5224e7ed2f678d005e778ceafbc30abfa31d887aa2409225f8107857f7b1ac990f1316265783847ade98f6dba89ea7dc00331f9bf4184440932d4dbcc365acbf8aaad024a1a05092ea78893a10b13db1bee9a302314747bfa943ffb0cfbd49c4f0e3e251f71798b245abee4d9fcfb89c6b57b6dbe907564ed12d184af90623bea7149555d86546ece928d96e44d81504813aa52edcf19b40a4bdf112c6525755f818b7441a46688c4fb90aaa893770e189be18bfdc6f5d620111d077337ef38b98ba029c498c80d095ab280296c0b8a26338a61ea3be605348277f8e46b82c45c4867eed8188a0e62ddb1ee3763e37f2090f9c1e8fe48d4c80517dfb879c3c3b96bb93a7e317331e3a5ac268e89a13f7cf098f183f47db0999626cd1ce7c49ff6136365caca033fb998b3c876c0084cf5694a64adaf58a8d1936cd3748f7d762ddb238885f3ecdf1c073bc40bf1eae069d393e07796597e5c2c6bff9ee0549975a81ce57e02a97b695185135e80482318bf739fdde11cb633f03f5451a009cccbd27160ff4e4ecbb22c37b6cda7d063220133ab6fe69a4defd33d8c6f90a4695dc7141c45455226571a53b78593736d0171a6be6df6abd0a67d979a3b526b7c02513d85918455e8cf192699c0a2c2783fbf9a6084900930f24786744507d4a64dfc5967ca03ab595632a495299cc470d71505579fae9c214377e021f13ebfcfb7cad17a708cccdd302fcd89a6672f2ac9b4da05ceee05c6a74e085de3814b82ce482cedac37f1cda85c8105cb12fa67b5d7c53b9a710be769c5823f7522add0aef9ca55a2d68a19392d56ade783285bdc29b1a8650d43438ecb038734bfbab002b85266d6e0766f65d4fb1babdf8c5edb5e2fb7097724f90c60d6f49e6959d9244a21e9181638baafc36df9ee3c1dd9d00dcc30a27382580e96f803ed1863d90dcf038dc564ffb8f56876ee87836bc047f8073730b9c15cca970560a35a2fb26b4fa6c62fd771c02b6552618736ec32317dbeec1606f9430b909dd62a32debce97904f7f6d90ed7c38fde6ac1c6582cb9e84f3726e3b7b5a53553c0fa4f0223f26299570bf637611ce42298c5683cd85b9956cf416652fcfe4d2740b1959fe8a669de9eae96fb0f1169ce21b9ff0b71c658aa1719924d2640204575614dd756a01db69d54148f6eb52ba3b9935891de61a8cba353ebbb522e50fd1f17bb56e1c795642fe9d83f36e93af19210e5ff37b0abb9e65b54a10ff58ca207f3606f82724eb3fa711cb6de81b0395dc496a65f327eaecf9870cf0a4e0ca6d2795bb23bb5038652248f42ae6f3a5af3f5d7f8ddbc91af8b141ee35be5516805ceec2ce16864dd7539da352aae4fba63e0eb8d3871eeef84a73c9db5c06ab9b4019103a804b2eeae3a64d2bb6f33475b7e0a95f0ce2d2464ee8126eebb011c4dfb663fb5e3ce04847c890a1ec008ecd9646dbc1395a910f74da7d6eddeb47e5deb30e44f29992ee853975f120614d6f7e3741ddfa840da633ea7c7fd5697de13299e95596e1fb0742ac4fb9368f4b56f1235bebe6bb575464bf035d2e6a55da4f85328499933233c2020c8eb71ebeaa37646d61096919b330dffaed674e188d5235c68cd8fed89661e4d22595c86926d1afdd8155a378a5e7b7cf420a403ffae8072775548fcc45196128a0827a4aa8e6591a79e6566bbeb5f67c2d17962c18fb3b0980b960f08867b9a7e4920d07d03d55b4b084f881bd6fc6ec3319b853448cd4ac4a18293d7f7aaeff73d793e5497f02f7ad3a5d0e38121ccbcd14257473473e1d393bfd1aae9d9de3a2c5721ffa3c1672677adeb05454e3dd5d4b5d5699033842017534c6f30decf77f2533115f584d76325bcd88534ff4cea5ab2a3eb012ab2310758ad38c14c4d8f9b7d25029fe981cb4f41bd46d757e27aa0c8ccb5afbe1459b110f50c814c835152b7093e131d252b83e2fff264a2831db738992c9c49162f8c8a753049d9f90eb030331332d43ece2f162a0492f85b737279a20c03baf244883310c4de630aebb95c57cd93071240e90e1490283d5174a85924b3c239bc836f33d98695c38eaeac0c6b04d265b2f858a75ff553db1c9a73c5c2d8607444ddbd4703829cf3b34d54f1c4e308ef7399f7103153606869fa354a2000cdf3a26b2fe73c230810746b1c1b9d5b4d0c7cbf80356f5ccf08bd2a1f8dbf37ce9fee589edc8b604f1f7368841460395a7bb0cc91f632c1167d6c75486d1ce52796987f77d8ab86bfa9c208499e09ff690bb0b2ff347d122752733c3aac99730e061937bf1d5641c35061f14aa9a5962a1d6a27ff5a31fc5a292371300725672943f164451d01d845fc01a523dc0f91001066f5d7dd64d86ee1a1e655581e564cd169883c4ec6ae2f57f3fedc672f111e3969b0b03da86710ce98ddd25ea9fcb5e63f6bea1c2150c048f64ce69433d83a091fdd19f0df0c94957255239d8540282ede70783620b613a10d65f70a583ff36e5c6a37e4c1520e19e7d3e168e173637b66d8e2f3e482f982f26221e9f4ae766f9b40d0869327727fe345d48edd2d1efda488559f3de5c85976f65afffac31d29daf69826f8625cade2b4f41958b906a530624f25ce3a6c0664a9fe76b1a4e547016c2548bc2cb87c66934aa0e54e734aef5472c0df66fbf59c9f836cac3d34652c90e59a229b80013636a7101335d9ae4d818b3bc962cb19a125c4712d2afbf0b717212d9246d792d66c67c7c710bbc2416e4e8506361", 0x1000, 0x7}, {&(0x7f0000000200)="e3fce9cb8d9e9959e0601d294c7992cdecf32932ad1b54a29b3941feb84eb8cbd09eb01b34eda1e86035366bd758fb0d02150389c579f2118d68d94229556a0c81456fd0d86924ac3be7f247fdfa9166beaf5b2d49d58b9afb50905a1204936747a85cc4fd6f7840cb05af7aacb469db6d822f2fa74aa1d28faf11e8f523f93af92c1f5fd2fa58491c0e4f3facc1dc86b376207883d9ba995560ffb37a6b8fc51a88a3f378270893ea2c", 0xaa, 0x100}, {&(0x7f00000002c0)="22143617bc44d3cd782bee7fc224ae00a7f89d21dae6fb92fbc1d32a46acd22cdcb7d610a61baf369ba5b17596db19a6adf77ce0cefd0379ee982d15644b184703eefccb441f0a99b200a61c7202c6c854092cb972d8897e8abe9fcfd68a448f64bd6202b68fe68031d4e7d3f46fc396a828503a19452d7055ff2a", 0x7b, 0x20}, {&(0x7f0000000340)="2648205088a898510c0e08", 0xb, 0x8}, {&(0x7f0000000440)="a7873f98aa3acfd997def394c5d407a2ba26df0e70eba34a554a6630245cfda6e4dd6d7ffda35ec6ab9e1a66bf8485455b697de3eff2ec7cfe8000cfb43a6a1be6d56322cd77fcbde61326e33506ba832ce5afb05245dcbc983cc4f7d0eeda7af4de3eca0983c6fdd0f53122b66f372b1a5381283d8ccfdff33d882b7d688ee342072bc118c050b2fff68501ec7b7e607e6bf7aac1805b194981955e265c3671f9da85dc3b3c06002f1fcba0545f878e644d19d6034864b9bc2f09577abf97cbe574ce5c0efa03a6b0bc0f8017222932315277c18962a31ddd0d9dbe5f8cbbb6a24aeba3d51a318f539bae5ce4e767cae03fcd9c11fd54ea6c822808452a78", 0xff, 0xffffffffffffffe1}], 0x2008011, &(0x7f0000000680)={[{@nodots='nodots'}, {@fat=@showexec='showexec'}, {@nodots='nodots'}], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@appraise='appraise'}, {@fowner_eq={'fowner', 0x3d, r2}}]}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r3, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:40 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 536.339510] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 536.346759] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:40 executing program 1: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(r0, 0x0, 0x0, 0x0) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000005c0)={{{@in6=@mcast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000380)=0xe8) syz_mount_image$ntfs(&(0x7f00000000c0)='ntfs\x00', &(0x7f0000000140)='./file0\x00', 0x941fbb3, 0x6, &(0x7f0000000500)=[{&(0x7f0000000200)="41b8038b17c58599836ae92b0a4ef1425d71cb6e5995f3a19bf73b3cda94ff369119fa520e23e4d2cc50f73ef52bfd4fba53b97dd15ec9805a35978cafbd17b9874733d139c2056e18c0b19670ad55f16c01578ea42397f2a8e84ab4ed6eeb5bbe7c42ec34de443f6f36036a995e9fbcdcd01fb2a658b5aca2f20924c52d134bebcf0f7649b9c474ce05a76aed3ef09c196cf64a3600932b3cb2e56a44cfd7fab275486c316f7124d3", 0xa9, 0x5}, {&(0x7f00000002c0)="21960b239187299602cad8b243517afd4814df625b2720cf94e4ae9be8f1b8592d95ad9b2d1cb047bc9e0c25a73de2c160642985b26d32d8132ff0050b046ed928ec0bfd86e08fe2413cc56f5a34c2a9f45cb39020204bb1640e84fcc855825395e40259d67ef6aaf68011ce0978ceeee6bb37760d73fcb225203d97a55877ef287e95f9d20ff2990c366cde14584dcac7b611a090f741ff8614b9c4715f6d6afe6304cc0dfdbad55df33ba575ae775e7433fe2784d6454e62df136407", 0xbd, 0x401}, {&(0x7f0000000440)="09c2a8fe194672c51fb77d2d821ea92c59a1282152878fbdd7d4cb47e859f7de17ebd00477a145731b2bd91f6d266a01a0e88ac34149b75da5db42162f049c3bc7ebe46b562ff6088597b7243dbcdfa10841b82bfd0904ba130360eb32bd6ff9e6805b4f9a51e5d3948d745e250037dc79942e2368ed6574daf4beb54e9607da7578028ccf668d210993e284b53f1df028e7e16b018c2bb8ad00fe122776f48cb27ad0187643e03baf23916d7b76e1ce007b71eeb7f9b29f3407b75bb9", 0xbd, 0x2}, {&(0x7f0000000180)="dbb95de62f56ec1d8015", 0xa, 0x2}, {&(0x7f0000000940)="61071312dba4c0f83e577d8749e1c8b52e385408af2202ef1b9193973e40471f46f466f1d4cf3fa157bd7777e0459e1ceef806a42843e2e06a590f8fd612a03d0f716f14d90b36aa547d73adb4d6c0ad0244a7765e1cfe19221bfc4d30ab829be74e9a64882c30ae114902f449d0d4772eb7a3b86458840364e3e07b3622e8d5ef8d95c46168d7d7e415944dab33c150c2371805fed36f617b77346db58603ba888fd56fadf96ba95b01ca07b647138dacbc3d6f8c690722800578ff49024c0e098f15de2a29eea847c747862bb1b91d45dea6b5f515dd75839e145b475e7eb35e349994ddb93f09a8929116bc197e145f379561956be1e06b1b6eb98f334b0fe6beccc05743f81b06f511facbf124446396c9bc07375751195fa32eeb5766c57e84bba89d93255cc69a883d8dbe511528bec255d79007b5afcbb92a9d018335c2476ff5cda7d9dbb37a4ca89c0c7f7e5167bf39db901cd73b4bbe7234c88f851f61b21175c220ca271fd6d2ab24e6281196c6f8d9bb2a5832e88e505728e4387f9d4ecda0f2b4ba2d21eda323343c2e48b4ac4d418febf680106f3576cc8649e07f0eedd046bcc8595a8f203ebafda5fffbab0148cd6691135ca2b3917a895d450a6219b1a2990bbebbcc64e3b4587b051214ac964f66aa87e8cf883f57afc32200f1aa15e0479be57c8494b796f9cf9931c926093bdf4040840b2644e0826b79d311891f4aba77e74691e6bc1b03b29c08c85fa2dcf83839f61ef8dc37f3b1701b43caba195fce45a6111dfe04cea9a6b934df3a0b0f9b3d949a03ae7c764bc8c8f3ca0d324ab5f29047bd85a7dc3c93a976c6e2eb27ef5dcb0401087115e186657a9ade9b895a2eb8d20754fc7ebebd7469613478b23c5cbab71412f2432c1c77879bc8195d8215a95f6f96f545d3318542771082d31f133cb1c3b6c3714b9fb7c88658783a3f73f3bd230c367a888d88f66d0acf5fdee456a8bfcbc055e4f39a60332d787c78db1551eb8366f1b715e8c2c67136a5fdef9f360386cc8a48089bd776146e264ac01c367bbc01a771fa3a06f07d8442c31219ea3a1bbb51815f6fa1772075e43a420b8cc16e586e2f27b7439df3266c3a7d6045dae908290d41b2e6f289918440ff807d4aaa9654388f17d039e0988fe26d5a02587b7cb72cde3f4d11997915b82dcfaa561d2d90d5835d298835ef13b5d16049d6f1d0b7c3fa5f69ce09db072ee56fc6d0f32cb678784f2181d136eca2bad1e6be5fbac2fc43791c07f559d478d6e5f844d364076bebdfcd5f2ccfcf0c4dced3fc70192a071aa17b101fea5e86995fe54dcf3542c3b35ef1a416744f758a3266f2eb9cbb9ae9409a6b302a9a86fdba2953e3b2e9667bba933aef58d0ae606965a814679f715563b562b926f1d31fdc425937c2fad2fcb4e81805ff64a65b2f52ad47424a88f10928d736394d9c1da23928f41860517d0a70e9458707f897e4bf1e3bf7b6b33989d0f4408c322bf549c4298f41842f1f565e7d42f03c0c29cf08bca1595a773880c1e6192734745ff2efb9ef744c515ea865574d78ba553d39f6ef379f980aa995e648d3ef67fafb634705f1f48254cbc3bf0baa021340250367a207e6dd2794bc1adc9b31053149cbefe5c22d6368b57758571304f4120c70e9a7c14ab0d033deaadb927685c19c948c59a44d56bdb091675efb46d9bb529d61edbfe416c8282df9cf3f9fcf7e2e5d3abaef6a5a790e53a1cee4e266f741b5cf3c4526df06de03555c534cdae658c0d9fc9d593ad0f698dbc6e58c450410d09ff81da90d9a89c53a4191403ed89a19525fe4c2cad710e77732a6951831f2c66105e949fd54ebdd3e9e62c1ffe20de8d042842dafcb9cfb50412be68a21ca2c4c4af519898ccaf6cc73eb683bfc295f4ac4bd49ca54b23f703e6a5ceb468e492c0a7540f6abc0ff1f86cd32b2fc61c9fb6448a5cec0c1ec32d96f402ae45a413d300e1b01c406b1b5489d2e4312c0a24e11395c1f6d3e64f5fa752a14728c4b246b617a5a42a70389f2d028bc22e2b6c706d4511f332d5d67dfcaa52c5722e66b7d295c10501d196071390375be2a196d541a755d8f1849afcb062c428950151b9974b1669df32b5b9728b95b3ddd39f9a3a04d92cbe5ac62822b225928b42cbd4915c860557272a8fab14313de64f61e6f2e5f6cc0f87b6951b6e1b5c90b000b3efba05cb317aa53a75d411c16ec1b1a45b8d2b0780e7f172df6336f604b7391e4aa249f042f525e09681cb9a9fe0d86840cefeb8641b30fd273500f962b7b0d920707d1bc5eda16a778b8f809e8c8722022d59173b630e9650dd42a4ae020e7375bfe59074a91e17366a16c1f2e1f6acd71924a211a652ff838d93b6ce1c95fef6a93d358edff4a0f22a99f73647b0514dfaecbb9eb0d5bd66a8b7ef95cd8a6fea56c5bc9c813a63bcf31a027ba69eb5c72acb0db13dc250a744c439bc292bc753bf89cf14b32264bfc0b5e8b553ffadec7d8191c154c826e9b1dcc67adc6e1bbed501ec6aa8f87f5f8b0e3f6bd418561976b8511e7d9d0a4418aff667cc5e3dd54452794eef24aa9f1865fe42645bafaa855196a06b979388ac3395dcbbc57606c98d88f7b64db6b7ad119c82024702e3de5f5969d0a194396ad21ca7a9d05a32d1a89754b7cf5a012b129a9b07ddaf154d1dfe2a4d50dbc3d90e9ebcf4ace5b6a1f2a7d51f5cf4c260db63833b0636c650ac9f6029ad30d59f0c3374c7b695fe6fb1f1517e6d91a6073d564cc2b8e1c3935e885975e3eb56b0df02dbd90857a55d65a8cb90b9328081d87e0c3573ceea4742d1db6fbed157bf915fb69f89afa787470b78dc925c239b85e043e10a3f5d15b65da56412d9b75107dead67aaa5c59221bc0209e3e53965840ae1e74ccb50c0d844b23116f519b240805dc28bfafbda7bca32b474b09a7b7492a7fea1afe52b2d440de9dbd51d53310aff941df2eab0ff30d966150a2f1e5001696c45ff8aefe63bd3bdee6068dd4facef4dd6e86f69e3a67084605ca87aa8b86c0980d33039ada82f0b5ceab81c87a34aabcbbd591b185f68df87d6afe59a6d607e990862d1a9738fc6923c57f966d02acc4950d91040ff94861a43b29139ac144d2ff764fd28161c826b94c6b700a00dfd9be95230bf24660ad06b66d6416d9f52fb1a750e74910bca270a0fc33676801aa8f97ecfd7b77ae976f53b7e719431ad3c50c8dc3958b1cbdc25e9c74243fcd9d000e88a5b453daa1504f441584e265dc8e8a0a24dc06ce7b75a8de15529c87c473722268d64d5fc94c3f823b4cc26fc885315b6e83d0805151c056eb520cbc3b5f56f7efa3207204e8b95c33bf65eef320a706c52c085918d0ecbfbd4daedc777f4d49ccc50d4dc2d4dfb771cab70f793f05f17caf2241d9ea47558711074ca47561782a2ec9743b5ebf31e0aca07965b6642baa1c8bb00630072e37b671925e49fc1f05aa139dd8d49d97995e8e271cf3d2f3869aac0462a53be84bde145f4a762d90d847cdddbdc6cbfd941aba7ebaca126602ed961c6d6a4347574fe623c38a1bc77a649b068cef97adb26b9a196417f4a2b6f47e1282a4c9447a1f65be8433ab07acd8ac72f6d822d171d8f16b5bb93a44702b4bb21856bb5d35424173eb56e36064b1951161a47dc565f516f4c3b317e64f858d484cdec8389837b5ba09c2fea5cc26119aa5148a78b4ef901c603031b15dcafa619fa05ecada1d96df994f79c922864ca7986b6745ff6c6b22a82d8c5bcd17e81fbd136f04c077a7e0cf28fdadae20da698de392fe9eb290f166a2c8134d6a0d67318c33f34190a6e2599362741fb8b2ed00a822ed2f4d4c36f257f7fb83c3e5f183df62729168536c95a2ea712eeea2f2092c2de674d19ead6c7e79c76b5b3882ab69489478c9c4763a905bc4ebf97a8f9ad8689ced2d56d0b44ab7365fb2610529526f2e1bb5185fae72a8f8b1af3ce0b6bdcedcde3c6338befa827e880da1d32b424393dc72b8ca29f0dc4536b78bf9b8cfc420740e37712492a6caaa756d388202a0b12dcef6c0835ba01561c73424b8a096b052dc51897f1550c13b5843ce5c03b0ff9df4bc2d1d6fb9d765b1a49bb1efe5734ebd82726e235a9ea52854c71c404a7c979cf330961a4ff5321b76b26cfc96ab5182e66f6600846c317fa02cbb4d397d50aa6ecb51bd9ab7b76ddd1150ebe967b3a77f9903009a28a02811cabeed68e03add29c4b63fa0c3c09011a8c56396d43c4978ccac9b946721502f7cdd5081b4f77c1d4223cdf7a4f635cf73e16b9b29411943292d9ebb06e077a981bfa1079f525fbfb519b069bde0725039dac7e9088ca9dc345281652e935db39e85f2a619baf39badaeec8b5bc555eb5f9af73fd8ad96f072943c57df32cdd3f964fc161b6f5a32fbfb3f5a202f467bfa2719af531dc8e75ad778fd5709e0d9b6c981e411cfb89ad5bc2b1cfc99e7ca39a67fd521d78e6018e758b32902b163bdf26d4c1ab690306dc85284bf4f3b3ab56b9a06b072ad91b6e3ad019f7bbf64c29135352fe2063df03264a65192431a454046c6ed6de1c7cffc836ff781b1ce7db2aeb5c484498718e97ccabcaeeccfaa362532684ca500d2f1439b6edba9b0cebc3567564be42a47f5a9494387fcb9bd5f704f2066876e84e5ebe1440f039c0100155eddb9e7fc9cbd9012dabe9265aa2ae28f36ed9f95b10d11acec80c564d3183c397b71e01671d73cf2931d3550bdcbb2d81beb59a0082c27b3f6b6fdd897c8e28bb8a2720d2a03f00043d8ad5c6ed2cc980448c62be645b375b9d3914ba54c9647cb08352796cd7f71ae0645c09074975ec24d33f059d03ea9a50a3abbf57bea12b19390588909c39de9e18dab1c8cb68dc128ee0155006f1c2e34bd73bcb70c4b347e686e151284c26266afe31c6327e5870b3490bd058225e2a9d5117649f04563e2290ee53eb55ad4a8264d7f6d9722038107bbf53c441a70e502b4ecea80a2ca043fd696ed4138cd89515b1ccb52e0b8d9325391487a167ac22728740b98ee9fcbd553bf427fa398b1ec15ecece97c11843981ff9d58b8b203d05d239892c2c91417634cf1add56c7d916d2a36af1176c5e9adc20d6ca313e34db22d0e4d67cf97099bc3d623cba92b8671b902630bcdd1e59b3bc9bff7e0ba822f1c0fd96cea63087c4496af70552c23ca256c359fd475e46a791732ae040cbae445821bb119b6e9e19e455b996ffbf59955edbbc3c0488403edc660a3d0b7b4870f18a3d2fd1c5ae9fc945b904c75b0b79bd6676068fc65c3468d0fdbcc433f66ad9d4738b53fa60a4ce9227fbfca730eb8f61e111df14242f53df2df5c860ce43fecb9b1d994b2758448c0036aab1fb82086f130147896f6ba44eee0b38cee14ec510081c3bf162286f5efcca8bddc6d68bad1865b8093a55043b177254a7f6ac79ba2ad005b0c516b7b6714679fd27a9348cafb0e6f14e9558f8c1cb0152e60295f9e065c5aef30a36c56af2b0f9d0a119d5d6ecd57058d81afb767daadc88871cf6141c5b4ce8159cbdc9ab5731f2d59fe9f0f5a8af9ba8956429cf01b90f7e362a6b110b48b5642b60ac6cc3a5c78b0f85a369d7256f10dc6f952506dd38d62377973653256af06dec7a47c7d132259dbb1a71bc347402faf0a1463ddc05503321e32699e23fc90c6febee21203d0db45fb0a85e82fffda8b92c889f9856989a308d0a5ad4acc4bb9dbdcc0ea312971f6797bd9c7950776f365ef38271fdc702cd225af7de7ab083e07514763700a", 0x1000, 0x7ff}, {&(0x7f0000001940)="091bd1757dcf53b758ff3568858f78e4069d86204b97ffd75fbea52f0817018eaf96d7fa6953be6514eb95ff4d45abd696c75aa601704a2b7c4056e08fae80781d82d07152381115aa8cfd39a3aac5cf01525019c7c2b4745b4b73c5fe36cd1eb1848f9d86d043c5ecc1682371ed45ac372baf1a8289ba2e93731c76fa624d64ae5a1ea919ec8a86fd5f2acda60e1ac83091a37ed7de8d8fc64346454acd9179c5d5a85effad2f3232489c0b24408bd7df1f604087a8e5c139d1f2a74d099d13c37402ca9cf64952f6f614c06fcace44362502c37f93da574466c91829b03892ac5dab937571414114c9779734b0929cd183b164e8debab2d88c3b2115402d38171ad39487c91da7be4becc732029cbd4b88da9be98c8849d56a1d27abc785b6d6e5f90c2c2fd7ec9110973ae17d9b4a4eb30083192273455745ff0d964400f0c4767be694165c9c2cfe0315f7b1347667e92a8e4ec0a0cce731e77dcc48fb088078779a98318a4f16094ccfd150a14986c6eb2f6f01648c90e7cfd7385a42d43953dbc448e2b31acc9acf76662a05b9ba5d852e4723fd28e46c2d81d3338fc980986c50465f505cf10709fb13cc275c555f8a1b7e2c062ed242a22604dfc9e21a7b107bd17e8c4767eae2a733a44b541d8a403c2615a742ad2c94871660d7943d88766f960cf511d0b7ccfb6ed9b7165950d929a798cb1df2bce53ade74df41a6e6e78f253de2ecd00bf6d94511d1f337d6fce59857a463a3c9d1d5f732dc27501312d42053152b52a60fca7177133f91b2a6e33e55a1ce650cea5ecfe8f38faf3eeb28a2f592a0177cf47cf4414c3ff716bdde569e8d6fd3b48bfb64cbda3e92395fa85da177f8cc1c9a6d0d452c01a50698c3329808e90ebc3854e6d3de51df5dc055822e67787725e71d1de431d99b93fadd35930d2f5a227a5e25e7a3223b8bcfd8665939a8b4e1a5d02c9903901bd0b13313fad3aba865cd0731e0ebd8e1e5fc11ebc1f2f2ef3a661314498b000dc99692058cad20bb8460dc098008f9ae3b345a29b09ba5a1d7fa3a9531290726e0064d4e249cbb5516fd17c9ff527deb01afd8d6d7cbfe658ec8097a6a4bbf6106276f370bff1bbec3b244e2e22495683aa099dce1a99b5ab889409fc677134c52d69168faaa59921bbe397baa0ac09c3c461b557f97b697dca31e0e6184c51360a3d4065ca86b2d529e09bd227a6459caaa44a874464cbbc07cbdfd008825c66dd44934e5eb4d63e943453492fb03e69f13c5f30a8499faa5f61ad2811d2d04e0e0d977f673bebd76327d611dd4f65017798ef3922f392d5d387210595d0b0c66191d98062521d99b5f721927a18408936b4a659d4aeab4f4349e58d329719ecc146c13504e82dabf129e6e571dc454e98edf74b8a679ba8afbc7070f3ac35733697b7e27d87f11ce59ce6e25faa9a093314cac9e818dc35e1110e3f05ca8dc761d2e05dd059d4008b5cce8444c653b7182f8edc4536706a16be6e82d36421fa977c6ae832357c8ee3fa0a1775bb59bc2c26d9e5d0c7a115f172d1332c064107566edb3209c8a727c178192eea32babfbefc811e9487876232ce31a8e15b13a55af429c4cd7e9158c9674f0da28d938d841f59d49113df373b4b5bc48d18cb68c83521b94d8eaa6e403c602c611cd6bf00883cf0a968b3bb1f327beae5ccc0c0ef5d02d810203eeb8589d3dea97f0446c0f77bf10fff13d73086cb74528478ba1569ee26d8758a7ed491a72362409cf5f21979b7ac8c5a7c1dd2f839f30b9584fc7c37282e7009b35e920aeaa31764e260bd0d4b8cf8c61b69f866772b5167951c644477f4929f3906643f1cec93d8dd98809f0f7cff5d7a61cc91574455a2fd10487849ae40eeb677d7567f127e57e5303a0774a28c52fc228d4d1ca7f8296a11010913a1962910f76e02d65afac65c04e3cc57f1e02193a8692ebdead0532d36a27d41105073c29670ec63f247eebdaee8b2445e831a19fcd353a67ed752b0e6aa9f047a3a459b2ad2f5fc7086ec9fca8d8d1b24a70c749021227878b242d0fc40fdf7775c4ded9bbb0493813b596b6539d4573cdbdc46a76559dc60f5e5d19b5435daa5e62db81b93dffb2490fe79f6649a8660781fe9d071c9c906329e9b039998d0f38863cda3e3e4d589680d0d2deba55a2bc155dd4a7fa7a0bb63edd6844a4d6f9d9a928c028b8ad09f6bea9e59b2ce2916afe1e272fbe161b3f670aa1469b593e79aab5e9458a2033389a43bdb0783f2a149f99e72e8584a1b47e18e8ce82c74fc93994889096facc731f15c7eebcaf12c8dcc1a31f59d08a0d8c2383ee5319ca1c5f0ace076ed73844e877b4cb58eb27780ba8a70f503cfd81432863a19c0f489cb020e03f6eac961c8838ee7b0807fdc2b50370e0c062202b19e32fea5bf96e3dbdeddecb9501cbb337201dd8d6f828f0ebe70abdd53f5fea4d0b46f9efea1d5de34a5adf662fc69f48379f0e528d6fe852d68f377586d13fff9b6af181dd8050ae6601630ae2ad5dcf19f13308a3249a74383001fdeda924a28ec6a20b3c57a6aacdb671e5e411fcfaaaece003b5d5eb161c312de0fed6508260ff837d9a6aea11eb6842a1f53a240fc72b38e1152204216b9219c92a51ed91e90b8123fb272bb0d48207dc30b51803a424b8a33a96dc2af0330ef808afe2ed70dc0c353cf93cbb6c27e6112899c89b66ab8cde4ae9c0f40526981ce21c9274ba7b3c50f3cf356473251c764163e2ff972c0318e6370ecb7248b511382b18b22a48ff0d43215f54c479510d2612cc90da316bafda187056f77371b674afd0e50a8a44ace7fe2f2c154f18841463ddd628f9d21e34d24ffe82178f1ace1d3bcb56a248ff9a3113420583bf963c8e3f08fb4343c33428f018f768148b926dd28bdede00128019e9784ef3e04a36005fbb59e164e87f0a156a15440b0fabf4705914602f3eae1438c798d56e2c9247e53721c6492be4a1ebe8aff384de3259640ebf00c5c6f04ea840fbaad16621c0d1be63c7c5d7c5b73c88847c7c81e8e6f4f56be8c98e9c134004eb19ecbc01ff6e8cd20b08eec7a6f75ae29be6fd2d6801d23dac46e51cc49375dd4bb1b8501bb6d6316bf47c7b076ece4ca1aba017f6e1fbe866aeca68b071a25403deafddab4a2d791804ae1f0bfe20f8e4d32198349eef14c884857af7777a25fee248efb998479ad6e230d36009d7d4249f558296a70539ca96e167d1826fdfc2853cb0eaa574b9d2aa50fc5de617b2e54321b767a82337e69f3c3171e5ddf7c3fe155645a5f2a8b7b4f93a7005d0830bc820aa214e6b0152d04f05dded5fc4f4ab3bd54b3ca7f823b3bdad97660e56cf4bf4fed24681a2134827ac355051ea12fe668c8f287d00f20969eb8bc2e071fda8be104662608406d2022f6c620a3ef5616193e4e19ee14cec7f64882a5d3618f9ea935181ce8c5589a259b2b7e3c2243ddb385277c9fe768e5c0721e5ff08f714db093dad9fe1b38eefa3a6b74351537edb5630f98620a009e86145db61d663fbe75fc098bb0a864e40a85bc66b48def5fbbb60cf059ba0a7cf6f3beb7da1bd1bc565812d52c3d626d6ff09c57dfdf09ae0b865953e313de27d19759df5b795d3be68c99ccfbcb8dfed715cb1ab9004f36a3384f88255a3957a55a1c8dd51687a72c4272aaf7ded639cf76a9d1a209b90dd8387f87665d471052155dc7077540e79581116934941224deec1d96c91166688833dda42c5e5d67d4f9c4d48bafe9e90d45f1b075c01048982d40411d45148dfbf6f01bc42e9ee520c45d6784e4a040d56033ef5ff118a9a939d4fc332a4448c327889a395d5816d44459b66d7460370349c6036c9c33c7fabb062e1aad95d359cdbfb1066a78a54a7df2e3cbfced466c14a25656fea2fa6fca14ac67ac220fde6cd4c6bc6127515e69fb6a8062edc2363bd330db1e185c49302b0c9c852766ce11b575ebdb752a1dd6ed8111fa890b2d79a617ea5e0074b2e8a17f1f99645b169b2f616e8c167fff96f7ca98f63258b9ed2740c4bda281072cc1ceddc33b1692c5c6ec485601d37fc0141713fbff112732b8d3140fbb5d8d6a4c4bb32fd90bf64fe85cf65f4921eabd4d88c51d5371df02c611129652207ee347a440bb914f5d67951c3be10fa3ffa88a5871c9d71f2000ddb030f1238f42ffaa49a6cfa85da5893ab3618b2ce3731faaba6927e99435e78fa2cb7defc2da394978579d5ad8fff5d1a6028d22c280a6e91d3de52986d7bff3c801639a9bac009e96d312130684ba2e907b15b69942f27fe80df74adb34f689cd9c14fb4cec79e8378cd440a1475da873183403e8de57902b9c0dd2e7fa98ebb38124ba7f64895b229659d83e7e2d021811faec9699009ebee54f57ea471026e019c36010f5abfdac588855fe1ec6ed70fadf2a9984b5d4abeaaf8f816ea59af319bac361d40c27f3f61d9a0a977096abf6e2379cf4d739a7c5106bbf88800cd428845e2037a5d7f6990453f6ba2e9aeb6b5bee077a9b712cbad852cd81c0029cfb022acf2aa97a3c523ad7af57af88440d780185a490b6a1cee7b73deeb6e26f5783b00bcf90b663dbcf9071d8039bbbf128d5b4ccaf0dc5184186682ee1b6476622d5caffc0f7f6525263157dd7dbb7e6a058cb5ff968238b7362e866c8998e8183bf6fd317fea31252401df2cd80c31ae42bdf91363055bbfd0b43eb0d51150f4c0bfe93e475bac921d13ca5ba59e22e09ca04ed576d171f8390444310835906c4e55c50bdbd066b074f26572be6d3413114be8af1168e1f365a8c29f1f7b89f133b63d9bfc2613112064d93142b86ce9ee4d148b19d49ee7f28c7744d8870f9f766fa7596565941396b724ab7f17b603f044dc73f7070fccb6d1de3e16f6f990decf5244c6a4eeff5eee58358bc5af2fce59a9f4eb08e28414bfee20072ac43b8d58eeff0ec79d197f3ad8dc713e8cea0a5aab91d197b813f417f849e24ae42534954a814435e70b980d3cfb40df23875d6d5637a1969c0297193265b880ca90a2fabcafa431ef333d10871a18c0b19be77328f7dd257cb0bf675f572605c410ab70608daae97f306c5fb49bcb363a2321e8ca57cf1a39ff2a8b8fc99726b55b89576058bfe4039328a24fe71b0fe7ebd6e384ec0a5bb0db5d2841ce0e972f84c8e0138733893626fd791d9d2650feca2fc09bb79db5e7f03fa00e67ed7acab890e496a93d42393b6ada6f47655aa7be68e000b14553ba89913b28271980b4ec05009f9b4ebc8f952b98bd4c1525a3eb39761aaf8e854ee6f774d9b1e4bd615b66eb9a6c732a6abc25be37f78ac799e8b45ca662998a19a3d478c3d8aab4c6d1cd0ed508113a28fd5360b9e2f89800a305ac3f019310e26d3771293d250f8f45334f17edda66b9497d8c932ae9f8574aa9fd43c81ac01f6aa71bfcf5410d39ec9ba36c335e1be276b8dce89813e617516bf73a5169fc6d9797ee4ecf004198687fd0e4dad7343f603082680c841590bbe83f56f6daf89c39c2af0ed980042823e2d31503d63c80d4dc3d541ada40457242c1f3768d8e4906db3c2af3af7745bf8919ffe2124a48040309fbb4060f5b6758dfba0d7baf3a7340af0c787df5c6f5132eecdb81ab042f7cf7ade7954e94c638eeafb00430b0f53dee37ddc79f17d7a1771117d6a1966f4bd1a61b6950a64fa97a76b34011125d499c02107f9a6610575cb50cc82d9daf5af92442f060b7b716a982cc0f2007decf319ecfd8f128de7257f106a5820f405b8fa6b402d43f", 0x1000, 0x9}], 0x2000, &(0x7f00000006c0)={[{@case_sensitive_yes='case_sensitive=yes'}, {@case_sensitive_no='case_sensitive=no'}, {@case_sensitive_yes='case_sensitive=yes'}, {@umask={'umask', 0x3d, 0xffffffff00000000}}], [{@dont_hash='dont_hash'}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x77, 0x77, 0x66, 0x37, 0x33, 0x65, 0x35], 0x2d, [0x37, 0x30, 0x65, 0x35], 0x2d, [0x7f, 0x77, 0x0, 0x64], 0x2d, [0x62, 0x0, 0x31, 0x66], 0x2d, [0x7f, 0x77, 0x63, 0x38, 0x66, 0x0, 0x3f, 0x7c]}}}, {@fowner_eq={'fowner', 0x3d, r1}}]}) 18:53:40 executing program 4 (fault-call:0 fault-nth:39): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x4, &(0x7f0000000040)="00901b7c00000000004e00000000") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:40 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 536.653990] FAULT_INJECTION: forcing a failure. [ 536.653990] name failslab, interval 1, probability 0, space 0, times 0 [ 536.693368] CPU: 1 PID: 27077 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 536.700412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 536.709771] Call Trace: [ 536.712367] dump_stack+0x138/0x19c [ 536.716010] should_fail.cold+0x10f/0x159 [ 536.720172] should_failslab+0xdb/0x130 [ 536.724151] kmem_cache_alloc+0x2d9/0x780 [ 536.728297] ? __d_lookup+0x3a2/0x670 [ 536.732092] ? mark_held_locks+0xb1/0x100 [ 536.736235] ? d_lookup+0xe5/0x240 [ 536.739753] __d_alloc+0x2d/0x9f0 [ 536.743200] d_alloc+0x4d/0x270 [ 536.746466] __lookup_hash+0x58/0x190 [ 536.750247] filename_create+0x16c/0x430 [ 536.754285] ? kern_path_mountpoint+0x40/0x40 [ 536.758793] SyS_mkdir+0x92/0x200 [ 536.762226] ? SyS_mkdirat+0x210/0x210 [ 536.766092] ? do_syscall_64+0x53/0x630 [ 536.770055] ? SyS_mkdirat+0x210/0x210 [ 536.773932] do_syscall_64+0x1eb/0x630 [ 536.777795] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 536.782623] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 536.787789] RIP: 0033:0x4581b7 [ 536.790957] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 18:53:40 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x18) signalfd4(r0, 0x0, 0x0, 0x0) [ 536.798645] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 536.805893] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 536.813140] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 536.820389] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 536.827636] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:40 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 4 (fault-call:0 fault-nth:40): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:40 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 537.032956] FAULT_INJECTION: forcing a failure. [ 537.032956] name failslab, interval 1, probability 0, space 0, times 0 [ 537.070155] CPU: 0 PID: 27113 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 537.077208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.086567] Call Trace: [ 537.089166] dump_stack+0x138/0x19c [ 537.092813] should_fail.cold+0x10f/0x159 [ 537.096975] should_failslab+0xdb/0x130 [ 537.100960] kmem_cache_alloc+0x2d9/0x780 [ 537.105120] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 537.110595] ? ext4_sync_fs+0x810/0x810 [ 537.114573] ext4_alloc_inode+0x1d/0x610 [ 537.118639] alloc_inode+0x66/0x190 [ 537.122270] new_inode_pseudo+0x19/0xf0 [ 537.126255] new_inode+0x1f/0x40 [ 537.129623] __ext4_new_inode+0x32c/0x4870 [ 537.133869] ? avc_has_perm+0x2df/0x4b0 [ 537.137827] ? ext4_free_inode+0x1210/0x1210 [ 537.142234] ? dquot_get_next_dqblk+0x160/0x160 [ 537.146900] ext4_mkdir+0x331/0xc20 [ 537.150529] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 537.155185] ? security_inode_mkdir+0xd6/0x110 [ 537.159750] vfs_mkdir+0x3cf/0x610 [ 537.163273] SyS_mkdir+0x1b7/0x200 [ 537.166845] ? SyS_mkdirat+0x210/0x210 [ 537.170738] ? do_syscall_64+0x53/0x630 [ 537.174700] ? SyS_mkdirat+0x210/0x210 [ 537.178595] do_syscall_64+0x1eb/0x630 [ 537.182468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 537.187323] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 537.192508] RIP: 0033:0x4581b7 [ 537.195682] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 537.203370] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 537.210648] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 537.217905] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 537.225188] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 18:53:40 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaab2b, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = dup(r0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000000)=0x13, 0x4) 18:53:40 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:40 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 537.232441] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:41 executing program 4 (fault-call:0 fault-nth:41): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:41 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:41 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) r1 = add_key(&(0x7f00000000c0)='id_legacy\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000180)={r1, 0x5}, &(0x7f0000000200)={'enc=', 'oaep', ' hash=', {'crct10dif-pclmul\x00'}}, &(0x7f0000000280)="dd62548d077f8bf46907b535418a72632fa5493849b72e6179108c41633862ee96e9414afa96dca85baf176858a222fa9fc6521b4f4678f314833746921e62e39a10f827b70c9068bf3f78cf10109e3e69fc45edc2e3ec2abcb4630d8ed019e4994f30f86c09bb4734d3f5473f0a34d31e3ab3033e290e0bcaa51c23", &(0x7f0000000300)="37f0bce91df4b99acda456a4b45fd837c2511a378c2e48023dad7af5f89f57a96b76532414af12728db805122469172bb087c370ee9bf133b706629fabd8a0fdc437151d9ac30371834131e9994f3bd57485f360972041f915c295de0b0e3fa3f1") signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 537.429095] FAULT_INJECTION: forcing a failure. [ 537.429095] name failslab, interval 1, probability 0, space 0, times 0 [ 537.440382] CPU: 1 PID: 27138 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 537.440402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.440410] Call Trace: [ 537.459358] dump_stack+0x138/0x19c [ 537.462996] should_fail.cold+0x10f/0x159 [ 537.467152] should_failslab+0xdb/0x130 [ 537.471132] __kmalloc+0x71/0x7a0 [ 537.474586] ? mls_compute_context_len+0x3f6/0x5e0 [ 537.474601] ? context_struct_to_string+0x33a/0x630 [ 537.474619] context_struct_to_string+0x33a/0x630 [ 537.489390] ? dump_masked_av_helper+0x90/0x90 [ 537.493985] security_sid_to_context_core+0x18a/0x200 [ 537.499269] security_sid_to_context_force+0x2b/0x40 [ 537.499284] selinux_inode_init_security+0x493/0x700 [ 537.499300] ? selinux_inode_create+0x30/0x30 [ 537.499311] ? kfree+0x20d/0x270 [ 537.499330] security_inode_init_security+0x193/0x370 [ 537.499343] ? ext4_init_acl+0x1f0/0x1f0 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 537.499356] ? security_kernel_post_read_file+0xe0/0xe0 [ 537.499373] ? posix_acl_create+0xf5/0x3a0 [ 537.531972] ? ext4_set_acl+0x400/0x400 [ 537.531985] ? lock_downgrade+0x6e0/0x6e0 [ 537.532001] ext4_init_security+0x34/0x40 [ 537.532014] __ext4_new_inode+0x3387/0x4870 [ 537.532039] ? ext4_free_inode+0x1210/0x1210 [ 537.532059] ? dquot_get_next_dqblk+0x160/0x160 [ 537.532077] ext4_mkdir+0x331/0xc20 [ 537.532097] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 537.532112] ? security_inode_mkdir+0xd6/0x110 [ 537.532127] vfs_mkdir+0x3cf/0x610 18:53:41 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:41 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 537.532141] SyS_mkdir+0x1b7/0x200 [ 537.532152] ? SyS_mkdirat+0x210/0x210 [ 537.532163] ? do_syscall_64+0x53/0x630 [ 537.532174] ? SyS_mkdirat+0x210/0x210 [ 537.532187] do_syscall_64+0x1eb/0x630 [ 537.532197] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 537.532222] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 537.581926] RIP: 0033:0x4581b7 [ 537.581932] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 537.581944] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 537.581950] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 537.581955] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 537.581961] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 537.581967] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:41 executing program 4 (fault-call:0 fault-nth:42): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:41 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008910, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:41 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:41 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 537.820188] FAULT_INJECTION: forcing a failure. [ 537.820188] name failslab, interval 1, probability 0, space 0, times 0 [ 537.831613] CPU: 1 PID: 27168 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 537.838643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 537.847995] Call Trace: [ 537.850593] dump_stack+0x138/0x19c [ 537.854233] should_fail.cold+0x10f/0x159 [ 537.858392] should_failslab+0xdb/0x130 [ 537.862385] __kmalloc+0x71/0x7a0 [ 537.865845] ? mls_compute_context_len+0x3f6/0x5e0 [ 537.870788] ? context_struct_to_string+0x33a/0x630 [ 537.870804] context_struct_to_string+0x33a/0x630 [ 537.870817] ? dump_masked_av_helper+0x90/0x90 [ 537.870832] security_sid_to_context_core+0x18a/0x200 [ 537.870846] security_sid_to_context_force+0x2b/0x40 [ 537.870869] selinux_inode_init_security+0x493/0x700 [ 537.870884] ? selinux_inode_create+0x30/0x30 [ 537.870893] ? kfree+0x20d/0x270 [ 537.870910] security_inode_init_security+0x193/0x370 [ 537.870924] ? ext4_init_acl+0x1f0/0x1f0 [ 537.905917] ? security_kernel_post_read_file+0xe0/0xe0 [ 537.905930] ? posix_acl_create+0xf5/0x3a0 [ 537.905949] ? ext4_set_acl+0x400/0x400 [ 537.905961] ? lock_downgrade+0x6e0/0x6e0 [ 537.905976] ext4_init_security+0x34/0x40 [ 537.940375] __ext4_new_inode+0x3387/0x4870 [ 537.944717] ? ext4_free_inode+0x1210/0x1210 [ 537.949136] ? dquot_get_next_dqblk+0x160/0x160 [ 537.953820] ext4_mkdir+0x331/0xc20 [ 537.957465] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 537.962141] ? security_inode_mkdir+0xd6/0x110 [ 537.966731] vfs_mkdir+0x3cf/0x610 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 537.966747] SyS_mkdir+0x1b7/0x200 [ 537.966759] ? SyS_mkdirat+0x210/0x210 [ 537.966772] ? do_syscall_64+0x53/0x630 [ 537.966783] ? SyS_mkdirat+0x210/0x210 [ 537.966795] do_syscall_64+0x1eb/0x630 [ 537.966805] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 537.966822] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 537.999513] RIP: 0033:0x4581b7 [ 538.002706] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 538.011189] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 18:53:41 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 538.018472] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 538.028556] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 538.028563] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 538.028569] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:41 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000380)={0x0, 0x0}, &(0x7f00000003c0)=0xc) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000440)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000540)=0xe8) syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000140)='./file0\x00', 0x3ff, 0x2, &(0x7f0000000180)=[{&(0x7f0000000200)="3326986ab78c566b86ab676649013994f322ae6a46530c537fd965a5dd212163b4d85c50abdb18b3d920bfeb89c940bec2ad8f51e2d2c9feee45f656c3c37a58b6a83baa4803dab2b66fd5e85e6780d2e3b5d5156b108bc20c68e92d5d8e9fa91acf1e8413e4dd9c08da89f0b9a0d8f8c51f11a9e37e4dc93de82d4afcc195e7d952eeb573d82d176581e84109403ee2575642eeb89f6c83d872629d7a0aa1d44a2a8f430efc00b827ef40129fbb3a1427", 0xb1, 0x9}, {&(0x7f00000002c0)="2cf8130fd7dc9e67034edc4b0448cac01ece3ce1c54521f6419e3326f83e4eb519b86c3823103139a7c1c28f792470db2d47d2651d8d42885128b19fe8fb0ed5591a4f683d1fa793011dc36bb8c63fcff50418d469c02dc609f1eb55e87b5fb312d2214aa08458e7034fae0c990dbc53ebbd0814729bb4f6730e11f0e6dfe550e7184474e10316bdf77b91f7bd092b99ef4652f1b6457ba94339ca796ded51", 0x9f, 0x80000000}], 0x4000, &(0x7f0000000580)={[{@notreelog='notreelog'}, {@noautodefrag='noautodefrag'}, {@noflushoncommit='noflushoncommit'}, {@barrier='barrier'}], [{@permit_directio='permit_directio'}, {@euid_gt={'euid>', r1}}, {@subj_user={'subj_user', 0x3d, ':\'posix_acl_access,'}}, {@subj_type={'subj_type', 0x3d, '/proc/sys/net/ipv4/vs/backup_only\x00'}}, {@euid_eq={'euid', 0x3d, r2}}, {@dont_appraise='dont_appraise'}, {@smackfsroot={'smackfsroot', 0x3d, 'wlan0-'}}]}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:41 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:41 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:41 executing program 4 (fault-call:0 fault-nth:43): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:41 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 538.309578] FAULT_INJECTION: forcing a failure. [ 538.309578] name failslab, interval 1, probability 0, space 0, times 0 [ 538.321228] CPU: 0 PID: 27203 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 538.328250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.337605] Call Trace: [ 538.340204] dump_stack+0x138/0x19c [ 538.343846] should_fail.cold+0x10f/0x159 [ 538.348002] ? __es_tree_search.isra.0+0x15f/0x1c0 [ 538.352925] should_failslab+0xdb/0x130 [ 538.356907] kmem_cache_alloc+0x47/0x780 [ 538.360988] __es_insert_extent+0x26c/0xe60 [ 538.365321] ext4_es_insert_extent+0x1f0/0x590 [ 538.369914] ? check_preemption_disabled+0x3c/0x250 [ 538.374937] ? ext4_es_find_delayed_extent_range+0x970/0x970 [ 538.380738] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 538.386191] ? ext4_es_find_delayed_extent_range+0x31d/0x970 [ 538.391987] ext4_ext_put_gap_in_cache+0xcb/0x110 [ 538.396812] ? ext4_zeroout_es+0x170/0x170 [ 538.401029] ? ext4_find_extent+0x64c/0x960 [ 538.405355] ext4_ext_map_blocks+0x1d52/0x4fb0 [ 538.409922] ? save_trace+0x290/0x290 [ 538.413707] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 538.418718] ? __lock_is_held+0xb6/0x140 [ 538.422765] ? lock_acquire+0x16f/0x430 [ 538.426727] ? ext4_map_blocks+0x354/0x16e0 [ 538.431041] ext4_map_blocks+0xc8a/0x16e0 [ 538.435186] ? __lock_is_held+0xb6/0x140 [ 538.439239] ? check_preemption_disabled+0x3c/0x250 [ 538.444259] ? ext4_issue_zeroout+0x160/0x160 [ 538.448736] ? __brelse+0x50/0x60 [ 538.452174] ext4_getblk+0xac/0x450 [ 538.455795] ? ext4_iomap_begin+0x8a0/0x8a0 [ 538.460143] ? ext4_free_inode+0x1210/0x1210 [ 538.464573] ext4_bread+0x6e/0x1a0 [ 538.468109] ? ext4_getblk+0x450/0x450 [ 538.471983] ext4_append+0x14b/0x360 [ 538.475686] ext4_mkdir+0x531/0xc20 [ 538.479309] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 538.483964] ? security_inode_mkdir+0xd6/0x110 [ 538.488528] vfs_mkdir+0x3cf/0x610 [ 538.492050] SyS_mkdir+0x1b7/0x200 [ 538.495569] ? SyS_mkdirat+0x210/0x210 [ 538.499450] ? do_syscall_64+0x53/0x630 [ 538.503419] ? SyS_mkdirat+0x210/0x210 [ 538.507290] do_syscall_64+0x1eb/0x630 [ 538.511157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 538.515984] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 538.521155] RIP: 0033:0x4581b7 [ 538.524325] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 538.532014] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 538.539273] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 538.546534] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 538.553793] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 538.561068] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:42 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:42 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:42 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = dup(r0) symlinkat(&(0x7f0000000000)='./file0\x00', r1, &(0x7f0000000040)='./file0/../file0\x00') 18:53:42 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:42 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(r0, 0x0, 0x0, 0x0) 18:53:42 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:42 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:42 executing program 4 (fault-call:0 fault-nth:44): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:42 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:42 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) 18:53:42 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:42 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, 0x0, 0x0) [ 538.861480] FAULT_INJECTION: forcing a failure. [ 538.861480] name failslab, interval 1, probability 0, space 0, times 0 [ 538.873458] CPU: 1 PID: 27240 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 538.880486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 538.889844] Call Trace: [ 538.892457] dump_stack+0x138/0x19c [ 538.896093] should_fail.cold+0x10f/0x159 [ 538.900248] should_failslab+0xdb/0x130 [ 538.904231] __kmalloc+0x2f3/0x7a0 18:53:42 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) [ 538.907776] ? check_preemption_disabled+0x3c/0x250 [ 538.912803] ? ext4_find_extent+0x709/0x960 [ 538.917134] ext4_find_extent+0x709/0x960 [ 538.921293] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 538.926755] ext4_ext_map_blocks+0x1a3/0x4fb0 [ 538.931263] ? save_trace+0x290/0x290 [ 538.935076] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 538.940094] ? __lock_is_held+0xb6/0x140 [ 538.944168] ? lock_acquire+0x16f/0x430 [ 538.948147] ? ext4_map_blocks+0x77b/0x16e0 [ 538.952481] ext4_map_blocks+0x7d3/0x16e0 [ 538.956646] ? ext4_issue_zeroout+0x160/0x160 18:53:42 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 538.961144] ? __brelse+0x50/0x60 [ 538.964611] ext4_getblk+0xac/0x450 [ 538.968249] ? ext4_iomap_begin+0x8a0/0x8a0 [ 538.972570] ? ext4_free_inode+0x1210/0x1210 [ 538.976987] ext4_bread+0x6e/0x1a0 [ 538.980530] ? ext4_getblk+0x450/0x450 [ 538.984423] ext4_append+0x14b/0x360 [ 538.988138] ext4_mkdir+0x531/0xc20 [ 538.991772] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 538.996446] ? security_inode_mkdir+0xd6/0x110 [ 539.001039] vfs_mkdir+0x3cf/0x610 [ 539.004588] SyS_mkdir+0x1b7/0x200 [ 539.008134] ? SyS_mkdirat+0x210/0x210 [ 539.012025] ? do_syscall_64+0x53/0x630 [ 539.016006] ? SyS_mkdirat+0x210/0x210 [ 539.019907] do_syscall_64+0x1eb/0x630 [ 539.023802] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 539.029271] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 539.034460] RIP: 0033:0x4581b7 [ 539.037652] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 539.045364] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 539.052639] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 539.059904] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 539.067155] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 539.074430] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x9, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = socket$inet(0x2, 0x0, 0xf18) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}, &(0x7f00000000c0)=0x10) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3, 0x200c1) ioctl$EVIOCSABS2F(r2, 0x401845ef, &(0x7f0000000140)={0xb1, 0x4, 0x100, 0x80000001, 0x7d, 0xfffffffffffffff8}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:43 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:43 executing program 4 (fault-call:0 fault-nth:45): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:43 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000200)={r0, 0x1, 0x6, "660573210c65f0d00fc7136573db87302f0a9e37ac26d2f0b587dd5c219ac63c768a13b9761a685a3abc7d49c80848547262f96eca62dbcbd8aca62687da97694e0340e49f0a0820c69065b5ca8b52adb374d1ac9525bc23c589d19c9ee9e20d93afb482dd490d875d49d57e1c5093d77a4667d665e4d812efa4e93bacf355ef259796cc79e1981af7aed0dca48106c459d743d0d2ffa8ab9210d5f6db7adc173b6ec77c3f4d8adab5ac7fbba0bc850f2aeea3a52cad0a5ed9dc951458651cd5d0037c02dea687a1fdd2ed3aedf394b1202e6340692f95"}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={0x0, 0x80000001}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000180)={r1, 0x1}, &(0x7f0000000300)=0x8) 18:53:43 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) 18:53:43 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4, 0x400}, 0x1c) 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 539.427571] FAULT_INJECTION: forcing a failure. [ 539.427571] name failslab, interval 1, probability 0, space 0, times 0 [ 539.496619] CPU: 0 PID: 27276 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 539.503671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 539.513025] Call Trace: [ 539.515626] dump_stack+0x138/0x19c [ 539.519271] should_fail.cold+0x10f/0x159 [ 539.523430] should_failslab+0xdb/0x130 [ 539.527417] __kmalloc+0x2f3/0x7a0 [ 539.530961] ? check_preemption_disabled+0x3c/0x250 [ 539.535992] ? ext4_find_extent+0x709/0x960 [ 539.540321] ext4_find_extent+0x709/0x960 [ 539.544478] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 539.549929] ext4_ext_map_blocks+0x1a3/0x4fb0 [ 539.554426] ? save_trace+0x290/0x290 [ 539.558229] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 539.563242] ? __lock_is_held+0xb6/0x140 [ 539.567351] ? lock_acquire+0x16f/0x430 [ 539.571332] ? ext4_map_blocks+0x77b/0x16e0 [ 539.575661] ext4_map_blocks+0x7d3/0x16e0 [ 539.575681] ? ext4_issue_zeroout+0x160/0x160 [ 539.575697] ? __brelse+0x50/0x60 [ 539.584332] ext4_getblk+0xac/0x450 [ 539.584346] ? ext4_iomap_begin+0x8a0/0x8a0 [ 539.584358] ? ext4_free_inode+0x1210/0x1210 [ 539.584373] ext4_bread+0x6e/0x1a0 [ 539.584383] ? ext4_getblk+0x450/0x450 [ 539.584400] ext4_append+0x14b/0x360 [ 539.611236] ext4_mkdir+0x531/0xc20 [ 539.614874] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 539.619540] ? security_inode_mkdir+0xd6/0x110 [ 539.624119] vfs_mkdir+0x3cf/0x610 [ 539.627660] SyS_mkdir+0x1b7/0x200 [ 539.631195] ? SyS_mkdirat+0x210/0x210 [ 539.635076] ? do_syscall_64+0x53/0x630 [ 539.639042] ? SyS_mkdirat+0x210/0x210 [ 539.642927] do_syscall_64+0x1eb/0x630 [ 539.646806] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 539.651646] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 539.656824] RIP: 0033:0x4581b7 [ 539.660001] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 539.667706] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 539.674967] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 539.682226] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 539.689504] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 18:53:43 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:43 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) [ 539.696765] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:43 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000003c0)=0x0) lstat(&(0x7f00000004c0)='./file0/file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getegid() sendmsg$unix(r0, &(0x7f00000005c0)={&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000440)=[{&(0x7f00000000c0)="a52fb3661d56532c7af4b3087c01d5273074c5ffb26d", 0x16}, {&(0x7f0000000200)="c7f49d7a53cc16d6a26e619a5a62f4af98f39e5a0d7da13f7a32dbfb82718b2362296cd27cc6654f2917082f99dbc3caa062cd2c3ee4b935ed5c6d4b932c170e53e8c0f786e7fad7500faf72871d054ca2add461b63ea20380a6f1c2ada765ba95bf1b9baea0e2a1c5e000a0bb328dfd65776ba9641b72830093966083037487986b272bcf91b1e83ed128ba90ab869b6a5f1206e81a0e", 0x97}, {&(0x7f00000002c0)="d057270c156e476ebf49cef395eb024a410cb7b35ae1e549899a18", 0x1b}, {&(0x7f0000000300)="b2ed18a8aa78be3c60c975e155cee7d8f674ec34c11494c59942d0affbc82386ddc0484491d2ea2140b7e5056b", 0x2d}, {&(0x7f0000000340)="faa4042d6fdc", 0x6}, {&(0x7f0000000380)="a15a4d578a1d14faf0cd0406b7a4c8b4722e08a670020bfa551119ec0d827dfdc4f2b22c76cbe04e91e69606079505ef38c3c3bf2948c050", 0x38}], 0x6, &(0x7f0000000580)=[@cred={0x20, 0x1, 0x2, r1, r2, r3}], 0x20, 0x4004}, 0x8000) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:43 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40000, 0x0) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000140)=""/233) openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/status\x00', 0x0, 0x0) syz_mount_image$btrfs(&(0x7f0000000040)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0xe8, 0x10400}], 0x0, 0x0) 18:53:43 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:43 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) 18:53:43 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000ffe000/0x2000)=nil}) 18:53:43 executing program 4 (fault-call:0 fault-nth:46): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:43 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) [ 540.080610] FAULT_INJECTION: forcing a failure. [ 540.080610] name failslab, interval 1, probability 0, space 0, times 0 [ 540.118892] CPU: 0 PID: 27326 Comm: syz-executor.4 Not tainted 4.14.113 #3 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) [ 540.125923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.125929] Call Trace: [ 540.125950] dump_stack+0x138/0x19c [ 540.125975] should_fail.cold+0x10f/0x159 [ 540.145658] should_failslab+0xdb/0x130 [ 540.149641] __kmalloc+0x2f3/0x7a0 [ 540.149654] ? check_preemption_disabled+0x3c/0x250 [ 540.149671] ? ext4_find_extent+0x709/0x960 [ 540.149684] ext4_find_extent+0x709/0x960 [ 540.166665] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 540.166684] ext4_ext_map_blocks+0x1a3/0x4fb0 [ 540.176610] ? save_trace+0x290/0x290 18:53:43 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) [ 540.176628] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 540.176638] ? __lock_is_held+0xb6/0x140 [ 540.176655] ? lock_acquire+0x16f/0x430 [ 540.193452] ? ext4_map_blocks+0x77b/0x16e0 [ 540.197788] ext4_map_blocks+0x7d3/0x16e0 [ 540.201946] ? ext4_issue_zeroout+0x160/0x160 [ 540.206444] ? __brelse+0x50/0x60 [ 540.209912] ext4_getblk+0xac/0x450 [ 540.213553] ? ext4_iomap_begin+0x8a0/0x8a0 [ 540.217890] ? ext4_free_inode+0x1210/0x1210 [ 540.222301] ext4_bread+0x6e/0x1a0 [ 540.225847] ? ext4_getblk+0x450/0x450 [ 540.229749] ext4_append+0x14b/0x360 [ 540.233472] ext4_mkdir+0x531/0xc20 [ 540.237110] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 540.241795] ? security_inode_mkdir+0xd6/0x110 [ 540.246381] vfs_mkdir+0x3cf/0x610 [ 540.249929] SyS_mkdir+0x1b7/0x200 [ 540.253476] ? SyS_mkdirat+0x210/0x210 [ 540.257371] ? do_syscall_64+0x53/0x630 [ 540.261350] ? SyS_mkdirat+0x210/0x210 [ 540.265237] do_syscall_64+0x1eb/0x630 [ 540.269119] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 540.273968] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4}, 0x1c) 18:53:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaab07, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 540.279147] RIP: 0033:0x4581b7 [ 540.282326] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 540.290026] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 540.297288] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 540.304544] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 540.311804] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 [ 540.319062] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) recvfrom$rose(r0, &(0x7f00000000c0)=""/3, 0x3, 0x20, &(0x7f0000000140)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, 0x3, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x40) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(r0, 0x0, 0xfffffffffffffe9e, 0x0) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000180)) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00') ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5) sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f0000000440)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)={0x138, r1, 0x4, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x94, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffffffe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000100000000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf599}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}]}, @TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x20}]}, @TIPC_NLA_BEARER={0x74, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x5, @local, 0x9}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x49, @ipv4={[], [], @multicast1}}}, {0x14, 0x2, @in={0x2, 0x4e21, @broadcast}}}}]}]}, 0x138}, 0x1, 0x0, 0x0, 0x840}, 0x40) 18:53:44 executing program 4 (fault-call:0 fault-nth:47): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:44 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 2: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000140)=[@in6={0xa, 0x4e21, 0x7, @loopback, 0x30}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1a}}, @in6={0xa, 0x4e22, 0x10001, @loopback, 0x9}, @in={0x2, 0x4e21, @rand_addr=0x13685660}, @in6={0xa, 0x4e23, 0x3f, @dev={0xfe, 0x80, [], 0x2a}, 0x7f}], 0x74) signalfd4(0xffffffffffffffff, 0x0, 0xffffffffffffffbd, 0x80800) 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/commit_pending_bools\x00', 0x1, 0x0) accept4$unix(r1, &(0x7f00000001c0), &(0x7f0000000240)=0x6e, 0x80800) r2 = accept4$unix(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800) getsockname$unix(r2, &(0x7f0000000140)=@abs, &(0x7f0000000040)=0x6e) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 540.715990] FAULT_INJECTION: forcing a failure. [ 540.715990] name failslab, interval 1, probability 0, space 0, times 0 18:53:44 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x0, 0x1b8, 0x2d}) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 540.797075] CPU: 1 PID: 27382 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 540.804132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 540.813490] Call Trace: [ 540.816086] dump_stack+0x138/0x19c [ 540.819731] should_fail.cold+0x10f/0x159 [ 540.823903] should_failslab+0xdb/0x130 [ 540.827898] __kmalloc+0x2f3/0x7a0 [ 540.831448] ? check_preemption_disabled+0x3c/0x250 [ 540.836473] ? ext4_find_extent+0x709/0x960 [ 540.840803] ext4_find_extent+0x709/0x960 18:53:44 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 540.844964] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 540.850425] ext4_ext_map_blocks+0x1a3/0x4fb0 [ 540.854928] ? save_trace+0x290/0x290 [ 540.858734] ? ext4_find_delalloc_cluster+0xb0/0xb0 [ 540.863753] ? __lock_is_held+0xb6/0x140 [ 540.867824] ? lock_acquire+0x16f/0x430 [ 540.871812] ? ext4_map_blocks+0x77b/0x16e0 [ 540.876140] ext4_map_blocks+0x7d3/0x16e0 [ 540.880294] ? ext4_issue_zeroout+0x160/0x160 [ 540.884798] ? __brelse+0x50/0x60 [ 540.888263] ext4_getblk+0xac/0x450 [ 540.891926] ? ext4_iomap_begin+0x8a0/0x8a0 [ 540.896265] ? ext4_free_inode+0x1210/0x1210 [ 540.900682] ext4_bread+0x6e/0x1a0 [ 540.904230] ? ext4_getblk+0x450/0x450 [ 540.908129] ext4_append+0x14b/0x360 [ 540.911848] ext4_mkdir+0x531/0xc20 [ 540.915494] ? ext4_init_dot_dotdot+0x4c0/0x4c0 [ 540.920169] ? security_inode_mkdir+0xd6/0x110 [ 540.924757] vfs_mkdir+0x3cf/0x610 [ 540.928298] SyS_mkdir+0x1b7/0x200 [ 540.931819] ? SyS_mkdirat+0x210/0x210 [ 540.935700] ? do_syscall_64+0x53/0x630 [ 540.939765] ? SyS_mkdirat+0x210/0x210 [ 540.943645] do_syscall_64+0x1eb/0x630 [ 540.947521] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 540.952361] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 540.957535] RIP: 0033:0x4581b7 [ 540.960723] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 540.968431] RAX: ffffffffffffffda RBX: 0000000020000428 RCX: 00000000004581b7 [ 540.975681] RDX: 0000000000000004 RSI: 00000000000001ff RDI: 0000000020000100 [ 540.982934] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 540.990272] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000004 18:53:44 executing program 4 (fault-call:0 fault-nth:48): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 540.997956] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:44 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 541.161152] FAULT_INJECTION: forcing a failure. [ 541.161152] name failslab, interval 1, probability 0, space 0, times 0 [ 541.172679] CPU: 1 PID: 27418 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 541.172706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.172710] Call Trace: [ 541.172730] dump_stack+0x138/0x19c [ 541.172752] should_fail.cold+0x10f/0x159 [ 541.172774] should_failslab+0xdb/0x130 [ 541.172789] kmem_cache_alloc+0x47/0x780 [ 541.172805] ? lock_downgrade+0x6e0/0x6e0 [ 541.211641] __sigqueue_alloc+0x1da/0x400 [ 541.211657] __send_signal+0x1a2/0x1280 [ 541.211667] ? lock_acquire+0x16f/0x430 [ 541.211683] send_signal+0x49/0xc0 [ 541.211696] force_sig_info+0x243/0x350 [ 541.211716] force_sig_info_fault.constprop.0+0x1c6/0x2b0 [ 541.211730] ? is_prefetch.isra.0+0x350/0x350 [ 541.211747] ? trace_raw_output_x86_exceptions+0x140/0x140 [ 541.211767] __bad_area_nosemaphore+0x1dc/0x2a0 [ 541.211783] bad_area+0x69/0x80 [ 541.211796] __do_page_fault+0x86f/0xb80 18:53:44 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 541.211813] ? vmalloc_fault+0xe60/0xe60 [ 541.211825] ? page_fault+0x2f/0x50 [ 541.211839] do_page_fault+0x71/0x515 [ 541.211848] ? page_fault+0x2f/0x50 [ 541.211859] page_fault+0x45/0x50 [ 541.211876] RIP: 0033:0x452a4f [ 541.211882] RSP: 002b:00007f5f56a81a88 EFLAGS: 00010283 [ 541.211892] RAX: 00007f5f56a81b40 RBX: 0000000020000428 RCX: 0000000000000000 [ 541.211899] RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f5f56a81b40 [ 541.211905] RBP: 0000000000000001 R08: 00000000000000e0 R09: 000000000000000a [ 541.211911] R10: 0000000000000075 R11: 00000000004e3180 R12: 0000000000000004 [ 541.211917] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x200002, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400, 0x0) 18:53:45 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) fsetxattr$trusted_overlay_nlink(r0, &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f0000000140)={'U-', 0x100000001}, 0x28, 0x3) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:45 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 4 (fault-call:0 fault-nth:49): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:45 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)=0x13f) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$TCSETXF(r0, 0x5434, &(0x7f00000000c0)={0xd5f, 0x4, [0x5cdddb7, 0x8, 0x7b, 0x8, 0xfbe3], 0x93}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:45 executing program 0: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 541.649923] FAULT_INJECTION: forcing a failure. [ 541.649923] name failslab, interval 1, probability 0, space 0, times 0 18:53:45 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) sched_getparam(r1, &(0x7f0000000040)) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x88400, 0x0) ioctl$EVIOCGABS3F(r2, 0x8018457f, &(0x7f0000000140)=""/64) 18:53:45 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 541.715488] CPU: 1 PID: 27457 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 541.722539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.731891] Call Trace: [ 541.731913] dump_stack+0x138/0x19c [ 541.731934] should_fail.cold+0x10f/0x159 [ 541.731953] should_failslab+0xdb/0x130 [ 541.731969] __kmalloc_track_caller+0x2ef/0x790 [ 541.731989] ? strndup_user+0x62/0xf0 [ 541.732004] memdup_user+0x26/0xa0 [ 541.754745] strndup_user+0x62/0xf0 [ 541.754762] SyS_mount+0x3c/0x120 [ 541.754772] ? copy_mnt_ns+0x8c0/0x8c0 [ 541.754787] do_syscall_64+0x1eb/0x630 [ 541.754797] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 541.754814] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 541.783170] RIP: 0033:0x45b80a [ 541.786358] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 541.794064] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 541.801325] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 541.808586] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 18:53:45 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 541.815844] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 541.823122] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:45 executing program 1 (fault-call:13 fault-nth:0): socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 0 (fault-call:4 fault-nth:0): r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:45 executing program 4 (fault-call:0 fault-nth:50): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:45 executing program 2: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000d80)=ANY=[@ANYBLOB="000200000000ffdbdf25040000000800060004000200280004000c00010073797a31000000000c0007000800020001ffffff0c0007000800040006000000"], 0x1}, 0x1, 0x0, 0x0, 0x8001}, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 5: mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4002, &(0x7f0000000000)=0x101, 0xb91, 0x4) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 542.036082] FAULT_INJECTION: forcing a failure. [ 542.036082] name failslab, interval 1, probability 0, space 0, times 0 [ 542.086400] CPU: 0 PID: 27498 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 542.093439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.102792] Call Trace: [ 542.105390] dump_stack+0x138/0x19c [ 542.109029] should_fail.cold+0x10f/0x159 [ 542.113187] should_failslab+0xdb/0x130 [ 542.117165] kmem_cache_alloc_trace+0x2ec/0x790 [ 542.121834] ? kasan_check_write+0x14/0x20 [ 542.126091] ? _copy_from_user+0x99/0x110 [ 542.130262] copy_mount_options+0x5c/0x2f0 [ 542.134506] SyS_mount+0x87/0x120 [ 542.137965] ? copy_mnt_ns+0x8c0/0x8c0 [ 542.141876] do_syscall_64+0x1eb/0x630 [ 542.145770] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.150613] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 542.155782] RIP: 0033:0x45b80a [ 542.158945] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 542.166631] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 542.173882] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 18:53:45 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x410080, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f0000000200)={0x0, 0x0, [], {0x0, @reserved}}) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000140)={0x87, @local, 0x4e21, 0x6, 'rr\x00', 0x1, 0x5, 0x54}, 0x2c) setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f00000002c0)={{0x3f, @dev={0xac, 0x14, 0x14, 0xe}, 0x4e23, 0x1, 'nq\x00', 0x10, 0xad, 0x7c}, {@dev={0xac, 0x14, 0x14, 0x2a}, 0x4e23, 0x3, 0x44b, 0x10000, 0x1}}, 0x44) getsockname$llc(r0, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000340)=0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000440)=[@in={0x2, 0x4e20, @rand_addr=0x4}, @in={0x2, 0x4e20, @empty}, @in6={0xa, 0x4e23, 0x7f, @rand_addr="6baef740165e7ed3b9496d27301f69b8", 0x29f6}, @in={0x2, 0x4e23, @multicast2}, @in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e22, @rand_addr=0x1}, @in6={0xa, 0x4e22, 0x5, @mcast2, 0x40}, @in6={0xa, 0x4e24, 0x5f, @mcast2, 0x7}, @in={0x2, 0x4e23, @rand_addr=0x7ff}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x25}}], 0xc4) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000380)={0x10001, 0x5, 0x4}) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f00000000c0)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:45 executing program 0: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x400000) getdents(r0, &(0x7f0000000280)=""/160, 0xa0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x4, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) write$uinput_user_dev(r1, &(0x7f0000000340)={'syz0\x00', {0x40, 0x6, 0x963, 0x7}, 0x47, [0x1, 0x5, 0xfd47, 0x7fffffff, 0x401, 0x4, 0x100000000, 0x5, 0x6, 0x400, 0x7, 0x3ff, 0x9, 0x6c, 0xa4, 0xde4, 0x0, 0x8, 0xfffffffffffffffe, 0x8, 0xe, 0x6, 0x3, 0x6, 0x6, 0x7, 0x1000, 0x3, 0x1, 0xa09, 0x38, 0x6, 0x1000, 0x1, 0xffffffffffff2ff2, 0x0, 0x80, 0xfff, 0x2, 0x9, 0xf7b, 0x7fffffff, 0x7fffffff, 0x3, 0xdd, 0x8001, 0x8, 0x3, 0x100000000, 0x2, 0x8, 0x1, 0x5, 0x800, 0x4, 0x2, 0x80000001, 0x3d7, 0x3, 0xff, 0x0, 0x40, 0x9, 0xaa6e], [0x200, 0xc3, 0xfffffffffffffffa, 0x4, 0x10001, 0x200, 0x5, 0xfffffffffffffff7, 0x6c05, 0x3, 0x3ff, 0x9, 0x1, 0x9, 0x8, 0x1, 0xfffffffffffffe00, 0xff, 0x3331, 0x2, 0x742, 0x10001, 0x6, 0x2b71, 0x8, 0x1, 0x3ff, 0x7, 0x4, 0xcbca, 0xfffffffffffffff9, 0x7fff, 0x7, 0x0, 0x8, 0x3, 0xc9ad, 0x8, 0xfffffffffffffffa, 0x1e, 0x8, 0x865, 0x2, 0x3, 0xffffffffffffff9b, 0xfff, 0x7, 0x1, 0x1, 0x4, 0x3de, 0x9, 0x8, 0xce, 0x80000000, 0x5, 0x1, 0x80000000, 0x5, 0x7, 0x6, 0x10001, 0xd87, 0x4db16dd], [0x408, 0xfffffffffffffff8, 0x20, 0x800, 0x92d9, 0x3, 0x8000, 0x4a78, 0x3, 0x72b, 0x1, 0x6, 0x100000001, 0xa, 0x15fa, 0x1, 0x2, 0x0, 0x40, 0xe24e, 0x3, 0x4, 0x2, 0x272, 0x100000000, 0x20, 0xae, 0x401, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xfffffffffffff801, 0x3ff, 0x2, 0x63c, 0x2, 0xffff, 0x0, 0xfffffffffffffff7, 0x2, 0xce55, 0xfb, 0x8001, 0x105, 0x705b, 0x9, 0x6, 0x2, 0x3ff, 0x4, 0xffffffff, 0x0, 0xff, 0xff, 0x7, 0x4, 0x3, 0x9, 0x35c, 0x1, 0x80000000, 0xb8], [0x5, 0x100000000, 0x10000, 0x80000000000, 0x0, 0x6c, 0x6, 0x7, 0x10001, 0x2, 0x10000, 0x10000, 0x800, 0x2, 0x6, 0x39e, 0x6, 0xffffffff7fffffff, 0x4, 0x1, 0x3, 0x4, 0x8, 0x400, 0x6, 0x16a4, 0x8, 0x1, 0xf6, 0x4, 0xf5c, 0x8, 0x2, 0x4, 0x3, 0x100, 0x800, 0x80000000, 0x8001, 0x2, 0x9, 0xb2, 0x7, 0x5, 0x1f, 0x800, 0xfff, 0xfffffffffffffffa, 0xb8, 0x1, 0x5, 0x5abaac0000000000, 0xc47a, 0xc301, 0x6, 0x2000000000, 0x1, 0x6bf3a8d5, 0x6, 0xa72, 0x6, 0x2, 0x5, 0x7f]}, 0x45c) dup2(r1, r3) getcwd(&(0x7f0000000180)=""/231, 0xe7) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000040)={'security\x00', 0xe, "5f8a7d314fc68b17dfd57a80d0b4"}, &(0x7f0000000080)=0x32) 18:53:45 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'lapb0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="040000000400000076000000c75b476cb166c75dfdcf5569e30145370bd12b9e4a124fb7458c064287e2e03242ea8d6739401a6f8d3c3d7f9f59b0f9e7df2e5b3d084106000000f91a18128e02280b2b89e649eb059745e2b3e9052363b1d8d08b701ffc45c8fff4ece767f781bf645923cbcdba406118ec49f9d422c3b8cb5d7a6f"]}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:45 executing program 2: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)=0x13f) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$TCSETXF(r0, 0x5434, &(0x7f00000000c0)={0xd5f, 0x4, [0x5cdddb7, 0x8, 0x7b, 0x8, 0xfbe3], 0x93}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 542.181132] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 542.188377] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 542.195626] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:45 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) recvmsg(r0, &(0x7f00000003c0)={&(0x7f0000000040)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/7, 0x7}, {&(0x7f0000000140)=""/167, 0xa7}, {&(0x7f0000000200)=""/74, 0x4a}, {&(0x7f00000002c0)=""/59, 0x3b}], 0x4, &(0x7f0000000340)=""/101, 0x65}, 0x40000120) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rtc0\x00', 0x40805, 0x0) dup2(r0, r2) 18:53:45 executing program 2 (fault-call:7 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:45 executing program 4 (fault-call:0 fault-nth:51): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:45 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x80000, 0x0) getsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f00000001c0)=0x5, &(0x7f0000000200)=0x4) wait4(0x0, 0x0, 0x0, 0x0) 18:53:46 executing program 5: bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x9, &(0x7f0000000000)='#]!user[\x00'}, 0x30) sched_getscheduler(r0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000100)='.dead\x00', &(0x7f0000000040)={'syz'}, &(0x7f00000000c0)='syz', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) wait4(r1, 0x0, 0x1000001, &(0x7f0000000140)) 18:53:46 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="1e63b5d02a0ef3c22b2ca29e0d5b12b39f96527b112750975835a7194617c74a06e8da757e27a7c482322e49e41950672e3ee5b998c122388cc5729373322c46dcd9e022938c561d6b86176da6e4d0be1dc44a26f57f8a80f782bed65c24d867f5cb6348f13d2ca239993e9c9567de218efedd", 0x73) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:46 executing program 0: r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0xe, 0x80000) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f00000000c0), 0x4) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") socket$inet6(0xa, 0x4, 0xfffffffffffff109) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r3) [ 542.374141] FAULT_INJECTION: forcing a failure. [ 542.374141] name failslab, interval 1, probability 0, space 0, times 0 [ 542.429298] CPU: 1 PID: 27535 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 542.436346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.445705] Call Trace: [ 542.448310] dump_stack+0x138/0x19c [ 542.451954] should_fail.cold+0x10f/0x159 [ 542.456119] should_failslab+0xdb/0x130 [ 542.460105] __kmalloc_track_caller+0x2ef/0x790 [ 542.464786] ? strndup_user+0x62/0xf0 [ 542.468594] memdup_user+0x26/0xa0 [ 542.472142] strndup_user+0x62/0xf0 [ 542.475778] SyS_mount+0x3c/0x120 [ 542.479227] ? copy_mnt_ns+0x8c0/0x8c0 [ 542.483108] do_syscall_64+0x1eb/0x630 [ 542.486997] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.491855] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 542.497046] RIP: 0033:0x45b80a [ 542.500219] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 542.507917] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 542.515173] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 542.522423] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 542.529671] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 542.536921] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:46 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000180)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:46 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) pipe2$9p(&(0x7f0000000080), 0x800) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x3, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) prctl$PR_SET_SECUREBITS(0x1c, 0x1) readlink(0x0, 0x0, 0x0) setsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f0000000000)=@fragment={0x7f, 0x0, 0x40, 0xfffffffffffffffa, 0x0, 0x7f, 0x68}, 