d36c45cd27dd66da1db712d197f751392eb76454cbe4ae81d9f0b344a8c335b6e766cf06a4e23748beb7c9f1ab4f70ea34ed57b20213163897134fe011cca1378f895ac00f091fe7bc729a09531c2201a08675c5f7a995d3fd88ba00d4f4183e62ab64ec7371f588c033948ed86dd180593d4d5e7f82fc2ea8072fd6a463359d2858a394518aea9c5ebd254819fcff577ecb301f33428cc62cbca785dca391259e82bfe595f381a040857b40633acc165eebc709a3920913098809447cf5f666ae8f775989a0ef6e3b5219eedb370dfa0f600054848b37e0d6310f4536a83bfab283e5642115c51d378b37ca4e8d3a53c239e371c7c01d403d064086df56a6bb34e0158bc118d1144a24d2d63d246f9dffcb7390105dfa74ab57cc31d540f917bcd4d88bb9f02463e6cb72719402e6c61d2208db00d1ecea53917e2b4613cafefc940ab4b3bf8704721eaf6f621be7796d6012293eecc8fa84dd1ea6a1eefea69f6bd6b60141cf75bdae21d299a5f3678caef774013e6588e3311ee4e652be8ae5cf6c76a0381c06504823aa2dd7c31c669df3ffab19dc65101afd158fc3b0b4b789ffe296d77b11562c5c46c9ebbb0fefd7ec9fddb5456c307651b31c01417cbaff80fca0de8d6c308268b4eb7b72471e26e4ab4cbd45e2fa91158f966439f4c42ab5ef826d403a8a69122ffca07e600ff1b13d30d22ba720670747973a74276e93dd5710d08e85039c1999bfc3e95deffe1f4833cdd6b381338210f0d97f14d4385987a6dbdc4f490cce8cc13a0962d4d29dca0f64ebf07472949818b6710cf8c34a17c6c5b976bfa3a1c97de008103e10c3dea0bf0894220e015d1af620bad5b32d39f695b6d6b197aea69df3281d6df3c0a29aafc3a96670f2da95df6cdace5bb5ac6648872430bd32ca24673ce3684d717e89c660b32990384566df0f42a5c16df2f8baf188d7aa244031b1d5613b2d5ff79c3cbb78aa003d314ae21a1dab44b46011d34e05afc5052a20fd91aaba085df08fad0d356350690d182108aa9fc1cb4636275994901fd92f8c95bbb8b00449e9321f336cf731feeec39dc60ce2bfe74720b2726c3caba77a826340c303259d70e919f3881d1ce0969fa62a97ed675798f9132c0215ab225d480ec38e74e48cde12decca27048420534fd34cbe6ca46cedfc472137bac4cd315530a3346ec4511d7d405e68d002a711024ab3cf053ac84f771d352c8f4d44e817a84108659433d97f10a522e7dc983e7971ad4f2368f7a92bf13ba64e8e286dd8c957a0cd726b67e4322dac5aee878edff56298762f2252e00dae2c1c8ff9a514e487ca2b7ea9cefc1a58665e640c63f206864dd11e351396ba27916dbd2c6d73e49a6bca2c8c5ae875c3146cea9fb8cef78876a267f0e28abb35d7d970a96e4db3d7f4893c16650128c79bf9d3568f33d4a6342afe6e0c0ad2089994388c8da7eadb5e4df5fb50c762ea2e28e6ec38bc3d00bb284224e5f7676241a85c1dc0201ed48cec21294563ef616932b2ac8b1820387b92ac41f4b5319471b82784ea5a35d34cda7f777910b7ba27a82f3d40d897a78d7144355e2666919829699da3509829b3b1f9bd052ce3564964b05d518009f6858dfe0fa196430535efd0a9abdf0f9ffa79ff08eef7ebf883d09710b4d4e899e4d56eefd7c37c9e28e67785668e60f944a4b41a2e426a4fcf0d3260a8072092e2fdff1d1329698571e149ceeb9574dc6689db48e00fd0518ea09a678a644190802724f2f0e35bb9cee7998de52b9c2e0c4db94f8d4995edceda5dc6175f42de330a686ca1151ab6413d3ed671ac8ae859092a7831d7c15da89c684c3aaf49c48faa93f71885a7bde77f7b88fc12d6e9a041084b1eb5cabe9848392d9fd1abc7d0a8a0858cbbfc396267c5aa76e7d3ab39bf313f62e8ec010890a714bec7bb04fe4a4ff282a1377a85e220d76375e4c8d9e64952c7fd5fe7626733d29806fa16ff282b884f37ec04b0fb8a84de3eb8f144ce5bdf3d8d606a0aba0f23f87e2cce0b9fe5ed05351922b3479dc866e4781c07a8278c6c1722e46e2a8d8988b04130fe7e6d03914b7796de1d511b78514929f77730d89c24cf8c6d4e7988485c43c300ce818574d14b779f1dc9073f53bbe15ef3928cd723100713bc6f276cdb8e35a43c6f0b309af8c10a5ed402dbfbe60d09b1b33768bc6d8015a649a1c87733d7b9773f3d0eebff53ca66c9d6bf1e4ab58fbc36eddf8e48bb29d11e3356f39a4d8b0731ead5daeaa29709f1a77b53a99f500cbf0686b582983335bd54de4a8d08d6372d3d4a35f08595401c34bca8a21951f4459fb9e58c66a36bcf5994a176a0f01c0b2e4a2f60a08fbe84f3f3b6da8603205270ec3f99563762a8169dfe773384f00f50946f22d223313ff97d2e5178a88a165ffebdf041cbe284dea1fd8b058e4bde85b2d2a9bb0ed8c831d920d9f5e1f83c722f75a2c1fb8f7ba39b8247ceb6f587d16edf29057b3df7256858fc3d3d00d7707c5fcace47362e7ddb28ec9fb7cce2695053c138ee8b42d6b5cdd4d3d958569d4e9be9c7cf3cbf7d0afb8ec90a08cfc760d242df615e7535373d54996195bf1f4ddf3d8ef464ce533a00afcadcb4ae27d13b4717a3c35e045ff321a79a4557be346bc7b97df4cf0806bd31ddaab979611ba06bc4d5710c2e006833e71200b05e150c929921fe8c57e3056d32c4e4eb5e2460a273e51ff4cb6b6b8a16e1f96829e315edf9e9c8ec23c59f7eab2fa4a5df2ce879fcbdfd0d1efd70aab0f3b530723881702a63ca45fdc0393250c2f87c990136377524ecbae75386c665ebd79ea58311b90b2241aa6038d336d91e0c818baa1c7a52bd851459e154738b9d12d5c55fcf4a33bf8a61f0a4942607dc23eedda596827d15e5ff94625444f448de584e81723830637c14cb86f7fdd352475be8e9c632c8e5215838cf542485413be06ceb2f5eb02ddbe6bd927a015568e31a34f19857dcabbd6b0da6f6e20ebd6e40864ae1425ad313eacbdfee28c6e30a5187582c2cd11752f7ab04edca3a8f5ef0e11e8821806b1e12d5a63440ec5e513ebe49145f5c00ead44c762dbafceefad2cbec6d1ccc4504524bbf06b8161d12e43e03ceb88402da6f67766f3ecfb8efaa2c94ae80ac327a51eb698b7980e820f37ba72907066a7ffe01a5635284450797357e8d9cdbe0f3454f88c926b782f606e9d4e3b249caa6359e16135a3af9707d6dca4373b2b5659bb1585988f87cac626a3481a16d64ff84df1ff60ccf91f382ec9a96d84d6099c3a192ee59d24026630b212a2d46082badedeb60ecdfcc8eba8b5d8c872d5860c4f3ba1723db7bc90d4e4c1435daee25004e168eb83e553f539793bc669f13da3b4735939699daa0d790d90c1a31e516e99f98b4c1021f3aa89f2342f4fc0ed7d002a692b6d5435e2551b3616783dfe0544a12fbcda1811e718b9e87a253c1ce3d0f4c26f896b09c22a3063384bf8fa309b23fe1ad535b74d118a9cb873578d2e37624a84ce9893150c5cc0073561d3ea952549c728b81987e08873ac22804f6d7e206129517683066bc96210082fad5beb1bb12e008b0eb20eafec2dd9b11b6cafb3d95be89de9f4faa56433f30afc384982202097badad1e9aeba5ab0438aafc45185146cec70e8c8323d10bfc3a1b811727585445aadfcce71cdb365088b38ce5c122390aec4d1964a8d8df44b36cbaa6472ea3c0ed508e6c1e9648f4654f16a4e23d959561431cf92d15397c84136e9d9b7a88de7732ef5903123c7dadf9e16f979687144a7b229166550ad91d660fa056cb18f81023cb10811211955ec69ee6c4135036849c526324f5634e112ddce4052e34b605f0236c85498e58d27a6ee9a068a8915dacfc2945d69c9f88707de863efe2db477a136f4eee81de75301350879589d1ddbf57c81de796c213d9424d10c10f83113bfc522ab2ee46874d207eb87329fd1a942924b8b646df76811d406a7c64777888cbe458d7ef71ab01afed249b83f19ba028c6c3f2ac168437aca2a86bd58bd65f430b10bfacebef7f6b09e14e0fd63cb0c8a1cbcf2400f6bd51a3f81b5c327b6abbe4a71b8a94aa4e1d12ffd026206d50bbc3edbf04adf3e92e359bef0c2788e430b68f05639a1547b4018bf54dc805db3d1084315944a95be7cdcf837654a20407801eed82623ae15acab779a794c11e721725b6ecffbb5f15b4747d52a675d833e61f8b9476284c7512789bc80e56dd81fd78a07a746fbc1a079d626ac7cc054c206c3ad2ab775872247b1ac5263a6dcbc7d0b57160bec97a264c54360bef4e4bf54fbf3a589051e88f730958bf2034df0386ae727de991ff5f5f66c78472ebacd2f040ecbfb159f842e9b765eea9c94e98e4cc2d0daf5554038a9627058a1aa9b000861bb10c5b1ab3b53d823ebc3c"}, &(0x7f00000012c0)=0x1008) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000001300)={r3, @in6={{0xa, 0x4e22, 0xb97, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0xfffffffffffffffe}}}, 0x84) 2018/04/01 00:13:58 executing program 7: mkdir(&(0x7f0000000100)='./control\x00', 0x0) r0 = creat(&(0x7f0000000080)='./control/file0\x00', 0x0) mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x1, 0x31, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f000078dff8)='./file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) rename(&(0x7f0000000040)='./control/file0\x00', &(0x7f0000000000)='./file0\x00') pwrite64(r2, &(0x7f00000003c0), 0x0, 0x0) dup2(r0, r1) 2018/04/01 00:13:58 executing program 4: clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x0, 0x1c9c380}, &(0x7f0000000180)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlockall(0x1) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x4, 0x200) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x9}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e21, @rand_addr=0x1}}, 0x7, 0x3c}, &(0x7f00000000c0)=0x90) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000280)={r1, 0x8f, 0x274b, 0x5, 0x8, 0x40, 0x6, 0x2, {r2, @in={{0x2, 0x4e24, @multicast2=0xe0000002}}, 0x1f, 0x1ff, 0x3, 0xa84}}, &(0x7f0000000100)=0xb0) 2018/04/01 00:13:58 executing program 6: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000dac000)={0x77359400}, &(0x7f0000048000)=0x4, 0x0) r0 = add_key(&(0x7f0000000440)='ceph\x00', &(0x7f0000000480)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000004c0)="48f9439c14e6875bca577afa0dfc9213ae366d4686575484b2453314576669bc6ded021939594b543ce54241699fafb73356458691e925b89c88c502bff510e36420", 0x42, 0x0) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) add_key(&(0x7f0000000100)="6173796d6d65747269630000f623c165dbdd5da4e516feae1218931b7f62f1989e779cb3e199015e6f224dc786b78b696462c7dec58cd05fa42773a0af0a703d63e19620fd165b5d862cf735059c401152746037a51f9d035dcf4197d265f6f5d246b14212db69e767574420fb11a7308eb293967dbd5a729bb8c6833a854e2036d4e9270fef4cef270638e56c144263ecf69038c96c9d38f68668c21513e19c1311eea8ee94c59609987d033ca3c8ad624dbc5c8958aaa4e9158c5850c6228a22d0adaabe8bb566c069d5baa64e30af6d878c", &(0x7f0000000000)={0x73, 0x79, 0x7a}, &(0x7f0000000040)="3080", 0x2, r1) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000080)={0x7, 0xffffffffffffffff, 0x1}) ioctl$DRM_IOCTL_VERSION(r2, 0xc0406400, &(0x7f0000000340)={0x1, 0x6, 0x6, 0xc, &(0x7f0000000200)=""/12, 0x53, &(0x7f0000000280)=""/83, 0x16, &(0x7f0000000300)=""/22}) readv(r2, &(0x7f0000000240)=[{&(0x7f0000000540)=""/145, 0x91}, {&(0x7f0000000380)=""/107, 0x6b}, {&(0x7f0000000600)=""/141, 0x8d}, {&(0x7f00000006c0)=""/164, 0xa4}], 0x4) 2018/04/01 00:13:59 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f00000000c0)={0x162, 0xffffffffffffffff, 0x8, 0x800, 0x31}, 0x14) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x3, 0x1) r2 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x140000000, 0x400000) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$int_in(r1, 0x80800000000541b, &(0x7f0000000000)) 2018/04/01 00:13:59 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000bd5000)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$lock(r0, 0x7, &(0x7f0000115fe0)={0x1}) fcntl$lock(r0, 0x24, &(0x7f000001d000)) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x121000, 0x0) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d2, &(0x7f0000000180)={0x6, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}]}) 2018/04/01 00:13:59 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) r4 = getgid() chown(&(0x7f0000000000)='./file0\x00', r2, r4) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) ioctl$TCSBRKP(r0, 0x5425, 0x0) r5 = msgget(0x2, 0x295) msgctl$IPC_SET(r5, 0x1, &(0x7f0000000100)={{0x4c9, r2, r3, r2, r3, 0x20, 0x6}, 0x7, 0x6, 0x0, 0x6, 0xfffffffffffffeff, 0x4, r1, r1}) 2018/04/01 00:13:59 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000100)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0x200002, 0x0) dup2(r2, r1) r3 = openat$cgroup_int(r2, &(0x7f0000000000)='memory.high\x00', 0x2, 0x0) io_setup(0x400, &(0x7f0000000080)=0x0) io_submit(r4, 0x0, &(0x7f00000004c0)) sendfile(r3, r3, &(0x7f00000000c0), 0x1) 2018/04/01 00:13:59 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f00000001c0)=""/164, &(0x7f0000000000)=0xa4) 2018/04/01 00:13:59 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000783000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0x0, 0x7}}) semget$private(0x0, 0x5, 0x0) fdatasync(r0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000080)={0xffffffff, 0x400, 0x6, {}, 0x10001, 0x3}) 2018/04/01 00:13:59 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x400000000000000a, 0x1ff, 0x7fff, 0x100000043}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0x4000000000c, 0x10000000008a, 0x0, 0xea6d, 0xf}, 0x2c) r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001180)={&(0x7f00000011c0)='./file0\x00'}, 0x28d) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000001440)={&(0x7f0000001400)='./file0\x00'}, 0x10) socket$bt_rfcomm(0x1f, 0x3, 0x3) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f00000001c0)='./file0\x00', r0}, 0xfffffeb0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000001240)={0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000001200)}, 0x20) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000100)={r1, 0x28, &(0x7f00000000c0)}, 0x10) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000001280)={0xffffffffffffffff, &(0x7f00000012c0), &(0x7f0000001740)=""/209}, 0x18) bpf$MAP_CREATE(0x0, &(0x7f0000c47fec)={0x6, 0x4, 0x0, 0xb, 0x0, 0xffffffffffffffff, 0x0, [0x4]}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000002280)={r0, &(0x7f00000020c0)="f2a74d954b83d96a6c4fe9eed4ce45c0f5279714a70b0e01c62e5b76fe7e2570ba636d15cbd8bc9037154029826ef8b0183a69b3e857b0fcdbc490a97df62f47fcf96a53740fd1e6966cfd020481d292ae1ec497d76e23c795b6592c8b20cb25bd00184f75ace7cc8add274ea7778664452d9ed93448b0ec8b84569788343d361a42616ae8bdccfb8d5c6b1a1111c108f2cbb8f4b5e3434425b3f8b635e238603769dd772aa4c479", &(0x7f0000002180)="3ff2af8cae819fe526cc902696bfbea6f4125892bda85d689fd8ed379e9d5a3b23115d6ec6cd2825e94cc7846b097f65c7eb33e62285c93c9675ead7ee001f6d1c5a544b8e3cb6153c9e8f9237866e5e027451c032aa21f730d109cc8a7692083c50493e9f41188f51fcb99b007b94ed807c6733998d4f91abeba1088d7b3a12b732e40576e19cebeda70d007f8b15d338cf0bb82890469ce0e34aa8f7310942a89e5d9557e6946027833179b4f34fa81a96948e67537e4c89b2bfecdeb6b9f271c77669a2905fac2a17e4d102f7b6b88964a073998f0a28c62480e8d19536"}, 0x20) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x1f) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000100)) 2018/04/01 00:13:59 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x10, 0x20000000004, 0x4, 0x6}, 0x2c) getsockname$packet(0xffffffffffffffff, &(0x7f0000004800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000004840)=0x14) bpf$PROG_LOAD(0x5, &(0x7f0000004880)={0x4, 0x8, &(0x7f0000000040)=@raw=[@map={0x18, 0x2, 0x1, 0x0, r0}, @generic={0x3, 0x1, 0x8, 0x9}, @alu={0x0, 0x8001, 0x0, 0xa, 0xa, 0x4, 0xfffffffffffffff1}, @alu={0x7, 0x3, 0x0, 0x2, 0x2, 0x50}], &(0x7f0000000080)='syzkaller\x00', 0x1, 0x13, &(0x7f00000000c0)=""/19, 0x41100, 0x1, [], r1}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f0000000180), &(0x7f00000001c0)=""/117}, 0x18) syz_open_dev$sndtimer(&(0x7f00004f6000)='/dev/snd/timer\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000400)={0x0, @in6={{0xa, 0x0, 0x1, @empty, 0x30f}}}, &(0x7f0000000180)=0x100) 2018/04/01 00:13:59 executing program 6: r0 = socket(0x100000001e, 0x1, 0x0) setsockopt(r0, 0x10f, 0x82, &(0x7f00009f9000), 0x14f) sendmsg$nl_xfrm(r0, &(0x7f00000004c0)={&(0x7f0000000380)={0x10}, 0xc, &(0x7f0000000480)={&(0x7f0000000600)=ANY=[@ANYBLOB="bc000000230004002bbd7000fcdbdf25000000001c00040000004e224e340000e00000000000000000000008001800030000000c0015005c07350df81ac4a44eab39726fc76a0000cc0008004700080000003f00ff240d5251e060b4fbc2fd52bbb29789310b14e882a90f5f3916db507541957e400a5daa668b0700ebdad80e518371071424440656349201d35d4c46ea2b75f63d48096f3804747119003300000010000a0027bd700027bd70000100000014000d00ffffffff0000000000000000000000000000000000"], 0x1}, 0x1, 0x0, 0x0, 0x20040094}, 0x4000000) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000500)={r0}) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001840)={0x0, @empty, @rand_addr}, &(0x7f0000001880)=0xc) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000140)={0x2, 0x7, 0x8000, 0x400, 0x8, 0x2, 0x9, 0xb5fa, 0x0}, &(0x7f0000000180)=0x20) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f00000001c0)={r3, @in={{0x2, 0x4e20, @loopback=0x7f000001}}}, 0x84) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r3, 0x1, 0x8f15, 0x20000000000}, 0x10) r4 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f0000000540)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$setperm(0x5, r4, 0x0) sendto$packet(r0, &(0x7f0000000000)="9aad447a3ba7d607565d97a050017836dfcd72774295121c289bfcb0965f88d1090b9e50875a172c1febc8629318b7c5c518677ae9e7d0ee9b6588784189d2edaa9649693b15300b9fc28fea26088197615e182e44deb740660179c88fb81223c414825fb2bda4bafd31bf73cdddb51d1ff8f478e0ca5b07170421b1ecc8691fb701073f1f523ec6b4a5476d09cb7da157cf6d2fe5744373053e2f5af077539096a3e247db551f443270f3ffbbd79105da816995ca454e2069c933487e1166033099583ee4e4eb26b1b25271e894bb2cd8297e853253c5909ae94b2fc64d84d1ff29021fe4bc28840ded6f7c", 0xec, 0x84, &(0x7f00000018c0)={0x11, 0xd, r2, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x14) msync(&(0x7f0000ff4000/0x9000)=nil, 0x9000, 0x1) accept4$packet(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000340)=0x14, 0x80000) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000440)=0x3, 0x4) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000002c0)=0x3, 0x4) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vga_arbiter\x00', 0x2, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r5, 0x80045400, &(0x7f0000000400)) 2018/04/01 00:13:59 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0x443fe) 2018/04/01 00:13:59 executing program 5: r0 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2=0xe0000002, @loopback=0x7f000001, @multicast1=0xe0000001}, 0xc) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x90) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup2(r0, r1) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000000)={@multicast2=0xe0000002, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14}}, 0xc) sendmsg$nfc_llcp(r2, &(0x7f0000001800)={&(0x7f0000000040)={0x27, 0x0, 0x0, 0x2, 0x7, 0x3, "02e516c8de7ec1784ea5421984c1487f391540bfff651599905acdc447d90b6748ed922ab1ae1322ac0ad5750190296d03b01c1013cd8d2a953d8102f330df", 0x11}, 0x60, &(0x7f0000001700)=[{&(0x7f00000000c0)="75045e3837ecc0eb7447416396626598f5a0a48991724900dd2c4612fbcacb4f63d3e6a1577e96bb75c202cd0927a2be2138a80860855673ad27f7ba7da1ace2bc9afbf4749db438380a6b3dce5f2229045bfc19a754ccef44b1db551fda4089630b050d248316df8feba07d768561effcad0dd6045f990dd64b6f4f667d52ec4a77e971f67ad8eb309ee19e0e07ec94cfb2f82e51809051ff1050c6b377eb46076feda7d96b9217f0ba9964e94648d10ce3fa77def1f72e0037a2785dfccb0217e39621c29b928741c9f3f44a0b1fb996491a1a08b7b21c09569a69e36bae712d", 0xe1}, {&(0x7f00000001c0)="64f8a769397419de654262cddfda05e9d9076523ed5a8929f704919d246fd8ba0ab5ea78c0796e830daa95d13c0f7d559aff7c1a290b0480992d0a64a6f498d2046d0968cf6f8539d6a888e342e7ba60be3b5812f70d793db5fc1f5af8f0ab35e87239d12e27a57cf06cd1598640f94187e616510c3d8f9c3f467f2f94bad5e360cd124919541be5c5ced17b2fc8ecee8031de979036ec48af7b29a11a2b3faeca9407df49489113f1a4530b250589bdcb93668d6d39b78ec317111adcc0f905af5f7fc842abf8108d25e312043eec7977ae3c4da3378a42ea2ef05b497bf85ba4b53c0d", 0xe4}, {&(0x7f00000002c0)="ed8161f300f09d9c69b383aac197072e164092c212e0c3ea9ffe87b45808d9a8ecd9cdd1c07f120142dae166c1a170592633165cbab559e8f3cf1218ceffb4d81a06b7965ef105b1a48dbdf0ccb3563f3ae7d2b2edaf56fe57fd8faf3f3b198f209d11f4facfac80ffff1af1ff33197d82a7e6e07efee5d21028636e576926c49ba4d2f37e224e29d0c5bde3443402f9f686980482b2ce8b9e317973a701c5537ff233a2ac1724355f5e75d3161227469b2ee08f9920df03af8e45fec79a0c5339b951d71ee8c353d3470f50eb7a8c70404b90935135c8bf007d3269489ec678a4f55d223a3b1e37bd13ac042c6e0cf3874d2f67666d750f43f99dfbc51bdd8ed707b86f8fdf58f789cf5f034e49e497123de8de45ec3b1486daa9fe83acc7a50fb54f9aaea7af76e3cd4f0845aa07e9f9b28d44bd078682efe9b44cf9d9922af38b1c5da48bc23de26bae040ffd00eb7b9263b3616008e847c64f588353f520322f31ddd2a745a018720646625c446f2989817ca26cfdfc6464f8c25b39a8325be8e949ad5dd9eabcea30c99245c4afee92a86490a29126e3da7ba75c05ad707d03312ed6bec14ce03831f58ed00ccad4181f3e06520cbc0863cc7e3be682ac7f72d66972dc079a636dc99e10bfa78690efb6713216d86e89bcba492119a231ec30b762ecd875c201876448ba54db5515e43cdd52cff5f41b1ee0bf4d45c327d84c1b01e3953562fdc32a7b925552c9d68783e211aa0b98a6546466e3979275ab04e13bea6af1c5d2516e0f8bf0e67f34d3cd60b48a68a87b922cced0875500f987d87057c14672fc6797f09a9c101d6dddb90db9ee06ba988720ea115ca1ed6ddc8564a4fefd719cca7011ef8a810b61c5f244bd9691e49ea0265f4e3b053049f65b41fcb56e3fd746cab964cb93cf657244a3fe0746cdb9cf02ffc8461ddeb5a5290755965436b4a0cb475bb344e8574fb61fdd2cbc194a6fe87130a7602c68e50d1a0db2d20cbc2355ccb2556305546652556857af18c2c6db21083683432a63e23493813fa83446a0ff7d241299b884353a14bb6314f37afb0b4980a85b484886e8f57604545390f2f7d1748b5e55b9dbb521c398e4f043c2f2169fa88c82285fa1cad5fedfdfb5a44fe16f07d2c13c973271b229f14304bab6ae52698b7492f6079bd3c225bc2896593ddc7bdc4e29ef3eddccd0896c99625c0c772be724254d49ed12e68f8af88b6f34f6f3b42a55bacb51df13834c45c8f3beb73091c1b05fa0eb6d0c75b2eea86b095625fee3d63b184982375d288b92c392f6f6865a82d0e92fc045293867d312fcc832987119598a685d7e9bfc04f94e9a50d47618892d88c623ccd58b50b64acd751689b6e962af860aaf3770b4e5b0065a87bfed3daf00b341416b03f28f6e66cde671d6d3c772d725a82383afeefc042b95909de9b30bf8d607444d247089dc564a7d7367868d3a01330cb8200f2ddd54210bd02c224e91295dfc52bae2d2b1be25397b389a91b8a344879b9afec56884a1f303799e840ae7742a79a74d750a8aa77e6fb06f48d691c8de449ce7e49e00045328692ad2d4132fce4d9715f4b25e40026fa7085ff4f8aa8ce3ee5e6e06c66c9fb80c91a43543a4e5d4ba5554e4a53764658e11142b54158807dfbd78f35e571f86bc4792da8ff534c4c07b2d60a3146364148f89d8357bdeb15852e56e9eb6a075f77efe8965cf1b656d16e9d91c5c363b0acdeb1e57076b76b1af0586d2a65f80122a5e64f549867d3b6d497b9929ed3232e1ae08fa0ffb3b06f158b484ac9c17ffdb1d082b5b5dc34ef749b04814eddf53089037b5f051b43595a1303d82b2628182943f0d0df02f0decc1834159757223828aa540411fc22ddbeb093501509c5d6c2d13f74b78ce3c997cea7b1d597838b3b33f6efb68a574b396f5b3e5f0c6f69864bfdae61c6e3694b9582a5f5a0c041f4c966df81f120f8a2b935beac32ace49d235f2d78a42873d40dd0e982edc503e03575f35e7e98f7004a64d30abf65c95ade7ee79d2b19e38fb556e3ba54875fb255fab1962cd271d88a58b8b3889b25d7c9cbec505d63cc886db6252e0f52fc2d0dd9ce81c602e60d5a109ae1de79babb9582bccb9591e1db85babd08936bc2b74e09c52721210fe00407120846f021c106e4e2447630e18ee20e71d1db6718a437b87c65761bd9d919984bf2c760ddcceb3048a7ba26a80631647c7399bc430099eee457ea414bdf31b0a0147b2222436cce7ac4412529b42b8efa6d82464cf4353bb1bcf28bc399da7800bba422c44ac8a47b2488d16fd90ed403059584d83d365f3e79e3c7d64720d793530872f52b075f3694ad9f5e13ce9b99466fbc5600175797a7324414da6c47e029ca77bd449eacb8aae8f37057b8e4ecb9f5c66a46c3eb0ccbd6e9882d6fb5ac2640f7348cf388e7a66fae31bcfe6e68dfae091125175464ba9f335aace4c48020bed87d4f8138281bdd7b683457ad86e13abf8afd60d6eb3d49817971017b3cb57467d4f0503d6d117328d3e5fa454d48599ff8cf546ea2cd5a0b5f4878dd7879215346f14a84ba22cc578a676aef5bafa3644f8fb26bb70002d516f0635bca7474bc62395fee875c3b9125e388d45f7337a94d02d30dbe3e74a03aa50c6648cbed7ff82d86faf18de1e1f05e9e6bb6deb0e4bbc7b617a99667e23b72ecd6ff393dadae1c2e173e317ab293fe7b366eea7540abaf8f1b7122c78b4e0eb71eb0a31c368f273f9c1f248b0bebd3821e2d77bd45b2e14b8e6342f2343cefb2e733e9296f4ca644725cc3bf40352db005bb5ce682ebfde3d31ae8c75850faf2bd1a9b8c82a6347444dd18d31317587dde576de5b2c8a2b57486a6b4d48ba2993aa84656f41a596c587406472d012ed7f525813cc41a2afb11d399e3e4f15e3ea2f8c5d38f77c28b40cef0211683cd0eadfb77dc2d7044db09167035b254d487f5c12a195e1fd5126f375c91f4b0acbb20646dd04763b0432515a87d3b8139ea9adca673697a53f7b552346f663f2cb38e482422f6242fd5f35077a9cbcb19f6ea5e8e4f9eb197080ecf63bd0fe86ce7595a88f580be380b126f1882c681d5af1b5aea1ca784087e09efb247f14f698db18c32e9692ac462f14911b04e95c65b82d9c1aa71807b95b6a2fc14621d4bb3b5fcd97e019c830582ec309b958755f55368b3dfebbdf35d1a77b878157c1f968c037a47d282bd9c0bec1f6ce7fd73a06e0811d59307575f7e1f7faa252c449785f4ae0cb14ade4479145affdf5a70e4841b667871511db3d2b8333825a1ffcc978296dee4a48f16fffb6e338bb378818eceba50496d018cf324e3fbade6bc720ee6fbe9a45b80bc0d9c80ee1b65c217e7d5d8c5b537c3fda03698c151117b7f27e336366c28cec29a72ac3fceaeb7fa2c07697779e76eb490162ccf242325f94289f1f28f2e6402cf0ed238c4005bb8a1ddcf4567ba1e26827e9ab9b8aa1aaa0e9e828369aa57162c38546282a65bdfd67d79b2e196b1bf548f3af3a0ad242212519ab6564946933f4d1ade4fd4fa22b2ff2a771c1dca9a33b456e33f83f29c643dedf47b8b4d1ece4d3f43c614333e573f2fb0d709c259ab30671b48bb7f91cdd5b567988452d5b2b111a3d704df3bdb7f2e0d49578f50914cd39b24fd0a869fd101f9647f34e0cecb7f9b992094ace7231f19752918d3e408de815ad43146e8ecb46d18fc127613a9e9b877408fe71a453df0040db7e92003e3bdff3a4db73d7912acefe022d5c13a2a8db2bf502e77fdc6b5ae2eb41f919aa3b2b38bbd55f5a3d396f7ceb277cb005bdf23f8ab2bca7ca350126430c33a1ba0c6e970bb7c2d1fbe16b917fd333c2aebd63ae284b586b501ebfdcda20c6860a7baa1bf59da17fa906fd7116ca51fcc38f6beca940e7090a12977fd415552930a1ac6bcbc537d4be4ab355418ed094c471d7505330de74e5a858883f946fe809530833fa1e4ca8a2888eb9b6cb3a2bce0b5a10f17026b9f8036f8141a1988aec573b112c89528a4ed2f99dc5d023cd1e869128ae25def53b0fdb757cc5f5887339507a8b720a0617ae1ac32b524bff365b67ece749f4efac24774604b809583441ed4cbe815dbc841ef3ae252310d8b03b308602ec1d2a3e193fdfd94058df472502fb27be7a10eccbb5a3d45b40affde2f763c1d3c24aff42cf3f94bb59cbf0bf9b5d07aba02c65657ab93104e6fbaf9cc3cab88a35205d5634e8d059d79d4ec3cf7b661bc98bcfb7e14cc803c8f1490766959b985d181720a5735c5fccb3c8b5d29e4c3e69872833057dbf0106424dbce2b12656e214c814c55437aab5ba405ffc78fbf31ac79c1c43fdfaa258f42e327d6df1f7852343d0a1f9d4ac142ddb09152c52129640645d6704ea74966938d1558bb357b84432c094d546690c693b517ed1527469bcd483c78f4668a9c97db09b93ae70e5fc01241fb6e8c6065270ebe71fe60327504625adbd745fe41a7372b23b3f7b38509c59b46ca32f37dd11638a012f6bea2e4ad460332ee62c10d800b70c45f631ab02841e4731129bce9712903a772f618e91d0d19167f5f6f8667834a45c7850f40b66a65637c40424368f9067a62c61c74a2c5437152d6d79452aeec47d4d9aa6f62a9acd8dc11d722d7540216bfaf29b52879d919ad910d170baf55d5008e534bd2959498af3a2c14fbb53ed69e927ddf533a644276b6c6377a40e24c3535e6ae65cf81d1ec0286270d94e730b93772f2a4142b8c326a8d7bd46f5bf6d391ba053fcdd3c19409ec60be43c2150eb2b778fe515d56317fdd1db13a2d10231e84f642d0b0724b550b31d85e496b2fb1988858fded68222f1d45ecafbd88f0cbd1f53b5a6ee5e0dead172af84dec49105872295f6793dc7fc5563a38b39260d60253d254adcf8246fa04a297b437e4ffd495a1c48499a7c12d229ffff78836c1f0eb30917d54a704e2a3a54c4f225ba34d412ff14cb7a489cb45f67169253c3579fe0890b2e786e0cb59f47251683f85e8772accd6e28ce711a5524d801f42e45f2dd22c6314df4a401900c18fc08f1344b9a38e38b4d70ef525d12860c789e0985342a1c779eff09bb27471f743f8dde2e22c8a8c121e6b2726ad76ee90b69ac8f50d0b49e1890d9718d8fe542fdd6c143d358799c3d2083eb83ee95637733fff38c54394d8019d13e30d78b9dc51cf8856ba72b05a97caa7ee59af3d58e381f5d582788b3829650cdde74f74eea264d217cbbb99163f47722a2c73a38367dd63747b66b3de2493038a7e274deae90c935a804b59044a2eeec51e5bd2ab4644cff6e79d23110a0cf83bd101ee57caabd653360c68c352e8bc29cec8f036d5e0ad12ec66bb7fab125ae18ea6845fd3ef1a17440bd3914a57fe5b656536b0db5a3600c90f4ff81c49c082de55f503156bcd6c3aeb32d2743ed0b79c4b0747558e540b1408f1b4f529426e1ed792d39d96653b1886131a40c794ee6150b9dc2da34d558bc9536833e59dfe7aaf8dae3fe04fe16ed624f7829614a2b83ec354ae20b7e6c2da10390e0e1d2a7d7dcff4c9f10f427329961b9ec7c48e23efc4ff02487dfe164c549c6d2df1b58330dff6805674a9e9be04cd92b6e0d13d433648805c6a01e59f7d3d102ba8307dfe88b2361f4651d5d8ccf54e01a0c4b49b3760f97df2e63b40bd94694550b72357b6f25cdecd18e4c50555402752e4eb9e9aef239ca101bda4e249a20fffd7121cb539573e52c672440a97ef7068851a3238f535e632fc7be", 0x1000}, {&(0x7f00000012c0)="5d8446c90f329ad2bb0afefe7c54da8e7c9496c6072c5de3bd516570dfdb84fd9e766d275f3db7d62eaa2df83fc50b0963ec07f48df87fcdf1907946ddbdb6daa0b0c218960c2c8f962062a682262bbe04f558af03bfaced0929f0e120dd1faf431c2af256447ff5277f2ea5b64fb8ee7380323ee42ee3549e5625441e43a93860c2a8a39002b33cdccf52a9a78a26e630784449f2c61d18681495b81a523af9dcb29cfc9df816313b49499af897f635f355ed3d71", 0xb5}, {&(0x7f0000001380)="60be225580ba56aa0ce8261f4be4d7e77992081c4bd68eb9b556f0133ba6650a09a7452a45f91700d2eba4cf53a24608d3d43f5b47ccd56cb2191143a2c5ac5901d0", 0x42}, {&(0x7f0000001400)="2de2d26223f3af2fae6ac682d21f1c940b337c4f61574b7197afcc5d4e3607096d784f85ea2f4b1754d72611da8e7ab699d0a567ba2c29380a14ee412434387b5bbeab7c06ba889b1fdef63d7d0be331ed869af7cb7f1f96796eea77394539806e367625ac82a1fd85946310dd44c6ffb390d30b46f23127a4b707b8f54e0cbfdfe5456b084008a6142b5e5b1c2d04aad7cd80754e45d9108eb99ca0751610a4aa663dc0a9248a572bf3eb", 0xab}, {&(0x7f00000014c0)="17", 0x1}, {&(0x7f0000001500)="aba67ca2b2223efcc87f892e611447c7b6c7", 0x12}, {&(0x7f0000001540)="8715d52795144d9c8f00cf167cb354b864f9656f018ae026d79d1ae8fdb09bd78087350b6b6fb364730f0f8fc8e0d964d9fd5ab1e328d6aa90d99bdf79a1c4a83eb4d4954a81ad387c62c5d1c88a6fa2b7040ebc7bf71e3d9169ff4bf7bf3f5695f6ad57e3cd2a3b831b23d998b9c8a4d9eca57a650ec0d50413588ad2731fca02db2c26aa2be042d6971965e380ff55fbfdc111edc2028590dc6f", 0x9b}, {&(0x7f0000001600)="aca3505550c5e8a5ab09bc32444338fdc21005a140196705b2f246cd2ea936de8e15d1a9bd605887e26edde6a07c05ffa4f14ecef547fc340dab2c4daca64a8794845b16ff08f1a79be52b369578b726d091fbc49e7d395beb9fd8aa2a074e3289c52ce6cf4d30530cff7f56e042ec7d0680880e0748130cc4f8a13ae5261435c05d8d1926a109ff033d1c03a6efc38f87d68208f9cb7efe328ccccd87a5c7a91b1ad2408c9a564edc3e07e6d92336d71097f99c93a21206e7c40ef69eb8458b1f357b8bdd2359a052de97cf9a854a228579f4ac8609e9fd48d734e3c84669d2afb99b907ebbf91cac1694aa436e9f57a7dfd1e3141ecfeb57", 0xf9}], 0xa, &(0x7f00000017c0)={0x38, 0x0, 0x6, "48aa2d6f7cb345d4a4ad707b4675fb04a8a0c15d98720957f33a4db0b04c48fb35ed"}, 0x38}, 0x80) getsockopt$inet_buf(r1, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90) 2018/04/01 00:13:59 executing program 7: r0 = socket$inet6(0xa, 0x7, 0x2000000004) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x11, 0x66, &(0x7f0000000200)={'filter\x00'}, &(0x7f0000000000)=0x24) 2018/04/01 00:13:59 executing program 3: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x3e, 0x2400) ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000040)) readv(r0, &(0x7f0000000540)=[{&(0x7f0000000080)=""/67, 0x43}, {&(0x7f0000000100)=""/132, 0x84}, {&(0x7f00000001c0)=""/239, 0xef}, {&(0x7f00000002c0)=""/161, 0xa1}, {&(0x7f0000000380)=""/213, 0xd5}, {&(0x7f0000000480)=""/180, 0xb4}], 0x6) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000005c0)={0x5, 0xa, 0x200, 0xfffffffffffffff7, 0x0}, &(0x7f0000000600)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000640)={r1, @in={{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}, [0x8, 0x9, 0x9, 0x3f, 0x8, 0x0, 0xf67c, 0x6, 0x4, 0x7, 0x5, 0x7, 0x1000, 0x908c, 0x5]}, &(0x7f0000000740)=0x100) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000780)={'dummy0\x00', 0xfffffffffffffbff}) sendto(r0, &(0x7f00000007c0)="c6ec0ff6b0321243582a940eab75e17abf7bab86028bcc1eecde85ede5d7da3dce6c3c1b7f1a38a248f238ef2f944c35510df10fb96df3dc513f3c305b806ae38f162b0a4ec07e1a1ab96ed5fee4f8bf4991e0041d6010989db8c4479000bbf0b9d6b4edcab200495a6856e70a1254679cc55c444c68e0702c31f8176ed590fe1f409669001144330bd104504ae2085386a8b2db88080144e35772e61081dfad71091eee9d0b43dfd4c1e0ba0dc658cc", 0xb0, 0x10, &(0x7f0000000880)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x80) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000900)={'ipddp0\x00', 0x400}) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000980)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x24, r2, 0x1, 0x70bd2d, 0x25dfdbfc, {0x5}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x10000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7f}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x40) syz_mount_image$minix(&(0x7f0000000a80)='minix\x00', &(0x7f0000000ac0)='./file0\x00', 0x10, 0x6, &(0x7f0000000e00)=[{&(0x7f0000000b00)="eb19249f825f4eeb3cf35625579679c3b93782cfc855ee6633cba751862aa7941a5f24265c44f54e0a32bdb718d72220a835277d49e43436fbaf9cee3ab3a3256585d604ce8be1657d1fc587a4900876422b282d094da3b30b550fed3b78b5f949d5ce5da362c085d68d73d670987d3b6abbbe115a2d4a1cdbcb7a4aadfee9e4d08e779cdda96e238d2ad1f87f34259075e06e993ec1", 0x96, 0x6}, {&(0x7f0000000bc0)="e1bac50e450ca43452b15bd0c279e912c510f77680f9bcc5f50b74ded6e96c1a908b69934e7278a149b312aab4517c47bb9692b84842c55fabe85bde175bc9", 0x3f, 0xeda}, {&(0x7f0000000c00)="ce0484c5c10e170727046a8cdf6bcef0e3c4c4a037d51da63db792307e554870c362eda21d9afff4909ef0eacc271c79371e0a40e1d9e36d54c163d923b0d3e3e81c62ea9f8e548cbf231e25b2ebc7f888751e817efedf1827b2ae3e31", 0x5d, 0x2}, {&(0x7f0000000c80)="ec588b109e16b34c05c047833057fe8e9c7b2de5b1969a413a88858453c218f9", 0x20, 0x7}, {&(0x7f0000000cc0)="c27b40c667c1ade391489760135cdf138b1897730d04b049495ddf69111d883bbcb856d8addfb6d80e05ef8e71b9e8248a83e60e8ffb280813c09673e7c7aa20e5d7261fdda95df99a425b8bb233c0c7b3daa976ca54251cdd1687323d853176d4d7d274bf9faa996022e73bb371bddd2596a3fc7b4e9763fc323ee76ae1717e3a69c5f59a6da7d0b51406a46f80202515a175d0be4090d19e", 0x99, 0x6000000000000}, {&(0x7f0000000d80)="99f1d5d704b8ece99550c8c315bf95943b2c2d80242599fcd1ec43e001db87858fc9abaddb97d1d85a83c0069c1e29bff63e7367afd1fc1e4e19fefa051dc852740e88d6782cc4795423edf24b5d0a8c4a371ee4e70590a6eacb", 0x5a, 0x2}], 0x10, 0x0) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000ec0)=0x1000) r3 = gettid() process_vm_writev(r3, &(0x7f00000032c0)=[{&(0x7f0000000f00)=""/30, 0x1e}, {&(0x7f0000000f40)=""/217, 0xd9}, {&(0x7f0000001040)=""/83, 0x53}, {&(0x7f00000010c0)=""/4096, 0x1000}, {&(0x7f00000020c0)=""/116, 0x74}, {&(0x7f0000002140)=""/4096, 0x1000}, {&(0x7f0000003140)=""/192, 0xc0}, {&(0x7f0000003200)=""/155, 0x9b}], 0x8, &(0x7f00000054c0)=[{&(0x7f0000003340)=""/4096, 0x1000}, {&(0x7f0000004340)=""/128, 0x80}, {&(0x7f00000043c0)=""/143, 0x8f}, {&(0x7f0000004480)=""/4096, 0x1000}, {&(0x7f0000005480)=""/59, 0x3b}], 0x5, 0x0) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000005540)='/dev/rfkill\x00', 0x20000, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r4, 0x6, 0x3, &(0x7f0000005580), &(0x7f00000055c0)=0x4) r5 = mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x1812, r0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000056c0)={0x18, 0x0, &(0x7f0000005600)=[@free_buffer={0x40086303, r5}, @dead_binder_done={0x40086310, 0x4}], 0x61, 0x0, &(0x7f0000005640)="eb5b7d530884b0120dacf0f202b50b846b158c5815775bbc00aac22b4449afd29acfbf592b85d6808e8246311d8c226f8d84369c467da874651ec9bc33eee7644d784d6bfe934aa1450ad155284c846ff3dfd00df5dbe9480dac60bd4579e552fc"}) r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000005700)='/dev/sequencer\x00', 0x4000, 0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f0000005740)={0x7f, 0x5, 0x10001, 0xffff, 0x80, 0x80000000, 0x4, 0x100000001, 0x0, 0x7}) r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000005780)='/dev/ppp\x00', 0x800, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r7, 0x80605414, &(0x7f00000057c0)=""/22) ioctl$UFFDIO_UNREGISTER(r7, 0x8010aa01, &(0x7f0000005800)={&(0x7f0000ffa000/0x2000)=nil, 0x2000}) ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000005840)) ioctl$sock_inet_SIOCGIFBRDADDR(r6, 0x8919, &(0x7f0000005880)={'bcsh0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x16}}}) sendmsg$nl_route(r4, &(0x7f0000005a00)={&(0x7f00000058c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000005900)=@ipv6_newroute={0xb4, 0x18, 0x300, 0x70bd2d, 0x25dfdbfc, {0xa, 0x20, 0x0, 0xff, 0xff, 0x2, 0x0, 0x1, 0xf00}, [@RTA_ENCAP_TYPE={0x8, 0x15}, @RTA_PRIORITY={0x8, 0x6, 0x6}, @RTA_METRICS={0x80, 0x8, "f7c8599c871088b34e49f90bc702edc4b3a013b3ceb0e6fa97959e930662a703f811ae8ee6cffd1203e7f6ebcc49ffbe8a43cc4033c254297f2b9b270a6f80bfa4db5eaf5c428c12f833d9c4091c94e9d32931694bb88a284c6b9d6e4c58ca688832262302e434d3ab7c703827a3978460f71cf5872aaca54fc72d"}, @RTA_PRIORITY={0x8, 0x6, 0x4}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40004}, 0x20000004) socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$IP_VS_SO_SET_EDITDEST(r6, 0x0, 0x489, &(0x7f0000005a40)={{0x1, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e23, 0x3, 'lblc\x00', 0x19, 0x3ff, 0x6f}, {@local={0xac, 0x14, 0x14, 0xaa}, 0x4e21, 0x4, 0x4f5, 0x6, 0xf4c4}}, 0x44) getsockopt$inet_sctp6_SCTP_STATUS(r4, 0x84, 0xe, &(0x7f0000005ac0)={r1, 0x1000, 0x81, 0xfff, 0x76, 0x40, 0x6, 0x7, {r1, @in={{0x2, 0x4e20, @multicast1=0xe0000001}}, 0x2, 0xffffffffffffffc1, 0x3f, 0x10001, 0x7}}, &(0x7f0000005b80)=0xb0) restart_syscall() 2018/04/01 00:13:59 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)={0x1}, 0x2c) sync_file_range(r0, 0x1836, 0x7, 0x5) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x40, 0xa9, 0xa37, 0x1, 0x1}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r1, &(0x7f0000000280), &(0x7f0000001440)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000040)={r1, &(0x7f0000000340), &(0x7f0000000440)=""/4096}, 0x18) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f00000000c0)="01"}, 0x10) 2018/04/01 00:13:59 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000400)='/dev/hwrng\x00', 0x0, 0x0) write$rdma_cm(r0, &(0x7f0000003300)=@create_id={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000032c0)={0xffffffff}, 0x0, 0xa}}, 0x20) write$rdma_cm(r0, &(0x7f0000003340)=@migrate_id={0x12, 0x10, 0xfa00, {&(0x7f0000000000), r1, r0}}, 0x18) read(r0, &(0x7f0000000440)=""/177, 0xb1) 2018/04/01 00:13:59 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x1f) keyctl$join(0x1, &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c000000180001020000007200000000000000000000000000000000"], 0x1c}, 0x1}, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x4800, 0x0) getsockopt$inet_mreqn(r1, 0x0, 0x0, &(0x7f00000000c0)={@dev, @broadcast}, &(0x7f0000000100)=0xc) 2018/04/01 00:13:59 executing program 4: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x20}, 0x13) r1 = fcntl$getown(r0, 0x9) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000080)=0x0) tgkill(r1, r2, 0x16) r3 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0xfffffffffffffffb, 0x1) ioctl$sock_inet_SIOCGIFBRDADDR(r3, 0x8919, &(0x7f0000000100)={'eql\x00', {0x2, 0x4e21}}) bpf$PROG_LOAD(0x5, &(0x7f0000a12fb8)={0x2, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000000000)="e1ff181fc87b79a7ed281207bb78bc80ee1cdf1fb03ed15a3482721ca1a2a4ee5f924cfd484123f76797aa8ea830de7af91192d465bb4e08b2d9dacc368e1fb0412f", 0xfffffffffffffff8, 0xfb, &(0x7f00001a7f05)=""/251, 0x41000}, 0x48) 2018/04/01 00:13:59 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xfffffffffffffbff, 0x80000) sendfile(r0, r1, &(0x7f0000000040), 0xa98) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r2, 0x4, 0xfffffffffffffffc) 2018/04/01 00:13:59 executing program 6: r0 = memfd_create(&(0x7f0000000680)="cc653ce0105f3808a27a8c37f6c4995fdbfb41280a13022f83ece60c0eeae53a14cc2266f06599c19e2d7aa1633a2e17902d933a50cebf023a569b45999392b06dfa914d4ad2f8e9000000000000000102003f19f58d4cde5baa9edc8545769bcb14f9914512f571efa4f9a52f7a2c0544a1208b1aba6b5260cacafae7af006a8c518fbe74181bea30803e6e6768e15528c9d1b8c651", 0x200000000000003) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x2012, r0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x4}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000100)={r1, 0x58ce}, 0x8) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/cuse\x00', 0x10200, 0x0) fallocate(r0, 0x0, 0x0, 0x87dc) prctl$setname(0xf, &(0x7f0000001fff)='\x00') ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000300)={0x0, r3, 0x10000, 0x2}) clone(0x0, &(0x7f0000000100), &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000240)) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00') ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000500)=0x0) sched_setparam(r5, &(0x7f0000000540)=0x100000000) sendmsg$IPVS_CMD_ZERO(r2, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0xa8, r4, 0x100, 0x70bd25, 0x25dfdbfb, {0x10}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8d}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0xff}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x101}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xffffffff}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x20}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'eql\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3b62}]}, 0xa8}, 0x1, 0x0, 0x0, 0x80}, 0x4004000) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='hostfs\x00', 0x2200003, &(0x7f0000000240)="38d74c4137c491bd4f33133a38e0cb307da9723af392e5c86c0ba4f0e3c54a39e2ba915d52e4abbff99b26725e1efa8775b7eef24f5f5d7331bfceea7dce5b") [ 199.364684] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop3. 2018/04/01 00:14:00 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0xfffffffffffffffc, 0x800) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) set_mempolicy(0xc002, &(0x7f0000000000), 0x697) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x79, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="fdff2000"], 0x8) 2018/04/01 00:14:00 executing program 0: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x400, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x400, 0x10001}, &(0x7f0000000140)=0x90) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000180)={r1, 0xe6a3}, &(0x7f00000001c0)=0x8) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) lseek(r2, 0x0, 0x3) [ 199.447429] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device loop3. 2018/04/01 00:14:00 executing program 1: socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x117100) dup2(r2, r0) ioctl$void(r1, 0x0) 2018/04/01 00:14:00 executing program 7: r0 = socket$inet(0x2, 0x0, 0x886) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000240)=""/103, &(0x7f0000000200)=0xfd0cd22b19f82754) getpeername(r0, &(0x7f00000007c0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, &(0x7f0000000480)=0x80) setsockopt$inet_tcp_int(r0, 0x6, 0x200000000000002, &(0x7f0000000440), 0x4) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = socket$inet(0x2, 0x802, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f00000002c0)={0x0, @in={{0x2, 0x0, @multicast1=0xe0000001}}, [0x0, 0x0, 0x0, 0x5, 0x2, 0x1f, 0x3, 0x0, 0x3, 0x800, 0x5, 0x10000, 0x0, 0x0, 0x1]}, &(0x7f0000000000)=0x100) r3 = socket(0x2, 0x805, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000003c0)={r2, 0x5}, &(0x7f0000000400)=0x8) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000880)=@broute={'broute\x00', 0x20, 0x1, 0x8c, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000700], 0x0, &(0x7f00000006c0), &(0x7f0000000f40)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000008bc03115b5c96a00000000000000000000000000001dffffffff0000000000000000000014a855b05f477b1a2e2d2e77970c000000000000000000000000000000000000000000000000ffffffff0000000000000000907300000000000000000000000000000000000000000000000000000000000000000000"]}, 0x108) socket$pppoe(0x18, 0x1, 0x0) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000140)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x4000, 0x0) r4 = socket(0x11, 0x100000802, 0x0) r5 = syz_open_dev$tun(&(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000040)) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'ifb0\x00', 0x4012}) ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000180)={'ifb0\x00', 0xa201}) dup2(r4, r5) readv(r3, &(0x7f0000000e00)=[{&(0x7f00000004c0)=""/121, 0x79}, {&(0x7f0000000900)=""/193, 0xc1}, {&(0x7f0000000600)=""/142, 0x8e}, {&(0x7f0000000a00)=""/133, 0x85}, {&(0x7f0000000ac0)=""/152, 0x98}, {&(0x7f0000000c00)=""/105, 0x69}, {&(0x7f0000000c80)=""/205, 0xcd}, {&(0x7f0000000d80)=""/79, 0x4f}], 0x8) setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000740)=@filter={'filter\x00', 0xe, 0x2, 0x290, [0x0, 0x20001000, 0x20001030, 0x20001108], 0x0, &(0x7f0000000700), &(0x7f0000001000)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x1, [{{{0x9, 0x4, 0x809b, 'nr0\x00', 'bcsh0\x00', 'ip6gretap0\x00', 'bpq0\x00', @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0x0, 0xff, 0x0, 0x0, 0xff, 0xff], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xc}, [0xff, 0xff, 0x0, 0xff], 0x70, 0x70, 0xa8}}, @common=@mark={'mark\x00', 0x10, {{0xfffffff0, 0xfffffffffffffffd}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x19, 0x0, 0x22f0, 'yam0\x00', 'bridge0\x00', 'syz_tun\x00', 'lo\x00', @empty, [0x0, 0x0, 0x0, 0x0, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xc0, 0xf0, 0x128, [@ipvs={'ipvs\x00', 0x28, {{@ipv4=@loopback=0x7f000001, [0xffffffff, 0xffffffff, 0xff000000, 0xff], 0x4e23, 0x36, 0x0, 0x4e24, 0x4, 0x1}}}]}, [@common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x4}}}]}, @common=@dnat={'dnat\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x19}, 0xffffffffffffffff}}}}]}]}, 0x308) shmget(0x2, 0x3000, 0x2, &(0x7f0000ffd000/0x3000)=nil) setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000540)=ANY=[@ANYBLOB="726177000000efc5c3ff000000000000000000000000000000000000000000007e03000000000000"], 0x1) shutdown(r0, 0x1) setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000080)={0x5, 0x0, 0x0, 0x3f, 0x0, 0x8001, 0xffffffff, 0x2, 0x37, 0x4, 0x3}, 0xb) getpeername(r3, &(0x7f0000000580)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000100)=0x80) 2018/04/01 00:14:00 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f00000b2000)=0xffffffffffffffff, 0x4) r1 = fcntl$getown(r0, 0x9) ptrace$setopts(0xffffffffffffffff, r1, 0x6, 0x21) connect(r0, &(0x7f0000000000)=@un=@file={0x0, './file0\x00'}, 0xa) bind$inet(r0, &(0x7f0000490000)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000a92000), 0x0, 0x800000020000000, &(0x7f0000303000)={0x2, 0x4e22, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000c69fc0)=[{0x4}, {}, {}, {}, {}, {}, {}, {}], 0x8) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000965fec)={0x0, 0x800000000000852b, 0x7ffffffd, 0x10000007ffffffc}, 0x14) writev(r0, &(0x7f0000793fa0)=[{&(0x7f0000dfa000)="06", 0x1}], 0x1) sendto$inet(r0, &(0x7f00000001c0)="cda89294311eb1abe892a9f1360ca4114461c5d17b7e6bd37192d14832ebfc052ede736eca94afda4d64580118d9998ff30f90205752351868d43d5db933223e60f8bab53d909ca5eefdb49e54648318886bb62d269aec7006bb5521bb21af20b933f8b784a1331716f58735168d2871f76d332c67f43f8ec020a6eff2f538eaacf240c265370ba5205841552db829ae3cef69f02d7c32d0bc04a39edd897e92c10fe5aac9d8bf6e1f08e5fd42f7", 0xfefa, 0x1, &(0x7f0000000080)={0x2, 0x4e21, @loopback=0x7f000001}, 0xffffffffffffff53) writev(r0, &(0x7f0000001480)=[{&(0x7f0000000340)="b8dda5a23232c24e547b4f33433e6c4609f54b591566970b3b2c75b09ce8e00ca221b499af12409f3a478c5286fdadb7f178a95827f10e7f28ab6092464bb052edf66a70b4b9c90b14387dc912ae7ccebe646eeab964927770f0a4f6d6395c6a3fe4ae29fb650d16018b3ececda0da1323e1eb680bf770fe2159bc1386a388360925d7831d948745ce06a2419cc74b0df3326f4034fa25406ecf51c04a388dfdca1526c3794eef9487b5282ab6afdc9ab202059de1c23141c8c9445bc368a3de29c212304d883583602c0a47d7dc7c8c5582756b8951cd9887960905f6671b02e4d4e0260991a280dbe6038f4570dd14bef14966ce7d1a34728c4aacdc95a70130241871b233949dcfb6b59cc081bd283131319c8c567240201956114da1a7a72edbd27c40210ae08594c4d10cd6b170c9440a3ef417a43a4e0c6bdc905af57600912463253a0df8c15b9aa46c6cc10f0e9bb93c28c2a106e2c71e04bb2cca8aca317b65980631a5b997cc5e698dd2482e59192fc861864586081ca1d7ca57c0af5e2d0a576b525b5235496eb81ee47b0d490cb65c765edffa2cae8ffc5cb71caa110cfdbe06710ea752f03854b9765bcce4a1501c17d84f8cb0359765d0eced1b6a206cd1573f6e96341bb9f03f28424b58e5e8f350be72a47ea7bdb1deacb50fd7ca37a07c007db12089ec12f0d6e9208389f611df489e93457c3bb47a645de4c83e8f3a8e1e94624dca87f5", 0x20d}], 0x1) writev(r0, &(0x7f0000000180)=[{&(0x7f00000000c0)="dcd10e59295165e779aa181f6f70af11bf1da8f1089e8c56b0a642b6f431b96da32a3fa401a4bdbc969777546eecf7decf3859050c0da674c7913a2f7815b5e02133331a7a85a38bbc1cc9c3cf9ff4681875fa999d59c88ed8cdfa9205ac58ba9644b10bfaa8186d1f3de56d890a9763405a01ab30f98ad85f1f83e04c3dcbbb55e061be5999", 0x86}], 0x1) 2018/04/01 00:14:00 executing program 4: r0 = timerfd_create(0x6, 0x0) timerfd_settime(r0, 0x1, &(0x7f0000016fe0)={{0x5}, {0x77359400}}, &(0x7f000000ffe0)) getitimer(0x2, &(0x7f00000005c0)) 2018/04/01 00:14:00 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={0x8001, {0x2, 0x4e20, @multicast1=0xe0000001}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x18}}, {0x2, 0x4e20, @multicast1=0xe0000001}, 0x48, 0x5, 0x2, 0xfffffffffffffff7, 0xffff, &(0x7f0000000040)='teql0\x00', 0x0, 0x1, 0x3}) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) [ 199.606184] kernel msg: ebtables bug: please report to author: Wrong len argument [ 199.730359] kernel msg: ebtables bug: please report to author: bad policy [ 199.752247] kernel msg: ebtables bug: please report to author: Wrong len argument [ 199.774694] kernel msg: ebtables bug: please report to author: bad policy 2018/04/01 00:14:00 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000700)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f00000006c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5258827ab8c7c23187f28e3267cfda1df6c2123119861be5642364cf6dc927e25e6040fc10dd9458ed4bd18e58", @ANYRES16=r1, @ANYBLOB="1c00000000000000000009000000380003000800010000000000080007004e220000080003000000040008000400ffff00001400020069705f767469300000000000000000006fdf1d7bf550c51acb0f21cfa20e6c6fb9a94c2bcf7cfa9b2800e108d215b5cc60e7fab6044e47b1bc9fccb74969b2c1180efd85abbed2e95351fd32b7607ba9e8ea12d5954adefc2480d6879ce8631306f8ce61c6d4c72a71070f4becee414788ec687941a127bdbe7f6f89c52c01dcc7d916bd132bbe7a5f2d44136d378aea6ce272cbfbf6de1a0566bec167a2bba939627625bd835dbdd08ad64e19e32fe07bc65c808b8c82e8e6608ab77bac39ebbb01b342166adcef49c22f469a"], 0x4c}, 0x1}, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x100, 0x400) setsockopt$ipx_IPX_TYPE(r2, 0x100, 0x1, &(0x7f0000000040)=0xc13, 0x4) ioctl$VT_GETSTATE(r2, 0x5603, &(0x7f0000000080)={0x20, 0x1000, 0x8}) msgget$private(0x0, 0x200) 2018/04/01 00:14:00 executing program 4: r0 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={"64596df17c0e4200", 0x4000000000000401}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x3, &(0x7f0000000000)=[{0x1ff, 0x7, 0x7, 0x7}, {0xffffffffffffff7f, 0x6, 0x6, 0x1}, {0x400, 0x400, 0x1ff, 0x9de2}]}) r1 = memfd_create(&(0x7f00000000c0)="64596df17c0e4200", 0x2) ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000100)={0x1, 0x9}) ioctl$TUNSETOFFLOAD(r0, 0x400454d0, 0x1) 2018/04/01 00:14:00 executing program 6: r0 = socket$inet(0x2, 0x3, 0x4) connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) fcntl$setstatus(r0, 0x4, 0x44c00) 2018/04/01 00:14:00 executing program 2: syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x2, 0x200040) getpid() r0 = getpid() syz_open_procfs(r0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x00') 2018/04/01 00:14:00 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) shutdown(r0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000040), 0x948, 0x0, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x6, 0x101000) rt_sigsuspend(&(0x7f00000010c0)={0xcf8}, 0x8) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f00000000c0)=""/4096) 2018/04/01 00:14:00 executing program 1: r0 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x3, 0x3) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000700)={0x6, r0}) getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000740)={0x0, 0x10001, 0x0, 0x5}, &(0x7f0000000780)=0x10) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000840)={r2, 0x5}, 0x8) perf_event_open(&(0x7f0000940000)={0x0, 0xffffffffffffff34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = timerfd_create(0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x400000000009) sendmsg$nl_route(r4, &(0x7f00000fa000)={&(0x7f0000c1b000)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="240000001800090f00000000000000001c0000000000080004009e536b9eba59e04e374e372fdbfbe3c4634a59b4cdfb4a5fe55dae2198533ea93d58b2323d8bde3a9b7e3d9039338885faa141fccb46f587375f52f4344c8ef28d399e18dd0035697c7d64804bc4052ce415745f3b434d8033e02473f7c3182fa5b1b4f85e0be8011ab3489b7b27af26e0b5a4de47a07baff9dd1020292067c699ca962f5818ca86392dc540e97d2f785503884bbb6b514b81cc1a774db0212a1465471ac71e72408f1cd35699d72a1f1e8a95a409a00184090ccb6628875c598dcbb4787e8c0044a768ff1c107aefe1b3e8afcebaf39da7a44107fbc22192f2cd9c3438bc519091503d0bd806ac4995b9a79a2a43587905b3c4992d23b87de8acd0e3bd89f0bd43846e69844edaaed9d4518a900e571df8600f704dd7cbf926e761dd720457d3ecd99ffa13e8a95601d037ad904aa11a2661141d71d6320a457b483bb04c7aa1aca988ee6f8890cead6c4e536d595c547b2cad99319206960f9c450a27ee2388ec01eab81c9bd3fb573d1a184cc2b72f9340d8dbe09d2f174302d5b5343240050000000000000015da1fbe7e56a500000000000000"], 0x1}, 0x1}, 0x0) r5 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) r6 = accept4(r5, &(0x7f0000000940)=@ipx, &(0x7f0000000540)=0x80, 0x800) getsockopt$inet_sctp6_SCTP_RTOINFO(r6, 0x84, 0x0, &(0x7f0000000400)={r2, 0xffff, 0x0, 0x8001}, &(0x7f0000000440)=0x10) readv(r4, &(0x7f0000000380)=[{&(0x7f0000000000)=""/146, 0xfeb8}], 0x71b) clock_gettime(0x0, &(0x7f0000000800)) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[0x1ff, 0x6, 0x4]}) r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000900)='/dev/vga_arbiter\x00', 0x24000, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r7, 0xc0505350, &(0x7f00000004c0)={{0x7, 0x3}, {0x9, 0x5}, 0x100000000, 0x2, 0xb85}) timerfd_settime(r3, 0x0, &(0x7f0000714fe0)={{0x0, 0x989680}, {0x0, 0x6}}, &(0x7f0000000fe0)) getsockopt$IPT_SO_GET_REVISION_MATCH(r6, 0x0, 0x42, &(0x7f00000000c0)={'icmp6\x00'}, &(0x7f00000001c0)=0x1e) r8 = socket$inet6_udp(0xa, 0x2, 0x0) bind$netrom(r8, &(0x7f0000000140)=@full={{0x3, {"13c7dbeb10366d"}}, [{"c1b70b383306ce"}, {"de9c97c69bb275"}, {"c22830228abb35"}, {"b6fb259cc2e6cc"}, {"265be17a29bc0e"}, {"e61c05b5b5bd95"}, {"ca1835826f40f6"}, {"5e4d440877eb8a"}]}, 0x48) ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000480)={0x7001, 0x8000}) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000240)={{0x1, 0x2, 0x4000009, 0x0, 0xfff}}) r9 = fcntl$getown(0xffffffffffffffff, 0x9) getpid() fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f00000002c0)) r10 = syz_open_procfs(r9, &(0x7f0000000880)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") r11 = accept$inet6(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, @dev}, &(0x7f0000000a00)=0x257) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r11, 0x84, 0x71, &(0x7f00000009c0)={0x0, 0x6}, &(0x7f00000008c0)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r11, 0x84, 0x6, &(0x7f0000000140)={0x0, @in6={{0xa, 0x0, 0xfffffffffffffffc, @loopback={0x0, 0x1}, 0x8}}}, 0x84) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/sequencer2\x00', 0x2, 0x0) symlinkat(&(0x7f0000000300)='./file0\x00', r10, &(0x7f0000000340)='./file0\x00') ioctl$fiemap(r10, 0x40086610, &(0x7f0000000100)=ANY=[]) recvfrom$ipx(r10, &(0x7f0000000a40)=""/107, 0xd, 0x20, &(0x7f0000000280)={0x4, 0xffff, 0x7, "f49e86060a39", 0x1000}, 0x10) 2018/04/01 00:14:00 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x0, 0x0) ioctl$PPPIOCSFLAGS(0xffffffffffffffff, 0x40047459, &(0x7f0000000000)) r1 = socket$inet6(0xa, 0x3, 0x8) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@loopback={0x0, 0x1}, 0x800}, 0x3c) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f00001e0ffc), 0x4) setsockopt$sock_int(r0, 0x1, 0xb, &(0x7f0000000040)=0xd4, 0x4) 2018/04/01 00:14:00 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) recvmsg$kcm(0xffffffffffffff9c, &(0x7f00000001c0)={&(0x7f00000000c0)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000240)=""/229, 0xe5}, {&(0x7f0000000140)=""/56, 0x38}], 0x2, &(0x7f0000000440)=""/248, 0xf8, 0x9}, 0x40000000) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vga_arbiter\x00', 0x400000, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r2, 0xc008551b, &(0x7f00000003c0)={0xb514, 0x20, [0x0, 0x80000001, 0x0, 0x1, 0xfff, 0xffffffffffffff4d, 0x600000000, 0x4aad]}) ioctl$sock_inet_sctp_SIOCINQ(r1, 0x541b, &(0x7f0000000340)) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000400)={'syz_tun\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="1bfb189feb400000"]}) setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'osx.', '\x00'}, &(0x7f0000000080)='syz_tun\x00', 0x8, 0x2) 2018/04/01 00:14:01 executing program 6: r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000000)="120000001200e7ff00ffe90009144a000ae9", 0x12, 0x0, 0x0, 0x0) sendto(r0, &(0x7f0000000040)="30e46fe01df3188880ba3d78d24caede0525b41d535d78d6a6acc445e57626a976063fdc106e2bd746edce11956f62779c29e13d0dc45617b9228f05f33901e15428d0b38f4deebab7357152abb4c384d0f0deec", 0x54, 0x40000, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @rand_addr=0xb19}, 0x2, 0x1, 0x4, 0x1}}, 0x80) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x9, 0x0, 0x8200, 0x7, 0x8, 0x1ff, 0x80000000, 0x1, 0x0}, &(0x7f0000000180)=0x20) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYBLOB="0b0f07000700090002000000000009006b00033b5ab600000000000000"], &(0x7f0000000200)=0x16) recvmmsg(r0, &(0x7f0000002600)=[{{&(0x7f00000002c0)=@in={0x0, 0x0, @rand_addr}, 0x80, &(0x7f0000001400)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/137, 0x89}], 0x2}}], 0x1, 0x0, &(0x7f0000002640)={0x77359400}) munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x800, 0x0) 2018/04/01 00:14:01 executing program 7: r0 = userfaultfd(0x800) ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, 0x1000}) socketpair(0x0, 0x5, 0x1, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000080)={0x1000, 0x2, 'client1\x00', 0xffffffff80000004, "b06cdf8f92501c1d", "f72c54dc093dbbcfaf6b8738cb2c2dc033755fa1cf270c7edbda9d70abd33b48", 0x100, 0x8a1}) bind$bt_rfcomm(r2, &(0x7f0000000140)={0x1f, {0xe3, 0xffffffffffffffff, 0x1, 0x401, 0x80000000, 0x4}, 0x8}, 0xa) sendto$ipx(r2, &(0x7f0000000180)="ae792e3c665b9ebc41cd9e4bde200c3b80ce3dbb0284bda8f9b251c3032d0af283688bed6e4d591fae0ead519816f921c977a0099db039043de8e49c0127e474139a67444b527aa4cc801bf0d52e16793dc218c4552b317b547aefc68a1d56b97e3eac2b1921135297ad31ca9d3f1e7db3d2d29a79dd666b0ad0f5f82a5e3b39b1064749d53ec61d3f795ea5db05219539083c88a27e2ed63bce4d6f00a723ccedc4b71b5378f9862cb81634bf6a26aac40d5a62ec72c2698e6befa0e00aa311d17aadf98a357a6ab6d1", 0xca, 0x1, &(0x7f0000000280)={0x4, 0x81, 0x3, "dc31548c999a", 0xfffffffffffffff7}, 0x10) fcntl$setpipe(r2, 0x407, 0x1) ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f00000002c0)={0x3, 0x0, [0x0, 0x0, 0x0]}) socketpair(0x1, 0x0, 0x200, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = syz_open_dev$sg(&(0x7f0000000340)='/dev/sg#\x00', 0x7, 0x101000) syz_open_dev$tun(&(0x7f0000000380)='/dev/net/tun\x00', 0x0, 0x40000) pread64(r1, &(0x7f00000003c0)=""/64, 0x40, 0x0) ioctl$SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000000400)) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000440)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x3}) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000480)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0) ioctl$KDSKBLED(r1, 0x4b65, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r6, 0x4010ae68, &(0x7f00000004c0)={0x10f004, 0x13000}) timer_create(0x4, &(0x7f0000000500)={0x0, 0xc, 0x6, @tid=0xffffffffffffffff}, &(0x7f0000000540)=0x0) timer_delete(r7) fchdir(r0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r6, 0x6, 0x21, &(0x7f0000000580)="bcbd6e65a11233a86f1fab0a42d45386", 0x10) setsockopt$inet_dccp_buf(r2, 