0x8) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="00d7ffd399c603ae180b571b8af5ba58bc01f1f38d67dab0095217e786fe8eb4325b6f1ad2bed265ef434c62a05b4217dfcac28eb29b8a63176c341b31047491b74424adfa6ff7b1a193d5a2e51e1b1e861c3d8bc1c0ddcf4c869702d95cfbc75c150e179290d5225041f7187bc152a68b771d18c85246bb5dc9a0cd60b68bce33502f6d900b71f116178c1868b6ae6fd3f58734ccadb5f3f182a5a4ace22599ab903194bc5230edb54f3363b509592bc32b8aa9924f75312ff82e65ff565298e9503ad706b3afbb3349b172b537cdaba3e836fc84c08654a8b5025fe93400b26ef2227c1cead9ab7ede19bebb690a0ac0535713d9f7dc1f0460f23ea359c980366058daf5dbdefc886f5b030b25e96a2edd059b8a9e69ec4115d668a3b051310e0070844cf8db68dc59d8b017991ab54772cd83c39058b8776a26117bd92713efb6490c109e67d3be1def6e89a0a148711b7687034266ddfb9765a89b1509", @ANYRESDEC=0x0, @ANYBLOB="feaa1caf5399f42c00"]) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) openat(r1, &(0x7f0000000100)='./file0\x00', 0x0, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000140)) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:46 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$int_out(r0, 0x2, &(0x7f0000000000)) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="2adc1f123c123f319b5070") r1 = socket$netlink(0x10, 0x3, 0x1f) r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2080}, 0xc, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="280082243a2c3386949447f5fcfa38d67885e18e57ddd332f203672fce773020000000bb9591bddbcc137557ccc7b496b60971aa07d63f3e33766b4fe0cb96efe5bfd29a598900d278c726e52e7b39f802b4fe36aaac9eef60", @ANYRES16=r2, @ANYBLOB="000728bd7000fbdbdf2503000000140004e180efea000000000000000100060000"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x800) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x3, 0x800) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000540)={0x3f7d, {{0x2, 0x4e24, @remote}}}, 0x88) ioctl$RTC_PIE_ON(r3, 0x7005) tkill(r4, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00000010e454f24e3a5809f32ecfa00ccfd4c2040fb25b206441e838a90c29b6b6cb1ecebb733cab8b7113490cdfab961a6c37095f49fc9efe4324ed1e4d622301c827990e2e78f6daa13b691d4ef2d52c30da965b00000048f2ff1ee539d82940a369bad497c6d0e354f997e3e3a911dac90b5e10ce05cd1a4eaaafbac850fe5052d2a4d41f2015021173a9f57423cbdd92601444331ac825f706671d1d9881", @ANYRES16=r5, @ANYBLOB="11042cbd7000fedbdf25020000001c000900080001000600000008000200890000000800010020000000"], 0x30}, 0x1, 0x0, 0x0, 0x40008c5}, 0x40000) ioctl$int_out(r3, 0x2, &(0x7f0000000200)) ioctl$TIOCSRS485(r0, 0x542f, &(0x7f00000000c0)={0x3, 0x180000000}) 18:53:46 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x3, @rand_addr="e4e0d42e04ae38f11c7e23f2b605112e", 0x8}, 0x1c) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:46 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) getsockopt$inet_mreq(r0, 0x0, 0x24, &(0x7f0000000040)={@initdev, @local}, &(0x7f0000000080)=0x8) dup2(r0, r2) 18:53:46 executing program 4 (fault-call:0 fault-nth:52): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:46 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x422240, 0x0) getsockopt$inet_udp_int(r1, 0x11, 0xb, &(0x7f00000000c0), &(0x7f0000000100)=0x4) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$SG_GET_SG_TABLESIZE(r1, 0x227f, &(0x7f0000000180)) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000d80)=@security={'security\x00', 0xe, 0x4, 0x508, 0x348, 0x258, 0x258, 0x258, 0x258, 0x438, 0x438, 0x438, 0x438, 0x438, 0x4, &(0x7f0000000140), {[{{@ipv6={@local, @initdev={0xfe, 0x88, [], 0x1, 0x0}, [0x0, 0xff, 0xffffff00, 0xff], [0xff, 0xffffffff, 0x0, 0xffffffff], '\x00', 'veth0_to_hsr\x00', {}, {}, 0x3b, 0xfffffffffffffeff, 0x4, 0x29}, 0x0, 0x230, 0x258, 0x0, {}, [@common=@rt={0x138, 'rt\x00', 0x0, {0x9ad, 0x3, 0x3d, 0x401, 0x1, 0x1, [@mcast2, @loopback, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @mcast2, @loopback, @initdev={0xfe, 0x88, [], 0x1, 0x0}, @mcast2, @mcast1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, @local, @initdev={0xfe, 0x88, [], 0x1, 0x0}, @ipv4={[], [], @empty}, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @loopback, @loopback, @mcast2], 0x5}}, @common=@inet=@dccp={0x30, 'dccp\x00', 0x0, {0x4e21, 0x4e20, 0x4e24, 0x4e22, 0x0, 0x1, 0x0, 0x400}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x4, 0x4, 0x2}, {0x8, 0x1000, 0x5}}}}, {{@uncond, 0x0, 0xc8, 0xf0}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@ipv6={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @rand_addr="711015bc5e4ff7967d14c3894a7f637c", [0xffffffff, 0x0, 0xff0000ff, 0xff000000], [0xffffff00, 0xff000000, 0xffffff00, 0xff], 'netdevsim0\x00', 'ifb0\x00', {}, {0xff}, 0x2f, 0x8001, 0x1, 0x62}, 0x0, 0xc8, 0xf0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x2}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x568) getpeername(r2, &(0x7f0000000340)=@can={0x1d, 0x0}, &(0x7f00000002c0)=0x80) getsockopt$inet_dccp_int(r1, 0x21, 0x7, &(0x7f0000000540), &(0x7f0000000580)=0x4) sendmsg$nl_route_sched(r0, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000440)={&(0x7f0000000640)=ANY=[@ANYBLOB="540000002400110128bd7000ffdbdf2500000000cf9019fd50690850c309776f1b51401d81592a33e57acef401e777a51b5150745bab333a568c3c8bfef67c01f820433da6a80056aca4ad199883a87f910469edecbd870fe03edf2739cc3a088d87de6d998973a47d8aa5f9ac86461040aa3786d01ee9c907fc631ffb9e61d048f96d37ce3fbd9f7c399c26392b9f50bb464ec131d9c03b02f223c0a1017a704dc84f89c8d7816a02a8ed1188848f5a7404081ea9f768b63c6d23494a016061dca9a575a7509ff4d566a4e4e61e5f", @ANYRES32=r3, @ANYBLOB="ffffe0fff3ff0d00faaa05003000080010000200070005000000ca00010000000c0002000600090080ff000008000200070002000800020005000000"], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) readlink(0x0, 0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) r5 = shmget$private(0x0, 0x3000, 0x7, &(0x7f0000ffc000/0x3000)=nil) shmctl$SHM_UNLOCK(r5, 0xc) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="16e6"]) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) poll(&(0x7f00000004c0)=[{r0, 0x2}, {r2}, {r0, 0x1}, {r4}, {r1, 0x1040}, {r2, 0x4}, {r0, 0x8000}, {r4, 0x40}, {r0, 0x208}, {r2, 0x8002}], 0xa, 0x6) 18:53:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000100)={{0x3b, @empty, 0x4e23, 0x2, 'lblcr\x00', 0x10, 0x401, 0x6f}, {@loopback, 0x4e23, 0x2, 0xc000000, 0x100, 0xc3c}}, 0x44) clone(0x40000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = syz_open_dev$admmidi(&(0x7f00000001c0)='/dev/admmidi#\x00', 0x9, 0x101800) ioctl$VIDIOC_S_TUNER(r2, 0x4054561e, &(0x7f0000000200)={0x9, "64794cabbe34d3f6048fe3e9e5e37f7a94c819cd9a62d916f217848d0b61fd32", 0x7, 0x400, 0xd03b, 0xffffffffffffffe0, 0x1, 0x3, 0x5db, 0x9}) ptrace$setopts(0x4206, r1, 0x0, 0x0) r3 = syz_open_dev$usb(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x1f, 0x0) ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82) creat(&(0x7f00000000c0)='./file0\x00', 0x98) tkill(r1, 0x9) wait4(0x0, 0x0, 0x0, 0x0) 18:53:46 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000040)={{0xffffffffffffffff, 0x3, 0x8, 0x3, 0x1000}, 0x0, 0x6, 0x4}) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 542.784195] FAULT_INJECTION: forcing a failure. [ 542.784195] name failslab, interval 1, probability 0, space 0, times 0 [ 542.814764] IPVS: set_ctl: invalid protocol: 59 0.0.0.0:20003 [ 542.824560] CPU: 0 PID: 27602 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 542.831587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.840940] Call Trace: [ 542.843536] dump_stack+0x138/0x19c [ 542.847173] should_fail.cold+0x10f/0x159 [ 542.851326] should_failslab+0xdb/0x130 [ 542.855302] kmem_cache_alloc+0x2d9/0x780 [ 542.859452] ? lock_downgrade+0x6e0/0x6e0 [ 542.863606] alloc_vfsmnt+0x28/0x7d0 [ 542.867320] vfs_kern_mount.part.0+0x2a/0x3d0 [ 542.871824] do_mount+0x417/0x27d0 [ 542.875625] ? copy_mount_options+0x5c/0x2f0 [ 542.880035] ? rcu_read_lock_sched_held+0x110/0x130 [ 542.885054] ? copy_mount_string+0x40/0x40 [ 542.889297] ? copy_mount_options+0x1fe/0x2f0 [ 542.893798] SyS_mount+0xab/0x120 [ 542.897256] ? copy_mnt_ns+0x8c0/0x8c0 [ 542.901145] do_syscall_64+0x1eb/0x630 [ 542.905016] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.909846] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 542.915020] RIP: 0033:0x45b80a [ 542.918190] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 542.925885] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a 18:53:46 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000080)="642344cd6e6d4a1186a9e49bac4dda0fa861e0b21909f541508643fce6eab6e119a44d87e67abce5669e890ca06dc3c2aae6212eb7a3622cdf632ae75b21e38dbd8d082556e5b0df72a9ccf2cf81407da310d4603bb3387824982577537795ca2dbd502e1aee0052fb9f4cd1ba251260255ee51dc7740cb9fe3bcb2e0d5ef3fb2b5ada50c878f7f40baeda19400f081203a0bd3ee320805ab4f209f5a867018dd7bb20870a41dd0490b496eb5e34870f41e607a0759f4920a221d5bb6af4fc53eb55d3c538bd9ae7cc4fd27416d94a892539ac015d96c70d7eba88d1bd453691099757dc") prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 542.933151] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 542.940402] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 542.947652] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 542.954902] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:46 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x0, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000140)={0x10, 0x0, 0x1}, 0x10) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0x8, 0x8000) getsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f0000000180), &(0x7f00000001c0)=0xc) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000200)={0x3, 0x0, [{0xfff, 0x0, 0x0, 0x0, @irqchip={0xffffffff}}, {0x2, 0x2, 0x0, 0x0, @sint={0xffffffffffffff7b, 0x4}}, {0x7fff, 0x1, 0x0, 0x0, @irqchip={0x3, 0x10001}}]}) fsetxattr$trusted_overlay_origin(r0, &(0x7f00000000c0)='trusted.overlay.origin\x00', &(0x7f0000000100)='y\x00', 0x2, 0x3) wait4(0x0, 0x0, 0x0, 0x0) 18:53:46 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) bpf$OBJ_GET_MAP(0x7, &(0x7f00000000c0)={&(0x7f0000000080)='./file0\x00'}, 0x10) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:46 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$FS_IOC_SETVERSION(r1, 0x40087602, &(0x7f0000000040)=0x4) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:46 executing program 5: syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e23, @empty}, 0x10) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x101000) ioctl$SIOCGIFMTU(r1, 0x8921, &(0x7f0000000180)) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000001c0)=ANY=[@ANYBLOB="070000a8df00070207764c0a2e288ac52fccf01d000400080000000540da918bfe5fc875c7cb416fd2ce"], 0x12) 18:53:46 executing program 4 (fault-call:0 fault-nth:53): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:46 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000300)='/proc/capi/capi20ncci\x00', 0x10000, 0x0) read$rfkill(r1, &(0x7f0000000340), 0x8) clone(0x2000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f00000000c0)={0x0, 0x6}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={r3, 0x3, 0x2, 0x7, 0x80, 0xd9}, &(0x7f0000000180)=0x14) r4 = socket(0x19, 0x6, 0x4) ioctl$sock_x25_SIOCDELRT(r4, 0x890c, &(0x7f00000001c0)={@null=' \x00', 0xa, 'veth0_to_hsr\x00'}) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) ioctl$SG_GET_SG_TABLESIZE(r1, 0x227f, &(0x7f0000000380)) openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 543.219332] FAULT_INJECTION: forcing a failure. [ 543.219332] name failslab, interval 1, probability 0, space 0, times 0 [ 543.242251] CPU: 1 PID: 27639 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 543.249286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.258648] Call Trace: [ 543.261252] dump_stack+0x138/0x19c [ 543.264907] should_fail.cold+0x10f/0x159 [ 543.269068] should_failslab+0xdb/0x130 [ 543.273051] kmem_cache_alloc+0x2d9/0x780 [ 543.277208] ? lock_downgrade+0x6e0/0x6e0 [ 543.281371] alloc_vfsmnt+0x28/0x7d0 [ 543.285096] vfs_kern_mount.part.0+0x2a/0x3d0 [ 543.289602] do_mount+0x417/0x27d0 [ 543.293156] ? copy_mount_options+0x5c/0x2f0 [ 543.297568] ? rcu_read_lock_sched_held+0x110/0x130 [ 543.302592] ? copy_mount_string+0x40/0x40 [ 543.306847] ? copy_mount_options+0x1fe/0x2f0 [ 543.311363] SyS_mount+0xab/0x120 [ 543.314816] ? copy_mnt_ns+0x8c0/0x8c0 [ 543.318711] do_syscall_64+0x1eb/0x630 [ 543.322603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 543.327456] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 543.332645] RIP: 0033:0x45b80a [ 543.335832] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 543.343551] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 543.350819] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 543.358079] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 18:53:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x10000, 0x0) write$P9_RFLUSH(r1, &(0x7f0000000100)={0x7, 0x6d, 0x1}, 0x7) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:47 executing program 1: socket$nl_route(0x10, 0x3, 0x0) prctl$PR_GET_FPEMU(0x9, &(0x7f0000000080)) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:47 executing program 0: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f123c123f319bd070") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r0) 18:53:47 executing program 0: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x6, 0x0) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000180)={0x0, @bt={0x0, 0x101, 0x0, 0x1, 0x5, 0x8001, 0x40, 0x0, 0x3, 0x2, 0x20, 0x4, 0x2, 0x0, 0x10, 0x9}}) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x1, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") pwrite64(r1, &(0x7f0000000240)="5de4146715989b0749ea545ab80890d99952d7fe9c7f", 0x16, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {}]}) [ 543.365334] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 543.372602] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f0000000140)={0x8, 0x120, 0xfa00, {0x4, {0x9, 0x6, "473b6231d7cd869920d92c1d5fef5b8d26a3a56ffae18b14bbb0e698ff31110f519be286028acc83b0f82647570bd840983d8c4eb0a597f2b5b8e70b483f144f894d3a6114209b9c0b12d0828c517e24a7844f27da2c599dcd43c6f739cdfa3db231a57736dbb333431f43914960f2804a8f097a7af01570edc00538838cfd405c36624407051aeb0b5c683182495b20614e74cb368407a67fee1d28b088f3d3382e6716d750bf422aa45925894309098fa4b9f9813a80c3f7ba5f7a0a8d1d9393a9c90d0f523ce21cf9cf491f8b30a28ba273aa6c1f363252b341de0da469a4b664ecc7adb1aeb12e3b8407518e2ba1af5c1f1b58ca4d541f54df575baa7b66", 0x7, 0x100, 0xffff, 0x9, 0xffff, 0x5, 0xfffffffffffff2de, 0x1}, r1}}, 0x128) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000640)={{{@in=@empty, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@remote}}, &(0x7f0000000740)=0xe8) lstat(&(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$gfs2(&(0x7f0000000300)='gfs2\x00', &(0x7f0000000340)='./file0\x00', 0x2, 0x4, &(0x7f00000005c0)=[{&(0x7f0000000380)="c1d08fb3d58b7a36a15bad7dee49cc471b417b39fc9244402e6c17648e173465c62157e6b27527764c8e46b409e0", 0x2e, 0x7}, {&(0x7f00000003c0)="0542c376f0aef400939678340010fd1a35dc50e3912d4376f24f67f3c7e9447be3048234ae7e4266d68cffd24ceb50146cdeaeefdceb9cb51d34429a8189b86ce3edb51d8d4ca1315b43605d125d753982d0d53103f937f865d08f47bfe315e93ff0732ba6999a75cfee9744404af915570ba1eebc1e9910e39bb6c58dd0ba47bc733f0d91c5c1fb5e2fe0", 0x8b, 0x3f}, {&(0x7f0000000480)="bd36dbd0f822f0b41ba3c53d86e10f8910ab5d991877ad6a65766d7bbcb04a3d208b81abf77e297682e716420aa69f720a1a84e8e82ae3507a9d091e2dad7db68721bb5dda0905bb1080354ac741331daca4ec913ed319827d569bd4999e5711b0f869e3b3beb9b4edfc833f50426b3d43c714af", 0x74, 0x80}, {&(0x7f0000000500)="48620607390ee781de2581af7b01128b229d561c14ba41b74e85c937ceef5f67ef60eb6530c89e8637db739d826f57baebcccb178d748f895562a9b058d977ae0d910f42178fab3beae719569498f5fd7a8b35ab0d87558cf97a5855cf3552cc5cea4274c625cb185b900beead6a2f47aabee3cdcac202b599ffa28d3b8268f9ebafc314e354ec9c0d8b008dbc6e16e1844458cb18e05736c7a7d06b07ed59adc9f421189bee70b5680a3c990338fec0c0148835a865b95d5abd707c1492", 0xbe, 0xffffffff}], 0x800000, &(0x7f0000000900)={[{@locktable={'locktable', 0x3d, 'ppp0cgroupvmnet1'}}], [{@euid_eq={'euid', 0x3d, r2}}, {@uid_gt={'uid>', r3}}, {@permit_directio='permit_directio'}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@euid_eq={'euid', 0x3d, r4}}]}) r5 = gettid() r6 = syz_open_dev$swradio(&(0x7f0000000280)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VT_GETSTATE(r6, 0x5603, &(0x7f00000002c0)={0x0, 0x1, 0x6}) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ioctl$IMADDTIMER(r6, 0x80044940, &(0x7f00000009c0)) ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) lsetxattr$trusted_overlay_nlink(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000300)='trusted.overlay.nlink\x00', &(0x7f0000000340)={'U+', 0xff}, 0x28, 0x0) sendto$rxrpc(r0, &(0x7f0000000940)="1c6a21119474c718ca4612086cf7d28a4357ee806ec47ca98fe86bf504b9b9c44e75b2c9b9cc2a257950e94dd2a035cbbb4f1d55e1768daf543d12cfdb52744b63bd81455c31f1f3413a3ee19a0bfdaee536b3208d664e1b460489cf3b15866faa28fdf8c77d5ba1c964caed8077aee88d4faaf708ed325c7ad0cb600244f129834f8f074f73b3b94ab3f9673b1819f423545bdf7b98d4db0d25531e65e9fd204c54c20334c35b3a303e12064a683a78f9e6ff078ee7189f1bc71338eb0f63929c7589d9f9af8beff7f37bb0978758c88251ae3b9b2c6194696246f59997584e437c1bace21d9cc657479df32cdf6c090a5508210d3dcbb4e7e1507141e74b951d319d3ba430494af82250bc606f0c2cb553294c4780597a4408dd54851a99e6331692e0b84c5540594556419ebf618f5e0c938742a0c608e41fcb36c2b6b9b555de0316cea8aaeef757b834dbac73b0a8982413008be8badf3cd6c2ed94c7a1eafccf80d8877b825996b7f0f81b1224d235aaaa8c4590ba14379bda08f50eb7f3eb84344318470feb77208541974b29566c94bbf640261f6741f410c5baebd33d917b8bfee551d58864621d228fb9dc2bd0d7e98cbc8ba1838b0ab66e381c78ed7b5662ef4d863b085ec3f4e58f7eeb9058c4d1087adea7a583107b669fda7be20155d242b0c85a66bda02ca6ed7a8c5948b87dc670aa94554e888356ed0e3dcfab4b4b6ed74dc45543c1d052537eab6a091089475753b700965411907de6b0ebffb92776cbc99de23114cc2ba37e63c965bf7973e9a05280cf9bcdea61ea8e448af7c4825805c76ea1be07482a52a82d3e183348b34a1ef6d25e244530738f1acaa9b987c7a3b201f14443bac01e0bf8d97c3d4455300a6bc58cbcaab1e0619a85ff6477b76b090afe846d7a3ec0ca06104066aad0c79c4cfd46fbd8b6e3afe7d7b1f1ede7336859a6238f1cc268d10af1b209f24c0097da12339e33a8ff640429c99e67e75d54064d788b2e1d20a9c797735f4f22a9010bd3bfc639d6b8013b1f601344bc34295b9eeb4c948093fed03de0d16b168cd67fbadc0615a40dc7e01b4bec4022aadbd26754d2eb90650824cfb3da338776698b697caddfb5e61a21f4e20938d3464bab7b46eb98e94568019a3a5554d76032002826ad6384f1c1dfe411a29610aff8991dc2c8ac576af5e44cab05024d0ceca8be1200ef93c06fdaca79bc6491fd4341478ebf93515d28e24417f039e142e7bbdf46ca5d53a752218ab934899a958a4fc2062a7b0c403e6d2e0c41043ebf4f29d535472434f315a80a260f0e55bebff3043122a84b668b470bebb27cd5a212a42f681123e36453ced9718a906dcf5a2e91022bb945cdd19aafd356e4f8a1728ca12880803dd414944ccbb677973194782c59005e84000f6dcfda56536adb9b6b4faeb0068054d08f4cc9dfb6bcec153ae2d8fe95cf803897b805d8a9cbc32e67dd1ec30a080852837b31a327b9c27ec74f5d613d5da17673e5c5eb84177bebcfbbf7ad8b7364286a576c7c061c32c7f0a155cd9bde114a099761d81241a4044621a119b5ba943aa12f981adc5012622f698e65536d3f2a79ea53c113b848fed995581e3c7a0248279c6b8dbc037f2418d0ab726ddcb770b7e1042d1e29ec155aeb8ff18c669b84c865f28e9909052df0e7dd7d7276dc2053c03e6ec25973b591522976531cda8156f1c473791f88a304e97223d142ee5c2c4a16b6dfc1783b1fba4daddd9aa6675699134b0d5002ac71110ea3be4007db24d5b275863e337e91bf2731b64134e8e61fc0c73e87d335418fdfca736f525ec24155bc2bb753c6276e800ba69434846160576dbf0720ca7bdf684ce12bb1cfeaf7da81c5d0bace5286159738f65fdc95d3f809a7b841d68aba088c2d1e7135654b29d79392f2b181cca76b71a8a5f2665584a2fabd1d776c9bf48da91ac3b9095409cba153b99ecbac176d1a3a88601e5cf48c945a03f47a1f81f10782e304e262f1c0651c367f4d3f7d0ff75e9d9654c9849b3dcd2286331db33c48f75c7fd1736af5dca5f5aeec03e7cc1032e6b7ebcd7da200c09db5fc1f11bdc8b045bdc56de1fe54bb0744824bb3d077789410e7e57fa050744bc8fd26e4c9b91dd8149563da1889cd9f2b82a65933d7b256b0e64be4c1ca45fd2783c3e1d07c1dcd7bf4d2d13c9de09a7765aaa002aed7c2203733cce529fb1181582a993a517466ce3435b73c65617aad6ca360e98ab540461cb6ad5118f76432faab87741c3905ccab702a4c748354ac26386b0e0c81ef01812f2ae0937fa72d945aca3c3bf1e13daa6b2e2d6dbeeb84548a5fff95b26d47343bf8318564d180ed290d54cbbcb1fc45e34779a41046d3af71cc0d646caa4e5b4fdff7dc97e42621a30d18ed08a9a72db6a196dce2d268a7d43668f7dd31fdaf6a8d4745ee0825177a683b3a4f5c60a23f8e915b49be764a553d4e38caf96d5931fb9e02d4e020142ebd21ac2ee84cf2eb139dca3d8aa6b38d18702f55a2a17988f174218ffb90135f23cbaab4d3aa7124baa61b3efa8f7aac3a34ed579f236cb9454b5c26849f61d7ce71449c34ee6b4eeaaba6a236313ba5d777d4f7dcbc674881c48c670debbe7b471f2a9291641cce2c34904c75f6f222dd3eb55021ecec6c3868d447b8963c0503de7e5ee0b143d6eb5697e745ce9b146571d16f76439e01d8ed358e886764bdd7402b4781583e0ebcbd013f32240703c0464a2a9847cf3eecef32e5e6d08eb7fdfa2bd6a1109a85267289cf4965f3c80e7ec193fa0ffdb1589b54fa593e049c62df83ba963b52b8352f9afe8dd3d12fe88375c2af7bbc96cc23eb5e3d3896cc4645d11bcfdbcf4bf161bb39542d5f923db47f4ac53d157686506becc3bdc366c960678bd47315e47dcd1a173de794fa2b34fe916bbf77efc7ba67b8f4f7ae8c6903e5321564914eb79a07636a06ea15a845ead9ad1cd4eaef3b20f26a3357206f9195ad0c711f42600a912c93909117ae1ed2804277b00090f6798e73f9bad3f35a5b82cb15bebea9d5496fbf1d40dc07b2b6417f18e50fbc1552a9699ef8354fb6e5383dab79553e3e4faf3bf50bc5a762f66b8e9d0eeb5fd4b566722dd08e77dd7f50f744b7fa8b607386920c09f9c60a7c1bd72340c565baf130fcddbfbd054970a3d1a47b2bdfc6593f7eaec9639bf792f001ca764ae9ba936c7f7afddf83b33f27bef55e041070333232ecaa63d9abb27c6a2b2aaf42cef89f6075d06caa2abd28f1f2f4b60c63323d556b92facfc03e998983dea32bc3bc223d5561fc3665845bf10dfe05802203252e3e4cecdaa1cedea06e968decba6fe7837e35a8365474d3259f07e788ba78ab991ec06f909ee6374e85fa11b6829a8cbda6efb5e358d2a52bb49c6aa7ab35731deda5f508e0b1faa638ce040905fccd0e20f50f4e4c4fea30ea67d0bb62b888dba543d0ac23aec1f5a4f3fa1acaa55d9af97052e4d1f488d0aa6c3a1fef212b5d644fadcd2d2da03ce3b0f0635fa82b1cce120dd745695ccd1af92c1bfda237ff97f2252ed7b8e7e66fa653191454e2a6e36ca1a4c63e13493fd83208ebfac691877ebe25ceddd76e8e334bf342561902c0a4a75d0581548d04b05121cc9e4205533edfeb6cbeb738efa44d52605d8b7b5907f4da527ad4d4db3c13d3c6c149f60e84497fac2833d6aea4ca296c81405ec40b9331acbd9dba70ba87eea8f4c315e311725cb69e39113a158e38f3a63c695c858ad0f82abaab646977dfd099d77451a11beae1e93e65a2a364250e63296acb790ff9ee13c65f3887869f116966d4f8369d543925fc0605d4560bdc5523bc33c6b36141d0ba3314e75305abf638ed2c111f70b75236ff80aafd31997d94241838420828aff8b5fba159c6acce67495dab1abf8e86e874b32ab5416da70cd5f7cc42dc140ff6925fc5e49269c390d8b1a813039b31ccb1572b3807bd526cf36116f69ba41ed51b2588beac66c9e8260cb96ab1da215877cdc9160c12fd9a1fc41143295b0f8f5cb31b8313aca0dc3a45bca3ec6c437b9f4a2526ce673341c4f3ee08fdbfd3e72934b2b43b5c9eb32d0828e53ee42828c8e41ffc55e7475439e650bb9d19df902c05f122f26a31fba8fc56554a0f91b33e8907953b9bf3d72cd54ed7816e3ddb4b63a8238629349268b7b754b1c7ccb335f5c574400ef8ede509a06cf2c90c4b9c0eed5d108488ee417da3565148781f402d269dd59f38b3dfdde2f477435d7deb9ceb52a8660c9b82ca0d4123b923563184ffab5fc279dd883f6cfa660e78b7d2dc83e618f9f683b219c879658ad5049b855adfaf37c75e8a49048de5f72301771e914b2828e8afd1430fe323c8455bb8cc16ec1e5492e6b7391991b01a36ee7371f9e514af4afc3212ea3f1ae142f6ff03073497688f47bfa6e661692b808cbb787d2d11c92dc4c843b113d6db9641765c80a6f79176a074d1b085ebbf38b52c793640c9f3294ca877c53b285bd1177fd052438350f6ac54aff030a7c4e3658e7a9dda5bfce5e9e6b11fcd83aaa21389ef2ed18f08699357744ae9016f658623f07db41c35d20dd0f67cfd2390031d86b19d2551b7c1f14bc707744f7c022483a9a5056e6f77ac0580f8ccd66181c2208f0011600c907766fcd9072f3780838eb80a9fbcc8284dd5beddc1338c0b7fbca7328fc26d1cb3b678cc29ba3645091982d9608ba570b58a9b687444372e2382211bc2e5a6bd0dc80986170cd3c1fb565a25dc98edbcdc436353d91f3603aba29e263b53bcbc20f4ff54c6532ad8d556c4e8999e5bf867f968b9e9fc9bf731e4e7b084eb64362126de394db8f5b0b267ff1b2c0dc17a9dad2e3c625f0c18af83f68f4353c68e4911b9bbee9737eb2dca9a5366f0232c31f21152dc9deb4083b0b4a06c428e3eaadcd4b91d8c5791cb483ba46a2d2ebc979c7f5988ce29972e6b42ecd29b63890bf321b2191702202f2377d38f9082b369eda11c5183e02f41ae8b3ee0a16146a3825357793b133ccc26c8b2873a959ef92f1e518bcefceab679542c4badb5b60e57762bcf8b40d8a78da90443144b5c5e305acf1e71335585363f20afffc3594f926c90e0b7a2b519bf6e73c429f1413fd7d64ba9d13029f27f5606859e12ca441bb05dbae898eed58725843f35493f6e39bc78ba51292e735ab0a497d065b982b0fdf59ee01f9d6f507533d8add413076535c25c15fe50697e7deb3a80a0a731d6c6bfed7d96fb8c217cdba4f39dc2c15cfbf9d6d0da2eea31d1cfebce7f6aecd7d873bc081d78fcfb2ee1b235705307ed8ee88ff823980827c8e29bfba4cf30694c05444806dfc3a7a283b5c6c4af3183b95ddb75e819a0ff76bb57df872f0819ded2c4166646bebb4b6699dd874a2c54a221db23dd26c5bc5599428fa328f66e790852fa34830ea6f60848807fc38705d3734e5f8e5d5e592ace56fad53ca72538ce1e9a7458d92fdc458f1e766f5ed08a3966413964d5a8c07fd4d0ba69a73bb1dd7be152b3b8ab89f5c24ec760a003f8729046f317aa7cbab547ad52fdf6e606e633f0973248f634102f3c411a431e18723ad60f421f906b38187f6ae1dc11eb4dce30d7f9a6c3a45983273c7ceb942a9fdf2380429d2a47b82e60afbdb7c0b0c24c00a8af84af196a6e46c7e7645590c26f58ff4e5ce4acb3cd166b9179e526dba085a9d5000743f4ef5c76417c5ea6af645160b662b937e6d67c550ec1eb3ea7f4126016e33b53dcab7a0bb821196cbb6faf56eaf6725c", 0x1000, 0x0, &(0x7f00000000c0)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0x1000, @mcast1, 0x3}}, 0x24) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000140)={0x0, 0xef50}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={r1, @in6={{0xa, 0x4e20, 0x5, @dev={0xfe, 0x80, [], 0x16}, 0x3ff}}, 0x100000001, 0x9, 0x1ff, 0x5, 0x29}, &(0x7f00000002c0)=0x98) ioctl$TIOCSTI(r0, 0x5412, 0x401) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x400, 0x0) r2 = gettid() getpgrp(r2) r3 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x20) wait4(0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_ENUMSTD(r1, 0xc0485619, &(0x7f0000000100)={0x4, 0x0, "375b12cc96547fae31225532e4dfb9718382bd37172341b3", {0xf55, 0x9abb}, 0x7}) 18:53:47 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") fadvise64(r1, 0x0, 0x4380000, 0x7) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000180)=0x54) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = openat$cgroup_type(r0, &(0x7f0000000040)='cgroup.type\x00', 0x2, 0x0) dup2(r3, r2) 18:53:47 executing program 4 (fault-call:0 fault-nth:54): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:47 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x400101, 0x0) ioctl$TCGETS(r1, 0x5401, &(0x7f00000000c0)) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) mmap$perf(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x8, 0x8010, r0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xe547, 0x200) write$P9_RMKNOD(r1, &(0x7f00000000c0)={0x14, 0x13, 0x2, {0x21, 0x3, 0x4}}, 0x14) arch_prctl$ARCH_SET_GS(0x1001, 0x9) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000400), 0x2901000, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7, 0x109000) r3 = msgget$private(0x0, 0x200) r4 = geteuid() lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000200)={{{@in=@empty, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@empty}}, &(0x7f0000000300)=0xe8) r7 = getegid() r8 = getpid() ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000340)=0x0) msgctl$IPC_SET(r3, 0x1, &(0x7f0000000380)={{0xbd2, r4, r5, r6, r7, 0x118, 0x6}, 0x2, 0x9, 0x7, 0x80000001, 0x6, 0x0, r8, r9}) ioctl$VT_WAITACTIVE(r2, 0x5607) 18:53:47 executing program 2: r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000100)="02f6f1e7b6b6475103114528c60e67b481f02c4a21f49abbb310be5e4dac4b8692198f0a62aed1a7cfb84855131f4b40365c4fff8b11574065520465a685d5d814795c0626564a4f22bb270a2efa70827307bc2345d71c225b225794b1b0") r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=0x0) ptrace$poke(0x5, r2, &(0x7f00000001c0), 0x80000001) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x4, 0x420000) ioctl$EVIOCGPHYS(r2, 0x80404507, &(0x7f0000000100)=""/215) wait4(0x0, 0x0, 0x0, 0x0) 18:53:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, 0xffffffffffffffff) 18:53:47 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='trusted.overlay.upper\x00', &(0x7f0000000140)={0x0, 0xfb, 0x3d, 0x4, 0x7fff, "79d1ee4500830b9a6a62e33348fe1019", "ceee53e776c3ba9b33728cda5dd4149d89b1fa85582eea2a4f274f45753e161d4221f77c5160e896"}, 0x3d, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:47 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x7, &(0x7f0000000100)="0adc1f123cf77f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 543.712139] FAULT_INJECTION: forcing a failure. [ 543.712139] name failslab, interval 1, probability 0, space 0, times 0 [ 543.778354] CPU: 1 PID: 27703 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 543.785409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.794758] Call Trace: [ 543.797357] dump_stack+0x138/0x19c [ 543.797378] should_fail.cold+0x10f/0x159 [ 543.797398] should_failslab+0xdb/0x130 [ 543.805164] __kmalloc_track_caller+0x2ef/0x790 [ 543.805181] ? kstrdup_const+0x48/0x60 [ 543.805195] kstrdup+0x3a/0x70 [ 543.820888] kstrdup_const+0x48/0x60 [ 543.824617] alloc_vfsmnt+0xe5/0x7d0 [ 543.828344] vfs_kern_mount.part.0+0x2a/0x3d0 [ 543.828359] do_mount+0x417/0x27d0 [ 543.828372] ? copy_mount_options+0x5c/0x2f0 [ 543.840789] ? rcu_read_lock_sched_held+0x110/0x130 [ 543.840805] ? copy_mount_string+0x40/0x40 [ 543.840821] ? copy_mount_options+0x1fe/0x2f0 [ 543.840835] SyS_mount+0xab/0x120 [ 543.840845] ? copy_mnt_ns+0x8c0/0x8c0 [ 543.840860] do_syscall_64+0x1eb/0x630 [ 543.840879] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 543.840898] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:53:47 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x480000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") getsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000040), &(0x7f0000000080)=0xc) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r2) [ 543.840908] RIP: 0033:0x45b80a [ 543.879431] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 543.887134] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 543.894394] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 543.901652] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 543.908915] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 543.916174] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:47 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$swradio(&(0x7f00000000c0)='/dev/swradio#\x00', 0x1, 0x2) write$FUSE_POLL(r0, &(0x7f0000000140)={0x18, 0x0, 0x2, {0x6}}, 0x18) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f0000000180)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) read(r1, &(0x7f0000000080)=""/11, 0x382) ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0)) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000380)) close(r1) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000100)) r4 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000000040)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) dup3(r3, r2, 0x0) tkill(r4, 0x16) r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r5, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tee(r0, r0, 0x6, 0x9) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:47 executing program 0: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x9, 0x80) fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000080)='trusted.overlay.redirect\x00', &(0x7f00000000c0)='./file0\x00', 0x8, 0x1) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000200)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000240)={r2, 0x3}) fcntl$notify(r1, 0x402, 0x31) ioctl$FICLONE(r1, 0x40049409, r0) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1, &(0x7f0000000100)="0adc1f123c123f319bd070") r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x10800, 0x0) ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f00000001c0)={0x4, &(0x7f0000000180)=[{0x5, 0x8dc, 0x4}, {0xa06, 0xab2, 0x3, 0x4}, {0x6919, 0x5, 0x9fa7, 0x2}, {0xb22, 0x40, 0x4d, 0xfffffffffffff0f4}]}) dup2(r3, r4) 18:53:47 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) connect(r0, &(0x7f00000009c0)=@isdn={0x22, 0x7, 0x28, 0x4, 0x2}, 0x80) sendmsg$TIPC_NL_BEARER_GET(r0, 0x0, 0x800) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000740)={{{@in6=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@initdev}, 0x0, @in6=@loopback}}, &(0x7f00000002c0)=0xe8) fstat(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$jfs(&(0x7f0000000080)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0x9, 0x5, &(0x7f0000000180)=[{&(0x7f0000000100)="66d482e60adc1f0c1ddf28307c323d7c3491cc3f95e1da36802f8423ae4976f6f6c5503b6d3f12748e585442c082c0cd7b25ab760b4151e2d71103a7468ad03b459723b335570355763b401d28faf5aa4115eb", 0x53, 0x5}, {&(0x7f0000000340)="b67eb20072c477a4138c561b896c1e52c9ec81b6ba76f2c37f0a1c5447e55db4de96069e533f56e2fdb52c33b7a84778daa0df656af9b7f534031e0a1d1e7db8a1f322e1376ec9c59f93ecf86457a9d4e6b73bebc94ad7254f06907ab752781a019d0b94c3e275eee41fb7e744728c9428b12923a96a1f7596e35dad707d4d16da62434ed083ef4f8492f89cadedf90e71732ce1784921842263ac82cb24192e6114878f91c1e8f12a07ce1e6335223538a3f8f2d08678fef9f9398272e93ada30564a6a32", 0xc5, 0x4}, {&(0x7f0000000440)="f33b5bde15a1eb225530f431907e48cb320da0e932a40b3979b4d829ffc5b71a4964e677cf428a660b2aef37a1195b9d59912d325cc8286ad7fa3bf5abd614d66755155bcc57f4524a93669879cff74b18dd5774258f243f51a1424195f421f69fd10a9761dff39d6660be116bce72726949b1ded0b6acc09f82814e9c77e82237e967c49c62a947dca2e52fe2907d075c70d3d324c3b177da9aa6219fa2d3068aa3e18559c76ee0e8fef21992924706bab9440ecb96b36c9e31", 0xba, 0x10}, {&(0x7f0000000d80)="cb916bfabe422e7e9e555e96636be73f52ef70bc01084bd56a8ee6951a96c2e0e8cb878d587ed6c16cfdc5713102967e2045525721c1bfd96075bdb4d5b6e5761537046ae8f3e48afd2c0d8825091b8ba15353b7086477287182f166df27d3668f1adc85edafc112ec289ce86f996ec829350eda98ba72fe721eacf67baa76705563d8fa65e70c8c083540b7ef0ce785997f7aa16a484058b7d3e60e09bfa735acb6e512e40cccc7eeb8a13572d976e20d3ea76ac3d8abf8e1c4a12675c8e084f2fcf9b0a16be0976c043e582ef6adae1e424f631c0b5346f9bc38ab07747bc29dc0a67a6cedcd5d262cbcf71bebe758bf1b5f66c21f3fe1f0cebfc6feaf01311eaeabfc1d665627b0dc69aabd38cc381abfb44c322d0cf31e314157fbbb15bc250a2b5b864cdf7024711f614c6d0fdde185d61b513bf3c5a68bb5acb6a38e2ba6d26e76008ce0357044d36b245203fb50777b533a6ce3330e8f24a936120329fc147f35305286fb4ad52f7332034002c7a4a26c16ae97b33df3f7bb4ba5bba301cd2d00aa1e3270f86c572e6965e451a0abad432df55ee06ba62ffaab2b68c69a3b6b9df79b3d72e8361bb241175f906850c21f8b99e4f6c6b36fbc7fd6bfeeb150c90e75eec8e299fb203e8007f512e1ba2463889ca6d543421914bf840b087b7536a1adaf72ecc0c8b383c4e5ccefe82ce4e5cc0e300ff31a4db296ecf67eba9f0efccc22dd504cbe40322f4761e002d45a6c9b9fe7a4c427c48be2a79f90d57d68fb28d4133bd6aeaf49b36b8ee8e0e9bca33620f20010c74525ecf04f9436a9f4b604502e0d5839d3bb676fe89df63d85db153207b97f10e4edbaa4cbce8dbc72399669ea82886d2688151d5156186dd1813d7c28f08a316a490af4e329cd4f32fbebed7004b0026428bee223dce853244ec16af893e6b6202de44edcfa88a415963711805c0c782e5404c6b6091aeef373016ec3aef4da9cfbda157eefab45d6afce4dabd11e639cdf55ee9ee824bf2a61c8e7ed3b0046f19ce8f7774b75bab58a4b9528ae0a84fa0920a70aa588f617a1e9ed0729bfa7d7bd436b1a78a6ce3ec8f198d51ec79550bf8b0dcf04bd6109d2d5771abf15eee5b6fa0fcc53dcfb85fcd77b3754a9027ff3828f56bed324e084077c1b0cf80e5ab7bd2e2e2ba886642891037e192dccbf6011d4490eaf950fb6d643311edb17ffd16a69a1064ba23aa3416b5ab896e9bba22586dce68e4108a467a25c08b3cac421442ada776144c957cd1ded4c61a992b7b719d1c5afa36b8437dfb2169065af1acc4d0ecaae57ca24dba29f68d7b922447fe8492d7104f850021b458eeb3122646708efb31d992423c688690d83244ecffe1a1745944db2ed5d6600e8c5151fe7851091a0b651c0d580fb58e6a758745a02cd4818f623fee27faa7593543a7fa634896ea5e0f3930e3c275ff05fdb5919d5a3fb83c968edca61d68f9cd23751d0964afc805486707ec09d5ab4ba352c65bdf022ad0d005f0e987e517b96c3173f788d98d13409c68e337968dcd5ac911e9c891e17588d6c3036c11372347b7e564d075303adbd92dcd9b4937edd1c4a2e19cb49a3dba60ed54329101edf5a749d4ac516b263f63d31787ade33b76313778cd313ba611de8ff77c01efd14a6cf7ea706ad076fa35a6fd565ec0a4f6321168ab4ea05083432df57e25c1e79bba6dce84bb7d7e9e43e8eb9ec9dcefc11b93882b85f0820ef1b62a0ee79f43eee6d58c3e144e494c6499ddace6ab0eb293eddcaa9ec7af4daa0823f788e3e9cc78659a8dec7d1bd0cb935f40006820c838e836deb928894d367957c00d554cbfcd6332e5492a6c89f17bc170da7ae006e17a6be353320407ee83866add85bfaacd2155c353b9767c38aaaa3c12c5cff91cc38e7823220c74babaf7c3ba32883ac6ad58ab702c4e596565dc90be0da07843a0a641c0c1065b6906753f474a86dc2d2443ee51f259f60a3e5517a7dba215f4df72ca083e9d7447a44ae9487d741111ad0a6bbfebc41c5457903f6d94bcad307e053f0155d9d7e5a31b30683c7224e348c7f2bba36a742d7744bb29bf207345ecc62c5314519f288a53116f55198c032fe635c30c14dea46e87f8d3bdb9dd1a5257195a7f388ff4a807c8de4fa169a440b2bd8739bd1beff7b24dee165f8be0c0541f20c39d5b55cbc503a8ff1b32fe8f58c5d9eb022b8f72e1de60d597819cbd44e469926f47b8d752218f66cc41f569cb64fd5e97200536834bf9380b46f06d4e3a44d32bb65a60a55185581967e3800c1552812145a59e8d6db2c0304dcc64078863acb2dd361b83358a7b2125854d155619c6197d5355005aea82fde9927903560932d26fe6e3c64a3f6147d389fc684c472b7f39dd2aebe16705c83d330b65ac4d2574aadf57b3a16680ec6492a54e8a6f3c21b305b34e5468560e46c7d4d57c9ce96dcb5181a9d5bd07b4c7cd1a8917978953b562301200f49adb4ab38bfd1761791de35e9bea99d8b4f826c504c2b1f9d1697e36f20e66997345d37b1cebf15dd7ccf049d575e81fd5a219e9bf551f8c9f51d134416a8ee088b036d676aaeec65bf9f3d1b971d96da4c47e6718fb6922a2eed3d1867438cc9e19602fd2146a3c9c9c3128392e1c2fe30473ac8aeb3aa760a3e749b9a0b5b9b62052402a5eb53debce57befd5e8ac30f7ffdb10f4940a2d036b458f79c5db06a8212aff12068881dddf800d9cfede09a2dbb1af84c670f8fbf0b1a911fd90fff5a549708649b7e53a039f4d4eea613ff309eda8ba6d5c89b8eea00bbe871af1709201538e70f4b65879ab97af285aeff223b7b1bb3377ee6ef67f9b6a951a15f2da9a74fe4915634fd9b69bd295a7e68bbece7cde7bd033595624afecb583e95623894da33d407c3a95f11422266931ba8392c330fa7a4b84bfa778e809f973058f806afdba833ee2e8a6b9752c9e3fa14b366bcac6deadb3a9e6269b255871781eec0be3245e85b32e38be95f42887df7bdb0d28f9b93e9b87c38ea871c328f6ef53400aa1bfe44bc09b30ecd59a4c4e91ed1a8e028a030075ddaa0dbcf505a910cbb05f3a2d31217ef9bab291bc48cac778c7b562db72f4de33e9415c925ebe12e186922913a2b36196bcfe2a53129573dd4931dc71caf9955c87242a166444d0cf2d2140a828b78c4f583f162fcd03c9e6d2a9ef0d554e2eaffc9d5dd089ce8c4b47e61cc6a4156d64bcff0d8b2e932a7a61f8c2bbcd57edac6559e805036a5eee85d6a34d277d064ba0e9031e91af9f4ddd35493103986af026fa69acca152600e01bfac910283ad8c21544d974c0826128fc7732187a390ca7d985754bf34c83f53d41de708be993a4d038b1a8f4e56e393702c1741d969d58a4fe8c5de5172daacd3ed7360ea0251aed296e1e4a948a4892036ab5025f04b1d9dadd254fbcf957c87a684aa33e9174c7a496424c90815b67f1655c1e5f9760fe3e5a9ddecdc5990d592ca4360761c6ca045ac3a6f8db903a3d9f1ee128fc31c75ac5b517ba76823585ba2eb07585326fd05b0d6420e1c3c12b6dac94fc1bc81e1a1dd7ef2ec8f9d83271ea35ce3c4cfb7c677364803bcf0d5614c194c71776ba900d81d3dc9b00aab0a8f5d1f63afa4fbb28f90c5707a9f2332d06151d12092704f48e24b1f3dc4e2a008a7d43029f4e54599feeccd8bc1492e83707a8d542582f5acc4f5bf65f7112da82f230d5de3c816b010ac1c962710d7437c6b0987f59532107cc7d321176777ffc090fabc07f0e2f46e077da5ea448895cf5b6180e23e69d74adcaff880315424d9da8197ade781a7e708528c31ea7281bf389642c9a20160e60399c6480c577198a561e2d5527c63a19badbee93c797c72cf99509388d2c50b2fa39e531fa21ebde7c58e90661a7144705d50485bf88bba38d1f92ee65d6051d30d040feef5d8f2b8db7cd5ada62e89f67f57e5bb4a465c969b87da88eda25854506cef821f9c8232a8316a10da2a3f5b126cddd1b7aa28a2d7e5f25651f6dcadc8528e99b5ce5926476512057d2f8570b839ccc5b804fb82c40a0fd1edd282c3913bed9da36fea46c64d550e45dedf6c9bcef222de031709e962fc74284d660f8469f06be34f23e1250828278e5d1a71a5b685ba77b1867f935a5292bd9446de158f6586e58b296cd782d53fd5b5df60ef3fcff362dbc87a94ff3ff54c40dcbf47b6505fc17b305872e34644bc80af4ce72d467413994b028aec22be284ab514664a82d6afda66852148233a6ab77e53c43cbe99caf234ae32e32c4e486f6d1405c9d7fed092cf93401e63684a822959f8b3832644c7ceec2eeb60cb47841b5650102d78858da6c2a3082820251811e61d6410b983fdaf01f5b4b7066c3ba5d6b345b5298492a170f60ed2f8073838daba047545747f1e1ad2d956c3e2ec12620045cce3d46b61ef4793b1c649241a868092115ee9ccbc5bbe21e655d6531ca92ca669fca22b128ab98e5eaef3c912e67a139d334c44a10501c7887770609829af6a9935b32f85b6a9983f983cbc711469e6c8841a55f5a6c10d15dadc9abb9ec6e650fd9b920ed5d878b746b55cecf9457ec737a34de639d0688888653958726e0e84ce73e43a35be82ed15b2964222ca409f0b6c7f25c80603769d01a5941e5c447e02bea4dcb645d0cabde63f77cf9047b45a809fdb55e609c064c93085c32040bfdaa7dd6d20df044ddd3ef91fc905495ca6f5085d402346810af53047b5847073b2c831e57490962ac177b0abf3270b91adb53edb736a24e53068591b35eeb9e37b2e6737e987b8770cf26ce291c9e601073a30f1fd67221caf78a1787af3602420fb6bff649d2832b08015ae3f05fa782196daddfa60abd4b0a5d066db3908bd52f1957af87a13ccf596f5e140537c20413abea259c0a96a1d6abf80025047746bf3f4acbbe4160b5bb9bc07575db9092f00b29be838c4fcef941b5c716345daba76c72f0b42089006e57faafe28f3b90c7ffa53dd800125aaaa096467b22fd7849695dc0d5aeb335c52e116735e2c47d0ee771f71b575c606feb2eecf85f09775d5c0e84e393c5e8cf5787d7ce066b4d373f2dff81cf1b26627e40d861398100c715b8d7e885670fbc263940bf2330a4ea50ce02857bcd46330e4c4a1cd0f0a724074d22b91dd9d3fb281b303f961e02832ed5366d4f883ce811db342b1e76e8684e0f395059f4241b78a9795ef0429a82e9a6df529442eaeec35ec5184bb240cc4484bd3f94393ebe8eeab20dfbe5e21d21fa05dc1c0d7afe1b957e196206ff4bcac9df9ed826fb3318546009461a65e38a0506aedca7be1aec65523fdc7b5bb4a233d45768773e0a8a6f1d694f089170f27cc20c2ca7010677da95a58b2297c2bf5b0fd65cf9962571b1dde4e7aa3e1da9c3cad0a60b61fe71e7fdd69af29d362fd4cf7fa7cbc7b53ebac343e5d283ac3bc0ac8b6b1b4c3b64deaeb7b652538c7ae288e8afa0774fc6a16c7d6b2a38c7ba72383820ef372a15681e0506045c8e381c32609227aba92b8b464e971698b021bcab835524266703854e354b94c8805a01e226b12c5b2b7a0d6c88c0e9e538ee22126eb869a3781ff401c0652b6f1ea141efe8b4415965f8829135d2668d93bafbbb5f8ee73fc44f42499dac3397c9909f9381648ddda0cc45b21d797279a35aea9f51c0a21e854ba003970b89291ca3804ed83207afbf74d055b2e75f95c86281dade14b3829c11f823adf42538aac7a1036449fb0170658ce0cd68903642ade5f7", 0x1000, 0x200}, {&(0x7f0000000640)="5b2e6a7d6875810b305bc6fcbee65dd9662ce2a960ed585cce75c4096b05d0f8a1917aef1e2c74cd156c8aa43613c13ef3471a5232b8bb89fb094b17e60c1c8e7ae373a1247a47e6eb55b4663b7d9d01c9831344002f378abdf29696d81883a5570f73f4bfa6a03f483df47defdb5355a199cc07ae5983b241d78eda6c536ea509c0b0faf0c50b97d5c726cab160b325f00a16bfeca4c66bb5fa7567b2439f6225798b94e1dcb4d93862e268df8081dfbcafb6c59ec60de209a076ee7c0070d09362dbc7b2943af846e5be962fc4fef4d9a60c13c283d3e21a1cf6721e3ae8a164", 0xe1}], 0x20000, &(0x7f0000000a40)=ANY=[@ANYBLOB='discard=0x000000000000e540,nodiscard,resize=0x0000000000000000,discard,discard,uid>', @ANYRESDEC=r2, @ANYBLOB=',mask=^MAY_EXEC,fowner<', @ANYRESDEC=r3, @ANYBLOB="2c7065726d69745f646009fd5ec9e6ee2eb5cc74842f10c680edbe0f65ccf1fbe88931ba799ac9eac402f262ea5dde8b3085642048c4ae54b26c87247482eff5af6fba08f1bbe6d4087e4f555817c252d061b3512aa0000000000000000000c762b8021fb44d0b36eaabdd44725fed7d889a1687a725ddb575d148566562aeea84b7c30e99ea8a4306b713597455a992489b36634638ddc90e7045819c7687d88e5e9922de97ceb7bfa55cfa1653d34d2e9fa54d31a3366992e5fb7b49b94a120dab13ba64"]) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:47 executing program 4 (fault-call:0 fault-nth:55): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_GET_VRING_BASE(r2, 0xc008af12, &(0x7f0000000100)) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r3 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) ioctl$BLKSECTGET(r3, 0x1267, &(0x7f0000000180)) [ 544.193896] FAULT_INJECTION: forcing a failure. [ 544.193896] name failslab, interval 1, probability 0, space 0, times 0 [ 544.226183] CPU: 0 PID: 27765 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 544.233215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:53:47 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x20000, 0x0) dup2(r0, r2) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x4e20, 0x8, @empty, 0x4}, {0xa, 0x2, 0x3ff4, @rand_addr="89318da638b2f09608ad05577c55407f", 0x6a5}, 0x0, [0x4, 0x0, 0x2, 0x6a88e972, 0xfff, 0x6, 0x7ff, 0x1]}, 0x5c) [ 544.233225] Call Trace: [ 544.245164] dump_stack+0x138/0x19c [ 544.248798] should_fail.cold+0x10f/0x159 [ 544.252955] should_failslab+0xdb/0x130 [ 544.256935] kmem_cache_alloc+0x2d9/0x780 [ 544.261091] ? lock_downgrade+0x6e0/0x6e0 [ 544.265255] alloc_vfsmnt+0x28/0x7d0 [ 544.268972] vfs_kern_mount.part.0+0x2a/0x3d0 [ 544.273475] do_mount+0x417/0x27d0 [ 544.277017] ? copy_mount_options+0x5c/0x2f0 [ 544.281425] ? rcu_read_lock_sched_held+0x110/0x130 [ 544.286469] ? copy_mount_string+0x40/0x40 18:53:47 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mount$bpf(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='bpf\x00', 0x20000, &(0x7f0000000340)=ANY=[@ANYBLOB='mod00000000010,mode=00000000000000000030000,mode=00000000000000000200000,subj_role=fuse\x00,smackfshat=fuse\x00,\x00'/121]) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x489) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="665665408bdd6a4a322f959e4038446a8e92f16a738b8ff65cd8ba88b40e3e3e56756e3608b0538ad41b1e218299db35329512953493869dc389e1b7b138c1f743d3af1d6208f03e9a061b5783233de1c7d28995818f14becbe532242931f61c42868eefd5cc246c592836c5c3d763c7252cace76530554fbac93b889182968c90b74596928dbc34a16c8aba97d04343769d62473c6accaabda10e4398b9d9b643ae6bbf6dac0000000000000000", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000080)={0x8, 0x6, 0x0, 0x3f, 0x12, 0xd4, 0x48000000, 0x3f, 0x7ff, 0x7f, 0x9, 0x2}) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 544.286487] ? copy_mount_options+0x1fe/0x2f0 [ 544.286501] SyS_mount+0xab/0x120 [ 544.286513] ? copy_mnt_ns+0x8c0/0x8c0 [ 544.302538] do_syscall_64+0x1eb/0x630 [ 544.306435] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 544.311293] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 544.316486] RIP: 0033:0x45b80a [ 544.319677] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 544.327390] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 544.334664] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 18:53:48 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x180000000400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) write$P9_RLOPEN(r0, &(0x7f0000000100)={0x18, 0xd, 0x1, {{0x0, 0x4, 0x2}, 0x10}}, 0x18) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4) readlink(0x0, 0x0, 0x55) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grouP]id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) connect$rose(r0, &(0x7f00000000c0)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x40) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x1) umount2(&(0x7f0000000600)='./file0\x00', 0x9) pwrite64(r1, &(0x7f0000000340)="f90e8b210da81019a9f163e7437f52068961a563cda6543366b3a2d2ad89cc0cc66ea7ff956524e4c37516154848d4e0125c9bf588d497a1ba893975a1ce453a28f32b96acebbb81e96f6c79c76c9ba913af1b93a9461bd408d86cab11db098fdb768f8fcb770c7770b75533db9ded92e2861bd5e8b923b8c95754796002a0b525bc95c477a51e58da7db7b0d535be549f03f87919c0da7ba2f345ccad1277054894caf6ccdad0f134e1f0a94f06642c6f8301f2b65ac9fd8859a357e3f5ae82a7e8f6dfa5d28fc3954dc0a43d59e540a3b5a971c65271b32b7d608f295bf4a0906f21c198c8b446bbec8bb0", 0xec, 0x0) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x2002, 0x0) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000100)={0x0, {0x5, 0x5}}) wait4(0x0, 0x0, 0x0, 0x0) [ 544.341931] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 544.349203] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 544.356477] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f00000000c0)={0x4, 0x1, 0x3, 0xfdbd, 0x7fff, 0xa5d}) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000040)=0x8, 0x4) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x20000, 0x0) ioctl$DRM_IOCTL_RM_MAP(r2, 0x4028641b, &(0x7f0000000100)={&(0x7f0000ffb000/0x3000)=nil, 0xbed, 0x5, 0x2, &(0x7f0000ffc000/0x3000)=nil, 0x800}) wait4(0x0, 0x0, 0x0, 0x0) 18:53:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$VIDIOC_ENCODER_CMD(r0, 0xc028564d, &(0x7f00000000c0)={0x3, 0x1, [0x80000001, 0x7fff, 0x3, 0x100000000, 0xf045, 0x2, 0x6, 0x2]}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:48 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) socket$inet6_sctp(0xa, 0x12ba657a532152cc, 0x84) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = dup3(r0, r0, 0x80000) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x5040}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000180)={r3, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84) setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f00000000c0)=0x3f, 0x4) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:48 executing program 4 (fault-call:0 fault-nth:56): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:48 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x8000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000000c0)) tkill(r1, 0x20) keyctl$revoke(0x3, r2) wait4(0x0, 0x0, 0x0, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x20080, 0x0) ioctl$PPPIOCSMRRU(r3, 0x4004743b, &(0x7f0000000140)=0x2) 18:53:48 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 544.695395] FAULT_INJECTION: forcing a failure. [ 544.695395] name failslab, interval 1, probability 0, space 0, times 0 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) request_key(&(0x7f0000000140)='keyring\x00', &(0x7f00000001c0)={'syz'}, &(0x7f0000000100)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, 0x0, 0x800000000000, 0x20000000000) tkill(0x0, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 544.756912] CPU: 0 PID: 27834 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 544.763968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.773324] Call Trace: [ 544.775930] dump_stack+0x138/0x19c [ 544.779575] should_fail.cold+0x10f/0x159 [ 544.783739] should_failslab+0xdb/0x130 [ 544.787721] __kmalloc_track_caller+0x2ef/0x790 [ 544.792403] ? kstrdup_const+0x48/0x60 [ 544.796295] kstrdup+0x3a/0x70 [ 544.799499] kstrdup_const+0x48/0x60 [ 544.803219] alloc_vfsmnt+0xe5/0x7d0 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) fsetxattr$security_ima(r0, &(0x7f00000000c0)='security.ima\x00', &(0x7f0000000100)=@v1={0x2, "2a0b19cd24208ddcd64146cc4fd9bac7d0"}, 0x12, 0x1) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='\x00\x00\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x04', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 544.806963] vfs_kern_mount.part.0+0x2a/0x3d0 [ 544.811470] do_mount+0x417/0x27d0 [ 544.815017] ? copy_mount_options+0x5c/0x2f0 [ 544.819436] ? rcu_read_lock_sched_held+0x110/0x130 [ 544.824461] ? copy_mount_string+0x40/0x40 [ 544.828707] ? copy_mount_options+0x1fe/0x2f0 [ 544.833216] SyS_mount+0xab/0x120 [ 544.836669] ? copy_mnt_ns+0x8c0/0x8c0 [ 544.840571] do_syscall_64+0x1eb/0x630 [ 544.844468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 544.849324] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 544.854517] RIP: 0033:0x45b80a [ 544.857708] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 544.865421] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 544.872695] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 544.879963] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 544.887216] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 544.894466] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:48 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f00000000c0), &(0x7f0000000140)=0x4) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x20400, 0x0) wait4(r1, &(0x7f0000000300), 0x1000001, &(0x7f0000000500)) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000100)={0x0, 0x70, "8bbd12318a56684bb16f225fe86568ad6f960609a06eb8a46558ef4d168b8268ac283df65b381c33a1e13749103447c9e61bf6828a8278826cabf4c2c18976e6d1c2ae9a1114994f2d4e986fb715ed889358f6c295a2033dd482b352d28bdfca86b4da2503983f76f964bd1a0ce2db3f"}, &(0x7f0000000180)=0x78) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f00000001c0)={r3, 0xf2, "49a970fc07b53f1c28a4121973011d7459fbf89c7e1830ecd3d27e610c9240822547a105c5093988616c7c1bb438e643c16e7f161a264e4ff493f53509e0460f97ae76410f09cc102cb5703788ab19858d56de2480a205f9b0e8af839bddc18e40fe3da1df98043ec2fc0c7ca483fef9e7a97e12b445d860519cbb25254c3ae4130222f1e81a7d07e1659fea3262561f5c29be8f9e8ad37fce064e19aa3a0c386d20a7585da21534f1308fc28fb914296dd0e8aa93175755c5865937eec48f2ead6c04f4f340cf81b978c2f6bdd53313ecfd61813669af6c2ae115a8e7ab0c9faf585f62ecb75ee95e087e5d3953a942bf12"}, &(0x7f00000002c0)=0xfa) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) ioctl$VHOST_NET_SET_BACKEND(r2, 0x4008af30, &(0x7f0000000400)={0x3, r2}) wait4(0x0, 0x0, 0x0, 0x0) 18:53:48 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0xd9f1, 0x2840) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:48 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rtc0\x00', 0x10100, 0x0) dup2(r0, r2) 18:53:48 executing program 4 (fault-call:0 fault-nth:57): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) listen(r0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f0000000140), 0x4) r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) write$USERIO_CMD_REGISTER(r4, &(0x7f0000000100)={0x0, 0x200}, 0x2) 18:53:48 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f00000000c0)="0adc1f123c123f319bd07000e56cb845440b88d23368a2e8e4cf45a30d5088ebc14832ec546c5e97768851859cdb") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r1) 18:53:48 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) splice(r0, &(0x7f0000000080), r0, &(0x7f00000000c0), 0x8, 0x8) mount$bpf(0x20000000, 0x0, 0x0, 0x40000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:48 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x1, 0x80000001}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={r3, 0x10001, 0x10}, 0xc) getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000280)=0x4, &(0x7f00000002c0)=0x2) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000040)={@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x11}}, 0x81, 0x1, 0x2, 0x4, 0xfffffffffffffff9, 0x4000000000008001}, 0xfffffffffffffee9) connect$unix(r4, &(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e) [ 545.118102] FAULT_INJECTION: forcing a failure. [ 545.118102] name failslab, interval 1, probability 0, space 0, times 0 [ 545.173004] CPU: 1 PID: 27903 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 545.180058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.189416] Call Trace: [ 545.192062] dump_stack+0x138/0x19c [ 545.198589] should_fail.cold+0x10f/0x159 [ 545.204317] should_failslab+0xdb/0x130 [ 545.208299] __kmalloc_track_caller+0x2ef/0x790 [ 545.212974] ? unwind_get_return_address+0x61/0xa0 [ 545.217911] ? __save_stack_trace+0x7b/0xd0 [ 545.222242] ? btrfs_parse_early_options+0xa3/0x310 [ 545.227272] kstrdup+0x3a/0x70 [ 545.230474] btrfs_parse_early_options+0xa3/0x310 [ 545.235330] ? save_trace+0x290/0x290 [ 545.239138] ? btrfs_freeze+0xc0/0xc0 [ 545.242945] ? pcpu_alloc+0xcf5/0x1060 [ 545.246842] ? find_held_lock+0x35/0x130 [ 545.250913] ? pcpu_alloc+0xcf5/0x1060 [ 545.254809] btrfs_mount+0x11d/0x2b14 [ 545.258619] ? lock_downgrade+0x6e0/0x6e0 [ 545.262778] ? find_held_lock+0x35/0x130 [ 545.266840] ? pcpu_alloc+0x3af/0x1060 18:53:48 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000001200)={@empty, @loopback, 0x0}, &(0x7f0000001240)=0xc) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001280)={r1, @multicast2, @multicast1}, 0xc) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:48 executing program 0: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x101200, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r1) [ 545.270747] ? _find_next_bit+0xee/0x120 [ 545.274814] ? check_preemption_disabled+0x3c/0x250 [ 545.279834] ? btrfs_remount+0x11f0/0x11f0 [ 545.279853] ? rcu_read_lock_sched_held+0x110/0x130 [ 545.279884] ? __lockdep_init_map+0x10c/0x570 [ 545.289119] ? __lockdep_init_map+0x10c/0x570 [ 545.289136] mount_fs+0x9d/0x2a7 [ 545.289152] vfs_kern_mount.part.0+0x5e/0x3d0 [ 545.289164] ? find_held_lock+0x35/0x130 [ 545.310040] vfs_kern_mount+0x40/0x60 [ 545.313859] btrfs_mount+0x3ce/0x2b14 [ 545.317678] ? lock_downgrade+0x6e0/0x6e0 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x400, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 545.321827] ? find_held_lock+0x35/0x130 [ 545.325905] ? pcpu_alloc+0x3af/0x1060 [ 545.329801] ? btrfs_remount+0x11f0/0x11f0 [ 545.334054] ? rcu_read_lock_sched_held+0x110/0x130 [ 545.339114] ? __lockdep_init_map+0x10c/0x570 [ 545.343620] ? __lockdep_init_map+0x10c/0x570 [ 545.348134] mount_fs+0x9d/0x2a7 [ 545.351509] vfs_kern_mount.part.0+0x5e/0x3d0 [ 545.356015] do_mount+0x417/0x27d0 [ 545.359556] ? copy_mount_options+0x5c/0x2f0 [ 545.359569] ? rcu_read_lock_sched_held+0x110/0x130 [ 545.359584] ? copy_mount_string+0x40/0x40 [ 545.359602] ? copy_mount_options+0x1fe/0x2f0 [ 545.369027] SyS_mount+0xab/0x120 [ 545.369038] ? copy_mnt_ns+0x8c0/0x8c0 [ 545.369053] do_syscall_64+0x1eb/0x630 [ 545.369065] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 545.393825] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 545.399034] RIP: 0033:0x45b80a [ 545.402220] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 545.409931] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 545.417205] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 545.424469] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 545.431731] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 545.439013] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:49 executing program 3: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cachefiles\x00', 0x40000, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000380)='/dev/input/mouse#\x00', 0x80000001, 0xc0000) r2 = syz_open_dev$usb(&(0x7f00000003c0)='/dev/bus/usb/00#/00#\x00', 0x1000, 0x400400) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000600)={0x0}, &(0x7f0000000640)=0xc) getresuid(&(0x7f0000000680)=0x0, &(0x7f00000006c0), &(0x7f0000000700)) stat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = gettid() getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000800)={0x0, 0x0}, &(0x7f0000000840)=0xc) getresgid(&(0x7f0000000880), &(0x7f0000000940)=0x0, &(0x7f0000000980)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000009c0)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000a00)={{{@in6=@mcast1, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000b00)=0xe8) fstat(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r12 = openat$md(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/md0\x00', 0x510d6306ca968f5e, 0x0) r13 = accept$inet(0xffffffffffffff9c, &(0x7f0000000c00)={0x2, 0x0, @multicast1}, &(0x7f0000000c40)=0x10) r14 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000c80)='/proc/self/attr/exec\x00', 0x2, 0x0) r15 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000cc0)='/selinux/load\x00', 0x2, 0x0) r16 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d00)='/dev/kvm\x00', 0x101000, 0x0) r17 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000d40)='/proc/capi/capi20\x00', 0x200, 0x0) r18 = inotify_init() r19 = openat$md(0xffffffffffffff9c, &(0x7f0000000d80)='/dev/md0\x00', 0x8000, 0x0) r20 = syz_open_dev$binder(&(0x7f0000000dc0)='/dev/binder#\x00', 0x0, 0x2) r21 = openat$ion(0xffffffffffffff9c, &(0x7f0000000e00)='/dev/ion\x00', 0x20000, 0x0) r22 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000e40)='/dev/dsp\x00', 0x420000, 0x0) r23 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)={0xe, 0x10001, 0x7fff, 0x2, 0x3b, 0xffffffffffffff9c, 0xb2, [], 0x0, 0xffffffffffffffff, 0x12, 0x12ff}, 0x3c) r24 = openat$cgroup_int(0xffffffffffffff9c, &(0x7f0000000ec0)='cpuset.cpus\x00', 0x2, 0x0) r25 = accept4$x25(0xffffffffffffff9c, &(0x7f0000000f00), &(0x7f0000000f40)=0x12, 0x80800) r26 = perf_event_open(&(0x7f0000000fc0)={0x3, 0x70, 0xffff, 0xa7, 0x0, 0x67, 0x0, 0x50, 0x20, 0x8, 0x5, 0x8, 0xaef, 0x4e75, 0xebd, 0x200, 0x0, 0x1, 0xfffffffffffffffa, 0x4, 0x74d, 0x0, 0x101, 0x1, 0x6, 0x104e, 0x9c60, 0x0, 0x100000000, 0x7ff, 0x4f, 0xff, 0x7fff, 0x8, 0x4, 0x4, 0x1000, 0x5ff, 0x0, 0x7, 0x0, @perf_bp={&(0x7f0000000f80), 0x8}, 0x10000, 0x6, 0xe74f, 0x0, 0xa2, 0x10001, 0x4}, 0x0, 0xe, 0xffffffffffffff9c, 0x9) r27 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000001040)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0) r28 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001080), 0x4) r29 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/capi/capi20\x00', 0x0, 0x0) r30 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000001100)='/dev/qat_adf_ctl\x00', 0x101000, 0x0) r31 = syz_init_net_socket$bt_l2cap(0x1f, 0x7, 0x0) r32 = open$dir(&(0x7f0000001140)='./file0\x00', 0x2201, 0x80) r33 = syz_open_dev$dri(&(0x7f0000003e40)='/dev/dri/card#\x00', 0x40, 0x200000) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000003e80)=0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000003ec0)={0x0, 0x0}, &(0x7f0000003f00)=0xc) fstat(0xffffffffffffff9c, &(0x7f0000003f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r0, &(0x7f0000004100)={&(0x7f0000000200)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000280)="233b8bda8a8a7d278c2e7df4d023d7f99ecfb0d6651ed3bfccbf204c45cda5028763f56137e9143a634161d1c20dd9001c7368e56b8fd77671b1127501f28d78bff69385910e822b7b90bcd28478f5343f759603fd", 0x55}, {&(0x7f0000000300)="aba977123e4583ed7cee4467b0d38505b1d115ff0b093004ca820684e2fc76b3c8977bd6f8d877a5b20cef3c42e2feb7ad3de9171f98c43c8832f6d71b7f3115207ec5fb611f79857312494d20bbfc80c3dc843792d7222659aaf5", 0x5b}, {&(0x7f0000000440)="892361a7ccc6142bd35931acbcdb4ac1df5eab93be104078abc5e5771d264c18faa5c38a4d5c10d43dfea59f28cfc3c38cb6f6a23bfbce097430b59f62947d538036defa0f4523a0fd0f229858daea14a45aca42ea2c43ebb9cd5faef334927815cea849b052228982afa6ddf9f918ef6fd28982c585ba01b49668a155a6893c5d8eb869ccfe2d09c6436fd00c2e71a83b4f", 0x92}, {&(0x7f0000000500)="1f4dd695057c95adaab4590b534a173510548241883df0a3e7b922b1d4a2c912ff29225676830e9bf416a9fd6291dad3a3043a6b3ac4743bb9e1781b740d921078a022d00d9733a58b2e266a76c90307acc5a6853ddca52969118693a7443c89fa4f125a4d86bcaaab984f5e8b76327b564e1738c351cca1a4b0c88328f874fb4bb991a0635ed9c4fffadeeedbaa986b9da51c511f04fce1da0b6190c9e70fd302674f8068e49d2e225dec8719de49886050def78dacd8bd197d1b0b52029ccb4629205c694f9f3d6a55f65f81b6204c7c018c7b22299abd633a25da8938", 0xde}], 0x4, &(0x7f0000003fc0)=[@rights={0x18, 0x1, 0x1, [r1, r2]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @cred={0x20, 0x1, 0x2, r9, r10, r11}, @rights={0x30, 0x1, 0x1, [r12, r13, r14, r15, r16, r17, r18, r19]}, @rights={0x28, 0x1, 0x1, [r20, r21, r22, r23, r24, r25]}, @rights={0x30, 0x1, 0x1, [r26, r27, r28, r29, r30, r31, r32, r33]}, @cred={0x20, 0x1, 0x2, r34, r35, r36}], 0x120, 0x40010}, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r37 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r37, 0x800454d3, &(0x7f0000000040)) ioctl$SIOCAX25GETINFOOLD(r37, 0x89e9, &(0x7f00000000c0)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:49 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r2 = dup2(r0, r0) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f0000000040)=0x2, 0x4) 18:53:49 executing program 2: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x402000, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000100)="474ec6b5edf4405d49b077b7628521ff2d574ee7c1eb", &(0x7f0000000140)=""/72}, 0x18) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() r3 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000200)={{{@in=@empty, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in6=@remote}}, &(0x7f0000000300)=0xe8) keyctl$get_persistent(0x16, r4, r3) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:49 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x40c) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) mkdir(&(0x7f0000000200)='./file0\x00', 0x20000000022) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9f00000003000000e1a66d6b13cb7958003c25af9218250947a9589075925a8b7c0b5c17450fc2e75cc8b872d3342e54bdf02338d9781a52bd794be35de8055300"/81], &(0x7f0000000140)=""/172, 0x51, 0xac}, 0x20) 18:53:49 executing program 4 (fault-call:0 fault-nth:58): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = creat(&(0x7f0000000380)='./file0\x00', 0x10) write$P9_RXATTRCREATE(r2, &(0x7f00000003c0)={0x7, 0x21, 0x2}, 0x7) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x20880, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e22, 0x7, @mcast1, 0x1}}, 0x619a, 0x8, 0x100000001, 0x4, 0x1}, &(0x7f0000000280)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f00000002c0)={0x2, 0x8, 0x4, 0x5, 0x3f, 0x10000, 0x9, 0x8, r4}, &(0x7f0000000300)=0x20) ptrace$setopts(0x2000000004206, r1, 0x0, 0x0) tkill(r1, 0x20) read(r0, &(0x7f0000000140)=""/31, 0x1f) wait4(0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x7, 0x8000) write$FUSE_NOTIFY_DELETE(r5, &(0x7f0000000340)={0x2a, 0x6, 0x0, {0x3, 0x3, 0x1, 0x0, '\x00'}}, 0x2a) mq_notify(r5, &(0x7f0000000100)={0x0, 0x13, 0x0, @tid=r1}) 18:53:49 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r1) [ 545.646587] FAULT_INJECTION: forcing a failure. [ 545.646587] name failslab, interval 1, probability 0, space 0, times 0 18:53:49 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x80000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='o\v\b', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)=0x4, 0x4) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:49 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f00000000c0)) connect$vsock_dgram(r0, &(0x7f00000002c0)={0x28, 0x0, 0xffffffff, @host}, 0x10) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) r1 = signalfd4(r0, 0x0, 0x26a, 0x0) ftruncate(r1, 0xff) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=0x0) rt_sigtimedwait(&(0x7f0000000180)={0x1}, &(0x7f0000000200), &(0x7f0000000280), 0x8) setxattr$security_smack_transmute(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000380)='TRUE', 0x4, 0x2) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f00000003c0)=""/31) fcntl$setown(r0, 0x8, r2) 18:53:49 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x2000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 545.728823] CPU: 1 PID: 27962 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 545.735902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 545.745264] Call Trace: [ 545.747877] dump_stack+0x138/0x19c [ 545.751527] should_fail.cold+0x10f/0x159 [ 545.755692] should_failslab+0xdb/0x130 [ 545.759676] __kmalloc+0x2f3/0x7a0 [ 545.763228] ? find_held_lock+0x35/0x130 [ 545.767296] ? pcpu_alloc+0xcf5/0x1060 [ 545.771191] ? btrfs_mount+0x19a/0x2b14 [ 545.775179] btrfs_mount+0x19a/0x2b14 [ 545.778989] ? lock_downgrade+0x6e0/0x6e0 [ 545.783140] ? find_held_lock+0x35/0x130 [ 545.787211] ? pcpu_alloc+0x3af/0x1060 [ 545.791115] ? btrfs_remount+0x11f0/0x11f0 [ 545.795352] ? rcu_read_lock_sched_held+0x110/0x130 [ 545.800371] ? __lockdep_init_map+0x10c/0x570 [ 545.804884] ? __lockdep_init_map+0x10c/0x570 [ 545.809392] mount_fs+0x9d/0x2a7 [ 545.812764] vfs_kern_mount.part.0+0x5e/0x3d0 [ 545.817261] do_mount+0x417/0x27d0 [ 545.820797] ? copy_mount_options+0x5c/0x2f0 [ 545.825197] ? rcu_read_lock_sched_held+0x110/0x130 [ 545.830208] ? copy_mount_string+0x40/0x40 [ 545.834442] ? copy_mount_options+0x1fe/0x2f0 [ 545.838933] SyS_mount+0xab/0x120 [ 545.842378] ? copy_mnt_ns+0x8c0/0x8c0 [ 545.846263] do_syscall_64+0x1eb/0x630 [ 545.850143] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 545.855009] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 545.860206] RIP: 0033:0x45b80a [ 545.863386] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 545.871087] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = request_key(&(0x7f0000000240)='big_key\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f00000002c0)='\xdc\x00', 0xfffffffffffffffe) r2 = add_key(&(0x7f0000000300)='id_resolver\x00', &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000380)="d82ab67a382169f4894997dbfb76505746dd8487d7a8532c92ee9a54306446a7d66d70aa86ca85699286930c8128fa7d28ad25e901dc48081cc6b5dae5038d82e0805d6bf2eeb8ab5f2386dcace8b4f2d721943ffd2b6f7af2254b64b163151d3eb5bc8940aa591256eb59335fd77052dc0831dbba6abcb080a1d9690b5f0081eb76559178eb3bb83a7350471a3525d59fe1477d645c9bea", 0x98, 0xfffffffffffffff8) keyctl$link(0x8, r1, r2) r3 = gettid() r4 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x81, 0x0) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_SET_NETID(r4, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r5, 0x4, 0x70bd28, 0x25dfdbfe, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x2}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x51) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r3, 0x4, 0x0) tkill(r3, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = request_key(&(0x7f0000000180)='id_legacy\x00', &(0x7f00000001c0)={'syz', 0x0}, &(0x7f0000000200)='\x00', 0xfffffffffffffffb) request_key(&(0x7f00000002c0)='qIer\x00\xe4:-oX=|\xac}Q\xa6\xc67!