0x21, 0xc, &(0x7f00000005c0)="1294a69d343102b92338ac79079ddc9df7fcc46db5b124aa979078750c442a8ede97e0fb19cffb014980807fa029328eea2ad872865140", 0x37) r8 = getpid() sched_setparam(r8, &(0x7f0000000600)=0x1) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000640)={0x0, 0x20000000}, &(0x7f0000000680)=0x8) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f00000006c0)=@assoc_value={r9, 0x7fffffff}, 0x8) ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000000700)={"fe3a422c7cca278315790b471a1c78aa792f95b9a3a835c7f3f5d639dad4f3d96aa0c0816141a2b9fd62ac485f0c339621cc695560397fc6b36a855d832dc7bc7c546ea995c00f7f78dfb35ed7cddc240218b4879e3c69d6e2ce62207048e0746b3631838b59a8291b9fce039284dc28f5923626d562bf27c037613ae5bd0209d78698e8cd5b99a9b18228ca628bbcec66dcca1275bebfbfbf48839a67540349b9251b9070ca963d4b1b1c2e7a8d89a3d4487ddb9425e1b63ae0ed3a7aa7265b84c2bf6b9726b37bf1b5287b239c8e6067441f49f273bbcb7c3ac5b03a6200c8002280556535824e769cd4c82b5236ba5c4a38170a41b3138c29eb9772a354887e73a1b20ab9b19d11e4c6e7e045e6f4f38ad3dd1d112f62efe658f8c11dc7311e468c89247a2dc4f7769c9d64c1f3e154ce06b9d6439181cc7641e39e6431a0b985ac41e67baba22e4663409eae59427494d51df4be7e7c9d31304c985a91d8b9a2c7b0b588dfa1e1a3b063379b1d4c443b637932bd19d4f96d942618147a7ac69c79426935ba8bf0ddedf0b6c3194a3dff4c1b3c4b4fbbb316a7a4e38360cbae6a127b8fdd54340231a91e2942a9405a7339d32ffc35fc0711c5bb6fa15b3665e783785670949e74a8458f4dae50967b30cd0240ebac0428679cc47284e51571fb7b31dd9811f0fc7ef4e8e9e6db0765dcc0785129a337ff9a466b58a3c843fe86d917afeb3ccde3872a3518f322f4b2b0028cdce32c38ef51381507400506464fb8907d951471a07367a4c4cab2c306af9e67aa867f072f313600333e139a079a5f9a745f9a4102ae182c98d044f47d88bdc86283361d8b6eb5c74a614d577cb7c052e81c4294f5a8784b6810050b074e5c6b59eb4fd397b7dd8a372a7587ed04bcc5bad4771636a6b5f3334cab9b4730f2d97be9fb6ef5763b701d7d80959faca9e2dc4bcac89a66757f72bfa863e463f1b0b8f8b43702655219670ab714778cf7c42dd825519cd514583f4cc951c89b0d59db159754d5d6e32b4d4fb7271c13199b5dda945e865132fe502e704bf13c0ef1f09d57d0387f195b3ced30942d806d3042e867ee531bc9c0f8e2479c8b7c626d3c91a276add0c2a5dd3e4ea7b7711b99b38f5f1ded18cd5bb196a16c4b6599aa03386091ac6624a207c493b2e58704039d2dd5f5a303fa61526af86fe440b269dc2773266aee468ad0ec58c2671e3ac881132147015255950d305640e25094dd63177e317a4ea039683041235194d880e586af47493454414b2b0bc956f3be93094c56438d7889535764ed6420f472d954278b2ab459b6d91e76c0f52975c99da05ac767f9cbb30dda04986105ab14a738989995dab2c889b58456fb50db052a8246ac1fbe30fb2d6cbac68fee42dd778e95a18832c2c699ef669af527692f55e6ac9648742ef61582b0f91f"}) getrusage(0xffffffffffffffff, &(0x7f0000000b00)) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000bc0)={0x20, 0x1, {0x0, 0x0, 0x100, 0x0, 0x401}}) 2018/04/01 00:14:01 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffd) 2018/04/01 00:14:01 executing program 0: r0 = socket$nl_xfrm(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'syz_tun\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="4c0000000000000000000000000000000000000400000000290000fe000000000000000000000000000000000000000000"]}) 2018/04/01 00:14:01 executing program 4: r0 = socket(0x10, 0x2, 0xd) write(r0, &(0x7f0000000000)="1f000000f90300ff00000001000000200700090054000000010000000101308a846a00000000d30a0074dd7e7293e251", 0x30) 2018/04/01 00:14:01 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x2, 0x28001) r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8, 0x428000) getpeername$unix(r1, &(0x7f0000000040), &(0x7f00000000c0)=0x6e) write$evdev(r0, &(0x7f0000000100)=[{{}, 0x1, 0x4000005c, 0x2}, {{}, 0x0, 0xe5}], 0x30) 2018/04/01 00:14:01 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x4040, 0x0) ioctl$int_in(r0, 0x80000000005421, &(0x7f0000000000)) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x1f, 0x28002) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{}, {{@in6=@local}, 0x0, @in6=@dev}}, &(0x7f0000000080)=0xe8) ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0) [ 200.567617] EXT4-fs warning (device sda1): ext4_resize_fs:1914: can't read last block, resize aborted [ 200.737486] EXT4-fs warning (device sda1): ext4_resize_fs:1914: can't read last block, resize aborted 2018/04/01 00:14:01 executing program 2: r0 = accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x800) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000040)=0x4, 0x4) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:01 executing program 1: r0 = perf_event_open$cgroup(&(0x7f0000000140)={0x7, 0x70, 0x0, 0x3, 0x3, 0x3f, 0x0, 0x401, 0x10000, 0x4, 0x20, 0x0, 0x8, 0xffffffff, 0x8, 0x101, 0x1, 0x3, 0x2, 0x3fffc00000, 0x2, 0x100000001, 0x879, 0x7fff, 0x4, 0x1, 0x9, 0x2, 0x4, 0x1, 0x3, 0x4, 0x8001, 0x6, 0xd2b2, 0xbd3e, 0x40, 0x672b, 0x0, 0x1, 0x3, @perf_bp={&(0x7f0000000100), 0xd}, 0x4000, 0x401, 0x6, 0x6, 0xfffffffffffffff8, 0x4d, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x8) r1 = dup3(r0, 0xffffffffffffff9c, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x5, 0xb92}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000240)={r2, 0x8b, "c79a0581c2e6941e7546b6619dc4f329342468bf0829fd43919ad59409934786fca172f367ff73df98687d0d48b66e1ff3951eadbbf9e3b962ccf46ca4bb09076466e5e43eea7de3510c4db92b0ed6c816e25e97df6ae220cf29cd38e103c0f27d645796b780bc76fe453a7ce5af21854aab834d57e1510f5af1277708b68ba4673e867ee092c15d647723"}, &(0x7f0000000300)=0x93) r3 = socket(0x10, 0x3, 0x0) sendto(r3, &(0x7f0000000000)="703858d912f168870dd4e06ec9f8171ee90b6c2c1d90bdf24833d0477c1114f073906ac58e80a4d367b1006fd1fb69fea8b4be1af25641d17152dcda4274384af2fdc4fe0e04", 0x46, 0x4008001, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r3, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x3, 0x0, 0x3, 0x3}}, 0x80) 2018/04/01 00:14:01 executing program 7: r0 = syz_open_dev$dmmidi(&(0x7f0000cfe000)='/dev/dmmidi#\x00', 0x16, 0x0) read(r0, &(0x7f0000916000), 0x0) accept$packet(r0, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000900)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000940)={'gretap0\x00', r1}) 2018/04/01 00:14:01 executing program 0: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x400300, 0x0) bind$nfc_llcp(r0, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "6cb782e4ad88b89d1fd309169f44812107130ee55db70510420aaa96759ecbc36eb9bb12b6124793608dd0e7316d1d4f4dbac39806e4ac714b7ecefa8a934a"}, 0x60) bind$nfc_llcp(r0, &(0x7f00000000c0)={0x27, 0x1, 0x0, 0x5, 0x6b, 0x3, "4d72411e5409452d170eb06c1ef4f9d0841cdb13e5578134e2d2d25fb6b1b6f4e62049d62985b8d668fbf2ef62686ef79e46203eea09c79f3e7aa45826839b", 0x1c}, 0x60) sendmmsg$nfc_llcp(r0, &(0x7f0000006f80)=[{&(0x7f0000006a40)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "0b8481dc9ba68657bf140526b33d582063efd32ee50e5df80133129367e8675e7f9e9d619aa50a5ef29ae63282692ace42e20c5758719f963782fedb62dd2a"}, 0x60, &(0x7f0000000380), 0x0, &(0x7f0000000080)={0x10}, 0x10}], 0x1, 0x0) 2018/04/01 00:14:01 executing program 3: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xe3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x10) 2018/04/01 00:14:01 executing program 4: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x7f, 0x488401) flock(r0, 0x0) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000240)=""/186, 0xba}, {&(0x7f0000000300)=""/141, 0x8d}, {&(0x7f00000003c0)=""/34, 0xffffffbe}], 0x3) 2018/04/01 00:14:01 executing program 5: r0 = memfd_create(&(0x7f0000000000)='broute\x00', 0x2) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040)=0x2, 0x4) r1 = socket$inet(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000004c0)=@broute={'broute\x00', 0x20, 0x2, 0x398, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000900], 0x0, &(0x7f0000000240), &(0x7f0000000540)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000000000e000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000400000000000000000ffffffff01000000110000000000000000006970366772657461703000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000073797a5f74756e0000000000000000000180c2000000000000000000aaaaaaaaaabb0000000000000000a00000003801000088010000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000000000000000000000000000000000004c4544000000000000000000000000000000000000000000000000000000000028000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000000010073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000050000000000000086dd73797a6b616c6c65723000000000000074756e6c3000000000000013000000007369743000000000000000000000000069666230000000000000000000000000000000000000000000000000ffffffffffff0000000000000000300100003001000080010000697036000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000006000000ffffac1414aa0000000000000000000000000000000000000000000000000000000000000000003a40000000000000000000000000006c696d6974000000000000000000000000000000000000000000000000000000200000000000000000000000ec0000000000000000000000000000000000000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3002000000000000000000000000000000000000000000000000000000000000000000000074f14c24e380040035ea8283fabe5dfa7ce292755822e7401b4f"]}, 0x42a) 2018/04/01 00:14:01 executing program 6: restart_syscall() r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x100000001, 0x3) ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000040)={0x80, 0x40}) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000000080)={0x5, 0x1000, 0x2860, 0x1}) getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f00000000c0)={'TPROXY\x00'}, &(0x7f0000000100)=0x1e) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x3, 0x1, &(0x7f0000000140)=""/95, &(0x7f00000001c0)=""/204, &(0x7f00000002c0)=""/29, 0xf002}) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000340)=0x7, 0x4) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000003c0)={r0, 0x28, &(0x7f0000000380)}, 0x10) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000400)) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000480)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x90400000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0x8c, r1, 0x811, 0x70bd29, 0x25dfdbfb, {0xa}, [@IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x4}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'irlan0\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x73e4}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast=0xffffffff}]}, @IPVS_CMD_ATTR_DAEMON={0x38, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0x14}}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @remote={0xfe, 0x80, [], 0xbb}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1f}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x40) getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000008100)={@mcast2, 0x0}, &(0x7f0000008140)=0x14) bind$packet(r0, &(0x7f0000008180)={0x11, 0xb, r2, 0x1, 0x4, 0x6}, 0x14) read(r0, &(0x7f00000081c0)=""/126, 0x7e) statx(r0, &(0x7f0000008240)='./file0\x00', 0x6100, 0x1, &(0x7f0000008280)) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000008380)={'icmp\x00'}, &(0x7f00000083c0)=0x1e) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000008400)=r0) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000008440), &(0x7f00000084c0)=0x68) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000008500)={0xffff, 0x5, 0x6, 0x1, 0x80000001, 0x101, 0xfaee168, 0x6, 0x4, 0xe95, 0x401}, 0xb) r3 = syz_open_dev$dspn(&(0x7f0000008540)='/dev/dsp#\x00', 0x7f, 0x541480) accept$netrom(r0, 0x0, &(0x7f0000008580)) ioctl$DRM_IOCTL_GET_MAGIC(r3, 0x80046402, &(0x7f00000085c0)=0x25) getdents64(r3, &(0x7f0000008600)=""/252, 0xfc) getrandom(&(0x7f0000008700)=""/231, 0xe7, 0x1) clock_settime(0x5, &(0x7f0000008800)={0x77359400}) ioctl$KVM_SMI(r0, 0xaeb7) r4 = accept4$packet(r0, &(0x7f0000008840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000008880)=0x14, 0x80000) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) getpeername(r4, &(0x7f00000088c0)=@rc, &(0x7f0000008940)=0x80) recvmmsg(r4, &(0x7f000000bd80)=[{{&(0x7f0000008980)=@ax25, 0x80, &(0x7f0000008f40)=[{&(0x7f0000008a00)=""/43, 0x2b}, {&(0x7f0000008a40)=""/59, 0x3b}, {&(0x7f0000008a80)=""/194, 0xc2}, {&(0x7f0000008b80)=""/45, 0x2d}, {&(0x7f0000008bc0)=""/178, 0xb2}, {&(0x7f0000008c80)=""/3, 0x3}, {&(0x7f0000008cc0)=""/214, 0xd6}, {&(0x7f0000008dc0)=""/178, 0xb2}, {&(0x7f0000008e80)=""/100, 0x64}, {&(0x7f0000008f00)=""/45, 0x2d}], 0xa, &(0x7f0000009000)=""/4096, 0x1000, 0x770b}, 0x3}, {{0x0, 0x0, &(0x7f000000b2c0)=[{&(0x7f000000a000)=""/122, 0x7a}, {&(0x7f000000a080)=""/4096, 0x1000}, {&(0x7f000000b080)=""/218, 0xda}, {&(0x7f000000b180)=""/55, 0x37}, {&(0x7f000000b1c0)=""/254, 0xfe}], 0x5, 0x0, 0x0, 0xffffffff}, 0xed}, {{&(0x7f000000b340)=@pppoe={0x0, 0x0, {0x0, @dev}}, 0x80, &(0x7f000000b440)=[{&(0x7f000000b3c0)=""/101, 0x65}], 0x1, 0x0, 0x0, 0x8}, 0x20}, {{&(0x7f000000b480)=@alg, 0x80, &(0x7f000000b6c0)=[{&(0x7f000000b500)=""/236, 0xec}, {&(0x7f000000b600)=""/128, 0x80}, {&(0x7f000000b680)=""/51, 0x33}], 0x3, &(0x7f000000b700)=""/19, 0x13, 0x7}, 0xfce}, {{&(0x7f000000b740)=@hci, 0x80, &(0x7f000000bcc0)=[{&(0x7f000000b7c0)=""/79, 0x4f}, {&(0x7f000000b840)=""/61, 0x3d}, {&(0x7f000000b880)=""/146, 0x92}, {&(0x7f000000b940)=""/64, 0x40}, {&(0x7f000000b980)=""/247, 0xf7}, {&(0x7f000000ba80)=""/38, 0x26}, {&(0x7f000000bac0)=""/149, 0x95}, {&(0x7f000000bb80)=""/72, 0x48}, {&(0x7f000000bc00)=""/189, 0xbd}], 0x9, 0x0, 0x0, 0x100000001}, 0x6}], 0x5, 0x20, &(0x7f000000bec0)={0x77359400}) 2018/04/01 00:14:02 executing program 4: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000276000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r2, 0x0, 0x0, 0x73e0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0x40a85323, &(0x7f0000000080)={{0x80000001, 0x100000001}, 'port1\x00', 0x0, 0x1, 0xfffffffffffffffb, 0x3f00000000000000, 0xfffffffffffff001, 0x7fff, 0x2, 0x0, 0x5, 0x1}) ioctl$int_out(r0, 0x5462, &(0x7f0000000140)) sendfile(r0, r1, &(0x7f0000000040), 0x2) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0xffffffffffff8d82, 0xffff}) 2018/04/01 00:14:02 executing program 1: r0 = socket$inet(0x2, 0x5, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0xb90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20002500], 0x0, &(0x7f0000000040), &(0x7f0000002500)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x3, 0x0, 0x0, 'lo\x00', 'yam0\x00', 'bond0\x00', 'syzkaller0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0x8f0, 0x950, 0x980, [@among={'among\x00', 0x858, {{0x0, 0x7fff, 0x0, {[], 0x3, [{[], @local={0xac, 0x14, 0x14, 0xaa}}, {[], @remote={0xac, 0x14, 0x14, 0xbb}}, {[], @dev={0xac, 0x14, 0x14}}]}, {[], 0x2, [{[], @broadcast=0xffffffff}, {[], @multicast2=0xe0000002}]}}}}]}, [@common=@redirect={'redirect\x00', 0x8}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8}]}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0xd, 0x0, 0x0, 'gretap0\x00', 'tunl0\x00', 'sit0\x00', 'ifb0\x00', @empty, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0x130, 0x130, 0x180, [@ip6={'ip6\x00', 0x50, {{@empty, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}}}, @limit={'limit\x00', 0x20}]}}, @common=@LED={'LED\x00', 0x28, {{'syz0\x00'}}}}]}]}, 0xc08) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000200)={0x7, 0xc159, 0x0, 0x3, 0x3, 0x20, 0x3, 0x10000, 0x0}, &(0x7f0000000240)=0x20) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000280)=@sack_info={r1, 0x7, 0x4700000000}, &(0x7f0000000100)=0xc) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f00000001c0)) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000000)={0x0, 0xffffffff}, &(0x7f0000000180)=0x8) [ 201.451550] kernel msg: ebtables bug: please report to author: Wrong len argument 2018/04/01 00:14:02 executing program 6: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000001180)={&(0x7f0000000840)={0x10}, 0xc, &(0x7f0000001140)={&(0x7f0000000b80)=@migrate={0xac, 0x21, 0x1, 0x0, 0x0, {{@in=@broadcast=0xffffffff}}, [@migrate={0x5c, 0x11, [{@in, @in=@remote={0xac, 0x14, 0x14, 0xbb}}, {@in=@dev={0xac, 0x14, 0x14}, @in6=@empty={[0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}}]}]}, 0xac}, 0x1}, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc\x00', 0x40, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f0000000340)=0x8) 2018/04/01 00:14:02 executing program 0: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000ccdff8)={0xffffffffffffffff, 0xffffffffffffffff}) readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/117, 0x75}], 0x1) connect$unix(r1, &(0x7f0000000000)=@file={0x0, './file0\x00'}, 0xa) ioctl$EVIOCGSND(r0, 0x8040451a, &(0x7f0000000080)=""/168) membarrier(0x1, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000200)={0x7, r1, 0x1}) setsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000240)=0x400, 0x2) 2018/04/01 00:14:02 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @loopback=0x7f000001}, 0x10) 2018/04/01 00:14:02 executing program 7: getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000600), &(0x7f00000000c0)=0x4) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, 0xffffffffffffffff) r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000003c0)={0x0, 0x2}, &(0x7f0000000400)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000005c0)={r2, 0xfff}, 0x8) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f0000000240)) ioctl(r1, 0x10000002284, &(0x7f00000000c0)) getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x0, &(0x7f0000000100), &(0x7f0000000140)=0x4) setsockopt$ipx_IPX_TYPE(r1, 0x100, 0x1, &(0x7f0000000680)=0xc22, 0x4) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r3, 0x0, 0x27, &(0x7f0000683ff4)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc) setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f000001000000000a000000e00000017f000001e00000017f000001ffffffff0000000000000072ffffffff7f000001ffffffff"], 0x38) setsockopt$inet_mreqsrc(r3, 0x0, 0x26, &(0x7f00009db000)={@multicast2=0xe0000002, @loopback=0x7f000001, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0xc) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000002c0)={0x0, 0x5, 0x3, 0x0, 0x3, 0x0, 0x4, 0x4, 0x7}) fcntl$getflags(r0, 0xfffffffffffffffc) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={0x0, 0xffff}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000440)={r4, 0x2}, 0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000200)={0x1000, 0x0, 0x3, 0x100000000, r4}, 0x10) r5 = request_key(&(0x7f0000000480)='ceph\x00', &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000500)='/dev/sg#\x00', 0xfffffffffffffff9) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x6, 0x9, 0x200, 0x2, 0x2, 0xf1, 0x5a9d, 0x1, r2}, 0x20) accept(r0, &(0x7f00000006c0)=@pppoe, &(0x7f0000000640)=0x80) keyctl$describe(0x6, r5, &(0x7f0000000540)=""/94, 0x5e) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000300)=""/113, &(0x7f0000000380)=0x71) 2018/04/01 00:14:02 executing program 3: r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x202000, 0x38) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000100)) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x12, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x1, 0x101) ioctl$sock_inet_sctp_SIOCINQ(r2, 0x541b, &(0x7f0000000080)) connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, {0x0, 0x0, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff}, 0x0, 0x1000000002}, 0xe) 2018/04/01 00:14:02 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000), 0x0) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000180)=[{0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000001700)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) recvmsg(r1, &(0x7f0000001440)={&(0x7f0000000280)=@sco, 0x80, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/4096, 0x1000}], 0x1, &(0x7f0000001400)=""/6, 0x6}, 0x0) sendmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000001480)=[{0x18, 0x0, 0x6, "c8"}, {0xc0, 0x110, 0x3, "2afaa0974db8fa2a2b84ff58c3001df4ca677d29deafdb04a742d7407572e1a0a01e3b2d694d4563b4a813a9fea2977f96cda2b5c005c9acc7a7084af5d83ec97f6f7ed45639ab954a68a0c7c3113f7d1113e26aea986dc1758a179265114caadbe4decba8c6da48accb726bbbc80d1f23ccade212c17fb8eb89ccda3352a39c43afdc6fd55861805e1a1edf7ef9ba265885c7fc1ff5be3934d9eaf5566df0c016fa4b28219d7d5d24ad12"}, {0xb8, 0x0, 0x7, "e57d7bd2e9ba002b657e541f33417e7a60fb3d81917cfaf8d814ecb128caaf5014a8869ffc1e9e2a0632e47749af07fb4632c071c3ef1beeb47a7816043ff5ed02f79154b980e6962413819fa3d3846a9293ab0b4ecc295e96f7330dcaf9e6f71c2ecb3c6e72ccb53be648c8223ae3316fb254897522884d3b7a1b8261fdb6ae36c14180b1655860f2f9d884d7040ccf798dd910920aad8d41c5d611bfebddf4f8e84bcab1222b4b"}, {0xe0, 0x10a, 0x7fff, "9da0095c3a1eb5ec82405d4570dec8374a5f93b90f61fa4673bb269a6cde8fdff0e1a668d36f4071ba9435973834ca27c32081ede15107c2d1d4b5c4321c34c4fec832bba02b0240e3f746bde6ccd4d191a9bfd7df5351e6f9453fd3797c7361b56c3a2827e83273d3a896175785ff176b226b7a6ba4f7245e6b5ff103d468b64b5431177e02a0a7d5c46e938874fd67aaf446e9d94baff65ba97a97a69b4d3b84abc9ca91aab7ac6ccf41f577c13902f12e360c44aeb47debb6334a7f871d73a44f7944830ed50c9e2fcaa27e2246f0"}], 0x270, 0xc000}, 0x3}], 0x1, 0x80) 2018/04/01 00:14:02 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:02 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) lseek(r0, 0x0, 0x2) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000000)={0x79}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000000c0)={0x10}, 0x17b, &(0x7f0000000740)={&(0x7f0000000040)=ANY=[]}, 0x1}, 0x0) ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000000)) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000180)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000000100)=0xe8) r4 = getegid() fchown(r1, r3, r4) r5 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x480040, 0x0) write$cgroup_pid(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="19488c73fd012fd571adf0f18ea1b46a1db8800cf4095940a028daa7fcc6ec6fe5c70a354a61fbe47f2c919fbd20d58348620f989363d84a1353aa063b18fc7428d8fdad6e989d0b39a70e2ae0fd6f0dbecd74dcad1381c5d3241320edbae8b19135926d44461d3676fb"], 0x3) 2018/04/01 00:14:02 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x8, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000950000d900000000"], &(0x7f0000000080)='GPL\x00', 0x10000001, 0xb2, &(0x7f0000000200)=""/178}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={r1, r0}, 0x10) r2 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x80000001, 0x10000) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x1) 2018/04/01 00:14:02 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x91, 0x0) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000300)=""/254) r1 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0xa, 0x400000000000840) ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000100)={0x3, [0x3, 0x6, 0x5]}) r2 = fcntl$getown(r1, 0x9) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000500), 0x8) ioctl$TIOCSPGRP(0xffffffffffffffff, 0x5410, &(0x7f0000000400)=r2) sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x88}, 0xc, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="750cfff30900000072dac3ab87"], 0x1}, 0x1, 0x0, 0x0, 0x4000001}, 0x4) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptmx\x00', 0x0, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f00000001c0)=""/121, &(0x7f00000004c0)=0x79) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000540)=0x142, 0x4) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), &(0x7f00000002c0)=0x4) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000580)=@req={0x28, &(0x7f0000000600)={'lo\x00', @ifru_settings={0x0, 0x9, @fr_pvc=&(0x7f00000005c0)={0x5}}}}) r4 = perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x400000000e) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000240)=0x1, 0x8) dup3(r4, r3, 0x80000) ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x8) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000640)={0x0, 0x5}) 2018/04/01 00:14:02 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00001ec000)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="1edf10a0b061166d92886b304db73d00b42a0c43ff0ca0c0fef95de3", 0x1c) sendmsg$alg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r1, &(0x7f0000b2dfc8)={&(0x7f00007ebffa)=@hci, 0x80, &(0x7f0000f75000)=[{&(0x7f0000f75000)=""/175, 0xaf}], 0x1, &(0x7f0000ec7000)}, 0x0) 2018/04/01 00:14:02 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0xc5a1, 0x0, 0x80}, 0xc) 2018/04/01 00:14:02 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x20000, 0x0) syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x80) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0x4008ae48, &(0x7f0000000140)) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000100)={0x101, 0xfffffffffffffff7, 0x81, 0x10001, 0x7, 0x3, 0x0, 0x0, 0x80000000, 0x8, 0x32}, 0xb) fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x8, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}, {}]}) 2018/04/01 00:14:02 executing program 5: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x101200, 0x0) accept(0xffffffffffffff9c, &(0x7f0000000200)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000005c0)=0x80) bind$can_raw(r0, &(0x7f0000000600)={0x1d, r1}, 0x10) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3de, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5024, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x1, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000180)={0x7f, 0x1}) recvmsg(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/150, 0xfffffffffffffe77}], 0x1, &(0x7f0000000000)=""/251, 0xfb}, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x1, 0x5, 0x7, &(0x7f0000000140)) sendmsg(r3, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001140)=[{&(0x7f0000000100)="bf", 0x1}], 0x1, &(0x7f0000001180)}, 0x0) 2018/04/01 00:14:02 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = dup3(r3, r2, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@textreal={0x8, &(0x7f0000000200)="0f30f3afbaf80c66b8981d068566efbafc0c66b80d00008066ef660f320f01df650f01ca66b9800000c00f326635000100000f3066b9700900000f3266b9800000c00f326635002000000f30f30f07", 0x4f}], 0x1, 0x0, &(0x7f00000002c0), 0x305) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000000000000850400000000000000d3"]) 2018/04/01 00:14:02 executing program 2: getpgrp(0x0) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000140)='/exe\x00\x00\x00\x00\x00\x00') ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000000)={'ipddp0\x00', 0x8}) fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:02 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) inotify_init1(0x80000) sigaltstack(&(0x7f0000ca4000/0x2000)=nil, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00008e6000)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000d07000/0x1000)=nil}) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f0000000040)={{0x6, 0x7}, 'port1\x00', 0x4, 0x40000, 0xfed, 0xfffffffffffffffd, 0x7fffffff, 0x7, 0x76ae, 0x0, 0x7, 0x2}) ioctl$KVM_GET_DIRTY_LOG(r1, 0x4010ae42, &(0x7f00004f1ff0)={0x0, 0x0, &(0x7f0000ca2000/0x4000)=nil}) open(&(0x7f0000000100)='./file0\x00', 0x800, 0x8) 2018/04/01 00:14:03 executing program 0: r0 = socket(0x10, 0x4000000002, 0x0) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000080)=0x7) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000240), &(0x7f0000000040)=0x68) write(r0, &(0x7f0000000100)="260000001a0053eb910000f9ff09000000899800d307c0c8681bcd1beb15e0f1ff609b000000", 0x26) r2 = dup2(r0, r1) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000000000000010000004300000006000000030000000100000081000000ff01000000000000000000000000000007000000670000000400000007000000050000000800000069a9000000000000000000000000000000000000ffffffff0000000006000000f7ffffff0000000006000000000000000000000000000000010000406e00000001000000ff7f00000100000000000000030000000000000000000000000000000100000002000000040000000300000007000000000000001b0500000000000000000000000000000a0000000000000001000000080000008d00000004000000ff030000000000000000000000000000"]) 2018/04/01 00:14:03 executing program 7: r0 = syz_open_dev$amidi(&(0x7f0000000700)='/dev/amidi#\x00', 0x5, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu\x00', 0x200002, 0x0) open$dir(&(0x7f0000000580)='./file0/file0\x00', 0x400080, 0x0) fstat(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x0) setgid(r3) clock_gettime(0x4, &(0x7f0000000e40)) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc5}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000000100)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x48, 0x25}, [@ldst={0x7, 0x1, 0x0, 0x0, 0x7a}], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0x5, 0xfdbb, &(0x7f000000cf3d)=""/195}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000d000000025ea70acb39296741"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206}, 