\xe1\xb5\x13\t\xed\xd6\xc9&k\x18\x04\x0fN\x13\x81\x12\x03\xa9\x89kt\xea\x83h\xc9mP\\\x9e8\xd7\xa6:\xcd\xdau\xd5\xff1\x10>\xf7\xd9\'a\xf0Cm\xe2', &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000140)='\x00', r2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 545.878745] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 545.886008] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 545.893270] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 545.900533] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:49 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x100000890e, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:49 executing program 4 (fault-call:0 fault-nth:59): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:49 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x2e) wait4(0x0, 0x0, 0x0, 0x0) 18:53:49 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f00000000c0)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000040)={0x3, 0xf63}) [ 546.073781] FAULT_INJECTION: forcing a failure. [ 546.073781] name failslab, interval 1, probability 0, space 0, times 0 [ 546.129222] CPU: 1 PID: 28017 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 546.136275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.145633] Call Trace: [ 546.148233] dump_stack+0x138/0x19c [ 546.151887] should_fail.cold+0x10f/0x159 [ 546.156064] should_failslab+0xdb/0x130 [ 546.160034] __kmalloc_track_caller+0x2ef/0x790 [ 546.164714] ? kstrdup_const+0x48/0x60 [ 546.168609] kstrdup+0x3a/0x70 [ 546.171818] kstrdup_const+0x48/0x60 [ 546.175538] alloc_vfsmnt+0xe5/0x7d0 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) kcmp(r1, r1, 0x7, r0, r0) 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() getpriority(0x1, r1) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 546.179266] vfs_kern_mount.part.0+0x2a/0x3d0 [ 546.183771] ? find_held_lock+0x35/0x130 [ 546.187846] vfs_kern_mount+0x40/0x60 [ 546.191669] btrfs_mount+0x3ce/0x2b14 [ 546.195469] ? lock_downgrade+0x6e0/0x6e0 [ 546.199720] ? find_held_lock+0x35/0x130 [ 546.203777] ? pcpu_alloc+0x3af/0x1060 [ 546.207682] ? btrfs_remount+0x11f0/0x11f0 [ 546.211934] ? rcu_read_lock_sched_held+0x110/0x130 [ 546.216968] ? __lockdep_init_map+0x10c/0x570 [ 546.221469] ? __lockdep_init_map+0x10c/0x570 [ 546.225970] mount_fs+0x9d/0x2a7 [ 546.229374] vfs_kern_mount.part.0+0x5e/0x3d0 [ 546.233891] do_mount+0x417/0x27d0 [ 546.237443] ? copy_mount_options+0x5c/0x2f0 [ 546.241849] ? rcu_read_lock_sched_held+0x110/0x130 [ 546.246894] ? copy_mount_string+0x40/0x40 [ 546.251132] ? copy_mount_options+0x1fe/0x2f0 [ 546.255638] SyS_mount+0xab/0x120 [ 546.259078] ? copy_mnt_ns+0x8c0/0x8c0 [ 546.262960] do_syscall_64+0x1eb/0x630 [ 546.266846] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 546.271683] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 546.276880] RIP: 0033:0x45b80a 18:53:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80, 0x1) mkdirat(r0, &(0x7f0000000140)='./file0\x00', 0x20) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:50 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$proc_capi20(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20\x00', 0x0, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000180)="0adc1f123c123f319bd070") clone(0x80000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) capget(&(0x7f0000000100)={0x19980330, r1}, &(0x7f0000000140)={0x4, 0x8, 0x520, 0x4, 0x7ff, 0x2}) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) ptrace$cont(0x9, r1, 0x9, 0x20) 18:53:50 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="94dc1f123c120742f3f7dd469c39773f319bd0") r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_GET_REMOTE_MNG(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r2, 0x200, 0x70bd26, 0x25dfdbfe, {}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) acct(0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) 18:53:50 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000140)=0xc) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id'}, 0x2c, {'group_id', 0x3d, r2}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 546.280060] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 546.287755] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 546.295011] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 546.302289] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 546.309540] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 546.316791] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 [ 546.397473] capability: warning: `syz-executor.2' uses 32-bit capabilities (legacy support in use) 18:53:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x400, 0x0) write$P9_RRENAMEAT(r1, &(0x7f0000000200)={0x7, 0x4b, 0x1}, 0x7) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x400}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000140)={r2, @in={{0x2, 0x4e20, @loopback}}}, &(0x7f00000000c0)=0x84) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000240)={0x89000800000000, 0x2}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000280)={{0x6, 0xffffffffffffffff}, {0x0, 0x6}, 0xa3, 0x1, 0x5}) 18:53:50 executing program 4 (fault-call:0 fault-nth:60): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:50 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0xffff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f00000001c0)) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) rt_sigtimedwait(&(0x7f00000000c0)={0x6}, &(0x7f0000000100), &(0x7f0000000180)={0x77359400}, 0x8) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x401, 0x10000) ioctl$VIDIOC_QUERY_EXT_CTRL(r2, 0xc0e85667, &(0x7f0000000240)={0x80000000, 0x0, "e18d5f72f30e2f68de50f41906cf3636f0381d86d78ac9a7b685e2b570537c6c", 0x3f, 0x1, 0x80000001, 0xc78a, 0x0, 0xfffffffffffffff8, 0x7ff, 0x6, [0xffff, 0x425, 0x8, 0x8]}) wait4(0x0, 0x0, 0x0, 0x0) close(r0) 18:53:50 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = dup2(r2, r0) r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='pids.current\x00', 0x0, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000300)={{{@in=@remote, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@empty}}, &(0x7f0000000080)=0xfffffffffffffdd0) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r4, r5, r6) 18:53:50 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="62643d3b600c7e64f8edb8ecadf600"/28, @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) sendmmsg(r0, &(0x7f0000000180)=[{{&(0x7f0000000100)=@rc={0x1f, {0x0, 0x7ff, 0x9, 0x5, 0x8, 0x7fffffff}, 0x6}, 0x80, &(0x7f0000000080)=[{&(0x7f00000009c0)="541a91f4e6d1344a3b573dc7f1f3e86882397d77ce380d4d9ed86e9620be620d26684501260945cd0be623719badb057e0088b104cbf609fe9f427589a23823065ef86bb512b101740ed1a9cda319535beb131661801ed01f089fc2fe5402a820bd27ec010d9c22d7371bd5a17379b57e0140f14cfea566c9441f91fedbfe0e45ad16224c9eee254ff6d1ded27defcc51b9ec725ee3f918303c942b1608f71a079b4e689353238a366b19ccc33afccf7cbd021ac59c0c2e69727c4b62f90bf18cc77355e0d90264bf63037519d7a880fa3cd13f28ce113cafc61d07f6708fb5bf924fe1549697e73df637a227c5ed802107f748893d2f209bcaf9469bdd71482a7eae4a33cc772df2a3d44bea7391c3c1822784e0360164a28287f09576b81a2cc3f3cd913b74b6bdcfad4a64dfabb197fa612fd83f90cb1876286340486c98363663c8127fcd13e94eb9e969db2cdaa5d7292d89d95dd06afa411672f0e4d1b1063d2e0a659d957c88614546d0ea21db2f7b03e31fdd24db5ef849773cd5d1aa97ac0002f34ab5768552e30e59c3b60fe9b5c2299371c2053079e07678794d58ad5a6ed086054a3efa2e20bce6b2a8dc905ea235ed1c32346ebe11a44d2c68ab1653f0962102f474af39ede78ba1013c3406aee830eef91706a3d5573e7f33491fc0f400c099b4842b7f5841f164ccf51da0a2ae9c05fac0eb9e1d02576a04f7f65f53f9bf7c331d893385399120e3df762ba1be4471bed6d0a146cd603b06cee7c85fd6c2dcc08f9e5f7bf506caab91531b34042a27bb855273b3f1c0b7f14c637e60f09be61ff9fc7d9ad2f93c1ab1c73d0a4db0699dd2a130e56aef3e322c4ef6678aad1df195eed6b035b1776cf558ddba119b3a6772f371c3413cf1bc886f7f9d64876cade34d960204424253e22348b0cc08fd3954b8faec95367cda14f8456ae4daa4f5c0e6da37839fcbc5287bb3bbeeff562442debd1c84bf9ee365f48c5fbfc20ff37950345f852e029a79fc0790ef4b87cc38943128c9d599f6ae4256433dc6563efff8d57643370ac0fd25922fe809d8c9e128568551491b6c6843763405d2164c55eab85157ff16d6b1fa0114f005edd5a589c4a68e4592adab42dc0c7ab0b92111da55cb2e75e12543a026e11df7ff7c96ac9645fc74bc7a3dd1446fca9c0155a1cd049b89df40d90943abf7ae1fcc81eae343097844316699600160c6b4ee5c31a6fd2b58fca30fc453d3d6ad9c01c0742def6c36fdcb9430f9167ef58641f827204dd6a2fcee99b6f99f47ccf54285240ba0e64a70ea888a45fb5b20991ce6780e9264c7b21122b13e25df4432bb1fe011fd5d2868617ccb6599be217c84c2bcb41403ed6ee16a02e1087f6f9cf6eb426199ab9c5b0fad2225fc0a942a010e419b773f828d9b99d064148fe6bf886b6f79d94beecc74636e578462b5fd4417c40f59137c13e1e7fcb6e5ac2112045aab13fc6cae7467b1ed15eaa745f2fa5284ef67bc323f46ced1a1f1b43d69a9d027b5bfad099db92a35149427b1b7ac83a805f4e8475141b187de83f30bd096d2414fea06f2f3e448df58a7a5b71a42da0b2e787caa992810ecc501bfb53873c53ce2fdba8b840371f78ca3baa98a5c916ed3a9d472f1995cf74c2d2a991d41d75aaae43f975afe3b0d256a8fe3b3153c7191a673df869bac4fb750391b8a26ff87b8e40d4405e44d71a7a5a08c623450fec6c2230e9fd556c5992fbb595be407c62e875540ef2b79d9827e6cf6dc4ada28e863adfddebee1d06ad6b803815355b74c880c75ff67a09225def96a9ba5594249b15cebba81acdf221373621c1196f6812bddd30b0757ec7916a57e31058daadf63819aa10ed1bde4b6d9e2ddcf22e6b6082181cc25f51137f53f7a9398a9c90d3c02d4046ea65fc7347c219a819dbbfe9b562162bdb9f50e1289c5221cfccd09a1320609ca9632e07d97ab94fff863dfc506b24d46d363b8c18c606e6985af82ae1c307cb947121e7dc1a2a8f6f33df52996592f7bc73e4bbbf7c6aa72e3a45f466e0ee833f77ea92d08afb035002fc4ab1ec810fd250c412816fe09e6689684e44cf9f705b891457e534c9e22a88ede22f910ca34065fec181541ab540b2803f52a423f78d27368da4b6239516ed5d9cebe1ee8573937dbb5f7512067db6459a14fce972218deb805133c15ab956b4fa6d9c54d375d1278d034ffe6eede5b0a95094cb4651a38e4e87632651c57ef448affecaa5e30f7a9ff4af3f3dc10ce6df58abf1d65f66925b7ebef030f0813a2591acf5877dcfdd439ea6975b245ad0512077a134aba60daba33abd97cb800b9664fa66dcbb7bc2d87b39a95f774d7cb8c0736090c1885557d0ee61a3e914b5f3fa7b9e996fe5bb6363f795f2caf0932dd60e7aad103a5b23eb7c85d8cc4338e563961f3210340164ee412f28a402ea83145b7f021d9fa0df0dd5f61cf235b943f7fd0fd78fd3544f027dd992f917c28b295faba273b527d06a1328372aeb60c439c75306a8607dde8cdfe8775c2f07c4d9e34aa8496f09804d181781fff944856f545a2d493b0846881756076aa5c3d72a579aaa40ce642343990d3eea4fcd25fe5e8783e3eacb741ef428d4f353052e288de9b8c2eabce6202dc5759935d467a6b8a16ce082c482f1277946c4151c50f34d5410556ff1157ac068b1ca8d6c8e2e502716b273377802864a1572797643af0f0b53f79ac63077a8169c8ee3aeffd1dd36c0e2d507a84f7a27eb4079e775203bc189ff6c5902267c9faece89d94890ed3a554c601c84c03d9d54a49cdd4c06c332c9963f3bdbdfa7912faee1ff3aef3830ec39592bb9a514bc8f76ea5f9a06fec8a348b0ba30692c0d49c6d8695bf0bc5668155870e74cd5bb57726fdfc7a5274b927e92f34d6987e238795879b9b15bf21df90d818af02db77e0b684789550fc4b6b65e93ed7a51fa808f5888f36837fbda0f3e90e5775d4e4ef16b8f20ca215614aa1a776f2b418a3ec251eff11016135c4c3fa61c5b3234432bded0e8638f2bc3facc0215b5b382339d790f8aec4720c9e17cfdf464782e55967b37bc23fa9778ba40c2bfdc29d8109466c2264179b4ef637239bbdfb7e5d7a875c207abc3b49627753086673faa176d7a9e792216c23e59dcb0f8a9bdd7c4099fdbf9bf3121e6fb5a0bbfbe7ed569d5af3241476ca0ee445918b7158907097d2b99bfae50c9f2748eb0fca707b8a5a42cde5a15a598378903141d28fe1fd7395906406a6a6a66a2707c5c64d1ad879aab55425dc4595cc77ff7e18f99b0863a64dc8e15305e10bc9aed8f60e749a9b3c4ab3e8664e654890bad956b54e3f49851e3b25314da6f8f370efaf9a0957939512fc8e81d27fe7528f9044e13b8e66eca15c9d45bbf5ccc55c0f33473b4343c7064403cbebd75fe02128a2d0bbbedd960503ae287f16098459f408d72b718a564a0351baa7d7b6285b5e0b404fdcc649a95eab42b3277d91f5859e8a42c7e0c7cdc69bf4d2f9418ebf722aee0856f2c8aca91c6772618ad4af22ab8116ea252752e094ae748d45933d30e46099448e24cf3e25052c098880b89905f2b2695ec2b2b6b9ce510acc77c36ff77cff2f81e8ba2fe95d62e97a3e2063a9ac7aded6112a1962ea5bfb7c7bef43c990226512377f75c06908df09b025bd78921c85e683a9eccc7451d976ae85393a31c76c094125eb23d4f082f04443b17c1789da9cc02add36fa97cefc7001e5ad0b4f707e81819d4f033b0a6916976628b314b323fe883c724c779b86a4ee0b120ebf1bf9c84f9b94f017474d392ef8ddb288c4a456154b971de61009e282b179edcc0a88435846b5672bf2895daf5e1213e43bf1d538ba601c7877fb67f3bb48c1ce7575ddd6540f8eb1029601a01add6311323e83c15b7d9e7400894ab3e56a2e667051d89325104e15f02151bf3af371f1928afa473355c0542230ac2c668474502ce0aae33d62e507b3721f8029d3f21e76073bd05c4155815877453daaff8728cb68c3c0b60c84f8bbb12d27eb3bb6f6bfc0156b93ec8a67fd149b4b97060912a458a02f94d1c913792251be5fb9a5bc21bec726d7458d586913219626416e050d702d343183ed9101e60435c822c7e3b92b23e5b77994a8f7726894b05fb3cb886961c7699f782d8355357dd41986a95a48448c2801e3656fe7f81275be1bf1c249c2914a7cd4b4df138ad2324b73355f9fab3fe6c897e7034508ede44f4da25b18a331d5f01c02454d477727027415124c7c21da2feb6600e2c73a52fb8911eec843876f83ecb47d94d34ebccc85aff0d6abebf4dfb815dc288cbfba8b435eb7dc2448f27608f7c1b43631caf0d73c40f4be717f3235de59423191ab07ec59114eb3d4fcb3b3b70c3d1667d92c16715df2cba4655471024e4efe5e0c5bc4fb74e48f5390a91893f07ddd244199b86261671b56d96332d3dff0e5c1a5cca8c53e1a68e71024b866c2a733953fd2cc4ceb1e9a46971bdfe91d7dd5580f68453d05f0aaa9b6108263a2b7a8160d427c49a20c035e83ede1519421ea6ea805e0f2a29b7e3faffcf26655b42bb98e9d37f69e9274afc8351493b15f15608f4d8af3b3e121488ee9f3a25029ec6f16a75400c659a0dfa42277a798ea2b529935c1901eda8c17c6da3732a33a11c01805844db644ed8f2e7d6a0cbe602794c8aa989038342ee2916c0baaaf29d7dac1de6f7f509d14eeb91efe80e339a7f18a9ccf5cb21ecb02810de338746af24c6f1e292e8795001f529b37c44056e10bd2079286c32685e0b4a37a7133900e39518e5d67866f3bb2b950fd3ad49caa33b8b5f9e5531c5a48b9be7ae655ff711fa5a7eb1edc79eac52865b600ee07e4de84b6fb87a5aeef50531c149b9a3aa5c083b65f04fd1b5c3e8630887f883df34f2c16551092522ba8204cf16a73f5d03a184db202a169c245753d555b79874a51fafca24566bbc6a623b5c61689b594dd934721442ee7d6d8b22382fb14b8ce9cceda62ec7a28111a7f2c5ffb0cce67ff6c1fdf1be85356b419aa3fa71a9b4c977e3407569788d6280bf3324910393269d04bdfe82fd37405bb39431effa817cc1a1f70ca97f3cefaeec51133ce3aa0def40ea1d1993e4095226c63e42b3ba54537f82007e6cb2c6f934f4fa55913a5adc867b7835d6f128ac07cc946a9b04fc8b494dd0533bab82e38b248beff1ade65248ff23ada119dc97aef9cc43887812c1781f0fc6d805ee788ec2cb24df47fce0a9b28497a615344b4d42e52ea9898a22c48b1d3e98c7efcd7aed478fd556234d8d488c687bda9050b6310c15b59b78606c112f01d1a50d27a2d941802bd1c7a24b7398d5401026dc2039ee3845f1d9435e8842734c9818ce9348735a2cccedbdf3b1414e87d76a4f8607df42ce73d1ff55d1281b7668306b10c00955b4654db24b62a95e90c28ae6d1086e3a835a9b1a76b3f93c9412c02efbedba338dc173e637e10371438d3731d567cba1de98d4a14c59eb0ac1546077f69af071e3cfbbd5abc45e65cd45a4aed0d4bfe1580b86e4850f7efb77c51b3e6cc176870818b019724142d925899713d27432be8a70c58f1e3dca45995141ec75e28113f2ad3f03a40a088916d9fa172b0a06d192f0041d59d21fb70005217e82f4551f2e8d1ea3079b03843154f284dd4d9b91597891afad2c9ebe2d1f652b3764976b0dc696d2de1efff6a07df8948203e722fe79b9131104eef3c43515589d69f391e2a2f915a94ed8142910817cd71a41f73960be", 0x1000}, {&(0x7f00000019c0)="bb6671425a6f1e9caf1e9fd21556db75fc3fb79bc083406678a1c95984fd7d6fb9151bfb25c54333710a93d134d08d8af6e7ba029de2672a9f05c0778d608d65a8a6f3543429f6d51798885e8f959e3d1770402c96fa1af00b9a26ac469e15212dd6f230c564e1f566c3747ea88aa284927c32b720ced39db0710984da51107feac21614378365e5b01669976005793b575d29a3a468b3b42434cd4600be85a489753cddd32f0b2560980bedcd8b98d107f6a829b2284b175ff0232a1868f1d8ef3e30b4377da9683c8c3e3fcbdaaed0d93fd709b7142504a81fe41f880ef2eee4d8fb8ef586574e27c769fa5963c6969c9508f880629a83989c1a6dc4bea0c78c70db18defb691fa9164d5dae4cf7b0ad3640019210a12bb264ba183381680b76cde4c5c3635d82e6a37391fbd0701645f92541d745fe316cb7fb6d149259cffd4280d2d1302adb85cbd2ad358112cfb4307d5ea4ba31d517e60c595de467c7598ed97097a7bb2445c0ff745f9200be7fbe997d17976d502fe91e10981e3e9bc1278ef2e61cbb8dd13e327c6b113314f02e4f4d460deb31878faf3d38ac5e654618b2891a9b02a4250804881cac82e40957bae08ba303cb07b8a392d1539a17cd7fbbc3671ee9c19e6709d4448ba934b114c7c7c80af2db27c6fd04cfe9187915739119f62df7a6189acc24222c19fb77fab2f6a520905d20bab76e17b335e64d9d9a29770357efa2c7293911cc59a34bbec4cd9cbb4905b0028fdf0c5b79966eda56a62dca753897bf2b50eb119f6701164bdd5a456745a4e51c2ca50dd45e09092e3a9975aff2c34f59f582bee031e42653024ea84b6bd2bf2c915c58c6cd352572d8cdc257e0f4b7b921af395a6306112999f4d80e34c50f1a8471dd01bad49bb9bf425acade5bc3ba52e125a934837b292cd44e465a9291b5c0ddf977dcbae48383773ce203ca10ed3ed3d7ea76d586454984358c0e3e4cb54b2731cdb0bafc8880446d996a8f7b374c1d74d72d940037dc913bbc9a32a8ece426550a94f6c829ff4b2df0a3f2915e5d0949256fd73f173681a9e11bdbe5e1cde3a8d1a370b3d78525b146f1f62ca884f9b0853ddcf5c64c51c21ab6e0c6f242a102a448e17b72fc4b45248691ef425ababb2c53d546e40ebb53cf1d577cdeb45fddff843ffda54163b1948e0c0edf76906ba470f31201af9c34f8478edebc1eb323856da1c03e31feb8c8f582201cdadd54087304762705e86eee0945aecfeca31844d031ebd6ecfd515af4d838a01654e2f346b3f9dc9004418b36955630cfe43af5a677044efa5dff29cc26643eea41efc82b0c3842273da912f9e9d6694b233b9f4305aff7ddf0405ad2cf3ec015dd28f04d6e54799f18b2bec854ad8ccf6b5b0f995423f21ef84dc88ed9652457f65a69fbc345156f0c365f7732a1cf970968ae6b888ac932d1844d0724e06efd7a668cdbfa2b946329297d4da999be7ad894c752bc98b92d6b3b84b91eea9b36cd4b36565da9433a063e214b4d8ef31244d23441c7675fda3bb2f9e7b723a001e178d9777ef2f44b62f40eb549c47cf729c552f10d8e3c79b2f3239b0eb817ceea0dc6d02c668ddbed48bd78f71100293657ea764e5b1c55d05ea685c971ffbafe427f46e77dc830326496fedaf56545232940fd4fe2337606b4334e85ee4bb38dc56cdacdcb069da3a86bfc8b52f59b4307bdfd517f100fea958906b0a3f719847e9fa5542f49ebb5fe751fe1e9c332f2dee2c4e82813bcf9e390198c0e006ef5149093147d4fc76c3fa75b208f2501516d3624df46c88dacee39298720e0a26ff3df84f2ced34d685e938c53d92b952f481647d882abd9d0c2940cc9e0e6dbeeafc15c52f3754a6928d6b7610bcec28bd8e02c1e86a88e68f6e113dcacecfd5b6a420c80de9de1841cced5cd98f183aab31c492b56781afca8e505e1f14976a7af022fe7d4da8e3cccaa046200fbb9d08e56a84c9e63d92111ce4f683a6cbae462aac0bd3269d8a89f7cfe01a7255e98fdc7bf448cbe2ce2c7f3a30dba6bf6b1c79934105191d0aafefcc22d420dffd613330e9a0cfc04556b9ded1ca72dd3ef4b7bc2747984f97ed89ecfb4808f9a31c84fd1912b1b463d0ff34d5882ff1714e62596bec5b918fe85192570bcdee5a8ebbb08976378acc7960bcdc05f7a66f01999435c226e0636bee823fff16b04de0e37e433e9abc38ec23062cb14ef09bd1f95859c5221c48b8e8be8ba56b05137fd48157f45126e9731b6af1c8562c41cf5d3a37134f6b5c4c76e13b5ab43f5650ad6ca9649116f66d223f2b53b966bea378e1674bfb9a14479f68e9f9f6c210a6f02bfc8a00246c9c086c9eefd37c90507e4b3528fd96917435d1cde5c4cb18d19a471271d0da58aa1873322a2a907d7717545b138d72120f17c3d6789b195bb04b9a7c24ccb44c4ce9a0a7b4411f70d9ce45f7428e7e94c13e495ff1dd0642bd9c2c91d91ce5458245e6740b43a8dddb10e364e595c4eabd40ecd42bec7224154e47478f23bbfcc32d49f14bc706caa14c588d39d001b5532929620b6fabd6eae17ebc26d32599bc0c499c6f70bf0827db48b137dd561c204e2124b8e46e2e7a0e47eadb00f1ba71ba817f7bac4a665c8915d93cf0d7eae3f8cd63f4187b3325219b3ea3ac1a2a3fef1f634954eb2e9448ec8986a977acef95f77cce0d1c5b3007e669920988a64d886c06f857b5ad1cbcb54b33deb6b6ea077e7d4bdc0c2a1e533023afa1e4260f85739c8ca59a81bcf262550c5fe92c1587654cc132654baf3baa09c2953d4c905f65e2fb1005944be33a07b9dda07116ed2fc0b76fee185634531fed80109fa1b634cd06cd8b5c6d59980fb876976f4d4225f0f6612d28ba47152c30d863e169e771b88aeb479eadb89f4c60ac2e5bec9f401e221bb4680de235f94d0a25687f320af3e4d8ae909e9708b644667b0323a8f791955913cb8d14e45b72fc41270b5513b944ba65ac80d36a34366c80da0c14118d4d5a06d9221d028c00b7cd414b90d4d35b9a878cdcb9676d55841f8618c21f0e7a0992cc12029c2b2442e263cfe5c2a8bbcea8fe548861bb9bbe42419f0c0411620d6b25819e14b9ac5ac839c2550936d3781dcb77488a53730b0e20acf0c0ce50cbfbeb2f19abc6f61356564e54b2c90637e108b490a2f6056cb974ec09495fe9bd20ac9467dfb417ee4a4c89737c1fa423f04e9691697c1d841194c573741a81d1d65ce6b46c19d092cf4187b084401b96eea4401ea228b9b2ea62f93dbdfa53943707da4824c40914e86b458d47046f319c8e3643e97877cb9ef696b8920cc0fb1b5c3ccb38d1d339bbfd590a2d02d54e36feec7089c9f137e6fe77e8394fa5c6de7afad81af957e259540746156d445424b8257a9a4c5c027d207a7502e0330761626e4b758e408b2ddb82525e7e7f2901baa75ac3d4087a5f02a1f10a7b9d29ed130cac734cbc8d78b3fc108b7fcdac63c7be977741aa7435ac229fc8fd5f4ebb32fd12872e0f8d353e1fbc541a134bea90341b9332606db035ec45d180c622832110ab0a44ff9e1306fd580031a79f5a3d6959b31392ce95245407f0c7fba05e0e91d6c5192df1ba212a391000b02c53834f59097869c9bee4c8fcfd558280d28deffa1864cde70f8ab26f10a90a593882fb144fee91b9960f58754dfe645d59e2c29953d6f8986b40bcdb8598ca4c4788a5c4caf1586a98f94f8f0b13740266f145f1acbaa2552940d5e9a0b42afd558c239a148ba5864e35e34764377908bc229a5b73e746816aec528568f7b8d19800096701b9f4bb8e417489f3f3d792f49edf8ba646d049a16a67c5aa4f25f2d67df676d0a9a93d5774c81dadc8d9c48585d4b113780977c5814d07632487d6db87fc547fecb22f134e002ecace13a6180ca2d046b77542d1802bbefe9d4f6f20d7b97256960341dfa2030169723f12c4dbdb7e036f6e6af867895d4ec430096bd5572c3a38142c225711fb0770ccbc07829cfb1fff8bb0100d398bb6038d7389971e92e01dd1876beb840bbefa563af5ccfadac867dcdc061f72d494e222549bf0843c05615b1a3d20c430e6176a90a93e4d11eeab8417ac20b9c3df26ba52a6b70fe82a567d8cb8228e83e3f45861f53fc4585e2d909df193c32a4bc3790586f26673d3fbb2e57801a4e48239e2d42dd4cb3248d4f3a0b8d74b919cc9321e91d10f5955a78eb7381952a1155016047dd1461160289c02915ecaed7ae22d0e7cab007f0d7f8a769830065fe7a62bf93939d361d2b067dffa95a06ead49f71560bf5776a44f31d4558371262a8bb72c822d742cbf03137bf5dbc28e81272ea2ea736342bfbde3a4072af7524a9e12eb4c68e7de5a39c5596a320366051accb75c4b9e302d806d4bf60c431b0c8c2610949a3218d7efbbe48e6943944d6699a0785f26bdee6b2662005a27639c808280632dc759453363054b5769e4319633ce23f887468a486532fc751da71951a78ce086a1185ce84d7d077a819f3cfe4d90f4e0441446efe7369d4a090128b010d2f8598bca5adc941e2624dd2a8d5c862a6cc3999623914f8ca9f85656b500cba90fd7d2ac03f7fca8080e02f365404d6b90a16b5a9d15beea4874a62f24f3ead92106f6845643f0e562eab57f47a077c3f932a0d52bd77be6216f2f945284eceba4304b0dbd7488e33ebd592b75508e9d9a889454c668407af0cde960576aeba438bf3486cac925a92554226a76d264ee6338bd67bb1c58d8976a60de3418c0d4b3ff2bd4f7a2d34ecc11bb31a84bfb56f84e1c88beeb218b96816aad068c795e8c43dd2a1d4cc62ec989b76627dc99fe55ba59f181695f856c6d526164fe524b40c0e3a746160885303600c3baa6c521240f1981362e7fa9689b8640998329436defcb1c7c13cbfd46002e9df35b04acd38c85813ba5f6c14efa55b331f7fd2f68a9e58831a7b8fbad53bc357d6f6372500fcffd027184b4ca8691e6e7bda232ab6509b9883da3a07e0baef1f2ae0971db978aca70192968f707df47a92a74a598c474e9ba1f8824cd6cf0cc6d84937ecca38990b53c3bb10c816e7e7b8b64fc6ed09a048d527ad1c9bbbb64527469584f392e31f6453fcde93ba40a10a2dbae2836aa902812fc537e47c90e182b3e21841b75d014397738d24d37e5cd6f788d746c6adb9bc2572757591febc4352f63c1ff869ce800f0dd49c0dc01f44ab7d6574d98a43b56b2c9c77fc3578c21b5ae96eef10137b351fe8183410d5fe0b769cb5627f160e212fe02ac3fc3a7233391a2849da987a285cc576d73cb1e85eb77da9ad5cac49ebb3228b8ee875975c61127eff06fc0a6eaa560cb0ad58714fc4408f1281ce54ffe9c3f5c25ced5355e9722ef8940a96f6440ea771cd7a2037101cb5761e5a714275f8dc4226c943f54e169326a988af99c221d23c3b5cd392da346af5f9d98a1e433bf0f74c3bec8f705adda3b272a3c3cb3567fead0583d5d8a6f45cd8475e73a92a8aeaafbaa8866d4e0c91bc67794091db2adec2b92f516d251cf292354ad1ca5f62b78bd464bfd030618c13133dc3d47f540c96746afd96812f67651561dba16216c2b52e469292b1f14a553c0943f5a34284e07704cf679adb2b3e8a41af21e003cc4f9594b37afa7d7eed6dc927da98f7d4946502071cfd57fbebaf64dc14f560ed3ab97a8844122249c67241424179f7b1a4385bbb106d20b974675d92c2aeb718ec57c5c46104312825e4b54e95737b59cbf520e78bc86ee0bf5647", 0x1000}, {&(0x7f0000000340)="119151032b6b0548e40e89d8b9dd57659e3876464816ecd9b5ebaac4033f54975c959311530ab7da3169c521f2d66beba50f66c8160fba26aa793b354cddcbacf0571dd7e61bf2921fa104dadaf40219a87e644262f2e0f9965a2c5d5ffb8c68ab36a49a03673e385eb6fde6f805e29275499f448ab486be3901d4e93aebe06f3a0b51bebb00828a141286c9685db9341d5764bf5b0175161b9b4dd76bce7ad920d36563", 0xa4}], 0x3}, 0x2e5}], 0x1, 0x84) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$uhid(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/uhid\x00', 0x2, 0x0) write$UHID_DESTROY(r0, &(0x7f0000000740), 0x4) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000700)) syz_mount_image$xfs(&(0x7f00000000c0)='xfs\x00', &(0x7f0000000140)='./file0\x00', 0x2, 0x5, &(0x7f0000000580)=[{&(0x7f0000000200)="c9a9f3ceabdd18fa1a2fb27ba1bccb752637b2028dec9eb9e8359834b5837d75c93a40e51084d522d939749ee5b7e5092cebfdbfa35ba354d25ac1971801318c77eae8ffc00e39dc5a5549d5", 0x4c, 0x7}, {&(0x7f0000000280)="b418fc67ed9ea918061263279c99a22991d4241ec9361320cf1f9f5907fb8867869e4c27431d983bb05dc809cac49e8c4091e7de4b2842b9e7d4e0ecc1a12828cbb49a1faba7d7d048a66855a903e05e7636d1645b87dcba79e957acb42471e4bb24c49fe013960cae48b816f7aa2450c132fa9f1c27a8a73ae1985b7462c54640d4c02428d82f09947c0b839fc62ef53eed5de072c414", 0x97, 0x80000001}, {&(0x7f0000000340)="6bb5d82dc40921a0b4f016e5f12f24f6fec0b9a87c496a82cb5efee013c0e93edcd84aef56817d38f445f84711102db512627d1892a22f5353bdfe92f099c690ea82776eb447b2d13a7df9b4397239bc26198f47ec167d41a4f032b3b5ce71293472b68c6b523fcbf63bfb4b8543deca3adc7d61942216e6b1ed3ea97b05bf78", 0x80, 0x1}, {&(0x7f0000000440)="c217e86eeccd82a9f8c66c5794a334c8c524eeab716e9ceb1b6d2dfee39474bc97c53015e20ddef15aa145be7ddbf1068fecf314a647aebb30e4581925fb0b9d2c2863bafc1742657d65b438ab5526aad763a5b2a44ea9e041d1866d223d55fda6dfe1d8e325200dad755380b54e1098480aec9c85fdc73adae1568e31edda8c9fa04888075014543c9dc14925e45a32fde7214b96684857521d0cb97f847ad20121bec1fc80", 0xa6, 0x200}, {&(0x7f0000000500)="3bfa70c5c62cf614fc1d136a37ccaf87e5bd4268c8ad2ee2ebe2e1a35a97f45ddd7c43a0d4305ae597a15a9ef685633edc687d70497e7c5ec140d5128ab0a69b05ba6db2077171bdf5e057267b3749c9ba4a9c356bb472b546a5882dc097f1a68044a7cfce7719b87f689b220fac67fdf65fde2520", 0x75, 0x2}], 0x20, &(0x7f00000007c0)=ANY=[@ANYBLOB="7773796e632c6e6f626172726965723c6c6f67627566733d30b03030303030303030b69492ab3031303030352c736d61636b66736465663d2d2c686173682c657569643c", @ANYRESDEC=r2, @ANYBLOB="2c7375626a5f747970653d2c6f626a5f757365723d2f70726f632f7379732f6e65742f697076342f77732f6261636b2b555f00c2f90f60626029397a66e0469f3742418d98198517abd6a72d210ce3b919365f457ca91a969b54c25a7ed0767c4865f2240a3a0b704baa91c37199e5c472"]) 18:53:50 executing program 5: r0 = syz_open_dev$radio(&(0x7f0000000180)='/dev/radio#\x00', 0x1, 0x2) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000001c0), 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_open_dev$usb(&(0x7f0000000140)='/dev/bus/usb/00#/00#\x00', 0x1, 0x20000) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000000)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10003}], 0x8041, 0x0) 18:53:50 executing program 0: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x1000, 0x80800) write$FUSE_BMAP(r0, &(0x7f0000000080)={0x18, 0x0, 0x5, {0x100000000}}, 0x18) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) fcntl$setsig(r1, 0xa, 0x1f) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r3) 18:53:50 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB="2c72fffffffffeffffff303030303030303030303030203034303030392c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 546.745511] FAULT_INJECTION: forcing a failure. [ 546.745511] name failslab, interval 1, probability 0, space 0, times 0 [ 546.768830] CPU: 1 PID: 28099 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 546.775909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.785263] Call Trace: [ 546.787877] dump_stack+0x138/0x19c [ 546.791525] should_fail.cold+0x10f/0x159 [ 546.795687] should_failslab+0xdb/0x130 [ 546.799675] __kmalloc_track_caller+0x2ef/0x790 [ 546.804357] ? kstrdup_const+0x48/0x60 [ 546.808252] kstrdup+0x3a/0x70 [ 546.811455] kstrdup_const+0x48/0x60 [ 546.815175] alloc_vfsmnt+0xe5/0x7d0 [ 546.818912] vfs_kern_mount.part.0+0x2a/0x3d0 [ 546.823412] ? find_held_lock+0x35/0x130 [ 546.827482] vfs_kern_mount+0x40/0x60 [ 546.831299] btrfs_mount+0x3ce/0x2b14 [ 546.835117] ? lock_downgrade+0x6e0/0x6e0 [ 546.839269] ? find_held_lock+0x35/0x130 [ 546.843370] ? pcpu_alloc+0x3af/0x1060 [ 546.847279] ? btrfs_remount+0x11f0/0x11f0 [ 546.851534] ? rcu_read_lock_sched_held+0x110/0x130 [ 546.856559] ? __lockdep_init_map+0x10c/0x570 [ 546.861099] ? __lockdep_init_map+0x10c/0x570 [ 546.865602] mount_fs+0x9d/0x2a7 [ 546.868988] vfs_kern_mount.part.0+0x5e/0x3d0 [ 546.873490] do_mount+0x417/0x27d0 [ 546.877028] ? copy_mount_options+0x5c/0x2f0 [ 546.881434] ? rcu_read_lock_sched_held+0x110/0x130 [ 546.881449] ? copy_mount_string+0x40/0x40 [ 546.881465] ? copy_mount_options+0x1fe/0x2f0 18:53:50 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x80000000, 0x280000) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f0000000180)={{0x1, 0x2}, 'port0\x00', 0x60, 0x10, 0x9, 0xdcb, 0x6, 0x9, 0x0, 0x0, 0x4}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) [ 546.881479] SyS_mount+0xab/0x120 [ 546.881488] ? copy_mnt_ns+0x8c0/0x8c0 [ 546.881502] do_syscall_64+0x1eb/0x630 [ 546.881510] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 546.881528] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 546.881539] RIP: 0033:0x45b80a [ 546.923433] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 546.931130] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 546.938402] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 18:53:50 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x40f00, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffec5}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f00000002c0)='./file0\x00', 0xfffffffffb) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:50 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f00000000c0)={0x6, 0x2}) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:50 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f00000000c0)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) ioctl$SIOCX25SCALLUSERDATA(r1, 0x89e5, &(0x7f0000000140)={0x80, "2f887bdff6cdb1c55a9e2f31a7f75426ef0f16bc5af5d64fc2247c08651d9f2b3330cf6d2b627aaa9db1e17710cf1acf0f20770c28dfd636f8ac5f11492a33a23ee4c97d7060e02b25e555a59c4a805e268fb03df844c2aedf68271cd65fb690f59e8ead064bd93b7be5f2b3234ce936773bc6898f0768efa86c926b890d5da9"}) [ 546.945669] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 546.952930] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 546.960196] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:50 executing program 4 (fault-call:0 fault-nth:61): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 547.093311] FAULT_INJECTION: forcing a failure. [ 547.093311] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 547.111288] CPU: 1 PID: 28136 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 547.118324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.127761] Call Trace: [ 547.130346] dump_stack+0x138/0x19c [ 547.133990] should_fail.cold+0x10f/0x159 [ 547.138138] ? __might_sleep+0x93/0xb0 [ 547.142026] __alloc_pages_nodemask+0x1d6/0x7a0 [ 547.146692] ? trace_hardirqs_on+0xd/0x10 [ 547.150852] ? __alloc_pages_slowpath+0x2930/0x2930 [ 547.155893] ? btrfs_parse_early_options+0x1a2/0x310 [ 547.161026] alloc_pages_current+0xec/0x1e0 [ 547.165385] __get_free_pages+0xf/0x40 [ 547.169256] get_zeroed_page+0x11/0x20 [ 547.173139] parse_security_options+0x1f/0xa0 [ 547.177651] btrfs_mount+0x2bb/0x2b14 [ 547.181448] ? lock_downgrade+0x6e0/0x6e0 [ 547.185584] ? find_held_lock+0x35/0x130 [ 547.189684] ? pcpu_alloc+0x3af/0x1060 [ 547.193579] ? btrfs_remount+0x11f0/0x11f0 [ 547.197809] ? rcu_read_lock_sched_held+0x110/0x130 [ 547.202814] ? __lockdep_init_map+0x10c/0x570 [ 547.207346] mount_fs+0x9d/0x2a7 [ 547.210712] vfs_kern_mount.part.0+0x5e/0x3d0 [ 547.215225] ? find_held_lock+0x35/0x130 [ 547.219272] vfs_kern_mount+0x40/0x60 [ 547.223337] btrfs_mount+0x3ce/0x2b14 [ 547.227147] ? lock_downgrade+0x6e0/0x6e0 [ 547.231289] ? find_held_lock+0x35/0x130 [ 547.235341] ? pcpu_alloc+0x3af/0x1060 [ 547.239224] ? btrfs_remount+0x11f0/0x11f0 [ 547.243447] ? rcu_read_lock_sched_held+0x110/0x130 [ 547.248453] ? __lockdep_init_map+0x10c/0x570 [ 547.252941] ? __lockdep_init_map+0x10c/0x570 [ 547.257433] mount_fs+0x9d/0x2a7 [ 547.260786] vfs_kern_mount.part.0+0x5e/0x3d0 [ 547.265273] do_mount+0x417/0x27d0 [ 547.268795] ? copy_mount_options+0x5c/0x2f0 [ 547.273209] ? rcu_read_lock_sched_held+0x110/0x130 [ 547.278306] ? copy_mount_string+0x40/0x40 [ 547.282526] ? copy_mount_options+0x1fe/0x2f0 [ 547.287004] SyS_mount+0xab/0x120 [ 547.290448] ? copy_mnt_ns+0x8c0/0x8c0 [ 547.294337] do_syscall_64+0x1eb/0x630 [ 547.298219] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 547.303063] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 547.308246] RIP: 0033:0x45b80a [ 547.311423] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 547.319214] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 547.326465] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 547.333721] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 547.340989] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 547.348243] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f00000000c0)={0x0, @multicast1, 0x4e22, 0x4, 'lblc\x00', 0x2a, 0x5, 0x63}, 0x2c) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:51 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x900004, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB="2c726f6f746d6f64653d308890444f286663b65f1200"/34, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r1, 0x0, 0x3fffffe) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:51 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000140)=0x5, 0x4) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000180)={0xffffffffffffffff}, 0x13f, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000240)={0x14, 0x88, 0xfa00, {r2, 0x10, 0x0, @ib={0x1b, 0x7f, 0xfff, {"0717d41590a2db7977a7ea1e1f8d4e1d"}, 0x8, 0x90, 0x3}}}, 0x90) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f0000000300)={0xfffffffffffffffb, 0x4}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:51 executing program 4 (fault-call:0 fault-nth:62): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:51 executing program 5: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x40) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x0, 0x5, 0x0, 0x67}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = getpgid(0xffffffffffffffff) getpriority(0x2, r2) syz_mount_image$ext4(&(0x7f0000000240)='ext3\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={[{@sb={'sb'}, 0x48}]}) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000140)=0xc) move_pages(r3, 0x4, &(0x7f0000000180)=[&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000001c0)=[0x0], 0x2) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:51 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000180)={{0x4, 0x6, 0x9, 0x1, 'syz1\x00', 0x7}, 0x6, 0x10, 0x2b4, r2, 0x5, 0x7, 'syz0\x00', &(0x7f0000000040)=['&mime_type\x00', '/dev/cachefiles\x00', 'security%bdev\x00', 'keyring-md5sum\x00', '/dev/cachefiles\x00'], 0x48, [], [0x4, 0x1, 0x1, 0x8]}) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) [ 547.574517] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20002 [ 547.592722] EXT4-fs: Invalid sb specification: sb=0x0000000000000000H,errors=continue [ 547.602481] FAULT_INJECTION: forcing a failure. [ 547.602481] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 547.617719] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 18:53:51 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0xffffffffffffffff, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000440)={0x0}, &(0x7f0000000480)=0xc) ptrace$cont(0x3f, r1, 0x8, 0x0) clone(0x2102401ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) timer_create(0x5996308e13125cbd, &(0x7f0000000240)={0x0, 0x1f, 0x5, @thr={&(0x7f00000000c0)="10035d31d27c42f60a8b9b38bda81d584d1e57b53ccda344c662cef0f4bc4b5308594fff14b047c363796423c30ac4314721eb533a32ce9dc942468b94eb2f26e5a6bac0420b7cc2e6c62ec57e403bb1c5f1451601e32ea9de710887c2d671f9a1e091d1771fbcd35cee5786284fc5f2749ea9d54f14df1e0fa504962834c9398dc0ec232fc9a61f17e0d6cd44eecbeec61c264ac90ce682c6a98b25e910d2718d8056f92e368c99e1248fcd3cf59b5b165bd949384c7072fb652402b29fb905ec4880983e9439cd6156d4d9915de9a122", &(0x7f00000001c0)="9f184e15932326070173a4bfc64c690f4addfda8bdd59dd3c3ac2f1186789350199ced1ed6b47467d44e21858b41d78e9f79373b1e402b646cb7091776b43b68dd7d1bd7f3696ce98d95a249844ef80081d3e1b1cac91d27cd254c7a48adcfe083af680d3cd657fa78e5ff7f9211c258"}}, &(0x7f0000000280)) ptrace$setopts(0x4200, r2, 0x0, 0x8000000006) tkill(r2, 0x2f) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000002c0)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000e00000008cfebb759d169a98a074d135fb981911368d9e8954ad9f1e444955ef32f036273e8da81acd35c0e2db8a63ae86d22d3e0ee3e71c4dd009c4f7dd5b4d4f7eaae1888d5326a43b424388c591db70cb038135860a79ac2c11d13ce3ede594862162e7744d9302d87cedb7130d73e227e26202344f668d1efd4da91aaeb166f9c5510c39c61b41ed5989002d490e93152c9d0403125950750af4bebfca0a634953e7028d4dc4a109960e02cbeaad8d2226796cd11b0660e418f6c18dde967f18a836b71f3c7cbd705670f9f62f91c2e860996c1514ed88b0bcb04aa28e879765188e"], &(0x7f0000000400)=0x104) wait4(0x0, 0x0, 0x0, 0x0) 18:53:51 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB="ac866f6f746d6f64653d303030323010303030303034303030342c757365725f69643d", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:51 executing program 3: getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) connect$llc(r0, &(0x7f0000000080)={0x1a, 0x118, 0x9, 0x9b9, 0xff, 0x4, @random="dfb578d313e4"}, 0x10) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$IMDELTIMER(r0, 0x80044941, &(0x7f00000000c0)) [ 547.630290] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20002 [ 547.683281] CPU: 0 PID: 28170 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 547.690337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.699700] Call Trace: [ 547.702292] dump_stack+0x138/0x19c [ 547.705924] should_fail.cold+0x10f/0x159 [ 547.710070] ? __might_sleep+0x93/0xb0 [ 547.713954] __alloc_pages_nodemask+0x1d6/0x7a0 [ 547.718641] ? check_preemption_disabled+0x3c/0x250 [ 547.723658] ? __alloc_pages_slowpath+0x2930/0x2930 [ 547.728671] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 547.734121] ? __alloc_pages_nodemask+0x63b/0x7a0 [ 547.738981] alloc_pages_current+0xec/0x1e0 [ 547.743296] ? btrfs_parse_early_options+0x1a2/0x310 [ 547.748397] __get_free_pages+0xf/0x40 [ 547.752302] get_zeroed_page+0x11/0x20 [ 547.756185] selinux_sb_copy_data+0x2a/0x390 [ 547.760596] security_sb_copy_data+0x7b/0xb0 [ 547.765016] parse_security_options+0x37/0xa0 [ 547.769504] btrfs_mount+0x2bb/0x2b14 [ 547.773299] ? lock_downgrade+0x6e0/0x6e0 [ 547.777436] ? find_held_lock+0x35/0x130 [ 547.781488] ? pcpu_alloc+0x3af/0x1060 [ 547.785389] ? btrfs_remount+0x11f0/0x11f0 [ 547.789657] ? rcu_read_lock_sched_held+0x110/0x130 [ 547.794685] ? __lockdep_init_map+0x10c/0x570 [ 547.799183] mount_fs+0x9d/0x2a7 [ 547.802559] vfs_kern_mount.part.0+0x5e/0x3d0 [ 547.807047] ? find_held_lock+0x35/0x130 [ 547.811102] vfs_kern_mount+0x40/0x60 [ 547.814905] btrfs_mount+0x3ce/0x2b14 [ 547.818700] ? lock_downgrade+0x6e0/0x6e0 [ 547.822842] ? find_held_lock+0x35/0x130 [ 547.826902] ? pcpu_alloc+0x3af/0x1060 [ 547.830792] ? btrfs_remount+0x11f0/0x11f0 [ 547.835025] ? rcu_read_lock_sched_held+0x110/0x130 [ 547.840042] ? __lockdep_init_map+0x10c/0x570 [ 547.844551] ? __lockdep_init_map+0x10c/0x570 [ 547.849052] mount_fs+0x9d/0x2a7 [ 547.852468] vfs_kern_mount.part.0+0x5e/0x3d0 [ 547.856961] do_mount+0x417/0x27d0 [ 547.860493] ? copy_mount_options+0x5c/0x2f0 [ 547.864899] ? rcu_read_lock_sched_held+0x110/0x130 [ 547.869909] ? copy_mount_string+0x40/0x40 [ 547.874150] ? copy_mount_options+0x1fe/0x2f0 [ 547.879110] SyS_mount+0xab/0x120 [ 547.882577] ? copy_mnt_ns+0x8c0/0x8c0 [ 547.886459] do_syscall_64+0x1eb/0x630 [ 547.890342] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 547.895188] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 547.900365] RIP: 0033:0x45b80a [ 547.904504] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 547.912207] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 547.919563] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 547.926822] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 18:53:51 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x140, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000040), &(0x7f00000000c0)=0x4) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) setsockopt$inet6_int(r2, 0x29, 0x12, &(0x7f0000000140)=0x3, 0x4) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) [ 547.934084] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 547.941343] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:51 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$DRM_IOCTL_MAP_BUFS(r0, 0xc0186419, &(0x7f00000002c0)={0x1, &(0x7f0000000180)=""/20, &(0x7f0000000280)=[{0x6, 0x7d, 0x0, &(0x7f0000000200)=""/125}]}) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/backup_only\x00') getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0), &(0x7f0000000140)=0xb) 18:53:51 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040)) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:51 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x4001fd, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = syz_open_procfs(r1, &(0x7f0000000140)='net/ip_tables_matches\x00') r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000200)={0x188, r3, 0x114, 0x70bd28, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x148, 0x1, [@TIPC_NLA_BEARER_PROP={0x34, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x20}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'tunl0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x80000001, @empty, 0x20}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x5, @loopback, 0x4b}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x8, @rand_addr="e6699171200f2220129d00ae5c17d1d7", 0x6}}, {0x14, 0x2, @in={0x2, 0x4e22, @multicast2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x79cb}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}}, {0x14, 0x2, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @ipv4={[], [], @multicast2}, 0x400}}}}]}, @TIPC_NLA_SOCK={0x2c, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x80000001}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x100000001}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xb66b}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6b8a80}]}]}, 0x188}, 0x1, 0x0, 0x0, 0x8000}, 0x80) ptrace$setopts(0x4206, r1, 0x81, 0x0) r4 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x4deb, 0x10080) ioctl$PIO_CMAP(r4, 0x4b71, &(0x7f0000000100)={0x200, 0x40, 0x4, 0x3, 0x6}) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:51 executing program 4 (fault-call:0 fault-nth:63): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x420a, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:51 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x2000, 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) socket$inet6(0xa, 0x4, 0x1f) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) ioctl$VIDIOC_G_SELECTION(r2, 0xc040565e, &(0x7f0000000100)={0x0, 0x1, 0x0, {0x3ff, 0xac, 0x0, 0x10000}}) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r3 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x3, 0x2) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000180)=0x51b, 0x4) ptrace$setopts(0x4206, r1, 0x0, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000200)={0xa10000, 0x6, 0x3, [], &(0x7f00000001c0)={0x9d0bff, 0x5, [], @value=0x3}}) tkill(r1, 0x2000000024) wait4(r1, 0x0, 0x8000000b, 0x0) 18:53:51 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r1, 0xc0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=0x7, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x1, 0x2}, 0x0, 0x0, &(0x7f00000000c0)={0x100, 0x3, 0x4}, &(0x7f0000000180)=0x400, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=0x1000}}, 0x10) dup2(r0, r2) 18:53:51 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x30180, 0x0) ioctl$RTC_UIE_OFF(r1, 0x7004) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x20) wait4(0x0, 0x0, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000100)={&(0x7f0000ffc000/0x1000)=nil, 0x1000}, &(0x7f0000000140)=0x10) [ 548.198829] FAULT_INJECTION: forcing a failure. [ 548.198829] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 548.228833] CPU: 0 PID: 28245 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 548.235895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.245249] Call Trace: [ 548.247854] dump_stack+0x138/0x19c [ 548.251518] should_fail.cold+0x10f/0x159 [ 548.255674] ? __might_sleep+0x93/0xb0 [ 548.259572] __alloc_pages_nodemask+0x1d6/0x7a0 [ 548.264249] ? trace_hardirqs_on+0xd/0x10 [ 548.268402] ? __alloc_pages_slowpath+0x2930/0x2930 [ 548.273425] ? btrfs_parse_early_options+0x1a2/0x310 [ 548.278543] alloc_pages_current+0xec/0x1e0 [ 548.282890] __get_free_pages+0xf/0x40 [ 548.286802] get_zeroed_page+0x11/0x20 [ 548.290675] parse_security_options+0x1f/0xa0 [ 548.295157] btrfs_mount+0x2bb/0x2b14 [ 548.298996] ? lock_downgrade+0x6e0/0x6e0 [ 548.303129] ? find_held_lock+0x35/0x130 [ 548.307174] ? pcpu_alloc+0x3af/0x1060 [ 548.311057] ? btrfs_remount+0x11f0/0x11f0 [ 548.315292] ? rcu_read_lock_sched_held+0x110/0x130 [ 548.320305] ? __lockdep_init_map+0x10c/0x570 [ 548.324789] mount_fs+0x9d/0x2a7 [ 548.328146] vfs_kern_mount.part.0+0x5e/0x3d0 [ 548.332625] ? find_held_lock+0x35/0x130 [ 548.336673] vfs_kern_mount+0x40/0x60 [ 548.340457] btrfs_mount+0x3ce/0x2b14 [ 548.344241] ? lock_downgrade+0x6e0/0x6e0 [ 548.348392] ? find_held_lock+0x35/0x130 [ 548.352435] ? pcpu_alloc+0x3af/0x1060 [ 548.356320] ? btrfs_remount+0x11f0/0x11f0 [ 548.360541] ? rcu_read_lock_sched_held+0x110/0x130 [ 548.365561] ? __lockdep_init_map+0x10c/0x570 [ 548.370050] ? __lockdep_init_map+0x10c/0x570 [ 548.374531] mount_fs+0x9d/0x2a7 [ 548.377890] vfs_kern_mount.part.0+0x5e/0x3d0 [ 548.382371] do_mount+0x417/0x27d0 [ 548.385895] ? copy_mount_options+0x5c/0x2f0 [ 548.390306] ? rcu_read_lock_sched_held+0x110/0x130 [ 548.395308] ? copy_mount_string+0x40/0x40 [ 548.399525] ? copy_mount_options+0x1fe/0x2f0 [ 548.404003] SyS_mount+0xab/0x120 [ 548.407467] ? copy_mnt_ns+0x8c0/0x8c0 [ 548.411351] do_syscall_64+0x1eb/0x630 [ 548.415220] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 548.420060] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 548.425249] RIP: 0033:0x45b80a [ 548.428436] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 548.436214] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 548.443496] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 548.450766] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 548.458032] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 548.465308] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:52 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000140)="8da4363ac0ed0000000004000000000000000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d3bcbeb5cac0d1778f13654c72b98c57b2be48e57d8df1f1cf2739748c2ed78d0a132a4cd0437bc441ac3bc7487763f66bb48c60ba98c49a41c00204d9755135c38f12183fd34905eb9b05ad2aed0bbb477ff98648f07eacf6bc90510965212a100a21788bd5924abe0f62f331cf8326f645f80af46bc3d275f35fcbf7ff291f0ee086714afc8d3868700000000", 0xd5, 0x10000}], 0x0, 0x0) r1 = openat$vfio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vfio/vfio\x00', 0x8000, 0x0) fstat(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SIOCAX25GETUID(r1, 0x89e0, &(0x7f0000000380)={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, r2}) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x102) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x7f, 0x9, 0xdb85, 0x20, 0x8001}, &(0x7f00000000c0)=0x14) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000240)={r4, 0x4}, &(0x7f0000000280)=0x8) 18:53:52 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$SIOCAX25CTLCON(r1, 0x89e8, &(0x7f0000000700)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, 0xa, 0xab2e, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) getgroups(0x8, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0xee00, 0x0, 0xee00, 0x0, 0xee00]) getresgid(&(0x7f00000002c0)=0x0, &(0x7f0000000340), &(0x7f0000000380)) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000900)={r1, 0x10, &(0x7f00000008c0)={&(0x7f0000000800)=""/163, 0xa3, 0xffffffffffffffff}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000a00)={r1, 0x10, &(0x7f00000009c0)={&(0x7f0000000780)=""/118, 0x76, r4}}, 0x10) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',gzoup_id=', @ANYRESDEC=r3, @ANYBLOB=',allow_other,\x00']) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) creat(&(0x7f00000006c0)='./file0\x00', 0x21) r5 = accept(r1, &(0x7f0000000080)=@isdn, &(0x7f0000000100)=0x80) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) timer_create(0x6, &(0x7f0000000640)={0x0, 0x37, 0x2, @thr={&(0x7f0000000500)="7af03ec1c2c1d03f14671ec5ee2ad9832dae469dd39875848e4eb81f77a35cdb3b4219146e4438b14a47aa22e092c2345d7165db215257aa13c6dfb83ae78f647b487e3793b1ad0184e23d58fecc2ca57f4b0d995df9d0d5e8e0aba79c1d7741f760704d5141ebd2cf72c9cded272e2f041460e4", &(0x7f0000000580)="88000a2c4826099be225bfb12d83de03083c6fd3aa6e989cffc24b1fcfa1"}}, &(0x7f0000000680)) r6 = syz_genetlink_get_family_id$nbd(&(0x7f00000001c0)='nbd\x00') sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)={0xc0, r6, 0x8, 0x70bd2c, 0x25dfdbfe, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x401}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xffffffff}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_CLIENT_FLAGS={0xc}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x100000001}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_SOCKETS={0x4c, 0x7, [{0x8, 0x1, r5}, {0x8, 0x1, r0}, {0x8, 0x1, r1}, {0x8, 0x1, r5}, {0x8, 0x1, r5}, {0x8, 0x1, r5}, {0x8, 0x1, r1}, {0x8, 0x1, r5}, {0x8, 0x1, r5}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x7ff}]}, 0xc0}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:52 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x4, 0x40000) accept4$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0xffffffff, @hyper}, 0x10, 0x80000) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:52 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = dup2(r0, r2) getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r4, 0xcd8}, 0x8) 18:53:52 executing program 4 (fault-call:0 fault-nth:64): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = socket$bt_cmtp(0x1f, 0x3, 0x5) getsockopt$sock_buf(r0, 0x1, 0x3f, &(0x7f00000000c0)=""/11, &(0x7f0000000140)=0xb) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:52 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x2000) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/member\x00', 0x2, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") rt_tgsigqueueinfo(r0, r0, 0x12, &(0x7f00000001c0)={0x18, 0x7ff, 0xe6d8}) write$selinux_access(r1, &(0x7f0000000080)={'system_u:object_r:var_auth_t:s0', 0x20, 'unconfined_u:system_r:insmod_t:s0-s0:c0.c1023', 0x20, 0x0, 0x41}, 0x63) tkill(r0, 0x20) wait4(0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0x2, 0x3}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000180)={r3, 0x4}, 0x8) 18:53:52 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000040)={0x6, 0x3, 0x80000000, 0x6, 'syz0\x00', 0x200}) [ 548.713763] BTRFS: device fsid ecf6f2a2-2997-48ae-b81e-1b00920efd9a devid 9765725700883769096 transid 8653400242960190267 /dev/loop5 [ 548.742223] FAULT_INJECTION: forcing a failure. [ 548.742223] name failslab, interval 1, probability 0, space 0, times 0 [ 548.812346] BTRFS error (device loop5): unsupported checksum algorithm 62079 [ 548.845434] BTRFS error (device loop5): superblock checksum mismatch [ 548.864056] CPU: 1 PID: 28288 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 548.871094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.880738] Call Trace: [ 548.883328] dump_stack+0x138/0x19c [ 548.886959] should_fail.cold+0x10f/0x159 [ 548.891128] should_failslab+0xdb/0x130 [ 548.895099] kmem_cache_alloc_trace+0x2ec/0x790 [ 548.899946] selinux_parse_opts_str+0x432/0xa30 [ 548.904616] ? selinux_socket_sock_rcv_skb+0x570/0x570 [ 548.909898] ? free_pages+0x46/0x50 [ 548.913522] ? selinux_sb_copy_data+0x21e/0x390 [ 548.918187] security_sb_parse_opts_str+0x7b/0xb0 [ 548.923026] parse_security_options+0x4e/0xa0 [ 548.927621] btrfs_mount+0x2bb/0x2b14 [ 548.931421] ? lock_downgrade+0x6e0/0x6e0 [ 548.935574] ? find_held_lock+0x35/0x130 [ 548.939643] ? pcpu_alloc+0x3af/0x1060 [ 548.943533] ? btrfs_remount+0x11f0/0x11f0 [ 548.947765] ? rcu_read_lock_sched_held+0x110/0x130 [ 548.953046] ? __lockdep_init_map+0x10c/0x570 [ 548.957545] mount_fs+0x9d/0x2a7 [ 548.960908] vfs_kern_mount.part.0+0x5e/0x3d0 [ 548.965395] ? find_held_lock+0x35/0x130 [ 548.969465] vfs_kern_mount+0x40/0x60 [ 548.973281] btrfs_mount+0x3ce/0x2b14 [ 548.977075] ? lock_downgrade+0x6e0/0x6e0 [ 548.981213] ? find_held_lock+0x35/0x130 [ 548.985266] ? pcpu_alloc+0x3af/0x1060 [ 548.989160] ? btrfs_remount+0x11f0/0x11f0 [ 548.993397] ? rcu_read_lock_sched_held+0x110/0x130 [ 548.998417] ? __lockdep_init_map+0x10c/0x570 [ 549.002908] ? __lockdep_init_map+0x10c/0x570 [ 549.007901] mount_fs+0x9d/0x2a7 [ 549.011266] vfs_kern_mount.part.0+0x5e/0x3d0 [ 549.015757] do_mount+0x417/0x27d0 [ 549.019290] ? copy_mount_options+0x5c/0x2f0 [ 549.023696] ? rcu_read_lock_sched_held+0x110/0x130 [ 549.028709] ? copy_mount_string+0x40/0x40 [ 549.032950] ? copy_mount_options+0x1fe/0x2f0 [ 549.037445] SyS_mount+0xab/0x120 [ 549.040893] ? copy_mnt_ns+0x8c0/0x8c0 [ 549.044791] do_syscall_64+0x1eb/0x630 [ 549.048670] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 549.053517] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 549.058697] RIP: 0033:0x45b80a 18:53:52 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) lookup_dcookie(0x7, &(0x7f0000000040)=""/83, 0x53) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18, 0xffffffffffffffda, 0x3, {0x20}}, 0x18) dup2(r0, r2) 18:53:52 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000000c0)={0x0, @broadcast, @multicast1}, &(0x7f0000000100)=0xc) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 549.061909] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 549.069610] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 549.076883] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 549.084144] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 549.091403] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 549.098683] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:52 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000080)={{{@in=@broadcast, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@mcast2}}, &(0x7f0000000180)=0xe8) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) setreuid(r2, r3) readlink(0x0, 0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f00000002c0)=0xc) ptrace$getregset(0x4204, r5, 0x1, &(0x7f0000000440)={&(0x7f0000000400)=""/22, 0x16}) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 549.140283] BTRFS error (device loop5): open_ctree failed [ 549.148513] BTRFS error (device loop5): unsupported checksum algorithm 62079 18:53:52 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000140)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 549.200000] BTRFS error (device loop5): superblock checksum mismatch [ 549.270561] BTRFS error (device loop5): open_ctree failed 18:53:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x102) recvfrom$rose(r1, &(0x7f0000000140)=""/207, 0xcf, 0x40000041, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, 0x1, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, 0x1c) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="00002dbd7000fe00"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000) 18:53:53 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") syz_init_net_socket$llc(0x1a, 0x3, 0x0) io_setup(0x8, &(0x7f0000000140)) r1 = fcntl$dupfd(r0, 0x442, r0) write$P9_RVERSION(r1, &(0x7f0000000180)={0x13, 0x65, 0xffff, 0x401, 0x6, '9P2000'}, 0x13) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r3 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x10000000, 0x2000000000002002) ptrace$getregs(0xe, r2, 0x4, &(0x7f0000000200)=""/106) ioctl$SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000100)) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) read$alg(r3, &(0x7f0000000280)=""/238, 0xee) 18:53:53 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) ioctl$PPPIOCGUNIT(r0, 0x80047456, &(0x7f0000000080)) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB="2c726f6f742c756765725f379ba8637304", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:53 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000040)="0adc1f123c123f319bd070b025d896bbcf2cc69b9891007a33e7d036d73f8cedbe4f8456e09fffde716d368ec5903bfae6ecb63b88f3") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000080)={0x42e, 0x5, 0x8b}) dup2(r0, r2) 18:53:53 executing program 4 (fault-call:0 fault-nth:65): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 549.361713] BTRFS error (device loop5): unsupported checksum algorithm 62079 18:53:53 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d010000000000bbb100d4000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:53 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) ioprio_set$uid(0x3, r1, 0xfffffffffffffe01) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 549.410814] BTRFS error (device loop5): superblock checksum mismatch 18:53:53 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x2, 0xa08c0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) write$evdev(r1, &(0x7f0000000180)=[{{0x0, 0x2710}, 0x4, 0x1}, {{r2, r3/1000+30000}, 0x17, 0x1f, 0x8000}, {{}, 0x11, 0x5b, 0x7ff}, {{0x0, 0x2710}, 0x11, 0x2, 0x83}, {{r4, r5/1000+10000}, 0x1f, 0x9, 0x8001}, {{0x77359400}, 0x17, 0x3}], 0x90) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r6, 0x0, 0x0) tkill(r6, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 549.474596] FAULT_INJECTION: forcing a failure. [ 549.474596] name failslab, interval 1, probability 0, space 0, times 0 [ 549.508268] BTRFS error (device loop5): open_ctree failed [ 549.525300] CPU: 1 PID: 28353 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 549.532336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.541691] Call Trace: [ 549.544288] dump_stack+0x138/0x19c [ 549.547933] should_fail.cold+0x10f/0x159 [ 549.552097] should_failslab+0xdb/0x130 [ 549.556085] kmem_cache_alloc+0x2d9/0x780 [ 549.560243] ? btrfs_scan_one_device+0x89/0x400 [ 549.564922] ? trace_hardirqs_on_caller+0x331/0x590 [ 549.569945] getname_kernel+0x53/0x350 18:53:53 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000300)={0xffffffffffffffff}, 0x111, 0xf}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r2, &(0x7f0000000380)={0x4, 0x8, 0xfa00, {r3, 0x1}}, 0x10) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0xe) wait4(0x0, 0x0, 0x0, 0x0) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x4000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x7ff, &(0x7f0000000100)={0xffffffffffffffff}, 0x111, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r4, &(0x7f0000000180)={0x9, 0x108, 0xfa00, {r5, 0xb2, "153c48", "a2061bbf75dfe98043ef88017302cb4f8a7ba8cc703996ef3ce4ef3499185371aebe35d3981d2880e6271e5b19105d22b7854783995b48a13e07fa8e26273380b0c7d4691ed1a1b26881d79e4d6f5315f86387abbf43d79938ab4ca6b03f2eec3e5501c41cae84751b8c848f866642a31ebc2ab49db1485def58425aa880ae63a651c824239c3f3bda55319be63ca8e1b2a2a9dfef3dcc16804d3e5e18802c63456736db2cf2032ac02ebec84bda265ec12d99d5a337a9d61ef9a40edccd76d4e05601b87014b3b413d6269a6e3bd5fc5f3f7f4cd9079f72af38ef377567a0136f2eb0e759c70818ae346e537b475c6c81f00863d741f814c314943c25a747f4"}}, 0x110) [ 549.573835] kern_path+0x20/0x40 [ 549.577214] lookup_bdev.part.0+0x63/0x160 [ 549.581455] ? blkdev_open+0x260/0x260 [ 549.585565] ? free_hot_cold_page+0x766/0xca0 [ 549.590064] blkdev_get_by_path+0x76/0xf0 [ 549.594224] btrfs_scan_one_device+0x97/0x400 [ 549.598729] ? device_list_add+0x8d0/0x8d0 [ 549.602972] ? __free_pages+0x54/0x90 [ 549.606777] ? free_pages+0x46/0x50 [ 549.610422] btrfs_mount+0x2e3/0x2b14 [ 549.614229] ? lock_downgrade+0x6e0/0x6e0 [ 549.618375] ? find_held_lock+0x35/0x130 18:53:53 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x1c1000, 0x0) 18:53:53 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x802, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, &(0x7f0000000100)=0x4) wait4(0x0, 0x0, 0x0, 0x0) [ 549.622436] ? pcpu_alloc+0x3af/0x1060 [ 549.626338] ? btrfs_remount+0x11f0/0x11f0 [ 549.630600] ? rcu_read_lock_sched_held+0x110/0x130 [ 549.635668] ? __lockdep_init_map+0x10c/0x570 [ 549.640208] mount_fs+0x9d/0x2a7 [ 549.643586] vfs_kern_mount.part.0+0x5e/0x3d0 [ 549.648085] ? find_held_lock+0x35/0x130 [ 549.652162] vfs_kern_mount+0x40/0x60 [ 549.655974] btrfs_mount+0x3ce/0x2b14 [ 549.659813] ? lock_downgrade+0x6e0/0x6e0 [ 549.663989] ? find_held_lock+0x35/0x130 [ 549.668058] ? pcpu_alloc+0x3af/0x1060 [ 549.671959] ? btrfs_remount+0x11f0/0x11f0 [ 549.676192] ? rcu_read_lock_sched_held+0x110/0x130 [ 549.681251] ? __lockdep_init_map+0x10c/0x570 [ 549.685744] ? __lockdep_init_map+0x10c/0x570 [ 549.690228] mount_fs+0x9d/0x2a7 [ 549.693601] vfs_kern_mount.part.0+0x5e/0x3d0 [ 549.698093] do_mount+0x417/0x27d0 [ 549.701615] ? copy_mount_options+0x5c/0x2f0 [ 549.706013] ? rcu_read_lock_sched_held+0x110/0x130 [ 549.711023] ? copy_mount_string+0x40/0x40 [ 549.715275] ? copy_mount_options+0x1fe/0x2f0 [ 549.719753] SyS_mount+0xab/0x120 [ 549.723203] ? copy_mnt_ns+0x8c0/0x8c0 [ 549.727092] do_syscall_64+0x1eb/0x630 [ 549.730971] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 549.735823] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 549.741009] RIP: 0033:0x45b80a [ 549.744198] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 549.751906] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 549.759191] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 549.766445] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 549.773698] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 549.780953] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 [ 549.815750] print_req_error: I/O error, dev loop3, sector 128 18:53:53 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) fstat(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000440)={{{@in=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@remote}}, &(0x7f00000003c0)=0xe8) syz_mount_image$iso9660(&(0x7f00000000c0)='iso9660\x00', &(0x7f0000000140)='./file0\x00', 0x1, 0x4, &(0x7f00000002c0)=[{&(0x7f0000000180)="8a704678122331cd42c40a33936820ae", 0x10, 0x1395}, {&(0x7f0000000200)="e31fb4acd9e2eb9978d8498fbb88ef1d1a87cccba8d42870571eefb45972cc921311800d34c520c343852705edac297d5c119f14d6a4b03f88f53575ad7221", 0x3f, 0x8}, {&(0x7f0000000240)="3b894ec1bb56228c9f45540170c7a80f463b91fcfe588b2452dd109f4b825a031b24eb0ad7abf78585f7ef63780c1930dfb35a84ebfb327ca8d156114ef23af80faeb39b80bfd8160f52c609af99cd87d53e95c0062c851438b8c7f6be2633b206591c23e849dc4aa3", 0x69, 0x4}, {&(0x7f0000000940)="ce4e8c14e35e315cca1756e28bec7f9bfb47143a5df7cfbbd166b378cdc975d3412c388961ee5060e9401ba4160c01c1279685a4b9c2e2a5912dccea4b6bf1b3022c0819952b1b20b76a8c5efd65e293bd4141a384401de0f9579d762786d95698a067d62803d2b3009fa00a860d98da40e46b3717856b59d44dc98e3164fd36966318fd3ab1498e4499d6d0581fc5675836896992538e017ac59072befed98c81109fdf6396cf99338964748ebfe50bc415109516884dd0335be73b770177b1fbd98e2fffe32b89c5e4ba88712e5bfd83a83a52c971e7534b1271494b371fdfcc109b6f39be154409014f615599ff282a5efba7c24d59b11423486198f7ab5115183b8aeeabd6c4d9a4a996c159190bbab3014505d16de92ec3ba717557da216bddad9db32e8b7866447af883fa20e3f186eaff1c511ccd1d6fb3964505a1c1f8860c57ecb0011bc1b9004e81dc3dadd3bd889feb73199d1486ae050fcaa081e17a4dda33da75e47b512386b9d6f30d8ebb073da4e9790a8bd0779f32ce1820574ad5d1cc83d169fdbffdc0a041ef6d7d0f763c2e07f40e98772c3ef0069d6c58ebe2f38019ca2c415ee4441e97e1c426f9e9e86e1f1fbfb64d11303f37930d7c1c33ff4a6ffa1a62476d6748acc797743e5fb535ec90540622f55a9d47d30c3d0b9e70c776e30995ec3576f4d0a15a681ad157c65b4ab4895d02bf29fea84664bc5bfa004d71ab8f24c394e3f3fbc77501221236e6315cbbc80721a3db89f8be1438ed40374d16ba84d50864af4fe9cf1e792d5c8c459aca2d4e2a925181f6228647f12ca1665486e56571bc78b7a71a15a9f5a0c9faa4ac769ba5eeb9830bfc60d16bfd1cd0e3b56b693af28f669bc8f5b4aad20395474a2ecaf0502ea93539c745692cf54a634ba6748dab34903fb6ddee8f93ae296396caa9482c92f5f19986280b684a28ac7824d629a3d39a5aad998e67349efac384dfd40ccaf8ee79658ed011ec40d2205e5758973ed712d4f1e7544a85b6c8cf682bd59ecc46e35efb8d3b99667f7bd4eedcf34e7a62af2b43c67431c356775ece265ff474cd5c226b08f934ee96f57e3eedd2917e0e0a6d5b745171824e1ea507765f3a955aa4f6a1033122f6616ff74076517950fed80ca1f967015e288b98292bcd2040838e1cfa6b8eb2ec72d04f9b198fa4c49179ac551e2e0a3e85537a78ce46fd6968c9cdbf55a097a1778dd448550d5cfe08c43ebffea6d73d6b06fea76fdcde91cdb0d179759368d95d7bfc8cc5274eea71129bbc24c761ba49c368d2fe3db9934cf589c5c334db3f94caea1c97182b24693fc9ae2225147f82e73d32272ae5f444547bd5fb74c241a9827515a7668de2be067d346ccb74fb664b5ef0d6f68a6556f7691ec6b920ce561fc68e65ec76e0bbb3606d71ca6aa15b8d134c1a1be45517ce081626baf54a8e82b9bcb36a7e8c5592821c54f168540e55accc4f1e11c9121b86898e749ce07d6880ec75dea8e75df2193400b9660f86b6751936d1eec1230b151740692f78423120855fa2c2f1e1def736cbc2540d37275aad9ed9b8a26cd7dd68b0192f57b030e29f3b622af0642f3fcee167d67ed3d3489c5077b03887018353f8ebe60e8b82c1837d77418de1b67ff0f2a3eff41ff84629daf0b99f6c6735220315f302219e494e3770f9324bf30f9e6fb8d5a43a387660b73c06e4a8753c29808d23304f659ca89c621c745adf1c718aa547c5d7f0cda4e098b7bc8cf43f4579d6f86946c996056563a2bef696ae470c564ccef7b9b69038ad1808d6ad4de6967d32b4c90706382244bfb7ef717ca1a58eee934452079991bf35777bcff811ec66dda8272eb40324e65ce9dbe60c6eddd9f952a94dd0acc213aaeecabceea76f9a1fe58a5aa4520d854b51704f4fdc8c712c85efa0ff46e55316904d0449ff3000b1eb03b565487f3057c7acda3252ba219c7e76553859fe76f885945ad04300045d38edca14bfeec9c8af1094a27cbafa490e9924abec519db7c41bfdb0ea7ea59061c56e9460b97fb54b1918bd54510d5479569b17179534d962fc18b2653e075a4c310e81cb6d143b0fa9e6343acf57cb8f374e0d0c847af3ea252b599204f27fa540d37c93cb2f8228cf27b0640ddb90412caf9b94421ef7eeb47f5c717be896e098e1d64da863d281489f5c6f0caafcb49c063a2e620839030c6b47771667d09815ba68aeff1fa2f47df80365dd616243f3851f8afaae4cb3e14505d327fda750716fdb369938f466a22b295f71d93b7b739da7bf6df1da62207865759681bcbb08a95db3b163e06c23d0219ef09854bf40af81b56790f96ae23363c1c6570219e7f742ad37a75e5678ae8fd1fc6613e3ee63e44a90dc8aebba26abe2e5ea728c3fbaa90b8e138e99a213347cadd3b2c8891f1b323971212122f7816d6d816505aa383a537abf253e913ce794cc15852d1f7aabd1431e4cc2102d3a2d25b6665612f8d18a83c607d5a1a51c4b36f4e69f9d87fd578485cfef90044ab47901deb1e076fdd3053c5142e1c41ecb2a508cd0190f428d8aaf487af684c9dcfc30db4c1a38aed6907f7c93e329dcd11d5d2da789e35e4946b6db2ee8bd3e7d3bd5cba90c8a8b84ee9c6d43498f8c112973cc9f09270013e3b140cb14ef12c0dda38e058279d5c9032ca9cad49c1a0b038514010d0f42ef72e7db5b3b1be10d05ce417cedf4b2a69bc37ad450efa1409ac0a9ab66b7a404c1e29528126655ff6b1c4b9d3e93b5f1cfdb2efb3b0a0338541270622c3f018e5fa5a4dc9eec12647c5ebeb67eee689b629139cefc55493c8f09ffdc5be29139ca7345ba99627fe7982a4e72f83439999a0bcd5d56b3a9f5276fc5007abee522283b8a23d2518f9af0c756ab0d31e7b6d639d0e8084d589bc2ce7a344df78d9308de9e4d5a94295dd3849dbddf9adbb0a2c5bef1612bbe9934c7c0129a284533508369a2bf3cbce0c39d026d7a06772a78c9dfab5699214b59cb17f858a81fcda3e58a21c2a60107fabf546580e075a976b633886a705e1f6ada582a0bbca738d13c30b5351b143173d31e2abb75be420e15db59543f80be6f671135010d7fad54e8775b1a55c3c83e42101a1b42ee3d3cb54938543cc6c6d9a797bf3be55223e3aa3e4e73a08099b910cd780b8af3b3f23f11c8adbf8b03fdd11dff6500a3cf2b5bfb1b015f1610939123e6d39d8fc9e028c9bd6828337b4eac0e3cd6dc7ec97624f7888402968fdf99fb05ba24c97436b7d52d3607ce3d6ea38fdfcb29632028f85bf3df8abbc51c28d4246d884b08522d1d2f8a4229f57258b2bd388a6b1eceee88cf1f9c58e3509a1ed20b6cb2c8f957580a47db87f2d5aa3ca0f5785efbaf47b870afa04e9b4c377df76e567b2409f4276ce5e0722b5886906e75c36dff58bf312a0c344c5b5046267263ba9238b74ed013de11ec328fa07ba70e1abe04f8ea43c41692bdbb943a111ebf8d916d4ac12bc1eba667ed3c0be11a421c55d1ee7d805d2767fca36a67ac193810af56508c7413ea8eac841fce11db884e79669ace9a4de38ecd90d13e4d0bf417a63f93a6304c0ba2a0b1d03c3d899e78a250ab7651dc24be279f989a494ccf8bce4ea5a51f3292873beaa14ffb2745bcb22819db93741a496c4a9b2d590dce33c4c6b261c6574828c64acf1b052f06ffc1157c97e7b692092ac220c1cbaaf17124062a9b4cdf82c8917f53169a9890f08eda04847b2b5cd77678ba2b564ad1dc2e35348030c1be083b116ac76ccbeffce98303a84282010f3e45b0f5446f08507410c517b09255cbce80231159c19aa8eee2bc21f1904f9bf2b0cf910ef6ad854537cdd8959a5d37de1687ab326ac6de5a3552d4e3ee67ecae61ad907162fab7c5cc872206ebcd8586677ec292b8d6e04981938042a92fffc01f573df8cd514690877b7627ef8c644d3cf8e3734f1873c5fa270a024aa1cf6bdff3e05759cc8cb5df06f4aea518ea8401462f59853222afb1f8e3f393d31220f4fb6fc807b2386fa5682ba34133a54d691cb92cbe0d7103f022ae7dc8b65f385adcf201d8cc96c8a23d465550dec685786e2efea187703b9b2a2123d0e1185870194e1b54bc5a64c592dab1b2322a14e51c490a227335fd572d90730f4b79ce57393eebd9533a043cb020d8ccc42b04b19e63b37cfa746e42ff4de7cf2eadaf1f1b41e3642e4d71e83a152b386bd78dc75a0c32036e0b80f47f8648453aacd32b4e05a3a0c14202642a7a41c9cfd91806e83efee62568b71e8bb84c13201ae0d7ada535f573681800d0639421bb1c314fbfd3e407e8104b8972bf3a3d81491fe1760a0233dcaae00fbc53cbedf009bda7ebd4fa9a76215ea45c8751d50d158eef68f2499196e178003e6df7de227f9640c30d4b51552b9e0a73027886cf00361fa86ac520d6b3b1969652fa896a571009971a7ca0506fe774188e22790e06651d12b87acd2d55bee0404a54b6571c02fac0147661116f827da0254eccfc9e75b0127656d85538fcafb8f4e7bc3812c49d733e6df2d9144f80d498d66ad6eeed2572690da4ee1f7a99de4b2c6998c02d0235b5d97454bd28756db640880fe24f47f3b15603df9d40b575af48074d75bd3df2bad0939caac6050c6dfc43d80d1fc9fc2cae073799787c353c4ba1deef9b03e80667d09e614bd421c1f3e3bcaecc00e1cec9928c2d47196207599875605fa78da974c81137e033e49f4133da9f6b6a385c36f5513beee6c662721f5b947c0cb2faaa1f72df630b80801726dde29fee7ebcda9d98e6b21a809af105ea1d3d2e021cb9de939caed9a0999d9c58d53604eaef74482c064eed68c7343b649307ab4c6b3eacf0dc07b7c434de27c87811fe69891c28998014eaa9436781714908926a3f34644a58281e5e36bd9e1c716ca19075173a88a2b68dc72ae8b4305b675c53700b951429bba5ba011c0e81f0314651510a96cfb882ba501f6873b223c86c91fdd3ca39dcf46e46e9bf93811bcdf67bde9423cda1e77726e439c16eddbebd2cb0a8a97ba5dc77ca1d0c7a4f8d0eb645cc6a951e0f4a86ea4df95fba4a76270c13d1389e0d22c7a0ab4c9444488caeac314a350b139b0aad2669100df3a653a936435c5d0959799e1275933a3c6b29b2e7f01d878be0336e14a2d2420e315fc163c3c2ade36f24d9bbd8734e0affb338044f968974ab6a2c6c878ea5167d22d8e489ea6a8aaaaa75ba9d4150f382709d96fdd48e68dc4525bb1200a75fb8d50bb5db7253388b88ed22ca3782a768b0fc2f600b17fcefbf7158bf27f62d7b04bc0c1568a96f16cf1be9a4f6bb95797915ce3e38ead30afcf00fb8732b84eaf25bc8b21b05513623e09eeb641228d4dae2e8d62902358cad632ea5f8a546b94135e8d06d381d22bc0ffc4f10b05c0230273a5496c8f63ebac3f686a43a7d8f446c1e41be524685b73c2ad509420a9269d86316b1d5dec39776e8b29a0a02857e687cc4e7e0d119a877a969411d2cbca37f573e7af6d5868fb5eab45482d540543019b88e7fd35f01f462f85e800f0f122d8bf550f0f5fdd22c33544dd4aeb18d5dadcd60cd69a78f0a6e9f612d1181b57e0fdadb265870710de8daf8d5cc00346b48b56fb3f1735dc63ce2efe3474e3791e652735806530b23df27b554bfd66bcdb50df4a7c6d58f590ef418fd2d3165f33055426ff75d7f965025088ac341c5e4537a2e15f18acf30ce3780ec3d83547b78f04b9c1a3ce06747205cae1aba3e1a174c21822b53eae320ccc26912e7", 0x1000}], 0x10000, &(0x7f0000000540)={[{@nocompress='nocompress'}, {@map_normal='map=normal'}, {@norock='norock'}, {@gid={'gid', 0x3d, r1}}, {@utf8='utf8'}, {@nocompress='nocompress'}], [{@fsuuid={'fsuuid', 0x3d, {[0x35, 0x35, 0x65, 0x7f, 0x33, 0x77, 0x7b, 0x62], 0x2d, [0x38, 0x0, 0x30, 0x35], 0x2d, [0x73, 0x36, 0x39], 0x2d, [0x36, 0x35, 0x33, 0x77], 0x2d, [0x77, 0x32, 0x77, 0x31, 0x77, 0x33, 0x77, 0x7f]}}}, {@euid_lt={'euid<', r2}}, {@mask={'mask', 0x3d, 'MAY_READ'}}]}) 