0x48) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x1c, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000ed00000000f40002000000050000000000000000ffe800000000ad00000000000000006f126f6831ecc1af765784383dddc236d98ab303dc8acedf0512966246bdeebeb4b5c60d41618fdfc61a5ddda1f625f4968c9bec73ba8645f6a7b21ee6a73f445210b938f3555441d8df0469d68c2d1303a95d15e369cb5cfa5ab5a4583804eb40f7095aa9f919655c19dc02893d13056146df3bc5091f20599c2335bca41ab931320282c10d732cd7132d571072ce1f24c4e458aaf271d72e90508d1485470d99ef087f1815918b0e1ee1c38e6758b8cd2d8a0bb4241e9e202d7ec1"], &(0x7f00000004c0)="73797a6b584e3e2f9afed6d0ee3d5d5de2f791e4545b69c564e359a02949ab535c1b25caa665b968d2f1a32e3febe4189befa5f044722bae83e5b6959e392e8d24e41b4ce153c97b5a23e135e38d3b1d14ad7a9eeb7069347fee053569544f1a0000000000000000", 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000400)={0x0, 0x5}, &(0x7f0000000440)=0x8) fchdir(r1) ioctl$sock_SIOCGIFBR(r4, 0x8940, &(0x7f0000000c80)=@get={0x1, &(0x7f0000000cc0)=""/84, 0x80000000}) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000b00)={{{@in6, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@rand_addr}}, &(0x7f00000005c0)=0x37e) clock_gettime(0x2, &(0x7f0000000a40)) setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000600)={{{@in6=@dev={0xfe, 0x80}, @in=@multicast1=0xe0000001, 0x4e24, 0x0, 0x0, 0x3602f7b6, 0x0, 0x80, 0x0, 0x0, r6}, {0x0, 0x3, 0x9, 0x0, 0x0, 0x1, 0x7, 0x3}, {0x0, 0x0, 0x9, 0xffffffff}, 0x0, 0x6e6bbd, 0x0, 0x0, 0x2}, {{@in6=@loopback={0x0, 0x1}, 0x4d2}, 0x0, @in=@loopback=0x7f000001, 0x34ff}}, 0xe8) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r0, 0x800442d3, &(0x7f00000001c0)={0x7, 0x3, 0xfffffffffffffffa, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x17}, 'ipddp0\x00'}) pivot_root(&(0x7f0000000480)='./file0/file0\x00', &(0x7f0000000540)='./file0/file0/file0\x00') ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x0) rmdir(&(0x7f0000000940)='./file0/file0/file0\x00') mkdir(&(0x7f0000000040)='./file0\x00', 0x0) recvfrom$unix(r0, &(0x7f0000001080)=""/88, 0x58, 0x2000, 0x0, 0x0) syz_fuse_mount(&(0x7f0000000200)='./file0\x00', 0x4000, r2, 0x0, 0x0, 0x6b5fbfd4f0760981) open(&(0x7f0000000840)='./file0/file0/file0\x00', 0x400001, 0xa0) sendmsg$kcm(r0, &(0x7f0000000a80)={&(0x7f0000000c00)=@in={0x2, 0x4e20, @rand_addr=0x80}, 0x80, &(0x7f0000000900)=[{&(0x7f00000000c0)="1d254f4d", 0x4}, {&(0x7f0000000d40)="d19256f45324a1ca1f449ce203e344c261b67aaa1d535e9daccac50c72a4d7c9aca954a1a7f56f7137abcc5bad1f482b908fe567ce3e9360d9fa652250b1116b9b9ef28806fd9d6aed55ecb39a32186d711135cdcf97902a5003ee2f4cd6db2772e0f1067147f9a239ca0d736d0ac3d02fc5eaf282fd7db60b70b86db9de13ba372214b02f471fa4c0f5d32018216d39ef024444dfbdc3a22450003d3b2530abe6cba46136eca33e4dd7eaee4e5b9216154463e85971c24cef66ec26f12164bb093ff318cd28f3bcf7aeceaa5fe8", 0xce}], 0x2, &(0x7f0000000ec0)=[{0xa8, 0x109, 0x9, "af68541e54363bb23ef13b4ef0b1c468b6b617d069ae4a414c69b16c2c2d63bba67ced68766650c3a8bddf2423f5f72eddb922f1ecc1245761b39fab292b963d75b5a93a4f43144b38cb5853cb2eed95690e9851a00c9f605a4d9fd840e1b8fb98af4deffc2df1490a6c3b0b1bed58ba3307980e2413b94ea16f712be57295cf947515ac0eacb632cdea4f5d8fe79b3c267e4672"}], 0xa8, 0x8001}, 0x40000) pivot_root(&(0x7f0000000980)='./file0\x00', &(0x7f00000009c0)='./file0/file0\x00') chdir(&(0x7f0000000a00)='./file0\x00') setsockopt$ax25_int(r5, 0x101, 0xe, &(0x7f0000000080)=0x3ff, 0x4) 2018/04/01 00:14:03 executing program 1: sendmsg$alg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="60c44c08b3c6b9f626d9fbb7f003732f3e8e39c9f701aa7f7239aa37343e8ec331714b77c1966f0a89293b50b94a2fe15c9cf5b67927a12239e522c6d9612a2573e4a54fc64e2d069f1aa7a089bd7f4f2e4a68a681d3400731653ad46d93140bd5", 0x61}], 0x1, &(0x7f0000001480)}, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e23, @rand_addr=0x7}}, 0x10001000, 0x9, 0x3a00bb5b, 0x3f}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000100)={r1, 0x80000000, 0x0, 0x60, 0x8}, &(0x7f0000000280)=0x18) ioctl$sock_ifreq(r0, 0x89f0, &(0x7f00000001c0)={'ip6tnl0\x00', @ifru_data=&(0x7f0000000180)="d61a072afa6a2e6e9105a65cf0b08be4d57565e1a85eff283ee23d954743a2e3"}) 2018/04/01 00:14:03 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) r1 = syz_open_dev$mice(&(0x7f0000001340)='/dev/input/mice\x00', 0x0, 0x200000) r2 = fcntl$dupfd(r1, 0x506, 0xffffffffffffff9c) recvmsg$netrom(r2, &(0x7f0000001300)={&(0x7f0000000040)=@ax25={0x3, {"1c9f90da7df780"}, 0x8}, 0x10, &(0x7f0000001240)=[{&(0x7f0000000100)="fbe6d0de8d4a945db2ff3688ef48d37a259d7f16e416bf3c2962731b72663c56992ae55fd30b287507bfbd42b0385d81e1d6ca8ab5cea87a0bfdc864741748f076af104adc092deaac8936e8bf3796afbbcaf51b07a69ef98da1aef4388913621de58b6c9e1282364b913c1f7b87e5695c81069c49f93b650841ab55e83c971f25eb8e80f01edb13f01084257f4af6925ff29f6e4cbe83d71eb3363d55380c765e74754861eb5304b9ab2dbe6e2dd45425e4cff9c167156e0ecaa05f696589a8d931150fb4eb43ec06788f581c78e2b6490e0cbb483b6a5d0b2eddbb4455c047cf22d59b4f710614dc24e4eee2c5aa9b1e249e1f0edda7456738e47f599af74a86e7b3e0dc14e447d368b6c2455311a9ca2b6168c74bae8aa843bab50cc228dca01fa34225dbf956b48952a102c3a1914c9fa85821141adef00158ecb64d2e13d7ae57c85ba84046c0e17863eac3b2a37ecc8c0e03b9333992587d0dafb161b9eb41b8ec47063bbb9111887d9817cf07b6c5d3b1bdd9c5d3a3e42597d99d244bec610b3542b0e793224ed64c1ef8de8fe74b7a9aac960f8043d944d91c01789d6eb7ca11e138f1fbbe9e2fde07468a0781a798df1ccdc6c304f23541ec0fff8c7bcc91c1c8cbbf2fc3a23802eb9cc73e00703411551d8046c7b13f5af116003c3c2287bc398ebdc0752452016f3ebe6026745088724cfbef12a62ea996eac32f8f3bbc859e0e9fc3aa7d8298192a081a73425717a3cd793f654a10409b9bab922ef7053440bb879cf68014be32e9cb1573b1cf9fb6636bcb65b42e1332ab4e9dad11937820b0cc95e5d15ca68d76a4429cf34de8a2d8a0c14d6a24c640591cae8a4faa19599717e538c9e06c55832b87566a579d030643641d052cfae3d46d69319b25a6bde64fcc936126d6d0371f0522b6ecc004ea2af391eab24b6466e9553ff89657a4da80bc0979c10410b3b1336764d2d2b780317f9d6d9268681aa9a7ec0d1337f19f0412554012b0c9d2795b0d8169dbbb0331c7706ef7203f82bbed298ff1252f313071564cd6bfa5e8a8602fdb91d47abc66dc74ab62a73a7cb51cd59bbdb174c650b49b40649dd76a3ee9145e357eecb47dad8d4bdcebfea3d2e24c88510c02e6ba80b8f5a32db97d52f5a13ab24d70ab1893cad33c5914f3309b38484d1f11bd7847f04aa210d9dd476dc24b30a156c7f534cec951b54185c12b2a4fd42afc87207329042d6a1a5203e6d9ebb872640722bf28f37eed2e7e5fcca7faad7c79fc5cf7ee70a72fbd8566ba08daf347bbd8c43fcdec4edd23fe4af6b3797f47694431ebd5094e9c0f16096721cb079911d7131214868770b6726c9d75205019d8f33bc39025eb2a7f37225f6dbfbed110b672a8f67bd8ec4eed1e65bd18b7ab8ca297541647bb15191d12a338a42a9dbb3eb1744a9b25f3c11d851717faec720d6cb7257aa48a69eec58436c46e7ad97f3b8a55a7d18251acd6f6bab6a61ffd4aabe3404fc64dc787c6e1d3538199a729822c8231f84f9444b9ba8e1828f7ebdc2e6c8eb81dd5ac97d354560f88d1bf6b0cad8bed1ef438fa9d0dd6a97fd0cfb0f68ba0b150616adf4aa0346d816778f876c786be3945c806c6e431dedf1ff92deca318403db1b1d6fa93d37e769a64e0e4c7c2ab1d84d9da0c2213cb9c5313f7876ea9102993db53c840e7ea0161222009057e56fad08ef62cc493b7cce4603128bc4cdcf5f3dcf3e2f9c208ccbe531f1c5759c8bd1fcfffeda154fb92667cb75f82060a1c52a8236df2401ca9d9bb96b796283fc9921f7c0273519bcffbce783bfbbaed0b9f36a77251ed7be9cca3f33eec55920d0cf284986d7143d8a56c78844de096b9814b242632043b1f82db017c7354af47e78c4a43b30a6344a6c9d85af383ce08b7f47cec19e969a9fd72a8430be0391ac510294cf02af2cc3a4686bcc149cc52bccba239862134dffdbd842da319eb8d3b600db22cecbdbf8e695eb2f67f7b6167fe4558bb856c902c90a445806eeb7c96c6a50795cc1bcb95ab22592cb80c4d2d5db62179e55efc3daadbedbb3c7361dfd46115f36a37bf2c5eaa407d2f828364eae0fa139e7e703e486853e7e53f5be3215b53afa0bdb54937507b1346c96fecdd5465a7aa2feed921547c9f50f258f976a66e64a6b99bf04200c7a36b328d65a236856a951ca3680da68b4e1041747c56a81310c60ecc03a5972e027c7a7d378b2aa7f8da3102a9b522ea2d435b6ea5cf38428bef1df3ca0f7d98d18a9b6a5d00aa5ce6ecae8de2610889ce3e1ef4fc7812020331e4551c0ade60688684c483b4d5ad83b4986da5ba811111681a4ea369a199f33cc854dc4869676ef3df3955c326ef86806d5667b8ec8b342777caf6abb700e6d4ae637c09be10d3388cc1292e99fa5ea554ed8b01b8cfe41ad7008628fac3f823642ecceda0668d6c8dd5ccbf1e014961ec9e3724d571c63b68c74c6ab0c52bf17d9e696b350b6b2823f10db91bee262e17571a2a1b183dbf634e49c7e9777973468302d1a9c325b07a86344d3ee7564fa81bbe114c0546f965021c5ccefa19226101049a3663d82a0534517038a2d51893cc1f22c1ef87ca3a994c3779cbfbf36d977f6115a5f13860ae17c93d2b82a798f7af61c614c110532d8ad9031ead82bbaa5c5a9d0344bc49be2ba3eb63ef7f1bb0f90f49cbb5fa9390b6084c431ec78c3dd91e3fcef1a7229c9ac78fd39e2f5b4b2fdec4ddbb1d3bc6c69f07d9f9e9c514203f12e00e03302ebf7297d1ea4f7eacd5254cc9f10d5252d1527b892450718f3312bd7a18b16c93cb296281e52c0261eb501b448079fac935da724bed06217a0896d7cbf0429dcfc692c36c4a9882aa2e0eb1b57a57a5bab7b2c1b1bb42f9ad023c8347d04a0c91ab00e9635cd770842ddebe640099125a5a956232518d0ed47a6852c934c97dcaedfc56e19997929f496cee1d491786e855acc4e84393cddd03709ed435513a2677a09d21762be247b9d4ddb4f6e4905a24be37a2d13c428839af296980f39eb9d0c15f6db3c92624b802e6ec138531c614d4b6fb2afd4b1e55903e4c472f77cb1ce1af451e50c936f3fb096c124d16c76cd30a1ac2bc23265aad779567568898c770fbeec6a876a77628c9e11e2cf82ca7d2759b03cea59bb7b485b45076d1d606a700ff3ebcbd1749b523cfe333ff10fc6cc356bdae81dfaa55b789375fb24f8d5bc9f8cb5b5d8832f4210cf3680d937a7d92a940f9fcffb4ed1f85ed0719cee951ac1f560f3085aebb0b6861a74a93baa6c4e186c0063c72ce454bd18e6ede1a7996ac933d2c45f94fda18059d91c9359dc182d21636fb0b7f785a466c0993a2719beb165beae8071f88dc93999f84ed60181694bcafe51862970365716ac4a762a58df17a58019a85b56f63e5f6ba159ebb788f14ca2abfee66be1719ba83374d768c13bdca6b41167fc51782c9c40296adab388be7489708a1faa472fb2d91a9fe8cc15ab3d28820c238a6ba841371ca8fa9708253d202132b0e9d68eb23cf9335651b1e7e9eaa017f3aafe30788de53ea1ec6cbf996368984157605cf9ad88c40618619f9b1bd6e3273a6722678ef9435c3e190707ec845d530102396cd06124f7cf9bfa5d22400b710924059ea2064dbd170c89f63986b352419ce3b15bc1d28a90e8822f28c8d12c5c4cc57a4b98cc484b3b4b834dbd01bcb5ba26d575bf80a0c1b55c1640abc34f2b1eb27c1456423562d1008ed248b665926a02b4b84d6c374ee0440dcc3d6c7979c77cbc45a0a95f61bff4ed36aec4fea38e0b0e3b66c7f551021b41496ad0cafd59d010f2ffb35ba1fe19bcddcdfebb51752a84065a0b723d71ad2a01d75bd97de35cc1fecc84cd0c904e3ed81b18a422c447454d4d037427396a60bd5e8ff3f94cf2efff7868f5f62673cd42fe84dc76a27ae246a8e98086e8f01ec923ff596628dcd3c6de2a6031ea940535e350499ca2f0bede9eb82fc6c5838e6a69226f35d08503e9f7bae534a9e5a5c86a9b507866416609220631a8d2de0e919bb3a185818de37827f73e6578f68cc4743164a25761ce500828490e0113deb29fddc0e336835e8d5eea24b0517547551294122f9cbb91012f28379665e95b7a830f3c8007034e6f248b84a35f440b3ab082198250b55e53ef1b729344745472244055487caaae58178ef526c461dbf940e07521cdf30a481cbe64c1509caa2ec64bc7f4eb6d696a17db64cdf86ffea03b478220848fa748291563d4a21057e723621ed2722fe8af39049c7573ec065f93ba616584e52664d6e13a31d2dd27eebaeae644934ebb1ba1739d09456d899f533399a095ebb5ee56c6f685ed17bc874216eaa544f427cb87894f37ec02b3afad2a0c45c482c20d2d5e0c971c93d055d06e465ea8dedf5b37d3f29e587c416729dd1b11d28b3b6c3c2e1f9ff5141263b79b7bdbd4cef0b7936466620508f0530fe2eec32ca353bfb256a9b0aabe978760939d46253b5da75eec3f44205c22d22de550c973b86f0031af2c6d358e6cd40bdcee6657daf0f7102766added7b21183d1060f6f52106de8b840aa72dab277bc801b93d43a07508a421145c1df7ee2e53bee2207a025b6d65f1a5512062c2c1ca4c1599d40d547f1788713d99f5706ac12159ced806b5f673e559e90b52571306ea7cb3595e826182283285b8faae5dd764c5b6f2755052713a10eb67f7f50eb3ca18d0d67ea727323d386d41befd79fe639aeec8a3174df0bb078a25cb0023f91134948b4723a661354330ae9d6ceeabcd4f8c99b257834c86aeb9e67356556833343feb6420996ac5ffa33fa4a05b3f1281edc83ad8f6fc32b2be5937359757f18bf58209d5b7a978b53a64086f222b10c03879b348fbd808512122efdbe95df6ad257573086f77004a563b242d115708f45d8162af91f692567b1bd8a41ff54c43c92cddf6f480d68a21fca3fd50bdeafa84f753b3688c1e8872f2d49f1f211cbf535460f4a425af279991d30ecbe2637120efb94c463640bdb882e117b46f16a82478bd872ee6c551a007cbe7651a58065be4fedf4d48cf3e3c4f5be7131a56b37c8d8817ce09bd1a97ea51faaa87d6d361ca4b00397d6f885a73c031349aec8bbded5297a796b712454b8bc53cc9106982e6f19492ba045270032c881b9c0f1784784b6c6fbd1d1a059280698a8f023d92fa494a8d08d323d11e0718c1c9ea67d12f45f2518aefb073e9943107371c4dd321a2dbaa9773e97e776966760690fb4e266e66c53a02edd8e6386178bb0f14d6d82c37ca5171009b986160a7c815c5404c8ddce5d85cb3a70a2008a34de27e0eff68d81b5f1ce1350b7419068a914d4d3ad1c8a12c80608e3420f77d742db3fbd944640e96ec827f805f14cb9ac9c8efcffe2b4ebca01eaa34a4f955c5cf0c9d457f9c13b2f06d7e4b2f47af66d3964afc5a06846f5c2b5b343e893bd2fd772d7ee8f57cc0ae0e3bfaad13c5f69c6fa76e1fca18c1eeac214fe32af355f4ba63c3a3490a8cf0a11e98a29ecc2746c4c3e0695217bbed8a0b6bb28a5f7f62c609fac99ddea9ce0881fc878f1c54a7d21310a1707cca404065901b81162464d82f744792e20c927ad63eeab72a196cb0d91b45493ddfdba4981ce3571144561d95007df2b34be9bcd44c3c8ec9acef4e003af8c5a2905114403f38bda0b94a028d7a2583d8178b1a0cde40b85f94d8d70118d41f82931556463e7b9744164bcac60082cca1a97da2827d100a55742252296ee1b4db0fe143bda4", 0x1000}, {&(0x7f0000001100)="6bd38e2649527e9021e1121c3982d8c3eea20999397b3b731cea3d126a214880049a61588d9dafc293a3f8cf1e30d35dab579150cb8e738c1a2be747a00e0879f52868bd5f61ba6500597ea72f0267989909fe1833214bd12fd0de90a8e97f08b8242ea2a8c1c0b69ae6f92ad96652c6", 0x70}, {&(0x7f0000001180)="32df53911197a69cc465f3d3f73117f228089d5f11daeeec529bb325c2501b03af22c6820cee299a1fd7c5610427803b82ef96cab0d70442324ba7c4a5fff4215bda95e06decb0d065ee4e55b5c61dcce98149498485cd75b423324858f9878a201b32d26d770ec8c8fe04a00f48f07ce2acf9a4f37fb7f67d93cdb0a4f19dd51299f034674707a3975688bbdf88c56589f82b55a6ac064c0f7cdb1f0555388199ce73d62e63687d94ba265a8b7c10d0211798a15457", 0xb6}, {&(0x7f0000000080)="cb731dde3b4e0a96e7af925e6651ef130386043e2851d2d80a8c2a10f2812307ad67c70023d313bff0578c5e8c0922a17729dbd3fcbd5d69", 0x38}], 0x4, &(0x7f0000001280)=[{0x80, 0x18c, 0x81, "8cba789e02c84526f712545e17f08d98a12d605d3b878d5754abff5fa0e6bc28b362d077bd29299cdc9874eb974fb5a510be13e569cb167b193c3d6f68ffd04ec7ff46cf001cc893f1cc3db65a4e047e57e764d55e7e4b967fd9e7ebd6e4d21bc49efd92ebba014f0eb519b34ec96f"}], 0x80, 0x40000}, 0x40000020) r3 = syz_open_procfs(r0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r3, 0x4, 0x800) 2018/04/01 00:14:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0) r1 = dup(r0) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4) 2018/04/01 00:14:03 executing program 5: syz_emit_ethernet(0x6e, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [{[{0x9100, 0xffffffffffffffe0, 0xc5, 0x8}], {0x8100, 0x100000080, 0x8690, 0x1}}], {@ipv6={0x86dd, {0x0, 0x6, "02290f", 0x30, 0x29, 0x0, @ipv4={[], [0xff, 0xff], @rand_addr}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0x0, 0x0, @loopback={0x4, 0x1}, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}}}}}}}}, 0x0) 2018/04/01 00:14:03 executing program 6: r0 = socket(0x10, 0x803, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x4000, 0x0) getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000040), 0x2) sendto(r0, &(0x7f0000000100)="120000000ae9000000fb00000000000000004a12efae52d2ad82e629a5cb1acde7ef1f3b433c4055a158a9d471f5a3176fbdb094e90bdd28dcc45ca04bbf03458457c353005dd553ae183e8adb1c5e2fb196c99eaaadcca4742e0ddc212fe235c293e107ae06f08e73a272e6c14623fe4441c05be23f235f796418109a3125233a27b496da859e92ce77921ed8873563f449e713e57d000000000000000000000000000000000000", 0xffffffffffffff29, 0x1, 0x0, 0xffffffffffffff58) socket$pppoe(0x18, 0x1, 0x0) recvmsg(r0, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/83, 0x53}], 0x2, &(0x7f00000013c0)=""/208, 0xd0}, 0x0) 2018/04/01 00:14:03 executing program 4: clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) r2 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x3, 0x1) getsockopt$EBT_SO_GET_INFO(r2, 0x0, 0x80, &(0x7f0000000240)={'filter\x00'}, &(0x7f00000002c0)=0x78) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2000, 0x0) ioctl$VHOST_SET_LOG_BASE(r3, 0x4008af04, &(0x7f00000001c0)=&(0x7f0000000040)) utimes(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={{0x0, 0x2710}, {r0, r1/1000+30000}}) syz_emit_ethernet(0x5b, &(0x7f0000000140)=ANY=[@ANYBLOB="0180c200000effffffffffff9100120081001c0000000000000f0030290000000000000000000000ffff00000000ff02000000000000000000190000000001ca1fd07dbc603f0200907800000000609433df0000000000000000000000040004000000000001fe8000000000000011"], 0x0) 2018/04/01 00:14:03 executing program 6: r0 = syz_open_dev$sndseq(&(0x7f0000f8eff3)='/dev/snd/seq\x00', 0x0, 0x20501) writev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="d3", 0x1}], 0x1) 2018/04/01 00:14:03 executing program 4: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2180c2, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f0000000080)={0x0, 0x1f}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) mremap(&(0x7f0000aa3000/0x1000)=nil, 0x1000, 0x4000, 0x2, &(0x7f0000aa2000/0x4000)=nil) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000a98000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f00000000c0)="66baf80cb8d3bed98aef66bafc0cb001ee66baf80cb8f338078eef66bafc0cb009eec4c2ed929cb0100001009aaa00000084006665d9f13e660f3226f36d0f01dfb8000001000f23d80f21f835c00000c00f23f8c4c16dea31", 0x59}], 0x1, 0x0, &(0x7f0000000180), 0x0) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000c9bec8)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0xfffffffffffffffc, 0x0, 0x0, 0x400060}) getpeername(r0, &(0x7f00000001c0)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, &(0x7f0000000240)=0x80) readlinkat(r0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0) 2018/04/01 00:14:03 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0x46000) 2018/04/01 00:14:03 executing program 7: r0 = socket$packet(0x11, 0x2, 0x300) r1 = socket$packet(0x11, 0x3, 0x300) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000041c0)={{{@in=@broadcast, @in6=@mcast1}}, {{@in6=@mcast2}, 0x0, @in6=@local}}, &(0x7f00000042c0)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000004300)={{{@in6=@loopback, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@rand_addr}}, &(0x7f0000004400)=0xe8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={"626f6e643000f7ffffff00", r2}) sendto$packet(r0, &(0x7f0000000a00), 0x0, 0x0, &(0x7f0000000880)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x200000, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e24, @broadcast=0xffffffff}}, 0xffff, 0x7}, &(0x7f0000000140)=0x90) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r4, 0x84, 0x73, &(0x7f0000000180)={r5, 0xc65, 0x0, 0x3}, &(0x7f00000001c0)=0x18) 2018/04/01 00:14:03 executing program 5: mkdir(&(0x7f00001a3000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000680)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f00000006c0)="22e53bfb2b4c3e39") mount(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='qnx6\x00', 0x24000, &(0x7f0000000100)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x2000, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000002c0)={0x0, 0xa96}, &(0x7f0000000300)=0x8) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendto$inet(r2, &(0x7f0000000000), 0x0, 0x20000802, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000400)={r1, @in6={{0xa, 0x4e24, 0x20, @local={0xfe, 0x80, [], 0xaa}, 0x3}}, 0x1, 0x81, 0x7, 0x10000, 0x1}, 0x98) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='nfsd\x00', 0x0, &(0x7f0000000180)) mount(&(0x7f0000c6bff8)='.', &(0x7f000092f000)='./file0\x00', &(0x7f00000003c0)='fusectl\x00', 0x0, &(0x7f000002f000)) getsockopt$sock_int(r0, 0x1, 0x1, &(0x7f0000000600), &(0x7f0000000640)=0x4) r3 = perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x6dcf, 0xffff, 0xdde1, 0x9, 0x0, 0x7117, 0x40000, 0xa, 0x6, 0xff, 0x200, 0xc62, 0x0, 0x0, 0x9, 0x2d, 0x200, 0x1, 0x401, 0xbf2, 0xffffffffffffff01, 0x0, 0xcd, 0x80, 0x7e, 0x5, 0x6, 0x12e, 0x20000000, 0x8, 0x1, 0xec, 0x3, 0x8, 0x7, 0x20, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}, 0x800, 0x8001, 0x1f, 0x6, 0x101, 0x9, 0x7}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x8) r4 = syz_open_dev$vcsn(&(0x7f0000000380)='/dev/vcs#\x00', 0x9b, 0x0) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer2\x00', 0x4000000000200, 0x0) ioctl$KVM_GET_SREGS(r4, 0x8138ae83, &(0x7f00000004c0)) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r5) mmap(&(0x7f0000000000/0xdf5000)=nil, 0xdf5000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$SIOCGIFHWADDR(r5, 0x8927, &(0x7f0000000180)) mount(&(0x7f000000a000)='.', &(0x7f0000852000)='.', &(0x7f0000a60000)='ramfs\x00', 0xff8c, &(0x7f00008a7000)) 2018/04/01 00:14:03 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f00006f3ffd)='ns\x00') getdents64(r0, &(0x7f0000a1bfda)=""/38, 0x1006f) getdents64(r0, &(0x7f0000000040)=""/79, 0x1cd) 2018/04/01 00:14:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x4, 0x0) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in={{0x2, 0x0, @dev={0xac, 0x14}}}, 0x9}}, &(0x7f00000000c0)=0xb8) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc008ae09, &(0x7f0000000100)=ANY=[@ANYBLOB="009c116a2869275157a0892312b9768b6923c33179aa894fac5a7b2d749efa67f1148be5fab2f2caa4f215c0b803eae453d21d5b1198e523bffa9911b02df924713e217eea251fe296cb1efde1c30cdf60d545ca0ed21803ffeb5a41f8dea9ee513ab44366a08f2cb651b55c0c31cb9d275648cf57edf5c0350e4f6e88ca4ae0f91a986e55de121b7741e307531635b736e2397e848faa5b"]) 2018/04/01 00:14:03 executing program 6: r0 = socket(0x11, 0x4000000000080003, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e23, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x5}}, 0x4, 0x7fffffff, 0xfffffffffffffffc, "920754f9c9c3da49e6812c59990a6a9bcfb35c37e492a38907707641ca0ed766ee520071323e17cf16ce91e8332dcff756c3c78df2029820c8fe50bdc4b3d9eec933416855f44da67f3b428091fd9273"}, 0xd8) setsockopt(r0, 0x107, 0xd, &(0x7f0000001000), 0x47e) sendmmsg(r0, &(0x7f0000003e80)=[{{&(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c, &(0x7f0000000300), 0x0, &(0x7f0000000340)}}, {{&(0x7f0000000040)=@nfc={0x27, 0x9}, 0x1e, &(0x7f0000000e40), 0x0, &(0x7f00000012c0), 0x302}}], 0x2, 0x0) [ 202.863603] protocol 0000 is buggy, dev ip6tnl0 2018/04/01 00:14:03 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-des3_ede-asm\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000200)=0xdd, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000180)="ad56b6d5820faeb99529890e1f1cf9cbedd30a07524c90c2", 0x18) sendmsg$can_raw(r1, &(0x7f0000000400)={&(0x7f0000000000)={0x1d}, 0x10, &(0x7f0000000340)={&(0x7f00000000c0)=@can={{}, 0x0, 0x0, 0x0, 0x0, "73013637aaa0d0f5"}, 0x10}, 0x1}, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x5, 0x10}, &(0x7f0000000280)=0xc) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f00000002c0)={r2, 0x7fffffff, 0x8, [0xda5, 0x81, 0x1ff, 0x2f0c31db, 0x10000, 0x228000, 0x6, 0x2a]}, &(0x7f0000000300)=0x18) recvmmsg(r1, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000540)=""/234, 0xea}], 0x1, &(0x7f0000000680)=""/122, 0x7a}}], 0x1, 0x0, &(0x7f0000000740)={0x77359400}) accept4$packet(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000140)=0x14, 0x80000) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000001c0)={'rose0\x00', r3}) 2018/04/01 00:14:03 executing program 5: syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='//file0/../..\x00', 0x0, 0x0, &(0x7f0000000080), 0x820, &(0x7f0000000080)={[{@usrquota='usrquota', 0x2c}]}) r0 = creat(&(0x7f0000000000)='//file0/../..\x00', 0x120) execveat(r0, &(0x7f0000000040)='//file0/../..\x00', &(0x7f0000000340)=[&(0x7f00000000c0)='nodevself$]cpusetvboxnet0selinux{GPL/\x00', &(0x7f0000000100)='usrquota', &(0x7f0000000140)='usrquota', &(0x7f0000000180)='wlan1.selfwlan1nodev\'\x00', &(0x7f0000000240)='$,:{mime_type%wlan1selinuxsecurity\x00', &(0x7f0000000280)='ext4\x00', &(0x7f00000002c0)='nodev^cgroup#wlan1\x00', &(0x7f0000000300)='wlan1\x00'], &(0x7f00000004c0)=[&(0x7f0000000380)='ext4\x00', &(0x7f00000003c0)='keyring}:GPLcgroup{trustedsystemem1[(/md5sum}^\x00', &(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='usrquota', &(0x7f0000000480)='ext4\x00'], 0x1c00) 2018/04/01 00:14:03 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) r1 = request_key(&(0x7f0000000000)='logon\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000080)='/exe\x00', 0xfffffffffffffff9) ioctl$KVM_SMI(r0, 0xaeb7) socket$bt_rfcomm(0x1f, 0x3, 0x3) keyctl$clear(0x7, r1) 2018/04/01 00:14:03 executing program 7: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000917ff8)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f00002b2ffc)) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.current\x00', 0x0, 0x0) ioctl$TUNSETVNETBE(r2, 0x400454de, &(0x7f0000000040)=0x3) 2018/04/01 00:14:03 executing program 4: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x18, 0x1, 0x2, 0x8000000000001, 0x0, 0x0, {}, [@nested={0x4, 0xffffffff00000001}]}, 0x18}, 0x1}, 0x0) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuseblk_mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x6001, r1, r2, 0x3, 0x1, 0x0) 2018/04/01 00:14:03 executing program 6: syz_emit_ethernet(0x1e, &(0x7f0000000080)=ANY=[@ANYBLOB="aac2004002020000ace56452f8fe7da506"], 0x0) 2018/04/01 00:14:03 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = dup2(r0, r0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/04/01 00:14:03 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x20000, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) mmap(&(0x7f0000000000/0xae0000)=nil, 0xae0000, 0x0, 0x4000000004d032, 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x8000, 0x0) ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)) setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$DRM_IOCTL_IRQ_BUSID(r2, 0xc0106403, &(0x7f0000000100)={0x260440, 0x2, 0x0, 0xfffffffffffffff7}) r3 = getpgid(0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) modify_ldt$write2(0x11, &(0x7f0000000200), 0x10) sched_setattr(r3, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x3e, r1, 0x200000000000) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$rdma_cm(r2, &(0x7f0000000140)=ANY=[@ANYRES32], 0xfffffffffffffccf) r5 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r5, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f0000f86000)='./control/file0\x00') rmdir(&(0x7f00000000c0)='./control\x00') setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000180)=0x7f, 0x4) stat(&(0x7f0000000400)='./control/file1\x00', &(0x7f0000000440)) chown(&(0x7f00000003c0)='./control\x00', 0x0, 0x0) ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000300)=""/22) fcntl$setown(0xffffffffffffffff, 0x8, r3) close(r4) clone(0x0, &(0x7f0000001f37), &(0x7f0000000080), &(0x7f0000001000), &(0x7f0000e76000)) ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f0000000240)=0x800) 2018/04/01 00:14:03 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8000, 0x251952a46d2e0470) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e24, 0x400, @mcast2={0xff, 0x2, [], 0x1}, 0x7}}, 0xfffffffffffffffa, 0x0, 0x43, 0x7, 0x1}, &(0x7f0000000280)=0x98) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000002c0)={r1, 0x7}, &(0x7f0000000300)=0x8) r2 = syz_open_dev$sndtimer(&(0x7f0000dffff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f0000001000)={{0x100000003}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f000033f000)) ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1, 0x3, &(0x7f0000c91000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x57}, [], {0x95}}, &(0x7f0000e6bffc)='GPL\x00', 0x1, 0x333, &(0x7f000000d000)=""/153}, 0x3e) r4 = syz_open_dev$tun(&(0x7f0000000340)='/dev/net/tun\x00', 0x0, 0x0) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x280, 0x0) r6 = mmap$binder(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000000, 0x810, 0xffffffffffffff9c, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r5, 0xc018620b, &(0x7f00000000c0)={r6}) r7 = socket$unix(0x1, 0x1, 0x0) r8 = getpgid(0x0) ioctl$sock_FIOSETOWN(r7, 0x8901, &(0x7f0000000140)=r8) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000180)={'bpq0\x00\x00\x00\x00\x00\x00\x00 \x00', 0x2}) ioctl$TUNSETFILTEREBPF(r4, 0x800454e1, &(0x7f0000000000)=r3) ioctl$TUNSETFILTEREBPF(r4, 0x800454e1, &(0x7f0000000040)) socket$key(0xf, 0x3, 0x2) 2018/04/01 00:14:03 executing program 6: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000480)='./file0/file1\x00', 0x40000, 0x4) fcntl$getownex(r0, 0x10, &(0x7f0000000140)={0x0, 0x0}) r2 = syz_open_procfs(r1, &(0x7f0000000180)='oom_score\x00') tee(r0, 0xffffffffffffffff, 0x0, 0x4) write(r0, &(0x7f00000004c0)="bb9fdf3f0e25b3c742512e3a2fe2ad4aca23c695eaca4e3208bf403ca43c5298c96a6af1d1cb638c4426618aa49a4801cfecc340ed9be258ef87ca7de904db97b0aeabe4282f3761690cc11950055bba3da032017406bc8e4f2318d4075b13ab647a0d1020645ebf0a2c479b4ef3bee55f8650ae0374389dc82b85232cbd6963536235fd62b94faa9d6b53f21bd6e6dd1db75d126bee4151a59153d6766f14d3c3a49e4ebb2b9fc2", 0xa8) r3 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) fallocate(r3, 0x0, 0x0, 0x8000) write(r3, &(0x7f0000000080)="2df1429e179384745ff5d179340d581491a8e6689cb77b9bdb917c11cdbf9dd2f84e0a882fb5aa874f6bae4a671179254a92b5215642c71e19bb4852b0d0f23cdab53ae1bbccd8bb5a2b8d0499520c0e2f5a", 