18:53:53 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="66643dfffa9aaff9da2df1017588e61e178443eb6ef6eba55ca39cbcbb1b26b857402aa2d76ea1656eaa40e88f159dc6a9a4ef605087fd30138e55aa8483d8d3be5cbb550d0ec4309dd908ff75f1ad404a8339a299dd7c398936ecb35105a461a15627f6ea05afe667fc3bced4d2fc1543432b61397e273edcdafb00d52a77109f8ecba67da7e05f3ffe0b8ce17430cf0562a89a69f29bc74f6ffa09289bafc00542126417cdec8216b1a23a2d8cb053aad5c73213ea77", @ANYRESHEX=r1, @ANYBLOB="2c726f6f746d6f64653d3030303030303030d324c486c96c4a903030303030303030303034303030342c757365725f69644066c09b7a1564d8dd0023753237ca05a0de9638898797a207a475fc2ee75782411af8843d61614e67e57f860ac80728f4039385a3fc4733e11e1caa88dcfb5b220853830000000075b89f027ad7dfa3cee171c775a28678124da83a6377c300a1315fcccd800abe066445efb91977a2684aa29de3a1da3b587b27a35f53b2c3a2d8f2509b283acce3392601afc7e2d1f08e297d4e74c27085a7706b5783fb347624d6869aee6dc9f4ce0cf0a05f8c362625fc6ebe48f3180d4a1edfacd18bc3bc81d703f66058ac4f847eb57dc3db47077c9e0fd0ffd680ecc9a632af2b8af6335ff6339b4e7fe0891a12f122fd7a89bad972bb85096bf83493462c8223", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000080)={0xb, @pix={0x0, 0xa4, 0x39565559, 0x0, 0x8, 0x7, 0x7, 0x3, 0x1, 0x0, 0x1, 0x7}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:53 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = add_key(&(0x7f00000000c0)='.dead\x00', &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)="e2fc7e537b0257ee46ca0dc42db238f9449e1a1f6b142c853f3c3c035d", 0x1d, 0xfffffffffffffffc) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', r2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:53 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_init_net_socket$x25(0x9, 0x5, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:53 executing program 4 (fault-call:0 fault-nth:66): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:53 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(r1, 0x0, 0x0, 0x0) [ 550.320859] FAULT_INJECTION: forcing a failure. [ 550.320859] name failslab, interval 1, probability 0, space 0, times 0 [ 550.332417] CPU: 0 PID: 28403 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 550.332467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.332472] Call Trace: [ 550.332494] dump_stack+0x138/0x19c [ 550.332513] should_fail.cold+0x10f/0x159 [ 550.332531] should_failslab+0xdb/0x130 [ 550.332546] kmem_cache_alloc+0x47/0x780 [ 550.332562] ? trace_hardirqs_on+0x10/0x10 [ 550.332580] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 550.348944] radix_tree_extend+0x208/0x430 [ 550.348961] __radix_tree_create+0x3c9/0x4d0 [ 550.348981] page_cache_tree_insert+0xa7/0x2d0 [ 550.348993] ? file_check_and_advance_wb_err+0x380/0x380 [ 550.349008] ? debug_smp_processor_id+0x1c/0x20 [ 550.400482] __add_to_page_cache_locked+0x2a7/0x7e0 [ 550.405498] ? find_lock_entry+0x3f0/0x3f0 [ 550.409761] add_to_page_cache_lru+0xf4/0x310 [ 550.414249] ? add_to_page_cache_locked+0x40/0x40 [ 550.419092] ? __page_cache_alloc+0xdd/0x3e0 [ 550.423499] do_read_cache_page+0x64e/0xfc0 [ 550.427816] ? blkdev_writepages+0xd0/0xd0 [ 550.432050] ? find_get_pages_contig+0xaa0/0xaa0 [ 550.436807] ? blkdev_get+0xb0/0x8e0 [ 550.440515] ? dput.part.0+0x170/0x750 [ 550.444399] ? bd_may_claim+0xd0/0xd0 [ 550.448195] ? path_put+0x50/0x70 [ 550.451643] ? lookup_bdev.part.0+0xe1/0x160 [ 550.456048] read_cache_page_gfp+0x6e/0x90 [ 550.460278] btrfs_read_disk_super+0xdd/0x440 [ 550.464771] btrfs_scan_one_device+0xc6/0x400 [ 550.469265] ? device_list_add+0x8d0/0x8d0 [ 550.473496] ? __free_pages+0x54/0x90 [ 550.477288] ? free_pages+0x46/0x50 [ 550.480913] btrfs_mount+0x2e3/0x2b14 [ 550.484706] ? lock_downgrade+0x6e0/0x6e0 [ 550.488846] ? find_held_lock+0x35/0x130 [ 550.492907] ? pcpu_alloc+0x3af/0x1060 [ 550.496796] ? btrfs_remount+0x11f0/0x11f0 [ 550.501030] ? rcu_read_lock_sched_held+0x110/0x130 [ 550.506057] ? __lockdep_init_map+0x10c/0x570 [ 550.510557] mount_fs+0x9d/0x2a7 [ 550.513922] vfs_kern_mount.part.0+0x5e/0x3d0 [ 550.518408] ? find_held_lock+0x35/0x130 [ 550.522466] vfs_kern_mount+0x40/0x60 [ 550.526263] btrfs_mount+0x3ce/0x2b14 [ 550.530056] ? lock_downgrade+0x6e0/0x6e0 [ 550.534281] ? find_held_lock+0x35/0x130 [ 550.538352] ? pcpu_alloc+0x3af/0x1060 [ 550.542244] ? btrfs_remount+0x11f0/0x11f0 [ 550.546477] ? rcu_read_lock_sched_held+0x110/0x130 [ 550.551499] ? __lockdep_init_map+0x10c/0x570 [ 550.556024] ? __lockdep_init_map+0x10c/0x570 [ 550.560518] mount_fs+0x9d/0x2a7 [ 550.563894] vfs_kern_mount.part.0+0x5e/0x3d0 [ 550.568386] do_mount+0x417/0x27d0 [ 550.571922] ? copy_mount_options+0x5c/0x2f0 [ 550.576324] ? rcu_read_lock_sched_held+0x110/0x130 [ 550.581355] ? copy_mount_string+0x40/0x40 [ 550.585589] ? copy_mount_options+0x1fe/0x2f0 [ 550.590080] SyS_mount+0xab/0x120 [ 550.593530] ? copy_mnt_ns+0x8c0/0x8c0 [ 550.597413] do_syscall_64+0x1eb/0x630 [ 550.601292] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 550.606139] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 550.611318] RIP: 0033:0x45b80a [ 550.614500] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 18:53:54 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000000)={{0x6c, @broadcast, 0x4e20, 0x3, 'sed\x00', 0x4, 0x1, 0x41}, {@local, 0x4e21, 0x10007, 0x6, 0x6, 0x1}}, 0x44) 18:53:54 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) readv(r1, &(0x7f0000000180)=[{&(0x7f0000000040)=""/68, 0x44}, {&(0x7f00000000c0)=""/15, 0xf}], 0x2) 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c00bb6ce201f88fc44aa14dc3fa3be059a7fb710b348f4b63063e5c6a115f3648f9863d96f774a1e0fa9f7d549bab54b74321788b107a57be456923"]) r2 = shmget$private(0x0, 0x4000, 0x40, &(0x7f0000ffa000/0x4000)=nil) shmctl$SHM_LOCK(r2, 0xb) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 550.622202] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 550.629465] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 550.636729] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 550.643989] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 550.651361] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x3) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) r2 = gettid() ptrace$getregset(0x4204, r2, 0x3, &(0x7f00000000c0)={&(0x7f0000000080)=""/49, 0x31}) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000ac0)='/dev/admmidi#\x00', 0x7fffffff, 0x101000) ioctl$TCFLSH(r0, 0x540b, 0x7) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x65c61615b45fc75) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) rt_sigaction(0x23, &(0x7f00000007c0)={&(0x7f00000006c0)="dce0660f3831d9c4e2b9085ccac8c4c17913bb26ffc14a450f73f40866666566470f383e6c1b00660f3815c1c4a17c106b0ff343db6af8c4e1cde46b0e", {0x1}, 0x8000002, &(0x7f0000000780)="660fed95fc3300008f297091fec422f9a7c3f00fbb9c48e8000000c4c3fd494104cd64f247a6f2f245669043c6820000010000c4a1fc50ced9be7b16b752"}, &(0x7f0000000a40)={&(0x7f00000009c0)="8fca481204ac0000000042a4c46192c2a69cfab94d0066d03f3e0f4b3bf3adf047f7900d00000066460f3adf17000f38093ca7dfdd", {}, 0x0, &(0x7f0000000a00)="ae420f1ac3646765420f38cceac13700c4c1ad761e0f0d05feeffffff2460f1ae9c461795bdc6567f26667c0fb003e654776a5"}, 0x8, &(0x7f0000000a80)) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@ipv4={[], [], @broadcast}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f00000002c0)=0xe8) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000740)={&(0x7f0000000640), 0xc, &(0x7f0000000700)={&(0x7f0000000800)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="20082dbd7000fddbdf250c0000002c000100080109003400000008000800f9e20000080004004e2300000800010000000000080004004e2400007972f8c7a184d6d2308c2190b64fd332c69a5a9f12cce6a5c07e5fa723305bda91dfcbaa04f251ae1b020a4579dcf613dfa284f7310a842f30e9cb945a19b07c63b081fa3766c01245b11f08b008272740e803edf7896018be4f43d0f97516a3a2ef176568eabf6e78bd56c30cf09d8973b107799293c91f5579adf41949e84af07f3fc90bcf4d285570d6bc58523e87e8f99caf0edead2897fcd021b73960a0a1a5c7406335d014b424a70a6c90e60fc707effaef60188e6d9b248f5ff5fc1bb94b89e9df29980318b50e92cc1faec342bbf71f4f180c101fd1cd4457"], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x800) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xc) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000003c0)={{{@in=@initdev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f00000004c0)=0xe8) mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='fuse\x00', 0x208002, &(0x7f0000000500)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r3}, 0x2c, {'group_id', 0x3d, r5}, 0x2c, {[{@blksize={'blksize'}}], [{@fowner_eq={'fowner', 0x3d, r6}}, {@smackfshat={'smackfshat', 0x3d, 'proc'}}]}}) [ 550.733356] print_req_error: I/O error, dev loop5, sector 128 [ 550.805429] IPVS: set_ctl: invalid protocol: 108 255.255.255.255:20000 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="226aa892dec6ed9205a2a072cce2dabc624c443194f652b600112dbe04289711ed316f4879ba1ab2e0bee6c022d72c900ab1cb5e9710fc97006393f3510292ffe75e406144608f0000008015", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) ioctl$TIOCNOTTY(r0, 0x5422) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:54 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)=0x2ea) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) r0 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xed2b, 0x1) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0x301000, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="22455ac4fdfe419847372b74900258ae0d10bb61fc3af22ad3c92e74e4de157037d14d76fdcb0866fb8ae60ad4203caaa81cd2a06cc11d85505c2e02568c744b5a5529e68bdfabee059aaa1c9f3a180c046ba4bf8067be91ed1f0b7f309924234ac2d3869c17a17a4c8b5c1beeaaa7acc15f0bd04d01a794c06be14e856523e2a0e39c88487b000a4f5af201b95dbd08456cf29ab3be279ab5523628bd992d2c7748e9c22e442a4995291bc40d15b34c1a457675d351ea33a600f06bcc1b0657f0605fcf784c8bf1a38aded4389ed183a4c4ec5603907471655dd7a1a6f66ea32ac4a46b419c610e001266b385908f1fab9a24808956b22ef21eb1377acf32e48a2e861714c78bbb422b4f7586c59602e2dff73c75ae2628baa4bf123b1685708cf565ee514ca2feb964d1a2a5b37ba536806ce4f748252af61f0fe310dd67768b974a11a999613114651055870966284426cd52d68de673d02a0d65df5f519bc63900ff4558e71cc60082311ee6", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r2, 0x0, 0x100004000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:54 executing program 4 (fault-call:0 fault-nth:67): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) mount$bpf(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='bpf\x00', 0x20000, &(0x7f0000000440)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303037332c6d6f64653d30303030303030303030303030303030303030303030332c6d6f64653d30303030303030303030303030303030303030303030362c7375626a5f757365723d66757365002c7063723d30303030303030303030303030303030303034362c646566636f6e746578743d756e636f6e66696e65645f752c0091650741974d808cc45d564797f6abe310ff311d5c0d69be9eb2248c71f01d85a8dea1f7c2e5107943ce1f63fca059"]) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="66643db82636d8b1f1b1c78027b1d84bb98746c3c93a271f180279fb7970a8dddf14e4453b0800000000000000bc62be308f8632a81a6722c7986325b8224ff76fcb0f4def8596dce167fb862fc306094ce56ae3e1d47a66fd9acd11fa44b06f37661c7217f639377c89727610113c022181d79125cc8a1c6ca19ca3975b332c1220a5381decfe6ce310d8db724a7a9e0b4a560e1fcf789b13675cb2995f8be6272ee0bb71f23d1ee2ce7ab4bf9df1cf933ddaa11804d57809393604f4f78553b8b6d0ab859bf62f3227485709331bca3a1ede15b690b96a3dfe4e3a85dc00"/233, @ANYRESHEX=r1, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303034303030342c757365725f69643d521c0e7b850dc6f8d8f9d541d7c431b716dafbedf42840476ff782cd", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) r2 = shmget(0x2, 0x4000, 0x54001601, &(0x7f0000ffc000/0x4000)=nil) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000002c0)) shmctl$SHM_LOCK(r2, 0xb) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:54 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffc000/0x3000)=nil) shmget$private(0x0, 0x3000, 0x44, &(0x7f0000ffd000/0x3000)=nil) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmget$private(0x0, 0x4000, 0x54000004, &(0x7f0000ffc000/0x4000)=nil) r0 = shmget$private(0x0, 0x1000, 0x1bc0, &(0x7f0000ffd000/0x1000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='\bd=', @ANYRESHEX=r2, @ANYBLOB="2c746f6f746d6f64653decb0e276938f5637303030f52cfbe547077ed1ae563030000000009a621d25f8ffffffff7161e6a0dfa401952a13f1", @ANYRESDEC=0x0, @ANYBLOB="2c67726f7586c3027515585fe8c11f2d08c0705f69643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 551.044367] FAULT_INJECTION: forcing a failure. [ 551.044367] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 551.056211] CPU: 1 PID: 28459 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 551.063225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.072574] Call Trace: [ 551.075157] dump_stack+0x138/0x19c [ 551.078796] should_fail.cold+0x10f/0x159 [ 551.082946] __alloc_pages_nodemask+0x1d6/0x7a0 [ 551.082974] ? __alloc_pages_slowpath+0x2930/0x2930 [ 551.082997] cache_grow_begin+0x80/0x410 [ 551.083013] kmem_cache_alloc+0x6a8/0x780 [ 551.083027] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 551.092700] getname_kernel+0x53/0x350 [ 551.092713] kern_path+0x20/0x40 [ 551.092726] lookup_bdev.part.0+0x63/0x160 [ 551.092736] ? blkdev_open+0x260/0x260 [ 551.092748] ? free_hot_cold_page+0x766/0xca0 [ 551.092760] blkdev_get_by_path+0x76/0xf0 [ 551.092776] btrfs_scan_one_device+0x97/0x400 [ 551.092791] ? device_list_add+0x8d0/0x8d0 [ 551.092803] ? __free_pages+0x54/0x90 [ 551.142671] ? free_pages+0x46/0x50 [ 551.146286] btrfs_mount+0x2e3/0x2b14 [ 551.150082] ? lock_downgrade+0x6e0/0x6e0 [ 551.154235] ? find_held_lock+0x35/0x130 [ 551.158294] ? pcpu_alloc+0x3af/0x1060 [ 551.162173] ? btrfs_remount+0x11f0/0x11f0 [ 551.166399] ? rcu_read_lock_sched_held+0x110/0x130 [ 551.171403] ? __lockdep_init_map+0x10c/0x570 [ 551.175895] mount_fs+0x9d/0x2a7 [ 551.179272] vfs_kern_mount.part.0+0x5e/0x3d0 [ 551.183752] ? find_held_lock+0x35/0x130 [ 551.187808] vfs_kern_mount+0x40/0x60 [ 551.191607] btrfs_mount+0x3ce/0x2b14 [ 551.195391] ? lock_downgrade+0x6e0/0x6e0 [ 551.199520] ? find_held_lock+0x35/0x130 [ 551.203568] ? pcpu_alloc+0x3af/0x1060 [ 551.207472] ? btrfs_remount+0x11f0/0x11f0 [ 551.211695] ? rcu_read_lock_sched_held+0x110/0x130 [ 551.216723] ? __lockdep_init_map+0x10c/0x570 [ 551.221203] ? __lockdep_init_map+0x10c/0x570 [ 551.225704] mount_fs+0x9d/0x2a7 [ 551.229056] vfs_kern_mount.part.0+0x5e/0x3d0 [ 551.233550] do_mount+0x417/0x27d0 [ 551.237082] ? copy_mount_options+0x5c/0x2f0 [ 551.241510] ? rcu_read_lock_sched_held+0x110/0x130 [ 551.246522] ? copy_mount_string+0x40/0x40 [ 551.250742] ? copy_mount_options+0x1fe/0x2f0 [ 551.255221] SyS_mount+0xab/0x120 [ 551.258657] ? copy_mnt_ns+0x8c0/0x8c0 [ 551.262547] do_syscall_64+0x1eb/0x630 [ 551.266414] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 551.271245] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 551.276424] RIP: 0033:0x45b80a [ 551.279725] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 551.287423] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 551.294688] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 551.301945] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 551.309206] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 551.316472] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:56 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) pipe(&(0x7f0000000140)={0xffffffffffffffff}) ioctl$TCFLSH(r1, 0x540b, 0x7) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0xffffffffffffffff, r2, 0x10000, 0x0) r3 = pkey_alloc(0x0, 0x1) r4 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) write$FUSE_GETXATTR(r4, &(0x7f0000000100)={0x18, 0x0, 0x8, {0xa9}}, 0x18) pkey_free(r3) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:53:56 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000280)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_mount_image$minix(&(0x7f0000000000)='minix\x00', &(0x7f0000000040)='./file0\x00', 0x3ff, 0x2, &(0x7f0000000240)=[{&(0x7f00000000c0)="f83f7a36bed60e48d2830b7b68", 0xd, 0x3f}, {&(0x7f0000000140)="45c8f516dc350abc395d56498b309d15f303ada595ba42a72235be4101bdc928adc83bc8bd21b678830b2b02853515f9614ea618d47f6225ed1860435c986c988dd4b8b6521c6e54ba9d43dacff1784f9c32ac7679992630d5fe20a792e9d87037d59666bc6ec5f2e6b1ab61c28d7649e080b9ee947b142c76d404ffb246c97b3e7a06608e2ca68aa73a4723e2e393a65b555eb27e34596b6e3c7d8fcb20ee32f1da2db97b6d3814d7f78869e4536d4a5a56a0478b741fc792f2ac09a5b8dce3fb5b9c313489756a1652c79cee0fa2262503c8aa17b3d6950e4b98b73de5bbd7ffafbcfa24864daefb431a92871a69fb", 0xf0, 0x8}], 0x0, 0x0) 18:53:56 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x22, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2000, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x41efe, 0x0, [], 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0}, 0xfffffffffffffd87) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) readlinkat(r0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)=""/54, 0x36) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000340)) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:56 executing program 4 (fault-call:0 fault-nth:68): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:56 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000040)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x24) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000000c0)={r3, 0x4, 0x3, [0x9, 0x1f, 0x101]}, 0xe) dup2(r0, r2) 18:53:56 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x2000, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@local, 0xfff, 0x0, 0x3, 0x1, 0x63, 0x4}, 0x1f) signalfd4(r0, &(0x7f00000001c0)={0x2}, 0x8, 0x80800) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000000c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:53:56 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x563, &(0x7f0000000080)="0adc1f123c123f319bd070") ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f00000000c0)={0x4, "8037e29c9ae5f7fdad2ae274a551b1eff4e7d57bc56cae7e71afe9c249e374d0", 0x3, 0x4, 0x101, 0x3200e0, 0xa}) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) preadv(r0, &(0x7f0000000600)=[{&(0x7f0000000040)=""/6, 0x6}, {&(0x7f0000000080)}, {&(0x7f0000000180)=""/206, 0xce}, {&(0x7f00000000c0)}, {&(0x7f0000000280)=""/84, 0x54}, {&(0x7f0000000300)=""/213, 0xd5}, {&(0x7f0000000400)=""/194, 0xc2}, {&(0x7f0000000500)=""/234, 0xea}], 0x8, 0x0) dup2(r0, r2) [ 553.297695] FAULT_INJECTION: forcing a failure. [ 553.297695] name failslab, interval 1, probability 0, space 0, times 0 [ 553.308935] CPU: 1 PID: 28488 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 553.315951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.325303] Call Trace: [ 553.327901] dump_stack+0x138/0x19c [ 553.331533] should_fail.cold+0x10f/0x159 [ 553.335686] should_failslab+0xdb/0x130 [ 553.339658] kmem_cache_alloc+0x47/0x780 [ 553.343723] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 553.349346] __radix_tree_create+0x337/0x4d0 [ 553.353843] page_cache_tree_insert+0xa7/0x2d0 [ 553.358430] ? file_check_and_advance_wb_err+0x380/0x380 [ 553.363882] ? debug_smp_processor_id+0x1c/0x20 [ 553.368551] __add_to_page_cache_locked+0x2a7/0x7e0 [ 553.373823] ? find_lock_entry+0x3f0/0x3f0 [ 553.378081] add_to_page_cache_lru+0xf4/0x310 [ 553.382574] ? add_to_page_cache_locked+0x40/0x40 [ 553.387409] ? __page_cache_alloc+0xdd/0x3e0 [ 553.391834] do_read_cache_page+0x64e/0xfc0 [ 553.396157] ? blkdev_writepages+0xd0/0xd0 [ 553.400395] ? find_get_pages_contig+0xaa0/0xaa0 [ 553.405147] ? blkdev_get+0xb0/0x8e0 [ 553.408855] ? dput.part.0+0x170/0x750 [ 553.412748] ? bd_may_claim+0xd0/0xd0 [ 553.416543] ? path_put+0x50/0x70 [ 553.420007] ? lookup_bdev.part.0+0xe1/0x160 [ 553.424412] read_cache_page_gfp+0x6e/0x90 [ 553.428647] btrfs_read_disk_super+0xdd/0x440 [ 553.433144] btrfs_scan_one_device+0xc6/0x400 [ 553.437727] ? device_list_add+0x8d0/0x8d0 [ 553.441957] ? __free_pages+0x54/0x90 [ 553.445751] ? free_pages+0x46/0x50 [ 553.449375] btrfs_mount+0x2e3/0x2b14 [ 553.453187] ? lock_downgrade+0x6e0/0x6e0 [ 553.457344] ? find_held_lock+0x35/0x130 [ 553.461400] ? pcpu_alloc+0x3af/0x1060 [ 553.465290] ? btrfs_remount+0x11f0/0x11f0 [ 553.469526] ? rcu_read_lock_sched_held+0x110/0x130 [ 553.474548] ? __lockdep_init_map+0x10c/0x570 [ 553.479045] mount_fs+0x9d/0x2a7 [ 553.482413] vfs_kern_mount.part.0+0x5e/0x3d0 [ 553.486901] ? find_held_lock+0x35/0x130 [ 553.490968] vfs_kern_mount+0x40/0x60 [ 553.494790] btrfs_mount+0x3ce/0x2b14 [ 553.498671] ? lock_downgrade+0x6e0/0x6e0 [ 553.502825] ? find_held_lock+0x35/0x130 [ 553.506885] ? pcpu_alloc+0x3af/0x1060 [ 553.510774] ? btrfs_remount+0x11f0/0x11f0 [ 553.515013] ? rcu_read_lock_sched_held+0x110/0x130 [ 553.520035] ? __lockdep_init_map+0x10c/0x570 [ 553.524548] ? __lockdep_init_map+0x10c/0x570 [ 553.529042] mount_fs+0x9d/0x2a7 [ 553.532412] vfs_kern_mount.part.0+0x5e/0x3d0 [ 553.536921] do_mount+0x417/0x27d0 [ 553.540454] ? copy_mount_options+0x5c/0x2f0 [ 553.544873] ? rcu_read_lock_sched_held+0x110/0x130 [ 553.549897] ? copy_mount_string+0x40/0x40 [ 553.554131] ? copy_mount_options+0x1fe/0x2f0 [ 553.558623] SyS_mount+0xab/0x120 [ 553.562073] ? copy_mnt_ns+0x8c0/0x8c0 [ 553.565959] do_syscall_64+0x1eb/0x630 [ 553.569838] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 553.574687] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 553.579884] RIP: 0033:0x45b80a [ 553.583068] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 553.590774] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a 18:53:57 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:57 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) sched_setscheduler(r1, 0x0, &(0x7f00000000c0)=0x7) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r2 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/mls\x00', 0x0, 0x0) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000000140)={'filter\x00'}, &(0x7f00000001c0)=0x54) 18:53:57 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0x4, 0x1) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000000), &(0x7f0000000040)=0x30) preadv(r1, &(0x7f0000000500)=[{&(0x7f0000000140)=""/91, 0x5b}, {&(0x7f00000001c0)=""/156, 0x9c}, {&(0x7f0000000280)=""/11, 0xb}, {&(0x7f00000002c0)=""/186, 0xba}, {&(0x7f0000000440)=""/164, 0xa4}, {&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000000380)=""/62, 0x3e}, {&(0x7f0000001940)=""/4096, 0x1000}], 0x8, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 553.598048] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 553.605308] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 553.612571] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 553.619830] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:53:57 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(r0, 0x0, 0x40) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400000000000400}, 0x1c) 18:53:57 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x400, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:53:57 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000080)) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) fstatfs(r1, &(0x7f0000000340)=""/249) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f00000000c0)='./file0/file0\x00', 0x4000000000000005) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:57 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000080)={0x0}, &(0x7f00000000c0)=0xc) write$FUSE_LK(r0, &(0x7f0000000100)={0x28, 0xffffffffffffffda, 0x8, {{0x9, 0x0, 0x0, r1}}}, 0x28) socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000140)={0x9, {{0x2, 0x4e23, @multicast2}}}, 0x88) umount2(&(0x7f0000000600)='./file0\x00', 0x9) ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0) ioctl$RTC_PIE_OFF(r0, 0x7006) 18:53:57 executing program 4 (fault-call:0 fault-nth:69): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:53:57 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/bac\x10G3f\xa0\x81q\xd5\xf8', 0x2, 0x0) openat$userio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/userio\x00', 0x8040, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000180)=0x0) sched_getattr(r1, &(0x7f00000002c0), 0x30, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000200)={'security\x00', 0x86, "2f13d19b1adfc5da828ec3ab8e11eaff1fb59cd91176e3812a3d620d6a0f87fa38d7feea759526cbd4eae5105a951a446ac78f340d28d39b8fa498f5559a57601b48272471e1d0bc3e7d19ff10e23b709b41caabaf30ce1a245841173e8aafba142b6842fc419e271151dbfb0950feec6d32b3262edca3745cca424bd733c60a29e7d362da82"}, &(0x7f0000000140)=0xaa) 18:53:57 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) write$binfmt_script(r0, &(0x7f0000000640)={'#! ', './file0', [{0x20, 'fuse\x00'}, {0x20, 'vboxnet0GPL}vboxnet1-trusted[cpuset&&'}], 0xa, "3973c7730ce5994852e76dfd6f7b96e6dd4319c6a3bdc472f6b7ee2c2369085cfc44a12113cb84e66cfc309e3bbd37ce9d315856c435a0274b6df2ddcb37544cfcb99262b02b18143107ca76ecea086a0a51a088bd4993c443f0d39155efe6a6f08246a86144ea99bb8d3e5b548e18cef4250cc09c89b0c07af84aaf095123e09cfa798e765a19a684f9304af94fb09b7617d9e85d9f5b0df5ec87995e40631e845dda5ea92d8b42392f32e6de037ebcf56dfd9006a25a95ea758f45a2fb56ec96afe6ecbcb04f7022b5b7d28f0f4b6a8a3283f86c3bdef2eb1e0e864db8548f203a5ca420a569ee2282189211c5b9"}, 0x126) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd'}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) write$RDMA_USER_CM_CMD_GET_EVENT(r1, &(0x7f0000000100)={0xc, 0x8, 0xfa00, {&(0x7f0000000340)}}, 0x10) r2 = msgget(0x3, 0x8) mkdirat(r1, &(0x7f0000000080)='./file0\x00', 0x1) msgrcv(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000001ac3be9900000000000000000000000000001a0000000000000000000000000500000000000000000209000000000000008ec4a0196f5ced4a33c606006e808e52e79923fa06c1192382139ae40af3775b1dac5ff6d352bc5ccce33a733511978a59db8a6d456659f19907a27403d0c11690d942d7082eb6c7bc6e7dab5998470ace562d25adc8eabd0db9cc31c6"], 0x68, 0x0, 0x3800) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:53:57 executing program 0: pipe(&(0x7f0000000040)={0xffffffffffffffff}) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000080)={0x8, 0x54e3}) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) [ 553.885326] FAULT_INJECTION: forcing a failure. [ 553.885326] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 553.914117] CPU: 1 PID: 28533 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 553.921165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.930548] Call Trace: [ 553.933143] dump_stack+0x138/0x19c [ 553.936760] should_fail.cold+0x10f/0x159 [ 553.940907] ? __might_sleep+0x93/0xb0 [ 553.944802] __alloc_pages_nodemask+0x1d6/0x7a0 [ 553.947808] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=26159 sclass=netlink_route_socket pig=28545 comm=syz-executor.1 [ 553.949482] ? __alloc_pages_slowpath+0x2930/0x2930 [ 553.949495] ? lock_downgrade+0x6e0/0x6e0 [ 553.949516] alloc_pages_current+0xec/0x1e0 [ 553.975664] __page_cache_alloc+0x248/0x3e0 18:53:57 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f757020b14010d00558677b51aa53f0ca22c540397cfb83d4433d84608c7958d6a3ae9769e62c4cf6d666b203364ec1323b57a7cab948aec198c34855b0e51083f2f84936cba5029d28ef6f823a3bec06596255990c5cd1d9f94c50d305a98838e14919529c403b091b394c9730fcdf0cb2955dc43edb615817d810a36f94ccf443ce5342a927543ad8cf5cfc4f93789969d0624e964c4395169c45fdfdd5727644ebee9659a0d5011dcee73119c41f0278003f0a09735f947778e92b37487f44ff6df69692b08f7b92", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000140)='fou\x00') sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x40, r2, 0x116, 0x70bd2b, 0x25dfdbfe, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e22}, @FOU_ATTR_AF={0x8, 0x2, 0x2}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x77}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0xd2a38309bd6fea80}, 0x4010) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f00000000c0)='./file0\x00', 0x200000001) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000080)=[0x1, 0x100]) [ 553.976781] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=26159 sclass=netlink_route_socket pig=28545 comm=syz-executor.1 [ 553.979992] do_read_cache_page+0x625/0xfc0 [ 553.980005] ? blkdev_writepages+0xd0/0xd0 [ 553.980022] ? find_get_pages_contig+0xaa0/0xaa0 [ 553.980031] ? blkdev_get+0xb0/0x8e0 [ 553.980043] ? dput.part.0+0x170/0x750 [ 553.980056] ? bd_may_claim+0xd0/0xd0 [ 553.980067] ? path_put+0x50/0x70 [ 553.980077] ? lookup_bdev.part.0+0xe1/0x160 [ 553.980090] read_cache_page_gfp+0x6e/0x90 [ 553.980105] btrfs_read_disk_super+0xdd/0x440 [ 553.980119] btrfs_scan_one_device+0xc6/0x400 [ 554.039117] ? device_list_add+0x8d0/0x8d0 [ 554.043370] ? __free_pages+0x54/0x90 [ 554.047184] ? free_pages+0x46/0x50 [ 554.050825] btrfs_mount+0x2e3/0x2b14 [ 554.054638] ? lock_downgrade+0x6e0/0x6e0 [ 554.058792] ? find_held_lock+0x35/0x130 [ 554.062860] ? pcpu_alloc+0x3af/0x1060 [ 554.066772] ? btrfs_remount+0x11f0/0x11f0 [ 554.071021] ? rcu_read_lock_sched_held+0x110/0x130 [ 554.076049] ? __lockdep_init_map+0x10c/0x570 [ 554.080589] mount_fs+0x9d/0x2a7 18:53:57 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) removexattr(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)=@known='com.apple.system.Security\x00') prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 554.083965] vfs_kern_mount.part.0+0x5e/0x3d0 [ 554.088466] ? find_held_lock+0x35/0x130 [ 554.092532] vfs_kern_mount+0x40/0x60 [ 554.096338] btrfs_mount+0x3ce/0x2b14 [ 554.100165] ? lock_downgrade+0x6e0/0x6e0 [ 554.104314] ? find_held_lock+0x35/0x130 [ 554.108375] ? pcpu_alloc+0x3af/0x1060 [ 554.112276] ? btrfs_remount+0x11f0/0x11f0 [ 554.116527] ? rcu_read_lock_sched_held+0x110/0x130 [ 554.121557] ? __lockdep_init_map+0x10c/0x570 [ 554.126057] ? __lockdep_init_map+0x10c/0x570 [ 554.130563] mount_fs+0x9d/0x2a7 [ 554.133937] vfs_kern_mount.part.0+0x5e/0x3d0 [ 554.138439] do_mount+0x417/0x27d0 [ 554.141980] ? copy_mount_options+0x5c/0x2f0 [ 554.146395] ? rcu_read_lock_sched_held+0x110/0x130 [ 554.151423] ? copy_mount_string+0x40/0x40 [ 554.155827] ? copy_mount_options+0x1fe/0x2f0 [ 554.160310] SyS_mount+0xab/0x120 [ 554.163782] ? copy_mnt_ns+0x8c0/0x8c0 [ 554.167666] do_syscall_64+0x1eb/0x630 [ 554.171556] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 554.176400] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 554.181589] RIP: 0033:0x45b80a [ 554.184759] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 554.192475] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 554.199738] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 554.207005] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 554.214284] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 554.221641] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x800, 0x0) ioctl$NBD_CLEAR_QUE(r2, 0xab05) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) ptrace$setopts(0x4206, r1, 0x1, 0x2) wait4(0x0, 0x0, 0x0, 0x0) 18:54:00 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000080)="bd537f181e1ce241304f9b5e74f16903fc3565887d31a67260385b46a8901e43a4a05771bff2788f909dda86c96194456f43511014fe1a93d3008132c06c2aadf9dcd4a00cf9f0123665b3f103e679c304d5e0f7d23dd52f7d9adbc337f26944762cce2b4d05a8a4ee7e520bd296968b2e1bd2015c3ad9d106e5a0131c53594c273895ad858b59f63683b97709eb4be9ffb08fb13420c898607aa79699e03a3ebc2785fac3a00d513b05f5f33782ab9f5bc0a9e0439da748840d3a133677c21df918ca9acf988a2cb7bcf30cdf2bf25a17f5e73ffebddc82472c02198cabfe4bce1d0c49b3933f3488f88f6a1acc09cc2b7f66c3c395fc7950fb9238cd36dbacd2e0b1e714270c5a0e391f03b195877645585899dec40592d9e3d57ee35bd3d9141fe718d2be560ec1f9acc76d04d6dbae198aabc03e51359dcf1f127956f33649594bcabf96702970a242a7669aff3537f6a5054de4105fff") prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x8001, &(0x7f0000000140)="0adcfa121c129b319bd070dc492b733cd2f1734998375901c1f7b11d14df169e8cd49d2285c24de8b41902310e6728ffbad2f26c9e9ba049c9439e9c4be7a4ec1e53080094000284504be30abb2eab08a42b2231ee538ae6242d83bdfa733b2ac3f644744ca4ecdb4c3858e7b302c57b48025aab7db51207849bcb7988027287946cb988d3dda02544c1f5676f01a6b8aee4101129d32f4d6beb7afe0b6105a61b62f1ba4291f2a65608782a6f541118d3d0fc19af7f3d45480d8090bffc07a42bca55d4d44ba1120cedc0b6e81b53597179649f7b1a455968ea6345701f6f129a125421050dba316b4fb0dd0dedf937522ad977ec33ec5da2e7e83b00ac909b6d2603f7e7155d5fca7a00b6d4728845880df05be60c1e758ec336411ecaca8199ba209d8271f376f4949e7721378280b752ac72aaae40d5c948d1de3bec27b494cc844dd882162cb97e4ed56ecab5974e672bd4b7d9285704b208b8e49d69bb10c0e6ce53d3b899764226f48dc0845edb38d6ff0151cc17972d8cc1a2") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) 18:54:00 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x4, 0xfff, 0x8001, 0xfffffffffffffff7}, {0x8, 0x30e9, 0x4, 0x8}]}) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:00 executing program 4 (fault-call:0 fault-nth:70): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:00 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getresuid(&(0x7f0000000200)=0x0, &(0x7f0000000240), &(0x7f0000000280)) mount$9p_virtio(&(0x7f00000000c0)='em0*em0mime_typevboxnet1mime_type\\]\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x10000, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=virtio,posixacl,version=9p2000,mmap,fscache,subj_user=btrfs\x00,seclabel,fowner<', @ANYRESDEC=r0, @ANYBLOB=',func\x00\x00\x00\x00P_)HECK,\x00']) pipe2(&(0x7f00000003c0)={0xffffffffffffffff}, 0x84000) ioctl$TIOCMBIS(r1, 0x5416, &(0x7f0000000440)=0x9) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) ioctl$VIDIOC_QUERYCTRL(r1, 0xc0445624, &(0x7f0000000480)={0x5, 0xe30629fa3bc2b13b, "89af6aa4e409071d6f866b294ed25e2302abb2f217d027b4dd8781cf9f789f17", 0x7fffffff, 0x5, 0x6, 0x9, 0x4}) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000040)) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000380)={0x0, 0x3ff, 0x4, &(0x7f0000000340)=0x5}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='u\x8fsmr', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 556.709103] FAULT_INJECTION: forcing a failure. [ 556.709103] name failslab, interval 1, probability 0, space 0, times 0 [ 556.720729] CPU: 1 PID: 28567 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 556.727756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 556.737108] Call Trace: [ 556.739708] dump_stack+0x138/0x19c [ 556.743357] should_fail.cold+0x10f/0x159 [ 556.747521] should_failslab+0xdb/0x130 [ 556.751504] kmem_cache_alloc_node+0x56/0x780 [ 556.756004] ? mount_fs+0x9d/0x2a7 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000340)='/dev/full\x00', 0x200000, 0x0) keyctl$search(0xa, r2, &(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000280)={'syz', 0x0}, r2) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000100)={0x0, 0x2000000}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000180)={r4, @in={{0x2, 0x4e22, @loopback}}, 0x9, 0xffffffffffff8001, 0x1f, 0x1, 0x40}, 0x98) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ptrace$setopts(0x4206, r1, 0x0, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r3, 0x29, 0x41, &(0x7f00000002c0)={'raw\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) tkill(r1, 0x20) wait4(r1, 0x0, 0x0, 0x0) 18:54:00 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$sock_ax25_SIOCDELRT(r0, 0x890c, &(0x7f0000000040)={@null, @null, 0x0, [@bcast, @bcast, @default, @null, @null, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/avc/cache_stats\x00', 0x0, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x80) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000100)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000140)=0x2c) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000180)=ANY=[@ANYRES32=r3, @ANYBLOB="81400000000000000000"], &(0x7f00000001c0)=0xe) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r2 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x9000, 0x0) ioctl$RTC_AIE_OFF(r2, 0x7002) [ 556.759553] create_task_io_context+0x31/0x3d0 [ 556.764148] generic_make_request_checks+0x1512/0x1ad0 [ 556.769466] ? rcu_read_lock_sched_held+0x110/0x130 [ 556.774496] ? blk_cleanup_queue+0x610/0x610 [ 556.778921] ? trace_hardirqs_on+0x10/0x10 [ 556.783159] generic_make_request+0x7d/0xa50 [ 556.787567] ? save_trace+0x290/0x290 [ 556.791377] ? blk_queue_enter+0x520/0x520 [ 556.795631] ? find_held_lock+0x35/0x130 [ 556.799707] ? guard_bio_eod+0x161/0x530 [ 556.803780] submit_bio+0x1a5/0x3f0 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000200)='\x00'/11) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ptrace$getregset(0x4204, r1, 0x203, &(0x7f00000002c0)={&(0x7f0000000180)=""/40, 0x28}) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f0000000240)=""/53) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) kexec_load(0x9, 0x2, &(0x7f00000001c0)=[{&(0x7f00000000c0)="30db2f6a6eaf675f163689ffb0908a42c7fe2a3e51cce614c3d094aef8e18d5c8cc7d5b1a340c25f8716fc42efc069f924410a234fb77d5c1f45ebd02ea85f5d97ec9ea7e0a6cf9f44f61a9c2c80680dbec39e07bc332e2a7431d07d0388fd4d47b20618ef13cca5b6f0a78852d113972ffa08d4c5b4dc7b53c742cf53687e815148b2b5beb8ed019d0e28bbea", 0x8d, 0x8, 0x9}, {&(0x7f0000000280)="a222dcd547da1563f63da0e7f0618ae715438993f6c7c0ccd142c4b65862e47b", 0x20, 0xfff, 0x1}], 0x3e0000) ptrace$setopts(0x4206, r2, 0x0, 0x0) r3 = syz_open_dev$media(&(0x7f0000000300)='/dev/media#\x00', 0x81, 0x40000) ioctl$PPPIOCGUNIT(r3, 0x80047456, &(0x7f0000000340)) tkill(r2, 0x20) wait4(r2, 0x0, 0x0, 0x0) [ 556.807413] ? submit_bio+0x1a5/0x3f0 [ 556.811226] ? generic_make_request+0xa50/0xa50 [ 556.815914] ? guard_bio_eod+0x1fd/0x530 [ 556.819984] submit_bh_wbc+0x550/0x720 [ 556.823894] block_read_full_page+0x7a5/0x960 [ 556.828399] ? set_init_blocksize+0x220/0x220 [ 556.832989] ? __bread_gfp+0x290/0x290 [ 556.836915] ? add_to_page_cache_lru+0x159/0x310 [ 556.841679] ? add_to_page_cache_locked+0x40/0x40 [ 556.846558] blkdev_readpage+0x1d/0x30 [ 556.850454] do_read_cache_page+0x674/0xfc0 [ 556.854783] ? blkdev_writepages+0xd0/0xd0 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x100000002, &(0x7f00000000c0)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) semget$private(0x0, 0x7, 0x14) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 556.859032] ? find_get_pages_contig+0xaa0/0xaa0 [ 556.863800] ? blkdev_get+0xb0/0x8e0 [ 556.867520] ? dput.part.0+0x170/0x750 [ 556.871415] ? bd_may_claim+0xd0/0xd0 [ 556.875220] ? path_put+0x50/0x70 [ 556.878682] ? lookup_bdev.part.0+0xe1/0x160 [ 556.883103] read_cache_page_gfp+0x6e/0x90 [ 556.887351] btrfs_read_disk_super+0xdd/0x440 [ 556.892085] btrfs_scan_one_device+0xc6/0x400 [ 556.902579] ? device_list_add+0x8d0/0x8d0 18:54:00 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 556.902594] ? __free_pages+0x54/0x90 [ 556.902607] ? free_pages+0x46/0x50 [ 556.910637] btrfs_mount+0x2e3/0x2b14 [ 556.910650] ? lock_downgrade+0x6e0/0x6e0 [ 556.910659] ? find_held_lock+0x35/0x130 [ 556.910674] ? pcpu_alloc+0x3af/0x1060 [ 556.930143] ? btrfs_remount+0x11f0/0x11f0 [ 556.934392] ? rcu_read_lock_sched_held+0x110/0x130 [ 556.939422] ? __lockdep_init_map+0x10c/0x570 [ 556.943922] mount_fs+0x9d/0x2a7 [ 556.943940] vfs_kern_mount.part.0+0x5e/0x3d0 [ 556.951785] ? find_held_lock+0x35/0x130 [ 556.951800] vfs_kern_mount+0x40/0x60 [ 556.951815] btrfs_mount+0x3ce/0x2b14 [ 556.951825] ? lock_downgrade+0x6e0/0x6e0 [ 556.951836] ? find_held_lock+0x35/0x130 [ 556.971671] ? pcpu_alloc+0x3af/0x1060 [ 556.975567] ? btrfs_remount+0x11f0/0x11f0 [ 556.975587] ? rcu_read_lock_sched_held+0x110/0x130 [ 556.975607] ? __lockdep_init_map+0x10c/0x570 [ 556.989326] ? __lockdep_init_map+0x10c/0x570 [ 556.989345] mount_fs+0x9d/0x2a7 [ 556.989365] vfs_kern_mount.part.0+0x5e/0x3d0 [ 557.001878] do_mount+0x417/0x27d0 [ 557.005436] ? copy_mount_options+0x5c/0x2f0 [ 557.010351] ? rcu_read_lock_sched_held+0x110/0x130 [ 557.015393] ? copy_mount_string+0x40/0x40 [ 557.019644] ? copy_mount_options+0x1fe/0x2f0 [ 557.024148] SyS_mount+0xab/0x120 [ 557.027607] ? copy_mnt_ns+0x8c0/0x8c0 [ 557.031514] do_syscall_64+0x1eb/0x630 [ 557.035403] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 557.040252] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 557.045436] RIP: 0033:0x45b80a [ 557.048637] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 557.056354] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 557.063613] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 557.070883] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 557.070890] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 557.070896] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:00 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400903, 0x90) ioctl$VIDIOC_G_FBUF(r1, 0x8030560a, &(0x7f0000000040)={0x10, 0x20, &(0x7f0000000140)="6b490598b565b54dfac43a3ba2e1e27c723dbcf580cb944d3ca267d0706894801bb81054ecde845d16963cc8205a9f08de22c96627e3823eb24591fa2364f759235751ae4e5e1c0e33", {0x8, 0x6a, 0x32314142, 0x5, 0x0, 0x7fff, 0x0, 0x7}}) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:00 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) set_thread_area(&(0x7f00000000c0)={0x5, 0xffffffffffffffff, 0x400, 0xf48, 0x5, 0x100000000, 0xffffffff00000001, 0x5, 0x101, 0x2}) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:00 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) connect$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:00 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$UI_SET_MSCBIT(r0, 0x40045568, 0x6) r1 = socket$inet_udplite(0x2, 0x2, 0x88) bind$netrom(r0, &(0x7f0000000040)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x7}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:00 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = syz_open_procfs(0x0, 0xffffffffffffffff) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000180)={0x9f0000, 0x5b, 0x5, [], &(0x7f0000000140)={0xbc097f, 0xffffffff, [], @string=&(0x7f00000000c0)}}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000440)={0x1, {{0xa, 0x4e24, 0x3, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x10}}, 0x101}}, 0x1, 0x2000000000000b0, [{{0xa, 0x4e22, 0x6, @dev={0xfe, 0x80, [], 0x27}, 0xfff}}, {{0xa, 0x4e23, 0x1, @local, 0xa8}}, {{0xa, 0x10000, 0x7b, @remote, 0x80000000}}, {{0xa, 0x4e20, 0x8001, @remote, 0x3}}, {{0xa, 0x4e22, 0x7, @dev={0xfe, 0x80, [], 0xc}, 0x7}}, {{0xa, 0x4e20, 0x20, @mcast2, 0x2}}]}, 0x190) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:00 executing program 4 (fault-call:0 fault-nth:71): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:01 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="8c7e54a4fd640e96bc37fcd249e65994", 0x10) 18:54:01 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget(0x2, 0x3000, 0x800, &(0x7f0000ffb000/0x3000)=nil) shmget$private(0x0, 0x1000, 0x120, &(0x7f0000ffd000/0x1000)=nil) r0 = shmget(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil) r1 = syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0x200) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000340)={0x0, 0x99, "9826522bdf978be5800a3f0960e16eeec5e19632a1d0c03d2ff7ca00e764b919185354d9e7369c7f6ed3f1acd9e858b1c5345bb7963b4fc6cd5ea52e11c6057bf49f5701a1d521e0ce5f8db1bb766ea933739e6e32b701a6727edc9ac69cc99961ae5f00e6580aedbd9d3c36caedf53b6dc6b875faf7024a25cf68e710712c2debed8be17199ff02db500473eee70ff1a01c51b0ab353d7913"}, &(0x7f0000000400)=0xa1) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000440)=r2, 0x4) shmctl$SHM_UNLOCK(r0, 0xc) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) chown(&(0x7f0000000480)='./file0\x00', r4, r5) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) setxattr$security_evm(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='security.evm\x00', &(0x7f00000001c0)=@v1={0x2, "d6d92f57d8009f34902d7ff964cb560f4a6c8d"}, 0x14, 0x3) readlink(0x0, 0x0, 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="000106", @ANYRESHEX=r6, @ANYBLOB=',zootmode=0000000000000000]\n@\x00004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r3, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 557.324248] FAULT_INJECTION: forcing a failure. [ 557.324248] name failslab, interval 1, probability 0, space 0, times 0 [ 557.358258] CPU: 0 PID: 28647 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 557.365304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 18:54:01 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$SIOCAX25ADDFWD(r0, 0x89ea, &(0x7f0000000300)={@null, @null}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000180)=""/236) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00') sendmsg$SEG6_CMD_GET_TUNSRC(r0, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x12000}, 0xc, &(0x7f0000000280)={&(0x7f00000000c0)={0x1c, r2, 0x10, 0x70bd2d, 0x25dfdbfc, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xffffffffffffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) [ 557.374660] Call Trace: [ 557.377259] dump_stack+0x138/0x19c [ 557.380918] should_fail.cold+0x10f/0x159 [ 557.385078] should_failslab+0xdb/0x130 [ 557.389058] kmem_cache_alloc+0x2d9/0x780 [ 557.393218] ? delete_node+0x1fb/0x690 [ 557.397111] ? save_trace+0x290/0x290 [ 557.400929] alloc_buffer_head+0x24/0xe0 [ 557.405000] alloc_page_buffers+0xb7/0x200 [ 557.409255] create_empty_buffers+0x39/0x480 [ 557.413666] ? __lock_is_held+0xb6/0x140 [ 557.417726] ? check_preemption_disabled+0x3c/0x250 [ 557.422745] create_page_buffers+0x153/0x1c0 [ 557.427156] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 557.432607] block_read_full_page+0xcd/0x960 [ 557.437021] ? set_init_blocksize+0x220/0x220 [ 557.441513] ? __lru_cache_add+0x186/0x250 [ 557.445751] ? __bread_gfp+0x290/0x290 [ 557.449644] ? add_to_page_cache_lru+0x159/0x310 [ 557.454405] ? add_to_page_cache_locked+0x40/0x40 [ 557.459254] blkdev_readpage+0x1d/0x30 [ 557.463148] do_read_cache_page+0x674/0xfc0 [ 557.467476] ? blkdev_writepages+0xd0/0xd0 18:54:01 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000340)=0x1e5, &(0x7f0000000380)=0x4) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x2}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={r2, 0x40, 0x30}, 0xc) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) readlinkat(r0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)=""/18, 0x12) [ 557.471717] ? find_get_pages_contig+0xaa0/0xaa0 [ 557.476474] ? blkdev_get+0xb0/0x8e0 [ 557.480189] ? dput.part.0+0x170/0x750 [ 557.484080] ? bd_may_claim+0xd0/0xd0 [ 557.487896] ? path_put+0x50/0x70 [ 557.491446] ? lookup_bdev.part.0+0xe1/0x160 [ 557.495861] read_cache_page_gfp+0x6e/0x90 [ 557.500121] btrfs_read_disk_super+0xdd/0x440 [ 557.504628] btrfs_scan_one_device+0xc6/0x400 [ 557.509140] ? device_list_add+0x8d0/0x8d0 [ 557.513379] ? __free_pages+0x54/0x90 [ 557.517182] ? free_pages+0x46/0x50 [ 557.520819] btrfs_mount+0x2e3/0x2b14 [ 557.524641] ? lock_downgrade+0x6e0/0x6e0 [ 557.528790] ? find_held_lock+0x35/0x130 [ 557.532852] ? pcpu_alloc+0x3af/0x1060 [ 557.536757] ? btrfs_remount+0x11f0/0x11f0 [ 557.541002] ? rcu_read_lock_sched_held+0x110/0x130 [ 557.546028] ? __lockdep_init_map+0x10c/0x570 [ 557.550537] mount_fs+0x9d/0x2a7 [ 557.553909] vfs_kern_mount.part.0+0x5e/0x3d0 [ 557.558400] ? find_held_lock+0x35/0x130 [ 557.562465] vfs_kern_mount+0x40/0x60 [ 557.566267] btrfs_mount+0x3ce/0x2b14 [ 557.570070] ? lock_downgrade+0x6e0/0x6e0 [ 557.574217] ? find_held_lock+0x35/0x130 [ 557.578278] ? pcpu_alloc+0x3af/0x1060 [ 557.582173] ? btrfs_remount+0x11f0/0x11f0 [ 557.586411] ? rcu_read_lock_sched_held+0x110/0x130 [ 557.591443] ? __lockdep_init_map+0x10c/0x570 [ 557.595949] ? __lockdep_init_map+0x10c/0x570 [ 557.600455] mount_fs+0x9d/0x2a7 [ 557.603831] vfs_kern_mount.part.0+0x5e/0x3d0 [ 557.608342] do_mount+0x417/0x27d0 [ 557.611894] ? copy_mount_options+0x5c/0x2f0 [ 557.616311] ? rcu_read_lock_sched_held+0x110/0x130 [ 557.621338] ? copy_mount_string+0x40/0x40 [ 557.625576] ? copy_mount_options+0x1fe/0x2f0 [ 557.630099] SyS_mount+0xab/0x120 [ 557.633560] ? copy_mnt_ns+0x8c0/0x8c0 [ 557.637461] do_syscall_64+0x1eb/0x630 [ 557.641353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 557.646219] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 557.651413] RIP: 0033:0x45b80a [ 557.654603] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 557.662311] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a 18:54:01 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x4100, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080), &(0x7f00000000c0)=0x8) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB='000000000000 40004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:01 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000080)=[@window={0x3, 0x10001, 0x6}, @window={0x3, 0x3, 0x81}], 0x2) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r0, &(0x7f0000000340)={0x9, 0x108, 0xfa00, {r2, 0x5f, "304dcb", "fa785ddd2239f284113d34fdcb8b53e333c05c03c130b3ce5e732098fb4c60c2aceae91ccde8c733708e851ca7cb4ec9ef7c2f08a9df8903226f4c9cf300e3dc200eaf35087c39099a4dc5a760bda7df8099012f8689bf6039ef065722e115a8e8ba79b45225313b9bea4ad73dddab4d11b1c8f0e1c03582cedb2c4b150562af5152afe9aae976a1a48758aef5bba881810df03ee23064eeedb377e97ac61e9ac7a0d8c982be899614538b4cd406b956498ce4ff2103ed5950a36184419208e1e191080148dfd007c2b1a6fb5bc4f9e8d4a193bab65425e8e4b1749063454d7cb1886b01b1afac30c1c309e76c53ae290b28e7d5c52f2de01f0316f5d163b1c9"}}, 0x110) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 557.669574] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 557.676847] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 557.684123] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 557.691396] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:01 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup2(r0, r0) getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000380), &(0x7f0000000040)=0x1) listen(r1, 0x2) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0xffffffffffffffff, r1, 0x0, 0x14, &(0x7f00000002c0)='em0posix_acl_access\x00', 0xffffffffffffffff}, 0x30) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000340)=r2, 0x4) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000000640)={0x80, 0x735f, 0x3c, 0xd5, &(0x7f0000000440)=""/213, 0x78, &(0x7f0000000680)=""/120, 0x60, &(0x7f00000005c0)=""/96}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000000)={0x0, 0x5}, &(0x7f00000003c0)=0xc) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f00000000c0)={r3, 0x3f}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={r4, @in6={{0xa, 0x4e22, 0x6, @loopback, 0x2000000000}}, [0x9, 0x4, 0xb6, 0x100000000, 0x10001, 0xbe1, 0x200, 0x6, 0x1ff, 0x7, 0x9b, 0x1f, 0x7, 0x0, 0x8]}, &(0x7f0000000280)=0x100) 18:54:03 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008914, &(0x7f0000000040)="0adc1f12f56073850e56a17e0400769f3c123f479bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ptrace$setopts(0x4206, r1, 0x2c0b, 0x2) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000740)='/selinux/status\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000780)=[@in6={0xa, 0x4e23, 0x8001, @loopback, 0xda81}], 0x1c) 18:54:03 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0), 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in=@multicast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@initdev}}, &(0x7f00000000c0)=0xe8) ioctl$TUNSETOWNER(r0, 0x400454cc, r1) flistxattr(r0, &(0x7f0000000140)=""/58, 0x3a) 18:54:03 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="d363fba0b2c51a62323a90a2c9cc2f11d05937987d7c6d4252b21c78d1e8a5292357d8956eb5f8732d41e07f1089cc9e19e21a7bdd4e744e9592287f2e52fa23fd357e753db4c1d518070729160a51c039afc725d4ebd825fe13e9e8d719a328e64c3b83cde38dd6fe34bfd76039b4122072fec5ee33daf7d3ec3981ccddd64b745ad394ebb3e3cca19892b715de8ffd3b4a1efa639faa22d723d7607dbd774c482f136c74394a7e0c9679bfcf5bc1b9de1c5515d69c9a7647ae367f", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x80, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000340)=[@in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xc}}, @in6={0xa, 0x4e21, 0x2, @dev={0xfe, 0x80, [], 0x26}, 0x1}], 0x4c) ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000240)=""/90) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:03 executing program 4 (fault-call:0 fault-nth:72): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:03 executing program 0: r0 = accept4$unix(0xffffffffffffff9c, &(0x7f0000000040), &(0x7f0000000180)=0x6e, 0x80800) ftruncate(r0, 0x400) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x82c0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r3) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0xffffffffffffffff, r1, 0x0, 0x1, &(0x7f00000001c0)='\x00'}, 0x30) syz_open_procfs(r4, &(0x7f0000000240)='statm\x00') ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000)) 18:54:03 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) accept(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}}}, &(0x7f00000000c0)=0x80) r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/status\x00', 0x0, 0x0) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000240)={0x3f, 0x2, 0x41d}) ioctl(r0, 0x401000008912, &(0x7f00000001c0)="0adc1f123cb612acb19bd0") syz_mount_image$btrfs(&(0x7f0000000200)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000080)={@empty, @initdev}, &(0x7f0000000140)=0x8) 18:54:04 executing program 0: r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xffffffffffffff01, 0x0) getsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000180)=""/179, &(0x7f0000000080)=0xb3) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r3) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e24, 0x0, @loopback, 0x4}}}, &(0x7f00000000c0)=0x84) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000300)={r4, 0x2}, &(0x7f0000000340)=0x8) 18:54:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x1, 0x2000) ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8d0, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x6b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x0, 0x0) ioctl$RTC_AIE_ON(r1, 0x7001) ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f0000000080)) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="666451627974dc7eca9dd6f0753876aa1cf1cce380c72ccf5413bec1aa54fa92b05e543f845cdd92d8ba71ad4019a365b42c1e8576e0693fd14075f188e7667a49af069d20fc5cb20ff1b8c1ec3184786df3c06e77b03cb8b2d68d6d5f02562e23fc2cb4f5fc920d74243b5731dd868646733e93d253db6c951a396c8c01d281bd6d007113e432", @ANYRESHEX=r2, @ANYRESOCT=r1, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c002b388acf5ff22431ab1d001718cc44376b74fc905993fe95c06e39a13fa5514b583d61ff80b3a49689"]) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) getsockname$tipc(r0, &(0x7f00000002c0), &(0x7f0000000280)=0x10) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 560.328364] FAULT_INJECTION: forcing a failure. [ 560.328364] name failslab, interval 1, probability 0, space 0, times 0 [ 560.372148] CPU: 1 PID: 28703 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 560.379213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.388570] Call Trace: [ 560.391174] dump_stack+0x138/0x19c [ 560.394817] should_fail.cold+0x10f/0x159 [ 560.398979] should_failslab+0xdb/0x130 [ 560.402961] kmem_cache_alloc+0x2d9/0x780 [ 560.407112] ? save_stack_trace+0x16/0x20 [ 560.411272] ? save_stack+0x45/0xd0 [ 560.414905] ? kasan_kmalloc+0xce/0xf0 [ 560.418798] ? kmem_cache_alloc_trace+0x152/0x790 [ 560.423656] ? btrfs_mount+0x1069/0x2b14 [ 560.427718] ? mount_fs+0x9d/0x2a7 [ 560.431266] getname_kernel+0x53/0x350 [ 560.435163] kern_path+0x20/0x40 [ 560.438539] lookup_bdev.part.0+0x63/0x160 [ 560.442778] ? blkdev_open+0x260/0x260 [ 560.446672] ? btrfs_open_devices+0x27/0xb0 [ 560.450999] blkdev_get_by_path+0x76/0xf0 [ 560.455152] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 560.459662] __btrfs_open_devices+0x194/0xab0 [ 560.464167] ? check_preemption_disabled+0x3c/0x250 18:54:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000004004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}, 0x2c, {[{@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0x7}}, {@allow_other='allow_other'}, {@allow_other='allow_other'}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x156}}, {@blksize={'blksize', 0x3d, 0x1a00}}, {@allow_other='allow_other'}, {@blksize={'blksize'}}]}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) linkat(r0, &(0x7f0000000080)='./file0\x00', r0, &(0x7f00000000c0)='./file0\x00', 0x400) 18:54:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x12) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000340)={0x4bf, 0x0, 0x3, {0x9, @raw_data="ce1bbc96ef74998c4549fbc483326823c71ffbff59f0f79e54c44096446d218f26e1225e3bde0e2d2208b699f6c32d421f041616b05cea6ac76ab998855f511156d6d8110cb8e4288640831e20cd24be275be9223df4f8ef1e5b447a63ca64987fb126d5d8aaa8aaa2e00fd3d88d3f4de0f2e1af9613a82a89fbdfad804f8774f23603931c3cfa629c398fc982dbd231c60c2f1ea374a24f2acd97b2eb8cbf10e1f8c60d1d31b09b5996497839da0d759792ac4e367d8d19f87d0e282267b669889bbcf492deebcb"}}) ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f00000000c0)={0x1000, &(0x7f0000000000), 0x1, r0, 0x3}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f00000004c0)='./file0\x00', 0x8000000000000) r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x8000, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e24, 0x6, @mcast2, 0x8}}}, &(0x7f0000000400)=0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000440)={r1, 0x3}, &(0x7f0000000480)=0x8) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={r1, 0x7fff}, &(0x7f0000000500)=0x8) readlink(0x0, 0x0, 0x0) ioctl$TIOCCBRK(r2, 0x5428) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="aa00a2aa9617bb471954f6bbf853d24e05553272a4a2110190ca90770c86dfefde3b65a92ea1086ba0f5175ed2ab140da8f795c26192ad03157f06a14d6ec606e441eafc3897804215dae19744e8a6a67bdf28ec6fe6d6db6ade33cab170f9fdf3f8c76c58e096fdf87007132f1d35616fa5d2c18d46bad99b8f4a357f"]) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r2, 0x84, 0x6b, &(0x7f0000000240)=[@in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e23, 0x1, @local, 0x1}, @in6={0xa, 0x4e24, 0x0, @mcast1, 0x7fffffff}], 0x58) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 560.469194] ? find_device+0x100/0x100 [ 560.473094] ? btrfs_mount+0x1069/0x2b14 [ 560.477164] ? rcu_read_lock_sched_held+0x110/0x130 [ 560.482192] btrfs_open_devices+0xa4/0xb0 [ 560.486345] btrfs_mount+0x11b4/0x2b14 [ 560.490238] ? lock_downgrade+0x6e0/0x6e0 [ 560.494387] ? find_held_lock+0x35/0x130 [ 560.498450] ? pcpu_alloc+0x3af/0x1060 [ 560.502345] ? btrfs_remount+0x11f0/0x11f0 [ 560.506593] ? rcu_read_lock_sched_held+0x110/0x130 [ 560.511639] ? __lockdep_init_map+0x10c/0x570 [ 560.516156] mount_fs+0x9d/0x2a7 [ 560.519538] vfs_kern_mount.part.0+0x5e/0x3d0 [ 560.524052] ? find_held_lock+0x35/0x130 [ 560.528121] vfs_kern_mount+0x40/0x60 [ 560.531932] btrfs_mount+0x3ce/0x2b14 [ 560.535738] ? lock_downgrade+0x6e0/0x6e0 [ 560.539895] ? find_held_lock+0x35/0x130 [ 560.544005] ? pcpu_alloc+0x3af/0x1060 [ 560.547887] ? btrfs_remount+0x11f0/0x11f0 [ 560.552126] ? rcu_read_lock_sched_held+0x110/0x130 [ 560.557146] ? __lockdep_init_map+0x10c/0x570 [ 560.561639] ? __lockdep_init_map+0x10c/0x570 [ 560.566119] mount_fs+0x9d/0x2a7 [ 560.569470] vfs_kern_mount.part.0+0x5e/0x3d0 [ 560.573947] do_mount+0x417/0x27d0 [ 560.577472] ? copy_mount_options+0x5c/0x2f0 [ 560.581862] ? rcu_read_lock_sched_held+0x110/0x130 [ 560.586878] ? copy_mount_string+0x40/0x40 [ 560.591101] ? copy_mount_options+0x1fe/0x2f0 [ 560.595579] SyS_mount+0xab/0x120 [ 560.599012] ? copy_mnt_ns+0x8c0/0x8c0 [ 560.602903] do_syscall_64+0x1eb/0x630 [ 560.606801] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 560.611637] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 560.616815] RIP: 0033:0x45b80a [ 560.619990] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 560.627698] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 560.634953] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 560.642202] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 560.649452] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 560.656704] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:04 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x81, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = syz_init_net_socket$llc(0x1a, 0x3, 0x0) clone(0x1002102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) arch_prctl$ARCH_GET_GS(0x1004, &(0x7f00000000c0)) dup2(r1, r1) wait4(0x0, 0x0, 0x0, 0x0) 18:54:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:04 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$BLKTRACESTOP(r0, 0x1275, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 560.680948] print_req_error: I/O error, dev loop3, sector 128 18:54:04 executing program 4 (fault-call:0 fault-nth:73): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:04 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) read$eventfd(r0, &(0x7f00000000c0), 0x8) signalfd4(0xffffffffffffffff, 0x0, 0x38, 0x0) 18:54:04 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040), &(0x7f0000000080)=0xb) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:04 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) recvmsg(r0, &(0x7f0000000480)={&(0x7f0000000080)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/208, 0xd0}, {&(0x7f0000000340)=""/133, 0x85}, {&(0x7f0000000400)=""/114, 0x72}], 0x3, &(0x7f0000000d80)=""/4096, 0x1000}, 0x10002) getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f00000004c0)=@assoc_value={0x0, 0x1}, &(0x7f0000000500)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000540)=@assoc_value={r2, 0x7}, &(0x7f0000000580)=0xffffffffffffff05) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r3, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 560.843402] FAULT_INJECTION: forcing a failure. [ 560.843402] name failslab, interval 1, probability 0, space 0, times 0 [ 560.865009] CPU: 1 PID: 28763 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 560.872048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.881405] Call Trace: [ 560.883997] dump_stack+0x138/0x19c [ 560.889202] should_fail.cold+0x10f/0x159 [ 560.896033] should_failslab+0xdb/0x130 [ 560.899993] __kmalloc+0x2f3/0x7a0 [ 560.903535] ? __lock_is_held+0xb6/0x140 [ 560.907584] ? blkdev_get+0xb0/0x8e0 [ 560.911294] ? kzalloc+0x1e/0x30 [ 560.914645] kzalloc+0x1e/0x30 [ 560.917818] device_list_add+0x5e0/0x8d0 [ 560.921860] ? btrfs_rm_dev_replace_free_srcdev+0x2f0/0x2f0 [ 560.927572] ? btrfs_read_disk_super+0x98/0x440 [ 560.932229] btrfs_scan_one_device+0x267/0x400 [ 560.936792] ? device_list_add+0x8d0/0x8d0 [ 560.941008] ? __free_pages+0x54/0x90 [ 560.944787] ? free_pages+0x46/0x50 [ 560.948402] btrfs_mount+0x2e3/0x2b14 [ 560.952185] ? lock_downgrade+0x6e0/0x6e0 [ 560.956332] ? find_held_lock+0x35/0x130 [ 560.960383] ? pcpu_alloc+0x3af/0x1060 [ 560.964255] ? btrfs_remount+0x11f0/0x11f0 [ 560.968484] ? rcu_read_lock_sched_held+0x110/0x130 [ 560.973497] ? __lockdep_init_map+0x10c/0x570 [ 560.977978] mount_fs+0x9d/0x2a7 [ 560.981331] vfs_kern_mount.part.0+0x5e/0x3d0 [ 560.985806] ? find_held_lock+0x35/0x130 [ 560.989849] vfs_kern_mount+0x40/0x60 [ 560.993726] btrfs_mount+0x3ce/0x2b14 [ 560.997511] ? lock_downgrade+0x6e0/0x6e0 [ 561.001642] ? find_held_lock+0x35/0x130 [ 561.005684] ? pcpu_alloc+0x3af/0x1060 [ 561.009557] ? btrfs_remount+0x11f0/0x11f0 [ 561.013778] ? rcu_read_lock_sched_held+0x110/0x130 [ 561.018780] ? __lockdep_init_map+0x10c/0x570 [ 561.023257] ? __lockdep_init_map+0x10c/0x570 [ 561.027737] mount_fs+0x9d/0x2a7 [ 561.031086] vfs_kern_mount.part.0+0x5e/0x3d0 [ 561.035564] do_mount+0x417/0x27d0 [ 561.039087] ? copy_mount_options+0x5c/0x2f0 [ 561.043476] ? rcu_read_lock_sched_held+0x110/0x130 [ 561.048474] ? copy_mount_string+0x40/0x40 [ 561.052709] ? copy_mount_options+0x1fe/0x2f0 [ 561.057204] SyS_mount+0xab/0x120 [ 561.060643] ? copy_mnt_ns+0x8c0/0x8c0 [ 561.064512] do_syscall_64+0x1eb/0x630 [ 561.068378] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 561.073203] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 561.078374] RIP: 0033:0x45b80a [ 561.081545] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 561.089231] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 561.096481] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 561.103732] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 561.110981] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 561.118231] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r0}) accept$unix(r1, &(0x7f0000000140), &(0x7f0000000040)=0x6e) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f00000001c0)={'filter\x00'}, &(0x7f00000000c0)=0x78) 18:54:04 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x10000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:04 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) mount(&(0x7f0000000080)=ANY=[@ANYBLOB='/dev&sr0\x00'], &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='sockfs\x00', 0x2800040, &(0x7f0000000140)='user_id') bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 561.142130] print_req_error: I/O error, dev loop5, sector 128 18:54:04 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x8000, 0x8240) write$USERIO_CMD_SEND_INTERRUPT(r1, &(0x7f0000000200)={0x2, 0xf0b4}, 0x2) r2 = request_key(&(0x7f0000000000)='.dead\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)='btrfs\x00', 0xffffffffffffffff) r3 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, r2) keyctl$update(0x2, r3, &(0x7f0000000080)="eac39356b6b302ec75758e03965b9ce3f9ba79c45a08d8b82ec8dd1ad2ececff4dae", 0x70) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") 18:54:04 executing program 4 (fault-call:0 fault-nth:74): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 561.285554] FAULT_INJECTION: forcing a failure. [ 561.285554] name failslab, interval 1, probability 0, space 0, times 0 [ 561.307597] CPU: 0 PID: 28786 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 561.314634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 561.323981] Call Trace: [ 561.326576] dump_stack+0x138/0x19c [ 561.330215] should_fail.cold+0x10f/0x159 [ 561.334357] should_failslab+0xdb/0x130 [ 561.338312] kmem_cache_alloc_trace+0x2ec/0x790 [ 561.342990] btrfs_mount+0x1069/0x2b14 [ 561.346859] ? lock_downgrade+0x6e0/0x6e0 [ 561.351005] ? find_held_lock+0x35/0x130 [ 561.355057] ? pcpu_alloc+0x3af/0x1060 [ 561.358927] ? btrfs_remount+0x11f0/0x11f0 [ 561.363149] ? rcu_read_lock_sched_held+0x110/0x130 [ 561.368152] ? __lockdep_init_map+0x10c/0x570 [ 561.372644] mount_fs+0x9d/0x2a7 [ 561.376007] vfs_kern_mount.part.0+0x5e/0x3d0 [ 561.380492] ? find_held_lock+0x35/0x130 [ 561.384562] vfs_kern_mount+0x40/0x60 [ 561.388348] btrfs_mount+0x3ce/0x2b14 [ 561.392141] ? lock_downgrade+0x6e0/0x6e0 [ 561.396276] ? find_held_lock+0x35/0x130 [ 561.400316] ? pcpu_alloc+0x3af/0x1060 [ 561.404187] ? btrfs_remount+0x11f0/0x11f0 [ 561.408405] ? rcu_read_lock_sched_held+0x110/0x130 [ 561.413421] ? __lockdep_init_map+0x10c/0x570 [ 561.417905] ? __lockdep_init_map+0x10c/0x570 [ 561.422382] mount_fs+0x9d/0x2a7 [ 561.425731] vfs_kern_mount.part.0+0x5e/0x3d0 [ 561.430224] do_mount+0x417/0x27d0 [ 561.433762] ? copy_mount_options+0x5c/0x2f0 [ 561.438161] ? rcu_read_lock_sched_held+0x110/0x130 [ 561.443247] ? copy_mount_string+0x40/0x40 [ 561.447464] ? copy_mount_options+0x1fe/0x2f0 [ 561.451952] SyS_mount+0xab/0x120 [ 561.455393] ? copy_mnt_ns+0x8c0/0x8c0 [ 561.459263] do_syscall_64+0x1eb/0x630 [ 561.463137] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 561.467966] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 561.473147] RIP: 0033:0x45b80a [ 561.476327] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 561.484015] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 561.491270] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 561.498529] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 561.505780] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 561.513036] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:07 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000040)={0x0, 0x85d}) openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) 18:54:07 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x7ff, 0x0) 18:54:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) ioctl$int_in(r0, 0x5453, &(0x7f0000000040)=0x230) 18:54:07 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000940)=""/4096, &(0x7f00000000c0)=0x1000) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:07 executing program 4 (fault-call:0 fault-nth:75): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x0, 0x2) r3 = getuid() ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r2, 0x40106614, &(0x7f0000004600)) sendmsg$nl_netfilter(r2, &(0x7f00000045c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000004580)={&(0x7f0000000140)={0x441c, 0xe, 0x7, 0x200, 0x70bd28, 0x25dfdbfd, {0x5, 0x0, 0x3}, [@generic="db167c16cd10e70d25b82fc51a910f416aaa3ba637128e5ae920a248b4514f5e38cdb6c9e0f48c480dfa5bfac70c24d7c1e79cd00d0c3dce72b3d0553507c340dab22b041a0c040836f490232c1aa18112cf67b29280ff9c434cedea180025b3e0296dd6b30cf62518c347e38a2c0292963afc380dbce04472f49c784824c9745b7162f462622f5cae0e765cc934443f8e90f76ebb68ed3c3552e4bc12ac39a8e1473a493f98c056692d228e39ae9bb58ac13e299fd7040b565603da4647cd0874f1a6fa2d67e06f5a058b06b2f1fcc4e4937d0b6a4c2cbcfff0e8b99f94c393de3be71be4e5e0e365414e67a64988b883bb1d2e85d7d45bc9601f3fcc57b26c71aa72b9d36b314b107a98d682bd06c67dc77ed70c65a5c92925698f7b239f270ee537f9347cb5a2fbd7fbb7f48a9946786af4621053b9d326e83d6732ffc75f73719dd1f3b63ffe58c86457f094d4b1010591b3d728d79ecc60635c12cb616fe7712d63ddf72c7f569b9fb55162f669d7b343a0962ad72ccaba286f8bc8fc1141a9421429943b7b1d61ee8b28ed16bad7cc741dfeb12c2646540ac18e6fde69cfa6f079c89e0de3c5f5c02026f5007de0b95c4c570d7c10b9a07914dc17aa9cabeb34c437f578826cabcda3e2459b22c35af0c67a9362f0e13b1081b7e32fca052f4d4783ff7a949fe8da1d359609c9daec30c87aa641cec1f0d0c1d8ce2b441cbc2e5b2382db2be31351a54955d6c21127001065004f9b91ce5a633b90568f0b9cdf659a10bbfd494ce24d1e5ca1de0f57644db410070bbeb4b4e9994517d1e51beded22eef57823d8883450e58a4adde076bc8598b1bb7298ddcccb8e90b0c87e1b5ec4be36fc57fb257eee210ccb19231765756b5216a0f8e45307a0c12e368d7d23952273e52725b4f07cb09fbdf8dd7a50206763ae2fedb72493ec2df06c03d18f2a02b9621ad67736dc30f0f039365883fac73a5030b3e0d9214ca9e1a74d8f0f584e3395d401830341deaa41d6a72342811839ea77092415c8abb9f693254e5328aaef11ff5898d9b6fc23bd5afc9e09b0713cafe683a4edca6f3fea10153670613bfdaafbe37f0a707484b6065be5cd33278d3181e7ed98ed165e4ab3b7222d784670a9a11dd50d5538553a2389a84ab2c6ccbaed320581e2e2f0801af673483295f36d4d0c1c5b3221fe9a8c034973c5f649bed94217558c0351fbf450994a27b6e3c2360a6e608ad2550d77465528c369885f22c08aa1a18d481bb1511d4ce12b0e4ded9cb0d8dea0e739992bf08d764ef699cd658de7ef430f132f95af6d076066bc779344a8b8689d2ff6feb7a8b701a185c27e3289023d9fd7616699367a264791eccf69323b17b58095eaed26392f7bfd4ffc700fcc3df0ebeb19bc4dd7bd94574c66944d02df6591c208424d0454d03566091a27499465f2644b7666a7bd5401a5a7a4cae3cbed1fa36c618e7ede4cb74b75f85b211b102fa13b1f1dc3abaafadd4e8ad0dd883822a5a37e9cc1db3752e5b19e8df084035a6a70d02b4a2c5a6ba2c8503b18ebabca6c4bbeeeef7463b55d1ecdf42a5e661a57bb5f6df5a0212dd22ae860aa62c56223f460fe4a76527591906daaf1e06260aa57acf0397f66d2ac040ea9fe436b5773159ed15ce936cc01a2864a1ef572cd558619127b6cc61972559adecc7a8dedf3a6523506b81bd85554601036481865ae125c7b67eefef980e8fc21ab0f09b9fb79cb0fa2cc3de789d02270d3fc46ec0e120e8249ad14a22304ececbf6bfbe8c96569dcb43a6bc344038a283930d0d29493976d50bdb7eb0cde40f65739859f29bcce702ee20d85b58680c5168cac946c337cbadcb27320b8cf78393acc5de7d7c57da136fc9621030164537b967ecb47f4f6a647b0ec36aa7e8b548914425d57087a819c86dc41ef47b51baa57d6bcdfa3bb202aec1f5e98dd283e68ae156c753d89929582d2a315c0c2d57709ad781a4622d845bb20f492679dc3e3471a85e952a25eb6053a5405b286f18beec3854ee65ed167505684d91dfeb86c1c90ffd09efade09c52ba05c89aa26e11d76823d8df07aece97a51e3c4b4eae28b5690ac043b20e5ef4e20b90b8a9daef42aba0b18c6ad3ab0192a843aa90111ba36df17fea085d13f47e207b1ebdc30cf7f2b7e79d3703c1bf7e25689ac4390d760c6d04b3c4e6ef2437a693f674234f711e605c3f349977573f9541eb8bcdccc0d417f5a5ab6e957b0c31c29de45772ab748019312545eca54e387984f6732e02741d38a42fbfb18e65340c5a5d4e9ef07a6a9ce6f223ef18882e8931298e797777a2841313afe76a46ad490394a5978ddb6a7955b4c3e407daff2a0909f5daf2b531c98e2e3b47c0e06a531f48e47e6a285f6ba7eec8b1171dd1c55ed9fdd36b830d00dd54d45ca05b4a2a7112817d337e7ba2f0cef7f2af3feca44ea5589a6809a769d8c3bf03e5f0be2506ea6ca45eb00e858f474a04cc1fa25c8b488e11a4b9dd0a9ea2396717d1bcd0a85c7f683888b6531101bf29859b938a18fb857bebc73d1d1aed92958f34c37b799e28ba93c0ed92dc7a43d6debc463666013513eb10c60d1d29516d45dfdca778f8bb923b81b548ddda363fefad4c809169eb1731381ae6a6fc78fc98e98e712c1889702b2bcd56af792b8b303f33180bcfd0e6e8e3063783e9e054c763d0868582825932ce3ada4fb0eec72965c394dca7316b660b47c25369149d46180b157f30b36dc7b7348133e2a94a0b3b88431867da38944fa8d713b1a7267526024d17198f6b3f298d38c2dff3a64299e91cae57ad72d3fad2543c2a17251ce08be8d1a615f361e9ae09976d1f61132f172801452ede5cad5538ab7ab7adaa0c6adabba3f77a59f9a842e7a5173ecf65739cbc3f1e48782582a600f19e11d38b643e2c870d5cd40fa00c14b9ac3a4aad711eba17c6ee23ae912144eac938b8da5cfed040f077bf9bc24277e0d4530ffe2387378a046ef02d01af413aee2aae00285b3e6466e309e92fa82dbace286ace4229355525ff7c8830812b96684fc2d6d3299c3f1f41f5594f356c1d5137846cb5cc02535f532d5ac3d075ae5659c35b3861892429eceff61478e79945b9db8e91901be25ec5e1e4ffd8a0e3a427af4f37e29066f6caa30edc8fd93790cfaea3bf4366a58306e2d1bda05c62c76decefd2fca153ff3b4e4e742808f00e1ef01c1a84e2c77118b8a3a32c37d2a4d0417d823670f5b398f6ac08fd17742bdebb7bc1c9b4a977530d570a7597cc01c79a198fe4bf4dbc41c6f3d88374f8f44d41b03fb2e3851175567b6978cfc3cd923b08c277f926cc15ae223410788eef95586b26d8376e5295319c9650e4a157fc34bccecbd3b6f24ce7b68012a1005463c6318a4156c3d042ba37063a95c0504d6d3e39bbc76e1fb9c06a1b0cfb6f6d36fc090d393ac142fa52bb665c6ebd8aa71751042eb4cde58ad4e2a391babbee45f70fdbc9cb643b5b250adccb756085eea369ffcda8955279f1af3baf51cc7ed456d25743a2714defbdb9466079b98c68338f2a44c5f90ec5c51dbc0d613b29e0c3b084af93e2cf55369600c7811d9d54370b3189b5a62548cfed24d71ed11cb00bd9c0aa9e4b2e57d89f832caebeaaa104cdb8e8d33414b68c8a9fcd459b62445173263e3c5cb0804c994804ad8c2e013dcda90158f988835f047500e5df34d0b15230d3cd27f518c2f35adf9b203c8991b335e28c3ed8ac8ed9df8e060be02751a8498afae20f6a627a6c81144f1227ef2a7fb6c86410a4425a432af4420a9afade4cf3d38e4c3368618b6fe7b4a8261148f7ed7a2b490296150dde4d43108a953ad84ba8c92ce5b7e681e4dc98e68c561f6b1a3e2257354444b30a864388f0bce5832512ce94df0222206745ba0c31bb3a0be372c1b33338fcfea27ddaf110c4e94b3c98254c2c2088fe31abb794fd3c0c120dd3cdcfbf5b4b0ee860d6d768d2d8ab4d6c146c172dcfc5d5cab2f8cbff43cc61019515d166b51f5c544f8e4944b4012f9e663b07983a3afc200cf95f34347fc7823b880ecec0b15104bbab2e2d48528bc8ca1231270220bcd39abf865e4388a1c970b0fbc4dbe06253b6fee7f5638cea9bf391d603894f774a07c37a30e19cf8d8a733d66e3b0dd18a089c63e81edd534be9d9772fbbd302feb1d43593bd56461a9fa3ea659c8203fec749f08138213f4bdcb07a9f2c75f27f954f55476406ac029b0604ac37f932f5210caccde050b1de0e75017c5a8f48cad690f63ee6a14a83328865392d2f1bc6b2e1083ab86336b4b5cc15fe9f496d6008720871d9080ffa7da0211ec42aa8fd9a0d8bfd17d5dd720f18e4ba28168448f6b57ac2c29643e2ce9e5db6696f179239875fae56877ed24f74d39aad159915e0a7b1d86ef8d7289d2c001554379c2759fdcd0fb8e413aa5190be94cf88426e920fd2395ec21831fe12e22e5be93f8de05acb602eee26fcf7d8998b47f89f20fe5803b5be5c602eb0aa1e6093569512ac5c24fd571fd9559937706fa64fab6db819ca319120265cc46d388ba4bcb8e233929587c481136e1fb866edb07c1d242b50ebb3b72aad6e14794f547eaa8bfe5fbca0fd90fef19e1205787f18c91d821758fbc74d972925feb2c75bcf75838ac5718bc48bda74d8df65f0c6c49d16d06ed8f25132a5ed51fdc8523afc6d96b0808317434a24b0d91763581790a8f741d42653ab6832040fc9445d396d229cc7d1e7626055f7b912779da08fe6c0a4c1ae7b3289aa49fa308582adc0895f936406f17cab23ab80fc64c94c991385e353bc4739c921c6b7d17a00ec09a3b7f919460ad2aad49c3e2c9e0530a1e421a3e286bc5a0f2c8fefbc02c93f5eaaa45cdebf479cb7b6ddfac659b842489b8f86a20bfb80596d2ea204dd97f64120f7445708d63712841ce8f06f05943aac51905391b9f0d910665a942f0b7d32ce22dfc42313465f4091c6a0ffea8cd8a3e5e483b1d9ed829a89d7a8d1e863a37cea43161e7b411aa490e302ff75d2732ec274356f0b15392ad1f5147cb9cb8d48c88bee2a6f5a3a8271e1ba1278677ea0eeed3bffd5ca7b49f6275bdf2c0f9010d39e284e70e4340c1a100284cac0a7c8a5fd7358c8265911908aeb9aecd6ddbf029757b2b6b5fafce0febffcab714d19f6bf9bd61f7345b323a60eac95d810c3cc737d51484451af0f38b6ea6ebb04102800efdec0dda541287efccafbcbaa00fbc3ed79d65aa0969b523f30d653dc7433ba3d8671100ba09df687f269dd968037b6d09fd90b494d80d8f3958c2cb5d96365e666eb1f85d49c4ee7034123e013ebdf80ae6d1a1fc73753426cb896c53b6d53ce2c26c904aba0c0875b1e4b202f38f890dfd6c744a263ef60d0524819e32857fb3fe8acd23adaedb77027f1873fe7b4a7d7f482d9ca4e4004cce3a78c0955fca73f162301652fd0063351ccd6293cdd3ce890d35b7a4b94396147ab18592e55a5713a4831db35301eb54c26802d4c30b2e4d49cb23396695a518ba39b6ac5e30630b507e8a0da42ec784ed66dbaa0a7302eed52bd7a640cbd6204ad78b9cb1e57a3b4f3ac83a30ef20b47982836acffd2d7412123ad0a3af69a6b7bb26ab5cd7258bc6004ea80dbe7b1dea6ed3c1797b13ef31c43b7319a6b514f02f12c739b7327d9a22d0ff55243047185d06dc28cbbf14995e42212c8ecfc43f30811c7de663cf86c36afb6f3661bac174169883c1315c8ee8fd296772a3f9d66e6bfa5eb049c603034634468bcf8d69379113", @typed={0xd4, 0x5f, @binary="462add8c03b4651d8dda34014d27f104a1665bed92a1fba856563a32bd0dff0b02a60bc1dc09f06d6236de541f46621c4fb1802ac446420b244ecc2be383f8497cf455291819fbdfa1dc79428aae6141d18ec53e6b41d658aff8a5a82845564efcd875c97dc9715e968acb391cfdbe97194ce4c57e35cc897e90fc693a583bccbff60de341048ab0d9a42c427f5d5d361492ac4f21d70390eb76ce5d940c893332bb0d3fba37dc0a238df775d303701395fc6cdaff0fccb6c2b412c38bc3cb1cf8596086ea25b7cdeeed70ca10f93d8b"}, @typed={0x94, 0x11, @binary="2d201e6244c6f788b8523c5b28435c48f1dd92e79841d23e71e66868aed97a97db54c47fe39258c6cdc872de63bf0fcdfdd3dfadeade0f47689b840e9b37be894daa3674f37a71f51d302974646738a111463b32bee4bd059a9b4ae9075de2ac5c1c4a2d4b879eeee405aa7745cdd848fc7b065a857861f0f3d0739598440d3e805d43d77c9bb991242509de323989"}, @nested={0x10f4, 0x49, [@generic="537e944d2f847db21238499fdec920d649700c9b43506a26adfd35c2cad0ee7052d47bfddd93d82476186fca3f0a7f84e2530f7583738c5b9176990d6618b3bd26b236fb333741aa24bbeb21", @typed={0x14, 0x2d, @str='.