0x52) write(r3, &(0x7f0000001200)="f858f0c637db5ccc708bd6cef167f826ab4a8a58266ae5093312240abe99b574541887d5e688c24bf3d745ace3a07e863db43e88d5d89df7727f717850b22b4e4ab511c59974b81f3f00e2506f772ea0b965d3540d01c1d7c141f88144c41ea48d6d7bc717399759cc4fcd8461ea8a9a4a7ea5cdcd2a53ec9aa6760ecd4ad5a7ee8e3ec3a1427a25a56b2b04a5669722425331f201c74651f7380ce30c746f1a7005dc0074ed1bc83e9499ab87e6199cf24ede2090990d5e891f9f28616f8f384eedc17ae375e71cbe3ee17263d4fbabd94e3f08b1717ca287cd499d6a8008977b2bccc81cdb4041086497263ea1e0720aecc08be5b45cc99c8b87d5b9457591d03518f5363e7c324c2efe446a943d8e7133330ebdd42cb985c3d6548b525fc3aa7af60b4b6465544213394d4614e3675173613f3286f0a2f217ba824b65e5f954a0de2f6ebd314c6b89a0ba9fd18072b36c30306df3cb820aafd2adc1c9fb5ff8ceffa5e016596093c493e31dc7b9b93ea7091aa1a348de58ec196ce48ce4503e7746f6c43fa685467b40c40c0fa9675ae51640c9e89feea77192accf399e828e1e56ef1fc967f72d6908f56d625700a4ca13d7f9f83858ed4096702deea9", 0x1bf) open$dir(&(0x7f00000003c0)='./file0\x00', 0x0, 0x80) fcntl$setlease(r3, 0x400, 0x2) lseek(0xffffffffffffffff, 0x0, 0x2) accept$nfc_llcp(r2, &(0x7f0000000400), &(0x7f0000000240)=0x60) r4 = msgget(0x3, 0x100) msgctl$MSG_STAT(r4, 0xb, &(0x7f00000002c0)=""/211) open(&(0x7f0000000280)='./file0/file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000200)='./file0/file0\x00') tee(0xffffffffffffffff, r3, 0x0, 0x8) write(0xffffffffffffffff, &(0x7f0000000b00), 0x0) pwritev(r3, &(0x7f00000001c0)=[{&(0x7f00000013c0)="c919bce0e4c3886a73c23b92ca253261be15667d33911007c4e0248fb9c748734d9e72a12a61d1bfc4bc6b646725ffe9ae3318e65600496f03f129b8e91cc9b167867d065f524193a0b3b2734baf791c45556155d7a68d7170f44144e86677e201d381c88c7d8c6a5f6d73af149d8293ab47b7a4c0b59be36065aadad7c4f09770fd7a67b462b0f79ef111710b9351a8848f4b6dfcf8165b0ce79bbacba76663bb11b5fc583e6b749bf85f4be7da066e290fa4fd0227ad01f36d94b2180d7a7b432e28380ddfc8f60d29aee08101cd35963e364caef2df687dd02c2d459d70852755d07b45e46f4791be241c5bd232aa8bed5e94acb9ac740c8d302ef13af378c86a63cf2974add8138f55250b747dcfda39c8c7a3929306bf2dfba44ef43ee94a73a2e01b58682d8b1607841a65df05ae6e31d60bb7d4b36e932e752981f553556313d47eae061d53a15d83c03a620d7d59209ab28d6a3dcdac8515340a8239d47bb455a612b62617c3d87572ffcf67ed47dddc87702f547c210469dcf387047a29caa5e054c0a8de61945f0a3b72ccf750c9bb07e7e50df790a94f888db4eb4344ac3139a96723c09b98f3f11b6fb78c1da51ce500a5511accaeeff276c36583232dc817ff1063febca2b372ffc8649558d56696cfe726e1bfe65e3af5ffc4868ee8a48b67014b011ebced2dc2db6f26127d96002321f677df61478959138b9849082bac09d1b2ed558ef8a4818926c450691041d6e15354f525cfc5205354ac93ee7bda8962db1cdf90c7036d863403d1cad67485f4be9e3999020cb4749429e2b09c41d4272bf137cf870cab5073aa6241f15f2c014c21e39766009f152b27393a055d3bf7dd00093f503b676b404f3bf8e7e7b71a7a063b53923cbb721c055fe9073e592ff310e8866c8edcdd3538921020a62ac3c39a081a7d7cd4edda537556290d487b85c1aa03f4fe02a9f941a59a83d7c61ad81701e0805968fd708a0ee6319a726b05be8e7bc28c750a6fac3ac7ed7eb3e271c8a9977a776297396110bf89c946c78517f230f1f18b9e8454d1fce59da2c30e339dd9879594259780db0fd5d46b97bdefd62a48228fc83c9a3c460a52590ac41f8107a6061ffccd55ec8877ef0acdee7c02d6a7d09256e992e3df9c6db9f1e0ac480cd66473f2ad8ad44d0fbbe3cc867dc356f4d53e5eff8288765d55ed4933b92266c0c1ff2418de0d326b650c0414db7708a2da7d6fef64ef00dd97f042b70bfbad8d447a51b5b4f11b134050e5a5900ec06ef81cc0218b3736f5bf120d9e873f5eb0ed843032984b678ecead481765f78cdab8dee16a34740f09b77886483246bf38ff813b7e74f5fb40968eed319cf077537f28d0eab867eb6ea1cac6e727c2f758b61479849876e0a8423e5bc1d35d08a2b6ea2f8e892bcbc770ae54bf15c141b87ea676e1c90002358e04c584a9cb90caa2044bb2b425f8f5d57abcb2899dc51dbee5f54b60c7055e0a63bd0980c23479a6ce8392252a531e46d631aead6261109cd057dc787b886b046f05f3fe69363a9940e218c0076a4e32dcda4365de0adf4ee9caf6488ab3226726a03689471b0a424a25e869471d7341476058090147cec32dd21c83526adb67facc5e979cc2b1facbae55877ec89099350e84df2a11cc226cb0ea033bd377c9e73effd657c66a5b3ef7da94da3cc7bbcff96afafc5d8c7acd0908a46e796c45af5586517196fb9f6ac18aba6ddde3f8b008f46df082b40ef245d54aa26f29c7d1bed7d0ad2f86349449b217a89787d30502f6caeddb8476a3c58204e055d90feb34156918b540ba289fb7876384dafca8dcdd868a4bea33a075d6c19b56936740807b4104605292c954a18628b58411ecd585b2183dacdc3d07e5a3e5b31c650e5b49a1dd54529b3a54abad7461250dc77d3890d7f1cbcebed762f4d0dc3fbaca99ca1a90262c6e162564338f95067c71eac0b790ee21293f177ad5f1be0d7e0f35dd5bdfa817601a17650062efd89458da79a7a4732624ed783829d58d837465bb8b47351ee70b816b327379992965131bf8213c1787697f57d5e8c645a2d4bfe4d5e1039f370aeabd6ef8a54c115d87666181ffffdb75f120767cd6801e33dd5698022d5e7ad0cf13d00d81972e3cd57045162e5e1c0a65c6e2fe7f3765341b1d68ed56c89363570ef9f613ea0c529634675c2950b4c1f6a714ad82a41a68eada79cdfdddcb12038b2e3dad09f85d2e28a73e395c17660c4ded1866d1f7c36daea8e3bbbaf3970bcc91106fac24cbb9cd700ae296d3f9111c1dabb0aaef29d24c270321a293d019718c88edc5b2b9767c2368e0ade5116362862c39ed9f6a397a6b83ec0a94f0add23da5280f05e3afbde240bcf045e7b7f68fe188cdf3479a4cd9e2ddde0c66070639409323c0604fa9216a52156cd0d578b4bd269c00500649a43f3c475ad28f68c01c063a87e93418eed628d16365dc0740c16380b30b2ae5fdfd43b0faa62446a8f444661a53426136c214fa81e781b9160be1f961157bd4469cdd98b95b01405bbd3b46f3352e8517654be243606c60b3686f802fbba81c86d8f224", 0x72b}], 0x1, 0x0) 2018/04/01 00:14:03 executing program 2: socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000040)={{0xa, 0x4e24, 0x8, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x8000}, {0xa, 0x4e22, 0x7, @mcast2={0xff, 0x2, [], 0x1}, 0x3}, 0x8, [0x8c, 0x1ff, 0x9, 0x9, 0x3ff, 0xfffffffffffffff8, 0x2, 0x9]}, 0x5c) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x44080, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000140)={0x0}) ioctl$DRM_IOCTL_SET_SAREA_CTX(r1, 0x4010641c, &(0x7f0000000240)={r2, &(0x7f0000000180)=""/164}) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r3, 0x4, 0xfffffffffffffffc) [ 203.245605] EXT4-fs (sda1): re-mounted. Opts: usrquota, [ 203.295445] EXT4-fs (sda1): re-mounted. Opts: usrquota, 2018/04/01 00:14:03 executing program 0: r0 = perf_event_open(&(0x7f000001d000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00006f3ff0)='/dev/sequencer2\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000000c0)={0x0, 0x20}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=r2, &(0x7f0000000180)=0x4) ioctl$KDGKBLED(r1, 0x8004510b, &(0x7f0000000000)) 2018/04/01 00:14:03 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') timerfd_create(0x7, 0x80800) r1 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$ax25(r1, &(0x7f0000000000), &(0x7f0000000040)=0x10) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000100)={'bridge0\x00', 0x4c8054fb}) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f0000000180)={0x10}) ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000080)) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000140)={0x1, 0xc7bf}, 0x8) 2018/04/01 00:14:03 executing program 7: io_setup(0xba, &(0x7f0000000000)=0x0) r1 = socket(0x2, 0x5, 0xff) connect$inet(r1, &(0x7f0000000100)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) shutdown(r1, 0x1) clock_getres(0x7, &(0x7f0000000080)) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000100), 0x2b4}]) 2018/04/01 00:14:03 executing program 4: mmap(&(0x7f0000046000/0x2000)=nil, 0x2000, 0x8, 0x12, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000000)={0x0, 0xca2, 0x0, 0x1, 0x79}, &(0x7f0000000040)=0x18) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={r0, @in6={{0xa, 0x4e24, 0x608, @local={0xfe, 0x80, [], 0xaa}, 0x1}}}, 0x84) ioctl$sock_ifreq(0xffffffffffffffff, 0x89ff, &(0x7f00000000c0)={'bond0\x00', @ifru_names='erspan0\x00'}) 2018/04/01 00:14:03 executing program 6: io_setup(0x20000000001, &(0x7f0000000000)=0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/pfkey\x00', 0x100, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000400)={0x6, 0x6}) r2 = memfd_create(&(0x7f0000000180)="85", 0x3) ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04) r3 = socket(0x4000000000002, 0x803, 0xff) connect$inet(r3, &(0x7f0000000100)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r3, &(0x7f00000000c0)}]) getsockopt$inet_pktinfo(r3, 0x0, 0x8, &(0x7f0000000080)={0x0, @local, @local}, &(0x7f00000000c0)=0xc) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f0000000280)={{{@in, @in=@remote={0xac, 0x14, 0x14, 0xbb}, 0x4e23, 0x1000, 0x4e24, 0xb12, 0x2, 0xa0, 0x20, 0x2c, r4, r5}, {0x5, 0x1, 0x1, 0x1, 0xfff, 0x100000000, 0x8, 0x1}, {0x0, 0xffffffffffffff7f, 0x80000001, 0x80c9}, 0x7, 0x0, 0x0, 0x1, 0x1, 0x3}, {{@in=@rand_addr=0x1, 0x4d6, 0x32}, 0x2, @in6=@dev={0xfe, 0x80, [], 0x1a}, 0x3506, 0x1, 0x3, 0x100000000, 0x6, 0x3, 0x1ff}}, 0xe8) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000380)=0x80000001) 2018/04/01 00:14:03 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000516ff0)={0x2, 0x4e21, @multicast2=0xe0000002}, 0x10) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000080)={{0x2, 0x4e22}, {0x1, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1a}}, 0x4, {0x2, 0x4e21, @multicast2=0xe0000002}, 'eql\x00'}) sendto$inet(r0, &(0x7f0000588fff), 0x0, 0x4000000, &(0x7f0000385ff0)={0x2, 0x4e21, @multicast2=0xe0000002}, 0x10) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) 2018/04/01 00:14:03 executing program 3: perf_event_open(&(0x7f0000940000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x4) sendmsg$nl_route(r0, &(0x7f00000fa000)={&(0x7f0000c1b000)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="240000001800090f00000000000000001c000000000000bd0000000008000400"], 0x1}, 0x1}, 0x0) syz_mount_image$gfs2(&(0x7f0000000600)='gfs2\x00', &(0x7f0000000640)='./file0\x00', 0x6, 0x1, &(0x7f0000000800)=[{&(0x7f0000000680)="4b522887b50d7915f7da38534ff168ed0c129c3f5f15cf81a84cdbee932ad4311453a9b2c156e257e3f3f639c916ec44781fd7b25bb8016255bd3c0187c11d010f5d7cf179a08bd8e02d507d3fe9a1a4f4e9b780a54716e5faac760da582258c38a49afd265eea9a630e9a93e641af8f498df27846ae51bb35810d85d88df5ade0fa321734375479d13ae97f55dec3c2173df0fea711db6a4179f32da948e60b3d", 0xa1, 0x9}], 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="715e6f7461446f6e2ce7e328e19b5b979286b23a5ab2d4"]) r1 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) r2 = accept4(r1, &(0x7f0000000280)=@ipx, &(0x7f0000000300)=0x80, 0x800) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000400)={0x0, 0xffff, 0x0, 0x8001}, &(0x7f0000000440)=0x10) readv(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000000)=""/146, 0xfeb8}], 0x3f2) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) gettid() ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f0000000140)={0x2, &(0x7f0000000100)=[0x1ff, 0x4]}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, &(0x7f00000004c0)={{0x7, 0x3}, {0x9, 0x5}, 0x100000000, 0x2, 0xb85}) getsockopt$IPT_SO_GET_REVISION_MATCH(r2, 0x0, 0x42, &(0x7f00000000c0)={'icmp6\x00'}, &(0x7f00000001c0)=0x1e) r3 = socket$inet6_udp(0xa, 0x2, 0x0) bind$netrom(r3, &(0x7f0000000140)=@full={{0x3, {"13c7dbeb10366d"}}, [{"c1b70b383306ce"}, {"de9c97c69bb275"}, {"c22830228abb35"}, {"b6fb259cc2e6cc"}, {"265be17a29bc0e"}, {"e61c05b5b5bd95"}, {"ca1835826f40f6"}, {"5e4d440877eb8a"}]}, 0x48) ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000200)={0x7001, 0x7fff}) getsockopt$netrom_NETROM_N2(0xffffffffffffffff, 0x103, 0x3, &(0x7f00000003c0)=0x56d, &(0x7f0000000540)=0x4) ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000240)={{0x1, 0x2, 0x9, 0x0, 0xfff}}) fcntl$getown(r1, 0x9) getpid() fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f00000002c0)={0x0, 0x0}) write$evdev(0xffffffffffffffff, &(0x7f0000000580)=[{{0x0, 0x7530}, 0x100000001, 0xb31, 0x5}, {{}, 0x2, 0x3, 0x3}], 0x30) r5 = syz_open_procfs(r4, &(0x7f0000000040)="2f65786500000000000035abe1e80d903e0d717ac1889a45e581c9e14a5c8f95f5d2968ae8c767e9d18fd69a") r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) r7 = accept$inet6(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x1c) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000000c0)={0x0, 0x9}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r7, 0x84, 0x6, &(0x7f0000000140)={0x0, @in6={{0xa, 0x0, 0xfffffffffffffffc, @loopback={0x0, 0x1}, 0x8}}}, 0x84) symlinkat(&(0x7f0000000300)='./file0\x00', r5, &(0x7f0000000340)='./file0\x00') ioctl$fiemap(r5, 0x40086610, &(0x7f0000000100)=ANY=[]) 2018/04/01 00:14:04 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x19, 0x200000) 2018/04/01 00:14:04 executing program 1: io_setup(0x3, &(0x7f0000000000)=0x0) accept$unix(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000100)=0x6e) r1 = syz_open_dev$usbmon(&(0x7f0000000200)='/dev/usbmon#\x00', 0x7ff, 0x0) io_cancel(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0xf, 0x3, 0xffffffffffffffff, &(0x7f0000000140)="940c1f2149747e7734510c34c143183667a187dc4f624f6c2de12452792a6fb529e6bf2a661dc23a844b00925c244a9f2967c0ca9868ee50eacf67a2ad7681d82f5a38cbd6d7641f843fa129e00f701fb01835f497b53672b3e5a3f6838f28aa240bf21eb5e5cbe7804fd307404474ae0242f8dea7a08e0fe9479b06f2795f857f8eec271d35ba7f61a91c8729681418", 0x90, 0x5, 0x0, 0x1, r1}, &(0x7f0000000280)) io_getevents(r0, 0x2, 0x8f, &(0x7f0000d83f60)=[{}, {}], &(0x7f00005cfff0)={0x4000000000001, 0x7}) io_getevents(r0, 0x0, 0x5, &(0x7f00000002c0)=[{}, {}, {}, {}, {}], &(0x7f00000003c0)) io_setup(0x7, &(0x7f0000000040)) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/route\x00') ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000440)=0x0) perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x4a, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ef4}, r3, 0x0, r1, 0x0) pread64(r2, &(0x7f0000000000)=""/85, 0xfe42, 0x5d) r4 = memfd_create(&(0x7f0000000240)=':+lo#\x00', 0x0) sendmsg(r1, &(0x7f0000000580)={&(0x7f0000000480)=@nfc_llcp={0x27, 0x1, 0x0, 0x4, 0x3, 0x6, "75b99a520ee4040f98db7ef28e0a76765d242c36e3b307820cad7df40652c34840481751d50b1c89da3cf8ad27d947101cb0b0d6730e8848f1b8146b9e4810", 0xe}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000500)="de0f5514970c620ba03fb6173be29aeee639c6f1e16f402f0aaa253832bc2aee312026f6639d0ffdd583e97e3ed4acf82a6b3f94a71f64", 0x37}], 0x1, &(0x7f00000012c0)=[{0xa0, 0x105, 0x1, "f4e37a89c25a82e36f724d883d0ea03471cfbb684316c81e91b40f8a27cd1323603cc120f7526d85dc8ce90d21bb6264d7d8bb9934caf64c7d4962a324a937f61ad2631f3e359004981d505a4df7c8dc35fb3bd8a2b06901d4c69cecf1fda4f4bc7f10246517f64cf1691285001fc3a5c97fcb9296b8af4b130881cc25b3a1d362ee26f797fee87b74d5c1fd3f"}, {0x110, 0x185, 0x3, "ffae47caf597761bf788b0f304e524dec7049ba793774e63d690009868bc39d4e82c8513b2157b45e449d25f72a1eb830c81546929f29b3b0e4aff2caf935476cf3ecc7e42b9572102795463ef054437e95fb64e5f7041a4e189bdf293a1a1e76001e18b5800b00aa37937674d092390329544faf53a8d4ff39472a640130fdef0a03deaaf94576f8b5ec47b9d516636a75cfef083426582783f4edd98393575d8f3c2a14404f4e1e967821694aeaac83c47918ceea619559aed886452ceed1a7a6308695adb65deae66f35d7405ba4ca699977ed5703264e447b5e810bdeffcb6bf4512982fbaa0e53956b8175e44f85e324e40039af4b09d47af8a76"}, {0xd0, 0x1bf, 0x400, "8263da79f30e8189057683a746ca5e45caa8e1785b445a9cc61f1a2514ded15bd19e59555b39b7864919cec1b947190df3fa681090ed44a7e52a4585c05d51dcc93829d7c1d82cc0ae5d73c5c195ab0657194305e8908b581d697e299ad9a2447714f5e84ad3436d6b4f52b33f7fd7a4a106e933cd220a4a4e255c56a013e5f62b4bc08a8f2424758538dfcb8ecf26c38a98f3d14b3011aa39c920883c246081b8744a84ebec0c84989b004db4a0dfe3e7616248eb9165fa330d381577"}, {0x58, 0x10f, 0x1, "78fa0fd7ae69ce37743c234c00b624bf4be99393a1a568ad3b7e43cb89a0cd67cdfa949178a0d38b820eaac142c0d572e93b910f820167eec006af44b1b55452fa4010ecc643"}, {0x1010, 0x10f, 0x8, "e50b267dc1f693cbabe15592bb11f4fe5b641e41909ee6b8ab9680a7e4a6da2281ec595aab08f5b95146028868cf290ed02cbeb1f94e0e4c8e2f63dac8e671a2b770a3dba5e624b9c67bcfe51f1ddfad7c07d9bbf3f97ec20296dc195f417afcfce8beb250992513b220c328ad873e9cf614a5865d6f5b8350a63a6dfa898c09d2dd7b9787b2332f7dd56afb73f8a920aaa0524f1a52dd7ad0c5026818762b0f44edbd8e3b1538b502aa037419f6a643e1cbf34926a2abbcb75eceb2a2fdc9b29bdacf699b3572e56c89da73cba9ffa6a802b16c0cd2ef8200e671f31bbf4b41116cc2dc7df8fbb768392dd6e609d44dc31803902cfc0b66b9bcad2029a8ba1eae2e601fbe53b9a1c806edbc64f0c1f43b553e8b6108ab7cdc69d151487b5707968b1fbe27caf49fd009db790616f41b261be109f7f3b77f2ffcf296ed62d42d8604e389ba75ad8f534bb1c7b442da7f234075195f4c2cee170c4578c79879230718cef9d6190e5c935e677a72b59db4b38331d88112526c2dbf14bd90be182be19ef9d0cbe230b8d52d6f7397d24b6535928cd90b4d74c9da842c843f79e13aac03bebccd44edb71d153c175e00c1fe53b1590de1ef55b78da74b095e4cc3c84d2b1a18a67d43bea2ad8a1a732d8cedd71060084867c4420b301373679cf42fb7523b7a8c950f14e3819fe63da0aa374e95055ddccbad9b964c208e382ef465b3bd4b10c8417356258e6e0aadf0940096a83e37cd2822f115052a39bc1a14814024e8d12c077058b85aac9ddae849bfd4911fb037c79d7f22deb49cbbc6ec670561adf08cf95aa64036ab3747a2b62728c615cf4ffec9aec2c40908f12ba7bf8b4abd360ff318d8d06c9e0189bc96d488255a5f97bcd1b9f313054c214dd71ea10ddddce076cba3b32f477c8dbacde958a050f31ed92fbfe73907385a087402d5d96e31bf2f063b44aa6a4ba11e265d4285beb2b54b06ef4df92e9c58d9fcbde61264a9a6060307d750cff9909ce9baddf3b2778801019364dd1a84a3ff365fcb53a8e7ba7c964217762b876c11bd9fcf0aa156cd6a10e0d9e5eab75c68b0ee250c2441731481b0469ac03984df71d530a60772b374fe2ab5f441110776a32fdb6612d96d3f0e8e7af078f5e2bcc1bd83f191f5a41c89713f294ec85c25295a2b966d9da9327e05b84fb49ba59014af8008f1d9ed975f1463ee57d4e001c1645588e5d322099f91b5b0806ef9b320e214cad51f3eba70f441a1bee67ce1c32d5fa7e381298c5ca1c3ce8d0b621669fd398217d5d098f6fba0a6c534de62e753ed3b290a68cc69830b9900bc7a348898424af2cd7eec1e1e47892231e41b422d76117f94cbc3a8994db574a151f68db04017eae5bbf97330c6ec0e60b8a9c7cb58d7c37d5ab9b9d6c0d450b257ee656cf1572cb3352f4571c644fa6a004d4b69a28ec66f9aba212df516fc48b81e67039f7e190530c8cc0e5792a31e8648a8bf014abfadf0f732a0d83f0eb43e94647a403b6e5b4032821abe8d63df92d6eb780fbf6c1d8ab4306df3de0f8b68065d78f031f44a6957ce1551d9ddedc99af5c86dcc19ba1b60ed85a2d2f804c57401580d93c0b2fc44fab497dfe93d890d356007fd9c0126af13284fed3e98cec5a198bf7f581b49c70c7e7f776b49d24e7d6e5ee673a3ce2a3f36314bde0dd7958a0f19020b7908317a2c4715a2f2e722f314e2008101c197c4ee8ae58aaced7af0ca52d07016519c7d9bad530196ee29142ebd1ef4cb5b879d26600e689c1a85921f6ba8cae2578a78a10fc80caabbcbf13a456089ece33b6a8a1c30909c8926ab8eef60407cbaa0aa6f2623b25522b5db4d150328c00b34cfa45f278b34bb700285b3b3c247aff28a967df3c3b2b375f32fcde92328d7d7749a90ea14d0f04f76bb82b11539879a940952dd966cf419f482851472675eea0814af121362cc3b6f266f753fcd2e198ba279e3e3ff7a68a4ddbe1f6d2ef20bd375a40fd5ccf94acbb85198f2401eb02052519db69bbef820cd2f2c1c014ec7cdc4cd341210d9e7fefe7650c0603a2e3fa225881fbe0e99f9df98ffd62e82a8c330dcc8849ba6070407deb81fc0bc318c069049cc078eb1a84f7136519aa2ad3e40693b5e64ac58264eb1d4f3c46452823dcc264347ff02d9805b95b332aec00e833b108486df43633385372e08d8015ab2143f6274b7cb5421a06ef50b40623af8249bc4044baf661c6500e9e3b97e6496906e8744dd823b5b5c77311d0068c94b6acda51aa119e1e487fa9c58581d493bde8b54151d3cb918494920aff4a9c7891f4f264f8a5c1c94019e1aa22f2bf85fa7523199ab74fb71712e2230c461b963e187972294dfe3e5182c7aae617525920208ef67a3e5c3da77bdb67df44e1d133161291ea11b7111fe247686591ddd1f9eab21dcaaceaf6bca900bdbc128b3e2741d8ce43310f1077359b2d3727d5c5a0fc6060da9db680c057aba4670cf59dbf4cfe19bcd2f4967cfc9529a61ae2bbeb8d48431b32ac685352478c2efa489b488aa331add8912f282660ebc6429ec5599dd036ca8d35846330739ef9f9cf0e4989fec50efa795a7f1108546a8bdfee84b2631b32d60dd233a5acc456a56a5c5a4f90aa2ca6fa2a704265a88a8790ad914777860e69253264511e68093c2a8656c6f27de3bc8cba87889c5db509e19eeadd2a4480466a93298295f25d7ffcf58863387ec09aef9af243376d2224ef83656a5394b97870fb1ce3b555285d50fb67c17d8e0b719a0468c8df73d1788576ff1c8ce1e38969ef626708bd57061328c31b10eed181af41ee00a5d3af44ccb2dc6581d074dd8edaf26e088a5de46f2016ae49200587494baa4f7bbd8f69022ab79aa6a9f94eefc7994eccba0622e73f9f2cae55d18b1283dd6f585b3f12f46ae3ca86942b3d768abf2599491642859c91e1d78aa74addb37ff53c7f5202ba3812e64a67a0197f707dd43aa28f4e7fe6823aa8add0b54ae8ff82e1f3097ed9371ebe74109a4a3effd3cb7590848b6fd45ea98fe58a44ac5d95e7319bf82ed75bca4cee3dfa990e96b176e95053e8b973e8a72d7f0f86a830f32810d18a43b955fc60e77646e450a56265551773beb9a6304fcc0da64786c97ab6b93ad70ce10ee41d12cf61d7031ea8fad3debe7df1277be1817597a542b9f954013bb0169c1d9df624bb962138b654d033a219baeb0acb55e7ab1e730bd06dca18ee91a04d8f5095a4b36e51c4f0c775a75b02614a4540da3c90cbb05fffb9d0b7225be404d12a414a7902cc81df3cde1d146dba511baccc98d9c52a5dedc04a42d070fc083698f242b2185dcb9e0b2b99a37c4790797510f0074aa4affc6d130de0cd720a5b63da7db3d08d2dae3b370f00fd421a11c1c1f021e93b79572634a73be32350c9622ed05a72bfd91f9e09762b95c73d20d5b901ed3863f37db7c9cb53ec23d73e264bb260450d68ebe6afec6786f49013a59d0b041d410ec0e7d80defaf145c5afda7d5ca66cb89fb1a892ec277018337d5d69af68bee819aa7354898d8a00cebf4a63611cbf2487c3c9f466eabad0c1480c674e54675cc3b099c4d55d7093e40752eea91138f6e18c4231f314be29bb540de23b024f8662db996f988d397e84961cdbc201a259fb256b28e0e287f0cd7fc3b302bfaa21e6fdfe2b1cc593a6d2d713e9d1da75405505bc8c4a0c4d02c1ee4e212583951a965ed86d9291c8e7248041bcaf9462a7c393b39cd0413b4b1a98802305f4ef310fb0d93924e13e1bd0dec48661b6f5fb6288ccf8dcd8e78cfe2ab49b9879540634904da88c82e4fff40072020b206b7e46151e27c5a925c0a5968def993259fe6587ec892f5e6503bbed229ada55e4c40d28c6d78926b0ee8baf47d8d501f13292fd24c2516e15e5d4d84b414858f8a85431180959c719213f5932215359874334ba45d60d0a265030875783cbbd9a71b2e906eb3b11480bf7e90312c90e8aa58d8df7d6df64e3cf18fd253ad858738170f189d65b806d4bf642af34343c56cef991667fe4e14b48c9ade10e6c64d336873401384db874445387358d9bb80b324731a64b75641026f8cb499a580a9fe5260eb94d1eb9a56d3b31230ac86a9962a2609e25c28f81885dbead27b332bc0c25dd92aa80ff8650d69ca85123b45bd4d7672df9ffec986bf58e4fdfbd1d560ee6e64ae7df51fbeb9646107276b56b6a451845fc339ccacb77e23e692da20433e219f8dd98047f071fd70c25b96d0c7a3671733a95bb5cbc85ad9d4d8001fe822c7395867bade1e8f32f686a14cf983083d0cdce471c048c04a3155826a32f16019eb90c4f7c53278b895807c5a0ce86802f69e4e52c560dbad16660b936c72a56351fe4fd4f7c174c7567d5a397408c2ce4451264e5813c0b41a61050f461dd91c285cc699fb20d91d6143063d4c096e621f8d795bd4b584ba576df9fd4afecbf89639a5f348ecc7b05ae849da89102c1bf7d52da57382904570de50b6bc395880e897f08497f4e082072afe75e53a30a2309ae7014a65927e986792c98f5b0d994f477054dee5a5943af74625237ec6dbe54dc79a839206cd702bf06d95c2ffdf8b5163e6ee7e464f705435d1cd314e3bb521cbed7204fe5e35e6edbae696f02026950127d475be7394935c6d40732137a1b220960acd6e96531738a804ddf45a2f793786dddaa239293ae8a7fa2959ded28e86ab47f0f14ae24325da964dcaf4606f30b961be1bd02aa3c61ab695a287bf87152133451ef98b7af2d9b3f95bd45ed9fda7d07c0953d62f96ad8389697d69993d790efe294e85ae0edfd46737fed0c34e8dec942424fb83fee2a793c79b75f42fe4304a6caa04086dc102901f34a96d8d247a32f6cb38c42226139bd26ee8d6d61549249fce92fde14ba94dad70b5c5666e458fae05d77213237cb3de27fdf6adc1673e626a2dd087f02375efb260c72961e16745290e1ca299f3cff909c1d77a5bff744a3111fb9761a28f8f27565d31c4527f6ec8d358123378241d730fc693cabe83de9361806521ce3ee195d62fb74044c431cfad8a829f5ea93f78a9e2b2f4239548d61fbc0518fb284ae95cac0edeabc9ee721d3dda069249b4d22819cae6753a08f5a4f2a3d602d96cdbd02731e34fc28805803cc7fc6ccc3658b1335bcdf0a0c64aa96889d9aee393450e2e80f2bb77b6cecf01f80bc83c6a3e9d1f2613fec8314a8b07276b654d072999b5d927b5a501c3176e31d1d9d56e6395dfabe5384ae7012c3dd37843ecb80acbbf70c1361231f101a93b3d5517bfcd0e3f214b23da49f563d16f5e1248ac646193f9e6ae2efecd4267ab01004f81e7978e7cace471acc5f76ed35ed35c40d191b26c0240eff6515c10717c9bd321cfb24d6e7c29e4fdf7207611919e85bd6cba701b62a06428099aa7b598a0951ad6e3adba4ad25b81a1fb9de828525e88baca0dc9a16269d4c92a559dc24a3963f01b289980d3aa182458fae8b0ad9279eb7729319f6c33adad88f16ff45934110e8df0bd3cb0ae68db2cc8d4ccda511655d1e8ba399892d9ef75920073f2f8b275c394d9d8f3acc29901f4dc9e598320daadcdc897c20a986bfe5121ddf107c4b6a0aed70c6cc4ae9d4e1a37f5cb25b9bd4d93878c51319ecd20c2eb56f1ad6a2193f9287fcf6f50c79f10890f949d1680804ccd1ddf57ff358962b416f1e9e4125881883a311ac8f2c5a038ada12f843b4524b2e6dfdb4cd58a2984e6faa5bb39b877d7a526d0ae995f4d6c1aba4953e78"}, {0xf8, 0x113, 0xe49, "56cadbb63584172a112ce55ea1297d91e90577b9e1d0faba227748fce9e37ebe84b584a923459c915bcaaf6b4c1b73051d960ca5d4cecfc003272fb8c6b3e50e4cb1579a20af3f0233ac70f2dee232e333ad9e73e45310200f27e0655bf58336609c9b04884ecddced178f99b7aab0bac4de21f11d2638592e21edfc6dc0b7ed81e5558e468b44dc1db004d5e922724b75dd394dde29216def4da2eca0606a4b1f17e6af09951782d177c3825aaac8a4a84f2785024ebe3f7862e2fc9872c414bfecbb3afb650bbd610a28a4ca0ce1953f9137dc831a93ddf42ede060f78202830f831a1"}, {0x48, 0x115, 0x0, "d91c8d3a2a076f929490db768c1b0428a7ac1327a065216a663df8e45cd6ea6d8a1bbd6e1c10f5f5d4effa19fe010cd8513a8289077e"}], 0x1428, 0x4c000}, 0x4) fdatasync(r4) io_submit(r0, 0x1, &(0x7f0000001280)=[&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, r4, &(0x7f0000000100)}]) timerfd_create(0x7, 0x80800) io_destroy(r0) setsockopt$llc_int(r1, 0x10c, 0x9, &(0x7f0000000380)=0x3, 0x4) 2018/04/01 00:14:04 executing program 0: syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x1, 0xc40) r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f00000000c0)="2400000058001f0014b2f45eeb2b7b070009b43004000200071007eb0100ffffffff0800", 0x24) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x40000, 0x0) ioctl$TUNGETFEATURES(r1, 0x800454cf, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000100)={{0x8001, 0x100000001}, 'port0\x00', 0x88, 0x40, 0x3, 0x5, 0x56, 0xca, 0xe12f, 0x0, 0x1, 0x8}) [ 203.505243] gfs2: invalid mount option: q^otaDon [ 203.510167] gfs2: can't parse mount arguments [ 203.526461] EXT4-fs warning (device sda1): ext4_resize_fs:1914: can't read last block, resize aborted 2018/04/01 00:14:04 executing program 5: r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(0xffffffffffffffff, &(0x7f0000000040)={0x18, 0x0, {0x3, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 'syz_tun\x00'}}, 0x1e) ioctl$sock_ifreq(0xffffffffffffffff, 0x8991, &(0x7f0000000240)={'gre0\x00', @ifru_hwaddr}) r2 = socket$alg(0x26, 0x5, 0x0) recvmsg$kcm(0xffffffffffffff9c, &(0x7f00000006c0)={&(0x7f0000000280)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000300)=""/67, 0x43}, {&(0x7f0000000380)=""/121, 0x79}, {&(0x7f0000000400)=""/245, 0xf5}, {&(0x7f0000000500)=""/215, 0xd7}], 0x4, &(0x7f0000000640)=""/112, 0x70, 0x869}, 0x2000) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000880)={0x0, 0xf4, &(0x7f0000000780)=[@in6={0xa, 0x4e24, 0x9, @local={0xfe, 0x80, [], 0xaa}, 0x7f}, @in6={0xa, 0x4e20, 0x6, @empty, 0x20}, @in6={0xa, 0x4e22, 0x6, @mcast2={0xff, 0x2, [], 0x1}}, @in6={0xa, 0x4e23, 0xfe000, @mcast2={0xff, 0x2, [], 0x1}, 0x2b17}, @in6={0xa, 0x0, 0x7fff, @mcast1={0xff, 0x1, [], 0x1}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, @in={0x2, 0x4e22, @broadcast=0xffffffff}, @in6={0xa, 0x4e24, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0x3}, @in6={0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, [], 0x1a}, 0x8000}, @in={0x2, 0x4e20, @broadcast=0xffffffff}]}, &(0x7f00000008c0)=0x10) bind$alg(r2, &(0x7f000065ffa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00001ec000)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) splice(r1, &(0x7f0000000140)=0x31, r2, &(0x7f0000000180), 0x7, 0x5) clock_adjtime(0x7, &(0x7f0000000900)={0x7a0, 0x0, 0x7fffffff, 0x10001, 0x2, 0x10001, 0x2, 0x80000001, 0xb59, 0x1ff, 0x401, 0xffffffff, 0x6, 0x10000, 0x0, 0x4, 0xfffffffffffffffb, 0x3, 0x0, 0x2, 0x1, 0x1, 0x8001, 0xeaf3, 0x6, 0x5}) connect$pptp(r2, &(0x7f0000000200)={0x18, 0x2, {0x3, @rand_addr=0x2}}, 0x1e) socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58) getpeername(r0, &(0x7f00000000c0)=@nfc_llcp, &(0x7f0000000000)=0x80) connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x0, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 'ip6gre0\x00'}}, 0x1e) socket$inet_dccp(0x2, 0x6, 0x0) 2018/04/01 00:14:04 executing program 7: r0 = socket$inet(0x2, 0x3, 0x6) getsockopt$sock_linger(r0, 0x1, 0x31, &(0x7f0000000200), &(0x7f0000000240)=0x3) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000000)={{{@in=@broadcast, @in=@multicast2}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, &(0x7f0000000100)=0xe8) [ 203.591666] gfs2: invalid mount option: q^otaDon [ 203.596689] gfs2: can't parse mount arguments 2018/04/01 00:14:04 executing program 4: r0 = perf_event_open(&(0x7f0000012000)={0x2, 0x70, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xa, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400000, 0x1) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000080)={0x0, 0xda, "b2be0f58387c3281cb6d0af66c2647a38853977e04bb063ca332fd2e6c465c556c01760bfdd7998570f56511cfd4434c0e92faf16be2e9768d5ef38a75c266ab2ca92a0647e3fadcc4d6a418ab2b699f64886a95b91b997dba8b23d184f36216870355fe7a6be1e6c8e6315559cdde8d6646fb749e68a365c618ec6eb1e17066a6aa79f018f2a75d1ca6628a0350d16335b0c6c39d3c9b6a9ab0048ebb8bc120d9bcdd9ffa7209151e8aa932e97faf53c973809c8920a8881ca6d417a9cdb99f5a3bbf411a7eceefc7947a592dcbbfe9d1ce018a286621109b1d"}, &(0x7f0000000180)=0xe2) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000001c0)=ANY=[@ANYRES32=r2, @ANYBLOB="3d0000004a8c61be3b6f3a1cc62ad857eedf06a74bddbbb9a5dd23d45fe019e41576b59b90284dc27df650662cbb535a8a1cf6214fec0153541ea346515249000000"], &(0x7f0000000240)=0x45) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ppoll(&(0x7f0000000040), 0x0, &(0x7f0000fe8ff0)={0x0, 0x989680}, &(0x7f0000401ff8), 0x8) 2018/04/01 00:14:04 executing program 6: r0 = syz_open_dev$vcsn(&(0x7f0000000500)='/dev/vcs#\x00', 0x2377, 0x100) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000540)={0x400, 0x100, 0x10001, 'queue0\x00', 0x3}) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x0, 0x0) ioctl$TUNSETSNDBUF(0xffffffffffffffff, 0x400454d4, &(0x7f0000000340)=0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000943ffc)=0xa35) read(r2, &(0x7f00003fefff)=""/1, 