{ppp1)vmnet0\x00'}, @typed={0xc, 0x62, @u64}, @generic="cb4932cd504a5a0798bc0a8448fc8871e406ab9e9ae548fc4a973079f5c7fcef5fa2f69331f3fc1d52ee2a62ae72290f9064e581e8dd21fa2984bce1972eb4ee878da0f25bd0f24f36ca78b8df2b945229fff94c93b00b6029e1a3a71abab4be30015cfbb78db480e7393931d22bcba23f7cf785d9b3251e423fce8434dc1e02157fb6c70487898fc4f808b1a8977d192720474c8dbab6b473a24ecbdfcf61eacac9a21062e26ebfd8c727d3637029f28aebe2eaea50f4b1f44067413a6547a63509aa4b56dc914cb51eacb8e2aa8d4e0fd6e4e2241cbc3c02344f35ff423d07cfe718538b02c8aceef42a9cee78373bac5f06340fc7736e0c6b3d71d8b0b487f3f4ac741810cbc19826cc4768ceb2ea430a0469aa5b6ee7fe0d900ef45b9185ddbf05ba6a51a8fd0f0d22f44411bf564fe68d1b4afee1ea8e1dff239f3af0094fcebf3a05b157b12849a31e265e263ca6dac9fc1a9e2d3b41135d605120fed3c4106861fa6d2aa33c7da6228bac137b8cf8743b5e769d817ebb19e61bb13a130ada0105201072af6ced764277ae4d131f46a92a2b6cc02aa00b333a6f8c5582b3c26a3154eb9c62118fec7b17666d4fced073195530bab6bc54ce8259dbd119e65a5f78822f5e323152833fbdd51fd9cb5a12897e8f66579858c7383255c5ecba51733135a2b00a6b87b20247378cdce59907ee9cfc0e64ef3e5f504aebadf9057c4e7686e343714ba04461e7f0207fc7fd7430576c1f40450bb328d8de68c0515bbdc18f5c92691b354e3a32b046b31ffa7e7e04854332ec52bfce6c89b03b1b7f6ba5b515df0aa8a29779c395819594ece43f1a507b20ea62283e9f5593f186d8a71a4774a5c5f84b98a55cda91e3da6fae0247436a743a6df79be9889c721d828ba62e5b94ef6fa81ec85845c0ca78f05ce9e3420b9b3329cf0d702c9dd5a0c03804fb1ebcf6f519c4126604df7e82ad0ffee15f4cc644b4370735cc259d512bcb2ba609b0a2f0f585a1ad257e1196dde0392ca84ea072ffd6b81cdbd8345881211710071f2a4fa1096fcfb06eec0c019e01ecec5723acba5292d1a92156a688a96ad00bbce72b1712c2c073de37e5e86738c67b9438b1b3e17ec62e9756887149cb0de8b9d55ef1c496d2662d7796363de2dd4c99949e6b6b4e7d6fb7169a374d0a81cd32312716efad46a4c45c9a21b37a6d2983eb76e5136f2a781d758a4160fd50e5121347b6aa910c5140d7fb8b425275b65ca4d388598c00ee606ea2df291854ef4079825d613bada9deec59aa9ed6a51045230c6fcbbe03494e0f99372a629b3bf433e5d748f56b966843af6abc52a2295afe0a5279153364d8a38eea0e096b0c028843ead7c3b44847b196c6672aa1448b2e5e0adba152e73989ec98e301499e57ba8ee8414e6769eef87b02ac4d84d031c03583db79fc243222af7733f2ec884e69b399356af83ef9f02619a1ff9a8bc2783bf9996c9e928dc4924561ea6824adc68a35f39f54e60862b19bfac75a7340512d262af7ec9853e7c90a6773858e56051b516db286094c9dafa125ea078f31217086673999f49ecad9e8973a5eb09bce8bbb46fa604bf7e472ff71b7697026571ffadf826f74119133b94dd1af072077da22c38c3c47a17f69205e2e9e97222dcc422bcec55ee5f96bc44f54eb841beec5a4e88f5385dfe2fc7e7744b3165cde960d15e74bff87ef1c578404c748ee524aa2f7d6f0c447b2123ced564cd5813df53a86c14b51bb6533216c95863633fbd77cd234e712b2b1794882c64354398be35df5b27a043f8fb8b306a76c41c726daf996427edba3b5d0bf751552394f931deba06b361ddc4b1bf24448094b2eb26dc19a47911ca424a2737e8d92b6c51fc661ed0f7a2d1b61e4d3b20bce7a9e90f23796faa75a8460e9670c535fdcb203c06ee33e5ca85ff325590cf6f6c3775c39834928ad782b83b240215eb5f3e84c826d390d29f7a17f55bcca7fa022458549e391b2e99deba8c8719b2b1e499bbee3457040fcf45d3bb6b62bdffbd0c94944bbf0727289ba7f1b1f3ebc7d6e6f92d3d914130870fa69235c7bc82ac52aa395409f22388bd6837a5ea9faba24ecc2dba42ff8c45033ea923c5541468d4f039a5776336a2a3d1510d2f811a6cc59406aa33ad67e35224ce9a3ab1d0238881e622b536048e348eef97506a9d1c73fd178540fc9a6577f319fdec8e12154c1927ef5ae55b47dcf7211821ce68c94798cbc4963ec2fcba590bd8574c72cea71540708af547869259663902037dc003bd413ceb1921eda7d34d71d5af9dcae45659cf6d8db7d5598860cc659a681b83cb356d2efe7bb3b3dbec8142b8a8362b97382750c8ef4315a531b508325f3e07473ab73da7d4a3d85b4b32fe420b9744eb70f50f7f64949910ddddca1326f2cf239d0abf5896611549468b2599d6d193dfb4d1ad4745eff546d689514e438501d499e75c30e974a1d093dc8305801da9cc6e49e306b4065d09c0af16af3d968bb1b45c6253c914f24a9d95f26e395c1ba1fe453338e5b5d181eca61e75e345e171e2c78129f60d0d365467e79cef1bf1a8974702a008eee0a926d8d3515b7a291b7cd04b6faa670e303947d18a21dc08f50098f7e4affe27c1fd83f4cb81c657654b2fcba2a59b8f8de496a388d78a32615cea911306ec18f4df34d32ac322b4263503d620ef959a0b379510f62f1af6aa975f11a81045f5fdf3147a2bd40498180d46f8487bb0f933e26cd5c529f927067aa416e81d8cf9d6e1cbf8344fd6b770f25f38f549ea93cb666e9d297f5e7892bbc19d4a202929407d58a110f905665c0688728fd6c007faa293315b4077ed6662d2f27acac83f3e57ad9f34ea29d997f0b54de2c609da1875336d165c4a2b2ffd7363898c64ccf40c8181ca45205548ef9f8663bfe56c73c7b452912245e01ad5fcb9b4b2a37534ec3ef7933f2de82f52da369ee50c1d89dcec2cf7ba306a62b0e44382025e385f3d58c8fbe6e7700faf44466fc80212e66c2845d4ef0a484d980055d020da1a6f2534f130954b7759f69dd73b787edf32e2cbc2f5400f4bec058ff92168cc8ccb13695389bf66b3c27f3d8de494ca9ef1d65a60ecea8b19d898884c4fdf0e1a5f6ce47043953da6684365cd48c5b5603758b76b95ff343d11405fdcf0ca93630497dbf90544f329ae0feac008fdd3f505d1b0014947149c9e73575151c2fc6539bfbad5809957cf181da07ad71e93138a6155ff9acc3f054a8cf034b2875f1aa7f63f5684092b6dc82abccbf9fa91ae138f322b58abd9001a1a8cd6dc53b53c430d28f2a616241a79f2222da329648409016f4487a0d8ea466935d0fa954215ee38e39b6a8e35f22ecf13480ca704a8d5f52fb7024802997e54d27d2c2599840f9c7a9e291ac08c3b15293a4bdd3e006ec71cd1d05c96e41ea1094dd01a6927f60bc61d2e6f792ab8cc50ef939876fcb612f4e38555b86bc46b77223dd2bc9c8c85cb15e2b341e064f8543ae1db5e9bfef6007d47ddd79f0342e478c434eeba4f7c3be22eb8b35a62151670cc86649eaa99a8c228104badc0fd1182e04ef3d1e82a4bdbe55ddf3ca9d57bafcd12bc2047a685800f89b06e49cc34889854087a0546698a4f7183a007a9c5e57ead1b1a81169358c5e281ce2999b806ec2313e21b6c3043145e023506a28d1cadac6bbfdee63e74432df39a8d5cf4acf87b6892ebb690942ea18a70db0bb718a6f46f6a8b2195f9f7b4b965ff9222acd4616408a56776f9fc32ad4b790ddb462d11821d4bb3ff0bc06efaeb5227ceddfcff4262fcadcea0010e34b636f8d79822ec37e2f4e238bdd75ed9dbebad1fd2f1f1c0d62a1eebe0da7cc5c80b08b1d6ea3ff5a2f8b4cba004fcfb8f78755e346bcbf5cdc133e7410293552195912a1ff1431411ad0b3f21223df49f5ff21e47e989132fb203fd22819ed41e1cfe8b0617baede5a8429b38b66067b7c52211cb8ecb2d0b8d3c16d9153d3018b1af898d5e5db44fc2ccb20f8973ae94f05776b6b012001fb25d1f98adc90c2fce0459c0f4c01829b3cb7d799a38fa90b86df3dedf9a01a56f99bbcf0d9afd1ba83dc7cbcb8b8ee30431b63b606db6d4fddb40699ff61f1750ba781a0313227180bc5e2c97661f8787d782cf95d542b75605d4b7a9e24dc51a74b6a521e48974dd8455720751835b745bf25650e9e87b2f7cd9d23d74f2262bd88da33c1d40f8ab0ee51c7a06aaa6cb59c5ee38dd06341ced75ddfc83c3f53f6352f4bac579369491bfaa1199dc6494ee05c79d997763c2aedf0a3a5a6b0a2d63285d809b68bd6ba0d1b1d05085d942a6e7728849fa98799410b8d8d4477a7b73587debf850dca0296d03a6dd672bf19da96ea6ecdc335b96184db24d07f3cc0eaee0b83cce10aa16c8333d14a0baa95b2f37b8e976cd2cef974a1fe8a200540fa762d779659476240db0f18bca594bf519cb48be0936d7ecc6601fd40594396dcbf5bce41dbe7eb3c0cf06bb10903de4134e0c84e14c0b48b34a4fab582af3c82aa71da80a5959e312825405921cab48e8f9d3258f06c1d2214ded6ff46f1214e020f7eb5ac386d69570d69cdf7d47b1d27557e573308acdabb98dee0f400e3253c220d6288f41f823a2ef8e911fb93e7f1363b5b0cb6e637fbca9640cc912638e16c5c25fbe5caa4701e6624d5ffc66110fbc6a77445a7b83d3a3a126afe82e87c1ff5e0205912b6b0af8de77302f37236d7ae787d9520e5dc8cfacab286fe8eebbf1fc0e71d485b61980c66ea50efb2fd12ebcdc2e02c86ea1cc504462bea68db0c68cf793cba7e5bef4fdde5a42ef386dc34f213ac697ef8c8c2e97579562ce2ef888d6bae6517a24bdd413d860eb6d45795b790e05f57a80d116dac2fd5d8cb11708a4af506509b81a67d50bf66141b4d01838b2b75db1e22c65bb01a66707f694c0313744999decc97c52f890d850408ebeb058aec7402576e5b42037cfdbd5987a66f3ece8fa432f9d65972790f1f997639d8e9516bfdd852d53ab846fd39107ed3a9e4fb3d5870e2ccf711504b9ef00be4d7f3b268c7476e88869387a195d1d0d5312434f97fdda4e47f209be1cc09f05922ee31709679ebcc3b6a3823bee32e41e2c7b01a87f529c01401665b07c55796fd110b38fe063ebd09c183758b06c876a47dee47a3f0242298709a61915fac1257127ec60ce833c7849ddab6d1466241bd154239b9669e34a98f54ed1750bd4cc3240fe9f2c61c5d7dfd70fcc2582377c2314de38a79581d1842e2c9545aa8dd5c18ee7bf19a0bc68291b9dc4193e45acbee6c50eb37de6bf06f6b02250b49e0709140af9bdb0df008c666cce0d349c6d3f1c7f9656e08785f2144b0dd85a79c6723ca02339fe77c8595f42381f91a1bcf761a7a903d3174a0ef46d59a6b686f3fc6070f1b2f7028bd1960525a1ca6b81c455c0a753115665d02b0aef7132803deddffef915ebd99e56246d703da6c784d41716b9f8e62fcc7ce522959fa3e3bf7c8feabe41d35f6523a3a48c864ea537bc8b57c56652a14bdcf22937051ad3cbc4b352b81de038f211a5916818640cd6c6ac82e7699d0a7ca780f108d7fbedfd6ddfb1ec6b33151baa81d3fac3711a4690b807082ff2c07ae6daf6e0eae26e657eeb738ff507e9f4902abbdd5bd29211917964a6a4177f06bb0853fb97585f706346d6418ad2053e5469c4ef2ad99b48ed6a8e2fb791d4a76167c3a23768ad9a732486f0677dbb5a834f910c14e10f1916e746583da1c383beca9", @generic="7ca5474452399c5699e28f065fc63fe76f7be38960e6dcb3f49fb2ca9f655a4608ac4309ba5f61e48c5769d9ff6d087eba9742ac6da3228b34160b5e7265717a1344629fac6e43f2639db40dcb8b39d7cde720f205571cc6e92d07a285d838d448c2462e307cc4c5eeb1a84471b7654127de61f044b50826c382b0bdfc262071e062"]}, @nested={0xa0, 0x63, [@generic="cdf3bcc1a0a787f88214f07445522103250404cd0fb675437f77c1bd36c832e33a74d725ca6345355b282473160fe3643c1d82cf813397dea2329e08fc8e466657861cb7430d496d26cbb7e1cae23933b39eaff95cd99ec09ba818d79b47e7133f9347ed4c0bf515d3e85f94f3f88afd4d6a6a2b6d0a80e966ff8fa09ecaf5c9eaa355dd4794b3953d707ac28951fb0984d289c7e00c2339fcc1e9a3"]}, @generic="978038a30cdb9e0a021fcd695cec79ae8addf3af1b21bb0daea0430a08baab0081f35e8b96e3bb7c193dac7566038cfbe366f7a1460dad280221868cefa74768f5dff5de8c6408a238a6add92b4bb358f368cb8d4505bc60e0d613c6bfa8e4f694ff008dea2da42d097aed0a5e2dd9642bf5c832f8b869a633dc9f49e6c67f8c69cb89ef5849d76bf29ae4a1d57a05ebc6548c2213e1159970b7392bb3943169fae5c35d4f3cebfcc6543b0245d2759d56f4d644fc8e20086734d9fc089c72ff78e0ebaf5463675a0e429bd51f8508f75522edb92e443bc22d152367feddf6a348d30a948b4584a1ca53a777800c4f4f35835f284de47c0118adea91cea7d0ed49fc326b3e55b7b5053475df341a13e253bbf6c27db40ee6790997a91f042172bf4b2c03a1ad903072327b5f4243a65510f276db31de280eb5b6944658f60aecc2234d671c2a960e0eded57a2ba171e6cd4f26fe8bd06ec201998a3a319524b2c6fbe7862587b12904026248ddcb06575b067a14d24ccd509c4d6c50a7133ba5f064cd951919ab6efd4fa38977ee690465a2a0d2b29e7808e8b65fd3537dbe76a22b95b30075d15a4e79ddfdae64512d901b57a3c00bdac65b6db6a10e58d4116b4ab198e5a315188a7b244d415bbe76257de5b8be0ad9abd98603580be8b7eb32caf91283928a701e5539977e0ec15ae06556da15bfdc6244fdf2b0730e52b6a6bb9f166b5a2de928e364cc5cb0e104a1e8ac2cc717f37751ae4c4c7a7b022721e603e40f88a924ba62682c9d178f1fc029b65770ab2e799672c11bfe0d38703fb4485423c591bd4b263156cfa9f2147194ac1447294dcf0ad0c7797791b9096606f332d929da70e2cf03e727aa43ae90baab02a7e0955fca470d6a0289cc884bb99111f78dc9e78e49c3d354330f1e0be70614a2c741ad9083dc9230be575ee45a812c37bb41b1ae968f8a1e06d6b2df6eb8dab8bdd5b130623f9da5925ae62d90a841d16439e441487714cee7bcff06337ca9514e4949f52ac50b14c0e82742ae6d3d029676cb45be28d9d311d37e3fbfec0df3992bfb285881ed2baf78bc3fa4c3a51601bba3b67f003782e9aca9aa7d009ba48c62951e02df6d69ceb059e48c98008f2f7202baed846cd2837358490e9f31294b4bd639dec9670993bbd8f2cbbe419df54df9cd3ee941284e5c6ef39fdd95389fc7a96a36b8fffe9f973b10a3ffea6afedf53047faffc938a730cc45dc971e7e80f54797a7823eb481d02fabcbd4cb03811079145a750ada9dedd7ac195c3ef209b7f9d228f1bc95e20d142584e223e39d5508b66fe0834a1a424ae0a580cfda57e434a39d1c02043b89dadc6f4dd626ae6dab492aa1c69abe9b6eda8a47a8e9eb5d531ad991f28098dac64d3c996c3fcbd469899b33cf97dc54dc9e2801fdc7a9e5f81a5917b57928876a9d472ed82c5f3797405552f517ddd08d7964783b1f1c816106d210f9057fa17f45c15e53ebaa5ed11425021c82745d6d7ca45560b68da4b89be4690558a6ea522432122c3b3bc692c73754875cbed9c3d49a6d400795791f6bfee5d4f7a04022992b649ef6589ef8ccf0314b0dfa33924bdcfc7025e76310251cc2a7896b194f3c841d9fa910ccab6e2a6153b7b67dd2cb1142ef8deb1a7795361a65de6191d91c215b88881dde7a5ce795ec5bc739166ee6d964c8c09e02053df7599edab0b2aa23d3235d71561124e20f86b63f2495758c99cbef7c9b121c1fdada6353435707fba9c085786431ef580ed53372898946ae86c5d04aa4eca752be3fa50dba9a84b0fb7db1d2b4df61130b0812e4467e462af2baa587724dcb4a3fac2ac640b9880d819e8ead5095f8881eff74c57014b7005663488039b17d64d64e2b14f8784440747ed8234200ab19719a22808ae650f5015bcefaee4c1ad61a1f7ee872d4001eebdd5bc1c0e10f7f77146fb24af80292d5bd551fba7f16c3d6ce3603988c6bcbd5ff77461301e87bd9eadebeefba392f96b24456746a88049b0a8f6535aa9eaf2b12345d77fe5639489f4b9540cbd6e584e57502a481d5ece78fe5df7833566d8d8942be00d5fd04f73000cfa6f69f313241b452b8fdb8a720c418866ed0515a579d4cfff5bf6c911ab578412aef60542a9bca3d62366ae114a4c73096af1e28d26a5335436b4c87d60859f7589b301570c5d59607686c7d250f43acbf22ed940119591322bb786d10ca6ac6251b33dfb67b89dbf06b6f8a7a9f984f9bcd51507c863f1ce9c34ca1247e1a7fe19690564e4c18be2b6c59b2ceeab2a9fb283d7fcd3daaf6923ea17dcb31fd5f65fc48784a0ae9dd32d7b320687c84113180b960f6c157b3e0cea428d0693283610530b12c9c8d1bfeaee641713281c91113ec5b5bd1fe0af94ba1ec8bf7b969291a34fbef32b7ad6ce3ed4c0e304f9bc7e9f73b747b4e040b71720727e58a2961b40042ddb370b5de25e2cfbc709b1a1ed37abcd0db5270fe272829fad87a866929e19439e57867778ae586f6f9170a2a3710cbdcb2a9a8b7cf2df0dd606bf046f595e79dab2af137589933d164d30aba02cf1348ce372ba72c4a6c03db3e783234bf775fe085f4254edb4347742dae1d2d06eda03be3ee1defc37e5fbe1221c8e26bd8164cd0d40981160ae0d98bd50a76478bd3f02ecd9d8c7f54cad1cf09284143203a72b51d345d78e119e5f83e08fdf9da16c8a83a732b6fd22fdd420425f8911fd43f4191656e238a670b7e3afbb555b52004cfcf2c99b867eba3b30cbf6218fda71accec571411bbfc0ad02c4d392920c94b04889e7c6364507df29a83da8ccce8d99af883224548d56df922b5cd7fe64244f983b7b6a1ccaa8b3f8ad45803116f1531d6eb863bc3248a4db030f7d91cb66e32f055ddc43e26329e67d5f12c95b151b55e2a8dac0580b34fe4339d532370e0692bc7346d9063d2348a015943f164fd10f0296fd37b201c61ad58938f0714ace07bb391dff5f8bfb5489d8d8131797a79562478c0d82316eea8c0d70b4e327982243f4608ec033ad0e4704a9bb841a9962635fa09a4541e8e8e2c15d544399385e7d8acba89bb74bc2d594cdda04590a498a5e2a5ea71b81cedc177490da6035c3b54a20f57f8717b5fc18c1b93f148b2eb2b765c87429e4dbe24ece1d62b42115f1b0881ecede96a462895b1732ba318375041acdbd0e48f241b4d3b739e409d8bb7274b25a217e16a27e67eac82cf60f8329e0822ff2c5440aeb0a35ef36d203b128d72c7baddf376ca75f3b85f6e1bafd44319d27e65ce5651cd2ca110ff65b0dfac94d3eb0aeca1a833e030d6e1963751b9f41a110efc536d8c0614dcc77e1f274189de43aaa2cac74a37c8fc8d145806a918c6ef1fc9df8fbe496de42323212542799e489f17359e66cea8e96d6ac98cd889ea50e6359ae73f6dd48688d53d5280660d8f9286b0c2db8d3534cf97bb26a3f0020dd922c95a602a8dec397eb2886960f59883d9e5c03d4f5f5a86e765bc7aace031844685d60917ff8410165067aadb2769119775ff781d1c58e05f45ac93e9abd2e6277334226fc84bd3ed9b52b023ccb922e8a51cac6d0fb2dfd1f2e9eaa1a2212042dd1f8d9baea1428e9d91faf5e3c6b23903b2b7be4a79b049875f34496ec29b0a40aff396ccf353e6ba2c37a76a4061005230de9a158aabe7e8d314f56a31e42d927f282a2285d0654dee0386aea55099c0ab609d753a1e9e69a55314ae68815ad3b29056ee372f7d6a35cad73ef97d77afd0bc43fabfa9814daed157fa5188834ad2f18a3f894299320dea78fdbc957046e43b20c2d1a7890ead25fb9619e13fef5441e291e2154b4b5cf6a9e8b1b321b046db91a3f8558f933b5941841c872caabcdb8b81d8dcab26abc556b02b1278b6c061c169991a464c5a614f3f35e7afc38bd4bc56bfdec827f2672d95208f0380c011c2b558e07c837df8aa9574c600ba1c55ba03131f1b36a4f932aa239c7004693b119ce7643dba03fe72487214606de0948de99c8b1f548fe11127583ce122d65166c2701b8b470bc913884edf851b9f6c5228561827af101e3a9772134e5578fdd4bcf1f6c8a7ebf62675db09a138815ecf90d25a49b0e7181adf8c5bf82549b658b65c42df51bd4fad45a4c7d3c96cfd5d64fa155a50ea33a543053e3a3b8ec33251111f79faebf20499fca8e8ddc2ea500d8a4fb6a05037043f30ccac07298c1adf2ef67d41f475bd98f88b92b16e903985d72b76b4e5a4e78a2323bccb018b7464ef33a6280f35afb79660bd6ff62e4647f27e5798ccb07ecec1cca862af1919e1164799eedbe2792b6e43485de0ea9fbeeec7a2f4fcdefe33295ebbc0e76bb50489fa74d7a151e9743e7a12561d812aa5ad0dc49554ef15db6a198a6fe60db0d6c9ebd0cbf8698ce40d7fa015454619b2965da6de072f85ccbb3774a1c80c6c0508380b0189b1c06bc7b4f06dd3149c85ff80846a92e1d9ed38140d53e03fa949411bd1a8f53086ed6a86ac9818e0734c0a32fcfb9964a9edb6a51a04a80712e800d20e3d75dfade72732c0a953a8f5b821866d67fe62a0b9ea8679944e605f8a1c28b96bf364d56cc09b906e97706a420eac60a31cdbb4b716702b636db28ae92f586925863daf4912b67e9fcc8bbafdb78865a41288236c4d06a7919b26f117ef7b7d04ceb84698b001abfcb481bafc065192f6d575db3aee80038f39829e98047e6ade4e3e631aba45f978ac72ed8de13521209d08020486a720e2c7deeac3cfe34a1f06a41e5bc319dd1634925460b59213d333160ebd6310f0603717fb629312d114d6a1b50a82cbe19107720f8f24136ea00abc6be3f847c96998f4a183fa3d3a9859053a5bf19881fdf87e2935d46070618a0657ef1a4bb972f98fb2e3679589f8b4acecf8cd4bc0b970fa2f68f028711e5bb0771ffa658849973855e7aefa2e495e14e87bb39bcefaf31df121d465e9a0841e3451c8b8b0ea14e036b694de0e1de2ba21697eea498860cb17750e89b953692b80a4774ce1fd52feecdc1d317351a61712200535e47a8beb247b67a61bcd3bd2f787555c08c578cf60e9e273a3876c931ec3b67131721f630875b38b23408335c8863e77110af410e7dcc1876d20564cbf9865440727110e26dd42278c16cf7572e0186b7c8c3f4e836aa85f70ffc5ac417cf0bb6ee15ac6c6da3a3607cdf3c4d4de594e8cd90ccc769979a8eb1ff1e4309a5e1a9dd6eac39a4e81bec29f776ee0a4658c0867fbb954f321a53c68db06fa656eca60fec9033249310e7381284a69a82041ed98b5ed0f37a0fb39fac02c1c3ec4fac36b5e33be55683354b13b3802108fb0efaf3a9c57424db60eded11b0baee86550d9ca883c30f991d997729ca7d81e98fee18f73a328570cc72f330702a7e747e6359658a71e527aa961b446d10cb68eda22eaeb65409411120f22113fb812f5ca9045e3117f965326c053114a2543d1d4af24aa5c37ce1ca0a98e227edb3cad16dd96af1e9f55372b7fa879a90caf1cd5924e02260648cf2c5acf160e22e1c468310dfa4a89cc3b46567590d7200d044aa863e96edb58a514560c56df9f2452b7394bea5a67de9ac98817f3e8c7318f0d55b5d5976a31dbcdd94395cab3be42a23d0a401a1a8545886f8ed9b46d766f2aa816b475d56c12234a32ed44fc6401d2f50ac56c234b0fab34b73c0014768e646c6fffc7a882a2cbbdc66583f3b901aee81d63c23bb2be1788d528fa25fa91d84a697d6b93d6739a9e446f856513df427fdbb", @nested={0x1104, 0x8e, [@typed={0x8, 0x58, @uid=r3}, @generic="4987589cd40dc1d49b67dc1962d6672f870d3dfdf807ca9b65d9461197a747ab91f8d6a356a4c2f6", @generic="019d51ed6e6182eaa79dc737b2bd0c888d196ca99be428397618d628d8dbc648c583dc69d638eea89d0f07ed43d0d7fc2b2e984649d914e765a0b7c5f12567be5978bc4ed1e16456dab4a23b71bef3bcb1fd4d79c5e0b48a61e63dcb2d981cde28d5eb675e32f2acee18b8dbac27a06355e1bc046b518e", @generic="eed9eb01b63e0171f17cbae3af0daefb1816ee5dc361f9d18e7c66e2f14654f200a4e49575542332cb709f98fb179aa917256f3d0ef26e29fdf8e58e06b90a15dabc6aca24a04b2d8ae07a5a70167f86ceae68d9e8ac2eb4efbe8ec07e0dadfb12c51a8896d41ff2f88bd42358814b459982e6b0fc55c92a129055b5dd1bdaa67ccbda348272bd3a6225c89421e6ef9b90d64766798b6a320d7c6be2e0e5430c28381dd967a3a4d1867d7404d1cb6725cf2b321aece73be796d8eb059598adfc411ee6a80343015d433a9a86f75edab0467b42d3f072573ca0a9019cb2d22f44a58b31c431abb63998de44b7ae0eae42089e30b98be28b1935ce957a7875bdcdbc617770db05caafef2e043c9538db46ecdb8e7552fc9ec7dfea6e000e22a16ca0be93d8095ce379101af07ed2c7a1b24b7648025152e85c8e76ab84c21fe73eabb8cdc39694ea5cc543d04b81b03a755d37122bed59437902daa6ba789f672cdc91e319d39bf8a275f006f7a6c5d4adf78d4e44b551b0864b38c7653e47032182bc3d119275e21bb9b4efffd362c1717d3608416d2c570432b977068948e4ab8a5a0b54e82bb965d37e4d42dbf8bd23cf2d99a6e5a71c0e9dafc7fc5c6d9f75e7a3c69af60649124ec660f9429391b4c6dc83c0ee14dba9a5eecb935d9ab57f723c285b4af20fa8290f0b8386596ff67c58493e4cbec523e334c26df02526856ae179f602516567830c0784231585c4bbff314e6c073463f538081823fbd9930cde01f634ac755b15b1ccd356e9d743a8127d8694bb5930f3d6fba40934addf7d790e65e07a27d4c4eca89e30b0379f1957df6d26eb76a76030955ea08906294f4838c96aefcb34f5bdbd55c8269b8042caeea67acd6d871edbd3f73dfbb8d452dc22c399d8837bf7ead0c37cd8f01a47f2fa4c03019fdf149f43f5b8dd789c2ee7012de2b95ae1e4ad14e71d09ceb359f233f30117dfa923623fcc5089f4cfe8eab6307a049a159972d21f7da8b339f8cd54c3efbf305ba2a37c3e141d390d80a0100633ac4f3dcf6e83ed7a4c364656baa3a1e6b4241d2495f2ec69ca66972f9a31b0e1f0904ba058389338584af5b19cfc66dd3e38fc406f119c1cd012c6e3a2a735926e64779d90beff76feab1f0f4fb1f2698be81505174e7ea5852e7ccfd9d6ae324bf5f10f388ea9b3b776b57dad3299476b945da25a662014ee7ef40091c8bb73f19a65d5656c2b977bd0f304debe8bc608b6ab1f64bdcc7869933b3fd5a2f8025e477ea20f59a6bedfad034a9ade7416813512f2a36e93e263179bd314b591e1ee5d6423e5eac4a5f353d5d34113ee8725335cbb8b678c878435ab443d0b068ffab9559a2a59e5912436ec5c372f6b822b8be54d61d8116781c936f636dee638d1dbea1092a250a0d68fb74489e27e328ab082f746740c355ff8c0a0610f8ccd9f1af89c72d8cde426ed35c5c9401757feff2efb67549401d8cd32997736f36c265086c2a0685430ad85d8a3666296496d18096669241c9a2c7e1e5c37aafce478341224109ad5d8147caad51917236df76ed925d1a57fced93de197f6a334eaadd3186aaade89369ab33af332e034c2a754909dde7d9026700fdcd106d4f2373b64cc5deb3713b54fad3b4ebc5c37b35c8e3a549db463db6cbe2b7d59ffbeef3e56fafe9a419f441a0331f3b382dc7d5795be95b8448a4dac1ca21e0c0b7dde535a291979e12fb32205777633e486d4fd81d8306d2297e149f888c87ffac84406a782cf1d2455ea579c1128f182e2e7d7b1f08953875b2d1972bd9f45b7c4388c6b952f0b2e9216041252b3d35511a4ad483d5adb3f2856d9f6d6207bfabb1cf21398a0ce87d23cb411c6ffed3b25b39c82f2293ede7c7169bb0579b46d954299aae877e9569e69d072d4d800d991b1089658a717fc04a03eabac4506c9f914fd430f315e64ded718cfee7e935c817223aa13877b47fb59486196dc9b6872a3271ef2215cddf48fd2901e2c83f83d7e1f5069e3ab6adc99e3cc7d15256b8e82a94d9e73e346671b52223bd8aff3472a839cf95465bb568dc20e04c2bb6ef5cd17bc6b2302e3db061d9f2180dd97d18695ff798dd7465999465e444c192be7e41b7b23e88a14e0778f4d4323a7f3114a7a1899253db106b802f37025dd8263d0443cd4d573182d4e81ef46ffb2343fea6be927209797b5164baf568fbfdae50b5e02e267b4c1d04c8dc5520d4fe77de6a7d760f979dfee5306eb08fcded373f78e869384cc8f7f530021ff8e5b339f1ff31ba12eecf68cfd61911235e88ca630cb0032cb7fe4e12b8d747076851e21f7132c3e7786f266b6a54a6866b486c8a8c3a96cb4efd077a8de2004fd3f31b1dfbc30845c457877200df0ed56d780dcb6b23275797e8142f0168ea1962c48d886f182736f186214415833b9327ce4def5fe9b06a332eef1f041fc0237a2f0319c22a85949a193094b15fa712755cfcf0cea615c65c5eafca84782ac00a950df437356d0c09cedef4d35baca9c2366e350a074173467ddf520bc33e623a7baffba6502d18c19fe65d96b230d520a301292449403a102c74ad71bc226897445aee38c363250894ba21a45158dd208172c838e29a77e1dceca46f01713f97ec1ba4ba87f10e70c27bc98c5bec04445206b2c8b894aad5c7e0c910fb344e68bf9315379095b0e0aa83abb216494ec71413a130baccc0cfe582f1ac86b4a56a1da39652ab5d3ab936c41e164e49ab86bd5744a8aa4a86eb3e3e14892e1c9ed2f6831e54d0bd98c768221819cc3d3a860255dd6c900b4d1d4f7392d1047b14c8ffd57019f112382ea2d483951d8d99d9f159358bb15c9b5269622dcdc3426f51f934def5d534508cfa184e074c497d16b37d3889111c9b3070308416f71937a8f6a9066ed99c87cefbd6bb82fc0f6a2929c871776d126d36ff50482798ca4ebeadbb6a891be22dae75b619135600f3fb55b2aca5fb01ebc656ac23167883935c51a61a69c284fe5302487cc39603df17ce191ff877d5584ff39763e870cbd7378840ad715b3aae24411955841664303c171048f555c710fcfdbf4c7807472e3d4ee27e2ea6ba646ecedac3605d167282a15d1c8ecbe3aa03a12bf42026373f5ec0af468662cd294653fe043d9a517b27ad598fde680d6597158aeaff50c3959c6811d710207773ac43aaede7879ad66d358a51aaa0cc6125261d6275a55d618cf51f44f8940710e2e9eb730cdc98afd75fc4a0021d3cdc38912929b6e165bc31a44bdc40a0581e2151c45617528a40f5f6d608e02f43cfb6be0adacb531f79992c339aac0d01ac76679411a7ceab3f9babae8a00aee23e7c5e304a813e260b890949f9e203070bba955b8f8eb32245c9ba86b011ab35cb6c2254543002083e4ab7c9bf702590a6f826413e162955ec7a38b174f6b1954aca98fe9b11a67f0b749705491c687adfb5b71f53add0e467bfa0072b60b91eac414b6339c4e19cae5e9e5617a48fca546c7f7ab8500c2a8b816573780f1b1d92f1372d0f0f61e8ba3abab281206418ee101ac13d0138af9ab9a0195281ecf147693f455764ac3d04f400cbdd0d07eb8597e94423a0cf40e41ed449b7ef331af24f20fe7491197b7b965a7e2970bfa604446aa932f5e42bebbe9781a87c4bfd655d94f4a55a82675330db66fffa025762728b41afe858ecf96ae261cf4bf8985415e89561d4ea3dfd38d08a945f44ff6f28949c3796daab3ccf0631d30b0e9e378bfb29627697fadb4c62b0f589ae3304b732dde7403f6c21581339412c8292c7a6487e78c6d068049a35a34a90d8ef33b070b201f1129a6a512743ab341e54412661da35dc316430c955ca60ede5b771ae89b836dfd8b0b47c77be4e8f89d81a5803e363391be36203d202e4d339b931d41a8ca115639214d14b03b7e6e77515dbcf6749444866dcd99c2e38094c41500633f2a5b47b1ecfa6512d5aa8f0a1ef36c3ed7459d7feafa4ce2ad02abc6c61463d352c0ef2949318ffea4c817e254d19df45a893b989b843d06e91d8f3cf99b90872ec3cf558d488bb3d11a0c6738c989ffdc75545ba79fe7a275a6353098b4e015b923e6d8a155cfd708cb19c1127f051ce4328fc86ecd10ae27273532ccf99404130c4f0d8e0c2227ba124dd7de9b2c21da93a6fb9055d9bbdd54e2e2f093f3a5a2647721003b048bfa3e973175b81f0cb3340172e23639b1135ae3b2a0ee671e158f90e772deb5005dc1c13b1139402dde838e8070b6c46273e742020d0409931f98c9f086d9ac55709a6687473dad2a5ae57946f06bbd684201061b73accfb23051a28b0168cd0b78ef127e8829b797dc78741297d6dfc68d1da73450e6eb18c3d8084638005283639eb384f6da8734c349de7bccf5ddb711ab0aa6c4557db1c46d1335433685d32f07eca3b28c8fe5fe78869fa5cd554983a198c4c1b65ecc39e869639d95e4832169d8e4548bc4c75fcbba9e9207fcb26f14c67906582a984b43754e8457452b35ece70c87a549de5abb33c4419cc391265b38c3ff074f47205f2276923e7bf6af9cde68244f1d4ac3f00857f48d43add1ef8d8e24ff02e38520deb53ed29a56e2c344c72a5fa0fe457f0e3d9c390ac559f8a4f18785661ea2e27a5196f2ea58753b106e7c718bf11f8c9f4a3a2933e0ff7d295ac34f48ce4a6b0e1feb03dff71b83e64a2ed9ca7310f368e69796c4741a574a899971c53a05d9047f5a5e51c4af85ba28d9d024214c54963e66762181d1963a47a237825146198200c8e0a618367f225c04804bf24509f48102ddf86953c3cc01a416ccba40462a729a0ae02af312acb6b72ef43611d767545de9789186cc309ef8b85e16874ef503cf2105a07a86f61a4ba34d842287db11d2c25e2f48c528e0a7182d77a22911c00dcd4f94ab32c2708d88062bbc74bbca157ae1f19ce4cd771c0464d66da9c9a9acc4654c79eab09f0e291be71615e94c834f81c17e18f610c1bf64b30a958d9d4abe60c5d7a6d0838db3a641b248de0ba670adc7ad571e010270172e5597ada0853eb52e1e97af9f12e35cfc024bddf15625b5f352ff36863895f7e002a0dbdbc44c972235dc925bc2d99fa3be935a75361ec1c4acf187c72ce36443b915451c1713cb911b371e82844f62dc36bf60736b8549e81a3c9b9508d4337b43e894f5ead0e971586542552b5bada933b559c24879d06e479a47fd9da246b80e1a1d9f54b06ddb30395126797fed216066c9c1f9add9164b852dba6fc95412f235bc1f4758958d373569da6d37fd2bf028c9b68e6217d33643f78426ec553f1425d8585ffafe035a74c92202e0cbc3a227485bb0a876d4603f64b7f838c2672a8b636da4c97ab7ad65257eb60a9ebe6f3d59cf390d4f87200f6acf8addfac6a0d4bf704921665d648bc042501fbada1e5eeea22ec9ec861dab25d39e15c6e11ce1011cc4f17c98b797c760e6d9933c5f11dd7715cf12f11bdacd19e029f8418639e4f16720763600bc600439b8d583d0595f7f464bf4cb0f4491e2d2cd1eac4845df4c774b7c656c0087ca6fd247436faccf2c8cae4403c8a2eedcc6f096b3833734b3209a3e80f302c321cec1c4930da458841675313e726a80f35dfbd1333be36791a29fc60f966ee1313bbabb9a1be6b7bffc40c1e85003370df139f13e721b9b64c06f8d0ae6e2faafb21b2267167b7a3642d78b84d08b13c1db60f75312972b187cb649f15b5759af5a45bde4ee069d363002f8c37cd546cc96e38240e880fe679c", @typed={0xc, 0x1e, @u64=0xfffffffffffffff8}, @generic="03423202dc47b4f62784e8079a6693156571", @generic="fcbafcddf7062e846b45b2fab0ada888204b8d9ed2edae27367594e997eb5d5bcd876aaa8a64448a6114e8238e1fbd627451e6", @typed={0x8, 0x1, @ipv4=@empty}]}, @typed={0x8, 0x29, @fd=r0}]}, 0x441c}}, 0x40000) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 563.758811] FAULT_INJECTION: forcing a failure. [ 563.758811] name failslab, interval 1, probability 0, space 0, times 0 18:54:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/relabel\x00', 0x2, 0x0) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) socketpair(0x15, 0x3, 0x8, &(0x7f0000000100)={0xffffffffffffffff}) setsockopt$packet_int(r2, 0x107, 0x8, &(0x7f0000000140)=0x8, 0x4) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm_plock\x00', 0xa0200, 0x0) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = getgid() write$FUSE_ATTR(r3, &(0x7f0000000280)={0x78, 0x0, 0x5, {0xec41, 0x7, 0x0, {0x4, 0x3, 0x11b6, 0x2, 0x80000000, 0x1000000000000, 0x0, 0x1ff, 0x2, 0x81, 0x3, r4, r5, 0x7, 0x40000000000000}}}, 0x78) wait4(0x0, 0x0, 0x0, 0x0) [ 563.816315] CPU: 1 PID: 28805 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 563.823363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 563.832721] Call Trace: [ 563.835333] dump_stack+0x138/0x19c [ 563.838981] should_fail.cold+0x10f/0x159 [ 563.843139] should_failslab+0xdb/0x130 [ 563.847123] kmem_cache_alloc_trace+0x2ec/0x790 [ 563.851789] ? __kmalloc_node+0x51/0x80 [ 563.855757] btrfs_mount+0x1069/0x2b14 [ 563.859632] ? lock_downgrade+0x6e0/0x6e0 [ 563.863760] ? find_held_lock+0x35/0x130 [ 563.867812] ? pcpu_alloc+0x3af/0x1060 [ 563.871697] ? btrfs_remount+0x11f0/0x11f0 [ 563.876356] ? rcu_read_lock_sched_held+0x110/0x130 [ 563.881358] ? __lockdep_init_map+0x10c/0x570 [ 563.885839] mount_fs+0x9d/0x2a7 [ 563.889191] vfs_kern_mount.part.0+0x5e/0x3d0 [ 563.893666] ? find_held_lock+0x35/0x130 [ 563.897710] vfs_kern_mount+0x40/0x60 [ 563.901493] btrfs_mount+0x3ce/0x2b14 [ 563.905276] ? lock_downgrade+0x6e0/0x6e0 [ 563.909403] ? find_held_lock+0x35/0x130 [ 563.913451] ? pcpu_alloc+0x3af/0x1060 [ 563.917339] ? btrfs_remount+0x11f0/0x11f0 [ 563.921561] ? rcu_read_lock_sched_held+0x110/0x130 [ 563.926564] ? __lockdep_init_map+0x10c/0x570 [ 563.931041] ? __lockdep_init_map+0x10c/0x570 [ 563.935519] mount_fs+0x9d/0x2a7 [ 563.938907] vfs_kern_mount.part.0+0x5e/0x3d0 [ 563.943387] do_mount+0x417/0x27d0 [ 563.946917] ? retint_kernel+0x2d/0x2d [ 563.950810] ? copy_mount_string+0x40/0x40 [ 563.955027] ? copy_mount_options+0x1a0/0x2f0 [ 563.959505] ? copy_mount_options+0x1fe/0x2f0 [ 563.963983] SyS_mount+0xab/0x120 [ 563.967416] ? copy_mnt_ns+0x8c0/0x8c0 [ 563.971285] do_syscall_64+0x1eb/0x630 [ 563.975154] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 563.979981] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 563.985155] RIP: 0033:0x45b80a [ 563.988325] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 563.996012] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 564.003278] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 18:54:07 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000080)=0x3, 0x4) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:07 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000040)=0xffffffffffffffff, 0x4) setsockopt$rose(r0, 0x104, 0x3, &(0x7f0000000080)=0x4, 0x4) ioctl$VIDIOC_G_ENC_INDEX(r0, 0x8818564c, &(0x7f0000000140)) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x2001, 0x0) dup2(r0, r2) [ 564.010528] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 564.017781] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 564.025031] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:07 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$TCGETX(r0, 0x5432, &(0x7f00000000c0)) dup2(r0, r2) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000040)={@empty, @multicast2}, 0x8) ioctl$DRM_IOCTL_CONTROL(r0, 0x40086414, &(0x7f0000000080)={0x3, 0xffffffff}) 18:54:07 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:07 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x88) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000080)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x2c) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={r2, 0x20, &(0x7f0000000100)=[@in={0x2, 0x4e20, @remote}, @in={0x2, 0x4e22, @multicast1}]}, &(0x7f0000000180)=0x10) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:07 executing program 4 (fault-call:0 fault-nth:76): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:07 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000000)={0x7, 0x6059990}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:07 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000012000)=0xffffffffad36b24d, 0x4) recvmmsg(r0, &(0x7f0000006980)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) setsockopt$sock_int(r0, 0x1, 0x1d, &(0x7f00000001c0), 0x4) sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="021300000000000000000000ff03000065ac2ea38f084b30580b6cccc381f9e03ea71556094666239ff12ef5d730f4df43b6b47d"], 0x10}}, 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB]) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) setsockopt$inet6_tcp_int(r1, 0x6, 0xa, &(0x7f0000000180)=0x8, 0x4) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/capi/capi20ncci\x00', 0x80, 0x0) ioctl$TIOCGLCKTRMIOS(r3, 0x5456, &(0x7f0000000340)={0x8000, 0xfffffffffffffff7, 0x6, 0x2f73, 0x9, 0x7fff, 0x7, 0x5, 0x953, 0x2, 0x9, 0x83}) sendto$inet6(r1, &(0x7f0000000080)="15cf143f56f9bacf1e362961d82a937e5705d8aee7ebc0534b794c8354d68aeb45addca2043a939c05073ebe4a97169cbdfd5daaddbbaea8e61698ad9b2d86084181dba955457018d2de324d7220cb007503e1b44209e73ac8cf6210308cdeb0e6e11c01d77611bd250c5d4c85f4fe2d9542a93b", 0x74, 0x4000, &(0x7f0000000100)={0xa, 0x4e24, 0x1, @local, 0x1}, 0x1c) 18:54:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000000)={'ah\x00'}, &(0x7f0000000080)=0x1e) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x2000, 0x0) dup2(0xffffffffffffffff, r1) 18:54:07 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 564.293467] FAULT_INJECTION: forcing a failure. [ 564.293467] name failslab, interval 1, probability 0, space 0, times 0 [ 564.312743] CPU: 1 PID: 28852 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 564.319782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.329135] Call Trace: [ 564.331739] dump_stack+0x138/0x19c [ 564.335407] should_fail.cold+0x10f/0x159 [ 564.339558] should_failslab+0xdb/0x130 [ 564.343584] kmem_cache_alloc_trace+0x2ec/0x790 [ 564.348271] ? __kmalloc_node+0x51/0x80 [ 564.352267] btrfs_mount+0x1001/0x2b14 [ 564.356153] ? lock_downgrade+0x6e0/0x6e0 [ 564.360290] ? find_held_lock+0x35/0x130 [ 564.364354] ? pcpu_alloc+0x3af/0x1060 [ 564.368265] ? btrfs_remount+0x11f0/0x11f0 [ 564.372597] ? rcu_read_lock_sched_held+0x110/0x130 [ 564.377668] ? __lockdep_init_map+0x10c/0x570 [ 564.382193] mount_fs+0x9d/0x2a7 [ 564.385595] vfs_kern_mount.part.0+0x5e/0x3d0 [ 564.390086] ? find_held_lock+0x35/0x130 [ 564.394153] vfs_kern_mount+0x40/0x60 [ 564.397950] btrfs_mount+0x3ce/0x2b14 [ 564.401769] ? lock_downgrade+0x6e0/0x6e0 [ 564.405948] ? find_held_lock+0x35/0x130 [ 564.410022] ? pcpu_alloc+0x3af/0x1060 [ 564.413931] ? btrfs_remount+0x11f0/0x11f0 [ 564.418196] ? rcu_read_lock_sched_held+0x110/0x130 [ 564.423210] ? __lockdep_init_map+0x10c/0x570 [ 564.427696] ? __lockdep_init_map+0x10c/0x570 [ 564.432185] mount_fs+0x9d/0x2a7 [ 564.435545] vfs_kern_mount.part.0+0x5e/0x3d0 [ 564.440036] do_mount+0x417/0x27d0 [ 564.443585] ? copy_mount_options+0x5c/0x2f0 [ 564.448028] ? rcu_read_lock_sched_held+0x110/0x130 [ 564.453062] ? copy_mount_string+0x40/0x40 [ 564.457293] ? copy_mount_options+0x1fe/0x2f0 [ 564.461785] SyS_mount+0xab/0x120 [ 564.465253] ? copy_mnt_ns+0x8c0/0x8c0 [ 564.469138] do_syscall_64+0x1eb/0x630 [ 564.473041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 564.477909] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 564.483088] RIP: 0033:0x45b80a [ 564.486285] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 564.493985] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 564.501245] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 564.508503] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 564.515760] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 564.523061] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:08 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f0000000180)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002835527cb3"], 0x68) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) socket$inet6(0xa, 0x4, 0x0) [ 564.555328] print_req_error: I/O error, dev loop5, sector 128 [ 564.861175] print_req_error: I/O error, dev loop3, sector 128 18:54:10 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = dup3(r0, r0, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x58, r3, 0x2, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [], @multicast1}}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xc2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x20}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7f}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x41e}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x48010) ptrace$setopts(0x4206, r1, 0x0, 0x0) setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f00000000c0)={0x9d, @loopback, 0x4e24, 0x2, 'sed\x00', 0x9, 0xf7, 0x43}, 0x2c) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:10 executing program 4 (fault-call:0 fault-nth:77): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:10 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) rt_sigqueueinfo(r1, 0x3c, &(0x7f0000000080)={0x2f, 0x1f, 0xfff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) sendmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000180)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x2, 0x3, 0x2, 0x2, {0xa, 0x4e21, 0xffff, @loopback, 0x100000001}}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000200)="d9753eb8afdc171edd02158f74f455677ccc2354026111b4dc24c2ad1db8faafbcdd95a1f186038a1b748a349ab4ef11f9fa76b761acdf", 0x37}], 0x1, &(0x7f0000000280)=[{0xb0, 0x112, 0x401, "77dc66c63668814ba3857dcd1861d4418c29399edc8b060277bb5477f5ded36f3827668d8f9ef8f78020fadfda6f3520ccbb2e78ea269af850f8482cd63e3412b485d13ba91ad78d977accd8fe701cbb54a21d0a351693744a16a77a102c6b57d0548e78824237a31ed20591999a4eca36c83937222230f7a75701e34f0e52e865743b56e10483477b1f1cd320e9c2b871d3594c448559397912"}, {0x78, 0x1, 0x9, "b0693cb251150c72d359129e3e82c249d87aec3a4b93498881f524f04e810de7bbbb549594f89fbfd94a0338430ab08fca593b58ef01895a28e98fc5b4e8d4118d4a755beaa120e535a833160f5025dc1d297c213e7009ca4614232edb586aaf5f7e887c9e08f6"}, {0x90, 0x10b, 0xc1, "fe33f65b5762b323b3d6ec90dee43f20d4a8f7857c9f27a08d9c75559bfc88d01aaf0984016044d95a1087534def4005a7a8e385d043e58eb861999e2520ebe92cdd562a6a4209500f4faa09e69e201f78c31cb57e0f0bbe01130039fc222be36e903627e7a05ffd8cb4d6d32c9575d7981dd530da896605cf5e35"}, {0x38, 0x10f, 0x5, "6a3eecce162cd3df527d820a266f120e095f9314bdfcde357eeac48378e9024c43405c1dc12764"}], 0x1f0}, 0x4000000) 18:54:10 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.events\x00', 0x0, 0x0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000640)=0x0) r2 = geteuid() r3 = getgid() lstat(&(0x7f0000000680)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000740)='./file0\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getpgrp(0x0) getresuid(&(0x7f0000000800)=0x0, &(0x7f0000000840), &(0x7f0000000880)) fstat(0xffffffffffffff9c, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = socket$pppoe(0x18, 0x1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000009c0)={{{@in6=@initdev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@broadcast}}, &(0x7f0000000ac0)=0xe8) r11 = getgid() r12 = socket$inet_udplite(0x2, 0x2, 0x88) r13 = openat$cgroup_subtree(0xffffffffffffff9c, &(0x7f0000000b00)='cgroup.subtree_control\x00', 0x2, 0x0) r14 = eventfd(0x8) r15 = socket$inet6_udplite(0xa, 0x2, 0x88) r16 = epoll_create(0xfffffffffffffff7) r17 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000001080)='/dev/rfkill\x00', 0x52880, 0x0) r18 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000b80)='/dev/capi20\x00', 0x80, 0x0) r19 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000bc0)='/proc/self/net/pfkey\x00', 0x10000, 0x0) r20 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000c00)='/selinux/context\x00', 0x2, 0x0) r21 = socket$inet_sctp(0x2, 0x5, 0x84) r22 = syz_open_dev$vcsn(&(0x7f0000000c40)='/dev/vcs#\x00', 0xfff, 0x20000) r23 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/cuse\x00', 0x2, 0x0) r24 = bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x0, 0x1, &(0x7f0000000cc0)=ANY=[@ANYBLOB='\x00\x00'], &(0x7f0000000d00)='GPL\x00', 0x5, 0x94, &(0x7f0000000d40)=""/148, 0x40f00, 0x1, [], 0x0, 0xf, 0xffffffffffffff9c, 0x8, &(0x7f0000000e00)={0x1000, 0x7}, 0x8, 0x10, &(0x7f0000000e40)={0x8000, 0x5, 0x4, 0x5}, 0x10}, 0x70) sendmsg$unix(r0, &(0x7f0000001040)={&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000600)=[{&(0x7f0000000440)="93c59985485e2458a41141361b30971dd0a0f38402315921a36ee644e5463dbf7a4065c5b0e253a31ff7255addca238697026b2661e3ce173feefdc39024e33ca23c8b08745ac088666c782e7480745d85643e9fc3d13859ce26e8156e917ce2b07e89a6365a2e11ada344fd2c72e93c489e41be6fdc53469b7cd209bdcabdcf9367b778c99ecef52776697982e00c606c22e615a183ef114b109e71b4c732291836c7b0cfe89e87e464a6190c3675fce0fe035aac5555da3087bdc150ca2ac1e9e12d667d69a841ef29fb6e0e3c6fa61c53c962f145442648f8ad11caf52fc0c2b6eae30583851be1738d91cb25a70ba6eae2", 0xf3}, {&(0x7f0000000540)="df02a6ed82ce556cb67bc4c4dcb11f541e32eafb48b559e35ec4999700cab277e8ec9796b21a3cb8e6e994766e589b0cb51e3aac158c7618184fa77bd7cb5d171cd13c10056b12bdfca6a061181e1a15f57ea307f15adb394887e9651eee9a9b36058c27908b6970469e4c0ea411593d4dd1562055763f57ee6252790afb27f0b8e70b74f91eb6d6ca86b08e787a1ff794de0d57b6ae4456f916e377e7e81a7d21bace77ba670fc70ff7", 0xaa}, {&(0x7f0000000380)="0f17d8827ed8b2059d3119af6a14766d09170918f5c6d3f6e62afbdd8e1c37789f5382de0ef39eb9d8d2d314c3a2ffed89b6a915b4446df9da669928c28cc4db058fa56a603750a6e467e2b5891710353a5eb0", 0x53}], 0x3, &(0x7f0000000f00)=[@cred={0x20, 0x1, 0x2, r1, r2, r3}, @cred={0x20, 0x1, 0x2, 0x0, r4, r5}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @rights={0x18, 0x1, 0x1, [r9]}, @cred={0x20, 0x1, 0x2, 0x0, r10, r11}, @rights={0x28, 0x1, 0x1, [r12, r13, r14, r15, r16]}, @rights={0x28, 0x1, 0x1, [r17, r18, r19, r20, r21]}, @rights={0x20, 0x1, 0x1, [r22, r23, r24]}], 0x108, 0x810}, 0x4000000) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r25 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x80000, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e24, 0x200, @remote, 0x3}}, 0x2, 0x7, 0x401, 0xfffe0000, 0x4}, &(0x7f0000000140)=0x98) setsockopt$inet_sctp_SCTP_MAX_BURST(r25, 0x84, 0x14, &(0x7f0000000180)=@assoc_value={r26, 0x400}, 0x8) r27 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r27, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:10 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x40080, 0x0) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:10 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB="2c726f6f746d0764303030342c757365725f69643d6289020000000e75cf8f144cdf60ac40621864ee85b719fbdd1e8230307bdca50632b0c95118f8000000000000000000", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 566.864939] FAULT_INJECTION: forcing a failure. [ 566.864939] name failslab, interval 1, probability 0, space 0, times 0 [ 566.884201] IPVS: set_ctl: invalid protocol: 157 127.0.0.1:20004 [ 566.909172] IPVS: set_ctl: invalid protocol: 157 127.0.0.1:20004 18:54:10 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x5, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc0\x00', 0x408100, 0x0) r3 = dup2(r0, r2) setsockopt$inet_int(r3, 0x0, 0x2, &(0x7f0000000040)=0x8, 0x4) [ 566.940194] CPU: 0 PID: 28906 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 566.947227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 566.947234] Call Trace: [ 566.947254] dump_stack+0x138/0x19c [ 566.947275] should_fail.cold+0x10f/0x159 [ 566.947294] should_failslab+0xdb/0x130 [ 566.966964] kmem_cache_alloc_trace+0x2ec/0x790 [ 566.966977] ? __kmalloc_node+0x51/0x80 [ 566.966997] btrfs_mount+0x1069/0x2b14 [ 566.967010] ? lock_downgrade+0x6e0/0x6e0 [ 566.967019] ? find_held_lock+0x35/0x130 [ 566.967030] ? pcpu_alloc+0x3af/0x1060 [ 566.967047] ? btrfs_remount+0x11f0/0x11f0 [ 566.999793] ? rcu_read_lock_sched_held+0x110/0x130 [ 567.004826] ? __lockdep_init_map+0x10c/0x570 [ 567.009328] mount_fs+0x9d/0x2a7 [ 567.012703] vfs_kern_mount.part.0+0x5e/0x3d0 [ 567.017199] ? find_held_lock+0x35/0x130 [ 567.021268] vfs_kern_mount+0x40/0x60 [ 567.021285] btrfs_mount+0x3ce/0x2b14 [ 567.021296] ? lock_downgrade+0x6e0/0x6e0 [ 567.021305] ? find_held_lock+0x35/0x130 [ 567.021316] ? pcpu_alloc+0x3af/0x1060 [ 567.021334] ? btrfs_remount+0x11f0/0x11f0 [ 567.021351] ? rcu_read_lock_sched_held+0x110/0x130 [ 567.021370] ? __lockdep_init_map+0x10c/0x570 [ 567.028953] ? __lockdep_init_map+0x10c/0x570 [ 567.028969] mount_fs+0x9d/0x2a7 [ 567.028985] vfs_kern_mount.part.0+0x5e/0x3d0 [ 567.029000] do_mount+0x417/0x27d0 [ 567.029013] ? retint_kernel+0x2d/0x2d [ 567.029028] ? copy_mount_string+0x40/0x40 [ 567.029041] ? copy_mount_options+0x195/0x2f0 [ 567.083254] ? copy_mount_options+0x1fe/0x2f0 [ 567.087762] SyS_mount+0xab/0x120 [ 567.091310] ? copy_mnt_ns+0x8c0/0x8c0 [ 567.095203] do_syscall_64+0x1eb/0x630 [ 567.099093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 567.103948] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 567.109144] RIP: 0033:0x45b80a [ 567.112339] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 567.120053] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 567.127328] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 18:54:10 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c00838b242333c9a81c77fd8a06eae722f2b1b2f49eaeec6e9b0c3177a6fdf20376c5b22d683f4e468555ea1165407e2dc8a5a45091fa681cbc88f039d4c844325a6dc26debb27451f877773c45862d3a65af1e5ae1496f56b65b2970c6123858782e12475a67ecbc13c7f3aaa0fadd1f2c50a366cd13adb77feb8e838d7b1a5c51ef96cbeb8f36452c0e3a9f161f4433c2a06cb2776656947af7cca6b4ce6274d915d1bb5c7f6c30ac4e1ba6f100f8a581ad2476b4002afac42898ced153a3141b5ddaa8d75dcee1f189106b042e77c9dafbceef2cac"]) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:10 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000180)=0x6, 0x4) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) write(r1, &(0x7f0000000040)="2b7efdada9abc520e3e541aa9db9018db197b6947ca72c9b56ac80a2f3971456968ceda575984da00cf8b91c1d0bbeddc657f3a2ced7e8b24ecf2425dea2add751e8e45f5aa2afea35c302a9e6ea305a8297c1e218165c80d261192cd34ef07fe9dadb7afe8a914b9636338f016fce19388fb94023396f657054c41928482cb4b46b12b7a5a3ab70c3cea410a729f0170a", 0x91) 18:54:10 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x80040, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69643db7271e9110484ebe255db6d763b31d141f33bf6d22f4be5dd466f96f1379d156711a835bbd70fa9f08a314048b1d7428fa94", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x40, &(0x7f0000000080)=[@in={0x2, 0x4e22, @rand_addr=0xffff}, @in={0x2, 0x4e24}, @in={0x2, 0x4e24, @loopback}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xe}}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x7fff}, &(0x7f0000000180)=0x8) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:10 executing program 0: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x15) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x2, 0x180) setsockopt$packet_int(r1, 0x107, 0x1b, &(0x7f0000000080)=0x4b, 0x4) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r2, r4) [ 567.134597] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 567.141877] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 567.149149] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:10 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="66db4f", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:13 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/mls\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e22, 0x7, @local, 0xffff}}, 0xc005, 0x0, 0x81, 0x5, 0x3f}, &(0x7f00000001c0)=0x98) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r2, 0x8}, 0x8) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0xb4f) wait4(0x0, 0x0, 0x0, 0x0) 18:54:13 executing program 4 (fault-call:0 fault-nth:78): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:13 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) write$9p(r0, &(0x7f0000000440)="447916b7297705948f99cedb6a33b05cd517f5a65cad99af7982d00b3e29331240eac19280cb4a8968249d0f8cdb75932a64aae12904ad6629f6a7c5e0c5068515fdd00929ce9f1a3cbf242593aaf3924f9bf230ca8c47ee3b01bbebd921c2ba7d94a8ba36baf2899c9a9044a2b4f896a2dae6eeac7f0787d4076dd59307fd0343081905d48f08acaa37adf8fafeecd7aadaec55f7600d628e0f2d4661b237a76725b21f62c7d635f483e387b30519ae76be29f40c560a68126156852204697f3603ede452e1ed8948146038f8f59e6e866d39d165b45915fe7c695fc5e1284f6342895ca2512feaa1a170baedbe61d24b1e28018b", 0xf5) lsetxattr$security_capability(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)='security.capability\x00', &(0x7f00000003c0)=@v2={0x2000000, [{0x40, 0xff}, {0x7fffffff, 0xfffc000000000000}]}, 0x14, 0x2) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_PUBL_GET(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10010000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0xcc, r1, 0x1, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x14, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4a70}]}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xb755}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffffffff3efc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x7fffffff}]}, @TIPC_NLA_MEDIA={0x14, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_MEDIA={0xc, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_LINK={0x3c, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7f}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x1}, 0x810) 18:54:13 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x400004, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r0) 18:54:13 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) 18:54:13 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget$private(0x0, 0x1000, 0xc0, &(0x7f0000fff000/0x1000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 569.912882] FAULT_INJECTION: forcing a failure. [ 569.912882] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 569.930363] CPU: 1 PID: 28964 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 569.930372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 569.930377] Call Trace: [ 569.930396] dump_stack+0x138/0x19c [ 569.930417] should_fail.cold+0x10f/0x159 [ 569.930437] __alloc_pages_nodemask+0x1d6/0x7a0 18:54:13 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000080)={0x10001}, 0x4) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 569.930456] ? __alloc_pages_slowpath+0x2930/0x2930 [ 569.930487] cache_grow_begin+0x80/0x410 [ 569.946847] kmem_cache_alloc+0x6a8/0x780 [ 569.946859] ? save_stack_trace+0x16/0x20 [ 569.946877] ? save_stack+0x45/0xd0 [ 569.946889] ? kmem_cache_alloc_trace+0x152/0x790 [ 569.946903] getname_kernel+0x53/0x350 [ 569.991548] kern_path+0x20/0x40 [ 569.994924] lookup_bdev.part.0+0x63/0x160 [ 569.999166] ? blkdev_open+0x260/0x260 [ 570.003062] ? btrfs_open_devices+0x27/0xb0 [ 570.008927] blkdev_get_by_path+0x76/0xf0 18:54:13 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)) ioctl$FS_IOC_ENABLE_VERITY(r0, 0x6685) wait4(r1, 0x0, 0x2, 0x0) 18:54:13 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) syz_mount_image$f2fs(&(0x7f00000000c0)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x5, &(0x7f0000001340)=[{&(0x7f0000000140)="9f0fd475ab38ed9d82644684095afa5c63b59668935cda709796f033e6558c214ecad5bbee2586e8569944099450dfdd07824ca25855e05f943533974a50134b6463b5134459cf601bef5a91f384e64b6cb1960843bfbdba32cc227372fa08d66bfc738d945d40d01bc64d6ce7f488d92b64719bd1b3139638961ab4252fa688162b20aa190ef8e80c1f65889eaa163a22454be0c8fd8fe0d9bdbc52ea20696475a35ee65aa755528967a5b4675c0dceb0bf69001edfc1485e5b9c1c1beea9e82c44c0d4b7e8bc3b10a67c3048e864233ab4caeb4e274d5fdcd2616004cb933c3a494bcd6d47e1c3246ea1bdf31e7e0fad6daf939a4109b451d87c546363fa9bc11bf4e173b62480938eda75f99b3887cd5e9765f764c5fd83855e887f3048bf52c9e099d62d507d82f357b2d049e0a20ea3784a9ac9d42e03e6c5131d2099f73dae54cca6002f96356c3d05a006dcc061f56b28d318ba3c8169c2425f1118373e4d84937b000d6f5fde1efedbc2cef2512839e3ade85d933677efcc6a651199aa03cdc1492bc9a0780e6fd3e56a4694ad3d6a36baa121f5a64740d38462367b9e259e052e4c31d853708e27740f711745a9d45288479d28d4196bbcab63b3cc126cf9ca1be1e6d62ef6b2e612f14916e724d08d041c9d22c5402060f1b67533e608b250cbd751f17009d9f204d9113eb570f0ed8faf5de0b6a149341665f6ffc746e5a9a71282883eb8f69b141d22c65041ce208a362e7b30811f7ffcb45f487c336852f4341a2f0470b6dc36bf0a3134f5d895bd9054e2f383fe40aae241544fe755818b010f2d6182ba7c454694059ebb1288c2fb8f3467893d2a94a43c7cd0366b1661c0b53da1c8edcb9c5a6e7becd4b618ef5670a4054f11045368e41cbd27e3270933d0b42c7b81841c4a43181bf6a52616298a5ed5aba6ba24f9b5abf76351ae8f89023de400d934576aada22d342ee2c5eb0663a476e300227de6dc14b93668afc917b8ef218552b0333cde308408ca7d2e771f6c49aad815b97a5f4108cfe99cfd05aa412bc9bf0b07f1977832e87b4d5ab82aae2c5bc4126e3e87e114564b95e501e7475b56b1912334a7bf30460489685ae0e4dad41289bd054e0b1016850846713e21adb1676761d79afc471fb77a4293f60166d0baa7c9fc447a7fc345dc9e5379519540f15f29f2eec2fe7af0c295b66006ded61ddf3fe25621939d863ee67c23c342fe37c5cd2c09da679b637b26be39c2ff506dfbe519c045cd6e8d4540d4f3985d02e14e330bf3bf35717ef1de62d39af18e9ea4b54280c670c34c2745bfbfca12b146c000ba17a0628c24c74ac584a6a743394570a1ecf0b2c7aae2d25a6641c375bfc3f07038054d9ce4500c5c4e30dfedf0b8c1cce7e1fe4551f647ceef2ddc1d90425c4d279dab3f898bbef2abf182fe4d2241838fbd173816c77f330c9a3c54d0d484868331b666df92320dd600b317011544ef4613b8fb62e5703e89d796c1e703d2d4ed73db9e1aa2a568367f420ea31ddc94bea2af97ea8ecb330400db59d594b807b1b46b6d52f4397f0a1b9bc956565528b935a7a82103451ef418fc79eb3a01063298efb327bc6c62ada4e2c1fbeb2515a83d43ba90979555c3a979db862d06164eb61d622b1e9a23c777969eadc490885ada15b6fd80000bc455546ed4e538bbe03cd9f88548b77a2748083c46ebfc7d8a4d0c79ede57c87664c9473e093b4eb8ec1a7cab700537760b653c7c928a70d2d5fe875a61821c088c9b2630a3afbd9e8dd87255c7b80a6a49bd3964189f807458bef5ace138dfbd7abcbb656b7cfe4b0c3ebf9fd01cee2d7837d3d764eba609a3d671f15a8aaebfcf78605c835512220ca1b8379905d8faad3816fd7a07e3215f642c53a17a750aa62480219aa0f740df18a2ae44547f6e2315b9f6b44d23fe9c60bb60237f621c766714c5b7a8afde8ea7cac328a5e2602cfed0e03a840501143ae74bb6e2dab835a564a295dc3bf12ef5cfa35d32b8c57297a338250294a91cd79633eca7213745db788fed6b77e4a5954067993376012a22c724d13c78fdc73d95f376cc4da3e69473f0213170657f2e96ff514a4b54a669d026fc5ad75315b2f350ff8d4470fbeb83516fd339acc63d16766847bf45b7a585107bf7d7b9f58a1d34ca23a3f70b64d1a5642430fa8a817142119d911a27eef05fcc659bbd5628b95dccf5c34249bf83d0067bef366e8da4c6f2204f91cdbe576be8a0238041e106d79c05f4dbd86f012b133eda5d0c136cc50f90a52422c6195255a2d9e322429a0f1637853901e852c73efca56709f2cea493545cd217a7e73619f6ad110a0e6de92a2c8e8fd9990d412d67c2ec3ede2c81661d6642ac668f96805f28261c187478900062f8c32824fc83b58dbfefc3bcb58784a7c2e10260dde53ff71b4f2017609beb12b790e1c17ad4f1afa27cb26001ba4ce727e212b432b2829c0449bad7a078b6a675fc341242f75dbfb2b4ebd5b53aa1b9cbea65c66f9a6858e75e219cee867903f4aafe82c36407a5db87951271b031d628879f3930553bfce5db42105f99ea1405e36f1cf99b1b2e87d7c2d43963047bdeb7862c165a874ec534e5e806491e28dc2ce3fefb1b964eb168c446ce8fa6603e9911d319ba93b3331bf1c05dfdef4e1fe0de3b74df43fde621d1e26a2bf4650d70e5cfc7a2e506593d8be4192f42041c4a78046a8b3c28a9b2c245f6ff03273bb7f0867759009922506b31de0beb181c673c981a3777aff73ecec6b8dd0f6e861e8d1ee939a7a42a109b33d034e9911e29f5c81886951e75b309f340068e4b4fb661d20c0ee9f2b3ed540e26e484f52ccd46b54a1eee83bb0a195e24d3317c291d9f7c47459bf6cc9a4b1fc25c5bd90f9762e5a3cb025d0e7cae893611fc8a2e176223640fecf57d191d88893e0de5bccd0b9f5a61c5a16c04723161a9e54eba6fb3861944626e343acb13d3b6a77567ba4ad79bf9843414f24b6c505df853d081b1f46ae2e350443b860910e2339d7ba36ab7373dfb9e4db48d33e1eb8f0975fed13df7ea7b01441eeb3faf6fff46bebcf4b5d643821b64e6d252e6397ed3c1da91e3ed0aaecc7a9ab999d20ce3eeffaab91b99b6336da535bd20416ea10f3ad2809eedcd115ac249c8ddecf06248707e61545de5ef0ebe1cef4fd72481cbb8b6012be21f23a6187410e31d6c950e24d8b3b2ff73d1c6219209e564445ad7a1935cdd35a937149fd37e81ee25363a4f51428bfffcd34be69047009756f41eba020830cae3b21d9c3e940f252134b41b1fe8dcf855af9f722f892f32c62535c7cf713e41ed0dd9eb16dc12ba18405b4afe81f68d670415232010804e7570636fcd80aa61f4426b82369f39e2c951fcfedf1475686298ced7d95e07b952b85c251adc9b0c732ad1799fc4ecddcbff84ece51bdac90318f2d916e31492a3dbcdfe34e91b105d8257405acee89bf4625b00a5c99cff835950353ed18819787d2278117dd2c63d796679a7060b1e20bcb0f0191e056e31bb078ca42c32f9d1657fb9563e38f732fc384c4a00f87f1938ae0630ca7bb71e37cd58eaca17d21083c0c6156f3b1c000cf4269cc3d7f14f5c673ede3b7714bd492e436e9a376efd93cc48dc702bc5a7a0fd6c81d4173580f81248bfda20c75ff227d09621d415a37c746a8ce1e4ebe258637cd62da013c7cb41f31e74cb5d3060c8d3f474f0e5eb946978da7ac93c196dd0af6e4fe2dcaa4e7ffac2b33465744150e820cfc55bef43800461027885456805e7f551e735c738752920ba370cd21496d5ebd13686c31ab9e4907b251f2b714d3da43ac6db4a294388390c7504a49197499bc71f36945842dcb2aa348fe2d39d9bbb37e27a5d15f8d5e2c8b500c1dbb71b06dae7f6ad3a22bfd14705efe9430f1667d3dba2e928242cbe1c147c894e611f2e9cf731edecfa88a814a78655eaa2581274ac14c60f837b7f2108f14f6db239d3bd0536a25e9749cf6d193436081b680c3c7737c146044aaa20ce11a4b65f1a4bc1ab4bc74ca0d849ebbc3feb061aabf1794f30aab1914d2e4fe158bda889f576bb91f46e9f6ce55ffbba648445009c428663262c15e3babb667ac61f654460f67ee739d0b90881f3037e282791dd9f7c3fe4e680936e9ffd3e0ade34d4ea35611484bd6afd00349a6efc141aabffbdb20e8b5ec72e55a87696f89c2340947d5e24893c4bad991108e37e79571013ddd8c5b9e898815721e13802a718b1bb66e9b2f13522a93b03a28dd5283b934556efe3b8a3e6221707dbac0018f8ec1c16097c767f7eb7266915c93c620ed09ecbee0728fba438eda05235142adfb61fe139aa9e2491e877a4e951f7366ab5e7593feedb35e3635eb057c4db5aff3d94bf944f36589d410f6a88e327f10decf2a91b4430b4746552d192b592da67b86ef566094b6fc47b77a6bc595bf165b1df16c95ebce150d5de4b10c71067bdb2986f3679e560b9f85eb03ae72c12670cd1c6450db47831f2f1c85c23dade2a4f6273b140459852f4fdfb81d229ed26a851b05311284c78acf01eb965bc3c84d37fe432b2f466f3309720233fd311f9f3f002cd3101238acba86bc43d48f2bab7f8449d9e11993c1895b82469bd481f2e99b0b8d0f8c86da7d25bcde98aa73cd2793128267a7bcea016b77300cb3b9a4619c040d057b0a8c23f6f759addd0f3962a2a82fd4dcd43e715904a86b4f70e6d51db191c14eb3a8ace6a6d9e52b90221c0fe3417d57860161320076db4c49e0e53fc936fe22f80c16dcd769d5fa13f6f0c213612862ea16efe0af64a4bf8b51a10817a022e116f57e6e6d7b54aab6f17eba2c3de855f4fe81f9db82a0b467fc91aa4abadb1b6b6be3308e0f8f8d0d8c6172d97e0597bc4d2cb4ba40853b5d434fb63fcf080f049f4422c4b633ad795a09dc86bf50596dbe592501a73da3081857fc26a95d9207cd6fb42969e05e2773e64e671a47ae1dc934dab7f42556084984774748284923caaa882e63f37f22cf953fac54d8e53b56ddc6ccaca0da5533c803b3fa38531aa24588d4e7b9cee8c2ec367e4ca0c936e41d33842e40424e11773f2e04cd5d65e9b08f6d84d2ddda8c9c44b9e1a514794759e70e842c69e5c5778b0e1eccbcbaa872dfecc1786bda0ba145d7909ef60d6a72a8386b30f5e81ce3aea286f0e2a678f1f40300a751bbed50b4a2c0826b009d6fcd048ceebb55146612b91af0478b29ea8675293850a840478aee3d2064ef7b618bbec08e9f6bddb6f3261d8a4cde117b46e0146e2cb6e433a617d4850557bb19afe75a764908964b7672728d6566cba20a3172adb87e319f4a64c5ff68318cb972629b2b06cef4904a9f4261cacd4de5b99cf4a207fbfe71bf8b4ca1ae7973a962a65001c6e9a8ea9b71bfd99f700b58c95d276f68278c310b2ee241a787231547bcd118d86d27c218098e5fd975f06ad97758bd6bedce96c119101e601eee4533d6085953cfc427a8d1c86d2ceef66d15c5a72e9f370d588a0d75c689a6bb14ea0ff874310f3ba7a652dc0ca88230606901e648402f4abf8bde7662c52117d2f59c6f4f1737900a0146640f3614ac8416a6eab87fdd72244a5437717749ed5beafd507581308d7f10c1ec601871065739f594baa2965b9fc9554f7f7463cdf22aaa84d4f97e57ec4a4739b59cfad62a872a3c042c3b875178b35ac78164e7c47e8cd22715b510dbe9053fe16ad415bc4881f228389330666ac9a4da1e18fa01a0fa212fff4b4bb4b08f", 0x1000, 0xe731}, {&(0x7f0000001140)="21f385715ac118475dc93059709acb77817f8958b58b754875f6d83eb19c303f4c53762a33513d7ca3aacb22ce9dafc5b57145de09415a412bc8777396c9887c236504d4fca9aea983ccbd39c1658184d3ff100c8546c9e02beb44e9d1c9c75df3fc7225f3f3a5428da064e59841289751a789ee90acd3c7afd2a7", 0x7b, 0x8}, {&(0x7f00000011c0)="d4c3e3eb78887e6d93929ad2539e4555fd326921f32c20bbcc47ac75bb4f8cd2d357a15fe36d83e3ae90a4258aa3bf790a414f453126ec54c1f52a51d58fe6ce0c8e0bcaa5b53a6aa32e1419f85941a29a0a92a3a253aa4f6e39a7c522cf56fd9bc92726a4d1e636a17b08109194154a248d8753f1b8309341e1b4684ee6e37ef1cb841599b362676d7cc88f2307116d69f7e3e8277e1200d362cc1e5349a920c9ed1eb5f4a7d52f693bd9dca3fe34dd9e156c951b0aca8864681670a5abc42631d12aabefd4b4d42b1ec4989071240d017593d5", 0xd4, 0xc3df}, {&(0x7f00000012c0)="050b3fefc6ed5004403301bbe9a13484", 0x10, 0x1}, {&(0x7f0000001300)="33f87adc3d55ad1666e868a3ffae0df2b6f4057d48d3c31ceecc7c", 0x1b, 0x5}], 0x400, &(0x7f00000013c0)={[{@whint_mode_fs='whint_mode=fs-based'}, {@alloc_mode_def='alloc_mode=default'}], [{@fsname={'fsname', 0x3d, '5['}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@subj_role={'subj_role', 0x3d, '&)/vmnet0^'}}, {@smackfsfloor={'smackfsfloor', 0x3d, 'user\x00'}}, {@dont_appraise='dont_appraise'}, {@permit_directio='permit_directio'}]}) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 570.013083] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 570.017592] __btrfs_open_devices+0x194/0xab0 [ 570.022109] ? check_preemption_disabled+0x3c/0x250 [ 570.027137] ? find_device+0x100/0x100 [ 570.031028] ? btrfs_mount+0x1069/0x2b14 [ 570.035123] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.040152] btrfs_open_devices+0xa4/0xb0 [ 570.044321] btrfs_mount+0x11b4/0x2b14 [ 570.048214] ? lock_downgrade+0x6e0/0x6e0 [ 570.052369] ? find_held_lock+0x35/0x130 [ 570.056440] ? pcpu_alloc+0x3af/0x1060 18:54:13 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f15b2f675705f69643d186ebb211b1595c9dbf0412d1a045f1014c25b7ba5705ba9d638e4fad8ac4a02f7fa879c1b846dcb97a36ab8ec163d98639e1880abb0fee222afa173855d26b675b43608b9e67a7c6d89a6002fcd1b8313be147052c6f525a93972ff3098ffec50bd630225f7f4d830355947aaee4ca0efca6761768fc778dd15eba0370200000000000000ed24bf66696c7cbd6c88be178f37745c072deed513bc020000007f4a2bdf983136ebea08c0c609d555efcece3100fd870d9e5945ea8eb255bcdd7a75f461b8b7a69cc1813c53c6f5862d4002f1a97f747bc735a2aea33411fbb6958a2edd44760b4ed380f7166b7802ffffffffc89bdf809c3e", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) write$binfmt_aout(r1, &(0x7f0000000d80)={{0x10f, 0x2, 0xfffffffffffffffe, 0x350, 0x363, 0x9, 0x7e, 