0x1) ioctl$KDSKBLED(r1, 0x4b65, 0x967) r3 = gettid() close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={0xffffffffffffffff, 0xffffffffffffffff}) readv(r2, &(0x7f0000dcdff0)=[{&(0x7f0000cd8000)=""/1, 0x1}], 0x1) ioctl$int_in(r4, 0x5452, &(0x7f0000b28000)=0x3c) write$cgroup_type(0xffffffffffffffff, &(0x7f00000002c0)='threaded\x00', 0x9) r6 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x802) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000fb9000)) fcntl$setsig(r4, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r5}], 0x1, 0xfffffffffffffff8) read$eventfd(0xffffffffffffffff, &(0x7f0000000040), 0x8) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000080)) r7 = dup2(r4, r5) fcntl$setown(r7, 0x8, r3) ptrace$cont(0xffffffffffffffff, r3, 0x0, 0x8) tkill(r3, 0x16) r8 = gettid() process_vm_readv(r8, &(0x7f0000001880)=[{&(0x7f0000000680)=""/198, 0xc6}, {&(0x7f0000000780)=""/247, 0xf7}, {&(0x7f0000000380)=""/12, 0xc}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f00000003c0)=""/6, 0x6}, {&(0x7f0000000400)=""/14, 0xe}], 0x6, &(0x7f00000019c0)=[{&(0x7f0000001900)=""/41, 0x29}, {&(0x7f0000001940)=""/112, 0x70}], 0x2, 0x0) r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$inet_IP_XFRM_POLICY(r9, 0x0, 0x11, &(0x7f0000000240)={{{@in6}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e22, @loopback=0x7f000001}}, 0x8, 0x12414000000000, 0x80, 0x70de0f3, 0x10}, &(0x7f0000000180)=0x98) setsockopt$inet_sctp_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={r10, 0xf6}, 0x8) getsockname$packet(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000140)=0x14) [ 203.648948] netlink: 'syz-executor0': attribute type 2 has an invalid length. [ 203.673759] QAT: Invalid ioctl [ 203.685189] QAT: Invalid ioctl 2018/04/01 00:14:04 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='sessionid\x00') perf_event_open$cgroup(&(0x7f0000000100)={0x3, 0x70, 0x3, 0xb6f, 0x7, 0x9, 0x0, 0x0, 0x44, 0xa, 0x0, 0x6, 0x401, 0x4, 0x5, 0x1, 0xffffffffffffffff, 0x7, 0x1, 0x9, 0x1, 0x7f, 0x1, 0x200, 0x3, 0xffff, 0x1, 0x9, 0x100, 0x6, 0x5, 0x3, 0x3, 0x9, 0x8, 0x3, 0x1000, 0x6, 0x0, 0x101, 0x2, @perf_bp={&(0x7f0000000040), 0x1}, 0x10200, 0x1000, 0xf6e, 0x3, 0x8, 0x81, 0x1}, r0, 0x1, r0, 0x1) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x4, 0x4) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) [ 203.694616] netlink: 'syz-executor0': attribute type 2 has an invalid length. [ 203.717358] QAT: Invalid ioctl 2018/04/01 00:14:04 executing program 2: socketpair(0xf, 0x803, 0x4, &(0x7f0000000000)={0xffffffffffffffff}) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x8000, 0x8000) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000080)={r1}) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r2, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:04 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r4 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x4) fallocate(r5, 0x0, 0x4b99, 0x5) r6 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r6, r6, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r4, r5, 0x0, 0xc08f) r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r7, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r6, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r8 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r8, 0x0, 0x0) r9 = fcntl$getown(r3, 0x9) capget(&(0x7f0000000080)={0x399f1332, r9}, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x800, 0x3049, 0x5}) fdatasync(r4) 2018/04/01 00:14:04 executing program 0: mmap(&(0x7f0000000000/0x4cc000)=nil, 0x4cc000, 0x0, 0x65031, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x8995494, 0x8200) fadvise64(r0, 0x0, 0xe47, 0x2) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000540)={@multicast1=0xe0000001, @broadcast=0xffffffff}, 0x8) 2018/04/01 00:14:04 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000100)={0x3, 0x2, 0x80000000000, 0x3, 0x2}) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000140)) getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x7fffffff, 0xdf7f, 0x20}, &(0x7f0000000040)=0x10) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r1, 0x3, 0x9}, 0xc) 2018/04/01 00:14:04 executing program 7: nanosleep(&(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)) nanosleep(&(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f00005bfff0)) pipe(&(0x7f0000001200)={0xffffffffffffffff}) io_setup(0x6, &(0x7f0000000000)=0x0) io_getevents(r1, 0x8e1, 0x1, &(0x7f0000000080)=[{}], &(0x7f00000000c0)={0x0, 0x989680}) mq_timedreceive(r0, &(0x7f0000001240)=""/4096, 0x1000, 0x0, &(0x7f0000000140)={0x77359400}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f00003bb000/0x3000)=nil, 0x3000, 0x0) madvise(&(0x7f000089e000/0x4000)=nil, 0x4000, 0x0) 2018/04/01 00:14:04 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000480)='rdma.max\x00', 0x2, 0x0) write(r1, &(0x7f0000000200), 0x0) r2 = memfd_create(&(0x7f00000007c0)='[\x00', 0x1) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0xf000, 0x9000}) r3 = accept$packet(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000880)=0xfffffffffffffd46) fsetxattr(r0, &(0x7f0000000280)=ANY=[@ANYBLOB='us\x00\x00\x00\x00'], &(0x7f00000002c0)='[\x00', 0x2, 0x1) getpeername$ax25(r0, &(0x7f0000000800), &(0x7f0000000840)=0x10) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000240)={@dev={0xfe, 0x80, [], 0x14}, 0x48, r4}) r5 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x100000001, 0x200) ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xe4, 0x81, 0x0, 0xb, 0x7, 0x8, "abb56da86e4b54531711a6f19d473c86268037e7bba8f701619396ca46df206eb9e54d6527a1d775fdda970f3f96e52a510530c3e325af5a30e5797293adfb17", "ab8bccc4d7c5ae7dc58eaebdd8b4a811ac4f86c9b784d454e083ab7fb04f4489ba8e4390a1bea170041ed96403e667635d06cd93898b8fadb144d0dc3bb9910e", "a6578386a6e8b258bfe44f6852fb812b209c38c44da6f95d4bfb16141c286e7b", [0x2, 0x2]}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000000300)={0x0, 0x96, "6441841d9fabbacb531644defb6bc4502759cfea21bb7ac5ecc2e05e12e20fb441733119abcd5a643574d4c4e656e61284966229d621e6f8191f3ec40692c4b6cf845aed3a714b2ecacb0770808f949741b2abafa5bc8c10cde385023bd082ac2b34ed5a51bb0d572f7be665e2675f4aa164bac91696cfefdad41d89d026c2fb18d3f0a76edbe11dd7dfe895fc2a84785961fdb3dc41"}, &(0x7f00000003c0)=0x9e) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r5, 0x84, 0xa, &(0x7f0000000400)={0x9, 0x2, 0xc, 0x8, 0x10001, 0x8, 0x7, 0x200, 0x0}, &(0x7f0000000440)=0x20) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000004c0)={r6, 0x6634, 0x9, 0x5, 0x6, 0x60, 0x0, 0x100000001, {r7, @in6={{0xa, 0x4e20, 0x101, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0xfff}}, 0x0, 0x8, 0x1, 0xe1f, 0x1310}}, &(0x7f0000000580)=0xb0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000005c0)=0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000600)={{{@in6=@loopback, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@remote}}, &(0x7f0000000700)=0xe8) getgroups(0x3, &(0x7f0000000740)=[0x0, 0x0, 0x0]) setsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000780)={r8, r9, r10}, 0xc) 2018/04/01 00:14:05 executing program 1: r0 = perf_event_open(&(0x7f0000220000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000000000)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}]}, 0x50}, 0x1}, 0x0) sendmsg$key(r1, &(0x7f000033efc8)={0x0, 0x0, &(0x7f0000aa8000)={&(0x7f00009b9000)={0x2, 0x9, 0x0, 0x0, 0x2}, 0x10}, 0x1}, 0x0) fcntl$setlease(r0, 0x400, 0x2) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080), 0x10) syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x0) getpgrp(0x0) 2018/04/01 00:14:05 executing program 5: socketpair(0x1e, 0x1, 0x101, &(0x7f00000001c0)={0x0, 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@loopback, @in6=@loopback}}, {{@in6}, 0x0, @in=@remote}}, &(0x7f0000000180)=0xe8) recvmsg$kcm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000006c0)=""/146, 0x92}], 0x1, &(0x7f0000000800)=""/35, 0x23}, 0x0) r2 = gettid() timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={&(0x7f0000000180), &(0x7f0000000200)}}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r2, 0x15) shutdown(r0, 0x2) 2018/04/01 00:14:05 executing program 7: r0 = getpgid(0x0) ioprio_set$pid(0x2, r0, 0x10004001) pause() ioprio_get$pid(0x2, 0x0) 2018/04/01 00:14:05 executing program 6: socketpair$inet(0x1e, 0x801, 0x0, &(0x7f0000000000)={0x0, 0x0}) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x280002, 0x0) accept4$alg(r2, 0x0, 0x0, 0x80800) sendmsg$key(r1, &(0x7f0000d4c000)={0x0, 0x0, &(0x7f000089c000)={&(0x7f0000e6ce08)={0x2, 0x0, 0x0, 0x0, 0xfffffffffffffdb7}, 0xffffffa3}, 0x1}, 0x0) recvmsg(r0, &(0x7f00002ed000)={&(0x7f0000559fec)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x14, &(0x7f0000686fa0)=[{&(0x7f0000ae3000)=""/22, 0xffffff08}], 0x1, &(0x7f0000f1b000)=""/4096, 0xffffffffffffff73}, 0x0) 2018/04/01 00:14:05 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000100)={{0x5f, 0x7}, 0x0, 0x7, 0x2f, {0x8d}, 0xca6, 0x2}) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x8000, 0x20000) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000040)={{0x7, 0x80000001}, {0x5b5, 0xe2b0}, 0x5, 0x2, 0x80000000}) 2018/04/01 00:14:05 executing program 0: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/mixer\x00', 0x0, 0x0) ioctl$int_in(r0, 0x80000080044d76, &(0x7f0000005000)) 2018/04/01 00:14:05 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) r1 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lsetxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', 'configfs\x00'}, &(0x7f0000000200)='\x00', 0x1, 0x1) lseek(r1, 0x6, 0x0) msgget$private(0x0, 0x0) 2018/04/01 00:14:05 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r4 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x4) fallocate(r5, 0x0, 0x4b99, 0x5) r6 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r6, r6, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r4, r5, 0x0, 0xc08f) r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r7, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r6, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r8 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r8, 0x0, 0x0) r9 = fcntl$getown(r3, 0x9) capget(&(0x7f0000000080)={0x399f1332, r9}, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x800, 0x3049, 0x5}) fdatasync(r4) 2018/04/01 00:14:05 executing program 2: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000140)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000100)='mountinfo\x00') ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}) fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:05 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) r1 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lsetxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', 'configfs\x00'}, &(0x7f0000000200)='\x00', 0x1, 0x1) lseek(r1, 0x6, 0x0) msgget$private(0x0, 0x0) 2018/04/01 00:14:05 executing program 0: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) open_by_handle_at(r0, &(0x7f0000000940)={0xc, 0x0, "8aa0a41f"}, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x3f, 0x2, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffe59}}, 0x1, 0xfffffffffffffffb, 0xffffffffffffff3d, 0x14, 0x28}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000100)={r1, 0x9}, &(0x7f0000000140)=0xc) 2018/04/01 00:14:05 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') getsockname(r1, &(0x7f0000000200)=@rc, &(0x7f00000000c0)=0x80) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200000, 0x0) clock_gettime(0x7, &(0x7f0000000080)) 2018/04/01 00:14:05 executing program 6: r0 = socket$inet6(0x10, 0x6, 0xfffffffffffffffe) sendmsg(r0, &(0x7f0000003fc8)={&(0x7f0000000080)=@nl=@proc={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f0000000000)="5500000018007f00082d1cb2a4a280930206620100a843090000001b03569993ebeb4fdf253fb0ddf423000000003f00000049dc50ca8a9848a3c728f1c46b7b31afdc0938d54400009b84136f075afb83de448daa", 0x55}], 0x1, &(0x7f0000004000)}, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x20000, 0x0) ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000140)={0x2, 0x4480, 0x9, 0xffffffff, 0x0, 0x9}) [ 205.297398] QAT: Invalid ioctl 2018/04/01 00:14:05 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r4 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x4) fallocate(r5, 0x0, 0x4b99, 0x5) r6 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r6, r6, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r4, r5, 0x0, 0xc08f) r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r7, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r6, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r8 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r8, 0x0, 0x0) r9 = fcntl$getown(r3, 0x9) capget(&(0x7f0000000080)={0x399f1332, r9}, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x800, 0x3049, 0x5}) fdatasync(r4) 2018/04/01 00:14:05 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') ioctl$VT_ACTIVATE(r0, 0x5606, 0x6) fcntl$setstatus(r0, 0x4, 0x400) 2018/04/01 00:14:06 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000001e002702000000800000000007000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008000e0000000000"], 0x28}, 0x1}, 0x0) 2018/04/01 00:14:06 executing program 6: r0 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x1000000002, 0x28002) fcntl$setflags(r0, 0x2, 0x1) write$evdev(r0, &(0x7f0000000200)=[{{0x77359400}, 0x5, 0x3169}], 0x18) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x84080, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000240)={0x0, 0x9, 0x4, [0x1, 0x278, 0xffffffffffffff12, 0x1]}, &(0x7f0000000280)=0x10) execve(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), &(0x7f0000000580)=[&(0x7f00000003c0)='[]eth1\x00', &(0x7f0000000400)='/dev/rfkill\x00', &(0x7f0000000440)='/dev/input/event#\x00', &(0x7f0000000480)='}md5sum\x00', &(0x7f00000004c0)='/dev/rfkill\x00', &(0x7f0000000500)='$vboxnet0system+trustedGPL\x00', &(0x7f0000000540)='\x00']) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000002c0)={r4, 0x100000000, 0x4}, &(0x7f0000000300)=0x8) pselect6(0x40, &(0x7f0000000040)={0x749, 0x401, 0xfffffffffffffff7, 0x1695, 0x4, 0x0, 0x2, 0x101}, &(0x7f0000000080)={0x1, 0x7, 0xfffffffffffffffb, 0x490a, 0x1, 0x4, 0x7, 0x2}, &(0x7f00000000c0)={0x4, 0x8, 0x1ff, 0x100000000, 0x352, 0x800, 0x101, 0x4}, &(0x7f0000000140)={r1, r2+30000000}, &(0x7f00000001c0)={&(0x7f0000000180)={0x800}, 0x8}) 2018/04/01 00:14:06 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) r1 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lsetxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', 'configfs\x00'}, &(0x7f0000000200)='\x00', 0x1, 0x1) lseek(r1, 0x6, 0x0) msgget$private(0x0, 0x0) 2018/04/01 00:14:06 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r4 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x4) fallocate(r5, 0x0, 0x4b99, 0x5) r6 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r6, r6, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r4, r5, 0x0, 0xc08f) r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r7, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r6, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r8 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r8, 0x0, 0x0) r9 = fcntl$getown(r3, 0x9) capget(&(0x7f0000000080)={0x399f1332, r9}, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x800, 0x3049, 0x5}) fdatasync(r4) 2018/04/01 00:14:06 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) timerfd_settime(r0, 0x1, &(0x7f0000000080)={{r1, r2+30000000}, {r3, r4+10000000}}, &(0x7f0000000000)) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x1, 0x4) 2018/04/01 00:14:06 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000)) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000052000)="21130000000000000000000000000000", 0x10) r1 = accept$alg(r0, 0x0, 0x0) write(r1, &(0x7f00000003c0)='D', 0x1) readv(r1, &(0x7f00006e8ff0)=[{&(0x7f000070bf52)=""/174, 0xfffffde9}], 0x1) 2018/04/01 00:14:06 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) getsockname$inet(r0, &(0x7f0000000080)={0x0, 0x0, @remote}, &(0x7f00000000c0)=0x10) getsockopt$inet_buf(r0, 0x0, 0x2b, &(0x7f0000000000)=""/24, &(0x7f0000aed000)=0xee88057b3128ee5d) 2018/04/01 00:14:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') getsockname(r1, &(0x7f0000000200)=@rc, &(0x7f00000000c0)=0x80) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200000, 0x0) clock_gettime(0x7, &(0x7f0000000080)) 2018/04/01 00:14:06 executing program 1: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000000), &(0x7f0000000080)=0x1da) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x101, 0x40) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f00000000c0)=[{0xb, 0x7fff}, {0x2, 0xf4}, {0x4, 0x401}, {0x3, 0x1000}, {0xb, 0x2}, {0x3, 0x5}, {0x4, 0xb4}], 0x7) 2018/04/01 00:14:06 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000001, 0x8010, r0, 0x3f) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x2000, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[@ANYBLOB="2ca0bcbe290ead544edf4db2"], 0x1}, 0x1, 0x0, 0x0, 0x8800}, 0x24000040) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={0x81, {0x2, 0x4e21, @broadcast=0xffffffff}, {0x2, 0x4e23, @multicast2=0xe0000002}, {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 0x24, 0xfff, 0x9, 0x2, 0x2, &(0x7f0000000000)='dummy0\x00', 0x0, 0x3, 0x17e8}) io_setup(0xffffffffffffffc1, &(0x7f0000000540)=0x0) io_cancel(r2, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0xffffffffffff0001, r0, &(0x7f0000000580)="bbc736d42a7146ffd6013dad6eb5a3c26fa7447eda9dc2e5adb27ff9452a620a05dc61ea30741d040aa6b78048c7a60c9e71393c04f3381c3192f0c87cb59f0b099f0574c1bfa7c6ed8df8bb201bd5bbe0b323f05956521553544665eb1f4d4b6b19b0bc3c2ff74789eb89832976e645d8597cefac9c24a3da8b82c3d66a16370907fe03fef0fa520d984b3f23e40ce7c12a98d2444fb303337921eef55965489f0cbef6f8e1b89f6cff", 0xaa, 0x5f7daf49, 0x0, 0x958f628912e0fdd4, r1}, &(0x7f0000000680)) getsockopt$inet_buf(r0, 0x0, 0x482, &(0x7f000082cfe8)=""/24, &(0x7f0000f08ffc)=0x8) munlockall() ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$sndseq(&(0x7f00006fcff3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f00000001c0)=0x95) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue0\x00'}) r4 = syz_open_dev$sndseq(&(0x7f0000d82000)='/dev/snd/seq\x00', 0x0, 0x8000000040102) r5 = dup2(r4, 0xffffffffffffffff) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000700)=0x0) r7 = getpgrp(0xffffffffffffffff) kcmp(r6, r7, 0x7, r3, r0) getsockopt$sock_int(r5, 0x1, 0x0, &(0x7f0000000200), &(0x7f0000000240)=0x4) execve(&(0x7f00000002c0)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000000300)='#security\x00', &(0x7f0000000340)='/dev/snd/seq\x00', &(0x7f0000000380)='IPVS\x00'], &(0x7f0000000500)=[&(0x7f0000000400)='md5sum[\x00', &(0x7f0000000440)="5ee000", &(0x7f0000000480)='dummy0\x00', &(0x7f00000004c0)='dummy0\x00']) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f00000000c0)={0x3, 0x5, 0x6, {}, 0xa9fa, 0xfffffffffffffff7}) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000040), &(0x7f0000000080)=0x14) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f00000006c0)={{&(0x7f0000ffc000/0x2000)=nil, 0x2000}, 0x2}) clone(0x40000000, &(0x7f0000000740), &(0x7f00000007c0), &(0x7f0000000800), &(0x7f0000000840)="37e488d0001353e58100ed6e0146796a535ce50aa17ee26ffae882b0127947b37cb17191bf90cbee62fd3fc447f133a4767dcceb6ee0e2911ae7389d243318a2fd087d5f52469a719e66c6ee8be429fae1de8d29403ba537164ae9cc8db1e566bd4e3c1c3396a46875088108abfc590794d379e2eb27fcb611583610da273d4f27fb1cac505e62f35703") ioctl(r0, 0x0, &(0x7f0000000900)="927e2ee585bb05476916da89de79c53592a3b9ecd522cbe817721f6f7148e07da5875800d9ead447e054efe796fdc59b3523bd4f35bce1b41ff8c6bbab8563ca8348442eae949c31812a454691a44da51f0ce34a2a97312675491045f2134af307ad9d8601aab3cbefb780e2c1ae2b06827ca6bb020642837da41aedd72a23610c3494b3fb339f92db0f1602c67fcda20e1ea6d07d0ce928f48da65318e523e3433e426aae017b7989a84f28e5e2cebf9ecde190aed239a5fa532455b01751c81dd32a998d90226b8cd7dd6a906b993c39d65b6d6696f82e1707ccd5a7144e9cf12abe14b9fc8b36b935a0") 2018/04/01 00:14:06 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r4 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x4) fallocate(r5, 0x0, 0x4b99, 0x5) r6 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r6, r6, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r4, r5, 0x0, 0xc08f) r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r7, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r6, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r8 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r8, 0x0, 0x0) r9 = fcntl$getown(r3, 0x9) capget(&(0x7f0000000080)={0x399f1332, r9}, &(0x7f00000000c0)={0x0, 0x0, 0x8, 0x800, 0x3049, 0x5}) 2018/04/01 00:14:06 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0x40000) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) socketpair(0x1a, 0x5, 0x3, &(0x7f0000000000)) 2018/04/01 00:14:06 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) r1 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lsetxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', 'configfs\x00'}, &(0x7f0000000200)='\x00', 0x1, 0x1) lseek(r1, 0x6, 0x0) msgget$private(0x0, 0x0) 2018/04/01 00:14:06 executing program 7: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd) r1 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f0000ef5000)='user\x00', &(0x7f00008fa000)={0x73, 0x79, 0x7a}, &(0x7f0000537ffd)='\x00', 0x1, r1) keyctl$search(0xa, r1, &(0x7f0000000080)='blacklist\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x2}, r0) r3 = add_key$user(&(0x7f0000688000)='user\x00', &(0x7f00008d9ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000f19edc)="b33ab76079ebe0d14f729cd653e520d29ad7ef0000000000000044c249b544230b9387fb8bd6ed266ccf59ef70995bf2e8e0ecd3fff32853747eda22d2818d08ca27e0ec821620e365a0e6b9485f2d925493f62113e33e5f8c7eba67fc19a9497f5b07e5849d2e875b066cd6401d36616fe0f3c3002801b4627ee7597689525e8e81f750a86eb580fb4690ea52246bd3d32b1a91f944edb74b1f50ae08c5387ed8fd0598b600579f3af3f864e1c324f6928f6672f98f7e149bd61bd78b506e8b", 0xc0, r1) r4 = request_key(&(0x7f0000a98ffb)='user\x00', &(0x7f0000626000)={0x73, 0x79, 0x7a}, &(0x7f0000dde000)="2f6465612f7675746f66730719", 0x0) sysfs$2(0x2, 0x401, &(0x7f00000005c0)=""/197) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc\x00', 0x40, 0x0) keyctl$dh_compute(0x17, &(0x7f0000000340)={r2, r4, r1}, &(0x7f0000000380)=""/249, 0xf9, &(0x7f0000000580)={&(0x7f0000000480)={'michael_mic\x00'}, &(0x7f00000004c0)="856273653cc2219f7c566b074b3314c9923bda5c0222b621dfd50e43d25ed2c655f00a5954106db509cca245c7bafb3359d8e21d93406d6c13f1e3eac96c337a0487045e2c93e55db66eb8d317ec3e4cbeeb31678f529b0fac87dd83cffa4048681878ae45c9bcc6bcb403bb171f1cf0b59b276f38314afa1994f466bf767e6675ad5b91fbfcf095cf0c6c3c213ee7156ad9a151d7a2e660e3bd33", 0x9b}) getpeername$netlink(r5, &(0x7f0000000240), &(0x7f0000000300)=0xc) keyctl$dh_compute(0x17, &(0x7f0000000100)={r4, r3, r2}, &(0x7f0000000180)=""/42, 0x2a, &(0x7f0000000140)={&(0x7f0000000200)={'sha256\x00'}}) 2018/04/01 00:14:06 executing program 0: r0 = socket$inet(0x2, 0x80806, 0x0) r1 = dup(r0) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = epoll_create1(0x0) syz_open_dev$sndmidi(&(0x7f0000000340)='/dev/snd/midiC#D#\x00', 0xfffffffffffffff8, 0x8007) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000b0e000)) dup2(r2, 0xffffffffffffffff) setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000280)=0x80000000c2, 0x2cd) futimesat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000840)) bind$inet(r0, &(0x7f00000f0ff0)={0x2, 0x4e23, @multicast2=0xe0000002}, 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000c73000)={0x0, &(0x7f0000f07000)}, 0x10) fadvise64(r0, 0x0, 0xa6, 0x3) connect$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23}, 0x10) readv(r1, &(0x7f0000000200)=[{&(0x7f0000e89000)=""/109, 0x328}, {&(0x7f0000b8bf4f)=""/177, 0xb1}], 0x2) getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000980), 0xad) writev(r0, &(0x7f00003b8000)=[{&(0x7f0000d41000)="99261065b1004c0372c17a79b1baa05c610f44aa751b7fec72ce22941b7016f7d0bbec5598716cc567ea1045a05f8caf9b577a08ff770f5d7e86b8a5028e8a7236a627b06136c40f8b2e9967ff067cb496b663f71423560eb46622298d698e0ab2860acb95b974a5128c24ec1341cc35e83242855fa2c77cb5c164f516ebcd7a1e52d5db6c8808b8ffcb19f2ce4adcd5cd735448a0776f54ba333cd30d14bcf26b68d8dab31d0d31afadd6857bb9ae9e9039184e872286558b3fb087c45699f36443fd40f920d1ed395aacf949d18ccc0f8181b64ba5b03bac62c78d72adf05655120db0f489f02237ffe8bf137f337962e630465a6be690d049a90355ae16cb146fbe2bf5f68fbc75dfcb1cdbf728f265f04e0a6a0c4b76f664327b06d6c30c843ee58da43b8c7519c7567b492e1cf34436df3579cfafc03a87f74fecde788c066cb73c9deee962c3098e210057e39348a8961f3ed467a26411e5ffb3c8f70ee1eb0840fa0f2a0de252336f8bc72d1f1120c29f02ffaea2d7596f09fe3de274a61ea52f676e34c3939b73bca544b67ca64097d813495241e0401d1d644de80f0770f69efc02a4c56e74057d13b9deef9ed39b6b53bd4ce82532a80f6e869846c79781a4a406b015ade543fc69bf18cb8d43851f4419cc55d284b796de1308d83b06f75c9e777bea7e47a9601eaeaf92adbcacfab0cdc221df196142d7cc5ab16ad136f6d5e661220ca58ef7a14f49ff03d42744520ed6148381d10bfa9526d5c748a324a32b08886b5fe7d7598074ced91e19d01e5a9424e7f4f741acc6b0803b888baad0cbf551f2f97487ca3ca84763c471179fb605e2c5d04e25396b8d7cba580e471f8ad8d964de8b97b95424591e25957d5b79fb9ddb04e74fe0a2befddbfe765a106ec5168de79e10698bec7ecb2127a5a676cbb24a4c41764a30b6ed23cef1f80fd759de6f79a81d24e1017fc56a670bc15311592b909d92e6a1c49075a89f3025c7625e75491fbc513bbc8078091ce1466c8266d711da5ae73639371d631ff1a84dd2cc21eb7686e1bbe9d54c8f4e98d30dcb361eba1bb774daa11afa85966018bdfe72cfb69edcfc866bebea8320bd195c3cec61bc2c534e3a43ad430115206523fb0f6f2f7b1bdc8762365748ffeeca5367b4ea32ec598449d7cae0e6ce0d590e7dcb23d0b30ac1e04013666bcfe616b65cc59b9cfdca35e008bdb622f0670e2f737bc291ed291d615df36c096379546b01ce3d9659926d7d60a99803b33ab9e8ef1564327f307efd950234bb34f02ac02eff9e85378beee118f3eb825ec59390d98fbcd96d41ce2ec3fe96b9ee2fcd767abdf055785ce51cf0e26aceaa621aec60f3ab5fff295913c1d6b13748a12fd36a39b7e4531df933af639f1e39844f7b3015014bce7f9e9eb3e077b43b323bfb8eb20d3e09dad3cacaf045422d4a9a78d339aa23372e7152c940ee95f1ea1e64a524a578c50d6294cc33826c28c4c3ca72e9d2a5b995126605d0f1c9215a3a3279cd9326c5592ee45f9d3c4ea59d65453ee5fc9392", 0x44b}], 0x1) sendto$unix(r3, &(0x7f00000009c0)="d33ae5a56cddd93abbb834bbd9413901f6484e8eb2cfc04fd1b9be1dce51cb730703e21a95e4508b0f2336167f1c55fc55818838a928d143de4f3bfdac78349fc6a5e7598c895c423c24627e586fdde31326745f05bb0ac4ede8e8ec5c39a266d2bc5bf7833cb6ec56346c4b9ea061da132d0845e54b3c36194962b85b0321724a6d00ba9e2ae965d6c0745e31e9fcd59a9f26635d3b663ee1655f7cf88ba27cf108c41f5bd83bf64e415b189c264f224d30d4720f552bef1599741e26ae3b034c261d666178927147a4cf9f8df95f74a4b92124d2fd8417dc69de0aedae68050801bc26f850d4c6becc56c5dd473025ad31ae887cb1e6c84be73e1d7e76f67fe0901457b78804ece6b61bddc3a50bacc5eecde084b46e3c358f2e3fb2a8e8619386ffc7f0ac99f8eeb5308a9f52479f2fbd5b6edbd2d4d43a03a78b18d4a13fccce69a2025c27bd9e2d16662548dd5391cf84421734d09da451628dc93dc6b3ce454ab304c4aab1e5f043afb3faf9e40633727c319355f07840a92f083955e528acda97884d612f3c510c0a63a94036d5ede212e1ec8218344cb4cdc158f33ab65255b8de2909bbf148b111641333b8dba410bfd187cde339c24860d926b76782b4f9bb4ca1e56280d796ee97e76a0bf77e5b37b4b357b75e63dac2229f343848d141ebc2e78516d5882b9290de5a54542c5e1540edca9b7f40e11e14d95d3f8ab065ad47abf68cdcd4c952886828c5dd2a6d79d08796e0dc4f5840719ee9efa1806adac94f6cb5686e92847d7b22eebec7636f761205162b7144044db270b5e5c987e4bf7995a52e972810b91d4ce74ab18d7674f11ff06f8c55d80d3cce033fbcfb1dd4fc82c5137b6ba40d12007e6e00e8e84d0860811f6414b0e484bf59913f7f774fb982974906dcbc476f9b3d2ebe3c96cb0d3d9e3c07602bb25a74e8edf7a3da340d4a067a0574379b94fb88742317a60ee7013b01cb958bf9df0688d8fface38ff2f2b859b579f739f9619e182d77d2c20cab1e75ced86e359f262926677b3505241e335a4b5c184bbaee7be419dcdb587d4463fbab705f227503729b0c2651f2f001c36b75ecfb91cef2153b4f8ebd27df9d4418e7189855a3841af7b9b8374b5e4c52f5aa812600c29f417c273ae9495bc252136cf911f7f3c4ecde77598222cc296634c5599b3b77019991144d43ed7cc358930f9f5b57f9a68e2ca51b8418c0e4b665d242fbe4c5a91cbd01319b2fad64481e9dbe435729da34555968bc3b6ffeed9d0279d053e7e0e7172f6d96dd74025feadbd561fe5ea36bdbd3109f23944a04510a4dabdeb71f1e99d3e7e689e70844ea8039e7b3cc275179ed64c1d6162056202a776f23822d67b81550b8edf29b33ef2fa25b0a1ae6e3b64d792ca083649f592c212d2613c830e418af2c46693751eb36ef6dd81d42bb5e1edb253b32a4fbca7e5f6a1a6e16e8d51be3bd3f8ad76bcf63f34732458149cc9ab2697f497fd27d60b85a83178b0a30cc42e4c9db3ca6a649d6e03c41b069dcfb671b075d3520929d1c5ebe3f9fba78ba4c23d5aa34512c12f0c615bf4109837f9c9fe7d22005b6094070e2edd982dd85e68c2202b08637cfad0c4a517b128a5086ae17519b230f810c35555d3f06a69a5eb66eab24e3b624e63949e88c0e7e3f3f26b32a5b4c1078524a521e4f13f731ac1edbf29789c04d2822a8617c329a0478f5f98a667645d26887ef144e47b58d9cbbeb2274570287da5cf3e3dbbea7378da072708ae53acbebe9caa55814a2f3e34439de22a1a6b957d3889bfbb62788f2e43a916fb157606d8a01d3a5b6df76c5ea0c3d6da5c7600a594a20f6efe881ff72af32423120485b2c4194e39a76446d75752b68f5a055cfeef9a941b171ac014708e70f97f10262219b2abc9483b9d6c0984cc130cc03fc3fd3c1b23ac79e0c3e13d66ea0c6180e819407d47d58123dc37f841738eccea195136708d03c96bc31eb6f54a530b9f6adcee992f73ac43acf09daa3af90089204291a491e7d001d8082971159a80fbf22b04a821d23cb822da2", 