0x1}, "3b92c075b3c718d740e9a69211d76c9f0f51c7ba6b6c6ac671ee9d10564110cf964c75950099ec58718f321c3eabf674ec12593521949b4e7cd00dd5b4952b336ae00bea32f0fb8a0aaa3da8ff4591a04964bb5f31e08d30135fc96e399bef871e5929a7093f75b5d72de0545980b24791549bd8aacca0d22ba306e9214b1e46048ea79d2f243517205f47ab710499be8d93a270d7f5b4b7638888b8336fe221e785d2ab013b557243ea19e150580fb3e8f99ad5a8e227f701fd24674423766c9e1981db964b494137a7090a0d5feaa9f4a926bf7ae4c75cfc9eb391e0b87303cb88f3e7e9d0b724e61b3b58a19fddc12d15fa3046c739158e2dbec6386ad60d1645cda627b6f0f3a11790f3941c46897c7377ba4e5f111a70987042ad954538b7b3bb7fa682aa032a10071dbb063ff3f146eee84b754d22602ae9da74bd9171f05a9c00365061b6d1908f2145075b2059141a7eea6388fa765a67a1ab253c8679799a14a7dbcfd9d0032a30d0af2ab600fb6e1548411a9df24de2457e3e6dd607f7be08556839289042333d5e7e534c35d9a164d84b0ceb966b8b2743a23a85a896546879ad4ba48632b98093b6021ed666947e80a8d6349e8cb88eb848d9b13c6e57c100f44fb4f4880ac3c0890e051ef3d55f550c40aafaee4ea5cc8f9b3d6fe92f54ff7cd670dc711a7bc682661738dd83a97d73ff95685d26892b2296f32ca5182399a2b502b16ee7542e5fe5e000930c158ea9dc720e0f19678aa1152daa95b93b2bcefc4f64a68051704a31c4fe197e6287fdbc94eb7d20dc910aad3f3c2b10cc9f00eb0b2505473f1bb8f8e5fd6a674e9119ddb6eb497e3b0d25ad96b2198acd45023bc8e31ded797817c44cd74034058011a241c86d138071e17ec10375916eae34998b2d246921f074b35ae9612cdf9cf0b6b6f99d17e7d28ab1bd2c41c4d454d3d61695d3138b6cd54384ea63f5854906dd5f034fa1f31b833e2177000d9ebdf65dad617fe0120e6a906a06d747028ea0c67a58fa722c0edfd01293c69104838a23610a419abfaa664d28d1115a074ab3333af964294deaa8a34e9d0a8985e4d2e64380813e76e23ad57fedc77bc006c199b7ffd5d52c78a5cc83f9826ea361d7eb141a181927c6744a09d7d0543420f32bf8ed18376009e44dfc4cf10168333f21a3af27d5c17b6fccdb55365b5794d9157a39e4cc7faaf1c50e2aca108f05820c7fce7b3c125754ae290a2ad4d82d561dac6154609b0ebe4f7cff93c0db872a14cd51d08bcf87b1d47007f15edde4fc57fab517feddde81e6a4b48661632ffda7884688bf5dee2eaa0ad246bfae37ddce4d71fc75beb0a95bbcfe84779d6119e0ad622e7f71a2463a3e1de51556dfd8934ffb44c45f517c419761c4df9d6ac7c956bd8b38d1aa612b05ec352b69509075b9cc9568de62e5ebf5bf257ad4b49658ba6cb3e4bd03edc77ab43188092dbb0785cf380ff6bebbeb11ee45887bb455768d40099996b586aaea77cfe1c3afa282e50268bee6b662b2baf3072553b0f663086a0893fee370fc85dad09a7edc32d58a00d5b101e31262f8806d5af5f94adbc6e82138fbdf8fd1c6a237e09f38e1f51a8ee8e3c6b36d8259bec46500a729a68252e1a5d1e540824e957ef547d944bf004a71ac1cd935f1109b18bdfeded0087d00fc561a95d667e30e1cd4f27c0db492d1c5c4cc839bc45d245c1405b172a6b26a5e75eed675f633fd328af8af045aa91b76aef15221073db4af54c48a7963c0746465b5d304d62af88ea37b8e207ec2f4d5730a5b5c1f5846b109803d27a70b8de020d5b4a56ad559b5abc4db92f55b090da70040410e3e7ac2d046ff8b696904b04a1e614f26f2e83647161c7ad0cf88b236a77586993eb108d4654ed2038d279d27684c048b84cc4e0e6f07e4305d6c94557da687be999063567e51c276550b3e4c933bb89250bffc2e61b69201da9cbe4db0a0ab13ca4910db427723f60f33a80faa3bfe77592913f885f3d222949a8942afb5323dcf3f96e72887fbe76e281f33288ba5104647f76f52d7f44a4161cc7c010b5be592ad1fabda75888d830d0dd81b2032c5ce87f835415ccf1f0807caf984ac26f1f6c6bd0d1223c3d1ac79a64536a327920f2e138c39c1e17418d773424337baa98bb059f1d37935a9c54bb33262390666f19f065f405d0c741808029ed17f0f62685ad1520cdebc40588a887f49477b802c249018b01e93da64adc90f9c9aa2e688b6c7d3b2dee5d18d5bc084e009a18c8673dc7225f6c38cd0238f7b894e38fa4aaa4722c3055f9e9d115151596b6e0173cb196d843a5848458e1b350a4f27ca80954877e3b62d2041e4355403374b968a9a2bd38ae4fa09f977f18fc60ceeb86a604f67a87b56db8c9c2d872520b1b817a0d914c35b5c85e843d921173bee9e91b4a2ec689cb2bb326399c75c91dc2287ca8ebfe4bc6aa31c6bf0d48c89a28b8392edf8dc6b025171e9ad9bdec52f748674bb05e656e2c41b1d26c21e6b94382e27ec116b09c95f74152e8dd71a9e9db7a8854c6de12ec77a8a0f80b6fdfd638b4eb30b11b304bedf777ef075467543609be4ca011038655bce387ad16b4fb834db7955a32a82534ec9127fe3a070cddf165a4362d35ca7c663cecbe03c29f9d3377c5daf4c9dce19b04465302fb80d54ff550bfd56fabba7aab852929a7aac7b359b606c0fa3c14df5d939965a7519b2b7dd5f935e86fca8f41addca89d08948936f90215de88730969e59dbcb977284b86fbe6e8dacb44721f1ab2eacde4b487bf6586686d1b290268f6d5ccfcd3e5e8de303a3fa9d8c57f1b0496807a4a76b98a5d03607b279d6c57b9a0f8a00fcb4978a72ebaf8d96ebfb2c5c511102feb31c5be48de23e50ec3b514e4ec47cdb8025963ee85f530bc0419130983300314bd7535fc1f66eb2d588632ba1e8c2cceb8383f568e0d20cc5aa70039c9b376b091ea9f7edc5e1e4df01136e1df9fe5ee74868b216849e9a2bc20b56b69d49fc7e39082dbd977c22f27a953004e6a31a98d997bdbabbc1b6d71b4f15e440912068255261e9b9965345302a02990d1ba6d10b4d4c7effe9086e160575d33841fdd07a8a8f3d792f14576978fae76c1557fd25059486e5e9b8aac01228a713c5e11dcbda33c4ce2b49c599734b179cae511662e87a92bece1740ac5b9abc84994ed4a605c6bad01bde708d46b480b39e2f42966b30b43011abf0c75442a7fd426a5c04fe33ee428a1a321983527c03c91a9e8d311f40e9672694c65c68893d620d8f2312ffdb9b1a866e5a09edc1755588fbd996371b2c998a1ec65cefb44473465fd87b5f606a3244f672454fc8cb10bde0c523904dd089fd0205c432dab1312c86d459d3bbdfe312af5a4fe371553a01a40386750eeb5ff6ac01fa4c2e024a2e684be5a971be7aa02d550cc45b5a83f1bb4cef5372221ff2217eaafb6ee8c650824a60f076005338d18196e816440620142abeec629a20f578263558371065e98e7a82b5e124b40368ef25425760211ae172d7d889bf8ad3f47dec05e691492987b2c2558936801c0d19e5f2f5329e4c05b205992441cdc4d38b6a103d513de6c2b1278d8d9db841428f21300d3e70c623cbc26cc09af7d23b24c5b1fe5b4e129694e697a6129cf84d2433b938577bc09b7226b5fa782871771fa371f5661cc020a1aacd3fcea5704f99616c79b44028ddea4b670fee011e3f22cf9760cbcac3da3ca9b0728c207638535413f6568db1521c1342330feba453418ae816718686d9f863476b7d9d347e102d9c34f1ce36b2ec414d8943ca404b9e58a85f93c58c0f6543dd185307fef435edc7f56c47ae98eafd7675149b7ffadcd84c865f4184591c587b84dfbc136f0d57393fda2bfec226373c70a2da8b1eb7040a82e9808a3f33d4c0922012d0031e80851301371b35d4fe4055733eef32128fb92b362f6ec7904243125356252d4c85527c53a83a0bc745ae737755630154b8c944d3208d92feff873bece4bc6cae70dd4eacac65747e0f7956742adca4a9bff03ed1a55067a139e185155799ffbdd3242493955e578cd15ffe50799638a4dc086abc1f9c2cdb1d3aa999083437c2744c9a2ae569510c5bea9ad9b2b53d95bcde5059641dd4641ceedd4d9559fe5d2f4c5d6bf982606f2f7f740508bbfbdbffe1e0a7382e0e2e4ca1b8bc87c1b390ed20746f51a65133f591ada2500904b968c7792699cd83f1beb85659274bd94abf49a1c161e687e0916766e3d569146a5a863c8909934aa8cfa9fbeb4307e02a7c606406da3cd62f8746e3b112334fae1aee6eda51ba6595c57541a9ac0f71c9fba5fe31564399857da4de3249ce4b62a5bc62e23c37b48d7c27d3277abe522797102965ed010069d68946c5bfd83a58b4566e98d6331737d499afd79037f68a9bb522dc1eaa026c3a5d2253d92a246ace1076617958107f1a5ffcb692bb255ad4e946da834368ef48ded5a06c4458fd7473a7e93d7bfd37a401fd36d1ffda704ef435cc19ff8ffb1a166706bf0d79a2ce24b27a2c1a230a3d6f4d197658555c47799620cf16185a955b8fb9dac7e382284eec3f332be2fbe4671dce19895d58cc5e1e06d8ebea9634f1c841fe7b8c6432d5ba28473adeeb28fde40418547941068e770bc0bb808bf659ecc62b8ea639d3dbf32a92eaa11a0da099eab006693c760f5ab589eaa4630c3b8add28a6ec4915810440b5b060f10001849b46b9dca39ce4978de0ff5deccaedcaadb3997656311af9aaef2d35d42a68a95896c3f7baddc857a6b30b081678290cedc7c34a8543c6eb514be53a44b04db178780776a9bc4b641f9c851f562e8dd752199310de2318bd67671541677684cab95dd8f3c9dac320544eb2fa0db0fb76271376a89a608dc6da1c80a0c9dca02bbe9fbecb4cc7f3b848d984a6f5693bbfc7afaefc3164b135b6bdfbf236943ff598ed128957cec279d2a884373ee67e41d084561e19371db88223ad500684123f5d9bfcd8bcb18f41b4aaa7aa0e6a9c03edbf132f7923e735af39cee9cc2cae157487de1f935a484b44d0e41d96acba42eaf4b4bfd104ef36f3820cdb631c6395b12802f1ab92b64266263d90f25866e459055a243629d86ea1212aa82d95c6d80eb594c4f2b79620d4e6c65dbc1b0d1abc8ce57111a84ca3a96019a1ce8bb9d2b8fd388d452b42f74195e46ab7e98e80fb46c36a1b661f2ea15650129c7d01b552106cbba8ee4d7eab68687e18f0bc4a8a929830a81f495bf68865e9cea65fd2075e0a00434f8369e4851feddb26fff305e9c329995d3d5532a0e903c05465f15183d508d11bab8cb8f926eb3a1569e061dd460ffdcb75acb74da6bcdc3fe3b512cf5fc76d0d6ce9d281b3a96a1ceb18fe6b149fa6e0640a6dceceb1e77db8b57945156f77f2b90705c652297f27bc67ef3b6b6048e246877f70b2e002feca885c73510d8c3022f60ede6ca21055e4a5932db56723814cde8aa10428b8f03d6bfcae7e9c2bc4a1e32e5ca1b59e86828c049d5bcd98ceaac0b3be88e16a5cb5f7cac2f522e72003012c93057cae0a1597fb5fe981a2c73082adf2f6d66ab96d2ac6b522670600feac0ea0b43ddd8a47ae69eb87c3edc2e7f76ed89e3ca8819a15e04d89520e7177ef0f02917c61f8b34d99cba890440a3ad5b5cac0649e28d8776b0d606de5e5c15df1b7c03f314e2bb70be593b32ce9d812f4ce3a8d61bfdf233d39d10feac1ebc9fa6948b36cd7b60ac98978f928fad3470652227c", [[], [], [], [], []]}, 0x1520) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 570.060340] ? btrfs_remount+0x11f0/0x11f0 [ 570.064582] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.069614] ? __lockdep_init_map+0x10c/0x570 [ 570.074130] mount_fs+0x9d/0x2a7 [ 570.077509] vfs_kern_mount.part.0+0x5e/0x3d0 [ 570.082009] ? find_held_lock+0x35/0x130 [ 570.086076] vfs_kern_mount+0x40/0x60 [ 570.089897] btrfs_mount+0x3ce/0x2b14 [ 570.093705] ? lock_downgrade+0x6e0/0x6e0 [ 570.097852] ? find_held_lock+0x35/0x130 [ 570.101922] ? pcpu_alloc+0x3af/0x1060 [ 570.105831] ? btrfs_remount+0x11f0/0x11f0 18:54:13 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x7fffffff, &(0x7f00000000c0)="0adc1f123c123f319bd070") ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000001c0)) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/enforce\x00', 0x105000, 0x0) getsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000140), &(0x7f0000000180)=0x4) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 570.110076] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.115111] ? __lockdep_init_map+0x10c/0x570 [ 570.119611] ? __lockdep_init_map+0x10c/0x570 [ 570.124125] mount_fs+0x9d/0x2a7 [ 570.127503] vfs_kern_mount.part.0+0x5e/0x3d0 [ 570.132005] do_mount+0x417/0x27d0 [ 570.135550] ? copy_mount_options+0x5c/0x2f0 [ 570.139963] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.144998] ? copy_mount_string+0x40/0x40 [ 570.149240] ? copy_mount_options+0x1fe/0x2f0 [ 570.153743] SyS_mount+0xab/0x120 [ 570.157201] ? copy_mnt_ns+0x8c0/0x8c0 18:54:13 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x1000, 0x54000080, &(0x7f0000ffe000/0x1000)=nil) shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmget$private(0x0, 0x2000, 0x60, &(0x7f0000ffc000/0x2000)=nil) shmget(0x0, 0x4000, 0x1, &(0x7f0000ffb000/0x4000)=nil) shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil) shmget$private(0x0, 0x1000, 0x54000008, &(0x7f0000ffc000/0x1000)=nil) shmget(0x2, 0x4000, 0x4, &(0x7f0000ff9000/0x4000)=nil) r0 = shmget$private(0x0, 0x1000, 0x2, &(0x7f0000ffc000/0x1000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2cb07a7a83e300"]) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 570.161102] do_syscall_64+0x1eb/0x630 [ 570.164993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 570.169845] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 570.175047] RIP: 0033:0x45b80a [ 570.178238] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 570.185952] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 570.193230] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 570.200499] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 18:54:13 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r0 = pkey_alloc(0x0, 0x2) pkey_free(r0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 570.207768] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 570.215036] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:14 executing program 4 (fault-call:0 fault-nth:79): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:14 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0xffffffffffffff41, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:14 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000000)={{0xa, 0x4e21, 0x6a9, @mcast2, 0x1}, {0xa, 0x4e23, 0x3, @rand_addr="71aa5c54c8feab64cb4dc19c8752f575", 0xf08a}, 0x28a, [0x1, 0x0, 0xf667, 0x5, 0x2, 0x1b8, 0x7f, 0x3]}, 0x5c) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000140)="8da4363ac0ed0000000000000000474d010000000000000000000800000000000000f2a2299748aeb81e1b0092000001000000000000005f42485266535f4d0000000000000000000e95fcf64795c5a277a62873dcdb0243bea90713599e4a8d94548d0fff0ade61fc30a66e3d59116fb93142269d9fee1d403e6ec9a4ea3f9879b1476967db844d59dc3642daa94693b7b2e9502299", 0x96, 0x10000}], 0x0, 0x0) 18:54:14 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) ioctl$SIOCX25SSUBSCRIP(r0, 0x89e1, &(0x7f0000000180)={'dummy0\x00', 0x7f, 0x81}) 18:54:14 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000580)='/selinux/avc/cache_stats\x00', 0x0, 0x0) r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000680)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000900)={&(0x7f0000000640), 0xc, &(0x7f00000008c0)={&(0x7f00000006c0)={0x200, r2, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@TIPC_NLA_MEDIA={0x84, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xbdaf}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfb0}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x86}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_LINK={0x6c, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa9f1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x400}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_LINK={0x84, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xaa3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2480}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_MEDIA={0x38, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}]}, @TIPC_NLA_BEARER={0x40, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @empty}}, {0x14, 0x2, @in={0x2, 0x4e24, @rand_addr=0x8fc}}}}]}]}, 0x200}}, 0x4000) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030303030303030303034103030342c757365725f69643de704e16d694f3a8efe8971d65c1998f5d41934eab73e2878eaa5222ce4e3dbb50f0d1a438a1264cdc6848019828c89df267bfc685bf4e84438207496ef5efd00"/115, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c01027c6a9a35784d2da8d3be2f777cd3b2c6cb3553fbb6eb08af6f041362b442ca5dbc33047d61d6a13ba27a68837b5c4c539743096ab5d669792e331ce2525f53175acca9be69d489bc49ab64b8cc2540fea385fd4e937ae6d0a4efca4dccf5361880158f023b3113617fb5e169ebecf39d279e7e329b11c28ea5b71366d6c08430aa00998f133a92ad552fac517cbd30cf58e3338f4b0a6d6f407f55ea7a1aff176f26c6969fb48c327f4405d16e689a5f4378de1d58ae00123d8c0ff75ecd65d5f0db7fbd7cb634f47564731760379437ac133bd86c3c9b75adbd051d31c29dfc70efe769553067f3bfcb48482544967a6617a1b70cad"]) ioctl$PIO_SCRNMAP(r3, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000080), &(0x7f0000000100)=0x68) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4, 0x400}, 0x1c) 18:54:14 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)='\x00', 0xfffffffffffffffa) r4 = request_key(&(0x7f0000000180)='encrypted\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000200)='vmnet0/lo)vboxnet0}\x00', 0xfffffffffffffff9) keyctl$unlink(0x9, r3, r4) fstat(r0, &(0x7f0000000240)) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000002c0)={r1}) dup2(r5, r2) [ 570.463795] FAULT_INJECTION: forcing a failure. [ 570.463795] name failslab, interval 1, probability 0, space 0, times 0 [ 570.475338] CPU: 1 PID: 29026 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 570.482361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 570.491719] Call Trace: [ 570.494316] dump_stack+0x138/0x19c [ 570.497946] should_fail.cold+0x10f/0x159 [ 570.502092] should_failslab+0xdb/0x130 [ 570.506079] kmem_cache_alloc+0x2d9/0x780 [ 570.510234] ? add_to_page_cache_lru+0x159/0x310 [ 570.514991] ? add_to_page_cache_locked+0x40/0x40 [ 570.519842] alloc_buffer_head+0x24/0xe0 [ 570.523910] alloc_page_buffers+0xb7/0x200 [ 570.528130] __getblk_gfp+0x342/0x710 [ 570.531932] __bread_gfp+0x2e/0x290 [ 570.535554] btrfs_read_dev_one_super+0x9f/0x270 [ 570.540291] btrfs_read_dev_super+0x5d/0xb0 [ 570.544592] ? btrfs_read_dev_one_super+0x270/0x270 [ 570.549588] ? set_blocksize+0x270/0x300 [ 570.553652] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 570.558141] __btrfs_open_devices+0x194/0xab0 [ 570.562663] ? check_preemption_disabled+0x3c/0x250 [ 570.567676] ? find_device+0x100/0x100 [ 570.571564] ? btrfs_mount+0x1069/0x2b14 [ 570.575617] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.580621] btrfs_open_devices+0xa4/0xb0 [ 570.584755] btrfs_mount+0x11b4/0x2b14 [ 570.588640] ? lock_downgrade+0x6e0/0x6e0 [ 570.592792] ? find_held_lock+0x35/0x130 [ 570.596843] ? pcpu_alloc+0x3af/0x1060 [ 570.600746] ? btrfs_remount+0x11f0/0x11f0 [ 570.604969] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.609973] ? __lockdep_init_map+0x10c/0x570 [ 570.614467] mount_fs+0x9d/0x2a7 [ 570.617837] vfs_kern_mount.part.0+0x5e/0x3d0 [ 570.622312] ? find_held_lock+0x35/0x130 [ 570.626365] vfs_kern_mount+0x40/0x60 [ 570.630170] btrfs_mount+0x3ce/0x2b14 [ 570.633981] ? lock_downgrade+0x6e0/0x6e0 [ 570.638128] ? find_held_lock+0x35/0x130 [ 570.642181] ? pcpu_alloc+0x3af/0x1060 [ 570.646058] ? btrfs_remount+0x11f0/0x11f0 [ 570.650291] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.655304] ? __lockdep_init_map+0x10c/0x570 [ 570.659784] ? __lockdep_init_map+0x10c/0x570 [ 570.664263] mount_fs+0x9d/0x2a7 [ 570.667614] vfs_kern_mount.part.0+0x5e/0x3d0 [ 570.672107] do_mount+0x417/0x27d0 [ 570.675641] ? copy_mount_options+0x5c/0x2f0 [ 570.680042] ? rcu_read_lock_sched_held+0x110/0x130 [ 570.685057] ? copy_mount_string+0x40/0x40 [ 570.689300] ? copy_mount_options+0x1fe/0x2f0 [ 570.693791] SyS_mount+0xab/0x120 [ 570.697234] ? copy_mnt_ns+0x8c0/0x8c0 [ 570.701106] do_syscall_64+0x1eb/0x630 [ 570.704973] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 570.709811] entry_SYSCALL_64_after_hwframe+0x42/0xb7 18:54:14 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',5 otmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000002c0)="35ee410b0e12b37537000000000000000000") write$P9_RREAD(r2, &(0x7f0000000080)={0x103, 0x75, 0x2, {0xf8, "31179a4ec1097471e8927fc48fb6806192fd7418a735a3fd7452bfd772ab56594a77cad053a37bba1a3ed9e7288fe2c68c55b95ead2e210bae6af8344d6758581e886ef04c33b4a97ab34d05366212da5778bfb723342bfd58d6886e991c95232e3f7ac6fadaad0183a0449b68deb70c5c78704c24573692633ed79c2d50ec8e82ece61fa3f353cc3cf52c50d3a4d01b4a3c1a279ef1cc10a0a69f3edb9a687e51cc40a4ed85d6f11448303139316433d0788751492c6e696d098146550268f43b173784783fff79b88dd1649a25c32266dea4f8433a75135700ea2b4f9b3e4b8779bd9bf98ce74ba096893d8dce9e6d79e6a75fff7240ca"}}, 0x103) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) io_setup(0x9, &(0x7f00000001c0)=0x0) io_submit(r5, 0x6, &(0x7f00000006c0)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x5, 0x20, r1, &(0x7f0000000340)="a7163cc8fa82a9f2bc24cda999a7180eb79e84383eb7e6f6646066ce33778e0d136296c3c90615eace3ad654", 0x2c, 0xfff, 0x0, 0x0, r2}, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x2, r3, &(0x7f0000000d80)="1518006c6745c321c9e6d056b16a795e14325a852d34bc2c3f5621393db828a054b611d232d8f13a84f0409a883cb825e7362cfe28e074e4a0f03ba632fa57b30ca928cadfa7488b8e62dc86edf1bf6beedb3c1efc723ea5f5a6ede3e1f1273b6b0277c423d89af146f06a297b788bb6977e17515e9936db052cdbb2b15a8e96c032d81b8feed49afb08b0d22aae4c572c08a1c5b0cf5ee7206c266d22b1e65ef77906a09bc95967c6f56c465a26a8be3ff76bc4b187754ce4ba43904f4c76838db4348a1f7363454f4bdfc66ed468c92ecf2303e41fe2de0b42fff358f6bfde8df04995bfcd486cc090b7cf78710e1e1ca22eadcb606ef295661ea0b951748896a92c630e2b21516be1c78cf41308e5f031ad239ba6bf8a1ba394d2da52ae14c6f3e966e2a6a40950978db49c7c90c4cea4a39f541fbe10de78430cd77e6809f88c07474865fa9c8392bc4c47d89a958fa612a71cace8ec781438ce9a3622f0a4204070ef74fa8fef22155751ea736d906d6b6b003a101f6a85f0e4e1084af051bd4139b73d3d2f1f3fa2ee09b144bae55c7024a208ac709387f0fc72c0388ae5fba60e3e9677bde693adf041f1e63560826629c420f7cf9d6f04890365f661ecbd2010a7c29fde928a486cf7416ded8b907ae2724a0fdf9136e0dfb79ed7cc497134594b16b9b1126188cc6d6af993ac33a706bd0ce98689144fa5718e875bf9e8219e88ca831fc1b3cdd997794f723dc036a2523ad2378e34dc4936e7cf2db29acb553ba95e5e0e53e14bb8d1b60f7b952661f4f0b9079f146194c9874acb9b23517b9f5767f17bd6b7e1335adeaf238143baa8e2ada838132ef9ccbd30afae8f137aece0cdb1d3496be93814943722ffa56da4aca03ae5105b520f798bc724a2409e43f275950faa207820992d31267dbb6a1a2c21de1f5ae6d4e9606550630e2750cbea943ad2700eddee322c2666221aa2817d3c6c64d4778ee2692d5137d74689025f123dc007987f028f1c8ddf030e7ea9dd9ea40b6e3dfac685d82d1f63ab0ad147e50ae742090a8d03f603d5eb36e529aafeda1e38ceaa7d53c8f10cb3d342d01774af7bf65aa9cc1a4cc75265acd326fd1667da05431d250dfddc26714b5515b57f21836efb4b1e9fb1fefdd69db0741e8869a10d463a4177af43ffc42ae62e3c5c799757e4d905d8a5676dcad01ddb0e49fd589a777032a7e275584fe452e5c934198a009f230dd5a221e15cb2ae21ac6be955671b453be7295b2b0b65871349b6f0d273c4f8cfa03e5a6cc74195bd0202540d52b7f7f689a226be2dc403cf15c8a570dca62dad83f6f4f676b544fcb4d70c4f0b3fa9131122d046a6920a167c0c2b8e792bc87955d6bdbfa34346c4137e7cc3b0ec79874c7f6d4b213dc6bbe70dbee4ad5c46ac0a3fbe8a90874e127db87992d73e7ccbc58edbff7bf9757ba068e46ecb29109b6488287373dc9863c7e6111e7f7f5e0fc27b398573755496c5dca9f122723b5e93fb886da154bda025941158634db2eaf56cfb70312fe9c62dcf9acb29d9b3a43b0a5c77a6cbe8f217c2e58de7fd55678d349f4f8f6958e75f2d0bb025730eea821a1f358ef2368db701c24d664ad60add0255bbacb1ee577f0a793d37b3d316f2f6a5f0516c5977cd50560533078e7f1a6bda7dbe43e1ec25f47d2ac434eb51d538c5a702e86de57dbd01b89fd673ebdd33a58309f0a124c965aa56baf477bea84844cfec1337b7b7b6f23beacc3b42051cfb60ff41873839a88e27e3290d13b47ea6ea068c57f2ddc52d18cb8246a7115ba3ccb1e05339a7b88beaa1b42daef7ecf4fd1a1d7bf2b80dccb9e55a0b79c9b6c000b9fddff77504a619b7fe82ed2b505a3d94f21f31346ae8172e1c38c037c01aeb18ab2505862f7c53616ddbb5e0f941e6a7165993c507edd299d357076c2c170f4ae89b0067c73edce891c96fb4558704fc628f56fec60811f442991ce75f409181e307ec0dd9843048b16975bcdbff2b585d260cdfe9ab878371f44bc635f5691b379b96d447e8aee90c0d672581d9a54edb1fef36224c17a1356793344b90158c54cd371a96470158c2e4488efe140136b8114d8fb3bb117200305ee8037450357327816da88865ffe29bdb815f89c2a194fe8a3b8db6e1dfdb2096b6db3cd4af095b6cbb83360abff92fca9e05521981f5dc0710b30796294ac83ed0c8329b902434f7ffe39c46e4aed360508675634400c1f275f2c757053186ce6d999c7c7a5aae063ff24f967475c843fff54aab7366bea2bdffc25392de39a144bbf9bce01c92f9fca975b9fcaa6fbb8f959f8bece24c62e678e5bd5c46a08ceaeddafa7950f85533a8b82b842fa12c176fcce1e53e842d801e31e77efa9b5ee1b74b315b422453dc7ab4d5613715305622ad9b35042ab359b9d4cfab3f749a9bc4d1680ea6c37e1d42d2728bb020e9ad54811f07c2e28438dce4ae4c2ecdc14ae4b9c1b2240f915809f0f2c4451722558df3c5bd8febf5d1c3adbc6c8e62b6475cdd47068281237eb9b77a15ca2df5ce7b833fbc1defd82abc3cd6e132e40cfd43895c092319a66dba0ac28ba008718715981fafc8dbebaef11f86121ff1d97d4be774a5cb39fb9a0419ab8012443b4d1383a208d14d8bcc6c0b1a18bb1dda9fa2c2fc8bc69f655b49ea6308bf8c308d38b913da5b0f4a07c8635b13072338714f955989cbd9c1678d919dbcde34ccdd452a6eed98822dc01bc0e748bcefd8ed325be48c0b440a5cfc72935559b07c58229df248b4d6e95bc94d4da8b83e815c6d31f784d004927a9896bd6175ae28ef23c8cecb9efdc2442554c7b424cd0749ede602030faeef5dbc0d2d60b5a3899c4a10121ed831ef7a04907363b991dd584af60efd5825bf3cba7297c879f5873720012b232572b745cbd159b07d5d62405f910f948954096f71be9499c57a730a1245c0141b71a95928cc7cc2bbfff074fb66cd93d649499437561f69aefa7339060e8809a355758850e5f886a0a8fa168ae733ac643e080f0377ca134785bbdff1bc44f168ceaf1963df13add1fe5df9c0d34a380e530f2ea30e470ae76874bfe7b3d95a4bbd4fb32fe497ce43aca16579c2a5c99b9fc2200fb1355d1100efce37dece4b4aad020a1f5004718ffbf43851de7e0fdaaed293d18349f81874ce16fcf91ddad033ea0a6056f20301019916ca1e421fc4f4306afd51d8f75650e47615cfcb41873c2f0d8fa48b28fc148541e77c6b54422c0d6a2ed9f1ab78eae70005e62c13280c7f79118a1dd63d14904b098810d2e6a38ff9183d5c0ad0670bb6c27f98d2760e8ce653200ac36686c558c4d4f7e524acc9b2491a91c2d9de547e68c1235c7fcc1b0c41f3c2adcc6441cf164d140b8ac7d42e40cbfbc3b496777699c9a3509b3d68c54bd958fdf85483ff694ec5670b0e3b6a23256ab4b642867291df831213fa01004d292167fbc0e5bfa65c59a593465854cdda64a9137efab5e91bcb7716276b2e2c2ac9f07aeb9f9290346995eaaf094bf48259c4fdc0882df165b9d91f25b59bf62d96511b51e61eac5582e9b4929a779cfd12d037cedfdf41380bdaa1f2b44b2be49995e62e3d17d1fa5bd78592992c7f22fae5d8786ca7dfdac4202a2c88d7b77c82aaeafa475531fd6bfc17ba86170fceeb92856604b314d854aed0a9e8b54ee0f180d7d8b0f89cc482a880656c49f38080c067f0221068d6f3d0161427cd43bd7d4b53b7369f7577bf7c823e08d57ed8bc3ca2539c62d14270397d420d9fff9a7c782116d7d707a85d2da4a5adda84e0721d776c5f96442962e1d8b56763379fe826b4a7b781d85e73595b5c8e38566d93cf626ff9ecce2f65fdfb09cea939c66104520e95849c1cc72fb51e366ea5f73e117636cb914ed525d1639ac96c2a07302ac25ab949013b9dc72c2e5458a93d377db99011cdd286b0cda60446c95b33cc567dd93358a2e601a6796413c4fc6041aa95d6fd75f5a045a684879cb87d84938ae0cdb0be865de99fcffcbf595a01749b1fb911434e4fd73b3001c5e66d01d1ed941e7cced156f718a30013e50626d748d0bc4ec6c768050ae4b073fbee7fa97cd4ec310a8cd42b36fc247e55a73569f6353ab73b85a18ae78802b8195f9caff950339fa5ebe11457dd0d3c26dd5ca44de02ccd9956a07ad33b318b00fa8fa3d9a33dc4236a3c0e878ea267b07dc861c20408251f43fcbbf2267669d02b191a5f34a43e1039e23bf0c4cf380f753589169ac9842e4d406d636d1de48248fef43766f93534df143d31df9f04ec9295bce76d48cd4a29844eb1c22e2ea282cba4333e9f50b8292b2b4413ff5813a4c0dcdfd4778e1d746d5d18cde5923fefc650bc9635688ea95f3530568ed2903ad649914a69fba2243f3709c58597b587f15290ec05d7bd99d0388cceca7961e380d209bb73febd06dc31990a574c3ecaa0bbbe770ed420c0233f8a9c7eddf31de96481f5409410e451f5566285fb36d229df53f17d8fe939f19da1a20e19c8e74b2e345f54e7b37d3f90e400c5c38a06cfdc7c259025695dd949fb38a77a7f817b4f0ac9c54d2dfa5e0d259bb570ab6dfb14b5793ba89b9702783e302e4ce8a9e756bdb3d0060f52aa1cb832d26f38a9f1aeaa2c71a18cd7aa6e12091af76862ba1b6ba3c5907a5e42f515e647023c8c7bbc708e24caa6a99cdea90e5167850f169b06a2388b1ee78f28264de2a892d906c42eed69fb2b3a3c9c1236045438362dd8c7f261c6b763cf3199ca1ffbfd986b010cec03b2fddec107633719de41f3bf6e0c20fdd3aa43499ddf901494d594b0d64fe3efcca0a30883aafd1e1c499f0b4a51947483c9c005c9c41238365a77b173444fa5ff1b6ecef1c45321df563746c4fe0d02c0de39102ccda367f487cab938c353db22b90a745733e514abc9b0dd17ad387456edd262e32dacaba268fe2af823f7fad0da0126940a49190b17e0d7f24af031762e3c21e90040e947ab8558e1a7f05376f1f16602fac66ef94c944e3f8ed6f90bf82d527ea943941af2f70693bea868e9fab76dc984b84ef78004ee3dc079b4440da3648e04207821939f2a76cfaae148c5012280edf685f11dc7621c5ff87298496ba7a009301a869c372a643ec12896a5cba0011038cf0b8d9354526e55ba4edc812c73ca9266bc600d97f2adab70b6fdd56f8db1dee92739957190abc7710c410d01205090905d0b0ff0c7e186fd022d29f6361f53e5c97130c042bdad4a47235aa5d7b749ead666478ad7b104e5c05aae719dfb981dc8d8079cc3f436519929963b0e628a315375696c9b8ebb0c95171012ed80ab899ec05162aced648b0bb52cf67cf68f4550dd41c02ae3c77f1aaf1fdac38c0f5ab22ff7b38c40fcd807f330814b03bf89f9ff1b70ca651ffb6368d1764eb751be149c6d46115d84f695e358c492643928fa657b19a3b7fc214fdb101ba3bf336c61cb7af6e82a9fb1f19a6f1edbb2c065bd9b0f760d49d19aff70f4dab9a9232883e9565296080351a2f4e8c1b6e7583b0b980850c4e1931f61f77960d5821bf9ebcb77a89e95e5378f9d8cfe95db93877b01405aa07e14c39c467daa135755e4c99438e8b7b9424db466fc5a90003f4ee361dc31cc2fc1604725e562080fd1272cc925b696f7afd78f04a44c512d0f2df25c89deeca6e302f23d3219e60b80a77af280b4be30023fd6561ddad700b9e2e31672c5a6fb9263a779831dbacf186e9b872406bf38e5875e53c04ca866f304e17ce92f77e01c1f91116888", 0x1000, 0x5, 0x0, 0x2, r2}, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xb, 0x1, r4, &(0x7f0000000400)="edcedc7e4540da3c6d63", 0xa, 0x4, 0x0, 0x0, 0xffffffffffffff9c}, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x1f, r4, &(0x7f0000000480)="a121b9b251e94f04e342dc922cc27283fd3e3e1a7aefea11", 0x18, 0x3, 0x0, 0x2, r2}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x6, 0x9ad4, r0, &(0x7f0000000500)="fc91c00deb8c6085a543645cba98f0ad0c08ee1eb44472db8000bf9d2678e2d9f37f07fd6bc8cf4adb77b52ea0", 0x2d, 0x80, 0x0, 0x1, r2}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0xd6b4cd9, r1, &(0x7f0000000640)="6a769bdeb28ae34895442d056cff4c53fa2ae6825314d7b5825446da87011e5bd504baefd5e312fbb7c41da6e20cc55d474083bbdce919ad24ad32b648274c77eb3f626bdfbc1678c1d90f6f8df948b93550", 0x52, 0x2, 0x0, 0x1}]) [ 570.714992] RIP: 0033:0x45b80a [ 570.718162] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 570.725848] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 570.733111] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 570.740371] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 570.747656] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 570.754917] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:14 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000040)=""/115) dup2(r0, r2) [ 570.781265] print_req_error: I/O error, dev loop3, sector 128 18:54:14 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r1, 0x0, 0x70bd28, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000040)={0x7, 0x3, {0x3, 0x3, 0x36e, 0x0, 0x7}}) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:14 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hwrng\x00', 0x80, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000380)={0xffffffffffffffd5, 0x8, 0x8001, 0xff, 0x100000000}, 0x14) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r2 = accept(r0, &(0x7f00000001c0)=@tipc=@name, &(0x7f0000000040)=0x80) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x3c, r3, 0x10, 0x70bd29, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x14, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x200}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x80) r4 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x20042, 0x0) ioctl$VIDIOC_DECODER_CMD(r4, 0xc0485660, &(0x7f0000000140)={0x0, 0x1, @stop_pts=0xdd2}) 18:54:14 executing program 4 (fault-call:0 fault-nth:80): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 571.106534] FAULT_INJECTION: forcing a failure. [ 571.106534] name failslab, interval 1, probability 0, space 0, times 0 [ 571.124908] CPU: 0 PID: 29066 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 571.131939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.141289] Call Trace: [ 571.143873] dump_stack+0x138/0x19c [ 571.147500] should_fail.cold+0x10f/0x159 [ 571.151647] should_failslab+0xdb/0x130 [ 571.155603] kmem_cache_alloc+0x2d9/0x780 [ 571.159747] ? add_to_page_cache_lru+0x159/0x310 [ 571.164495] ? add_to_page_cache_locked+0x40/0x40 [ 571.169323] alloc_buffer_head+0x24/0xe0 [ 571.173366] alloc_page_buffers+0xb7/0x200 [ 571.177599] __getblk_gfp+0x342/0x710 [ 571.181402] __bread_gfp+0x2e/0x290 [ 571.185010] btrfs_read_dev_one_super+0x9f/0x270 [ 571.189746] btrfs_read_dev_super+0x5d/0xb0 [ 571.194057] ? btrfs_read_dev_one_super+0x270/0x270 [ 571.199065] ? set_blocksize+0x270/0x300 [ 571.203111] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 571.207600] __btrfs_open_devices+0x194/0xab0 [ 571.212188] ? check_preemption_disabled+0x3c/0x250 [ 571.217207] ? find_device+0x100/0x100 [ 571.221086] ? btrfs_mount+0x1069/0x2b14 [ 571.225136] ? rcu_read_lock_sched_held+0x110/0x130 [ 571.230153] btrfs_open_devices+0xa4/0xb0 [ 571.234295] btrfs_mount+0x11b4/0x2b14 [ 571.238174] ? lock_downgrade+0x6e0/0x6e0 [ 571.242312] ? find_held_lock+0x35/0x130 [ 571.246355] ? pcpu_alloc+0x3af/0x1060 [ 571.250236] ? btrfs_remount+0x11f0/0x11f0 [ 571.254469] ? rcu_read_lock_sched_held+0x110/0x130 [ 571.259470] ? __lockdep_init_map+0x10c/0x570 [ 571.263950] mount_fs+0x9d/0x2a7 [ 571.267302] vfs_kern_mount.part.0+0x5e/0x3d0 [ 571.271780] ? find_held_lock+0x35/0x130 [ 571.275822] vfs_kern_mount+0x40/0x60 [ 571.279611] btrfs_mount+0x3ce/0x2b14 [ 571.283415] ? lock_downgrade+0x6e0/0x6e0 [ 571.287546] ? find_held_lock+0x35/0x130 [ 571.291615] ? pcpu_alloc+0x3af/0x1060 [ 571.295497] ? btrfs_remount+0x11f0/0x11f0 [ 571.299737] ? rcu_read_lock_sched_held+0x110/0x130 [ 571.304744] ? __lockdep_init_map+0x10c/0x570 [ 571.309221] ? __lockdep_init_map+0x10c/0x570 [ 571.313699] mount_fs+0x9d/0x2a7 [ 571.317048] vfs_kern_mount.part.0+0x5e/0x3d0 [ 571.321528] do_mount+0x417/0x27d0 [ 571.325049] ? copy_mount_options+0x5c/0x2f0 [ 571.329438] ? rcu_read_lock_sched_held+0x110/0x130 [ 571.334437] ? copy_mount_string+0x40/0x40 [ 571.338655] ? copy_mount_options+0x1fe/0x2f0 [ 571.343156] SyS_mount+0xab/0x120 [ 571.346607] ? copy_mnt_ns+0x8c0/0x8c0 [ 571.350488] do_syscall_64+0x1eb/0x630 [ 571.354382] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 571.359220] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 571.364394] RIP: 0033:0x45b80a [ 571.367577] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 571.375262] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 571.382513] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 571.389761] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 571.397012] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 571.404261] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:16 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x800000000001e) syz_open_procfs(r1, &(0x7f00000001c0)='net/ip_mr_vif\x00') wait4(0x0, 0x0, 0x0, 0x0) r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x0, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000140)={@loopback, 0x6, 0x3, 0xff, 0x5, 0x0, 0x15}, &(0x7f0000000180)=0x20) mq_unlink(&(0x7f00000000c0)='\x00') 18:54:16 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="57d0c2b4b424dfa64564a31129d4bb52db88c00047963606d1a51ef4157e9730b537292afe0d5fe5b33d1fffc798625b080781de1818fb68c76caf9bbfabf21e21b4b971a68b33f01d00e2a8c7d86cf5c4d75255a62aca85cedb40bee5c303dae2e4c77a0f33414a06b52a28db4895615900e300ae497af8036162090d91b69138a6e26e979e77b537c1aa52a9bf5a6472eb729a02d891e16c6959dc533978c9e32f46a4e444b48e006c64276aa62be7b9fa99a9f3669bacaa8658168b566d761865c8055308b024f37b4132a8c419e5c5aad420b9ee32"]) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f00000000c0)='./file0/file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:16 executing program 0: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r2 = dup2(r1, r0) sendto$ax25(r2, &(0x7f0000000180)="75b333e62eca0681a894a1781e3c8256725fc3bcb30b5bf4d160a1a899220d5f7f869faa8a3eaf776a314dc65d34c3fdf027623c145dc3c8db9f98b7eac9ee4f1b6c5f37a4de9ccf9f72ec1363462d38a34a7f2f6d8c2c673aee4f919bd055fd89de16476a2c49ba0da040957fbc05e35c176a0da9253d7ea0b4177d1e763da7165972d970ef6a36c5eeaaa6cae63965ef39c3004e6c4c93beaf59e4decd53ccce4b6b7bdca0a7353c1aa4f47dd58d7df6c27f9891de4b32b520e7a9576d1f353658c2dee581f317b1fdeb074560f2018d2d3a4ab8", 0xd5, 0x4008010, &(0x7f0000000040)={{0x3, @default, 0x1}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}, 0x48) 18:54:16 executing program 3: syz_open_dev$vivid(&(0x7f00000000c0)='/dev/video#\x00', 0x1, 0x2) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:16 executing program 5: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) execveat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000040), &(0x7f00000000c0)='btrfs\x00', &(0x7f0000000140)='bdev\x00'], &(0x7f0000000200)=[&(0x7f00000001c0)=',\x00'], 0x500) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:16 executing program 4 (fault-call:0 fault-nth:81): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 573.289164] FAULT_INJECTION: forcing a failure. [ 573.289164] name failslab, interval 1, probability 0, space 0, times 0 [ 573.301324] CPU: 0 PID: 29089 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 573.308344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 573.308350] Call Trace: [ 573.308371] dump_stack+0x138/0x19c [ 573.308395] should_fail.cold+0x10f/0x159 [ 573.308413] should_failslab+0xdb/0x130 [ 573.332059] kmem_cache_alloc+0x2d9/0x780 [ 573.336220] getname_kernel+0x53/0x350 [ 573.340111] kern_path+0x20/0x40 [ 573.343491] lookup_bdev.part.0+0x63/0x160 [ 573.347731] ? blkdev_open+0x260/0x260 [ 573.351628] blkdev_get_by_path+0x76/0xf0 [ 573.355785] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 573.360291] __btrfs_open_devices+0x194/0xab0 [ 573.364795] ? check_preemption_disabled+0x3c/0x250 [ 573.369826] ? find_device+0x100/0x100 [ 573.373722] ? btrfs_mount+0x1069/0x2b14 [ 573.377792] ? rcu_read_lock_sched_held+0x110/0x130 [ 573.382807] btrfs_open_devices+0xa4/0xb0 [ 573.386938] btrfs_mount+0x11b4/0x2b14 [ 573.390809] ? lock_downgrade+0x6e0/0x6e0 [ 573.394938] ? find_held_lock+0x35/0x130 [ 573.398980] ? pcpu_alloc+0x3af/0x1060 [ 573.402852] ? btrfs_remount+0x11f0/0x11f0 [ 573.407081] ? rcu_read_lock_sched_held+0x110/0x130 [ 573.412085] ? __lockdep_init_map+0x10c/0x570 [ 573.416565] mount_fs+0x9d/0x2a7 [ 573.419928] vfs_kern_mount.part.0+0x5e/0x3d0 [ 573.424411] ? find_held_lock+0x35/0x130 [ 573.428455] vfs_kern_mount+0x40/0x60 [ 573.432246] btrfs_mount+0x3ce/0x2b14 [ 573.436039] ? lock_downgrade+0x6e0/0x6e0 [ 573.440167] ? find_held_lock+0x35/0x130 [ 573.444206] ? pcpu_alloc+0x3af/0x1060 [ 573.448077] ? btrfs_remount+0x11f0/0x11f0 [ 573.452297] ? rcu_read_lock_sched_held+0x110/0x130 [ 573.457300] ? __lockdep_init_map+0x10c/0x570 [ 573.461776] ? __lockdep_init_map+0x10c/0x570 [ 573.466257] mount_fs+0x9d/0x2a7 [ 573.469607] vfs_kern_mount.part.0+0x5e/0x3d0 [ 573.474088] do_mount+0x417/0x27d0 [ 573.477608] ? copy_mount_options+0x5c/0x2f0 [ 573.481997] ? rcu_read_lock_sched_held+0x110/0x130 [ 573.486994] ? copy_mount_string+0x40/0x40 [ 573.491209] ? copy_mount_options+0x1fe/0x2f0 [ 573.495684] SyS_mount+0xab/0x120 [ 573.499117] ? copy_mnt_ns+0x8c0/0x8c0 [ 573.503000] do_syscall_64+0x1eb/0x630 [ 573.506883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 573.511712] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 573.516888] RIP: 0033:0x45b80a [ 573.520059] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 573.527749] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a 18:54:17 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x870, 0x4) ioctl(r1, 0x1000008910, &(0x7f00000000c0)="0adc1f123c123f319bd070") ioctl$RTC_PIE_OFF(r0, 0x7006) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) getsockopt$rose(r1, 0x104, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000200)=@assoc_value={0x0}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000280)={r3, 0x1c00000000000000, 0x4, 0x100000000, 0x6, 0xacf0}, &(0x7f00000002c0)=0x14) 18:54:17 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000000000er_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="9501e09feb079ddb92edd193c3d8b78e99c8dc1019470b8cc8e236ff"]) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:17 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) flock(r1, 0xb) [ 573.535001] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 573.542254] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 573.549508] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 573.556772] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) r2 = fcntl$dupfd(r0, 0x406, r0) sendmsg$kcm(r2, &(0x7f0000001580)={&(0x7f00000000c0)=@nfc_llcp={0x27, 0x0, 0x0, 0x3, 0x8, 0x7, "2dbb02b2b126fd01286d78c0f4fd14dbd50f262557c38a05f54e31f5d0d106005e0d80fcbf962a815328cebaabffe3c746adddc7d82c546fe7455bd6fe3bb3", 0x31}, 0x80, &(0x7f0000001480)=[{&(0x7f0000000140)="5e2a2ea7bd4802240876526ff2877c76bf0be592b01858c040ea5ecb27104ddce8fc99f92a6730b81e98e089b97cf01dd52da30de54c2d35d74173f48368334e985baf76", 0x44}, {&(0x7f00000001c0)="758c645e4a96fb992c3fc11516b92dda60473c0251dc790ebee7f4248e81df063a9eb5eb9fc81a6c43a27e31b02b63479792ce94da5f99420456d2226aaa4d8ae38ff7177c0bd63f85bad019714ce98e068811f7069e57605dc30094a546364502215354f0a7e2af16ca616b73f3a67d64a74a383a6a9d50ee036450a97e77d4d04c87f263ee", 0x86}, {&(0x7f0000000280)="dcdf3e1a154199436cab2160135105b834e5a94470f41d44aee786df95cc05d5820086068532136629a46a2439204b958892c54092987fd8907b588804ebf20baeea9005261e7df65811d0d779c1b37d9689c877099c455ad57719f9138eca94901b02652289f176290f8f5a617ae2786f12bfec502a45f04889a61d72", 0x7d}, {&(0x7f0000000300)="6b3f4495acd00db21edb8cf8a857c6fd3ba208f2959dcbc58a35c4fd312446008d58ba23a8c958f456013d96653affc532da395f18c7aa18e67850877ad8e97dfef0065e8fee0c4531d582d3267028b09690564590c38f958423d9f5600a71394e5907976e2b27e488d9b4cb5e3c773c9086875172b7742e09b52c2cf01ddbbc91828c45fa9894403b2ab3bdfb4327e4ae18874b68fb23dfaf3fd0528dc30d9faef6de301386b1b6aa218980d5f88b140336a9ce1e6f6f507f733eb5820d23f6857390f2fc954a31ff8e7d81f57dace609c3c566144c44d4bae217c625aab7834e9c8926858a9804f100f86d21e249759473e348120050c9a37d7f779fbd50e0b323b6bfb35cfe61bb6da774bdd324fe099ae702deaef41628714b7f7f25ce86082034b90aed5e0cb0e801eb0d7f012ffd2651e48bd882778d378bf6135658d4f3d6e71fac46fc825a5a6dd4efad2781d9ae67cfb6156498aa8f2018cebf9c6771aba710736a24d6d18775b56e6ec8592e72e788777566c69a73787de5ca8019bbc236b2b5ba4e07fd9d8f8bc63222318eb3ed3693847c243852a7be933bc9e2b5c78ad334f702acf0a7466fa9ed20d19f429c24665989d20afe123062850f56766faa9d749bd3169ab7ada953d3fc275bd61d0e6ad06597b9f2f16b99a4fa88c647dedba8ae8fb080db422a172a63ec69f8e1fa1ba3ce47ec77df8d3a27b8cb751a79687b26677a6e0da1b997ea52d8737863485833348fdc14f5ac60afdfd3e9999f0d215ba54d27f848c44132a2640fd0983e554f483484cae2157ad713914bff8b746e7c4fab871c91ec70f5cec7e7b2c33749f137450b0077dfb48f8c92c11e4413a0c3c782743788c97094bdd809799d3cae3e30af0b9685a6dab56e55b1e8958f51d06abcc7d709ddb7e590b2f3f4224e795fd235804d240963afb0202294127c249fcaaefaba25ce2fbbeb5f730b0d1a97c38c87d0c99ca6791b276e2aa6da0b508e3e11abbeca706dd9c1a0dcfdc01d55e9cadcccc6e39ec62e8f8da9e71b18a7ff11a1c16cafecaec189a9a14d9247d6cc8e3ff0512ed0ed25ca11e34729f581cc5a796875f7b586c63cbb011fe898d7eb76e6edadc324c6bae1d84c036b5fdea364341d5995eb290c96e997af00b45a65305f303fbe6d6ff9b6f10199f71ec8ed543a347c3704f7c34da8052e489e74be46f228079330a9c0d682ea9d7276934853f2b3b37534b3d88d952da82022c294d9f0f3c0b608ef3e1ac5f93e32a7290c4ae0980d829325dbe46c7c03cd2068d447f7f452cd1d3410ba8389da14ce9576e22c8fed2114b78b3189cf8964c8928838743e1ad3f48dcc225c0b1b1b8085bb9a5e0e457f0a15417555e0112e5181b654d884243bb03aedf27c6212af75d7a4f0c77a5b51aad0e8601e41971daf9c232349f3692b422878a43e702b21c73ed8797fe636c0d8be0ef66954806c8f4e0a9f64787aa65a3a961cb22bacbc5d33aa02109e9b5616f7c2e23cae6912d630443a1e260ec42f9024955d30758aa863ea16b03b7369d698d2e51feae39412c1973440b1140a712bb08ec2c27f96c3c5dc38b500cac02a1bfc994afb4ee6caa9c8d82f06a860d5e492ac762fccb5417d67e201e83b84f73a91a22a96927c88f77241cfaa7a23fc6b396d2f6b08783b9db880cf13853f3e1203d7a1364c125dc0ccbbee2d07ccd5a3441ef2a7139d048c5a0bacabc6e443894aa52cd6a857cabfb56ba6f494ec59c08497273d76a18021eb731cb08e02f395cba0e671846129d5aad970149f65b559810982b25313424e67d11d0419375afe13d7174a7e46b88bca5f494982dd39f3e57c20102f8cbc1e8d1b4b2242ea1334fc36f8b0ecc91246fe87ced782391d4587508b23c981b9d541e5fc8ad5fb73f019cd36aac3bc6074f1290601694357fc62e4c96713d815de1b109db6a9c99138676c90e1ab176eaf3cc32662c4ee87e5fcd4e54d66aec46d0efcf5899c9489e27b7c43252f8010a7adc61240a7a9f3f0f183a4c48db045754cac754ce27e1ac0b8e1725db4a7edfae4aaa9d7a7b5e9ffe985c23fa8c2a6a613bf6ea2a23c7fae30da4b9ac8365f99654aff6c62ced381a3109e6b095081d60a9603b377271235a4f0132a0b97095569e2676f7dab3603504e29c18553f6a0b8d7695d36b31c418a0bd90c171ca6cb86db1038d70ec5272070e23366ffcb7425296e8fc88df27b683a5d323f800d737365a06f5ef225012679990b6062a1b637c50129292c0a06a5a5912341781eddf98bd965b51823eb94583e62cc8bfb39ed710f3dc1410266f2cc3849d4a327207d8089175d040427541a973c9e094b19b14c61c1b8dae649c738824f603dde09a72c23044ecb24ae77d8adb8b0d8e4fabd5e0286aa7e41c6d6106e87589f72dcaa8c5e895654aaca4f7ba4f2f4786cc93399ab7398d2d1e59833801025736c6f7e43c517027820125ba70a18500ab3c77c67333bf159096524cea731e79148f418d9407dd674924ca2d45c1ba24735c1d539f6ecaebcbd39dbf28576d3e314c35ba604702a0c56615f7db3edaa1ca900d73387d61c1a970fcc4d478b8a30be81dfcc1d027c224d76128f78d4d3c0a2f9e68f152e715188f0a10cea1d6c89374c90a7daa18ede868b102858e53783c786af178ff39d101637c3aca2bca98517c69837ba921afb35e7e313dc68d591c2b43cc8a2cb027138015e4dcb8306b14f49a07f24e4fad6206d9a535c4cd119121feea3b6f900c1bc3e7bae837075104dd524c35f6bc9027aa4aa9f78825f6e7e8eed47430853e88c1236df5c50096327a88c59fb6f611fb8cdba7e81e7beeae17a6b74cc62ac8c5a9c8e9ecd399960b1618e8ea7dbe4e54afae8c99235e22d0794a08e2522fcf1344b2d153210c29041196c7e109da297bba7bf9d312e397a8a2882ca48a6ada9bb873baa177b230ab50f4ad69fe9a5f09c3b206bb850db0c07c917e27f952a8e58f26625ba846cdd150cdc4dfe93d9a855d93fcace70716329ef23fa051154ab201196e9357002dd4e4d62bf4f6601623837a8a5e008bb75f93def06c7831f0c769e2241451ce9e304351adc3700be27725e7af7582be5a868870ea2a94d1005dcc6132c779dc5f0f60babc7096c1124ad5196ba114ffc70493a47330121adcc686d70e3e84c25878efb0e765ea10c5710e02cce1cfb59547cd8f5ee1bb44a476980063dcde1249df388a78e781a2ed03ad1743b577d127d5b6ec09015525926ab200b5750ebd4540ab121fe187c77a6bc84c6d20726882f5975b217f1a970737d53db3fae57a1a5e9086b48e24b1fcdbc162f45c36885d7d132767e129143ae55c109c79ca0e224001fa358605609bcdafac7c2415dcba29fea45d23aad4f97e230ccc441a15385278596276b2f1dab0c7f8e49d7e08cabdd2580e9956c8198720585ef316a387af7d9090d0943a56d82882e9b1619dc8bdceac4300aa9524718136b6515c5b51df4f92fe943372c9790ecef6b11ae218c76a5223abaa67d285b70fe3877bad41336e27201c61b1ce2b34b804d4bbedde73ccac3b142611244596e2df85123ada99e1d5819d2168a6ab503d363899ffb37bde22c5e8778dcea0eb680f8accc8d5f537f321ffbdf54d4ca56c083d9b05953e3f7f964066b6503b8f3632222118ab0d7e6ceae8653c8284138d25c276d428220557d38aa8ed7796a4ab4fc7f5cc937395fc11e59f7768ea93e8a9bfc7fcee9b8a1adc87b5c483e070810f9d304ed0dbb0b695670dc450a3ea1cefdf37a1cddada950dfce18d9d833482aa6c5faea42ba28fc20d33a5c1ed392703e400d773f440ebc89a233d2fe5fe9aee81f82f6f298b838c2c3e451a72058de39d58629de0d17f434fa98e34ca827d624db148b70dad86472a1bc08b5600316de413230ce5025e93a84e5279380d68cc66934a1e21c56a7fbb2018884a3d366862337cb1530acc00166e31b6630c82f4b014f8ff14268aa36ca999c8a3ca4709148a83dd79a9ab33341a8abbc413a39a9d0ff37e74ef26e580613c375e3e5c1801e7b660689cdd5ea62d09b32a848759f3e4b0a360bc7e4f553d95f124bdf860b7991d924a5f9efd670b21d22afb495db86d1d3d89bd99fc545f20305c2cdda18205c3347826e235bffe150c35e19e07c55941f05e619f2332aede695ee628eed0e4bd2bc7431a70eb117e9b2dfdc590ddf2231785ee7671ce0abf0adf926acf046eb2596ddde8b7370137b33d8ec1c1fdb290b5064a33f5f641743f0cb3770ad0568c069955bc2fadf23547abae6f348497aad27a75a33f27e2a53aa1bae71a3e046c07dcce186b2a40548a1970f387b4cd854c00e5f950338927aab531f3341f922dc059765a365dc47c2f8fb3adde84c1dbc74b90d9b794f5e8b5f08c2878567aee674b212a3b0b918571ce411dd13a3cb240423e1e7a800ec3b50357cabff3e3982c71838256b6e30c46ec9ccd732d807f12da4d819ebb5c487e8786f386f8bdf24b7cf953ea630aaf5bbf826f0fd29aa0c0b2e511caaafc80991fb307607ea9717405a63519cc2016750e0a35e0e4ad8820b1c354f000528a592f06a78568cad0ce9190cb0e27928e9f8b609207ff434f9e1a14634fc4fb51ebad4a7ea1099f706b9fab4820d783ef07738f6dd36a8efab7b92927c95353c41280d2b243355c0b9f13663e3d5265128b294ca979125d738593605a44a96f6ac69f976490e0175b761d80294909c1cdf23d229440f568492b7defcd84421e5fd22fc12191e1b7ceb0d9aa247205f76f10b359589f1b9089003ca590d56b2429cfbf04b98004a6fe154b0e3e24d8c1b536b1965c7ac4ece2bc530c26ef0050aba00133a5d1fdb16de8bc7580c5a946081c823b118096ec3c772a93eed44b9f420d9a1baa60f788fb095d9033b7f7b4afab1d970d0b453f4cd23073e59a5752114b32f66afd8a023fc27040b0cc0b3234a54478645ff286085a8c2b8d1f5d47c2dacc6912140dc287b7c4fc5a234dda0787cd4b52340a5b9fdedd2ece7acfb5fd3dfd9c6e4ec817aac1fac39a02eac1eee210567390356863818d89d80c38116ff22d941badd7d4b6d1537c179145d122a8556169525370dc61b051762f8a7df0cab5a43d7497816ed2813a0f6b7687660b709ef5a6299c8a39367cd95c64bb2210dbaa73869377a865de4500bb25bfae3340a28c6e5d99f30efb446e71be007c7a78b4ca7c0cf2bd3c22bd3284b38c803b63bf022aa3d978a989863d15bb91fbf8a8aaa3680b755377a854ceea65c111005eb7ecd4adb9d93d477c0ab3c6cb69b302d85700feed5bce65c2daac7d53a8fdd7f079887df9151a1001df7c1853a0bc2c480f5d1df4c18553d005f02a0c93826d2b68e4aeae934a9ce6c7051fde63274ad4abd0ed8bcf957512389aaae62b0b48238d42ec40386c855fc39a65652b0df8c7ebec5b063705125897ffaec6b0eb52bfac0af11772c0f5c6cbdc9ca7bccff2c41262f1c3ec6c0d08825db36985645a138797f3923917fba8f362bf4aa9f6ee22d22af2352bad9f74ba2bb177465b6d751385e4070d3bc63899ba1a90864ddaa5436c75a900108f248d78337c02a9ad0cf5cfd4561e2b2bf0318493135eaffc8540f3d2629a4243be08431d1aa2af520139cf089485801d392a2a1e8f80d0150837f18babcf244b8590e3857c022b496f532bfdd199beda9ca1eb0d2903aa217dd27749dbe1c18f90c788b2207032e74dd896394a7bfc1932b4419f6c1a3d9e079c607da", 0x1000}, {&(0x7f0000001300)="ad09eceb9cf8980be57dff1003", 0xd}, {&(0x7f0000001340)="96", 0x1}, {&(0x7f0000001380)="cbc316e01a31107552c12b8ad461bcedc9a1a7f765d27de626350c320af67e53761a17d4474d3a9dd88df37bd4fea09a6942f8a1b45081cbe91a2b98acb835203a0a77300c8524fafae5433eb95bbde349e3cba4d51b3179365b6b9377770f23d116963ff7922fb6a9ad860a7ddc9df8b4d38dbaf340796ed421ac071f55417f63446b85dda819d514328af552b6bb80c092edf3ee22b7a805cabc0cf2d0a6cfe3f3b7e59c597dd46b0fa53d52df45fe9bcc2d1729176858b8eaaca68ba074ef3f1e67ae013eb501eab1dcc6c0d1165678d54676933987640b2857b57ccb6731aae2918dd9ab5d41b8cc21440e82d1a12b07c78e58aec3a1a46d70f6ce5946", 0xff}], 0x7, &(0x7f0000001500)=[{0x50, 0x13e, 0x10000, "5ba095e7b3b9f006a3622ba8cb234227d5646b775ba35c323e8a49336af81f1dae40e98bd59825860c37c1e844509e819bb6a5ec715e5a88e3"}], 0x50}, 0x4000000) wait4(0x0, 0x0, 0x0, 0x0) 18:54:17 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/hash_stats\x00', 0x0, 0x0) epoll_pwait(r1, &(0x7f0000000100)=[{}, {}, {}, {}], 0x4, 0x72ba, &(0x7f0000000140)={0x7}, 0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ioctl$sock_FIOSETOWN(r1, 0x8901, &(0x7f0000000180)=r2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:17 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75704f69647cab166cb43ebe563d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000080)="3de164a4700b03be54e868c61ce07366a50517876fb4c16495161716df308c852d1b13beeb692bd8b9a50b6e4e63bd8f1ed68621ec4fee5b4a25767689c36e4e956e175bd59d039c07884b83bd26df5e961c9bdb6431899913e431") prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) mq_notify(r0, &(0x7f00000001c0)={0x0, 0x25, 0x0, @thr={&(0x7f0000000100)="6741a90719d6c985e511fdce4a9f70867cf0dcc16fb6c0b83dfce8ef4c10eba1a068433f1fbddd947e1d41024eaa350c08f04163bfc26f016ae3e94757e0f8233bdb0ec2bac6fd27c225ca4f97908e7d5bda1742f89e03f5042a61764bf261e65aa75af6b7d1eba21ed871bd6820ccbd89dcdc00b8681b3871ae1654a069fc1c7233bfb8e2348eae2ac0f19d3b6158f21030b409facb1de8bc", &(0x7f0000000340)="04c44cc9f6149329e5198bbfac6e62852780328e296e2e0673458d3ee2395f2ef9878c38108e0ea9283a786984a0cea737031160b2b7872fc3dd697f60a2314d87a8fe673907146d1907185aa6817aa1d958408db4041bc1476654cfd27427c5e7fd34c77be05417f0302130b6cf85776b0482bd85dadbabdfabb836ef3eee5008c36954b5c294c1052444c025a124529678f7a49c3a1136a6bb6a871bd734cd59"}}) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000004c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0xb0db16a21706e01}, 0xc, &(0x7f0000000480)={&(0x7f00000002c0)={0x24, r3, 0x230, 0x70bd2b, 0x25dfdbfd, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x8}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4000004) ioctl$TIOCGPTPEER(r0, 0x5441, 0x9) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:17 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = dup2(r0, r2) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r3, 0x81785501, &(0x7f0000000040)=""/183) 18:54:17 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f00000001c0)={@loopback, @local, 0x0}, &(0x7f00000002c0)=0xc) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x7, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0xba}, [@exit, @generic={0x1, 0xffffffff, 0x800, 0x101, 0x3}, @call={0x85, 0x0, 0x0, 0x56}, @generic={0x0, 0x5, 0x1, 0x5, 0x9}]}, &(0x7f00000000c0)='GPL\x00', 0x8, 0x0, 0x0, 0x41100, 0x1, [], r3, 0x3, r0, 0x8, &(0x7f0000000340)={0xfffffffffffffffe, 0x5}, 0x8, 0x10, &(0x7f0000000380)={0xdc5, 0xc9bb, 0x1, 0x1}, 0x10}, 0x70) [ 573.707043] print_req_error: I/O error, dev loop5, sector 128 18:54:17 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) mq_timedreceive(r0, &(0x7f0000000940)=""/4096, 0x1000, 0x7, &(0x7f00000000c0)={0x0, 0x1c9c380}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:17 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x100, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r2, 0x108, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2c}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x861}]}, 0x40}, 0x1, 0x0, 0x0, 0x804}, 0x8040) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") lseek(r0, 0x0, 0x2) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f0000000200)={0xfffffffffffffc01, 0xfffffffffffffffc, 0x1, 0xffffffff, 0x4, 0x6}) fchdir(r1) fcntl$setsig(r0, 0xa, 0x37) fcntl$setstatus(r1, 0x4, 0x400) syncfs(r1) 18:54:17 executing program 4 (fault-call:0 fault-nth:82): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:17 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") dup2(r0, r0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = dup2(r0, r2) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') gettid() sendmsg$TIPC_CMD_SET_NODE_ADDR(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, r4, 0x20, 0x70bd2b, 0x25dfdbfb, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x7}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x2400c000) 18:54:17 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f00000002c0)=0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000440)={{{@in=@local, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6}}, &(0x7f0000000540)=0xe8) lstat(&(0x7f0000000580)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000cc0)=0x0) fstat(r3, &(0x7f0000001d80)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000d00), &(0x7f0000001e00), &(0x7f0000001e40)=0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000001e80)=0x0) stat(&(0x7f0000001ec0)='./file0\x00', &(0x7f0000001f00)={0x0, 0x0, 0x0, 0x0, 0x0}) r12 = getegid() ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000001f80)=0x0) fstat(r3, &(0x7f0000001fc0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000002040)='./file0\x00', &(0x7f0000002080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r16 = getpgrp(0xffffffffffffffff) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000002100)={{{@in=@broadcast, @in6=@ipv4={[], [], @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in6=@mcast2}}, &(0x7f0000002200)=0xe8) getgroups(0x6, &(0x7f0000002240)=[0xee00, 0xffffffffffffffff, 0x0, 0x0, 0xee01, 0xee01]) r19 = getpid() getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000002280)={{{@in=@remote, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@local}}, &(0x7f0000002380)=0xe8) fstat(r2, &(0x7f00000023c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000036c0)=0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000003700)={{{@in, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@loopback}}, &(0x7f0000003800)=0xe8) lstat(&(0x7f0000003840)='./file0\x00', &(0x7f0000003880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000005ec0)=0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000005f00)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@local}}, &(0x7f0000006000)=0xe8) lstat(&(0x7f0000006040)='./file0\x00', &(0x7f0000006080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(r0, &(0x7f00000061c0)=[{&(0x7f0000000240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000d80)="538d0306372b425f8a82a807b901bea536be03568b31a8c9dc22911a99969535f263bb17178b28981c178eeec1ab01c85b332f8bcf4d77bda2e9077455d60dd26a856025378e35697d368e5ef557dd384e994ededb0111bec367408ec1bc79d9aca4664a4e3e0448b6fa6a86214db1f786edce2d13447a13aa938cfe6f5d37bf4518c3d7990d8627fbba1e88ff32ccc3f5c10c20f99fb59f2aaf9a54078165e074141da93128f145758e4c03811890801b71be7b7ee3d5ba3697aeee318699eab3aa277a06bb938512c143c17ce53b0c26a45cc4b590cf93e7d81070202f26036bb9a034827c41573d40c5d53eb28acd14d1ac138b7be6a94f9501ebb0093855c8a2f4ab6c74626925a55f319fd35793f96b37f119e086d1b79e1fbbf2ebe9f16e63d7c306c42f3b3c089e37eec711041d8382f1093a3b29fd80242538186b8cc73359c7b88417050dfc7adc42ba663281baf9f7a692f47351604d6cca0416a59708eb6f50fd22c9c8c229a2569df1bc4750ecfbde7bea34732810ff1b356b26d08d106bee4913b7584d521d8804fdc478c6b75b85da61e3d5d69103aec469b55aa5b90b378af8d99c32966f36a995cba36d996e40bf6e40fe50e3d32197bb968d9610ee7e4b126cdc75c20429c7c86ef0f444d94384d17be8d6718a960a125ec28a025a284355b531ccfbe6900a683fac595d3c3f2c4fedcb39ffdcc8ae6fcf8e4c3b4486b3207cc2f4ce8010ed6f58fb2f349422abab2f6436351c0d435e9406edbce8f39aa2e8796a5a3e497ef72864c643f39f774492227e068e0488dc89a8cc90807b134c1c4b929a0041fada2e9984905a3a91188c4a94454aa06228b9bf85c13023e8f17ef6fa68076e88a94d639b5e77a0f8c7ffec5adcc238ebd2e420036804870613064c0117d2aa1dfec75a0018e0b86607b6a05fc1a8f396d66749d9ecefe9ba44de196334865b8bfdb84fa983940c4848bb40dcc0572bb08241700ab8e7ac4508243b68d70421d28e41845bc42332f85ebc006974326260870d87b4ccdee7caaccc36075e71bd63ce0720ceabfbf9dee27f64cb200268f6eadc53ca028e653172c57c183d81f5582f8a404cc7ba285b6e571371e30006a9d8220223a93b4fb530bdf0a7f8b2014850843962b27279c22e8ac189da7a6d6f8163e205fac670e1ce81d2e85345418e56f15b55e01bfc61bc9cb24c7e4a0a7950a3d18e2ffdce9cfb3e31aac5e51df8f52225f777db11aabaa91d15b65af2577a18b03b5f643bcf3403088a91cb8949f0ef67a2f4723ec32f1187702650ea15aac6fbb3c7d064d06b14b21b3c046259c8582243d19281dd2d953f67d0fe8b713095c13a18d3922f12117d697f17f41d6dc9925c069662967a7b4d4c67f23a8df95fcf95c7b26d46afb60a5386fc36602400d43e0f51b948ad81a3c70a0c35261828acd9dae285f1b77fb2fb3b57acfec28e49ed38434ed37270165feb5e18b1eebc20503b45053ac84acdd5760cc8cf18c81747fcedbf2031189462328fbd13a7120f3bbcdab5cf785f56bd706a85d6af2ebc40423af2c0cf9abbd2c51bf3b05de53d979966ce1dde7f9081cc8f3779d24bd2062352a879cb5f7567c6d2297b8cfc0fe2df6a75b39334137753ffd8ea7fdedef42effdb806256810e18965366d398bbf72370858be07aa42171674ac544434a8c0d01627d5cb5a9f865dc668b1388dee374f57b735c2390a76e3e8734be94301fb1b9cb592efe6b5a2bb703c6018dcdfb608d9c769dc77d641e12103954535fe775801974fc5016ccfb79930dc76ed9c02ef90bfd27c6e5d84e659833df68d22f6ee62bceadf85b725267072e3f329802d4e58957f8add8ed640d31a7f27318e5746e3e64f7c9b34108d96d4fdda07ce425e4b76ced6820f3d3eff28b1ac7e1ba37b6b8984fdc2b77c0d96170b302f8bfcfa76c64864bb2f953bb74233b9d310552c2c23c74f2f07482d338109cd46e7c417208d837bc076d19c71a7a00c65ec154592da43e54beeef2c16f5a4d62e4d8ba9fe0aa02353fd5535924a9572eed9b1220d2422792c6226c7be19b6816d27a89dc9d5ebb8d606ede82d45cad397f55be859f351d793946016195014d6fcf9084ed88ff5c3788fd25b501f4b66930c16d9f50cb882438a4b40828baff4f0726b8da508489af6b52d05ed35b65eab1aa53b0d73993662db5d6dad7c8c8a0a3ea0300153de02a61da8a478574f8d28f9e98377c03d245f940e09e9a2b06c208e098e2b4ee1a011c393e3e399250b1df8c35de2c64ee90302aff09160bb4c7a1bb9dbda8701701d767ce6cd723fefdf031031d7bded49cab9e586c6c62df5cee6d4b57fc8b8741c766814aa251d8b41b6b69019339f1cc1e39fcd7dac18d0f011b9c0928a50394112e5977981e880aa22613ad5faf44bd0804f1470a828f95c68702e13db0c1b81493b1a4f4b3e63a1cf5cc325569bd30f4264107fe6158bd1b5fbf3438326931f18d46da4b15e02c63fe8f606deb56de45a193781bd48c71615331f32a31452c46a90cffcd6dfe49dc15271b57ac3a32a7d02f36e9e6e443cd259fce24335c230d9bf35e0f965df8c055a3cf59443c4c858d928d0e8702c5cdf02c34ae19ca50aa1852f0d8ef7f65aa7d60b156b13f31cd18b3d14b000029720d8541db542ad3687e90973cf57386f70fa1c88c556873742aced69b165597ffc5168c74748cad8910ab89135fd5f84162db89bbf4543a83d03fef9a7ff155984050206d80a211bff229ee63f5896ec939d155a278812f0cd107bae74c2180c971cd7f12e5fbf7b75cbf656a461fc19a1849c41eb2a2b12d9667eab4908855b75d67d50a8d25c59d0eed5b82fe27b67f6fb8ecd87687271fe34eb5349977c5051e9d700b6f2096b498fbb82273037a0d7474043551c30c4fb224ed9a3683d0c465f1c579123a9aa185530493972063988caa3f0341ad966a0ffd89605c062c8945422cceb67bc549aa429381c4f132873b8f7dff363e02f45e207babd73f868b6258b036e060aa839e76872db1eab1d4c5bd5d7a6eba58893f59686004951771fa0fb7066c80ca4efe71544a94e9e53597fc929047b986ed6aaf46b51921ded8d9448f78d6f67074c10e7881ea31d0e1ce1f7c845b11d23cbffb3ff917bc2a2a66f679c6b97a5996db3ededde64911b2cd8f495de782a7950fc82cc849a30e2ee670464fa5f36a18aee00a3c8c44a3c1205efb0efb5a44ff9ae5c71d0f0d29d21b79e191dc0b9956785be7d4bca31aeb18ccfd20502d299aa6e0063ab209ca020f56b1b4f60ad7a0015618a181719fc59097472f37432fc0e28d5166eb543bc358c0e3726d729e23b0ea499e4188692a19a5af172595c066dc235e680e355386b92eb9ae456384ab005eeee8a9211b9bb37eaf5d7012087bb3d5606e12f5b8d67393e191d792c8f47c9e68ffbdfd556c14c969fb42b80557e08c7fdb4c59b6d562ccaaac5a98639e405a8735347ecb5c388b9b41b707c48928935a798113a3dd670ffad1af2f7a51cc5638346d9eb439cc2f82cf2e2dee8365b1d9f5337d49d6c85904bdea940cb74199dc8b9e42e471096f2b3aa4df763a589d7b8a2de1dde41141cc7cb10c1937288848bda67ed762a3711b5a130c186b5e334333f53d6d8cb997dee31c47e4855a0b4a4c5a73a4e24bd3746357a8376e08ec0aa929d728fd2d65a2d455fce03dae3d0f508da2d3aa7b45995af995928171661ee215068d88c88ab11f38bb4959629546d26b8943c7fabd630b7252b237d0eef9246b79e5818d79f7c2980bb38ecfb768f78e758e4581b396233e6dfcd8f105fec405ea879aae419820770702b09a740e43cc7ee1f164e0cbe1ea5d8cc2bfbb065e74bb0a2eb4e9c17ca1618b6200afc10b6432e7689bc58a698b07b8baaa35b73cc9840fae498335ef4ff97bedf4b9fb6dde18b3e1d35be94c7770827666874ef5ac7c1abeb699e7023014543849d11f65bbfdc3ab038ec6288d8348d83267826079d1a83d591d37d5d46ca2f3a93d11297d06ef3b1c02f5c565c3dcf44d86d494f068a18a5291231957c2c1e64f122897eecd98495b28749d2e9afc7a22765b1f5db774ef245dd7766592eb0bdd593adb8630f1a654c5aa014c6256ef3a68cff8db368b521eab725a164af2b48de8907a950a3f7618d4a92f05c7cc951c201d534cc939e60564250495dc91adc23aa4404d6f14a0405e59beb5386edfd3f8dc1d791f059b201e8e11446f098d20ada3af808f57beac6347328ea9dd3e37601dd3011d095bfb7d5662fc54fb35581234743a1ff02478b37f77a755505c7a749548c795ee16ad7e0744e4db0fc2d1edbc837478d8524a52da9f0af59e7ccca44ba0795fdb2abafe5f755708d4152f6b9ceffe2d0b746cdbec6602c2f008a4823244a7c6ddb89420c0df5a717b1d8d291172d6d4d9aafa7eccc7f8cdfd1a83ca9c5579cbb1aa8a28a426aa48d124036b33029d341a17603fb7eb827efe493e218c2f18f3bdaa3d32a8c64831e7b1fb84b5296b8018d726920fca034db8faa09892b952bd086cdcbba9fe2ce6047ad32b71abf51f74b42c9fbe1e99285e0314e01cba46dbf7dd2af17d927aff92d07419cb48a6bce7ff58842a0163f7a7d97c19d10e296510e438a426df3d4238acf6a058ab498f628b0e92a094d0f82cec3b57d7395ec1ba9e6510d3f67fa905ead088b862c7a88753f6785ff2a1719dce7dd74c313e7fa68c3c0bce7b0196579e2b8db0afd361c877ef4568eb7d0fc27f4be6a766730edc55f8a2ca3c5f7eb0e5c2a0ef115d5aa7b0137e6c3750dce8e1a4db1fbeeef1939044e281fddc4d0647eca22f58533c76b438505032a9f320048c85cbacd34572733498158b572471a7864f4a0a36082ed9ad32f80e8a24253537d019a5910c0a6b6949ab668cc533070dc82f8086ea0763955159d898286127f02f4ace62690e9812031524b184333c5c4ebca3ea37814ba3d5f3caf4d1efcc394311a77e320f05aacbdf404b56ab35c20c94671968dc29b8e1d42ba609d854cd13f3a475827567ef3497367161a6ee27df9725a87361fafdbfcf892eed88d8e3ada53282cc43a771858aa462abffbe7b2087ccc0953d53f0833d5c25ded48ffe4861b1ccddbcc4f546a7643f78451b927f5be2856433540877197292b0da2a5a57e9b7a74b70542e1ac251125f9fb9cf615e9336c743dde21e818cf27ac9d2eb3743a8b82f6731b397c6a73a7e09506f2974cadadfbadf4e21fe184e482d1629b994f2d014c0c3f96d12537f0542b25f4942f07a6bb705ea3510a4348ae0b7d1aa1da94b3894918b397703206a4d64932331e8037c816fd8c9ee98a3afce725de97ed597a7e2be7e4c9b3bfcdb82eb51ee6c7c2797093598ba95e38d04514bcd54c6e62521d5b9e461e00012ab84ac7f3ebee9c4e937a107ae53305ecf64bacf4499dd009f518cec7b514989c0befcf2aff64cee6acb9c2c9c86ed9b09857bd84d2fb032d17975f717637a9f5d8acb2f57f4ab402e68cb5695da785d6b65817269b8baa340029865dc6e981c979baab212bab05f2e9f67cd8e0d64c3b02d1c911b929d12dc5480e9b09a82224a18f5609be6160980a757761b8243b7fdfd5436178fe8d9b734b381195d5e96fe2defb719cbf24d78c4d34266a5622f68e7e78e7f0731e10efbfce76b33edf13ad1cc5a010371e5c2eccde2dc6c21f7416edaea5ed0052d75f0b608ee5546bd145755c2a8f3b5ddc6818ff1775a26602111b9bb6a94fe893202", 0x1000}, {&(0x7f0000000340)="2022a8c10c5e13fdd54cd12c856a0a3d3a782973d274dbca0c2152d3824aa51dd304b5920bc0098be7841581ebf461e045451a788cf7400356757efd7076680bdcd244", 0x43}, {&(0x7f00000003c0)="876db549190ffb3257cc420a8478b258de23fb692eb69658ffeecc4cd9035a8c600a8e612e053b005734669c86a4707e5858443d7da3d611ec57326f10c26fa93d18e853325030", 0x47}], 0x3, &(0x7f00000006c0)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}], 0x20, 0x20000080}, {&(0x7f0000000700)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000c40)=[{&(0x7f0000000780)="a064a983a6a00191dd035e29abe4e8553ed70706a38eea2b810f579ac4c99d897bfd04cada2ba2d47003fe5b0e6a4137eca88fe854ac8878de0931a6208566be11a482415ae276d766980db2109ed4425b1393b576b4830568aa88617e2cf7406a40fd1b42219d63dee5ac807e0c88320830fdee6ad695920c9c4e53da6beec8e09437cc55b5082432969d0cbf5266589e06531e2b1b3ebe2ad0fae78f017f91277ba97eef5d44a1622e4fa533a7494002ad7245ce79953d47f76dc91a25acc6285c68a1ac1eebc2096e326d8de25c929b327896dc2d217e8bf98d4c9c554fa571199934a887a91bdb9a025130a2dd259a81fc", 0xf3}, {&(0x7f0000000880)="f0ebb3d2db8a251a4da5d48eb5eb197080b06d58eab4b43c48a46abbe7ed3ba49d55c8f492470262199cd75835659ca1bcd9e29ada49e73c8e71cce1a367fa42128a63ef0b2f3c1c653d1f58db7cd98e7d54d2df0ca28ce37133a1ed10a4399b5150c1c56913e0868e", 0x69}, {&(0x7f00000009c0)="68d9728b0bd8c7109d3e3e44ad8732e29a237c6333571f497aab0ab10ffab14b511f972ce3f4a509719a2507f158d21eceb0f5c8887d00fca3be5f92d5b0fdbbda57d3be27ffc8b6b8", 0x49}, {&(0x7f0000000900)="ed73f208c1ef9967ea3ce16685c42331", 0x10}, {&(0x7f0000000a40)="0e8a448915b7dcc5b5adb7e22920df1df49f722524d044a12c6a9b9c4379b49289fec470e088aede9588ee7aa1904ffda67f36ba4cf7287334de3fced478ee11f2b46b7a3dd89a28ccba2ebd764b92aafb9b764b114a98ee2fa59da87b81e441893aa9a938bc2d2a5aeea7940f6f56c772e425740cc94421826b4e87a50a8160d19a5b29c964c9d35002492861084358874f01e4949b3a58708ac843d9d612974a71b7443a2d2e54", 0xa8}, {&(0x7f0000000b00)="f8c9dbcd61514f0b685cb68de81eab6208dbce2885", 0x15}, {&(0x7f0000000b40)="4f1f38a45a1da488154be9fca24034a5cb1fa4c1fed7b0921f8bc503fd556029926ca0ee160eafb35d33d530c39071510c56c390a9501736abf55157b3ef23031036cbc8228ee703d1ab6320f0a6fcf51b1fa7c37913098722d0f2017355c0f4282e4902da3e392aee029b17bbe5a82ae0ae9eb2", 0x74}, {&(0x7f0000000bc0)="17f0fa33b8cba6256f93ffee5a57c2d912e717157b9b833782e40f7b20929695d554693c73ee129c479537d35407209c337f050d1c16ba2017d6cbb64827b7a78afce3b4e16f61a68cad1d27a4df23d39cf064caa5035c3b15c51ab5189baedb28647507ddd10d7269716545089242253e048b7d41cd7e38ac5be290f5", 0x7d}], 0x8, &(0x7f0000002440)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=r12, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r13, @ANYRES32=r14, @ANYRES32=r15, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r0, @ANYBLOB="2000000000000000010000006cd19abc", @ANYRES32=r16, @ANYRES32=r17, @ANYRES32=r18, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r19, @ANYRES32=r20, @ANYRES32=r21, @ANYBLOB='\x00\x00\x00\x00'], 0x140, 0x20000004}, {&(0x7f0000002580)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003680)=[{&(0x7f0000002600)="cce82ad3bd164ba356b162c43dd4f2121183a2951a5a15b81f72c938d34093a517a94ca997314a8103bbe6c262bf9fe7e708b5244f3d9ddd4956a0e791b3c6bf12247e7cceba5417271a7f6b98235c9fc358af325acb92f4762943e749d2ab9957b77f6e037079342015e490a6f5a2475e5fa8df58a9a71fc764861be3e13f606555dec66f48f175bcaf2881acf1b56856b3ba9baa3b131075854e405f3f9511f96e5cc6951c5f45ff57ad5e2b61c8ff9d5eb1d049b986e4ef5fcf39adc5cfbd4674792b3102db22f6c475b419f64e100453d46c5fd3c7a28679eb1ffead9a603772f89d8be0b5c8d78ecc976a491f1b497aef300154024e1b09a8ba4ae22633c62bc7bf12ea498b90ef020ef107e7d8160f0d69d848938d71d5e90f201f64e836f8eb940d2cc0c8deb629b5e5f8762ccdda11df472e7ee58b2c598d7ac4683b7b4d5596cac9c6a631c713ad1bda283d601d9ebbf16078bb09351319307ce0bf53437a406c4689b26ea39427c46202363a9e47d5e95ceefd6e6e2984f7ea828d58fa999a94394fbc8b092a193ce2f58c2e4f030c558472b695ffb5df3d5d9eff68d5b053596eeeace30bc2ca2867edfc7931c6d7ee738a85058bed6c35a99d99c079e5af134891446e152790d149b2109385c1f22ba64b368a834838217f72c391760f0de4588d66499cf77c165d272f3ee7171ac918146650c7262d700f90bbf307dd91a16aa7dde5d2d25e0ee79604181d085f5ec1f2fb64fd73c089ae041b0f4fefdb225eb8525879fdcbf4382f1f394886e895f494edeee97455ad5c62ce4861eb0017f0462c5130b122fe95efe52712fbcad87888a735d647b550eb5df4258bf05bd13d04cf6d6bfa51ed238ff142f6d9949a82fea92538db676758071ae08747de0633ddf1b955318b4397d26a960e1fe8d8321699132bf0bbcc02a107b1acccd2c6aa9b9ad0146a4d029afd615717070b1feb6264d627f30c9cd40044b4f99fc94868a8aa9be91c9361d8f0fcf868593d58bb6758a9f4300a7110aa1866714c313b1c1b08e6b204f529d7e8c9764c12b949f76902ec98dd57bcac6f209d9aadad37295e13befd25518f390e2e19a5d7264b284f963cb40c7f24dea5dd7892483a623ae4e8bfdab28db7d7be096ee4bb4eaee9003fcb4399fc788f98679131e512c84abc6c7cba80de9ecd77ab493791ed55193e6136f9ebfb0424c9b611eed10eb52103189638e439bd38c3740433f4c8a364ca75a5567b1a71520cc5ea2d8ae6c15b4bdd604eedc160de85d5f5f1678f0c8518691d13e2ab50acd24eb7eba4e9b29fd8476126d90c96f44002254f68be333f65a5cfe42d9bc9e25951a5d1577451a89ed1076a4eb76f9f0b3be2fbce892636661619c56d137ee46649f69103ed76a878f262d30e6ded679cd8686a7ea2b5add3b1079b914253c7d7509e279f6b2837a44c0eaf6206bea9a9e85164729c21c1af639fab6a5bfb2dd2cea7fe54eb6fdc6dbeab6445dec9d6ef3863398474e0ae716e6c0812d30c299b507f7ef2a0a73c504adcc3bfb05a9fbfd74ea94caf2bdcb00c33a2e8f1ed2f886bb226c93357fcf724340858f9e29b28e2d31a4e30d0a81c68150af96de8c253d3c3f30e17265cb722efa2227052a071450e71151fda564839c6d4a39a1ec2adcd36e1f27e8052b16a99ce35e1413f92f960b3b67c623a470e1da9dc29f7f3e9668d16aa39fb370fd211c9361bbf59d49b477e66f2f65051c309e3d2b61076b9ebc32ad9d5bc04271f6b4b50b1aa504ffc58167adc208c418b1d538eda708e6f4e85343c454d5147a4c572e993dd51292e67a632be568a9b7a7301bbffdabfee5de2f02eba05c96c4b4dbb3fcb34ec29ca37013cada6d63516b2dc6fb7ee73ee55a9b06bbf91fcb6572171fe3babf4f2129c91383b97103e3de2b91a7b5dc9c05c71fb5784d989f06e0a59f3772afb5da1108a4d155ca79334d941877cd78878a1741c54b16ab491dc43c797b045a6cbc2b87f41bd01279c8366889e9affeb070377f483de6997c2c4f347b24268956ef605c8ce4798bfb4e86484c939060bf6a3e832c16c9e6553de4602e39962ba68ed9982de4e9ec6adb4298ce3a76dcb1fbec9d165284d412db112f6a53295954caedc2ab9e65ad56d45324ef6a15d7d9e06e8fc002c7bf9d4a2b1f75f24cfb191949deef26f85b2f61789f30eb37637a2ce00bf1a8366f55ca3e5c2b92b9ee5fad159b07954f06cdf8610bbcfbdb09a35205c3befb2551ec998e9c14a5c1f8b4c56bf2852206d64adbef3b2b35103824491393bfc60723c5d4dec44bfd92506b111c0e398784588ec8f1a74b5efa4fdca05a06575bcf2ca653f981f1f5053c6c0dcdaf890355fdc23fde4559ba3dae1f74b41aa1fe9f9527178472639f83abec256adc3a4aeba1aa3f667db399f71f000211dcefb264490e3e9f1bc7eacd42fedc9bd36639214bace69e83f6fcb5bb68e2be0a89905ab55e99d564bfc3548df112d30dff13f7e967bf485b691c3f542638290cfa939390c400713673038e0f076ffba9e796267c307f24c8e205618b9171eaa4827eea7948507e0bf0fcd0c4bd2e94c67b110d4b8b86587b878c9a158d0bdfb32853658188b4bd1616c7a0dff978e36d6170f3f97a9e7eb789cbaeb8ed9d28bfb6d9f72b5087330dd4691a22cb1ac376cf953eb0eb7d04ea8449a9814649402ee9e9e41b2d43a4b5940e9dbcec70106dc131b9227e0181b07d70dc4411c6a8c46b821311633446ee2914798ccf393dc79e5b7fa388f533162a296c2fa1b345204477d37ab89ad505a53639bcf9211ab6ae458cdd7c5bd2a783856344dd062e512e7ce46a597113180efb571277946aa22659a2d47d94f25f5e6fb2050e28822b3bd5ad7415a6e3c37f9f9586339684b5e1742f8edf4a48cdda13643d7935f317c0a17c8baa14df42f28831180a7b1a08996c6b45449ae94c3677c992b0a9cbbb28ffe520269cb5c2cea0e5fee07ade8b519e00cc55dbe99c802caf7ac067f8a36039308143a5bde4a9d6b6b7c2276c07d6bf35269cc91673f90bdc845fab26b51ef604847b19d9308d3e37f93e5bd447c438f0a2138e4f51a16f08411ee243df58e683a5bc0cad96564f6991098db92df662586dfd427f7223495cadd5e2ccfd9da58f357857b98f13bc79c730cdb18ea7d8d06243aa322054af76165d432772026d62232165ddc4ac98b1df429ab5b764747aa6aa37b67cc24c9966972baf1ca0c5fed9fbf20755fee21bae3a6904bc66278747b38c24a75d76aea5984563746845bd2dcd7e5600a89766531a05195950e1fd296238a8d64fa8439a0ac87593a8f421c9df1a0fa90f9b05caa593a7cacf10e94cdf6ef81edefe051c271977d91ee52ec4dcd7126c900e3ba6eabc01e04986a56100786e9fea1b625829acdbee86b1287d771ac51760c9c089b2e47191d62c41901ac38550bd2753b5050e1f0cab39ba7966c0a45619424f01b9f24fb5405ceffe342ab4375204f8472e324d7007fd9db8e5205043db4d7c17b899698c92dc566ab28d423dc8bd4dc01070fcab689be3fda5e85fd62ef25c52967da0e8a3cb8fe034b3265b3588ecd395fb5f11398785dddae125ef914bc9689fc4f34d78106977cf3f18217f5b01cd517f89493449923fd28881c9dd972397c6a2fc01b9f52339799015e9961bec3369386637d6355c469a8540a7d1a6cabb3e657aabfd5bd89f5ec1795e18c1a003e327ced3906c950ef3c33277ae748438a2abcf694d3e740e1f1594fc70044ba4ecddd3c291b6025f75efcb51182b237cc343b5755ae2067d0860570b9f3a6c81238e9f9a91cb5c683cc0865401a316343fe399609aac061055406d2482c8cd0f69b2a5afee70ee33a3f21f6e0e18bcba7e8a3a142f3d142a720ba4494fa7c1cbc2df5e8882a760c1848bbdcf6c00b67c1be4c8c0e4593e077bf53a013527337b34da4cf9df27714becd2497c9aaf19e6614f29458391e573205a634928ede9af5b6cb280e2f755e1df78be3bedf922429b12fe312204bbe5ea14a8e67953ad70daee250e7f1c18549f5764c28257eb3ede1eefdaac40dbf68e510212e47b0d51d6ed721b61ec25c49156276840247fda7ce7e4350b27b4489b186a8fee5d1a2c8e162027befa6c417c75264d83e65765ba063724b48eef74981eb60af96bc53e3548e76e697cbbd5970819669694f50224cb495ebb8b183bd724ef655206bf4d4da7bca855c970d2e767acfd32be7fb7cb7b92ef3683d1eeac028209796060e6675a78c0d557ba9b4547230513103174b0447134a4c4378b8519dc7af6bfb5cb8a3ae173fa9ec294c8105b53538438ed6d848f8d56bf25a576a109ab7192f63818aebf3133114adaa3709e3e8695059238b4f9556d3962087f11b686e92bb932c387ce56cd15f251de49ead7d8c5a633ee8bc6c8d9fefc4d07c5b2aa4b6f2b812a3d202952322eb6e7a430936ebde3ad16da2aea3bdb63e4f3a98796c351f1c14a0631187ead5796d12ce2481711f4e0df8a17da2cd223e5e1926ecc597019c09e103e1d5a00d589f9e8c697b1b416f393bfe4d4ca321c0aa71066223836a8e839e3aed9cb509a1bff09ac8dd9e64f51f90d10f9e6d9c78ff88c542d017e636c859f4e34a538e357ce6753aa24acdd242a2ccfd3a2ebd4c30b9c42b23f7fa154f35fef1300013c644c1b7dee1e0cf3e5af139b7c1000bf27e52544de2c2093a29013347e0e34f2c9a7860f17b43e4d74c252c2ee7e574bcce647b9ede65860c871973d7bfcce0af6942ce11287af97d5179c48a2b00b1d7e47184b200f1c30eb0e2b85a5f04b4ae92f51325d4955559cd05382a3bb47b54f014afd5971485d3f09d96b1de191cd336db1d5659fe5a48ce44837531d2a8341ab8a036b9bc482dfdef49886f63536c34d4654e11444aef7df8dfaea6e260753dafbfbab02cf15fdd115cb56c0e006ad60ce78b656a80125d01e18aa018f99253469899aeaf402dd781934cff4531b43f52ec9e80358d41d62ccb3f2c394ad7b7684725d05e9db126d018b39405eb16bdb14f2e9573471c6103cbeaaae183d03993b70cfe4dd5a319d6bcbf14580d3a68f9222779cabd85f1e33026af1e0139edc298f78882514a4cf4b13a84628e28114095cdd0e17dd111cf2dbe2402449801060a7d7d24d6b220ff900434182afe58e927baea437f9ae7f9db8dc6515f0c18a390cb3e04f8d7e3b8f84b5c5061268bfaf8983fe86ea95e4033ec84753aa3c551448ce9149186804a2af04791f8c518b8651ec2141f8715ba5bd6285f2824e890ff090504fc5d924ffa74d2c8cdcef080b9f6a58e66c3cc80c00073224d50a46f8653c0858795b2c0136874769166a4226a1a0acdfe4d2579fe351a228490cd653eb23682d19723da0da1e03991ea7543d1c24112ced7ec251e6457b6c69687c41473b10001cbba9cf1679fb38243c0d35c95aa6343f434eae65a2db0d10dc22e3cf23f600086dee6c77a7a3d537e1f62fd3b42565594ec19f1ec6842afbee2d66cb9c4caf7cc060fc15dbe37c9895ab8e4ec5e4c6331a35ab75204400aa850ad37097cf47da99c1a40bb70157ef98578940b0f22db45fd10e7df31d10d2f8b0798d7fdc6f4f6c2d117f2b96424a3e693636d06e391e20045d455f1f868dd369d6a650f8622d06acd14badbdd0dba19fcb5d39f5b5dc962ca7a36294d1dbee39f56510a2a61576062319f1a8ff6842bc2c5df511bcd55d93536453b1caaac1e455823d653fafb3d6f01", 