0x5b5, 0x4000800, &(0x7f0000000100)=@abs, 0x6e) getsockopt$netlink(r1, 0x10e, 0xf, &(0x7f00000001c0)=""/47, &(0x7f00000008c0)=0x2f) syz_open_dev$evdev(&(0x7f00009abfee)='/dev/input/event#\x00', 0x0, 0x0) syz_open_dev$binder(&(0x7f0000000380)='/dev/binder#\x00', 0x0, 0x802) r4 = syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x40, 0x400000) r5 = geteuid() r6 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r7 = socket$inet_sctp(0x2, 0x5, 0x84) madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x11) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f00000003c0)) setsockopt$IP_VS_SO_SET_STARTDAEMON(r7, 0x0, 0x48b, &(0x7f0000000040)={0x2, 'gretap0\x00'}, 0x18) keyctl$get_persistent(0x16, r5, r6) ioctl$DRM_IOCTL_GET_MAGIC(r4, 0x80046402, &(0x7f0000000300)=0x3) perf_event_open(&(0x7f0000271000)={0x0, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/04/01 00:14:06 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') getsockname(r1, &(0x7f0000000200)=@rc, &(0x7f00000000c0)=0x80) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200000, 0x0) clock_gettime(0x7, &(0x7f0000000080)) 2018/04/01 00:14:06 executing program 1: socketpair(0x0, 0x0, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) connect$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x5, 0x7f, 0xfffffffffffffffe, 0x2, 0x4, 0x9}, 0x5}, 0xa) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000240)={&(0x7f0000000200)='./file0/file0\x00'}, 0x10) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xece, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x100000a, 0x133, r0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f0000000040)={0x3, 0x4cd19229, 0x20, {0x77359400}, 0xffffffff}) mkdir(&(0x7f0000000100)='./file0/file0\x00', 0x0) 2018/04/01 00:14:06 executing program 2: getpid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)) getpid() socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000080)) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000100)=0x0) syz_open_procfs(r0, &(0x7f0000000040)="2f6578650000f2000000") 2018/04/01 00:14:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) r1 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lsetxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', 'configfs\x00'}, &(0x7f0000000200)='\x00', 0x1, 0x1) lseek(r1, 0x6, 0x0) 2018/04/01 00:14:07 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r4 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r4, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r5 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r5, 0x0, 0x0, 0x4) fallocate(r5, 0x0, 0x4b99, 0x5) r6 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r6, r6, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r4, r5, 0x0, 0xc08f) r7 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r7, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r6, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r7, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r8 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r8, 0x0, 0x0) fcntl$getown(r3, 0x9) [ 206.462445] IPVS: ftp: loaded support on port[0] = 21 2018/04/01 00:14:07 executing program 7: r0 = socket(0x40000000015, 0x5, 0x0) mmap(&(0x7f0000000000/0xfb8000)=nil, 0xfb8000, 0x0, 0x12, r0, 0x0) mmap(&(0x7f000008b000/0x1000)=nil, 0x1000, 0x1000008, 0x810, r0, 0xa) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x68, &(0x7f0000000000)=[@in6={0xa, 0x4e20, 0x1c8, @local={0xfe, 0x80, [], 0xaa}, 0xfffffffffffffffd}, @in={0x2, 0x4e24}, @in6={0xa, 0x4e21, 0xfffffffffffff90a, @local={0xfe, 0x80, [], 0xaa}, 0xffffffffffffffff}, @in={0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e20}]}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000140)={0x200, 0x820e, 0x3, 0xa9ed, r1}, &(0x7f0000000180)=0x10) keyctl$join(0x1, &(0x7f0000000080)={0x73, 0x79, 0x7a}) readv(r0, &(0x7f0000000400)=[{&(0x7f00000001c0)=""/215, 0xd7}, {&(0x7f00000002c0)=""/53, 0x35}, {&(0x7f0000000480)=""/9, 0x9}, {&(0x7f0000000340)=""/76, 0x4c}, {&(0x7f00000003c0)=""/64, 0x40}], 0x5) 2018/04/01 00:14:07 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f00000000c0)=r0) r1 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x63, &(0x7f0000000300)={'HL\x00'}, &(0x7f0000000140)=0xfffffffffffffdca) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x22, 0x0) ioctl$TCXONC(r2, 0x540a, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) fcntl$F_GET_FILE_RW_HINT(r3, 0x40d, &(0x7f0000000240)) r6 = dup2(r3, r5) dup3(r5, r4, 0x0) ioctl$TCXONC(r2, 0x540a, 0x0) r7 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x0, 0x0) ioctl$KVM_PPC_GET_SMMU_INFO(r6, 0x8250aea6, &(0x7f0000000180)=""/103) setsockopt$bt_l2cap_L2CAP_OPTIONS(r7, 0x6, 0x1, &(0x7f0000000000)={0x6, 0x63, 0x3, 0x8001, 0x8, 0x5, 0x401}, 0xc) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x0, 0x0) 2018/04/01 00:14:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$getownex(r0, 0x10, &(0x7f0000000000)) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@local, @remote, 0x0}, &(0x7f0000000140)=0xc) connect$packet(r0, &(0x7f0000000180)={0x11, 0x6, r1, 0x1, 0xffff, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x14) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0x200, 0x10000) tee(r0, r0, 0x910d, 0x5) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/syz1\x00', 0x1ff) 2018/04/01 00:14:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) lsetxattr(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)=@random={'btrfs.', 'configfs\x00'}, &(0x7f0000000200)='\x00', 0x1, 0x1) 2018/04/01 00:14:07 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') getsockname(r1, &(0x7f0000000200)=@rc, &(0x7f00000000c0)=0x80) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200000, 0x0) clock_gettime(0x7, &(0x7f0000000080)) 2018/04/01 00:14:07 executing program 6: r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002) write(r0, &(0x7f0000bfa000)="b6d3b85e1e8d225db3f3b29d7300000005cc796aed5ed2bc7018ce2c9b97ae21914d870000ffffbc9b16", 0x2a) mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000) r1 = getpid() getpgrp(r1) ppoll(&(0x7f0000563fe0)=[{r0}], 0x1, &(0x7f0000313ff0), &(0x7f0000cee000), 0x8) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000100)) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000040)=0x14) 2018/04/01 00:14:07 executing program 0: r0 = perf_event_open(&(0x7f0000000000)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000123000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xeef000)=nil, 0xeef000, 0x0, 0x32, 0xffffffffffffffff, 0x0) read(r0, &(0x7f00006de000)=""/50, 0xa7339b2c) fcntl$getflags(r0, 0x40b) 2018/04/01 00:14:07 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) r7 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() lseek(r7, 0x0, 0x0) 2018/04/01 00:14:07 executing program 7: timer_create(0x7, &(0x7f0000000140)={0x0, 0x17, 0x0, @thr={&(0x7f0000000000), &(0x7f00000000c0)}}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{}, {0x0, 0x1c9c380}}, &(0x7f0000cbde6c)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{}, {0x77359400}}, &(0x7f0000000080)) r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000200)={0x6, {{0xa, 0x4e21, 0x0, @loopback={0x0, 0x1}, 0x9}}}, 0x88) 2018/04/01 00:14:07 executing program 1: r0 = syz_open_dev$tun(&(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x80000, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x1fcd}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000180)={r2, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1a}}}}, 0x84) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000240)={{0x6f2, 0x5, 0xffffffffffffffe4, 0x5, "69d2045433e25b64fe248dacf789fd5408891cb93f0926c8531daed551c2c9870bf90c1af99f60c2014fd842"}, 0x2cf, [0x200, 0x5, 0x4, 0x4, 0xc7, 0x5, 0x1, 0x8001, 0x4, 0x7fffffff, 0x1, 0x9, 0x0, 0x1, 0x6, 0x0, 0x0, 0x8e, 0x9, 0xffffffffffffffff, 0x7, 0x8c28, 0x34965d79, 0x2, 0x1, 0x1, 0x7, 0x92a, 0x2df, 0x100, 0x81, 0x6, 0x80, 0x3, 0x4, 0x100000, 0x8001, 0x1eac, 0x4, 0xfffffffffffffff7, 0x4, 0x7fffffff, 0x2, 0xffffffff, 0x0, 0x81, 0x0, 0x9, 0x1, 0x9, 0x40, 0x2, 0x3, 0x2, 0x7ff, 0x3f, 0x6, 0x8, 0x9, 0x9e7, 0x8, 0x4, 0x40, 0x1, 0x0, 0x3f, 0x3, 0x7fffffff, 0x9, 0x0, 0x3, 0x980, 0x7fff, 0x100, 0x401, 0x5, 0x4, 0xdb3a, 0x205aa639, 0x2e, 0x3ff, 0x4, 0xcbf, 0xb0d, 0x101, 0x8000, 0x8, 0x101, 0xaa, 0xff, 0xfffffffffffffff9, 0x400, 0x8, 0x8, 0xed2e, 0x3f, 0x1, 0x40, 0x80000000, 0x9, 0x9, 0x7fff, 0x400, 0x2, 0x0, 0x2, 0x5, 0x1f, 0x7, 0x5, 0x1, 0x45c9, 0xfffffffffffffffe, 0x3, 0x4, 0x9, 0x3, 0xffff, 0xfffffffffffffe00, 0x1, 0x7fff, 0xfffffffffffffe01, 0x2, 0x3, 0xd746, 0x0, 0xffffffffffffd33b, 0x4], {0x0, 0x989680}}) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'ifb0\x00', 0x4012}) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000100)={0x0, 0x15b, [@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @empty, @link_local={0x1, 0x80, 0xc2}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}]}) mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1, 0xc150, r1, 0x0) setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000740)={r2, 0xebe5, 0x1000, 0x7}, 0x10) 2018/04/01 00:14:07 executing program 7: r0 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setresuid(r1, 0x0, 0x0) readv(r0, &(0x7f00000012c0)=[{&(0x7f0000000040)=""/33, 0x21}], 0x1) ioprio_set$uid(0x3, r1, 0x0) 2018/04/01 00:14:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000004480)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@dev}}, &(0x7f0000004580)=0xe8) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000045c0)={@loopback=0x7f000001, @broadcast=0xffffffff, r1}, 0xc) fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) 2018/04/01 00:14:07 executing program 0: r0 = getpgrp(0xffffffffffffffff) getpgid(r0) mkdir(&(0x7f0000002780)='./control\x00', 0xffffffffffffffff) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000940)='/dev/sequencer\x00', 0x141000, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000980)={0x200, @time={0x77359400}, 0xffffffffffff3d42, {0xb0, 0xa1}, 0x6d, 0x0, 0x9}) r2 = syz_open_dev$sndpcmc(&(0x7f0000002840)='/dev/snd/pcmC#D#c\x00', 0x0, 0x50a01) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000002880)=0x9) r3 = userfaultfd(0x0) ioctl$TUNGETSNDBUF(r2, 0x800454d3, &(0x7f0000000900)) r4 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x800, 0x0) ioctl$VHOST_SET_LOG_BASE(r4, 0x4008af04, &(0x7f0000000240)=&(0x7f0000000200)) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r5 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r5, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) mount(&(0x7f0000000040)='./control\x00', &(0x7f0000000080)='./control\x00', &(0x7f0000000100)='xfs\x00', 0x21000, &(0x7f00000001c0)) unlink(&(0x7f00000000c0)='./control/file0\x00') rmdir(&(0x7f0000002940)='./control\x00') unlink(&(0x7f0000000140)='./control/file0\x00') syz_mount_image$bfs(&(0x7f0000000280)='bfs\x00', &(0x7f00000002c0)='./control\x00', 0x1e4, 0x4, &(0x7f0000002680)=[{&(0x7f0000000300)="0d90c767fee73808e9f55d97019f6bf9a3526cab4e7dfeb2659c22e8a685e7e7a3722bc5c1c766b5bd0e131d63d05bf2261ed416ddce03b443cb2bf7a236a61a6a6ed45d640a645d97251d1cdf41b20e561278c4af626f1c2b0d8ed100d2528872315ab5924558647ec2805fef4d2318b2f449173a0113a5cc450f90636a1c0f45cd89b00495579d16b02105e0c50fc48b15e2cf8aa9a4af2bcca507daf45c9032dab085cc082f62fd1da504f7b17b03a8f7b1b6121d0e8cc85c14c53addb200377a8d6977e4537d01bc9cf1e15d4ebb563da1128377223b9b0af5a82ce13998c84d976eb51e651e6862d34f85efa8f252215b6edd0f2f7ee20d5aa0b80cc7bf30302e1de7e66e7f48c6aba18ed10b007b12b002aad1eb06b0179bb29e452b7d6f4b56d06289fce05e693240ea94551a8eaa4dd5bb9789327ad12e168d845456524ab88b895bb578a4d993975fc437c547553b6fb962d44db26beb4de17a8ff4cdd66d270ca1ffec7828a7d5b69ddaf67f8efd514ef38e611e9f1e5c31c4fc1454563eea5d480a100507515dc90b637ea531400c428f3e6cd7f7e2ce54b791261206b9349ab8ade85f0950db6c6038888540cd514af357319572ce033c7cf96eff2b982cab69f1a5015f32729b76a1ed7c15b03dcab43da14e44597cf173f43d7fe688581ebb05e43caa24caa7fe02b84c3c4a4d7d87d134e5c6323edf517f80e5aba54cc9747c2129652f0b80755d787ce9ed347269c8f8cc84b146ec0aae6bc2b59dd8988f757d2c065c4d2dd9bb715815f3da8c7c5c9d7f8cd0e0459429d1025f764adf964c12de0eea55b78b8a90e70d9f42b9d6cf549bc30c8fa81ab345550fbc3956f16bbe421003edec4d7433473a82bba50a5464899b114e5a9e857d68aa54be19b5a84c6f31bd812d8db62333296d1bb861fc4edc30fef4937025ceec798fa416a7edd691f413c10f06c5e8398bca68960ad5d9f5eddb51adbfe9abb9e0f66097a258d5f316d2be505f94ac624942d22ebf0ebdeb11ef96ddb886e7bb06c5b5d2225253517049394100377f5261b51202c36b31b0e2b1febe048e3592fcc21755ade9cf518bca29f05a5527779661b76ad801447d3d2b6ae9337595f209536419c6e7cab5687693a33ac505a864c8214fbaca118821ae892e677184bfef84a9f9f19bc4ff52db56cfee867cf25ece53590e152f2039aea3617f4abac0152a87282856171b46659a60b41b2f570512660a41f71bd5ddc2a13218cae47e9d0be544a1ebb2cebcdcfce2b0b81328b6800f56a2e7221d9e474b0682e3096debb4f6766dd9a02770c75eb9cb356d2327e94807ebf49f417c42f43c9ffb93bfa6b2d70a95f64d029cc392ef88b66839b632445326037775117304824d74e903a1339f1b38d014c53d6eb9a140362b19fb120844118e2a4a343e9df1d3274a850c954fcab0abcb3b01be1e5ff78c14765f4e0c0aadde7f41208e07a5e9c8555310c30d205b7e03a4b0b0c6e08a21f2aaa2461d195667360e0ee56706987744eb30bce6dd549f07bbadec5687301fbdc10a3c0231cb25808b3291bba84f6f6b2797aa97c7d62f3e944f452f18bff7c6a4ad4a9df0f121239ccd8c51a40e20dde4f4ddaaf57fbf2421322af07bee8a22fa72789762a13f6a3f9f9c21910c81ba739e005fa5a2b5c63107f3ffd69012ca160c2d6ecd46c2746434ff70796c108b7ddf603f3972a937af446a2e41b1d243ce416257e25efa80e814ea1d3074061f138e754bf9fc7273a83393a0913970a71270bdec011786ad44c4310229c70e23a5a8a029af31e7201f5df64da4b7bb61d54f752b599f89a0b916536bde48a246f56cbfe5ae6383d29513dedf673a962b9e96e2f1cd2f19691493468d7e6672dcf86f5819406baab9a6574826683e17caa6a042bfaa488550e96dacab5b1666b2ba842192af1a9a770b555c8115fd76e702894f146fc91bad7bbfba2e628d54e9cff7126463d8bbd68c1360308c6a14c842ad152c65c0914746d0bb5957ec7249117e1c7189fd663fbd1af56c101788731841f15a6ebad1d5ffdfab557e204bd3e041945697245edebbc9ce5f25959b68908f466a81308e7f1472e69c470b9550e0d927a7f8cd10c93cc510cdcde8872ed6949dcbeee11f9011f07e99227542", 0x5ff, 0x8598}, {&(0x7f0000001340)='Z', 0x1}, {&(0x7f0000001400)="396077f02d1629b09d727375b38b6af6cd56d3ca4ed43a82bfe9ef37f3786ab7669b302b3c77a94ee53ba54c296e2e152c6f45cec426818ee4265f0e9e612c7e858365e71b3ee47b9f30953f26245c02a6f62f72c5920993a89ca72110d8de66a1a4a3ef9fc13ad765fcfae150510d8929607ac34da832ed66927578d5f58ca167733ededf97a1e1663a4d50b0e5e589ae381754518e014c34d4bec652a07ddb1746830ccd482b4e7a2f51933f52848dc5f7f8e9d0eebd8cfc33ec90ffd8e5bb6f55a38948506c878d7c578bccf396183f6a4178256cb2f758b4c6f32b60a5f2d4e8a1e9bdce6ebcf59199c604cf333ca06d633bd7f632c9038de97a8f7e274f95f3711fd65376de84ebf8dd5fd9254e7d16c93a66da4cbdb51969939fee23c0c46a5efc48ba829c7a5b3154bf790435e06b16098cabe73ff612ad1606b115be0f521380a7a4ebcbf9f390dc8e1ec1b8ad3a586382f7423064f0a7ecce55d331a67785fd005ed0c164e4898649df0850f180268468eca33115ac2a96704e1fa6b113538d55101274c2356459494744d9a8a0c1dbdbab0f06ca269555e52a64ae8018d6cf95ccd045c9758b865cf51129625fac466c3495b34b9a2b209e3d14a4442c7de406ac1a2a9a614b82eee949633062924f6c9062388a402d55669f5232a81eab96f3f7a0e01dd641c30ff9cf7700c5abee727d70df64ebcc6f35ef17c99af0ca4d17302354ef79a5af61badcb152c38687891ac50dcbc7fb4e9f3592380060a9ae49ab672f7534d5add2f92b99a2be48ec93ca8c1919fc29a443cb597dc5cf0986d88c35e599cd1fac49b99a9c5657ce06a1949eed5d43134a407c88fb18242b8679aba7e0a3d7655a78384ca0877a42d4d13ae08faa541c7cfeb3966feb21ac62fc113b896dbbf953049f634b15f6e218b3d69ff79b224303ba75c5c95d0e87dd1ac027ae366065bc7a422d0aa5af8a9c629e6079e271979b5f3b5bb3ce064f4b08a70bfbb0457b7c72abc73e04bfefca8d389980bc0fd921787b8ab0d76f4071e70e72c973d890de3b4b28006abf72fc25f544d4b5dc9c93648dd5e6bd84d179379ecbeb0fb57e0cc1ba7dddc192d99a3cd5bd1f88dc0aa58746764b06f54dcfd8f5a1528a2353c841364dd1a342d8ce1afba3c0e33c27010e78ecff8244a705bb028681abb3c32e747708f9ea290be07c0a5539728348ae2b70093090c776a55a187323d95521722466cb0612e15f9260c6685cf90c6b04489bf9100be6768a8f53d75aebdca8dbf603e877db022a380de451329b1bd100041a5e739e297789bc9ea299ea2bffd1217c2d7204b6710ad45df08b9ede4d33114d74d4812bad8afa3360c45d6bf7e07b678b4c34f48bb738acd921a8dadcecca91517852584c45db9fac5cb521692268bc553351984a1c1df7143def082d76099ffaa819418f08c9f63a0d4a4063f98876b738466acb3eadcd5117853ad61c4ad65fc2093e77df4656005780d35ff88ed1aaa7ae9844ba5f3a2d2c92b879ba689368f5ef4ed9cbc6badbc096250037fbddefecc42d331a832ce1eb6d7722f81e8c40a2e9b47723119f5f44b31833a96807215bf4164effbf1f253eead4a3c0a8b69ecb66bb8fa83dc7f5de91cfba3efe73359cce54d30a541b6df1571481eba74f80ae47e48803c443c9ebffbac81aba9fb6b4ca6d30181e5a8cffdcfe76404eaa7745972f3cebb57c3d94620438c66c5eeefb4ec3ff7ec5dbc30b1979e8f69412d7776ee05687c9743546dda12de18b2ddd676e3470001b7a96477ef92424982e86b241d87564dc44a64b9d54c4a7b936a99f58a3ddf1a7296f1d7ee1dcc234e429853e95b5d3e6b9c8015d01b748c811146381f9090418e0d6bd675af5d77419828116ee0a2cc9d203a1042396b4059094d3b5624bfec10a8f909d33b864c4d0c4ad7096a66ab84f17f1a1eb84e4b39b6a0135c34fb3f9cebee720bdbdbbf0df53285042e526f56172af613e9de5f7f687420d3e89a9a3e087d81ab9d1c9b6ea72b7e076598e0cdb9d18a51a42f662af496bd853c5050d1a7d3b6f4769f38bc3d0477b41128a30917d6554fe719aa619b08926f6c29cb11dd936a1ce098061656ffae1c54d8fd29c36aee7c155defa7d89b2799819646b1aa6d162aea232fbeaa07b91e6be2d9ebd1481737dcb45a0c6a08a68b3e34ac1cccf4529eb88d6f52d0b2bca052dd82407eecc8876c1572ac0305d79c94dee80bfdb70dc39ed81da198966bcce3ee5a4c53c8cded07d5e94c94dd319610b2723dd0ff3a931999f530039ad14446b14f5fc17d9d0012c41da7b090b173bd554380a669c2c7708ceba125d7340ada29609f9253fbb7fb64c8c9a8601c195fc4561238d0567dbf8057860ec7790e60a4f647ea11efd1bf0cca7a5d737e51390dcbaeec60a90c8136082a35232204f76d7a46c5e3054a2f0d2fbad1ec45dca41d2aa56cf6839f8bf195145e51645b59fff64a6fc6a055c0c08f496013e4eb5cfa2aa408d8dc269adfc2d7b2bd196029bdea83506a58c2ac95cd2b29e6be8c1fedc872abcf080eabd19ef180b38baa59f98c7fe61324962b1f535e4285aeeca84f2b3e7120746716c566901379e3ed0511662b506b812091b79afb781f89b2dcf595f3b0cba8503f5158c1a7b8fac8fc5e76bc929ad486ed952d6fda09250f236123e641996bbacc36125040147a0cd0fbb0e010cc39ee3c0d0dfce76df6d49b2ba76e0b78d99b0572a660f1c9df0cbc1c61764c49228fe8ffe", 0x7ac, 0xfffffffffffeffff}, {&(0x7f00000024c0)="617ed639bffa6c1595d29ff010afbc18b10574c81e37805cccc81fd36aa9eab8517145d228ed7b7d085721459e21af897abbd07d05b0da104617fb5bedc01eb73db37c64e1cced5833b3c2ab252120b1d3993ecc1803a8da89fa1e1daefc45d7ed0a83f7c7445baee2c07dc2c5eec3cabe67b264e0f85e2a39e56a10ac00a0dcec2b14ece726fee4cad3ba7542a0d2310c4f46c084c51a719925b2e59b91bab7efd250c1f2a4290e50e9", 0xaa, 0xfffffffeffffffff}], 0x10080, 0x0) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000002740)={0x0, 0x80000, r5}) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r5, 0x84, 0x12, &(0x7f00000028c0), &(0x7f0000002900)=0x4) ioctl$DRM_IOCTL_GEM_FLINK(r5, 0xc008640a, &(0x7f0000002800)={r6}) close(r3) openat$cgroup_procs(r5, &(0x7f00000001c0)='cgroup.procs\x00', 0x2, 0x0) 2018/04/01 00:14:07 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) sync() 2018/04/01 00:14:07 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x4) write$fuse(r5, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30) 2018/04/01 00:14:07 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6a8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, r0, 0x1) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000002c0)=ANY=[@ANYBLOB="078000000000000007000080000000000001cdab621cbd576c826ea2d9487b0000070000fbcee4b0fb63e54731b68f220005000000000000000d000080400000007d0a00000000000006000000000000000700008001000000070000000100000001000000000000000d0000c0000200000001000090dd00000900000000000000000000000000000007000000010001000600005e4cb5833199dbb1ef2200000000000000000001000100060000000852e18fc2338df3062911c96ca31740f78d7cd391c016c67b9db8e9d186d8e9d50141155ceee16228165650f6793f3e08d483cd91bc532373fe497222d8f463027a72fbac33"]) lseek(r0, 0x0, 0x0) futex(&(0x7f0000000080)=0x2, 0x1, 0x0, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000140), 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f0000000100)='\x00') 2018/04/01 00:14:07 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') getsockname(r1, &(0x7f0000000200)=@rc, &(0x7f00000000c0)=0x80) openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200000, 0x0) 2018/04/01 00:14:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xc03) 2018/04/01 00:14:07 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) 2018/04/01 00:14:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000180)) 2018/04/01 00:14:07 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x4) write$fuse(r5, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30) 2018/04/01 00:14:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0x44800) syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xb8b, 0x181000) 2018/04/01 00:14:07 executing program 1: r0 = accept$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, @dev}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r1 = socket$unix(0x1, 0x6, 0x0) r2 = dup(r1) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000200)={0x3, 0x6, 0x1ff}) fcntl$getown(r1, 0x9) ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f0000000040)=0x5) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x8400, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000240)="26740dbe1dadd08cc7bf622023757822", 0x10) accept$inet(r0, &(0x7f0000000280)={0x0, 0x0, @rand_addr}, &(0x7f00000002c0)=0x10) ioctl$sock_ifreq(r1, 0x8000000008b0f, &(0x7f0000000080)={'bridge0\x00', @ifru_hwaddr=@link_local={0x1, 0x80, 0xc2}}) 2018/04/01 00:14:07 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') getsockname(r1, &(0x7f0000000200)=@rc, &(0x7f00000000c0)=0x80) 2018/04/01 00:14:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000280)=0x4) 2018/04/01 00:14:08 executing program 7: getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(0xffffffffffffffff, 0x84, 0x8, &(0x7f0000000080), &(0x7f00000000c0)=0x1) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/vhost-vsock\x00', 0x2, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r1, 0x80045400, &(0x7f0000000240)) ioctl(r1, 0x10000002284, &(0x7f00000000c0)) getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x0, &(0x7f0000000100), &(0x7f0000000140)=0x4) setsockopt$ipx_IPX_TYPE(r1, 0x100, 0x1, &(0x7f0000000680)=0xc22, 0x4) ioctl$TCSETAF(r0, 0x5408, &(0x7f00000002c0)={0x0, 0x5, 0x3, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0x4, 0x7}) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={0x0, 0xffff}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000440)={r2, 0x2}, 0x8) setsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000040)=0x6, 0x1) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000200)={0x1000, 0x0, 0x3, 0x100000000, r2}, 0x10) futimesat(r1, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000640)={{}, {0x77359400}}) keyctl$describe(0x6, 0x0, &(0x7f0000000540)=""/94, 0x5e) getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000300)=""/113, &(0x7f0000000380)=0x71) 2018/04/01 00:14:08 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) 2018/04/01 00:14:08 executing program 1: mkdir(&(0x7f0000000200)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000014000)='ramfs\x00', 0x0, &(0x7f0000000000)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) symlinkat(&(0x7f000001effd)='/', r0, &(0x7f0000d06ff8)='./file0\x00') getdents(r0, &(0x7f0000000000)=""/55, 0x37) [ 208.073963] BFS-fs: bfs_fill_super(): No BFS filesystem on loop0 (magic=0000005a) [ 208.104798] sd 0:0:1:0: device reset [ 208.138784] sd 0:0:1:0: device reset 2018/04/01 00:14:08 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x8, 0x2000) 2018/04/01 00:14:08 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r0, &(0x7f0000000000)="8da59e81047c4573b0dbc1f579581f0efb40d956b17cc29ee1189b574476a3c54f6a5960cee8f4bf01915252df21f0deced439d754c1ea39d6a7163ad229268e104963c62ed5512e634017cb1c78d2020ff52baa40d8a9bdef83382e9547bf2ab655f3eb3bb4eb009225567a4eeec2c2089c07be82", &(0x7f0000000080)=""/2}, 0x18) 2018/04/01 00:14:08 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x4) write$fuse(r5, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30) 2018/04/01 00:14:08 executing program 1: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x104) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000200)=0x3) r1 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x0, 0x100) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x40000, 0x44, 0x4, r1}, 0xfffffd8a) socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(0xffffffffffffff9c, 0x40bc5311, &(0x7f0000000240)={0x400, 0x3, 'client0\x00', 0xffffffff80000000, "c184474187d08cd8", "d4295cc10a3fff3d8fb73afdbb85163b7d83c12335a68f5710bc38ba30a02659", 0x200, 0x1}) finit_module(r2, &(0x7f0000000000)='GPL\x00', 0x3) r3 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x3, 0x10200) ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000080)=0x3) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x9, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000b60001611085ff00001d000000000000009500000000000000f960d3f6ce8f6b5b9825c769da0c817221726fbe6f246a00eefe884f00d79df818185748c5a2b3b6d790d55ebe390000"], &(0x7f0000f6bffb)='GPL\x00', 0x1, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) 2018/04/01 00:14:08 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) ioctl$sock_bt(r1, 0x541b, &(0x7f00000002c0)="1a1749d6613f25162c85fb16a8535730033cf61a4ae20191cb1c499f2e15f4a40ba674e11f76c490057c0b72da9f75") rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:08 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) 2018/04/01 00:14:08 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'lo\x00', &(0x7f0000000180)=@ethtool_regs={0x4, 0x7f, 0x8b, "7977f7a646b4178dbeff8e494937f06254d96ed970b55590607cc15f1f1bfe7b7ee1cdd794d955481727e7c1045690f67f6ce4f1fe5044589861077294fc6acf8c3f395ee7e732569dc14cc0a4f85e924fd1e220f22443da5d733dfabd2189463d00ca4bbfcc4c96cd2fcf72d22d4a01b75a62040b6f67458e2ed5428c5f20557253b348eafbd0a73530d0"}}) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:08 executing program 7: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r5, 0x10e, 0x4, &(0x7f0000000140)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000300), &(0x7f0000000340)=0x4) [ 208.214811] BFS-fs: bfs_fill_super(): No BFS filesystem on loop0 (magic=0000005a) 2018/04/01 00:14:08 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0x2002) [ 208.364321] FAT-fs (loop0): Directory bread(block 6) failed [ 208.401413] FAT-fs (loop0): Directory bread(block 7) failed [ 208.423924] FAT-fs (loop0): Directory bread(block 8) failed [ 208.447430] FAT-fs (loop0): Directory bread(block 9) failed [ 208.467343] FAT-fs (loop0): Directory bread(block 10) failed [ 208.482693] FAT-fs (loop0): Directory bread(block 11) failed [ 208.488749] FAT-fs (loop0): Directory bread(block 12) failed [ 208.495872] FAT-fs (loop0): Directory bread(block 13) failed [ 208.501831] FAT-fs (loop0): Directory bread(block 14) failed [ 208.507713] FAT-fs (loop0): Directory bread(block 15) failed [ 208.534402] attempt to access beyond end of device [ 208.539654] loop0: rw=2049, want=40, limit=6 [ 208.567666] attempt to access beyond end of device [ 208.572790] loop0: rw=0, want=40, limit=6 2018/04/01 00:14:09 executing program 4: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:09 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x4) write$fuse(r5, &(0x7f00009eb000)={0x30, 0x6, 0x0, @fuse_notify_retrieve_out={0x0, 0x0, 0x7}}, 0x30) 2018/04/01 00:14:09 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) capget(&(0x7f0000000180), &(0x7f00000001c0)={0x9, 0x0, 0x5, 0x1, 0x1ff, 0x8}) 2018/04/01 00:14:09 executing program 1: pwritev(0xffffffffffffffff, &(0x7f0000001c00)=[{&(0x7f0000000000)="f9dad311738fafca77cf837dd1aabc2be72dae6db82d90f891d7c817148a5112d12a0ff7a83fbddd0a4b6f6624e9aa6e09567c8d98f45760fa070000", 0x3c}], 0x1, 0x0) mkdir(&(0x7f00000003c0)='//file0\x00', 0x2) r0 = open$dir(&(0x7f0000000300)="2f2f66696c6530022f66696c653000", 0x40000, 0x8) r1 = open(&(0x7f0000000500)="2f2f66696c653002", 0x400000, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000280)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000340)="2f2f66696c6530022f66696c653000") rmdir(&(0x7f00000006c0)="2f2f66696c653002") r2 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000840)='./file0\x00') preadv(r0, &(0x7f0000000f00)=[{&(0x7f00000008c0)=""/67, 0x43}, {&(0x7f0000000b00)=""/254, 0xfe}, {&(0x7f0000000940)=""/50, 0x32}, {&(0x7f00000011c0)=""/192, 0xc0}, {&(0x7f0000000980)=""/31, 0x1f}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x6, 0x0) symlinkat(&(0x7f0000000000)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00') syz_mount_image$bfs(&(0x7f0000000680)='bfs\x00', &(0x7f0000000140)='./file1\x00', 0x5, 0x0, &(0x7f0000001000), 0x0, 0x0) umount2(&(0x7f0000000000)='//file0/../..