0x1000}, {&(0x7f0000003600)="8eb96533b44ff680724f8f0289b48440afce9a35fd81ee3272ace949da8a7357209da26f4f7add32125ecd9c2692809946d68a596c0a44eb911a75c737e6a05e65115fafcdbc28cda1d6b2aa26f3b4c4140ae66788ce99df077c6505cd86f253586c703204012c0ce658d0d2fa", 0x6d}], 0x2, &(0x7f0000003900)=[@cred={0x20, 0x1, 0x2, r22, r23, r24}, @rights={0x28, 0x1, 0x1, [r2, r1, r1, r2, r2]}], 0x48, 0x1}, {&(0x7f0000003980)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000005e00)=[{&(0x7f0000003a00)="8f2109ca455bda0c3aea255ea9c8f4d8983241825a16d7868a74a9b8db37953978d3bf97934fb6145433bbd5704faff3e3a24e9f04267ed633e2c26584641b37f6db10b598452acdc1917749643dba54f3de049f8a775b7c520e9f4f532ba30f55f53e2daa4a4eadc1a7c40c29c310ff65c7c41fe0049a0811ffeaf8f47477d74238b69374fd510824ef32779e61033ffa64c5b1c04c062c45af8a4eb72ac9e168b7f3a1836a243c", 0xa8}, {&(0x7f0000003ac0)="3084a5b5012ed7a1f5c2399a1fc286c8d679a66f477d282468eeba467c7c203da1de661311d3c058565447ba2e2df06eceb959b273e3f55a422b9ab2aef17fdcf5dcda9933b0479e16874d4e73be8757dd8fdd702ef50e390b9ae34e4978c4476efe67d3492639bd230a00ccef8b336f9ef3b5d717b3dd2f526a3a48a894baffb050b3345b2e6f9691af86081b38f8194f39dd559285c6a293745917763e10195fcfe973a15ac645dec9532108da7cab73ff38dc15b1bd41cf19c0a0a99910f23ea5a535cd71ad56a15e4964dda346d387d208152bccbaa1f9562640b7b2be1e", 0xe0}, {&(0x7f0000003bc0)="4acad23e752695e296bf97dd54662bed5884b149f4c83a74", 0x18}, {&(0x7f0000003c00)="144abf4b3818fc5314a03d7c0dde7c5c568c5080fe83e8148ca43d1b54ba33659810224283eb5ad8979eec9fd45ba5e18e7fed6f9b8ee1b3aa73037c47fb7f4337d6d55788f2917a5f5a600fb18d06075eef0ff9de06a51909177010f38c917bc1a469a27317a31e72169925668e60c4eb66bb42af3a0dc395c68964fbda3f3df7ef8d0e10433885dc17de9cd77c08a3b32b1f85b96caff334358621eb7b05195ea20b611a6f322736a832dd7dc7326d00d877b7259203c364908a39a4605bf200db543bf3107447f3409ce6f1472b1d43c9ce763bdeaea13144eaf0", 0xdc}, {&(0x7f0000003d00)="105f1c43d681fcf8cd1a5aa520d4fc749a7523a3946c4f41a5e2f30e6cc0af58500e27b8a3e6424c62b6e97f3f95f122557b649deaef486ef192424a87cabba0242162b61391fee8b0d8ac8542b65dcb3350900496ba5a2e938f2a12e9f1dd809414051e4f72db8945785b334f8374412ecd868eff20695b496e01ddca34ee46f0e78f74b4afe0347cbbfedaaaaa124e1744971d1011ba94cc43da04536ce20b80018d452156c00ece1cec1ad01e2a072facc6a9e6c183272ddf1f42794f856d8780a808f91eec1cf6924abcd4705f3a8d713c31e8d1486541614242162bc740f7b46ed6de8b6fb93c80889b8b0693eb8f619ece0a130ac4527745abd62e9adbe51cf31981ab960c1d37c2f470f83196b12aaf55212c1381be6faeceff374b3b85b3d5f38c080eaa07ebc0bd628dc88ad5fb8126f080fbf30aa486033fe03e8b3348ba094320bcba1b4734a193eca85ee6f7a934be28bccaa251d202ab826e0f895281e21de1842c6c08b5bff57fb0745ee97b310ca7f78dd33a4095a81fca5055788cd2c7181cbc70e9ab7deba9b14a9c7d380f733797f4c121f8192e64de78e72766d9a0fb6c932c6a2f7ad9af12c49900effde1b03774b9411f6862cb9e6d3f06811d31d953fe86883f2ef406568ccb778fa2e600c406250e035baf6101dbfb31dadea4007567d857fa68a9a48b8b2c5d6fb1861999334f020aec966545d1e37eeeadde4e4b8fa06a55e28252363d8f103c79d3ee5a8a4152bee4e0ecfe4af553351070915f3bb867a28b4cc76ab83c5d2b8c181f0bd10e9775fa62c2e8bb8ab050bd1901f543e74b406cf4870b5bcefc16314421ce5eeb603224b6f1a5b9be023b80b6bb218ae5fcf7f2d7a8f60885acf5154e6c222a0f60172280a5d8008285a11e174ef45a43bcb9802b9a4220ccba1676c10f870e4fb2333348a649d56cfe334ba0711f48cd6da63bd08c3011c9782cfc93fb2aff22567d186bb62fa6d99e1e3e6fbc397dec15756eecd60dcd3bc594813e9b349c6d87650a63e24c46745aeb4351c73540c124e9ad06c2b0181f924febf05f9541aab25b4ed48caf0b8dbaa390084728674f3b1ddb0bc06d757da928d46f6275796fbfacce3107c0bebd38183698c00a511c8c0f93543f278cbb31841ee2b8f6a09cfbaab8b61307616caa33091888d8475296330101f5ae771c297e5ad124c547ba2cf6169a8e63f178c21697dcdb2eec96ad55a31de78856e36d575dacca3de0fa94cbf72922e47bbc5a9f821d5c162915d01e79af482fadfc04ab929f1241fffec9bff9606925756887c35a967ec9a2568353c71ff0052fcd1533f2745d3cc29a9f6f52be3e9bba634a5a4ade18289608d81672981b2a8d9055cf2ae666490db72dab1d8eb6266345c7975c9a5b58a485190551b3142de8c4ac6a5e7be9bcf662ba3d1712e43a9740856cf0e75cf2c1abda2c35fde651480c7cb784413fbbe2a86ea37fa7a92eac7cffc75aadc261fc01afeea1d587948c354ddaff365cc630601fe7bef4551b23be960f291f5720cef79663535d429f34bfdc5cba23b1bb274a5d82ca6746c791f60bd75da81cb466b1100e7969d0ccf202b43ce98537656f3f5492358f1c317daa197ec7ee0c05f6479d1f18be93da20d9e7e7b8a1292e25c18bcb803c9803ba5e4cc2c5939456294a3e36b3806cc5f4717eb8087b65dcb50388a80ab8c4aac3310895eaae95e722bf919147fbb54621675860a8b6004337f71ffa9618711bad123174e778dac18dc971aed6b8d0d7f31d5c3e586c2169a756b94c4df8fdea99e7f8f80bd09b31896408f60da443f5030f6d8200eb115b151828f298eb2c8d2ae72aba26417abda8f71ddd9056b4766972118105f5e25fce8367b9528321ce09e720902cc76c9d885449cded80a46e3ab60d81ff88b499cb8153e438df0c4e2cee626d64014b180b6267388d8ad4bc453b1ee046c01d9624265edf4081298e8a2a1bead4a9908882fc4ee7e675b7a9edae2f386180e5ada2f1f256d62cc6f447cb0cf1ff417a7080bbf58ccc76ea0f20e3dda693ea58db10554155d042e35d3db6871695e3aa527263582bc6f1411b8e31896542b4eb76e2b68a89bb69df31037b07da7e04cd2a59081599aadf471e18b1bec313f9bad9bf57896a0f40de453f7ae0b6d5d636c4c02aaa806c3efd2cb7af1beb6d680c5dcb29d45bb44c3ffd584d69b7601913a863ed2f9b8bb316ba1d7fb655a08d8a8775d6a23b6b467c17bc31096d1b614d86e4e889b96d67b00a93b6517f0c168462ff439261e0d2bb3caec023fd685b7a7644a5ae88e21f30555aa8a5e7aea3bd2dc17a06e7df37b981384502788e09211998d315ffb5c716b5c3d7051a203170c1e9a2e30ddc3b90da6783be5857b9a1b4a4385545b318cbfab42327c714b0fda2bbde3dbff4133d7c062cbb3a4fb09ebe8d2164bbbea00ed65ff2f3719ccc491a91c7f58ebbe223bec5a7b051544fb9e1be7fd6a2484e43000aeb62c07ca733f2ece4d395d542e3027d64748356a74fe324fd8d3deb7b06d2b6be33e9323bb3ebc749d2b43930e8c15ec045059902502e1d5dba1b5769936065b1ad126e605d4b9f83e8c6b3fccfc3cc4ff49ecd7b4e1851e68479f33b1e7034196f62d93ccaf4dd9e34d7b16a514af28bae5d4fa7470ec70839a00523c8be4c1c4223e97ab78f8f6d9846740ead5b3c8563cc2828606525de57963d94ae22f349c6086e7068f09d008d6783d6961f9de46731e28ccef916326fd18e81a9ca917405bee10c526c36f81d8e25c067f7e916908bc960c908052216cb49c8cf83b8250d02fa6d46c2e4ec00a43ce82f98017adcc71a2c55cc16e0aedb03738c106df5e012d239fc5bd2b0d5adcf0f438bcb17dc6201f618b4ade1719f0bc05204e65a0b076daf83603966525e7fced944893ed5c8ccdd8d254e207598a67a4c76f3e82588ba847933e5a7e77584379a96dc6c8b2b173c8bb653b41c92a6fb1be7758a13079888550e70da5193bad2815eea15d045390f008b1f881ea116af9708f90e761bc55c0513379b64eeec4521210cb6d3a23dfc221a7dbe0823fa8ac9cbdbf3da045ab3b0d63bc81ac3ddbaab6a53fdb7e169bbf74dd827b9face33e129d5ee64734767efcd3ca8934fa449bd588ab4726d1a5b829711e481ffad5615c1a08efd3e2f868e8a830b0af603034908c8bb9d9c0c1c86df96f9ebb56c529df3700695fdf98bed3e6efaee8b16944ef3942c4e37cb73eea19428f689c69a0af7aef2def012fe98d392eba065b2493d5831a1945ab70c6d11829d2111ff8ea538367caf719416f71fec43af317bc939121ea4397ad7736537b2bc4a2fc4c837a4813f2d08d34a2e779b2649f2d589fd984be90e6aaee86b7a0bfe173c0fc0a4381c1dfe0380edfac8d4f23c57d2ff70f5c93f140f1e168b2271f2b6bb577fa586d2bac842039a48c29e6685bc20ca4e951acf91a77fa9cb01bcc0420efffc2ae084c360911d34b0d5eb0dfe6a65207ed4b5844cb31b8f75b6d6764998736c080974cdd85be8d1eb1204a92bf50e5bb15146045a266790ecb369dba2478ab1253d528fc30c0c750c24df23616e8c02723ad8d738788ac7840371ddcb7d0cc05fdf6899ea2f441ee02499b2b61b492d92f30e3e7ea751db079df6a8b7ea2e82ccf57d3ea48fc7fdce52fd83425ef92e27a6b31244ca9de9e20d009b1eb3a407daa607feb60cb4d3cf38e78869193e085303bb5ea12efeebfedc580dc655b2278ee3f257f07c193148a4e05e5c970be8052e76f1e5cbe00d1349e9498ae2d21e7664deefc7ce94974970ca58673bf2f21682f35ee6df7e8e509c76baf82bb73bb1c3202dd6292fd4b73cdc0e53fce0815a15f5550899a01ec0cf5e0aae1519fc2878e22ca0120f20a2ac513a6436dd948d15bf486f15580bec68d10dcd2680d7268d452008b4d91766287b839e8001351c793a09702dc704c2e44b981e2fa26e2c48293c4b80df7995c1ac042d6fc7c919ea93da07048ac7b5f1091bb164715eef33810c7dad2edf668ba9009ebaed788a95b01bdab0ab4edc654ce939aeb1972297ac490f3d558b285007ee263547f2fb6fd255368280a2746461dd1130b4480001f69a4eb42d97bf90c8f873789eef7fc08487b1a7888742cb42026f5b25b0213baa25637ae1d72dff8c997a06ac0b31940817699e42facffc2d15872c032a9797c12066ba2aad05ecc3c0accdb5b4d4fdad2f9785119b4fc33af34a62bd85b97733f35888879be794c19a6280148af2f2b7f63cbf289b43149f08f5bcb5831b5fd0888a73b0a1cd8acf56c9edf0ce6d415cd6c8875da51923e8bd919e7d2c15a03c9a9a8e6277daaef24a03834f2043e2cc75f0670f55306b37f69da0dccfd38db76b36efd676d9ba9b3511c0bf23b03537dc32e43e1b92cf664c47286b13b5dd247427e725b872bc88ad57c6b123d2fa6fe5c29904da8f992ed36c32f6a6d16308bd857aa060c70e1618f85b5d463c0e407441a0903535b5397fe3a1fb6be5fdfe291778a557da404e8460698a4d57d54eeeef0064c4e52d9bab4c1f0e87b23893bf241d711133b685972ec634572d53f5634f65a5298a5ef989155ff54498c7549dabb1b75a3f2f21968a564ac2b32f6919bf38969ae4d1de4c7d349f8aefd0e17ec4d056720c0d6c0643e8aecc060ebdb6670802003d4345c7828129a2928e6f3300f85c14e1f5313cba721fd7410bf645343bad224738b8a05f1d807898250e6d870088b20282a59c2c7b3569e592d527808ffac2dfaac7685b9197e6b0f5563f910cfca4430e5205cd495e888cefe795a2efece89dbe54a6ddfa34de6bfb37bb65a2139a9b3c9e5c4333fc0f90653e10c110415552d129c87c6ab94c79bd1bbe22707ff6c0dfb6d83ad01986009518d9d9c2c782bc262987321100ace5041e5d2c458c8c15ed1cc2e093120af6848eca41a4c0e676949496c7e30e345923ed44187cfc64ba52576c02b44e74041d4e06453338f925813191f2b0076cfe5e54cc93a010c49a706a59532a3fd01ff7e84a1c07cb266f3922f33347124663c82f247092b507ec0104f1953735fda03fbd07b81194abd71ce97c9f77f7d84e74ff4ecebbd794b608d31a2173a8726a501c4a2cb09bcbc6a18b9b58e2ff50c8b51a609a3030c74dae0091554b6005270dcb1fc7eeb116c82ccce4a34a757429c98a81230467c7968f09582a2d1b77c03871272274f74406d3323bfc1f02cf9d48d075ff97861a0fed063a883c8d6a82b19a4ea2618b11c5262bfd01a6e3ce63250a40c1fe7b3a3e44d4814de435d2a754e9e1f7311f1b2643c088f5d63ae46eff421444e10588f48cac8df1252a4a439a972fe4a8b1321af3d23a0dfd1f33720346657feb8b1239730692fb7cfd5e414c4d44ccf865f6f2351bb67962b2f109b3b70d688e19fedcf4d051b9679e3f99592c7e8916bb4066e68a1a518b7bcdc4f4dd69b86f6cd3dbf9b373d2ea3aab08b78ebe876455bb659555514fc0fe97434ccee11a8323a7d932a8ce8307ae055f866c82699c316e0b927682127eeef3939640cc182403930bf9698656c221b67f1f0ebebdd126ae004f306975aba6b49dcea5f927aa27f9c6ab705eb73188e862736f5104fa5a65c5d75561cc20233e5fd9f12b5a9f05cf20182bf9465f2e70be4abaac2faee618f893ebb27b82c2a1cede0f4e830acbbb57c4a004bbf1e6ca49ac0f0324863757591e5529f7ab71a4085e58ba9f649f7211d0cb0c0b278320c98adc", 0x1000}, {&(0x7f0000004d00)="6e473963fb39a4fb29e26260a9798959857ae30ef8fc4a8b6ca876987df8b129748f92708b9834c89cf762879e44fb867b7592bd528dce9fff80ea13fb239cf06991550d8ba5", 0x46}, {&(0x7f0000004d80)="38095c84225f9829f02ccfefa87c8e911d8e2b96eae8e5a992e0fb26db15954e12ce8eabdd151ea41e6f10840cba487c8e32519df9ddaccfdbaff57609fe4e9b702b7e6edc7a9465ddb7d36a51dd1d1d1104b918d1aa", 0x56}, {&(0x7f0000004e00)="9a5147c940b682519d7cd30a8234c2a714c568abad2d254a4b2bf8b81a0cb5cefbecfcce43bcd3573a48ccdeb196757da702eb16e096f982da400632c37b4ed18f8a009d23bec083121a220f9baaa147455f59dd668515f455a3acfa1b2b7664983dceccb2eff5e745d4ca9e1ea380ad8c0de4481dd9ced0374b41a1aaa875abbea497edd3846fdaa8b8acc2dab7b1691c3ffd7dbd5e13df91fab683edadb8966965f85f8bedd3728331787a0f2703a3055c9f86212138978556a1511ac48e1b254886680a2e7f9ad04638fe7801e48586b14de042b4d4e76bfa0d34f4d05f0b04f92ad5973616418310ba56694a80abd5626849f338f9a328b93df541d050cb720c25b912dbb4615dd29a3354cd6a4f204320cad1eebce1d80aff3ca7b4a3ce3a8a487b2a9b20b9e18cf710dc1d9fc1c76572539165725377480789afd74475cdd76b61c1864b97517f3a2dddea75157dffe9b7ceaca722f6826b260af610661e9bc125fe89c375cd46ce079921fa967dc436152ce15fb4310081fa4c04bb794178c05fcadf7b9daf479ac5ab7664cd705ea853deb94fb887b8bcd048120f0a877169f5282f021c3ee9b456e78c1fc967357203870f0e9dfc5f50a1c07d6f3c06009543814b049bf82ecf2aaa9f3f71291e44d0f377d7f6324d3fea28ed9076f6114a82a8deac376e0a3e09ba6f46f1c95787f87597b601547e345747d2dcd5b860088c234a710200acdb9c8d6bc07c9b61b5a148a3f9438cf4bd8319fe5f4a4b461e365f1f018a7083e7145b4bd212debe9602c3a729530a7f85d5bcacf94fb63e6e70a22dd59ed2e525811e15b4fc493729497fdf984f506a51e4f053d81067c4c9296e51fe449fca8cee5bcc9d242c87466e5224d40fa0c5ffe8134feff682799379d1ff3899fcfede3290c182637b2d8ea0f6c46255ddb5795d40fa48f35771fbcc129f3d62d2a9c8587aea59546ae04ecf7a3e2358bfeae4d0825ef1b806350124f27cf65372c7fe6e44402bfb4aeb48b21d501b3be739d07ad21f4bfd15c10b185462517faedf101aa2d956acb6f48e07e0bcbe3e31258e2bb67306b057c1b712e649093932cdf8437e4a76e13257e629ae5ce2f659a1fdf6611c86e6c521c9c0cfc73dc98ac5f33684fe83e6fc982760ea34076d847db8dbe5ba57d70c09942e38d9e8ac63c5d5ee1f3c57ceb21f8762a99bd0fe570fda67526ee027096ff13b243340f622eb9ea6b15aa3f853878e9a182b32d74f9f0633a2fe9bd7af7402710a73ddb69b98d6db06b310b75cf5cd25de4453afe203888e0ad5374f3be78e5027415bb3d417e35648b510c5f34029ca79b9c234e43ecfd24e8b5078ef2c054c593eb3f19e8df27ef17df46e7c3d4b2e0652302854f3c24a7300b96c730a4a139298edcb8281ff7bf037ecbb5cbe14e9d2a31bd9386baf582cb1e4dd1d1fe9b737e3d8fc27e67c76b7d63d6de5c9c43e21f4e70699826eb8c1ee877de2c79b6874b2f7da2528cba795a08db00409f1bd38a7be7017c9b01b2315757af7461acf3f966b7677c286734b2cac202e930209c5efda3c2a981c1dc1fb120f2ebaabaaad1a9ed0aa33ac68d312eb7b89be1139de1d77cdeadf6eb7a410a5ee3f71bdeeb919b5a25a36b4627f75107a964677c61834c6e836216d9388ff03c6f5cb666f52b4e225940885a6a3bed2818764300e2fc091ab1e26fbd3aa20c5778abc6a971b77fe62fe702c2b9fecb07dff369b58702d4e53b69d7605cde17377e810b61c2d3feb2d263225520cf564359a02ab41d7f5edcb80fcdf3f76382a442c578a27890f06ee8200c32a4385054ebe6cef64f55a3c98e70cb6fed4a98e44a3e7eeb7bb184859cd97f1b3f9ece9d1682b79b8b890eedf14f5a39ec7e09da3710f22461f8a266d4f27e352f47ac12b6e864efb8cfed49c9b05ee3de651dc03e1e6a5e853ce280c0923db9b6738dd456714e45a069010f872a8290d8459f9b09d527fe0011ce70193de15f2b528f6a18766d1a823c0863a201312991dd64c1c832a74b09f01e02aae0c108cd0e0cdb5e67c2d0f0b22b23a346f70d71584e6dbf0789f55426fb6b397bccdad2d4d1818fe195683c24e4e4d0105a4ce2a3ac45ff102a8a5cc4ee4eaec8d797cb9de99d06db535956080eece30aec12f2844459f1d2952d38332a9c2e2635227f586fe1e84552203e04c43ea2c52d211b594fef57bc4b948a3a84cda26d98aa87bc8170b81ee15f409ec409c4c90e164b4b3595ddcb33e0b50a65b7061137193d5b49cfa6186f9f4ea3b635ed8ff800f03d958df4b583d85df65fafc83187ba51323bfc1cca624c7dd3ad4c28f77dc9c89eeb6bf0c027d590cfe6a36213d50bfad1109fdba8e0fb788bf8cfecb43f939082aa3eee8a136113f8e37fefca7865ec6c9f77bb08534399f7a3d0bc2ca29d288e3f0fb6f9127db29aaf35d6de0d743e900006f9a01b27d72b93da193057472bdd33b5789bc07109c78f1a984b66724433ab45aa669c9c0d992371a0b5920027cbca58e9bd325874a43a683d7b65564eefac5cc034d37819314dec7e9de37fc47bbfd88daeeed3e7bdfae415b587e71fe6611fd2b161c2a76f2fc03789cdf5889ef40ff1b370a4233f51966cf72e2ee5a18e9f36088f415003e71dc6c4053e7cc00f8c952ebad8304f029e55e9b29c3950928164c3abc33e01bfde20939174f4fa26762a8ba5edfdf2693a259802bd58973c01eea85bb35e9fadd7f2bc4dc179f4bb57b0ddcd52f41ae2cdc26ae95eeb4ca561175379dc20f142bd204ebe56db0a2cdd962566e8807c887462e9e65900a6528571053eb2d6b3aa2650597ee5b9de2b19dc219e2b39959bbd07fa9f82a9bb475c2be5b652ad123b212bd975084fb905737851a1968c2babde5261ce6f1e249718b0bc9e231aafc7ddaf3478d6be8d5d5b645a2a279f149c87583b68b654960d4fca13172b08cc92db046ff27a8abc2c50300d3bbe9795adce890f219993623bfadb551cd6bc322c34a1590a10b32a0b7061cb25b7748a9005340bf68496dca1e7c1e74ef8ecf47da553831addf5794fea3da058260dc2cf623bc94e2921866ade850bdaf67cb1fc2df323be5df89e3d19cd229910cdb456b3e929c57b1cb3c46160207d1bf6aa40d05dca6be99c70ca9a16ab3bc7d270a10aeeb7f91f8916f649a80861d4bc2dc8a16be0b3bef7fc125345a8eacf82cd670c4a356569c6da6e06b2bd2d16a732658861378e200553ea35d64f46da4b90822afb943f5164ef20c08bdba54b9e3ffc57fb04fee6fd4d345e01d32a40cdc9d5aebbbca8b766be8446fb8f72015332eea5b7bf728493885b85eb9a9410e297e73b166ae246be35f1d6b6cc994957bb075e842b1f59555dbb15a81dbd817ae6aa69b006bf59006f86dbb545434ee8b2671e93277bcb0046b53f86b0cb36a6d7e8936aeb6a2ac4569922ab9f730f852d92f6fc09bec6c825966c9205b00e25ce4869251152940f772d73124c63f924a4c22d87fe68423b2c4059802af8ad5af948a6ca0066a54a3ef22f6db27e69d9824ec1ae802cfe09af9d10c54de65fc71557ee397e9e1c5633fe00fba16c396f309559c887f6df5e82322ed4700011219a0037e35a96797caab4f189402b67cb8e5db269a9eb1a5b91bcb6e5e2b425c816a46f41e16e0f9d4fd2a563409600f477f036082aa2628591c8506899babb96feeff6a047321c3fead4876ba1ed41332db903048b7321ffc3b97a3868632564f39969b0428a2d8dec767bd24630c82142c4499e28dd6dd65dbaeb25df7cd2637549cf4a0bedc0610d968f42addbd3f349b2fd036d65f4e6e0b6c92fd74e0a9532fc1c061d935238f42071c1aedc6c404202f9b22f3205ce0af79f4e3803e873c4ba06297e72ff1eed041240cf13e5a1d8aeac39d4ee6c2e8a193fdfc5e87c2ca8e48a8aecb95e84648e122ca0446311c3435b11f7dc96aa834dcb2384c229fdb5e47e839df3039322e3a24f418c06cb727a5df25f3432fa3744dbacc517fde86c993c6a62c9742141db54bf57b7705380b8105ff59055fbaf93185e4e0018ce5b743a6b6d84694cf3a88b1d85a061ee0c77512e3e7747602a20aac6a27c38e1b558b4a743dcd80110943545dda3f165614b946ebf39777ab24a884efc870e8206e1700646e0442c6aa4b67aa7d0d005522af17ecc907158bc837219e6cece6bea84c957e5a4242ae8b77d85c92095c59c8170472576e8aff419d88f7f305752eaabb2f07178427544e6ace48186ecaaead35d3da5397335d41c9ad30bf5cacd8a6c1997a40fa2b2b7acb4cf42c57da9bf9fe08449a371741ad12027dcae6a316a2c687c649bdc1dd8065017978df6decfe37c7cebd03e2fe37c63cd47fee7000429346e68f47e61fc66b28e1b2ef170372e37cc8760c323be62a0a2a5b78e95ab7ef18efe11e689e9a09ec9ca876f5953b54cb2524ce2eb7f127cfb2da6d20bee446aabc4a7e3f2252bb9faf21a37c73f77b26e925e3869cdd77a180a036c1809c09d75ccbec6c74d57adc8d50d8b76723ce99aa8a965e5e4cb0d50256377cef548cb38b0d8c06c2d33ff140737f1fc24ed9954db1793e7d452ffe5f8ee95995ef641b2d152f4d5266fec1eb047619a273449ebdddf5ea020201c8c5163ea61e4aa2d591b75aa80cc536f38beeff90470777f76fd98e6937970cc9c1d5d6aa095dba60e279bec75948c92df0448febc3453ee97ae7a59e7057744981b7ff1bb88d60ceaefdaff2b33f5bd32e12d90bfaeb063195cc523087b2c367876875b9a64c1b92485d5f537a1d08f40e708c941d90680f95b84cc69c7b4d4238be485254dd238dab555d005cf1161ce87346254764c46c9eff7921b46f0c87f12e002a4607bd22528068f7a451296d1df7a56fcd02a20930612aa766a65b5fbd8fdcbd6eabc98471f01f6698e7fe89300975184464666f9aff848ea8cd80aa1804019b754e984dd31a328b47c19a8dd89ea53f6d4e364f0ec58cda72faebee895bed9687b973a80cc11fbc944e6aac46d21694c8cd628e9e98cce57144e6d46078d4bd38949df551b11b3df5af70695bcb312f7320612cb75104be08f6d1c120f5babd967f754500ff0ef9ecdb25bd61ef81aec9ee603b2246310c337dec8c938bbeb1b1bb8480718ff87daa53feb894de4211b3a4545f2d8075a0008d1f86bff513a236e4172f5853792a47027cc6ba172c34508ba4f14aaf385b37232eea9bd7e34767dbaaaafbe6e598e71f98ed3ae046039d2a8486985fb3a3dece5b53c895e00026bd1a91ea4ecac9426f92f707348472f9c376efa8401fd757c0b6b1639d2934fc8b0f23ba193ea6e1636d2fcbbc807492f0748273b6a1ce69bf631a2d0f6025dc7725921bfb3101b0ecd7783e611255ba55521e33a31f7e0844246c027e4f06e85581ed9c2b9e8eb9b0352747df97960c1129eaa7cbf0998324adcff84424c71fd73c8f41e69f562407b8bcc5960e5c31da1e3223f6e911fceda4ebd3a095a0f96cc3f1f27cee3ed16a71777a931b06b928b3f35900f92f15b71cc08d6a894b6f6d0437d8eb47cee9caba10ca4fe0d7e875cd9217fdf1ea81bb4bfe7dba33e5c2b15a53eef9a1ec9b93f75dfc75e2de326d0c3f764e166c4aab861f56af99ec4fb8bccce4f7b22ec0e6c36ac45429fe908fccb049361567448fb1cab64f86d84f1c50214406407cc86ddc9f24aac37098c0f7ad22333af216edeb5e5ecce7c67b5013c703dcae451f922c8011d37e2d277e8056f445a297a70b4b95", 0x1000}, {0xfffffffffffffffd}], 0x9, &(0x7f0000006100)=[@rights={0x28, 0x1, 0x1, [r0, r3, r3, r1, r3, r1]}, @cred={0x20, 0x1, 0x2, r25, r26, r27}, @rights={0x20, 0x1, 0x1, [r2, r1, r2]}, @rights={0x18, 0x1, 0x1, [r1, r2]}, @rights={0x28, 0x1, 0x1, [r0, r1, r1, r1, r1]}], 0xa8, 0x40001}], 0x4, 0x40) r28 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000062c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r28, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69643dce9126f7dec6a778acedff68fdd322ed7d992005d56987208ae8bb269499b7ee7ecf6ecbc0bf49631bfe98c14d91a418e94c5998b3bbe06c825fd7f760e3a8bf2403c3605c69c1566be2e383d763f40e9bd07d6278a0f758787607f22a4c426bf39307cc2212aeda253fa4cf84f0ffd6ac27b67f8c147be6f415f2d4a5ea", @ANYRESDEC=0x0, @ANYBLOB="ad41535caddbd6e525c536e997aff8fd16915823fc08e7978e454eb8da54871d15a2060d7b9f3003cc2e97213f2b563a9541d505419ab2c87e16e863c4b047d58e2d23b5645dfe648ec4e69de423d620ea3819a9eea39b0ba9d3ab74fcbf17f26fbc44c0376a977228a59619a5397f243d651fa566919f763e37ccfa1190bcdca38b3c72f351b10180c262a8b2bb1e8d8b0b3f7357e01cdb717f63e742fdf0cd991578a3"]) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 574.134838] FAULT_INJECTION: forcing a failure. [ 574.134838] name failslab, interval 1, probability 0, space 0, times 0 [ 574.161062] CPU: 0 PID: 29166 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 574.168092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.177450] Call Trace: [ 574.180037] dump_stack+0x138/0x19c [ 574.183664] should_fail.cold+0x10f/0x159 [ 574.187810] should_failslab+0xdb/0x130 [ 574.191781] kmem_cache_alloc+0x2d9/0x780 [ 574.195927] getname_kernel+0x53/0x350 [ 574.199809] kern_path+0x20/0x40 [ 574.203168] lookup_bdev.part.0+0x63/0x160 [ 574.207391] ? blkdev_open+0x260/0x260 [ 574.211275] blkdev_get_by_path+0x76/0xf0 [ 574.215418] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 574.219909] __btrfs_open_devices+0x194/0xab0 [ 574.224397] ? check_preemption_disabled+0x3c/0x250 [ 574.229408] ? find_device+0x100/0x100 [ 574.233285] ? btrfs_mount+0x1069/0x2b14 [ 574.237336] ? rcu_read_lock_sched_held+0x110/0x130 [ 574.242346] btrfs_open_devices+0xa4/0xb0 [ 574.246485] btrfs_mount+0x11b4/0x2b14 [ 574.250367] ? lock_downgrade+0x6e0/0x6e0 [ 574.254507] ? find_held_lock+0x35/0x130 [ 574.258561] ? pcpu_alloc+0x3af/0x1060 [ 574.262447] ? btrfs_remount+0x11f0/0x11f0 [ 574.266679] ? rcu_read_lock_sched_held+0x110/0x130 [ 574.271697] ? __lockdep_init_map+0x10c/0x570 [ 574.276189] mount_fs+0x9d/0x2a7 [ 574.279549] vfs_kern_mount.part.0+0x5e/0x3d0 [ 574.284032] ? find_held_lock+0x35/0x130 [ 574.288103] vfs_kern_mount+0x40/0x60 [ 574.291904] btrfs_mount+0x3ce/0x2b14 [ 574.295694] ? lock_downgrade+0x6e0/0x6e0 [ 574.299834] ? find_held_lock+0x35/0x130 [ 574.303892] ? pcpu_alloc+0x3af/0x1060 [ 574.307781] ? btrfs_remount+0x11f0/0x11f0 [ 574.312013] ? rcu_read_lock_sched_held+0x110/0x130 [ 574.317028] ? __lockdep_init_map+0x10c/0x570 [ 574.321513] ? __lockdep_init_map+0x10c/0x570 [ 574.326003] mount_fs+0x9d/0x2a7 [ 574.329363] vfs_kern_mount.part.0+0x5e/0x3d0 [ 574.333857] do_mount+0x417/0x27d0 [ 574.337396] ? copy_mount_options+0x5c/0x2f0 [ 574.341799] ? rcu_read_lock_sched_held+0x110/0x130 [ 574.346809] ? copy_mount_string+0x40/0x40 [ 574.351038] ? copy_mount_options+0x1fe/0x2f0 [ 574.355527] SyS_mount+0xab/0x120 [ 574.358968] ? copy_mnt_ns+0x8c0/0x8c0 [ 574.362849] do_syscall_64+0x1eb/0x630 [ 574.366734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 574.371573] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 574.376751] RIP: 0033:0x45b80a 18:54:18 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x20000000) r3 = dup2(r0, r2) getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 574.379929] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 574.387630] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 574.394895] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 574.402156] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 574.409413] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 574.416669] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:18 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000040)={0x7, 0x7, 0x9, 0xfffffffffffff001, 0x8001, 0x8, 0xffffffff, 0x3f}, &(0x7f0000000080)={0xff, 0x6f, 0x1, 0x3, 0x3, 0x81, 0x40, 0x2}, &(0x7f00000000c0)={0x4, 0x8, 0x4, 0x40, 0xcec9, 0x1ff, 0x6ceea55d, 0x5}, &(0x7f00000001c0)={r3, r4+30000000}, &(0x7f0000000240)={&(0x7f0000000200)={0x8}, 0x8}) dup2(r0, r2) 18:54:18 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) uselib(&(0x7f0000000100)='./file0\x00') r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) sendto$inet6(r0, &(0x7f0000000080)="61781cb831f29fab921f7a7280352bc89babc96a260babbd0dfd5927d3b3a6a7c0f6be38df96cec360", 0x29, 0x4000000, &(0x7f00000000c0)={0xa, 0x4e22, 0x1, @local, 0x10000}, 0x1c) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:20 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) add_key$user(&(0x7f0000000280)='user\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)="8589e1af2a5f00cf2111d2dafbc0a4b457958bbd4349a98f37d5b7bd443fcc08c6ed81ee0600a9d86c60dfc3e9b9f29eef6224acaf69b9377e5e3bfa63cd639bc9d91a478b", 0x45, r2) ptrace$setopts(0x4206, r1, 0x0, 0x0) ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f00000000c0)) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:20 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x68, r2, 0x1, 0x70bd2b, 0x25dfdbfb, {{}, 0x0, 0x4108, 0x0, {0x4c, 0x18, {0xbb3e, @link='broadcast-link\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x40000}, 0x41) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:20 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$TIPC_IMPORTANCE(r0, 0x10f, 0x7f, &(0x7f0000000040)=0xfffffffffffffffd, 0x4) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:20 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x3, 0x2) ioctl$TUNGETFEATURES(r0, 0x800454cf, &(0x7f0000000140)) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x7, 0x4) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = msgget(0x1, 0x382) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000180)=0x0) syz_open_procfs$namespace(r3, &(0x7f00000002c0)='ns/cgroup\x00') msgctl$IPC_INFO(r2, 0x3, &(0x7f0000000200)=""/185) 18:54:20 executing program 4 (fault-call:0 fault-nth:83): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:20 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20\x00', 0x0, 0x0) setsockopt$inet_tcp_buf(r1, 0x6, 0x0, &(0x7f0000000240)="73fe130abe9b3a1349d5e504a61644fd6bac00d757ea2583e054b38e6d35d98ee1bfe6e5112727cc6c4dce87e7d90573e7c60281c1d1123d342acfd58ece09b520163f6a26a6227b539c2bebff0df190a3b8ed2c5c262aee318fe84a000963f92051492528ae3782a2c4574b2acae3d8739c4dbba5e5ee3a274fbc5cc834d660543e33c1f49f98a6be5ddcdacc8b6dab0e1ee493270dd60d0b5473763165ed7b55544d40d285fc6fbc7b0895cea7f9cbc4551fdf97febeedf7d68ad8ebe136270a1a15731c0997de99bc57a10935ed6556912e3acc207163807dd419fd06d2374022640e585f2dfb4b5f6d551029a25c950e", 0xf2) mq_unlink(&(0x7f0000000200)='@vboxnYt1@}\x00') ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f0000000140)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0xffffffffffffffff, 0x0) shutdown(r0, 0x1) syz_init_net_socket$ax25(0x3, 0x2, 0xcd) 18:54:20 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00') sendmsg$TIPC_CMD_SET_NODE_ADDR(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10100}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, r1, 0x21a, 0x70bd2b, 0x25dfdbfb, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x41}}, ["", ""]}, 0x24}}, 0x1) prctl$PR_CAPBSET_DROP(0x18, 0x15) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") socket$inet_sctp(0x2, 0x5, 0x84) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000280)={0x8, 0x0, 0x10001, 0x5}) ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000240)={0x7729, r3, 0x10002, 0x5}) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r4) 18:54:20 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000500)='./file0\x00', 0x8d) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x120000, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) write$P9_RMKNOD(r0, &(0x7f0000000080)={0x14, 0x13, 0x1, {0x0, 0x1, 0x4}}, 0x14) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) getresgid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67200075705f6954a5fbf3b4a9633985de4ebf90059faaf6e3d5a0842077f8995a6656503680e10dbd65f89e9f5ce8e08f7eacefea6f585c36db5250bdbcb77d66991f835101542f64ce7fe3ee3d0950f7bcdeb7053e8f7fcbfd19d373899160ad8865139c68763be21d9a47d4852b213d1014ed7fdc86d7", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000280)=0xc) sched_setattr(r2, &(0x7f00000002c0)={0x30, 0x0, 0x1, 0xda5c, 0x5bd3, 0x400, 0x0, 0x1}, 0x0) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000000c0)="911f3dadccbaa4d9e44073d7e5aa483ff06434b7f359a2ba255474b804baa25065dd359598b88945abf2cf55bcdcdcb5104353162894b3701ede889628c8f2f272385d11212aaf62ecc752223e4ab214fcd7de8a92dc88e91d777d4abe9150c3ac096cc62cd208d8cc") prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000003) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @ipv4, 0x400}, 0x1c) [ 576.781536] print_req_error: I/O error, dev loop5, sector 128 [ 576.795238] FAULT_INJECTION: forcing a failure. [ 576.795238] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 576.807061] CPU: 0 PID: 29209 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 576.814075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 576.823435] Call Trace: [ 576.826031] dump_stack+0x138/0x19c 18:54:20 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:20 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) [ 576.829674] should_fail.cold+0x10f/0x159 [ 576.833830] __alloc_pages_nodemask+0x1d6/0x7a0 [ 576.838501] ? __alloc_pages_slowpath+0x2930/0x2930 [ 576.843539] cache_grow_begin+0x80/0x410 [ 576.847603] kmem_cache_alloc+0x6a8/0x780 [ 576.851754] getname_kernel+0x53/0x350 [ 576.851766] kern_path+0x20/0x40 [ 576.851778] lookup_bdev.part.0+0x63/0x160 [ 576.851788] ? blkdev_open+0x260/0x260 [ 576.851802] blkdev_get_by_path+0x76/0xf0 [ 576.871277] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 576.875982] __btrfs_open_devices+0x194/0xab0 [ 576.880487] ? check_preemption_disabled+0x3c/0x250 [ 576.885510] ? find_device+0x100/0x100 [ 576.889401] ? btrfs_mount+0x1069/0x2b14 [ 576.893474] ? rcu_read_lock_sched_held+0x110/0x130 [ 576.898504] btrfs_open_devices+0xa4/0xb0 [ 576.902660] btrfs_mount+0x11b4/0x2b14 [ 576.906554] ? lock_downgrade+0x6e0/0x6e0 [ 576.910703] ? find_held_lock+0x35/0x130 [ 576.914853] ? pcpu_alloc+0x3af/0x1060 [ 576.918759] ? btrfs_remount+0x11f0/0x11f0 [ 576.923009] ? rcu_read_lock_sched_held+0x110/0x130 18:54:20 executing program 0: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x4000, 0x0) 18:54:20 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000d80)=""/4096) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 576.928037] ? __lockdep_init_map+0x10c/0x570 [ 576.932540] mount_fs+0x9d/0x2a7 [ 576.935913] vfs_kern_mount.part.0+0x5e/0x3d0 [ 576.940409] ? find_held_lock+0x35/0x130 [ 576.944479] vfs_kern_mount+0x40/0x60 [ 576.948292] btrfs_mount+0x3ce/0x2b14 [ 576.952099] ? lock_downgrade+0x6e0/0x6e0 [ 576.956254] ? find_held_lock+0x35/0x130 [ 576.960325] ? pcpu_alloc+0x3af/0x1060 [ 576.964223] ? btrfs_remount+0x11f0/0x11f0 [ 576.968478] ? rcu_read_lock_sched_held+0x110/0x130 [ 576.973512] ? __lockdep_init_map+0x10c/0x570 [ 576.978014] ? __lockdep_init_map+0x10c/0x570 [ 576.982518] mount_fs+0x9d/0x2a7 [ 576.985904] vfs_kern_mount.part.0+0x5e/0x3d0 [ 576.990409] do_mount+0x417/0x27d0 [ 576.993957] ? copy_mount_options+0x5c/0x2f0 [ 576.998368] ? rcu_read_lock_sched_held+0x110/0x130 [ 577.003404] ? copy_mount_string+0x40/0x40 [ 577.007644] ? copy_mount_options+0x1fe/0x2f0 [ 577.012154] SyS_mount+0xab/0x120 [ 577.015605] ? copy_mnt_ns+0x8c0/0x8c0 [ 577.019490] do_syscall_64+0x1eb/0x630 [ 577.023410] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 577.028265] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 577.033457] RIP: 0033:0x45b80a [ 577.036648] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 577.044363] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 577.051635] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 577.058909] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 577.066175] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 577.066183] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:23 executing program 2: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x20) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000240)={&(0x7f0000000100), 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x44, r1, 0x700, 0x70bd28, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x30, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x800000}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8001}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xbc77}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x20004010) r2 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x168, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x28, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8}]}, @TIPC_NLA_MEDIA={0x90, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffeffffffff}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8ac}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xbfa}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x81}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_MEDIA={0x6c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x56}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0xc, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3f}]}]}, 0x168}, 0x1, 0x0, 0x0, 0x24000080}, 0x20000000) ioctl(r2, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000004c0), &(0x7f0000000500)=0x4) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ioctl$IOC_PR_REGISTER(r0, 0x401870c8, &(0x7f0000000540)={0x7f, 0x96}) r4 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r4) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:23 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = dup2(r0, r2) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000040)={0x400, 0x90b}) 18:54:23 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0xb3) syz_extract_tcp_res$synack(&(0x7f0000000140)={0x41424344, 0x41424344}, 0x1, 0x0) syz_extract_tcp_res$synack(&(0x7f0000000180)={0x41424344, 0x41424344}, 0x1, 0x0) syz_emit_ethernet(0xdd, &(0x7f0000000340)={@dev={[], 0x1d}, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, [], {@mpls_uc={0x8847, {[{0x3, 0xb7, 0x6, 0x1}, {0x9, 0x6, 0xffffffff, 0x5}, {0x9, 0x3f, 0x10000, 0x7}, {0xb7e, 0x4, 0x100, 0xc7e4}, {0x100, 0x2, 0x7ad, 0x9}, {0xade1, 0x0, 0x42e, 0x714}, {0x4, 0x9, 0x40, 0x101}], @ipv6={0x2, 0x6, "12d16d", 0x8b, 0x21, 0xd67, @local, @loopback, {[@fragment={0x0, 0x0, 0x1, 0xc1, 0x0, 0x4, 0x67}, @routing={0x87, 0x6, 0x0, 0x2, 0x0, [@rand_addr="d0ff8c5af157d143f8927e275d256721", @loopback, @mcast1]}, @hopopts={0xff, 0x1, [], [@pad1, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}]}, @routing={0xdc, 0x2, 0x1, 0x96a, 0x0, [@loopback]}], @tcp={{0x4e21, 0x4e24, r1, r2, 0x2, 0x0, 0x6, 0x20, 0x4, 0x0, 0x83df, {[@nop]}}, {"5996d4"}}}}}}}}, &(0x7f00000001c0)={0x0, 0x1, [0x91f, 0x415, 0x537, 0xae7]}) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000080)={0x1000, {{0xa, 0x4e21, 0x1, @local, 0xfa4}}}, 0x88) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:23 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, 0x0, &(0x7f00000000c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:23 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000004000001000000000000005f42485266535f4d", 0x1ee, 0x10000}], 0x0, 0x0) 18:54:23 executing program 4 (fault-call:0 fault-nth:84): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 579.753817] FAULT_INJECTION: forcing a failure. [ 579.753817] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 579.765669] CPU: 0 PID: 29262 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 579.772682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 579.782035] Call Trace: [ 579.784633] dump_stack+0x138/0x19c [ 579.788281] should_fail.cold+0x10f/0x159 [ 579.792438] __alloc_pages_nodemask+0x1d6/0x7a0 [ 579.797111] ? __alloc_pages_slowpath+0x2930/0x2930 18:54:23 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="66643de5c98d36527df867dad3a923f3bb44bd61c4241658cee274e145b45363b4b77b0beb48da465213c93f5ebb7ba45a5df397c1a88640ac77042e813993d7ad4d9a3fd2b1d4a7967e5b6fa7fcda4daf24be0561d90a92462a221ec5a57c4961fd44f6272f9d02bac2b0fce729b07a585e4fcaca6711b2b76493324b3659570d5fcd9a6b14e1ae6c793325ea8d434ac5ab4259d837985a", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000080)={0x36, 0x3a, 0x11, 0x1b, 0x1, 0x6, 0x3, 0x6e}) [ 579.802153] cache_grow_begin+0x80/0x410 [ 579.806221] kmem_cache_alloc+0x6a8/0x780 [ 579.810375] getname_kernel+0x53/0x350 [ 579.814264] kern_path+0x20/0x40 [ 579.817633] lookup_bdev.part.0+0x63/0x160 [ 579.824134] ? blkdev_open+0x260/0x260 [ 579.828028] blkdev_get_by_path+0x76/0xf0 [ 579.828045] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 579.828059] __btrfs_open_devices+0x194/0xab0 [ 579.828074] ? check_preemption_disabled+0x3c/0x250 [ 579.828089] ? find_device+0x100/0x100 [ 579.828104] ? btrfs_mount+0x1069/0x2b14 [ 579.846231] ? rcu_read_lock_sched_held+0x110/0x130 [ 579.846252] btrfs_open_devices+0xa4/0xb0 [ 579.846267] btrfs_mount+0x11b4/0x2b14 [ 579.846279] ? lock_downgrade+0x6e0/0x6e0 [ 579.846291] ? find_held_lock+0x35/0x130 [ 579.871459] ? pcpu_alloc+0x3af/0x1060 [ 579.871481] ? btrfs_remount+0x11f0/0x11f0 [ 579.871504] ? rcu_read_lock_sched_held+0x110/0x130 [ 579.879919] ? __lockdep_init_map+0x10c/0x570 [ 579.893632] mount_fs+0x9d/0x2a7 [ 579.897012] vfs_kern_mount.part.0+0x5e/0x3d0 18:54:23 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x4000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="91ff"]) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 579.901512] ? find_held_lock+0x35/0x130 [ 579.905583] vfs_kern_mount+0x40/0x60 [ 579.909393] btrfs_mount+0x3ce/0x2b14 [ 579.913203] ? lock_downgrade+0x6e0/0x6e0 [ 579.917357] ? find_held_lock+0x35/0x130 [ 579.921423] ? pcpu_alloc+0x3af/0x1060 [ 579.925349] ? btrfs_remount+0x11f0/0x11f0 [ 579.929598] ? rcu_read_lock_sched_held+0x110/0x130 [ 579.934631] ? __lockdep_init_map+0x10c/0x570 [ 579.939137] ? __lockdep_init_map+0x10c/0x570 [ 579.943637] mount_fs+0x9d/0x2a7 [ 579.947016] vfs_kern_mount.part.0+0x5e/0x3d0 18:54:23 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) membarrier(0x4, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00') ioctl$VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000240)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040004,u3er_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="2c00ae95ecdd40f41b4adc355f698d7291e916f1de1e81e73f415858a16555c2f8d28acb04a6"]) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000280)=r1) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) fsetxattr$trusted_overlay_origin(r2, &(0x7f0000000080)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x2) [ 579.951519] do_mount+0x417/0x27d0 [ 579.955069] ? copy_mount_string+0x40/0x40 [ 579.959309] ? copy_mount_options+0x18f/0x2f0 [ 579.963809] ? __sanitizer_cov_trace_pc+0x2a/0x60 [ 579.968656] ? copy_mount_options+0x1fe/0x2f0 [ 579.973166] SyS_mount+0xab/0x120 [ 579.976619] ? copy_mnt_ns+0x8c0/0x8c0 [ 579.980511] do_syscall_64+0x1eb/0x630 [ 579.984464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 579.989318] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 579.994505] RIP: 0033:0x45b80a 18:54:23 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = getpgid(0xffffffffffffffff) ptrace$setopts(0x4206, r1, 0x800, 0x31) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:23 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$RTC_IRQP_SET(r2, 0x4008700c, 0xdb9) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) [ 579.997690] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 580.005400] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 580.013195] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 580.020477] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 580.027753] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 580.035021] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:23 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x10500, 0x0) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r2, 0x800442d2, &(0x7f0000000180)={0x4, &(0x7f0000000100)=[{0x0, 0x0, 0x0, @local}, {0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @local}]}) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 580.073172] QAT: Invalid ioctl 18:54:23 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) getpeername$inet6(r0, &(0x7f0000000040), &(0x7f0000000080)=0x1c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x75c2, &(0x7f00000000c0)="0adc28123c123f319bd0705ad4f97c8d192a2b") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:23 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000140)='\x03', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = syz_open_procfs(r1, &(0x7f00000001c0)='net/route\x00') ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000240)) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r3 = dup2(r0, r0) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r4) 18:54:23 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 580.321240] print_req_error: I/O error, dev loop5, sector 128 18:54:24 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x38000, 0x0) ioctl$VIDIOC_S_PRIORITY(r0, 0x40045644, 0x3) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, 0x0, &(0x7f0000000200)=0xff93) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000140)={0x4, 0x0, {0xffffffffffffffff, 0x1, 0x5, 0x3, 0x6}}) iopl(0xaa2) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:24 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x3, 0x2000) ioctl$RTC_PLL_GET(r2, 0x80207011, &(0x7f0000000100)) tkill(r1, 0x20) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r2) wait4(0x0, 0x0, 0x0, 0x0) 18:54:24 executing program 4 (fault-call:0 fault-nth:85): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:24 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) connect$unix(r0, &(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='vegas\x00', 0x6) dup2(r0, r2) 18:54:24 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x1100000, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @perf_config_ext, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffb000/0x2000)=nil) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000ffc000/0x3000)=nil) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000080)={0x5}, 0x1) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000007c0), &(0x7f0000000800)=0x4) fstat(r1, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresuid(&(0x7f0000000d00), &(0x7f0000001ec0), &(0x7f0000001f00)=0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000002000)={0x0, 0x1}, &(0x7f0000002040)=0x8) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000002080)={r5, 0x2}, &(0x7f00000020c0)=0x8) r6 = getuid() syz_mount_image$jfs(&(0x7f00000009c0)='jfs\x00', &(0x7f0000000a00)='./file0\x00', 0xff, 0x7, &(0x7f0000001d80)=[{&(0x7f0000000a40)="15ac3779ef6531c1b7abe6384588", 0xe, 0x76}, {&(0x7f0000000a80)="0006f9f09a77514d8939deb27a556f41cbe0acb82b9c38f4bfe6ede56aa3931c8ef7846dd13355ae2e5092c00544287dbc235e783f8374e148038092813e383426ced86cf30c7629798fec0310c2e2f751728f5ee0ace6df59d71c946f0cdca88f4af0d0cda88c17d4549baaa57db33378783720c9a188449a0c9374872109cb092c2a63da7694f9f4bcbb810e", 0x8d, 0x7}, {&(0x7f0000000b40)="4e3acebd995e6adad65d08c612a3ca597f14e4b2a881ab09056c9d97fc7385ca7f70a2846dae18d4342a7a459e55afc6f91f9bc34e852a540d", 0x39, 0x4}, {&(0x7f0000000b80)="e7a64346e2", 0x5, 0x3}, {&(0x7f0000000bc0)="78a84cddfaa56d722118f5a23f5f6c8af64fabf537", 0x15, 0x100010000000}, {&(0x7f0000000c00)="83f697e3b53757d7cc1c32dbd0c4c11095a338caa1771e46383afc569370962918afeba3a60bd6d0fdbd93607e7ae3f630ceca47cd88396d057ad30c9c79511e5136d53d8f63a468f82d3edc35577ece4ba065c01dadb47b267b4e08ed848c68bba7f8b542b26f98794f2f21d082b3e51f4dc19e", 0x74}, {&(0x7f0000000c80)="8fb18c06f7b3780870b31572023f5a71debfb37018b7b8f404a9e128773a6fe28af4e6e214732d5b630b0eed855e3e2ac498af056a3b951ed67305ca7cfe075eca948f6c771363c95c56c7fc40cbc4bbe6662097ca14", 0x56, 0x8}], 0x8400, &(0x7f0000001f40)={[{@discard_size={'discard', 0x3d, 0xcb3b}}, {@gid={'gid', 0x3d, r3}}], [{@smackfsroot={'smackfsroot'}}, {@fowner_eq={'fowner', 0x3d, r4}}, {@euid_eq={'euid', 0x3d, r6}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@context={'context', 0x3d, 'user_u'}}, {@dont_appraise='dont_appraise'}]}) r7 = syz_open_dev$dmmidi(&(0x7f0000000840)='/dev/dmmidi#\x00', 0x8, 0x0) sendto$isdn(r7, &(0x7f0000000880)={0x8, 0x5, "570cce91ec6c50ce16e3840ce103cec3546c047439bbedf7121956c06b46ba2e9f50995ca3b95afbceb5821414c4c3d6d43eb7d5c95ef674db6c08f1bbaf3fc3178651035026"}, 0x4e, 0x20004001, &(0x7f0000000900)={0x22, 0x7, 0x3, 0x3, 0x81}, 0x6) ppoll(&(0x7f0000000700)=[{r0, 0x8200}, {r1, 0x200d}], 0x2, &(0x7f0000000740)={0x0, 0x1c9c380}, &(0x7f0000000780)={0x345}, 0x8) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) munlock(&(0x7f0000ffa000/0x2000)=nil, 0x2000) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) syz_mount_image$nfs4(&(0x7f00000000c0)='nfs4\x00', &(0x7f0000000100)='./file0\x00', 0x101, 0x6, &(0x7f0000000640)=[{&(0x7f0000000140)="d378efb582e3c6a86030ab91458005dce6e5de813725000e410bc39f8d787f4d1fd4ae71b525897d99890f04f03878fa568f0cceb227070aad22889fb95c648aa7786119c7a9b521ebb1ecca0ef5f1158d57e9fdbf1bdd1dc63edc56c02c5204f602ce4981d61625f1aa9024977ebba001188aaadf64f7476fcf3b06797cb8f522a23986aae34ed24971f108e4608525", 0x90, 0x400}, {&(0x7f00000002c0)="bbd33a3664208c9cd94d5b02757d3d5dfe683dfccea4ca1eca6dbdaee33c0b17fbe8c9cc3b2574167ac5b16b457a328619fc7a625ad1df9360c08c", 0x3b, 0x1}, {&(0x7f0000000d80)="35c2364ba4b96b5d36d803d77e86420861c551c373eb8e29bce6d6d59b358ef991ae1f29651de79071d46eb5c23495764608b98c18ef3d0662476c105b34f9fa7a6f6301ed1c273d36239d7bc30713968fa3b49f4bcd20da473d448bdb764c08d76a68a8d969ca19c70588d586711a15df30a8079aba026ca86761da6e8572c33ed6c274d661f55643671becc0caf4a50d24e0dadd596b9293b572d04d8011d13b663f575345f6f7088df656d511adc37355ab554fe25a242de8671a484408949d20b29bc9459bc4a4e33e8eee4bfaba5706faaeac57b7d9eadd4fbad93243c33524f5383ef95902d4daa7a3e78818148b782f189d8b7f5f0284f42defdf99d62d62857d7273193db9e97113a63d9c5be0449c1bc15ee2239c59be5477192ad3c224e10214ad83527fb5a8272641a582fe1fc8dbec31aeb8bce55ed9570953d378d8e3fd86a7f92fc74c39c773b8ce74ba1cfc6414fdabbcc28dfc97dd15ff5409a899812fa2398fcdd9f66afb213c3b53474c94f8ecbc22adce32cf8ebcc207848f1438db12a9b7ef8c2d0a3b9e310308bedb9f5abc3f778e68682a2ecb8e933286a42df9b207dd47b83ef06ad78f15c173de39aee252c4aa2f950003f8994d7dd0ba35fcc74473ecd69e8906fa31d3a39211c828202f9983bfc15b552d28517a8359fea5af26015ac1f375ac84c3685bb4e0963a568303e238d2ee13b7c31e8d0831243a40c50509e5d2c67761d1a2ba8ee8ab5bd5b69a03dbf6d44f6110d691456529b89aac3d2512d7fbb2768168cf90c8ac21de1a410163f2b43f222a6f4f3a453cf166f66023026091607005cd35d3a9c391e66785b8f796f3f4629b0436f068a01d805ae294c5657b1e1f1e611a5b6b0c6cbeccf576a4af929f891bcde97271b2b2df7d2ef71b83f403233309103d1b2c2818190bfe5c9d893e3499ab736bc0c8bb81f9769a2be32b3142611d37e725f0fb1a8c4e1a8b441a67b6df66802a1bb8a279fc1aca32051b721d0e797e25d854f0fe34ecdb4eb10c0e79be6fa96506e8291e7772019fac812649d235765a5d37581041b9b6cd9241f5bd55fecf9a0c34dc304e8c91d88fa800c17b3773395d80069564f2ee71001b0b7ff56fc26d2ab1f1f79a5b7e4269e420491b67dd8bf312806f73971b75cdb12ef53ab78dc5c906a57ae0ef1ca807da3c5737b6e77e52e3c870c6f9e4172f4f71f9463330bb501c36ab24206f290b3c3091be7b49d30c29ff00a3f63b531adc9449f2e085fc5e7fbaef114bab1eccd6d4450c1aedb14d5ee46097391356f5dbfd57f7ace1f33ba1d32147e058382310420da854c86fcfd4c5663dbc0396c3c14131966bc5d068559334aa5a2811f53f3ba3f233aeccbe13a55e9ca9e8fc0293d735259208925db46799b624790958edab3f7dc62e850461a4699505db69c9da4db4dd05bc1b8757e95fed8971f5bdfc1884d31771aed3bb162ff5f8bc26d992a1990ef8072e6e5a484a0951c98cfa07163c539801d43552d221901e1a3f9dbe11499b95eb368a98c1a671ce580eea7935f15e956c6e5c035d297dc328ee971b910076c4be18a28d238d76cfdfb7dea6b1429b01c11967acf2ed4527fb65fe5a9e41684fc1affcc4c4ab3dc809134fcc5216b1c2714ea87f5dd53012af9dd30bf8feb45b5432ee3fc5dac1ba3b74e8554b03252c7f8bb7cd873ba7ffd8ee2b1873de12df443010ed552049d2816911e2e05f92b1c630ddd4145f2a20fed7a395c95771dba5207f70f3228d94c56cf106b70b3e35d024bf86cc80a5b5801692972144ebf032ee4dbfe29edf2f30bf95fa1cafd214ece10b827176ae0815b50f24b3f8eb53418d6775341349bf2bc1424bb0af138c1de0825e597c37e49f7b990981d4acfdfd08bd5f71499492bdc7c1c408e47f11f0486ee2a9025f289bea50df378af02e2f78a23934abb50e9cb79697dc0d37eafd1c99a92388806541e0d3e926a6b15e6febca58a48c48c46965491fa3b9a845dbb4c17d333842593ed6c47dc18ccd3e883a554df93ec44cbbb67710622fb49bd9a715b6af8bd4a5d26bc4594f923656e8cfa7ed78ab5b1629e32b5baa315a5bb3505a0fedf81784269b45a52bd34018ad24b098c325abd53fcaad77dad5715e8df37e63d18a5ca1ebbb47ee5daeb71f290bc692a81461feeda426d5a4ca98b36002c31326205ae3c6f480d62bb31b97e554369eb71bd0d6190bf54bc7a52b9a2000a10cd4d0bd32bc2d541a80d6421b1f7b94eaf80fa0b0edf7684449fe9bdb82026a62c8064e6ffb87a10f79e6e93b2c77a05742968bd11d58e669640aa162dc0333b96929a47235754a3731eb053f186c76e1f42cd94af13ce7e926793fb333a53e9d7a35ab630307245b683f4f937c664d8224a5069a68294ff96f202139ade53eb2777602ed3b52d10810d8f473b47c353844265bb35db011759bea94f86f4f7c9adbbed3577b283dc99c12811b0aaf141fba2bc12098756897bbdd95b16755a40d6df4385a7212d5a6768e30c6917b32433e93449715d31093f182db36abe0d94dce4f1439ed18bd9ab4b6aadde470ef18346ff3dc4cd7d66135be64e2c8c3284afee13cceaebda0bea33981d0ba9f71942f6265829fad330c25bf0b1340de01616a9ec421c7808e8a8934eecdc9d0c14c00a7367f2f9081bdbe4bfad51c38fa11cdf09ea0872d7c9a61505de3ef437967ccb2e9d03377c1fbe74478231f9acbcf5e2c1078c58b4568bed3773dbbf004b0e60ec7682ac5cc2d40e75140dcea49f68484cda184b80986835f4e51b14f1f725e2d859ea4d1eaae1547c2f2904d2558c1c48b9d94309a381c4c4903e43aa8202723823dbcc547e18345585dd0cb2d4857fd84fff65cf22a24891c1eecbca39d4c3241f310ea2238d62b2a096ea632e2cf12381702d92c5f2628d9c30653cd51f929663d1d187467cc0e115d2e3e7fdd104bf41978917d023476d61107795bec70a9b77b995b347b9415970ec43902431f8b03503de79c91badddf341f0671a975cc9cb1c5ed56335422e84fcf8de4e86d5a8afc74b067ac71dae3e02953d7b22d9ec7b7ab7c79443f8dea7ee391504e3889e5a5fd889142d12a60979eb485c3dfffdcfe702dd08e6759aef93f2552cdb7357ec2efccd4451329237eb77c428c8d1055ebf96b216d9125c12a55e508889b039fba14ef091b9a1b86da5f072f19859a0e7dd97c19c1b25bff7ca923d72255d2878645e121b021d3d8d4c31e4d51ed5d97ec294655624a46c2c9032a6e1b144e1f7c46e2f33210cb9fde85a3df77082ac695c8144ec74aba21481383eda910cd80e2655be2117a4d291c0d425e3a09d26b8c8ee02939dfca273d67ab87c8e1a8032a8e6f02ab09c4db298af67d41d6642319234e7a8d1395138a15f8543ff989068aca82880aeaff00ccbfbfa618586037d7d44b119c6ad5bcaca3529ed593696d75754c3b1d7dc15ea51d542680b09e0c84533194b601dd3da0769f15f062a320a37effb85ac3562678ca01725374edb5ad53718993900efe40b6b28d107d2bb1dc19760583beef08b16ece4dd43a84d3d332d5eaf160123ea6752ad78d459613d4081ee5d7942999bb6daed3be301c3bb24b110e62977213b5be0d14d2d5baff1ca532cdd9c299987418229dcd4899edc34e3190097ad3be2f2babfca13b94c75bc6624c6b1494be0582bca314cc920a3da8ac3d6656d2aafae73a8bb5378dd262e9810a4ec3fbe813fa0b48d3fa229c1414b1a7d9d633ce49d0bdd94c540f7b26f24faea1b6ed591adde3494e6860c723a33eea5419fc5c2e0b3f9db7634c79af68524d461241e7c325ff3e0e7e4be506d1a9c7cf3215d022de2098450bb4ee496cefc24f93e0125ca6e7498bbcff55e691d5330c7caba5f605aeeae0aeffea295eba1efa6d74ef28938d64bbae44e35d5892bb4511a86dec43bf1c855d202ad15bc317bb1bc0aadc5afbeeb68d22948402d9ad4c304222d9e1c07b8af3aedf2b7e2056228bbbf0cb310099a1e22aa6f988c79f5fff83c4ed5920aa38d0e85401b2574d2a2400ae1d375ac5813b4a12a1d7df24fec71410672859dff9e654194f1eca5d5e392fa66e18358c7913cf7afba93fe3549485c4ec3d68275c221a9ee3f708e3b8a4751154edb034e2771aa5433a4116f95bd7356d9dcb8c5a1be9432c7f854f64a243186a71697aa689cfd9088f928c2d113a7f4f6facc81fb782767376d454d1940e3f5a195b616ea92fcd1198e67dd6e5a76a2754fb264315c2891f681adf1d0b7d7765b6abc64240e5d7bf74705789d02a20927a3262f8241bba58a993b039066f4d8a41693fcd2469a57e02f07a19995960207c70eb505aaec61383ba3371a257baecda5413f078a95c339c08b3e7308afba77dbf1117cd9307bf708d4b5d4e073532bba6f5e5bda3bb86d69d48ad3d63a624470fe80b174f1f1bbfbcb7b82760cf7e15fc180f16220665602d2cf5d04ce4657c2d07613413ec202d7718a5ed2cfadd0fda356ff60fddec1487115e8c62a53d00e95170763f756ba687ac2b8d1addb82941df59ec2526ebd9bceba6364d3d00a4fc1fb2345b31c3899ae04f28f94d795ab780c34153968a241dad2b0462580f18f2a7b57d2555c061478734c33ec2480a9e498fa3dde62c5d536ef81968ab83a553632a8fba954011c1b66acab7ed4692b940e1440a228b027063e24fd6912caad9af4b8112b3116dc53f0df9abb60708c6fba74fb09458e8b6c7af1c484ec09bc534c1f063d2baedba02215b1fb28f34e27abf5bb0f060522bd35c06bbf478f1d82c5305e8741749ee59646de83f011f36c5762dacd321f46d08e8fa4a39b13e91860cbef54d8485b74fb7b0c118166616cfe98cda0c75e7cdd61729b11954fdb91306584b10904461b2355e3a80dc98c56a8dbb88e04d4bca86743f9e820612083ac6ad067545b5371a25d5ddbb553530763382ae56db026dee75d5ede68be28114a2dde0368e9208d651a016b745bf4dd41fd0226890017840e30bf9ab5f1397f86478e60a65b2adb7113c32d21dec1ff9ecf969c325d29eeec8a44a065cf25ad8f863ba7d995f5741f7f18e31ab870c47597a4e244cf8eb9b24b564d30b022e09116ad9cffd73c8d4d32d94ad046b620775a7c722462b4443d34b7cb22dc197db9fdb15099af40265d9cb544635e230a551bdab677707c407f2bece09bc710a862024f4bf57db27deab40b53714065181ffb51b28e98c399e8042ab6896d5772d9c7d93997c03322a241f5fe4d5fbf39fd1a913d1e72d8d0ff098055fc8eb81d082dcdaa3a0090282aed40e1c98022a1850e8b46bd673e22cea72ba4238833c92aa466fce84521a13dca1cfcaf56618f10bb1bacd4b16a46662b44554b72e10bd4b5e468e0e17aea3cdfde8b1d5a1f2f0e58a9fd2e4219e53ed5e793277190cd22e482b2c4dbfb3ed17c2f2c36114731d1a4cfa45a2b60c82465a499e4a9d2fc1c57ecf0f8693801f5f6377acdea94bbeacee50052d50e2c1ed3bd8175258cf8c96303c073408e2af0e8a39c345e602781fa9fea10b0b57e5b4b05d80f10e917c266370bcd43c47d1019e74d511826db2d6d0b94da80ea2d7fbf38e75d3d93b13716287d616a48f5afaa0f53a9d785037884d6ef3eba8d68e31e013d7d6ad2846a5ba1e2b1bd686f17cd8d8067efeb1f7fe2eb0fb970d12eb7df90ec05a298936d7463539f18dc29adcab8ad0a94e52261e8452e4b65129323d8ebb23c8af7a1e4a56c24b11adc8dac59c3422ec", 0x1000}, {&(0x7f0000000340)="d9d99e23e26b7fefc3dedcb99eecffe4871b3bc329ca1acf67a8903f54dc9f062ebbae28c205a87da6e32915fafb8288d8aa8d5e225d118f5d97724f92e8e66010fed3632b580fd7c075a2af3693f8b5b8da08f3fd1f0ef5047252bb8600f361dad2f7aa54599196b59fbffadbd9279701634d4ed643e10808fd55ebf67588bdb4c0d86c8765717fd8408b7e1cafa0b7c070e2", 0x93, 0x400}, {&(0x7f0000000400)="ba3984ce015be862a6765322fc3454ef129e5709e8ed0daf59852648ba0753790350219632dfde78af4be295778985d21cf2ed08d7bfecbd2b323023c6acaa88ebf36f1fc52a2b43dc881420a5207befa4b21dcfe7e87c4e529c73911ebb4e4cc85e28a9789ebcb973cafbfc0e6d4d1c7a5377de9ddc5c4cf7f18718f1eef72ca25257d5576a472635e30d5252a43b3a86c3ab235948ce8aca91cf9de4bed534c7b5c8ce9e7c11ef1268b1c9bd6e55bd", 0xb0, 0x6}, {&(0x7f00000004c0)="a161140ae578b3658839d665dcd7562df5517652860f10458004b22c40208dc00f6c461cf3ab28bcd946d51ec94e0ee593a920e12ba537bf1b69c6840e5134e037cffe124f2923fe386d6cb5cd08a232d0b1dda7f4ebb0c278e0f640b9d7e30af7eddf399809fead7399104063143fd3c260b70617564c8379dc740df6d37ab1df162320f317e43b5ba3d64095177a96e7b0baa804fd02bf1cea73c985c4558526", 0xa1, 0x6}], 0x20004, &(0x7f0000000580)='rootmode') umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x1, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000280)="dba6d1b48b9e9468d36c0415a35cc22d1013f7113e6df0dabd70bb16fa7194fa1d7322ef2ff858858f091bd9c68e8ae1164a4429dbbfa56a981c0a77b8b51c908f0c1cfbc0fc727eb2782c1b025415ae7ee792b2b1ff8d27cf7855818b58e6b200030c57", 0x64) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x5, 0x6}, &(0x7f00000000c0)=0xc) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000140)={r2, @in6={{0xa, 0x4e22, 0x7, @rand_addr="3d244096412b88a88efa7cbdf3d61f42", 0x5}}, [0x100000000, 0x3, 0x9, 0x100000001, 0xa1a6, 0x8636, 0x4000000, 0xdb, 0x3, 0x1ff, 0x20, 0xffffffff81d71376, 0xc5, 0x1000, 0x3f85]}, &(0x7f0000000240)=0x100) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:24 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000040)) dup2(r0, r2) 18:54:24 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) gettid() 18:54:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x100, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x5}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={r2, 0x1}, &(0x7f0000000180)=0x8) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') sendmsg$TIPC_NL_MON_SET(r1, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1004002}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0xf0, r3, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xff}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0x38, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7f}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x18bd879e}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x40}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100000000}]}, @TIPC_NLA_MON={0x14, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x401}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0xc, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x200}]}, @TIPC_NLA_MON={0x54, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3d51e69a}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xffffffffffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffffffff009}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1e2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xfffffffffffff940}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x8000}, 0x1) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) fsetxattr$trusted_overlay_redirect(r1, &(0x7f00000003c0)='trusted.overlay.redirect\x00', &(0x7f0000000440)='./file0\x00', 0x8, 0x2) [ 580.504189] FAULT_INJECTION: forcing a failure. [ 580.504189] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 580.516031] CPU: 1 PID: 29335 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 580.523041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 580.532395] Call Trace: [ 580.534993] dump_stack+0x138/0x19c [ 580.538639] should_fail.cold+0x10f/0x159 [ 580.542798] __alloc_pages_nodemask+0x1d6/0x7a0 [ 580.547468] ? __alloc_pages_slowpath+0x2930/0x2930 [ 580.552500] cache_grow_begin+0x80/0x410 [ 580.556565] kmem_cache_alloc+0x6a8/0x780 [ 580.560720] getname_kernel+0x53/0x350 [ 580.564608] kern_path+0x20/0x40 [ 580.567986] lookup_bdev.part.0+0x63/0x160 [ 580.572220] ? blkdev_open+0x260/0x260 [ 580.576112] blkdev_get_by_path+0x76/0xf0 [ 580.580268] btrfs_get_bdev_and_sb+0x38/0x2e0 [ 580.584770] __btrfs_open_devices+0x194/0xab0 [ 580.589276] ? check_preemption_disabled+0x3c/0x250 [ 580.594299] ? find_device+0x100/0x100 [ 580.598209] ? btrfs_mount+0x1069/0x2b14 [ 580.602283] ? rcu_read_lock_sched_held+0x110/0x130 [ 580.607314] btrfs_open_devices+0xa4/0xb0 [ 580.611471] btrfs_mount+0x11b4/0x2b14 [ 580.615362] ? lock_downgrade+0x6e0/0x6e0 [ 580.619512] ? find_held_lock+0x35/0x130 [ 580.623579] ? pcpu_alloc+0x3af/0x1060 [ 580.627483] ? btrfs_remount+0x11f0/0x11f0 [ 580.631746] ? rcu_read_lock_sched_held+0x110/0x130 [ 580.631768] ? __lockdep_init_map+0x10c/0x570 [ 580.631787] mount_fs+0x9d/0x2a7 [ 580.631802] vfs_kern_mount.part.0+0x5e/0x3d0 [ 580.631811] ? find_held_lock+0x35/0x130 [ 580.631825] vfs_kern_mount+0x40/0x60 [ 580.631843] btrfs_mount+0x3ce/0x2b14 [ 580.641353] ? lock_downgrade+0x6e0/0x6e0 [ 580.641363] ? find_held_lock+0x35/0x130 [ 580.641373] ? pcpu_alloc+0x3af/0x1060 [ 580.641391] ? btrfs_remount+0x11f0/0x11f0 [ 580.641408] ? rcu_read_lock_sched_held+0x110/0x130 [ 580.641430] ? __lockdep_init_map+0x10c/0x570 [ 580.641443] ? __lockdep_init_map+0x10c/0x570 [ 580.641459] mount_fs+0x9d/0x2a7 [ 580.641474] vfs_kern_mount.part.0+0x5e/0x3d0 [ 580.641488] do_mount+0x417/0x27d0 [ 580.702602] ? copy_mount_options+0x5c/0x2f0 [ 580.707024] ? rcu_read_lock_sched_held+0x110/0x130 [ 580.712043] ? copy_mount_string+0x40/0x40 [ 580.716285] ? copy_mount_options+0x1fe/0x2f0 [ 580.720787] SyS_mount+0xab/0x120 [ 580.724236] ? copy_mnt_ns+0x8c0/0x8c0 [ 580.728129] do_syscall_64+0x1eb/0x630 [ 580.732014] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 580.736863] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 580.742059] RIP: 0033:0x45b80a [ 580.745240] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 18:54:24 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) inotify_init() r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080), 0x4) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="66643dee475c7ad299d1755895b52c66ec7f001d9ed19ab2044748c3e5ef4a8393fede0b964c5e3943086feca0f73f1813a968d41726422300859556d97579452c679410855cde5de3a323dac7a2dba1dde3d6c112b2f4fe5d1915a0b9d5849b3c2489", @ANYRESHEX=r2, @ANYBLOB="2c726f6f746d6f64653d30303030303030303030305130303030303034303030342c757365725f69643d6e89c10f585bafc7ecfe73d878dff38eab200efea72d8758341641737d425901c538ef6097a37c47345c7c1aca19746887943d347dac8e4e7a528c6e762e0aad53c019106de1d245daefd2bacf78615aa98a7a220d0f327756b53378b15bc139f586df07350b052f294ba5eb12c7b314a85bcf10a7eb881b0ac2e7c6faf578d525f95bf9f04f7fab9890efe9449b224b9bc632384c514294c69b311c552f6177d94099dbe768aac907d0dc513b551a6ec48680b7ceef7e8a67968c9ba31c845a77e276ca661f9cd674b9272964914c3f775df7baf67987a459eb44", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB="c7040000"]) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:24 executing program 2: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 580.752947] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 580.760212] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 580.767490] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 580.774757] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 580.782021] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:24 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) 18:54:24 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)) 18:54:24 executing program 4 (fault-call:0 fault-nth:86): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:24 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x80000001, 0x100) accept$alg(r1, 0x0, 0x0) 18:54:24 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) syz_open_dev$vivid(&(0x7f0000000080)='/dev/video#\x00', 0x1, 0x2) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:24 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") epoll_create(0x200) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x701001, 0x0) dup2(r0, r2) ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f0000000040)) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in=@empty}}, &(0x7f00000000c0)=0xffffffffffffffac) r4 = getegid() fchown(r0, r3, r4) 18:54:24 executing program 0: r0 = openat$cgroup_type(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.type\x00', 0x2, 0x0) read(r0, &(0x7f0000000180)=""/41, 0x29) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) write$binfmt_script(r1, &(0x7f00000001c0)={'#! ', './file0', [{0x20, '/dev/cachefiles\x00'}, {0x20, 'cgroup.type\x00'}, {0x20, '+\xc1wlan0md5sum-\'mime_typeproc.-user*cgroup:-ppp1userselfeth0ppp0vmnet0$selinux)$uservboxnet1vmnet1'}, {0x20, 'cgroup.type\x00'}, {0x20, '\\mime_type'}], 0xa, "964d540346b84562bfd490b799248961db401ec3164cc1c640b4a3201542977bab9cee6226aa0a8376bf9c12e509a2cac6248624ba4fbafa18a774677d53d52c0e1593d8f515b99e7307825f54185c00f34f3097c9d72ce5e7fd41a720f0f492894c0b148182fee313b24d6067798ac57aae196d8e490f2e44f3e426c6e5f33c67d9397e98f2d4682f3e08bf6a506044e2ea8922012a9e631f5cc15af259482d2a3c7c2775092dc94da5c50201f3bcb1d745e948228d86d4a9d1c0b6b0a8542b11856a3269e96a8a6c7245a4a13b66099ae29ecb04f4782a1f39ebd2973a341f0d6abf37c994ca2aafcf3cd156a144"}, 0x192) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl(r2, 0x3ff, &(0x7f0000000040)="8d8c31d3ecef0d3eaae5c803a783208051d4c9dcf5740eb97550ec242bea1128f02fc0d45de5ff6fa9241b90bbb19ff57f9adf700167bbcb985e402559eae66f26a1b8f90379c34fc4e93fded28ee6477729dcb6a536b053a84277") r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r1, r3) 18:54:24 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = dup3(r0, r1, 0x80000) setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) ioctl$PIO_SCRNMAP(r3, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$unix(r3, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e23}, 0x6e) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:24 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) r0 = openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='ff9', @ANYRESHEX=r1, @ANYBLOB=',rootmo`e=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000100)) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:24 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="b21d3474c7117984643d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) umount2(&(0x7f0000000600)='./file0\x00', 0x9) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, &(0x7f00000000c0)=""/16) bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) [ 581.142216] FAULT_INJECTION: forcing a failure. [ 581.142216] name failslab, interval 1, probability 0, space 0, times 0 [ 581.153959] CPU: 1 PID: 29396 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 581.160993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 581.170348] Call Trace: [ 581.172951] dump_stack+0x138/0x19c [ 581.176593] should_fail.cold+0x10f/0x159 [ 581.180749] should_failslab+0xdb/0x130 [ 581.184729] kmem_cache_alloc+0x2d9/0x780 [ 581.188890] ? add_to_page_cache_lru+0x159/0x310 [ 581.193675] ? add_to_page_cache_locked+0x40/0x40 [ 581.198532] alloc_buffer_head+0x24/0xe0 [ 581.202593] alloc_page_buffers+0xb7/0x200 [ 581.206848] __getblk_gfp+0x342/0x710 [ 581.210670] ? lru_add_drain_all+0x18/0x20 [ 581.214913] __bread_gfp+0x2e/0x290 [ 581.218552] btrfs_read_dev_one_super+0x9f/0x270 [ 581.223317] btrfs_read_dev_super+0x5d/0xb0 [ 581.227641] ? btrfs_read_dev_one_super+0x270/0x270 [ 581.232662] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 581.237179] __btrfs_open_devices+0x194/0xab0 18:54:24 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x7) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 581.241691] ? check_preemption_disabled+0x3c/0x250 [ 581.246720] ? find_device+0x100/0x100 [ 581.250607] ? btrfs_mount+0x1069/0x2b14 [ 581.254676] ? rcu_read_lock_sched_held+0x110/0x130 [ 581.259698] btrfs_open_devices+0xa4/0xb0 [ 581.263853] btrfs_mount+0x11b4/0x2b14 [ 581.267745] ? lock_downgrade+0x6e0/0x6e0 [ 581.271900] ? find_held_lock+0x35/0x130 [ 581.275965] ? pcpu_alloc+0x3af/0x1060 [ 581.279861] ? btrfs_remount+0x11f0/0x11f0 [ 581.284114] ? rcu_read_lock_sched_held+0x110/0x130 18:54:25 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") ioctl(r0, 0xffff, &(0x7f0000000040)="c1e0932202579a4f50a1a5da7dbdd60a64ec") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$VIDIOC_SUBDEV_G_DV_TIMINGS(r3, 0xc0845658, &(0x7f0000000180)={0x0, @reserved}) r4 = dup2(r0, r2) ioctl$VIDIOC_G_STD(r3, 0x80085617, &(0x7f00000000c0)) getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f00000002c0), &(0x7f0000000300)=0x4) sendto$x25(r4, &(0x7f0000000240)="b68cbead82638f83126c00326f6f3a2a3d8713e615bd18904c821eba1ff8048ec0a8c8dbb6f5e388f9dc9a448b0ee19c03857e30171010d80de36b28ae9664", 0x3f, 0x8c0, &(0x7f0000000280)={0x9, @null=' \x00'}, 0x12) [ 581.289138] ? __lockdep_init_map+0x10c/0x570 [ 581.293652] mount_fs+0x9d/0x2a7 [ 581.297037] vfs_kern_mount.part.0+0x5e/0x3d0 [ 581.301547] ? find_held_lock+0x35/0x130 [ 581.305619] vfs_kern_mount+0x40/0x60 [ 581.309435] btrfs_mount+0x3ce/0x2b14 [ 581.313246] ? lock_downgrade+0x6e0/0x6e0 [ 581.317396] ? find_held_lock+0x35/0x130 [ 581.321459] ? pcpu_alloc+0x3af/0x1060 [ 581.325356] ? btrfs_remount+0x11f0/0x11f0 [ 581.329605] ? rcu_read_lock_sched_held+0x110/0x130 [ 581.334652] ? __lockdep_init_map+0x10c/0x570 [ 581.339155] ? __lockdep_init_map+0x10c/0x570 [ 581.343668] mount_fs+0x9d/0x2a7 [ 581.347044] vfs_kern_mount.part.0+0x5e/0x3d0 [ 581.351557] do_mount+0x417/0x27d0 [ 581.355106] ? copy_mount_options+0x5c/0x2f0 [ 581.359623] ? rcu_read_lock_sched_held+0x110/0x130 [ 581.364664] ? copy_mount_string+0x40/0x40 [ 581.368908] ? copy_mount_options+0x1fe/0x2f0 [ 581.373404] SyS_mount+0xab/0x120 [ 581.376859] ? copy_mnt_ns+0x8c0/0x8c0 [ 581.380770] do_syscall_64+0x1eb/0x630 [ 581.384659] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 581.389509] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 581.394698] RIP: 0033:0x45b80a [ 581.397895] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 581.405612] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 581.412898] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 581.420167] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 581.427426] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 581.434677] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:27 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000100)={0x0, 0x3, 0xa, [0x20, 0x80000001, 0x1ff, 0xc88, 0x4, 0x7ff, 0x6, 0x972, 0x3ff, 0x3f]}, &(0x7f0000000140)=0x1c) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000180)=@assoc_value={r1, 0x1}, &(0x7f00000001c0)=0x8) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:27 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0xa10004, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) 18:54:27 executing program 1: socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, 0x0, 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = shmget(0x2, 0x1000, 0x1000, &(0x7f0000fff000/0x1000)=nil) shmctl$SHM_UNLOCK(r0, 0xc) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180)='/dev/zero\x00', 0x440000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) readlink(0x0, 0x0, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000080)={0x40, 0x2000, 0x3}, 0xc) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040004,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f75705f69643d9b136b2b31fe2307838057fb0d78417204be13692a94b38d086b43d49793c4f69ef2534d866d40f7ff9b32f87a5dcf8a7af8d6284522d165bfaeb45257a9aaf70f1fccd1cc7c83c93bf0a8bbde36399da645ff3d8c7d6e60c354ce53d496ac90bd504280ea02586d150fe19d14cad45ff1ae423c3ae943ac8585f1fc03da342c25ab3da887fbc4df67c27d02920b588345", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f00000009c0)) prctl$PR_SET_SPECULATION_CTRL(0x35, 0x0) sendmsg$TIPC_NL_BEARER_GET(0xffffffffffffffff, 0x0, 0x4000001) symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') umount2(&(0x7f0000000600)='./file0\x00', 0x9) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4, 0x400}, 0x1c) 18:54:27 executing program 4 (fault-call:0 fault-nth:87): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:27 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r1 = socket(0xa, 0x80001, 0xd) ioctl$SIOCAX25CTLCON(r1, 0x89e8, &(0x7f0000000000)={@bcast, @bcast, @null, 0xf, 0x8000, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}) syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:27 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f00000000c0)={0x9, 0x7fffffff, 0xffffffffffff7fff}) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dlm_plock\x00', 0x244101, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000240)) lsetxattr$trusted_overlay_nlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.nlink\x00', &(0x7f0000000200)={'U+', 0x800ffff}, 0x28, 0x1) 18:54:27 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x945569d, 0x8000) getsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000100), &(0x7f0000000140)=0x8) accept$packet(r2, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000300)=0x14) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000340)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x60, r3}) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000380)={0x5}) write$capi20_data(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="10005000878100000000010000000000fd003fa825b3b53680e4224ba10cfcac090505c3917399799d2684fad7f3ee2b6e82877a3831efdde7150b5b57ce2310909f6cc50c007e0ac20536c5333bcbca04a7fac8cb19f19d34e8bb21589e922b29a68b5fea817736adb90924d65560ee9d566643780045188548f98bde2a27c03dda440d5089eee5d3e4ec677d35751998675098b3d2a8993828f684ce62b8ed52450f28c7a20145c28f1dee8493bffec5c31ecd7d319d52cf8ba57dbdc48ec18eb442d7d6e614c20f0b1f4ea87119dfbea6ec6d108285025990cc0c3cf9ab76e24e851ec9641801ffc8ba77a6004bc8ded5896f8a74d1a7018f5d6f075193a6444e4160973283411ddc11ebc04ac3"], 0x10f) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f00000003c0)) write$rfkill(r2, &(0x7f00000003c0)={0x0, 0x6, 0x2, 0x401}, 0x8) 18:54:27 executing program 0: r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) write$sndseq(r0, &(0x7f0000000180)=[{0x7, 0xffffffff80000001, 0xffff, 0x7ff, @tick=0x3, {0x401, 0x28000000}, {0x9, 0x3}, @quote={{0x8, 0x8000000000}, 0x101, &(0x7f00000000c0)={0x5, 0xffffffffffff8001, 0x5, 0x8, @time={r1, r2+30000000}, {0x4, 0x7}, {0x100000, 0x800}, @result={0x7, 0x7}}}}, {0x7, 0x6, 0xd21e, 0x8, @tick=0x9b, {0xf4c8, 0x8d}, {0x0, 0x8}, @addr={0xff80, 0xffffffffffff7b2d}}, {0x20000000, 0x6, 0x3ff, 0x3, @tick=0x648, {0x3, 0x401}, {0x2, 0x8}, @raw32={[0x3f, 0x40, 0x8]}}, {0x4, 0x0, 0x668dc67c, 0x8, @tick=0x7, {0x8, 0x5}, {0xfe3, 0xfffffffffffffffd}, @raw8={"e9845c9a736494985d9a9585"}}], 0xc0) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r3, r5) 18:54:27 executing program 1: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/', 0x0, 0x0) dup(r0) [ 583.967167] FAULT_INJECTION: forcing a failure. [ 583.967167] name failslab, interval 1, probability 0, space 0, times 0 [ 584.031933] CPU: 0 PID: 29453 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 584.039007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 584.039013] Call Trace: [ 584.039033] dump_stack+0x138/0x19c [ 584.039052] should_fail.cold+0x10f/0x159 [ 584.058739] ? __lock_is_held+0xb6/0x140 [ 584.062811] ? mempool_free+0x1d0/0x1d0 [ 584.066792] should_failslab+0xdb/0x130 [ 584.070774] kmem_cache_alloc+0x47/0x780 [ 584.070792] ? mempool_free+0x1d0/0x1d0 [ 584.070801] mempool_alloc_slab+0x47/0x60 [ 584.070811] mempool_alloc+0x13a/0x300 [ 584.070822] ? __find_get_block+0x5c6/0xb10 [ 584.070835] ? remove_element.isra.0+0x1b0/0x1b0 [ 584.070848] ? mark_held_locks+0xb1/0x100 [ 584.070860] ? save_trace+0x290/0x290 [ 584.070882] ? trace_hardirqs_on_caller+0x400/0x590 [ 584.070898] bio_alloc_bioset+0x368/0x680 [ 584.113235] ? bvec_alloc+0x2e0/0x2e0 [ 584.117040] ? __getblk_gfp+0x5c/0x710 [ 584.120932] submit_bh_wbc+0xf6/0x720 [ 584.124726] __bread_gfp+0x106/0x290 [ 584.128437] btrfs_read_dev_one_super+0x9f/0x270 [ 584.133176] btrfs_read_dev_super+0x5d/0xb0 [ 584.137479] ? btrfs_read_dev_one_super+0x270/0x270 [ 584.142484] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 584.146969] __btrfs_open_devices+0x194/0xab0 [ 584.151455] ? check_preemption_disabled+0x3c/0x250 [ 584.156472] ? find_device+0x100/0x100 [ 584.160368] ? btrfs_mount+0x1069/0x2b14 [ 584.164412] ? rcu_read_lock_sched_held+0x110/0x130 [ 584.169414] btrfs_open_devices+0xa4/0xb0 [ 584.173736] btrfs_mount+0x11b4/0x2b14 [ 584.177613] ? lock_downgrade+0x6e0/0x6e0 [ 584.181747] ? find_held_lock+0x35/0x130 [ 584.185814] ? pcpu_alloc+0x3af/0x1060 [ 584.189705] ? btrfs_remount+0x11f0/0x11f0 [ 584.193925] ? rcu_read_lock_sched_held+0x110/0x130 [ 584.198925] ? __lockdep_init_map+0x10c/0x570 [ 584.203406] mount_fs+0x9d/0x2a7 [ 584.206774] vfs_kern_mount.part.0+0x5e/0x3d0 [ 584.211250] ? find_held_lock+0x35/0x130 [ 584.215291] vfs_kern_mount+0x40/0x60 [ 584.219075] btrfs_mount+0x3ce/0x2b14 [ 584.222859] ? lock_downgrade+0x6e0/0x6e0 [ 584.227008] ? find_held_lock+0x35/0x130 [ 584.231062] ? pcpu_alloc+0x3af/0x1060 [ 584.235031] ? btrfs_remount+0x11f0/0x11f0 [ 584.239252] ? rcu_read_lock_sched_held+0x110/0x130 [ 584.244255] ? __lockdep_init_map+0x10c/0x570 [ 584.248729] ? __lockdep_init_map+0x10c/0x570 [ 584.253206] mount_fs+0x9d/0x2a7 [ 584.256558] vfs_kern_mount.part.0+0x5e/0x3d0 [ 584.261037] do_mount+0x417/0x27d0 [ 584.264556] ? copy_mount_options+0x5c/0x2f0 [ 584.268948] ? rcu_read_lock_sched_held+0x110/0x130 [ 584.273948] ? copy_mount_string+0x40/0x40 [ 584.278174] ? copy_mount_options+0x1fe/0x2f0 [ 584.282713] SyS_mount+0xab/0x120 [ 584.286151] ? copy_mnt_ns+0x8c0/0x8c0 [ 584.290031] do_syscall_64+0x1eb/0x630 [ 584.293911] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 584.298754] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 584.303930] RIP: 0033:0x45b80a [ 584.307099] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 584.314802] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 584.322060] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 18:54:28 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/policy\x00', 0x0, 0x0) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:28 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000040)={'caif0\x00', 0x8}) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) ioctl$RTC_WKALM_SET(r2, 0x4028700f, &(0x7f0000000080)={0x1, 0x1, {0x1b, 0x2f, 0xc, 0x7, 0x0, 0x1, 0x1, 0xbc, 0xc684c79926a09433}}) 18:54:28 executing program 2: setxattr$security_selinux(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='security.selinux\x00', &(0x7f00000001c0)='system_u:object_r:policy_src_t:s0\x00', 0x22, 0x1) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={0xffffffffffffff9c}) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000100), 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) gettid() ioctl(r1, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:28 executing program 1: r0 = syz_open_dev$binder(&(0x7f0000000140)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(0x0, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x8, 0x0, &(0x7f00000001c0)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup2(r0, r0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000680)={0x54, 0x0, &(0x7f0000000900)=[@increfs, @transaction_sg={0x40046307, {{0x0, 0x40486312, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}}], 0x0, 0x0, 0x0}) [ 584.329318] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 584.336565] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 584.343814] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:28 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$IOC_PR_RESERVE(r2, 0x401070c9, &(0x7f0000000100)={0x7ff, 0x5, 0x1}) 18:54:28 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000940)="0adc1f123c123f319bd07023779e8cdc5b120e71eacff4f78e3f53060fd04c1871a925a976b929015015c4b93d7595d3201e03c4a8370611ba35e62978f2e641d8f9fe") ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f0000000040)={0xc, {0x1, 0x3, 0x2, 0x7}, {0x5, 0x452b, 0x1cc9, 0x10001}, {0x8, 0xfffffffffffffffe}}) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in=@initdev, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@dev}}, &(0x7f00000000c0)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000280)={0x0, 0x0}, &(0x7f00000002c0)=0xc) getresgid(&(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)=0x0) ioctl$KVM_S390_UCAS_MAP(r0, 0x4018ae50, &(0x7f0000000100)={0xffff, 0x1, 0x80000000}) r6 = getegid() setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000008c0)=@nat={'nat\x00', 0x19, 0x4, 0x4d8, [0x200003c0, 0x0, 0x0, 0x200003f0, 0x200005d8], 0x0, &(0x7f0000000080), &(0x7f00000003c0)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x11, 0x20, 0x6, 'veth0\x00', 'team0\x00', 'bond_slave_0\x00', 'bridge0\x00', @dev={[], 0xa}, [], @empty, [0x0, 0x0, 0x0, 0xff, 0xff], 0x70, 0x70, 0xa8}}, @arpreply={'arpreply\x00', 0x10, {{@empty, 0xfffffffffffffffe}}}}, {{{0x19, 0x0, 0x9100, 'ip6gre0\x00', 'nr0\x00', '\x00', 'syz_tun\x00', @link_local, [0x0, 0x0, 0x0, 0xff, 0xff, 0xff], @remote, [0x0, 0x0, 0xff, 0xff, 0x0, 0xff], 0xa0, 0xd8, 0x110, [@state={'state\x00', 0x8, {{0x9}}}]}, [@snat={'snat\x00', 0x10, {{@broadcast, 0xfffffffffffffffe}}}]}, @arpreply={'arpreply\x00', 0x10, {{@broadcast, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x1, [{{{0x9, 0xa, 0xfd, 'caif0\x00', 'ipddp0\x00', 'hsr0\x00', 'nr0\x00', @dev={[], 0x13}, [0x0, 0xff, 0xff, 0xff], @broadcast, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x110, 0x110, 0x148, [@arp={'arp\x00', 0x38, {{0x33f, 0x8, 0x0, @broadcast, 0xffffffff, @loopback, 0xff0000ff, @dev={[], 0xfffffffffffffff8}, [0x0, 0xff, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, [0xff, 0x0, 0x0, 0xff, 0x0, 0xff], 0x2, 0x24}}}, @owner={'owner\x00', 0x18, {{r3, r4, r5, r6, 0x4, 0x5}}}]}}, @arpreply={'arpreply\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe, 0x1, [{{{0x15, 0x1, 0xe83e, 'hsr0\x00', 'syzkaller1\x00', 'ipddp0\x00', 'bcsh0\x00', @link_local, [0xff, 0x0, 0x0, 0x0, 0xff], @empty, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], 0x70, 0xe0, 0x118}, [@arpreply={'arpreply\x00', 0x10, {{@local, 0xfffffffffffffffe}}}, @snat={'snat\x00', 0x10, {{@dev={[], 0x19}, 0xffffffffffffffff}}}]}, @snat={'snat\x00', 0x10, {{@random="c0c10f8572c4", 0xfffffffffffffffe}}}}]}]}, 0x550) dup2(r0, r2) 18:54:28 executing program 4 (fault-call:0 fault-nth:88): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:28 executing program 5: r0 = epoll_create1(0x0) r1 = epoll_create1(0x0) fcntl$lock(r0, 0x800000007, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x1, 0x0, 0x1000}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x1, 0x2) ioctl$KVM_IRQ_LINE_STATUS(r3, 0xc008ae67, &(0x7f0000000040)={0x3f, 0x5457}) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") 18:54:28 executing program 1: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) recvmmsg(0xffffffffffffff9c, &(0x7f0000008880)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000240)=""/62, 0x3e}], 0x1}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000002c0)='status\x00') preadv(r0, &(0x7f0000000480), 0x1000000000000237, 0x0) 18:54:28 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x220000, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:28 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) clone(0x3102001ff8, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/load\x00', 0x2, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00') sendmsg$IPVS_CMD_GET_INFO(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40408002}, 0xc, &(0x7f00000002c0)={&(0x7f0000000180)={0x110, r3, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x64, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x4}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x29}}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xdb2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x34f8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x81}]}, @IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bond0\x00'}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) write$selinux_load(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757816000000d96927940000fffffff800004000000000e9088a1ff9dc01"], 0x2c) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r4) 18:54:28 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r0) ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000040)) 18:54:28 executing program 3: syz_mount_image$btrfs(&(0x7f0000000180)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0xfffffffffffffffe, 0xa2500) getsockopt$rose(r0, 0x104, 0xfeb94f47b955cd4e, &(0x7f0000000200), &(0x7f0000000240)=0x4) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x3, 0x0) ioctl$SG_GET_SG_TABLESIZE(r1, 0x227f, &(0x7f0000000140)) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) [ 584.690888] SELinux: ebitmap: truncated map [ 584.695501] SELinux: failed to load policy [ 584.705019] SELinux: ebitmap: truncated map [ 584.709465] SELinux: failed to load policy [ 584.730979] print_req_error: I/O error, dev loop5, sector 128 18:54:28 executing program 1: add_key(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$clear(0x7, 0x0) clone(0x4000002102001ffb, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) sched_setscheduler(0x0, 0x5, &(0x7f0000000200)) seccomp(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x3, 0x0, 0x0, 0x10000}]}) 18:54:28 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008914, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:28 executing program 1: syz_execute_func(&(0x7f0000000180)="410f01f964ff09c4c3ad0cdbcb41c3c4e2c99758423e46d8731266420fe2e366460f7e5bc0c442019dcc6f") clone(0x84007ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() mknod(&(0x7f00000000c0)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) ptrace(0x10, r0) r1 = openat(0xffffffffffffff9c, &(0x7f0000004e00)='./file0\x00', 0x2, 0x0) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x0) ptrace(0x11, r0) [ 584.810540] FAULT_INJECTION: forcing a failure. [ 584.810540] name failslab, interval 1, probability 0, space 0, times 0 [ 584.829373] CPU: 1 PID: 29510 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 584.836410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 584.845771] Call Trace: [ 584.848373] dump_stack+0x138/0x19c [ 584.852022] should_fail.cold+0x10f/0x159 [ 584.856181] should_failslab+0xdb/0x130 [ 584.860141] kmem_cache_alloc_node+0x28a/0x780 [ 584.864715] __alloc_skb+0x9c/0x500 [ 584.868324] ? skb_scrub_packet+0x4b0/0x4b0 [ 584.872634] ? netlink_has_listeners+0x20a/0x330 [ 584.877377] kobject_uevent_env+0x74c/0xc41 [ 584.881707] kobject_uevent+0x20/0x26 [ 584.885490] loop_clr_fd+0x4a7/0xae0 [ 584.889193] ? loop_clr_fd+0xae0/0xae0 [ 584.893062] lo_release+0x10e/0x1b0 [ 584.896727] ? loop_clr_fd+0xae0/0xae0 [ 584.900603] __blkdev_put+0x436/0x7f0 [ 584.904407] ? bd_set_size+0xb0/0xb0 [ 584.908116] ? wait_for_completion+0x420/0x420 [ 584.912682] blkdev_put+0x88/0x510 [ 584.916203] ? btrfs_get_bdev_and_sb+0x10c/0x2e0 [ 584.920958] __btrfs_open_devices+0x289/0xab0 [ 584.925436] ? check_preemption_disabled+0x3c/0x250 [ 584.930433] ? find_device+0x100/0x100 [ 584.934318] ? btrfs_mount+0x1069/0x2b14 [ 584.938365] ? rcu_read_lock_sched_held+0x110/0x130 [ 584.943383] btrfs_open_devices+0xa4/0xb0 [ 584.947528] btrfs_mount+0x11b4/0x2b14 [ 584.951402] ? lock_downgrade+0x6e0/0x6e0 [ 584.955530] ? find_held_lock+0x35/0x130 [ 584.959593] ? pcpu_alloc+0x3af/0x1060 [ 584.963488] ? btrfs_remount+0x11f0/0x11f0 [ 584.967717] ? rcu_read_lock_sched_held+0x110/0x130 [ 584.972737] ? __lockdep_init_map+0x10c/0x570 [ 584.977226] mount_fs+0x9d/0x2a7 [ 584.980588] vfs_kern_mount.part.0+0x5e/0x3d0 [ 584.985066] ? find_held_lock+0x35/0x130 [ 584.989112] vfs_kern_mount+0x40/0x60 [ 584.992901] btrfs_mount+0x3ce/0x2b14 [ 584.996686] ? lock_downgrade+0x6e0/0x6e0 [ 585.000815] ? find_held_lock+0x35/0x130 [ 585.004859] ? pcpu_alloc+0x3af/0x1060 [ 585.008742] ? btrfs_remount+0x11f0/0x11f0 [ 585.012964] ? rcu_read_lock_sched_held+0x110/0x130 [ 585.017992] ? __lockdep_init_map+0x10c/0x570 [ 585.022513] ? __lockdep_init_map+0x10c/0x570 [ 585.027008] mount_fs+0x9d/0x2a7 [ 585.030364] vfs_kern_mount.part.0+0x5e/0x3d0 [ 585.034862] do_mount+0x417/0x27d0 [ 585.038391] ? copy_mount_options+0x5c/0x2f0 [ 585.042784] ? rcu_read_lock_sched_held+0x110/0x130 [ 585.047786] ? copy_mount_string+0x40/0x40 [ 585.052010] ? copy_mount_options+0x1fe/0x2f0 [ 585.056494] SyS_mount+0xab/0x120 [ 585.059935] ? copy_mnt_ns+0x8c0/0x8c0 [ 585.063816] do_syscall_64+0x1eb/0x630 [ 585.067697] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 585.072527] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 585.077712] RIP: 0033:0x45b80a [ 585.080888] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 585.088599] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 585.095851] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 585.103111] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 18:54:28 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000040)={0x33, 0x6, 0x0, {0x3, 0x6, 0xa, 0x0, '/dev/rtc0\x00'}}, 0x33) [ 585.110379] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 585.117644] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:28 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000140)=0xc) write$cgroup_pid(r0, &(0x7f0000000180)=r1, 0x12) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:28 executing program 4 (fault-call:0 fault-nth:89): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:28 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r0) 18:54:29 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 585.449979] FAULT_INJECTION: forcing a failure. [ 585.449979] name failslab, interval 1, probability 0, space 0, times 0 [ 585.461218] CPU: 1 PID: 29584 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 585.468228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.477583] Call Trace: [ 585.480187] dump_stack+0x138/0x19c [ 585.483829] should_fail.cold+0x10f/0x159 [ 585.487988] should_failslab+0xdb/0x130 [ 585.491964] kmem_cache_alloc+0x47/0x780 [ 585.496028] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 585.501649] __radix_tree_create+0x337/0x4d0 [ 585.506060] page_cache_tree_insert+0xa7/0x2d0 [ 585.510643] ? file_check_and_advance_wb_err+0x380/0x380 [ 585.516088] ? debug_smp_processor_id+0x1c/0x20 [ 585.520759] __add_to_page_cache_locked+0x2a7/0x7e0 [ 585.525781] ? find_lock_entry+0x3f0/0x3f0 [ 585.530012] ? lock_downgrade+0x6e0/0x6e0 [ 585.534154] add_to_page_cache_lru+0xf4/0x310 [ 585.538649] ? add_to_page_cache_locked+0x40/0x40 [ 585.543483] ? __page_cache_alloc+0xdd/0x3e0 [ 585.547894] pagecache_get_page+0x1f5/0x750 [ 585.552223] __getblk_gfp+0x24b/0x710 [ 585.556020] ? lru_add_drain_all+0x18/0x20 [ 585.560272] __bread_gfp+0x2e/0x290 [ 585.563902] btrfs_read_dev_one_super+0x9f/0x270 [ 585.568658] btrfs_read_dev_super+0x5d/0xb0 [ 585.572997] ? btrfs_read_dev_one_super+0x270/0x270 [ 585.578015] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 585.582505] __btrfs_open_devices+0x194/0xab0 [ 585.586998] ? check_preemption_disabled+0x3c/0x250 [ 585.592027] ? find_device+0x100/0x100 [ 585.595910] ? btrfs_mount+0x1069/0x2b14 [ 585.599969] ? rcu_read_lock_sched_held+0x110/0x130 [ 585.604982] btrfs_open_devices+0xa4/0xb0 [ 585.609123] btrfs_mount+0x11b4/0x2b14 [ 585.613004] ? lock_downgrade+0x6e0/0x6e0 [ 585.617190] ? find_held_lock+0x35/0x130 [ 585.621245] ? pcpu_alloc+0x3af/0x1060 [ 585.625132] ? btrfs_remount+0x11f0/0x11f0 [ 585.629373] ? rcu_read_lock_sched_held+0x110/0x130 [ 585.634396] ? __lockdep_init_map+0x10c/0x570 [ 585.638896] mount_fs+0x9d/0x2a7 [ 585.642274] vfs_kern_mount.part.0+0x5e/0x3d0 [ 585.646759] ? find_held_lock+0x35/0x130 [ 585.650814] vfs_kern_mount+0x40/0x60 [ 585.654610] btrfs_mount+0x3ce/0x2b14 [ 585.658410] ? lock_downgrade+0x6e0/0x6e0 [ 585.662552] ? find_held_lock+0x35/0x130 [ 585.666607] ? pcpu_alloc+0x3af/0x1060 [ 585.670499] ? btrfs_remount+0x11f0/0x11f0 [ 585.674733] ? rcu_read_lock_sched_held+0x110/0x130 [ 585.679752] ? __lockdep_init_map+0x10c/0x570 [ 585.684244] ? __lockdep_init_map+0x10c/0x570 [ 585.688738] mount_fs+0x9d/0x2a7 [ 585.692103] vfs_kern_mount.part.0+0x5e/0x3d0 [ 585.696597] do_mount+0x417/0x27d0 [ 585.700129] ? copy_mount_options+0x5c/0x2f0 [ 585.704533] ? rcu_read_lock_sched_held+0x110/0x130 [ 585.709546] ? copy_mount_string+0x40/0x40 [ 585.713780] ? copy_mount_options+0x1fe/0x2f0 [ 585.718273] SyS_mount+0xab/0x120 [ 585.721721] ? copy_mnt_ns+0x8c0/0x8c0 [ 585.725604] do_syscall_64+0x1eb/0x630 [ 585.729491] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 585.734348] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 585.739527] RIP: 0033:0x45b80a [ 585.742706] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 585.750407] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 585.757669] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 585.764931] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 585.772193] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 585.779455] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:31 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x4000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:31 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xaaaaaaaaaaaac7f, &(0x7f0000000400)=[{&(0x7f00000002c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0xfff}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000200)='/p\x81\x00c/sys/net/ipv4/vs/backup_only\x00<\xb2\x93Lc\x10?o\x8a:I\x982\x82=\x85J\x13\xd9^\x953\x13,H\xb7\x1f\xa51vb\x81\xad\bF\xd4\xb9\x8b\xc1\xc8\x94\x1ar\n|\xf5J6\xecS\xa6 \x1c\x918y.\x06\xb6\x98\x05\x00\x00\x00\x00\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000340)=0x2000005) signalfd4(0xffffffffffffffff, 0x0, 0xfffffffffffffe31, 0x800) syz_genetlink_get_family_id$SEG6(&(0x7f0000000180)='SEG6\x00') 18:54:31 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = dup(r0) getsockopt$inet6_int(r2, 0x29, 0xb, &(0x7f0000000040), &(0x7f0000000080)=0x4) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r3) 18:54:31 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x2, 0x2) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shmctl$SHM_UNLOCK(0x0, 0xc) openat$zero(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/zero\x00', 0x400200, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/fuse\x00', 0x2, 0x0) fsetxattr$security_selinux(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000240)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4004}, 0x2c, {'user_id'}, 0x2c, {'group_id'}}) write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0) umount2(&(0x7f0000000600)='./file0\x00', 0x9) fchdir(r1) pipe2(0x0, 0x84800) syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x401, 0x301000) 18:54:31 executing program 4 (fault-call:0 fault-nth:90): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 587.707278] FAULT_INJECTION: forcing a failure. [ 587.707278] name failslab, interval 1, probability 0, space 0, times 0 [ 587.732075] CPU: 1 PID: 29600 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 587.739113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 587.748463] Call Trace: [ 587.751068] dump_stack+0x138/0x19c [ 587.754706] should_fail.cold+0x10f/0x159 [ 587.758859] ? __lock_is_held+0xb6/0x140 [ 587.762936] ? mempool_free+0x1d0/0x1d0 [ 587.766913] should_failslab+0xdb/0x130 [ 587.770901] kmem_cache_alloc+0x47/0x780 [ 587.774967] ? mempool_free+0x1d0/0x1d0 [ 587.774979] mempool_alloc_slab+0x47/0x60 [ 587.774991] mempool_alloc+0x13a/0x300 [ 587.775002] ? __find_get_block+0x5c6/0xb10 [ 587.775018] ? remove_element.isra.0+0x1b0/0x1b0 [ 587.791334] ? mark_held_locks+0xb1/0x100 [ 587.791347] ? save_trace+0x290/0x290 [ 587.791359] ? trace_hardirqs_on_caller+0x400/0x590 [ 587.791376] bio_alloc_bioset+0x368/0x680 [ 587.791391] ? bvec_alloc+0x2e0/0x2e0 [ 587.791403] ? __getblk_gfp+0x5c/0x710 [ 587.791417] submit_bh_wbc+0xf6/0x720 [ 587.791433] __bread_gfp+0x106/0x290 [ 587.791448] btrfs_read_dev_one_super+0x9f/0x270 [ 587.791464] btrfs_read_dev_super+0x5d/0xb0 [ 587.800341] ? btrfs_read_dev_one_super+0x270/0x270 [ 587.800358] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 587.800372] __btrfs_open_devices+0x194/0xab0 [ 587.800385] ? check_preemption_disabled+0x3c/0x250 [ 587.800401] ? find_device+0x100/0x100 [ 587.800412] ? btrfs_mount+0x1069/0x2b14 [ 587.800424] ? rcu_read_lock_sched_held+0x110/0x130 [ 587.800442] btrfs_open_devices+0xa4/0xb0 [ 587.800455] btrfs_mount+0x11b4/0x2b14 [ 587.800466] ? lock_downgrade+0x6e0/0x6e0 [ 587.800475] ? find_held_lock+0x35/0x130 [ 587.800486] ? pcpu_alloc+0x3af/0x1060 [ 587.800505] ? btrfs_remount+0x11f0/0x11f0 [ 587.800523] ? rcu_read_lock_sched_held+0x110/0x130 [ 587.800545] ? __lockdep_init_map+0x10c/0x570 18:54:31 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = getpgid(0x0) r2 = getpgid(0x0) setpgid(r1, r2) r3 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x20) wait4(0x0, 0x0, 0x0, 0x0) r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x40000, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000100)={0x0, 0x0, 0x1000}) ioctl$DRM_IOCTL_GEM_OPEN(r4, 0xc010640b, &(0x7f0000000140)={0x0, r5, 0x4}) [ 587.800564] mount_fs+0x9d/0x2a7 [ 587.800580] vfs_kern_mount.part.0+0x5e/0x3d0 [ 587.800589] ? find_held_lock+0x35/0x130 [ 587.800603] vfs_kern_mount+0x40/0x60 [ 587.800616] btrfs_mount+0x3ce/0x2b14 [ 587.800627] ? lock_downgrade+0x6e0/0x6e0 [ 587.800663] ? find_held_lock+0x35/0x130 [ 587.800673] ? pcpu_alloc+0x3af/0x1060 [ 587.800690] ? btrfs_remount+0x11f0/0x11f0 [ 587.800706] ? rcu_read_lock_sched_held+0x110/0x130 [ 587.800729] ? __lockdep_init_map+0x10c/0x570 [ 587.800742] ? __lockdep_init_map+0x10c/0x570 [ 587.800756] mount_fs+0x9d/0x2a7 [ 587.869905] vfs_kern_mount.part.0+0x5e/0x3d0 [ 587.869922] do_mount+0x417/0x27d0 [ 587.869935] ? copy_mount_options+0x5c/0x2f0 [ 587.882589] ? rcu_read_lock_sched_held+0x110/0x130 [ 587.882606] ? copy_mount_string+0x40/0x40 [ 587.882622] ? copy_mount_options+0x1fe/0x2f0 [ 587.882643] SyS_mount+0xab/0x120 [ 587.882653] ? copy_mnt_ns+0x8c0/0x8c0 [ 587.882667] do_syscall_64+0x1eb/0x630 [ 587.882677] ? trace_hardirqs_off_thunk+0x1a/0x1c 18:54:31 executing program 1: sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x4008000, &(0x7f0000000000)={0x2, 0x4620, @multicast2}, 0x10) sendto$inet(r0, &(0x7f0000000080)='\x00', 0x1, 0x0, 0x0, 0x0) 18:54:31 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x5, 0x800) ioctl$TCSETS2(r2, 0x402c542b, &(0x7f0000000100)={0x6, 0x1, 0x5, 0xf2, 0x1000, "2c117026e9751dc3f0b4747a4f6076ef407f7a", 0x6, 0x20}) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:31 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, 0xffffffffffffffff) [ 587.882697] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 587.882709] RIP: 0033:0x45b80a [ 588.013489] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 588.021323] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 588.028603] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 588.035855] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 588.043120] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 588.050405] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:31 executing program 1: clone(0x200, 0x0, 0x0, 0x0, 0x0) mknod(&(0x7f0000000300)='./file0\x00', 0x1041, 0x0) execve(&(0x7f0000000340)='./file0\x00', 0x0, 0x0) symlink(&(0x7f0000000400)='./file1\x00', &(0x7f0000000440)='./file1\x00') r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) execve(&(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0) r1 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x108) dup2(r0, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x200800000000013, &(0x7f0000000280)=0x400100000001, 0x4) connect$inet6(r2, &(0x7f0000000100), 0x1c) r3 = dup2(r2, r2) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000440), 0x131f64) open$dir(&(0x7f0000000000)='./file0\x00', 0x841, 0x0) clone(0x3102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execve(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000380), 0x14) 18:54:31 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bd070") openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x40000, 0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0x100, 0x101080) 18:54:31 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x20000, 0x0) accept$packet(0xffffffffffffff9c, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000140)=0x14) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000180)={r2, 0x1, 0x6, @broadcast}, 0x10) r3 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:31 executing program 4 (fault-call:0 fault-nth:91): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:31 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x10001, 0x1, &(0x7f0000000400), 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) dup3(r0, r0, 0x80000) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:31 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") r1 = dup2(r0, r0) ioctl$TIOCGPTPEER(r1, 0x5441, 0x7ff) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r2, 0x0, 0x0) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f00000000c0)={0x0, 0x100000001, 0x1, 0x2, 0x0, 0x3ff}) tkill(r2, 0x20) wait4(0x0, 0x0, 0x0, 0x0) 18:54:32 executing program 0: openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000080)="0adc1f123c123f319bd070") openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) 18:54:32 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) poll(&(0x7f0000000000)=[{r0, 0x3b}], 0x322, 0x8) ioctl(r0, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 588.369055] FAULT_INJECTION: forcing a failure. [ 588.369055] name failslab, interval 1, probability 0, space 0, times 0 [ 588.398553] CPU: 1 PID: 29662 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 588.405937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.415294] Call Trace: [ 588.417905] dump_stack+0x138/0x19c [ 588.421547] should_fail.cold+0x10f/0x159 [ 588.425701] ? __lock_is_held+0xb6/0x140 [ 588.429764] ? mempool_free+0x1d0/0x1d0 [ 588.433743] should_failslab+0xdb/0x130 [ 588.437722] kmem_cache_alloc+0x47/0x780 [ 588.441796] ? mempool_free+0x1d0/0x1d0 [ 588.445766] mempool_alloc_slab+0x47/0x60 [ 588.449910] mempool_alloc+0x13a/0x300 [ 588.453799] ? __find_get_block+0x5c6/0xb10 [ 588.458127] ? remove_element.isra.0+0x1b0/0x1b0 [ 588.462890] ? mark_held_locks+0xb1/0x100 [ 588.467040] ? save_trace+0x290/0x290 [ 588.470843] ? trace_hardirqs_on_caller+0x400/0x590 [ 588.475881] bio_alloc_bioset+0x368/0x680 [ 588.480067] ? bvec_alloc+0x2e0/0x2e0 [ 588.483877] ? __getblk_gfp+0x5c/0x710 [ 588.487788] submit_bh_wbc+0xf6/0x720 [ 588.491593] __bread_gfp+0x106/0x290 [ 588.495312] btrfs_read_dev_one_super+0x9f/0x270 [ 588.500072] btrfs_read_dev_super+0x5d/0xb0 [ 588.504398] ? btrfs_read_dev_one_super+0x270/0x270 [ 588.509418] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 588.513918] __btrfs_open_devices+0x194/0xab0 18:54:32 executing program 1: r0 = socket(0x44000000002, 0x3, 0x200004000000068) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='bridge0\x00', 0x10) sendto$unix(r0, 0x0, 0x0, 0x0, &(0x7f0000000040)=@abs={0x0, 0x0, 0xd0000e0}, 0x6e) [ 588.518417] ? check_preemption_disabled+0x3c/0x250 [ 588.523540] ? find_device+0x100/0x100 [ 588.527436] ? btrfs_mount+0x1069/0x2b14 [ 588.531506] ? rcu_read_lock_sched_held+0x110/0x130 [ 588.536534] btrfs_open_devices+0xa4/0xb0 [ 588.540689] btrfs_mount+0x11b4/0x2b14 [ 588.543778] raw_sendmsg: syz-executor.1 forgot to set AF_INET. Fix it! [ 588.544582] ? lock_downgrade+0x6e0/0x6e0 [ 588.555382] ? find_held_lock+0x35/0x130 [ 588.559456] ? pcpu_alloc+0x3af/0x1060 [ 588.563343] ? btrfs_remount+0x11f0/0x11f0 18:54:32 executing program 1: socket$inet_sctp(0x2, 0x0, 0x84) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000200)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r1, &(0x7f0000000980)={0x8, "7c70ee3800d5ab5f2036f872e0ac57cbd592bca0d671633f50a3102066d6e765f5a64731e3fb8d90d250eda2cc33b60a7ff98074cdc3f1dd1a2df26a381d95974e0925d521c6b48c3dee0d430d398884316091aff6adb6153dc3c92549957d3488efc02d6f6fb172524b095c30c1bd35aae04236bdd42694d613eb54c0b65a338c48dc4c8bad70754fc81d9928e4a1b81f9c77075258a0805b4494867247966b24a023311fd91ef3754b98d3acde6f2ef0617f123c22fccb81c11389fdfa2e21c2365aabfc8916e02151d8643ae21cab7fcbec6142186d3bb57546c106484bc4c28a48da2b75dd82aabe99464558e60cd101f6b65856fabee614d271741a68dd550c8772f06a93cf8e5c0de549c3b75a72f8a590bd50b2af5f64009c969ed7596f0192b0f98b1afac0e8c5f4c653f611b4a71776400a9ae3f18e75f856788c97195749042510735880b9bb0ccb23210832a4f1c6f134d68f8e299837c426e0c9a45d5d2c959446cc363f370c67cd01a063c91254d692fe35abee92fabda4f66d93228c979ebe036c5c2e0028ec76562d67d0919ca28258fec0ed60603142b5c57c4cfb1ea1e892d0fd2f33970142b179c415d6bea344fbcc82d133052e848a885160737c69eb02ca9f544831c8e3ffcf40cb7b415d24795fc8aaeb8e76bec262aea5e28fe5d6495c4b5895a612b1cc2122286add66356f3ecd309f970634f1b09da1507964d35575167317f13c7fd9f11af27ceea86e9a5b3494a27ba98ba38dd1fb72ef2c6163664fd8f7c946935cd4833121f505ff277c03d959d9a12f3389e9eb6701a8b29f72c20c6abb7bd8349dd2e120bdd59dca9f1a2a877f1677b59d7920ddf29b9d94f7c6879b78e31cf1b65b60fe349ef9d4976f46609ee34e33f647aafbf64f6323d18598905f2e73af75661397595b8f9c1e9a4e993946820da5378ca5b363560e95edce316e99bac6e6250efcf1cb58fdcf94c7557c2d7f763a688543462d54b64e178c2e64c6ebba356894973051907fd8de8ba908e822168b171c1707efcd9ac827e64313721876e2ff26ac34e88557a4a0dfde08eda81cf0c1465a89b68429e48966044c767563e1121db48c9b619fd7362afd15ec6aa19b28759d7977be4fbcad0cf8dd5dc5362259bd5cb5089a9d18db969afe1192571f5fcc0c4d6be281d23b9c1f9f32873c058adfa1bf57a3718686957edfd6e4b58aa959541127696d59fb2810d042ced227961eb19a424e4cf45bc6243217bb7561b7ee11f8c0b8f39480343a26f2da5fe79d5e213c01ea47155ffa91e7d7ba0bc8ccb018bd69cfe71dd8565a645d678b404a295397e83ae69dbf8505f6947a836b44823a92861124330fccd4bc4a2e20d9047bd919d82c89623caa87eb09bd584d58f42b35ef55fddc06dfb3957f3f507e5ca9b8b98947cc5bb68846755527ddf32ffa444e1c7a5654d4d377e04a9f22e1069804fdcdb251acb6bd6b32d100feb44286991d779d2b3e2b7f5cc5f8eb3ae166a3b6fb9df11e1867989a6f9b2028e4c73b4d418b51f6e870713cadafddb47a48c9a97283da214f02db3326d42438d9a7db580693ad1887f99d86bb5fafd6d07c2647fc80c2c5a1ed9ea3b95be65ca422080ddefca5b49ccd538f6bc67390f892d9e416f7e835f76dd90edc56256348d20560caeea05c0922cab60dbf0b57ddaaed6ded5a336e01485fd571dc12050461271cee347c31ac245bfee9128630dfcc43b6d88b5ba9937a6f6ab70b7d256784ff72297cfcfd0ffacd09b55fb832bf60f04d87c48c74972b9f18fa178ce4880b025d1c1097ddb929e8f7e02f1c0e03012bec0fa61a49eb1c2a50a45fc0d98b6649de325184006938e421321e8b366649d9b6ebadf77509c9d48844e80f7752fd7daaa5c938b946feaaac0d871203270a747035c7e2f697c84e792a55cbce76c0a25360f7acbeaab60627aa9c37064af75b67f46732844eb2f6b37226004afe451a9fbfbbcf7e72ade67b017e9209b5627fbe16789abd90326751a1fd1d93efc59f2650f979ba71938d784064922bee2874c4b76d5f26e39ea0a98cf175950137feff9456c88c6a295830183fae3a9c2312c25f3d81708d73488d15a587e7e7cdde3b77917eef29c8b5965c916a65c3c5a53b7313c3115d0a8bb4e16f6b80ff6f78adb756aba94ced86047562a2cd2fb25e9a4656f6359c3f2fde8b5ab38852853cbd7221cb4d59b7f0e79bd37f9ade073f62b75edbe63c13c0d02bf076d88f5b750ea640aad47ce97d6a0783398dd3fbb63734ed969470cf45200235650532224fc28caf1e36ca6b402ec4c978add40fc59f2113485875682139f8aa9aeb48d09178de919370b0cd0ebcab5e60e1b0a2fc153db0dae8e50b48561622a677d0f1afc149676f832e016e14007fb298dcb96f11a92a1ac8bd4cc7b34d659d6cd2c9817b586585e72080255b083bc84512277ffb7f561c6a7a08cd128bfe9b525da531f0bf04f11d3de102b3538835807ac0b2f4325fc6765d02d692ec82f5b338c8257029136fcd3427c09874ecc7492becdd6608eac4adf1abc3f7e08868a72e57ce4dcfc288a25af73d19f1118a9254963c1548cdca5fc7c921a7f218f8e71edd7969dfb35beae1091d7530e32236397fa9fcd232b441ff1b0177829468c198d659d247ccca4fbd58c625501e4368075d0e5e69a6f90952f5bbe48e85a303131dedf7f1a513b291598a545784e1013521877c25d6069d3a855652a4bad5b2df2e4da2de756a20e790b756dd2925ce824561e5892b5e064c7c7b996acc4e29597e0cd00956e9c57ec374714f846be7632d3075e38bead499163498810886c78a2cc73fb64fd48e186083ce911e0751b4dc63476859c2824fa532a4b1711c244619e702eeab19380aeb7b17f67fade3dcad8ddddd893a526cd5d04d8ae982c88029ec71bdd0772fd74adbdb378fc204ca411a2d8a50331516a28552be78f9725f32d1b3a6c7bdf3277c5f7e385c7ebbacc419ec7ca3c5b8f46dbefee59b6422a6b22d60527edc012f852077d925619874f7709f283e01678fed36528003a696ee431a817f34f453c143dc56b70e1f810a5380a555cc8c4fc6522ab544ce5d715caa302ebdd0aa8286b7ef5dd6dd48a8ad9566818f7509daf02db0b98b432f57f1d107ee95a86228728cab4062e27922381e1e2ee351af5e2ea0fd6d1cea70b3b8f4a50f0776fc9aa2a7d2dff6e1ea3769864104f09137b99960b69af13895d842649eacaed8ddf183beba3323640af8deb52b902c0974d685d19fc87c93eb80ad5d28e54363705ad39231d989522e94f000256bc8d93af138a45d67dad3e21fa9fb31d9327c6e71f61956d9daf4f97333112704136d3d1bf6fe0e4c002e10b684d2344300ec70fae0b50532ebace58f0e8318354a172cceacf27d01ff41cc8fef42443f62b0e15b5fcc0728630b96fb2c2b59634f4993bb1ce2eace6fb0f53e5f84bc5f58b1b66d59e3c75a98670496f105a703607211aa9e882e72f13e9fe07f0767ad4e5ac5c732b65301d8ceab36b5ff2f71958fb1b51d2e703ac506e68d4026160fd3f60440b8b8f554f1feeba5d53f71cbe60d143620f8fa779acb94c965b729207a5ab11f4a51b694c31606171da44a28d80cde296dff5724ff718d6377eb8534e616cff39af943ee4ce87b4fadded30c702d370a71072ab3e20f19b8c1b73fdbbb9c675352bb73ee85e22597fc0c439a33f5febe1629bd084af7193f8d1a1415b02ca54706711505cbae11ec6411b012cc3a3eddcfb002901b6e7565b9fbf4d605c147031888ceb590c14697d00970ce9095c6f7fee41ec6a15d7ef52dfedfff2a0d3dbb387b61232aee6ca202787038021e6aabda18e2adf6fd89aa491e65f9813d73412fbfff089752d713d7efa690ec4fc254b56908d3057f65997acf81aea589e272f8fa852849e488f1e0c0cb6cdb5f46ca92e36d39224e704850056d2e9b91909aed0f55d054e274415ecc39b8958335a14cfb0a42d7f26ef8e82592dfd03b3550b5193fba077994c682951968869574fd94976760d9bd9b334353eeda836cc8dab244e72095cc46833f02bb2f6df35601b3085664261abb67fc9ab9f27210e6827cd15ce16c55f0f7f5b8ab401f24032b19a53a9299b62ebf4a8cf7f4753d95126f008a8ce349036666de66bcaf40b27fa875efa98873e1ef9302e2a24bfe07bd1054bdf9ba9ad1b1075402f26d682833b947c762513ba5f07537bb712473184a60e04ace5adb8d982d6153b011ae0b2034adc0ff4a64e2c6561c2e0840cdab2120bc916cde9b7a92c4d332d0f83945fe55e3c8f4d93f22e7759c20241d92cca0ae5a3d06a127e5614df708cea1ad3b2f231c81460ff4c3f349c67a87135a4b67589ffce311832923f71796276e81f0537e265404c0ee06d5ed98a5ec5f8ad62db589eb585fc4627173b51fd4e897a3e8d2acbb82ec2996ac3a6823368a1e12a0536a9d1a7b2d31d80c46c292ff51395481d4f65c53fab867e27bec9156ee189d245d94877a1405dc9e1e996822ad47071a9ab36c9bfd02c41ea5ba21591793053b1b64758bae0addfcd69d169849bc1ee6ce5c08f0d3da5ecc1b6ab31e13af2fa5ce4d921163270901264a88ac6350e8fb6371663dd04146932238597258b123a8036250c190fbb3cfc6ebbf9e06c4a9053e8332c95c91a890a3d35ddd35f47e7ab606f3e345e12560e6d52243883da7b8910834042ad12e7fb3f08a0b14ef6aee22251999e6079be2ef5666d7d5ae00d161720262761da3f378c63cb151f4e94d034e9de949dfe796b905804ca555691023c30ea7cf0cb276e1e3ba65793291f8287d1064606bf5787421b9b9bfc05e9c5eac750de92519fe9e2592cd34a2ef6ec18efed5e7c13bfcfce47327cbecac358bbe6d44164849308cf91cd5ea87fa4b02ba4939e28141c7dad42714b019470d91808a8f46150677b6c90f267ecb39ef42afc95de0cbd016775c89d8213ec9d4e061e6493f237296f91abfc64176c0e885ef54af4136a724fadfe89a25d7599998acebc4a27f8fb5b26936bda5c3d5fec3373dcd9a0e99fc939641c50669adc54119582e8835575d1c57fa955cd29d870360620f91c3ff90d264013816352317ae226f7d7bad5db711f8973382f6cebd63cd519ddd08e1772649be75f64f4acc15f828dc0b305584b6dd2213194603c44e2964358d305aa97fb08568a0a955ad7a6f8d042754b4bbf2fb3414052719fd9841bef8360d1d3195c69414be882115c2c64fecdcbdaed3a2e943fdfef9a13520e41d32a787bcfe4f61e2b378d35aa70784a772cf8ebcaaeb105e4627516db2ababfcb8c11f224c3a48c86160d34d0ee59f02c31648ae4b0309b378f0bf63266967dcfb4f1cc1902f613c6d0d48915a9cf28a52b106544cde1b38ff2e2a1275fd0d3899ce7f7c6653c9017f7ac4aaa35bcb2811a8f9dbb56746b45475350e7c13d42abb5692377da7a4045ee644ce00f8699e3251d75621c82cd659ea3add277affe3ff792f7d24a3d0979ef82cfc0d409697ae2e8598854a8327f46974c901d309dc6dbe31913c59d821aa50c0fe95cc822e8f07bbb00e9a09bc9a570b9778d29308740bc336a41258d209c206f87a709aa43415da0096f7d177e509a7d625645fb098ccc45367d82235e952670ac5f82f8ced3f59fd9ee20ac75be609cc832417e807ddc40630cba4c91e0785edcb5f20b9e6dedb1ec172cd16fc034f410e9ce375ea855144aa3076317f649cf4efe4d7abf244984c4e", 0xfffffffffffffd14}, 0x10a9) truncate(&(0x7f0000000100)='./bus\x00', 0x304) sendfile(r1, r1, &(0x7f0000000240), 0x808100000000) [ 588.567594] ? rcu_read_lock_sched_held+0x110/0x130 [ 588.572621] ? __lockdep_init_map+0x10c/0x570 [ 588.577131] mount_fs+0x9d/0x2a7 [ 588.580507] vfs_kern_mount.part.0+0x5e/0x3d0 [ 588.585000] ? find_held_lock+0x35/0x130 [ 588.589069] vfs_kern_mount+0x40/0x60 [ 588.592888] btrfs_mount+0x3ce/0x2b14 [ 588.596698] ? lock_downgrade+0x6e0/0x6e0 [ 588.600850] ? find_held_lock+0x35/0x130 [ 588.604922] ? pcpu_alloc+0x3af/0x1060 [ 588.608826] ? btrfs_remount+0x11f0/0x11f0 [ 588.613082] ? rcu_read_lock_sched_held+0x110/0x130 [ 588.618105] ? __lockdep_init_map+0x10c/0x570 [ 588.622583] ? __lockdep_init_map+0x10c/0x570 [ 588.627066] mount_fs+0x9d/0x2a7 [ 588.630430] vfs_kern_mount.part.0+0x5e/0x3d0 [ 588.634923] do_mount+0x417/0x27d0 [ 588.638445] ? copy_mount_options+0x5c/0x2f0 [ 588.642849] ? rcu_read_lock_sched_held+0x110/0x130 [ 588.647888] ? copy_mount_string+0x40/0x40 [ 588.652141] ? copy_mount_options+0x1fe/0x2f0 [ 588.656693] SyS_mount+0xab/0x120 [ 588.660166] ? copy_mnt_ns+0x8c0/0x8c0 [ 588.664049] do_syscall_64+0x1eb/0x630 [ 588.667920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 588.672766] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 588.677945] RIP: 0033:0x45b80a [ 588.681123] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 588.688847] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 588.696114] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 588.703387] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 588.710655] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 18:54:32 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) [ 588.717916] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:32 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x400, 0x0) ioctl$SIOCAX25DELFWD(r0, 0x89eb, &(0x7f0000000200)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:32 executing program 0: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x4000, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x2000, 0x0) dup2(r0, r2) socket$inet_udplite(0x2, 0x2, 0x88) 18:54:32 executing program 4 (fault-call:0 fault-nth:92): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:32 executing program 0: r0 = eventfd2(0x0, 0x0) fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]}) setsockopt$inet_buf(r0, 0x0, 0x0, 0x0, 0x0) 18:54:32 executing program 5: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x20803, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14) bind(r0, &(0x7f0000000140)=@ll={0x11, 0x9, r1, 0x1, 0xffff, 0x6, @random="d1a3fbeaebfc"}, 0x80) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 588.966142] FAULT_INJECTION: forcing a failure. [ 588.966142] name failslab, interval 1, probability 0, space 0, times 0 [ 588.977369] CPU: 0 PID: 29710 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 588.984383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.993740] Call Trace: [ 588.996345] dump_stack+0x138/0x19c [ 588.999996] should_fail.cold+0x10f/0x159 [ 589.004165] should_failslab+0xdb/0x130 [ 589.008155] kmem_cache_alloc+0x47/0x780 18:54:32 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2000, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r0, &(0x7f0000000040)={0xc, 0x8, 0xfa00, {&(0x7f0000000140)}}, 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) [ 589.012233] radix_tree_node_alloc.constprop.0+0x1c7/0x310 [ 589.018253] __radix_tree_create+0x337/0x4d0 [ 589.018278] page_cache_tree_insert+0xa7/0x2d0 [ 589.027265] ? file_check_and_advance_wb_err+0x380/0x380 [ 589.032717] ? debug_smp_processor_id+0x1c/0x20 [ 589.037398] __add_to_page_cache_locked+0x2a7/0x7e0 [ 589.042418] ? find_lock_entry+0x3f0/0x3f0 [ 589.046659] ? lock_downgrade+0x6e0/0x6e0 [ 589.050804] add_to_page_cache_lru+0xf4/0x310 [ 589.055290] ? add_to_page_cache_locked+0x40/0x40 [ 589.060125] ? __page_cache_alloc+0xdd/0x3e0 [ 589.060146] pagecache_get_page+0x1f5/0x750 [ 589.060164] __getblk_gfp+0x24b/0x710 [ 589.060177] ? lru_add_drain_all+0x18/0x20 [ 589.060194] __bread_gfp+0x2e/0x290 [ 589.080536] btrfs_read_dev_one_super+0x9f/0x270 [ 589.085286] btrfs_read_dev_super+0x5d/0xb0 [ 589.089597] ? btrfs_read_dev_one_super+0x270/0x270 [ 589.094630] btrfs_get_bdev_and_sb+0xdc/0x2e0 [ 589.099123] __btrfs_open_devices+0x194/0xab0 [ 589.103617] ? check_preemption_disabled+0x3c/0x250 [ 589.108629] ? find_device+0x100/0x100 [ 589.112510] ? btrfs_mount+0x1069/0x2b14 [ 589.116564] ? rcu_read_lock_sched_held+0x110/0x130 [ 589.121593] btrfs_open_devices+0xa4/0xb0 [ 589.125733] btrfs_mount+0x11b4/0x2b14 [ 589.129611] ? lock_downgrade+0x6e0/0x6e0 [ 589.133749] ? find_held_lock+0x35/0x130 [ 589.137816] ? pcpu_alloc+0x3af/0x1060 [ 589.141704] ? btrfs_remount+0x11f0/0x11f0 [ 589.145933] ? rcu_read_lock_sched_held+0x110/0x130 [ 589.150948] ? __lockdep_init_map+0x10c/0x570 [ 589.155440] mount_fs+0x9d/0x2a7 [ 589.158806] vfs_kern_mount.part.0+0x5e/0x3d0 [ 589.163291] ? find_held_lock+0x35/0x130 [ 589.167345] vfs_kern_mount+0x40/0x60 [ 589.171146] btrfs_mount+0x3ce/0x2b14 [ 589.174940] ? lock_downgrade+0x6e0/0x6e0 [ 589.179075] ? find_held_lock+0x35/0x130 [ 589.183127] ? pcpu_alloc+0x3af/0x1060 [ 589.187016] ? btrfs_remount+0x11f0/0x11f0 [ 589.191245] ? rcu_read_lock_sched_held+0x110/0x130 [ 589.196262] ? __lockdep_init_map+0x10c/0x570 [ 589.200750] ? __lockdep_init_map+0x10c/0x570 [ 589.205242] mount_fs+0x9d/0x2a7 [ 589.208610] vfs_kern_mount.part.0+0x5e/0x3d0 [ 589.213124] do_mount+0x417/0x27d0 [ 589.216660] ? copy_mount_options+0x5c/0x2f0 [ 589.221059] ? rcu_read_lock_sched_held+0x110/0x130 [ 589.226077] ? copy_mount_string+0x40/0x40 [ 589.230307] ? copy_mount_options+0x1fe/0x2f0 [ 589.234798] SyS_mount+0xab/0x120 [ 589.238238] ? copy_mnt_ns+0x8c0/0x8c0 [ 589.242122] do_syscall_64+0x1eb/0x630 [ 589.246002] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.250843] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 589.256029] RIP: 0033:0x45b80a [ 589.259207] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 589.266904] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 589.274162] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 589.281424] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 589.288714] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 589.295976] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 18:54:34 executing program 0: r0 = memfd_create(&(0x7f0000000040)='\x00\x00\xebQ\xee]S\x1e&\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c46000000d2000000000000000003003e0000011000000100000000000040000000010000000000000020000000000401000000380002"], 0x39) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 18:54:34 executing program 3: syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) r0 = syz_open_pts(0xffffffffffffffff, 0x400402) ioctl$TIOCVHANGUP(r0, 0x5437, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(0xffffffffffffffff, 0x84, 0x2, 0x0, &(0x7f00000001c0)) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$TUNGETSNDBUF(r1, 0x800454d3, &(0x7f0000000040)) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0) 18:54:34 executing program 1: socket$inet_sctp(0x2, 0x0, 0x84) syz_mount_image$msdos(&(0x7f0000000180)='msdos\x00', &(0x7f0000000200)='./file0\x00', 0xe800, 0x1, &(0x7f00000001c0)=[{&(0x7f0000000000)="eb3c906d6b66732e66617400020401000200027400f8", 0x16}], 0x0, 0x0) r0 = open(&(0x7f0000000800)='./file0\x00', 0x0, 0x0) fchdir(r0) r1 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x0) write$UHID_INPUT(r1, &(0x7f0000000980)={0x8, "7c70ee3800d5ab5f2036f872e0ac57cbd592bca0d671633f50a3102066d6e765f5a64731e3fb8d90d250eda2cc33b60a7ff98074cdc3f1dd1a2df26a381d95974e0925d521c6b48c3dee0d430d398884316091aff6adb6153dc3c92549957d3488efc02d6f6fb172524b095c30c1bd35aae04236bdd42694d613eb54c0b65a338c48dc4c8bad70754fc81d9928e4a1b81f9c77075258a0805b4494867247966b24a023311fd91ef3754b98d3acde6f2ef0617f123c22fccb81c11389fdfa2e21c2365aabfc8916e02151d8643ae21cab7fcbec6142186d3bb57546c106484bc4c28a48da2b75dd82aabe99464558e60cd101f6b65856fabee614d271741a68dd550c8772f06a93cf8e5c0de549c3b75a72f8a590bd50b2af5f64009c969ed7596f0192b0f98b1afac0e8c5f4c653f611b4a71776400a9ae3f18e75f856788c97195749042510735880b9bb0ccb23210832a4f1c6f134d68f8e299837c426e0c9a45d5d2c959446cc363f370c67cd01a063c91254d692fe35abee92fabda4f66d93228c979ebe036c5c2e0028ec76562d67d0919ca28258fec0ed60603142b5c57c4cfb1ea1e892d0fd2f33970142b179c415d6bea344fbcc82d133052e848a885160737c69eb02ca9f544831c8e3ffcf40cb7b415d24795fc8aaeb8e76bec262aea5e28fe5d6495c4b5895a612b1cc2122286add66356f3ecd309f970634f1b09da1507964d35575167317f13c7fd9f11af27ceea86e9a5b3494a27ba98ba38dd1fb72ef2c6163664fd8f7c946935cd4833121f505ff277c03d959d9a12f3389e9eb6701a8b29f72c20c6abb7bd8349dd2e120bdd59dca9f1a2a877f1677b59d7920ddf29b9d94f7c6879b78e31cf1b65b60fe349ef9d4976f46609ee34e33f647aafbf64f6323d18598905f2e73af75661397595b8f9c1e9a4e993946820da5378ca5b363560e95edce316e99bac6e6250efcf1cb58fdcf94c7557c2d7f763a688543462d54b64e178c2e64c6ebba356894973051907fd8de8ba908e822168b171c1707efcd9ac827e64313721876e2ff26ac34e88557a4a0dfde08eda81cf0c1465a89b68429e48966044c767563e1121db48c9b619fd7362afd15ec6aa19b28759d7977be4fbcad0cf8dd5dc5362259bd5cb5089a9d18db969afe1192571f5fcc0c4d6be281d23b9c1f9f32873c058adfa1bf57a3718686957edfd6e4b58aa959541127696d59fb2810d042ced227961eb19a424e4cf45bc6243217bb7561b7ee11f8c0b8f39480343a26f2da5fe79d5e213c01ea47155ffa91e7d7ba0bc8ccb018bd69cfe71dd8565a645d678b404a295397e83ae69dbf8505f6947a836b44823a92861124330fccd4bc4a2e20d9047bd919d82c89623caa87eb09bd584d58f42b35ef55fddc06dfb3957f3f507e5ca9b8b98947cc5bb68846755527ddf32ffa444e1c7a5654d4d377e04a9f22e1069804fdcdb251acb6bd6b32d100feb44286991d779d2b3e2b7f5cc5f8eb3ae166a3b6fb9df11e1867989a6f9b2028e4c73b4d418b51f6e870713cadafddb47a48c9a97283da214f02db3326d42438d9a7db580693ad1887f99d86bb5fafd6d07c2647fc80c2c5a1ed9ea3b95be65ca422080ddefca5b49ccd538f6bc67390f892d9e416f7e835f76dd90edc56256348d20560caeea05c0922cab60dbf0b57ddaaed6ded5a336e01485fd571dc12050461271cee347c31ac245bfee9128630dfcc43b6d88b5ba9937a6f6ab70b7d256784ff72297cfcfd0ffacd09b55fb832bf60f04d87c48c74972b9f18fa178ce4880b025d1c1097ddb929e8f7e02f1c0e03012bec0fa61a49eb1c2a50a45fc0d98b6649de325184006938e421321e8b366649d9b6ebadf77509c9d48844e80f7752fd7daaa5c938b946feaaac0d871203270a747035c7e2f697c84e792a55cbce76c0a25360f7acbeaab60627aa9c37064af75b67f46732844eb2f6b37226004afe451a9fbfbbcf7e72ade67b017e9209b5627fbe16789abd90326751a1fd1d93efc59f2650f979ba71938d784064922bee2874c4b76d5f26e39ea0a98cf175950137feff9456c88c6a295830183fae3a9c2312c25f3d81708d73488d15a587e7e7cdde3b77917eef29c8b5965c916a65c3c5a53b7313c3115d0a8bb4e16f6b80ff6f78adb756aba94ced86047562a2cd2fb25e9a4656f6359c3f2fde8b5ab38852853cbd7221cb4d59b7f0e79bd37f9ade073f62b75edbe63c13c0d02bf076d88f5b750ea640aad47ce97d6a0783398dd3fbb63734ed969470cf45200235650532224fc28caf1e36ca6b402ec4c978add40fc59f2113485875682139f8aa9aeb48d09178de919370b0cd0ebcab5e60e1b0a2fc153db0dae8e50b48561622a677d0f1afc149676f832e016e14007fb298dcb96f11a92a1ac8bd4cc7b34d659d6cd2c9817b586585e72080255b083bc84512277ffb7f561c6a7a08cd128bfe9b525da531f0bf04f11d3de102b3538835807ac0b2f4325fc6765d02d692ec82f5b338c8257029136fcd3427c09874ecc7492becdd6608eac4adf1abc3f7e08868a72e57ce4dcfc288a25af73d19f1118a9254963c1548cdca5fc7c921a7f218f8e71edd7969dfb35beae1091d7530e32236397fa9fcd232b441ff1b0177829468c198d659d247ccca4fbd58c625501e4368075d0e5e69a6f90952f5bbe48e85a303131dedf7f1a513b291598a545784e1013521877c25d6069d3a855652a4bad5b2df2e4da2de756a20e790b756dd2925ce824561e5892b5e064c7c7b996acc4e29597e0cd00956e9c57ec374714f846be7632d3075e38bead499163498810886c78a2cc73fb64fd48e186083ce911e0751b4dc63476859c2824fa532a4b1711c244619e702eeab19380aeb7b17f67fade3dcad8ddddd893a526cd5d04d8ae982c88029ec71bdd0772fd74adbdb378fc204ca411a2d8a50331516a28552be78f9725f32d1b3a6c7bdf3277c5f7e385c7ebbacc419ec7ca3c5b8f46dbefee59b6422a6b22d60527edc012f852077d925619874f7709f283e01678fed36528003a696ee431a817f34f453c143dc56b70e1f810a5380a555cc8c4fc6522ab544ce5d715caa302ebdd0aa8286b7ef5dd6dd48a8ad9566818f7509daf02db0b98b432f57f1d107ee95a86228728cab4062e27922381e1e2ee351af5e2ea0fd6d1cea70b3b8f4a50f0776fc9aa2a7d2dff6e1ea3769864104f09137b99960b69af13895d842649eacaed8ddf183beba3323640af8deb52b902c0974d685d19fc87c93eb80ad5d28e54363705ad39231d989522e94f000256bc8d93af138a45d67dad3e21fa9fb31d9327c6e71f61956d9daf4f97333112704136d3d1bf6fe0e4c002e10b684d2344300ec70fae0b50532ebace58f0e8318354a172cceacf27d01ff41cc8fef42443f62b0e15b5fcc0728630b96fb2c2b59634f4993bb1ce2eace6fb0f53e5f84bc5f58b1b66d59e3c75a98670496f105a703607211aa9e882e72f13e9fe07f0767ad4e5ac5c732b65301d8ceab36b5ff2f71958fb1b51d2e703ac506e68d4026160fd3f60440b8b8f554f1feeba5d53f71cbe60d143620f8fa779acb94c965b729207a5ab11f4a51b694c31606171da44a28d80cde296dff5724ff718d6377eb8534e616cff39af943ee4ce87b4fadded30c702d370a71072ab3e20f19b8c1b73fdbbb9c675352bb73ee85e22597fc0c439a33f5febe1629bd084af7193f8d1a1415b02ca54706711505cbae11ec6411b012cc3a3eddcfb002901b6e7565b9fbf4d605c147031888ceb590c14697d00970ce9095c6f7fee41ec6a15d7ef52dfedfff2a0d3dbb387b61232aee6ca202787038021e6aabda18e2adf6fd89aa491e65f9813d73412fbfff089752d713d7efa690ec4fc254b56908d3057f65997acf81aea589e272f8fa852849e488f1e0c0cb6cdb5f46ca92e36d39224e704850056d2e9b91909aed0f55d054e274415ecc39b8958335a14cfb0a42d7f26ef8e82592dfd03b3550b5193fba077994c682951968869574fd94976760d9bd9b334353eeda836cc8dab244e72095cc46833f02bb2f6df35601b3085664261abb67fc9ab9f27210e6827cd15ce16c55f0f7f5b8ab401f24032b19a53a9299b62ebf4a8cf7f4753d95126f008a8ce349036666de66bcaf40b27fa875efa98873e1ef9302e2a24bfe07bd1054bdf9ba9ad1b1075402f26d682833b947c762513ba5f07537bb712473184a60e04ace5adb8d982d6153b011ae0b2034adc0ff4a64e2c6561c2e0840cdab2120bc916cde9b7a92c4d332d0f83945fe55e3c8f4d93f22e7759c20241d92cca0ae5a3d06a127e5614df708cea1ad3b2f231c81460ff4c3f349c67a87135a4b67589ffce311832923f71796276e81f0537e265404c0ee06d5ed98a5ec5f8ad62db589eb585fc4627173b51fd4e897a3e8d2acbb82ec2996ac3a6823368a1e12a0536a9d1a7b2d31d80c46c292ff51395481d4f65c53fab867e27bec9156ee189d245d94877a1405dc9e1e996822ad47071a9ab36c9bfd02c41ea5ba21591793053b1b64758bae0addfcd69d169849bc1ee6ce5c08f0d3da5ecc1b6ab31e13af2fa5ce4d921163270901264a88ac6350e8fb6371663dd04146932238597258b123a8036250c190fbb3cfc6ebbf9e06c4a9053e8332c95c91a890a3d35ddd35f47e7ab606f3e345e12560e6d52243883da7b8910834042ad12e7fb3f08a0b14ef6aee22251999e6079be2ef5666d7d5ae00d161720262761da3f378c63cb151f4e94d034e9de949dfe796b905804ca555691023c30ea7cf0cb276e1e3ba65793291f8287d1064606bf5787421b9b9bfc05e9c5eac750de92519fe9e2592cd34a2ef6ec18efed5e7c13bfcfce47327cbecac358bbe6d44164849308cf91cd5ea87fa4b02ba4939e28141c7dad42714b019470d91808a8f46150677b6c90f267ecb39ef42afc95de0cbd016775c89d8213ec9d4e061e6493f237296f91abfc64176c0e885ef54af4136a724fadfe89a25d7599998acebc4a27f8fb5b26936bda5c3d5fec3373dcd9a0e99fc939641c50669adc54119582e8835575d1c57fa955cd29d870360620f91c3ff90d264013816352317ae226f7d7bad5db711f8973382f6cebd63cd519ddd08e1772649be75f64f4acc15f828dc0b305584b6dd2213194603c44e2964358d305aa97fb08568a0a955ad7a6f8d042754b4bbf2fb3414052719fd9841bef8360d1d3195c69414be882115c2c64fecdcbdaed3a2e943fdfef9a13520e41d32a787bcfe4f61e2b378d35aa70784a772cf8ebcaaeb105e4627516db2ababfcb8c11f224c3a48c86160d34d0ee59f02c31648ae4b0309b378f0bf63266967dcfb4f1cc1902f613c6d0d48915a9cf28a52b106544cde1b38ff2e2a1275fd0d3899ce7f7c6653c9017f7ac4aaa35bcb2811a8f9dbb56746b45475350e7c13d42abb5692377da7a4045ee644ce00f8699e3251d75621c82cd659ea3add277affe3ff792f7d24a3d0979ef82cfc0d409697ae2e8598854a8327f46974c901d309dc6dbe31913c59d821aa50c0fe95cc822e8f07bbb00e9a09bc9a570b9778d29308740bc336a41258d209c206f87a709aa43415da0096f7d177e509a7d625645fb098ccc45367d82235e952670ac5f82f8ced3f59fd9ee20ac75be609cc832417e807ddc40630cba4c91e0785edcb5f20b9e6dedb1ec172cd16fc034f410e9ce375ea855144aa3076317f649cf4efe4d7abf244984c4e", 0xfffffffffffffd14}, 0x10a9) truncate(&(0x7f0000000100)='./bus\x00', 0x304) sendfile(r1, r1, &(0x7f0000000240), 0x808100000000) 18:54:34 executing program 4 (fault-call:0 fault-nth:93): syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) 18:54:34 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0xb, 0x0) 18:54:34 executing program 5: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000140)={{0xa, 0x4e21, 0x6, @dev={0xfe, 0x80, [], 0xa}, 0x7}, {0xa, 0x4e20, 0x1ff, @ipv4={[], [], @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x7f, [0xfffffffffffffe01, 0x1f, 0x101, 0x10000000000, 0x4, 0x7d, 0x8]}, 0x5c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x54000, 0x0) ioctl(r1, 0x1000008912, &(0x7f0000000100)="0adc1f123c123f319bd070") syz_mount_image$btrfs(&(0x7f0000000080)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000400)=[{&(0x7f00000008c0)="8da4363ac0ed0000000000000000004d01000000000000000000000000000000ecf6f2a2299748aeb81e1b00920efd9a000001000000000001000000000000005f42485266535f4d", 0x48, 0x10000}], 0x0, 0x0) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000540)={@loopback, @loopback, 0x0}, &(0x7f0000000580)=0xc) connect$can_bcm(r2, &(0x7f00000005c0)={0x1d, r3}, 0x10) bind$nfc_llcp(r0, &(0x7f0000000440)={0x27, 0x0, 0x0, 0x7, 0x91b8, 0x10000, "448ee6c7f6c1ac4d8803351e4be997e9db1f7d02672e9ddc676abefde768b5bc81e7ddec0dca9d8f123a60928014227c10faa2aeb8aa22ac9a473f1da7bb95", 0x34}, 0x60) syz_open_dev$loop(&(0x7f0000000600)='/dev/loop#\x00', 0x200, 0x783240) syz_mount_image$btrfs(&(0x7f0000000280)='btrfs\x00', &(0x7f00000002c0)='./file0\x00', 0x400, 0x1, &(0x7f0000000340)=[{&(0x7f0000000300), 0x0, 0xd6f7}], 0x8, &(0x7f0000000380)={[{@check_int='check_int'}, {@nodatasum='nodatasum'}, {@subvol={'subvol'}}, {@noinode_cache='noinode_cache'}, {@space_cache_v2='space_cache=v2'}, {@noinode_cache='noinode_cache'}], [{@appraise_type='appraise_type=imasig'}, {@audit='audit'}]}) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000001c0)={0x0, 0x7fff, 0x3, 0x4, 0x1, 0x0, 0x8000, 0x800, {0x0, @in6={{0xa, 0x4e20, 0x7f, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x7fff}}, 0x100, 0xffffffffffffff81, 0x5, 0x0, 0x9}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000004c0)=ANY=[@ANYRES32=r4, @ANYBLOB="00002a00cbee1852b585580f2560872c82415d4a73c0b36c686cc55987e7dd5156975d8ca47a6eaf85b13cbc694917dd58f02bd599a54d6741c503017ee4"], 0x32) setsockopt$inet_tcp_int(r2, 0x6, 0x6, &(0x7f0000000300)=0x1, 0x4) 18:54:34 executing program 0: r0 = memfd_create(&(0x7f0000000040)='\x00\x00\xebQ\xee]S\x1e&\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c46000000d2000000000000000003003e0000011000000100000000000040000000010000000000000020000000000401000000380002"], 0x39) clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) 18:54:35 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="87ee533b465fd46e9bd070") mkdir(&(0x7f000082f000)='./control\x00', 0x0) r3 = open(&(0x7f000080dff6)='./control\x00', 0x0, 0x0) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000bc8000)={0xaa, 0x70}) r5 = open(&(0x7f000080dff6)='./control\x00', 0x0, 0x0) r6 = userfaultfd(0x0) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000bc8000)={0xaa, 0x70}) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00001df000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) dup2(r5, r6) dup2(r3, r4) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) [ 591.297352] FAULT_INJECTION: forcing a failure. [ 591.297352] name failslab, interval 1, probability 0, space 0, times 0 [ 591.334027] CPU: 0 PID: 29755 Comm: syz-executor.4 Not tainted 4.14.113 #3 18:54:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x4, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x8000004}) [ 591.341075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 591.350432] Call Trace: [ 591.353032] dump_stack+0x138/0x19c [ 591.356674] should_fail.cold+0x10f/0x159 [ 591.360834] should_failslab+0xdb/0x130 [ 591.364825] __kmalloc+0x2f3/0x7a0 [ 591.368380] ? __lock_is_held+0xb6/0x140 [ 591.372451] ? check_preemption_disabled+0x3c/0x250 [ 591.377475] ? bio_alloc_bioset+0x3ae/0x680 [ 591.381805] bio_alloc_bioset+0x3ae/0x680 [ 591.385962] ? btrfs_alloc_device+0xa4/0x6a0 [ 591.390376] ? rcu_read_lock_sched_held+0x110/0x130 18:54:35 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$video(&(0x7f00000000c0)='/dev/video#\x00', 0x4, 0x0) ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0x8000004}) [ 591.395398] ? bvec_alloc+0x2e0/0x2e0 [ 591.399211] btrfs_alloc_device+0xc3/0x6a0 [ 591.403449] ? btrfs_find_device_by_devspec+0xf0/0xf0 [ 591.408649] __btrfs_close_devices+0x2c6/0xa90 [ 591.413240] ? __mutex_unlock_slowpath+0x71/0x800 [ 591.418089] ? btrfs_alloc_device+0x6a0/0x6a0 [ 591.422596] btrfs_close_devices+0x29/0x140 [ 591.426928] btrfs_mount+0x1fc5/0x2b14 [ 591.430823] ? lock_downgrade+0x6e0/0x6e0 [ 591.434977] ? find_held_lock+0x35/0x130 [ 591.439043] ? pcpu_alloc+0x3af/0x1060 [ 591.442950] ? btrfs_remount+0x11f0/0x11f0 18:54:35 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="0adc1f123c123f319bd070") clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz'}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd) r2 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0xfffffffffffffffe, 0x1) r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00') sendmsg$TIPC_CMD_GET_NETID(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1210000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x1, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40002}, 0x20000000) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x20) wait4(0x0, 0x0, 0x0, 0x0) setsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f0000000240)=0x1, 0x4) 18:54:35 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000540)={0x4c, 0x0, &(0x7f0000000300)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x8, &(0x7f00000000c0)=[@ptr={0x77622a85, 0x0, 0x0, 0x8}], &(0x7f0000000200)=[0x0]}}}], 0x0, 0x0, 0x0}) [ 591.447194] ? rcu_read_lock_sched_held+0x110/0x130 [ 591.452225] ? __lockdep_init_map+0x10c/0x570 [ 591.456732] mount_fs+0x9d/0x2a7 [ 591.460105] vfs_kern_mount.part.0+0x5e/0x3d0 [ 591.464609] ? find_held_lock+0x35/0x130 [ 591.468677] vfs_kern_mount+0x40/0x60 [ 591.472481] btrfs_mount+0x3ce/0x2b14 [ 591.476276] ? lock_downgrade+0x6e0/0x6e0 [ 591.480421] ? find_held_lock+0x35/0x130 [ 591.484487] ? pcpu_alloc+0x3af/0x1060 [ 591.488384] ? btrfs_remount+0x11f0/0x11f0 [ 591.492625] ? rcu_read_lock_sched_held+0x110/0x130 [ 591.497652] ? __lockdep_init_map+0x10c/0x570 [ 591.502158] ? __lockdep_init_map+0x10c/0x570 [ 591.506665] mount_fs+0x9d/0x2a7 [ 591.510044] vfs_kern_mount.part.0+0x5e/0x3d0 [ 591.510880] binder: 29790:29793 transaction failed 29189/-22, size 40-8 line 2802 [ 591.514545] do_mount+0x417/0x27d0 [ 591.514562] ? copy_mount_options+0x5c/0x2f0 [ 591.514579] ? rcu_read_lock_sched_held+0x110/0x130 [ 591.524520] binder: undelivered TRANSACTION_ERROR: 29189 [ 591.525726] ? copy_mount_string+0x40/0x40 18:54:35 executing program 0: [ 591.525743] ? copy_mount_options+0x1fe/0x2f0 [ 591.525757] SyS_mount+0xab/0x120 [ 591.530751] binder: 29790:29795 transaction failed 29189/-22, size 40-8 line 2802 [ 591.535157] ? copy_mnt_ns+0x8c0/0x8c0 [ 591.535173] do_syscall_64+0x1eb/0x630 [ 591.535182] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 591.535200] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 591.541218] binder: undelivered TRANSACTION_ERROR: 29189 [ 591.544849] RIP: 0033:0x45b80a [ 591.544856] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 591.544877] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 591.544884] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 591.544893] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 591.616244] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 591.623495] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 [ 591.633210] ------------[ cut here ]------------ [ 591.637978] kernel BUG at fs/btrfs/volumes.c:890! [ 591.651791] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 591.657168] Modules linked in: [ 591.660352] CPU: 1 PID: 29755 Comm: syz-executor.4 Not tainted 4.14.113 #3 [ 591.667341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 591.676679] task: ffff88805b966600 task.stack: ffff888069408000 [ 591.682772] RIP: 0010:__btrfs_close_devices+0x7d8/0xa90 [ 591.688126] RSP: 0018:ffff88806940f700 EFLAGS: 00010246 [ 591.693473] RAX: 0000000000040000 RBX: ffff8880a8c05200 RCX: ffffc90012ca4000 [ 591.700728] RDX: 0000000000040000 RSI: ffffffff8265abd8 RDI: 0000000000000286 [ 591.707991] RBP: ffff88806940f7c8 R08: ffff88805b966600 R09: ffff88805b966ec8 [ 591.715242] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88807cda5840 [ 591.722511] R13: ffff8880a8c052c8 R14: fffffffffffffff4 R15: dffffc0000000000 [ 591.729763] FS: 00007f5f56a82700(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000 [ 591.737968] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 591.743833] CR2: 0000000000bded60 CR3: 0000000066e93000 CR4: 00000000001406e0 [ 591.751105] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 591.758356] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 591.765614] Call Trace: [ 591.768199] ? __mutex_unlock_slowpath+0x71/0x800 [ 591.773027] ? btrfs_alloc_device+0x6a0/0x6a0 [ 591.777516] btrfs_close_devices+0x29/0x140 [ 591.781821] btrfs_mount+0x1fc5/0x2b14 [ 591.785700] ? lock_downgrade+0x6e0/0x6e0 [ 591.789842] ? find_held_lock+0x35/0x130 [ 591.793899] ? pcpu_alloc+0x3af/0x1060 [ 591.797790] ? btrfs_remount+0x11f0/0x11f0 [ 591.802031] ? rcu_read_lock_sched_held+0x110/0x130 [ 591.807030] ? __lockdep_init_map+0x10c/0x570 [ 591.811511] mount_fs+0x9d/0x2a7 [ 591.814863] vfs_kern_mount.part.0+0x5e/0x3d0 [ 591.819365] ? find_held_lock+0x35/0x130 [ 591.823420] vfs_kern_mount+0x40/0x60 [ 591.827207] btrfs_mount+0x3ce/0x2b14 [ 591.830995] ? lock_downgrade+0x6e0/0x6e0 [ 591.835135] ? find_held_lock+0x35/0x130 [ 591.839176] ? pcpu_alloc+0x3af/0x1060 [ 591.843044] ? btrfs_remount+0x11f0/0x11f0 [ 591.847263] ? rcu_read_lock_sched_held+0x110/0x130 [ 591.852261] ? __lockdep_init_map+0x10c/0x570 [ 591.856736] ? __lockdep_init_map+0x10c/0x570 [ 591.861212] mount_fs+0x9d/0x2a7 [ 591.864564] vfs_kern_mount.part.0+0x5e/0x3d0 [ 591.869043] do_mount+0x417/0x27d0 [ 591.872577] ? copy_mount_options+0x5c/0x2f0 [ 591.877389] ? rcu_read_lock_sched_held+0x110/0x130 [ 591.882398] ? copy_mount_string+0x40/0x40 [ 591.886672] ? copy_mount_options+0x1fe/0x2f0 [ 591.891154] SyS_mount+0xab/0x120 [ 591.894588] ? copy_mnt_ns+0x8c0/0x8c0 [ 591.898464] do_syscall_64+0x1eb/0x630 [ 591.902349] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 591.907186] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 591.912354] RIP: 0033:0x45b80a [ 591.915520] RSP: 002b:00007f5f56a81a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 591.923208] RAX: ffffffffffffffda RBX: 00007f5f56a81b40 RCX: 000000000045b80a [ 591.930464] RDX: 00007f5f56a81ae0 RSI: 0000000020000100 RDI: 00007f5f56a81b00 [ 591.937721] RBP: 0000000000000001 R08: 00007f5f56a81b40 R09: 00007f5f56a81ae0 [ 591.944968] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004 [ 591.952221] R13: 00000000004c7833 R14: 00000000004dd848 R15: 0000000000000003 [ 591.959491] Code: c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e 59 02 00 00 48 8b 45 80 c7 80 10 01 00 00 00 00 00 00 e9 e2 f8 ff ff e8 28 3b f7 fe <0f> 0b e8 21 3b f7 fe 0f 0b 48 89 f7 e8 37 e0 20 ff e9 ad f8 ff [ 591.978671] RIP: __btrfs_close_devices+0x7d8/0xa90 RSP: ffff88806940f700 [ 591.989209] ---[ end trace 02e65c1ba6fd4aad ]--- [ 591.994023] Kernel panic - not syncing: Fatal exception [ 592.000095] Kernel Offset: disabled [ 592.003709] Rebooting in 86400 seconds..