\x00', 0x2) write$rdma_cm(r1, &(0x7f0000000a40)=@create_id={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000a00)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r2, &(0x7f0000000a80)=@destroy_id={0x1, 0x10, 0xfa00, {&(0x7f0000000580), r3}}, 0x18) linkat(0xffffffffffffffff, &(0x7f00000000c0)='//file0/../..\x00', 0xffffffffffffffff, &(0x7f0000000140)='//file0/../..\x00', 0x1000) open$dir(&(0x7f0000000740)='./file1\x00', 0x0, 0x90) symlinkat(&(0x7f0000000700)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000780)='//file0/../..\x00') renameat(r2, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)="2f2f66696c653002") splice(0xffffffffffffffff, &(0x7f0000000540), 0xffffffffffffffff, &(0x7f0000000640), 0x206, 0xa) umount2(&(0x7f0000000180)='./file0\x00', 0xe) name_to_handle_at(r2, &(0x7f0000000240)="2f2f66696c653002", &(0x7f0000000400)={0xea, 0x7, "41dbeaa54eca2033e51ae6346422b85106a175282f5f50c3f5858dd79e5bc81243c48bf9ca9440e57e5f96ebe0c578d0dbe6c7d1c53df251d82d24c99eb58a225318c87cfafe2687db89e33f27ac7b305c5de5fc510f771bf810bb7766d1dc1bee34185e97ab54deb44460b4a099692412fd23b657be2fe453ba959933497950a3474bc302c7043020a9bc78c28bc80bd083889d42e60d208baeab098f7e1d1f8b34856b8780ecb95dd09a32f67089eea262a798a864e07d6a8ada57251d5ee722a2150d699a14b229423669a283d26c19ed8021b4b2e495cc822c712de307cede8c"}, &(0x7f0000000380), 0x400) open$dir(&(0x7f0000000040)="2f2f66696c653002", 0x0, 0x0) renameat(r2, &(0x7f0000000100)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00') unlinkat(r0, &(0x7f00000000c0)='./file0\x00', 0xfffffffffffffffd) 2018/04/01 00:14:09 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) 2018/04/01 00:14:09 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'lo\x00', &(0x7f0000000180)=@ethtool_regs={0x4, 0x7f, 0x8b, "7977f7a646b4178dbeff8e494937f06254d96ed970b55590607cc15f1f1bfe7b7ee1cdd794d955481727e7c1045690f67f6ce4f1fe5044589861077294fc6acf8c3f395ee7e732569dc14cc0a4f85e924fd1e220f22443da5d733dfabd2189463d00ca4bbfcc4c96cd2fcf72d22d4a01b75a62040b6f67458e2ed5428c5f20557253b348eafbd0a73530d0"}}) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:09 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x4000, 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:09 executing program 7: syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0xfffffffffffffff8, 0x121601) r0 = perf_event_open(&(0x7f0000001f88)={0x1, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) [ 208.582205] attempt to access beyond end of device [ 208.587245] loop0: rw=0, want=40, limit=6 [ 208.593232] attempt to access beyond end of device [ 208.598221] loop0: rw=0, want=40, limit=6 2018/04/01 00:14:09 executing program 2: ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)) r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) [ 208.680063] FAT-fs (loop0): Directory bread(block 6) failed 2018/04/01 00:14:09 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000240)=0x29e) 2018/04/01 00:14:09 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 208.729128] FAT-fs (loop0): Directory bread(block 7) failed [ 208.774276] FAT-fs (loop0): Directory bread(block 8) failed [ 208.820412] BFS-fs: bfs_fill_super(): No BFS filesystem on loop1 (magic=00000000) [ 208.832225] FAT-fs (loop0): Directory bread(block 9) failed [ 208.853450] FAT-fs (loop0): Directory bread(block 10) failed [ 208.875430] FAT-fs (loop0): Directory bread(block 11) failed [ 208.882592] FAT-fs (loop0): Directory bread(block 12) failed [ 208.909687] FAT-fs (loop0): Directory bread(block 13) failed [ 208.920708] FAT-fs (loop0): Directory bread(block 14) failed [ 208.929112] FAT-fs (loop0): Directory bread(block 15) failed [ 208.960187] attempt to access beyond end of device [ 208.965228] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:09 executing program 7: r0 = socket$inet_sctp(0x2, 0x7fffffffffff, 0x84) r1 = socket$bt_cmtp(0x1f, 0x3, 0x5) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000380)=0x7, &(0x7f00000003c0)=0x1) unshare(0x28020000) unshare(0x8000000) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e23, 0x2, @mcast1={0xff, 0x1, [], 0x1}, 0x6}}, 0x2, 0xffffffffffffffff, 0x10001, 0x9, 0x3ff}, &(0x7f0000000640)=0x98) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000680)={r2, 0x8}, &(0x7f00000006c0)=0x8) connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) socketpair(0x4, 0x7, 0xffffffff00000001, &(0x7f0000002940)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000002980)={r1}) getsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f00000000c0), &(0x7f0000000280)=0x4) listen(r0, 0x2000000000020) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000440)={0x0, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x7bb7, 0x4}, &(0x7f0000000500)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000580)={r6, @in6={{0xa, 0x4e22, 0x6, @mcast2={0xff, 0x2, [], 0x1}}}}, &(0x7f0000000540)=0x84) socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000100)={r7, 0x5, 0x41a, 0xfffffffffffffffe}, &(0x7f00000001c0)=0x10) setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0x7, &(0x7f0000000080)=0xd7e, 0x4) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000700)={r7, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xfffffffffffffff8, 0xe98a}, &(0x7f0000000140)=0x90) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f00000007c0)={r8, 0x175c}, 0x8) r9 = socket$netlink(0x10, 0x3, 0x4) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000200)={0x31, 0x42, 0x8000, 0x10000, 0x8000, 0x1ff, 0xffffffff, 0x3, r7}, &(0x7f0000000240)=0x20) r10 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r10, &(0x7f000070ffe3)={0xa, 0x1000004e20}, 0x1c) sendto$inet6(r10, &(0x7f000023effe)="7f", 0x1, 0x0, &(0x7f000010e000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r10, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in={{0x2}}, 0x0, 0xf7fffffffffffffd}, 0x98) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f0000000800)) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000000)={r6, 0x307}, &(0x7f0000000040)=0xfffffffffffffdac) writev(r9, &(0x7f000051c000), 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r6, 0x3, 0x5}, &(0x7f0000000400)=0xc) 2018/04/01 00:14:09 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000080)=0x4) 2018/04/01 00:14:09 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x4) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:09 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) readv(r5, &(0x7f00000003c0)=[{&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000640)=""/199, 0xc7}, {&(0x7f0000000740)=""/249, 0xf9}], 0x3) 2018/04/01 00:14:09 executing program 2: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000040)) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000080)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000000)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) bind$llc(r1, &(0x7f00000000c0)={0x1a, 0x30e, 0xb8fd, 0x7ff, 0x40, 0x9, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10) 2018/04/01 00:14:09 executing program 4 (fault-call:0 fault-nth:0): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:09 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'lo\x00', &(0x7f0000000180)=@ethtool_regs={0x4, 0x7f, 0x8b, "7977f7a646b4178dbeff8e494937f06254d96ed970b55590607cc15f1f1bfe7b7ee1cdd794d955481727e7c1045690f67f6ce4f1fe5044589861077294fc6acf8c3f395ee7e732569dc14cc0a4f85e924fd1e220f22443da5d733dfabd2189463d00ca4bbfcc4c96cd2fcf72d22d4a01b75a62040b6f67458e2ed5428c5f20557253b348eafbd0a73530d0"}}) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:09 executing program 1: pwritev(0xffffffffffffffff, &(0x7f0000001c00)=[{&(0x7f0000000000)="f9dad311738fafca77cf837dd1aabc2be72dae6db82d90f891d7c817148a5112d12a0ff7a83fbddd0a4b6f6624e9aa6e09567c8d98f45760fa070000", 0x3c}], 0x1, 0x0) mkdir(&(0x7f00000003c0)='//file0\x00', 0x2) r0 = open$dir(&(0x7f0000000300)="2f2f66696c6530022f66696c653000", 0x40000, 0x8) r1 = open(&(0x7f0000000500)="2f2f66696c653002", 0x400000, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000280)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000340)="2f2f66696c6530022f66696c653000") rmdir(&(0x7f00000006c0)="2f2f66696c653002") r2 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000840)='./file0\x00') preadv(r0, &(0x7f0000000f00)=[{&(0x7f00000008c0)=""/67, 0x43}, {&(0x7f0000000b00)=""/254, 0xfe}, {&(0x7f0000000940)=""/50, 0x32}, {&(0x7f00000011c0)=""/192, 0xc0}, {&(0x7f0000000980)=""/31, 0x1f}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x6, 0x0) symlinkat(&(0x7f0000000000)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00') syz_mount_image$bfs(&(0x7f0000000680)='bfs\x00', &(0x7f0000000140)='./file1\x00', 0x5, 0x0, &(0x7f0000001000), 0x0, 0x0) umount2(&(0x7f0000000000)='//file0/../..\x00', 0x2) write$rdma_cm(r1, &(0x7f0000000a40)=@create_id={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000a00)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r2, &(0x7f0000000a80)=@destroy_id={0x1, 0x10, 0xfa00, {&(0x7f0000000580), r3}}, 0x18) linkat(0xffffffffffffffff, &(0x7f00000000c0)='//file0/../..\x00', 0xffffffffffffffff, &(0x7f0000000140)='//file0/../..\x00', 0x1000) open$dir(&(0x7f0000000740)='./file1\x00', 0x0, 0x90) symlinkat(&(0x7f0000000700)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000780)='//file0/../..\x00') renameat(r2, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)="2f2f66696c653002") splice(0xffffffffffffffff, &(0x7f0000000540), 0xffffffffffffffff, &(0x7f0000000640), 0x206, 0xa) umount2(&(0x7f0000000180)='./file0\x00', 0xe) name_to_handle_at(r2, &(0x7f0000000240)="2f2f66696c653002", &(0x7f0000000400)={0xea, 0x7, "41dbeaa54eca2033e51ae6346422b85106a175282f5f50c3f5858dd79e5bc81243c48bf9ca9440e57e5f96ebe0c578d0dbe6c7d1c53df251d82d24c99eb58a225318c87cfafe2687db89e33f27ac7b305c5de5fc510f771bf810bb7766d1dc1bee34185e97ab54deb44460b4a099692412fd23b657be2fe453ba959933497950a3474bc302c7043020a9bc78c28bc80bd083889d42e60d208baeab098f7e1d1f8b34856b8780ecb95dd09a32f67089eea262a798a864e07d6a8ada57251d5ee722a2150d699a14b229423669a283d26c19ed8021b4b2e495cc822c712de307cede8c"}, &(0x7f0000000380), 0x400) open$dir(&(0x7f0000000040)="2f2f66696c653002", 0x0, 0x0) renameat(r2, &(0x7f0000000100)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00') unlinkat(r0, &(0x7f00000000c0)='./file0\x00', 0xfffffffffffffffd) [ 208.971385] attempt to access beyond end of device [ 208.976375] loop0: rw=0, want=40, limit=6 [ 209.010287] FAULT_INJECTION: forcing a failure. [ 209.010287] name failslab, interval 1, probability 0, space 0, times 1 [ 209.022353] CPU: 1 PID: 17891 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 209.029555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.038908] Call Trace: [ 209.041504] dump_stack+0x194/0x24d [ 209.045133] ? arch_local_irq_restore+0x53/0x53 [ 209.049803] ? trace_hardirqs_off+0x10/0x10 [ 209.054129] should_fail+0x8c0/0xa40 [ 209.057843] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 209.062948] ? __f_unlock_pos+0x19/0x20 [ 209.066913] ? find_held_lock+0x35/0x1d0 [ 209.070972] ? check_same_owner+0x320/0x320 [ 209.075273] ? vfs_write+0x374/0x510 [ 209.078969] ? rcu_note_context_switch+0x710/0x710 [ 209.083888] should_failslab+0xec/0x120 [ 209.087847] kmem_cache_alloc+0x47/0x760 [ 209.091897] getname_flags+0xcb/0x580 [ 209.095684] SyS_mkdir+0xc1/0x2a0 [ 209.099122] ? SyS_mkdirat+0x2b0/0x2b0 [ 209.102991] ? do_syscall_64+0xb7/0x940 [ 209.106949] ? SyS_mkdirat+0x2b0/0x2b0 [ 209.111078] do_syscall_64+0x281/0x940 [ 209.114944] ? vmalloc_sync_all+0x30/0x30 [ 209.119095] ? _raw_spin_unlock_irq+0x27/0x70 [ 209.123574] ? finish_task_switch+0x1c1/0x7e0 [ 209.128050] ? syscall_return_slowpath+0x550/0x550 [ 209.132960] ? syscall_return_slowpath+0x2ac/0x550 [ 209.137868] ? prepare_exit_to_usermode+0x350/0x350 [ 209.142880] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 209.148232] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 209.153065] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 209.158235] RIP: 0033:0x454e79 2018/04/01 00:14:09 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) [ 209.161402] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 209.169179] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 209.176776] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 [ 209.184308] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 209.191559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 209.198809] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000000 2018/04/01 00:14:09 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) 2018/04/01 00:14:09 executing program 4 (fault-call:0 fault-nth:1): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:09 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) readv(r2, &(0x7f0000002fd0)=[{&(0x7f0000448fdc)=""/36, 0x24}], 0x1) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 209.344526] FAT-fs (loop0): Directory bread(block 6) failed [ 209.355645] FAULT_INJECTION: forcing a failure. [ 209.355645] name failslab, interval 1, probability 0, space 0, times 0 [ 209.367393] CPU: 1 PID: 17912 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 209.374587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 209.383938] Call Trace: [ 209.386512] dump_stack+0x194/0x24d [ 209.390123] ? arch_local_irq_restore+0x53/0x53 [ 209.394780] should_fail+0x8c0/0xa40 [ 209.398475] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 209.403558] ? trace_event_raw_event_lock+0x340/0x340 [ 209.408726] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 209.413892] ? __lock_acquire+0x664/0x3e00 [ 209.418111] ? find_held_lock+0x35/0x1d0 [ 209.422154] ? __lock_is_held+0xb6/0x140 [ 209.426206] ? check_same_owner+0x320/0x320 [ 209.430503] ? __d_lookup+0x4f4/0x830 [ 209.434282] ? rcu_note_context_switch+0x710/0x710 [ 209.439197] should_failslab+0xec/0x120 [ 209.443158] kmem_cache_alloc+0x47/0x760 [ 209.447211] __d_alloc+0xc1/0xbd0 [ 209.450649] ? shrink_dcache_for_umount+0x290/0x290 [ 209.455648] ? d_alloc_parallel+0x1b40/0x1b40 [ 209.460130] ? lock_release+0xa40/0xa40 [ 209.464086] ? mark_held_locks+0xaf/0x100 [ 209.468211] ? d_lookup+0x133/0x2e0 [ 209.471820] ? d_lookup+0x1d5/0x2e0 [ 209.475426] ? rcu_note_context_switch+0x710/0x710 [ 209.480334] d_alloc+0x8e/0x340 [ 209.483596] ? __d_alloc+0xbd0/0xbd0 [ 209.487291] ? down_write_nested+0x8b/0x120 [ 209.491598] __lookup_hash+0x58/0x190 [ 209.495381] filename_create+0x1c7/0x520 [ 209.499422] ? kern_path_mountpoint+0x40/0x40 [ 209.503905] ? getname_flags+0x256/0x580 [ 209.507946] SyS_mkdir+0xd4/0x2a0 [ 209.511380] ? SyS_mkdirat+0x2b0/0x2b0 [ 209.515251] ? do_syscall_64+0xb7/0x940 [ 209.519205] ? SyS_mkdirat+0x2b0/0x2b0 [ 209.523072] do_syscall_64+0x281/0x940 [ 209.526939] ? vmalloc_sync_all+0x30/0x30 [ 209.531241] ? _raw_spin_unlock_irq+0x27/0x70 [ 209.535718] ? finish_task_switch+0x1c1/0x7e0 [ 209.540194] ? syscall_return_slowpath+0x550/0x550 [ 209.545104] ? syscall_return_slowpath+0x2ac/0x550 [ 209.550016] ? prepare_exit_to_usermode+0x350/0x350 [ 209.555020] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 209.560365] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 209.565192] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 209.570359] RIP: 0033:0x454e79 [ 209.573526] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 209.581214] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 209.588461] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 2018/04/01 00:14:10 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) 2018/04/01 00:14:10 executing program 2: syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') [ 209.595708] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 209.602956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 209.610202] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000001 [ 209.618253] FAT-fs (loop0): Directory bread(block 7) failed [ 209.624808] FAT-fs (loop0): Directory bread(block 8) failed [ 209.637798] BFS-fs: bfs_fill_super(): No BFS filesystem on loop1 (magic=00000000) 2018/04/01 00:14:10 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) syz_emit_ethernet(0x0, &(0x7f00000013c0)=ANY=[], &(0x7f0000000280)={0x0, 0x0, [0x0, 0x0, 0x464]}) [ 209.655826] FAT-fs (loop0): Directory bread(block 9) failed [ 209.673426] FAT-fs (loop0): Directory bread(block 10) failed [ 209.683709] FAT-fs (loop0): Directory bread(block 11) failed [ 209.690340] FAT-fs (loop0): Directory bread(block 12) failed 2018/04/01 00:14:10 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$setstatus(r0, 0x4, 0xfffffffffffffffc) syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x0, 0x400) [ 209.716703] FAT-fs (loop0): Directory bread(block 13) failed [ 209.745836] FAT-fs (loop0): Directory bread(block 14) failed [ 209.762226] FAT-fs (loop0): Directory bread(block 15) failed [ 209.833913] attempt to access beyond end of device [ 209.838961] loop0: rw=2049, want=40, limit=6 [ 209.846368] attempt to access beyond end of device [ 209.851389] loop0: rw=0, want=40, limit=6 2018/04/01 00:14:10 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$sock_bt_hci(r6, 0x4, &(0x7f0000000580)) 2018/04/01 00:14:10 executing program 2: fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000040)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f0000000080)='/exe\x00\x00\x00\x00\x00\x00') ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000180)={0x9, 0x3, 0x6c5c, 'queue0\x00', 0x7}) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000000c0)={{0x6f, 0x6}, 'port1\x00', 0xa8, 0x80045, 0x2, 0x80000000, 0xd600, 0x4, 0x33, 0x0, 0x2, 0x3f}) 2018/04/01 00:14:10 executing program 4 (fault-call:0 fault-nth:2): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:10 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) r4 = getegid() syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, r4, 0xcea, 0x7, 0x4) 2018/04/01 00:14:10 executing program 1: pwritev(0xffffffffffffffff, &(0x7f0000001c00)=[{&(0x7f0000000000)="f9dad311738fafca77cf837dd1aabc2be72dae6db82d90f891d7c817148a5112d12a0ff7a83fbddd0a4b6f6624e9aa6e09567c8d98f45760fa070000", 0x3c}], 0x1, 0x0) mkdir(&(0x7f00000003c0)='//file0\x00', 0x2) r0 = open$dir(&(0x7f0000000300)="2f2f66696c6530022f66696c653000", 0x40000, 0x8) r1 = open(&(0x7f0000000500)="2f2f66696c653002", 0x400000, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000280)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000340)="2f2f66696c6530022f66696c653000") rmdir(&(0x7f00000006c0)="2f2f66696c653002") r2 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000840)='./file0\x00') preadv(r0, &(0x7f0000000f00)=[{&(0x7f00000008c0)=""/67, 0x43}, {&(0x7f0000000b00)=""/254, 0xfe}, {&(0x7f0000000940)=""/50, 0x32}, {&(0x7f00000011c0)=""/192, 0xc0}, {&(0x7f0000000980)=""/31, 0x1f}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x6, 0x0) symlinkat(&(0x7f0000000000)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00') syz_mount_image$bfs(&(0x7f0000000680)='bfs\x00', &(0x7f0000000140)='./file1\x00', 0x5, 0x0, &(0x7f0000001000), 0x0, 0x0) umount2(&(0x7f0000000000)='//file0/../..\x00', 0x2) write$rdma_cm(r1, &(0x7f0000000a40)=@create_id={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000a00)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r2, &(0x7f0000000a80)=@destroy_id={0x1, 0x10, 0xfa00, {&(0x7f0000000580), r3}}, 0x18) linkat(0xffffffffffffffff, &(0x7f00000000c0)='//file0/../..\x00', 0xffffffffffffffff, &(0x7f0000000140)='//file0/../..\x00', 0x1000) open$dir(&(0x7f0000000740)='./file1\x00', 0x0, 0x90) symlinkat(&(0x7f0000000700)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000780)='//file0/../..\x00') renameat(r2, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)="2f2f66696c653002") splice(0xffffffffffffffff, &(0x7f0000000540), 0xffffffffffffffff, &(0x7f0000000640), 0x206, 0xa) umount2(&(0x7f0000000180)='./file0\x00', 0xe) name_to_handle_at(r2, &(0x7f0000000240)="2f2f66696c653002", &(0x7f0000000400)={0xea, 0x7, "41dbeaa54eca2033e51ae6346422b85106a175282f5f50c3f5858dd79e5bc81243c48bf9ca9440e57e5f96ebe0c578d0dbe6c7d1c53df251d82d24c99eb58a225318c87cfafe2687db89e33f27ac7b305c5de5fc510f771bf810bb7766d1dc1bee34185e97ab54deb44460b4a099692412fd23b657be2fe453ba959933497950a3474bc302c7043020a9bc78c28bc80bd083889d42e60d208baeab098f7e1d1f8b34856b8780ecb95dd09a32f67089eea262a798a864e07d6a8ada57251d5ee722a2150d699a14b229423669a283d26c19ed8021b4b2e495cc822c712de307cede8c"}, &(0x7f0000000380), 0x400) open$dir(&(0x7f0000000040)="2f2f66696c653002", 0x0, 0x0) renameat(r2, &(0x7f0000000100)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00') unlinkat(r0, &(0x7f00000000c0)='./file0\x00', 0xfffffffffffffffd) 2018/04/01 00:14:10 executing program 7: r0 = socket$netlink(0x10, 0x3, 0xf) r1 = syz_open_dev$midi(&(0x7f0000000240)='/dev/midi#\x00', 0x90a, 0x101080) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, r1, 0x0) write(r0, &(0x7f0000000000)="27000000140007070375009700310f0a", 0x10) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.current\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000200)=0xffff, 0x4) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={0x0, 0x3c1}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000100)={r3, @in={{0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}}}, &(0x7f00000001c0)=0x84) 2018/04/01 00:14:10 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'lo\x00', &(0x7f0000000180)=@ethtool_regs={0x4, 0x7f, 0x8b, "7977f7a646b4178dbeff8e494937f06254d96ed970b55590607cc15f1f1bfe7b7ee1cdd794d955481727e7c1045690f67f6ce4f1fe5044589861077294fc6acf8c3f395ee7e732569dc14cc0a4f85e924fd1e220f22443da5d733dfabd2189463d00ca4bbfcc4c96cd2fcf72d22d4a01b75a62040b6f67458e2ed5428c5f20557253b348eafbd0a73530d0"}}) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:10 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 210.093265] FAULT_INJECTION: forcing a failure. [ 210.093265] name failslab, interval 1, probability 0, space 0, times 0 [ 210.105280] CPU: 0 PID: 17944 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 210.105334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.105338] Call Trace: [ 210.105356] dump_stack+0x194/0x24d [ 210.105370] ? arch_local_irq_restore+0x53/0x53 [ 210.105391] should_fail+0x8c0/0xa40 [ 210.105405] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 210.105422] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 210.105430] ? __lock_acquire+0x664/0x3e00 [ 210.105448] ? find_held_lock+0x35/0x1d0 [ 210.105461] ? __lock_is_held+0xb6/0x140 [ 210.105479] ? check_same_owner+0x320/0x320 [ 210.105488] ? __d_lookup+0x4f4/0x830 [ 210.105500] ? rcu_note_context_switch+0x710/0x710 [ 210.105516] should_failslab+0xec/0x120 [ 210.105526] kmem_cache_alloc+0x47/0x760 [ 210.105540] __d_alloc+0xc1/0xbd0 [ 210.105551] ? shrink_dcache_for_umount+0x290/0x290 [ 210.105563] ? d_alloc_parallel+0x1b40/0x1b40 [ 210.105574] ? lock_release+0xa40/0xa40 [ 210.105586] ? mark_held_locks+0xaf/0x100 [ 210.105594] ? d_lookup+0x133/0x2e0 [ 210.105606] ? d_lookup+0x1d5/0x2e0 [ 210.105615] ? rcu_note_context_switch+0x710/0x710 [ 210.105625] d_alloc+0x8e/0x340 [ 210.105634] ? __d_alloc+0xbd0/0xbd0 [ 210.105643] ? down_write_nested+0x8b/0x120 [ 210.105657] __lookup_hash+0x58/0x190 [ 210.105667] filename_create+0x1c7/0x520 [ 210.105677] ? kern_path_mountpoint+0x40/0x40 [ 210.105691] ? getname_flags+0x256/0x580 [ 210.105703] SyS_mkdir+0xd4/0x2a0 [ 210.105715] ? SyS_mkdirat+0x2b0/0x2b0 [ 210.105726] ? do_syscall_64+0xb7/0x940 [ 210.105736] ? SyS_mkdirat+0x2b0/0x2b0 [ 210.105746] do_syscall_64+0x281/0x940 [ 210.105755] ? vmalloc_sync_all+0x30/0x30 [ 210.105765] ? _raw_spin_unlock_irq+0x27/0x70 [ 210.105773] ? finish_task_switch+0x1c1/0x7e0 [ 210.105784] ? syscall_return_slowpath+0x550/0x550 [ 210.277688] ? syscall_return_slowpath+0x2ac/0x550 [ 210.282599] ? prepare_exit_to_usermode+0x350/0x350 [ 210.287598] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 210.292945] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 210.297783] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 210.302962] RIP: 0033:0x454e79 [ 210.306129] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 210.313815] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 210.321067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 [ 210.328313] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 210.335560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 2018/04/01 00:14:10 executing program 4 (fault-call:0 fault-nth:3): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 210.342805] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000002 [ 210.376013] BFS-fs: bfs_fill_super(): No BFS filesystem on loop1 (magic=00000000) 2018/04/01 00:14:10 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x802, 0x0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={r0, 0x7, 0x1, 0xea13, &(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') fcntl$addseals(r1, 0x409, 0x8) fcntl$setstatus(r1, 0x4, 0xfffffffffffffffc) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000100)=0x4, 0x4) 2018/04/01 00:14:11 executing program 7: r0 = socket$unix(0x1, 0x2, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write(r0, &(0x7f0000000a80), 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc\x00', 0x2800, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r2, 0x0, 0x81, &(0x7f0000000100)={'mangle\x00', 0x2, [{}, {}]}, 0x48) sendmsg$netrom(r2, &(0x7f0000000b80)={&(0x7f0000000180)=@ax25={0x3, {"e6905f2a4d2eb6"}, 0x3}, 0x10, &(0x7f0000000300)=[{&(0x7f00000001c0)="08f315e5c996e981e31319854d0b91bcf570d8f3bed99506174b19c89cf21ae2ff1742317159918704fcfb4f01d2cdd5357725609c17aa1fc4fce8249022c5048923f75a537f1697e2d402", 0x4b}, {&(0x7f0000000240)="58f39272c2de5b4df1fddaba9ce029af0379bd114223dcd4e53b85c56d87c75fb0b58dc733bbe7938c1005e94466d7f95b9ae7edb774d79ba5c49b8a34c7a31ae3714219caae4e62b81e477ab406695f5bb9decddddf608262029ec975400acf65422081f8cee13dc53e7d77cbb6e1002675e03d3bffcafeb65f03485ac6a0e81d1751e92f4247fbdf96ddc60fd1c5c09136d1", 0x93}], 0x2, &(0x7f0000000340)=[{0xb0, 0x104, 0x387e, "9255ca7ad8ebf67574ece95b63672dd1dfeeace7e46d559645434b2e16d54b74ea52e65cc2daf9720ef83da34b8f014f6326cd2d4b889acbc01abd0f2c008b3ad1f87f666d5fc07d4710d4096f3e61bb729f2eb619c09661c73b4131cf70279c1d1d2b48634cab0a586004cdc2c023eb8c5a18b116f156e725f81cf4175856e712ee7115d56319cfb37a6241cd128513d851eea206014aa4343987e0"}, {0xf0, 0x1ff, 0x8, "02d932b1c34d58a75733914379a53617f88bff9d4f9aae46a75c9f11fdd835d811976bd7432a48a9b39ad6f2cb7903f3e79e5ddbc6042e0e9d03dc5e2ecbb32851340891ff6e0bf99668e85782ad0d252fc63b20cdf5db17a6705d6b61fc65e41887e6995349cde987cd86acd0554476ba687eaba4d29ce6e9b93d705cf247832c95750697ac9d2db04841020f6e0eddf620ec2ce03eeb44baba5c75ca07c77d21beccfbee274276ad97491e8cd8a4a203ff59044776cf93565ed1211a781ab102e6c131e430be24deae105e7fb593c47f18f2471d09a201ee"}, {0x70, 0x117, 0x7, "caa65c6715cb037b350ea247fc3938ed054d26c6478c58c9aaa582c19f95b15ec2648f96168f241f4eaf5e566b0f354fca2f8c7ee938d006360a018ae759f4cd713a221507360d060d549fc50cf0c0a4247bdc2c6eaf81acf571d9b83178ca83"}, {0xf8, 0x3a, 0x9, "4da147966276b3ed26d979221162f6c3a1354f8aec86b2293ebe966b1b2276d59f8be3f433c6554d2417cb1484ca87f4fc8d0e904340b81fddaeec2c6286d1d755c245228acb27750ce45ebc6ef270d977d4a6931ae7cda66a89a9747062d8830dc267991d489b97b8f1649b2f6009fab14c5db8924eebe3c759debc13de8575a66d8f636d985fa99c2b563eb66281fa9f5fcf19ba92ad647ae1e9c9bdbffdc10f9a332867a9a9cd2966daae26a00deb736f5eba9c67ef07c6e4888e83ce8a981bcc1fdebcc0f9c10f1099ee7694f1e20ed24ae3c628e766bc8573a3e254c51d8f61e99dd6ca09"}, {0xe8, 0x88, 0x5, "1fdab29d5dde62ab26c68160a737612a2ded77103bbc187af8630369c4ec6d84cbf5d221993ba864b07431217945f4393d466b678378854f78d86ddd1277c187d378c1bb05cb312c904e6074c71ea179bf75900278e19e94e5e2ddfbca6662300521756d74bed4b9747aef5752d6dac75b25e2cbc2e123ed746064c01ae1bf43e50a274cb1a52e35ea01bf4d23fde6b6cb0690d473fbcd968799f6c4a5cd1cf6d299b51390030e664048c883eefea4840a0e6eac0fdb7ed945b9cd2d84771b738b1662b1492576a5bc51a9515cbde92b784c14"}, {0xe8, 0x18f, 0x81, "e1a3822ba63fcebecc25a45062c4660e62df1b2e84c52874917663d317e6cf12e03695afff3c6abdccfece5d7667d6ebd54be4afd1ec0d0eb971e206adee8c0dc29a7f7d098e7a938ee43b1ce22261e156e806d7f02f5d69f2807bfe3bc82ec45b51eac0718ee0a3eb188416279884b17baaefad09bcbd10f57314125377a609ccfb25c00a361ad3ad824dafd14db8d7e427abfa92ee9d01ba499a7cfcabb0cf52740a61ac0bcb80e290b65fcfc8fe5b1207f2524db5154417aaf1e343d997d3152c1aaa4574c6594b77a472b817bc3fdf"}, {0x100, 0x11f, 0x5, "63ee2d3e905cfb2935f2b07ffae5bc2e9720ecd8b166b79b77d605a64fa97e884d2cf9c7fb6b57461942f7546a404c1e57fd7e85204e2044b031de20a0104395106d8fe5348f37726e4b0f36bc8a04be16daea905ddaea41cdd4227253c452aa935a7a90dd440afdd3cccd49cdbc5b8e8da37df02780c64aee2d05270a3d4fc25d64d340beb79e0a602465048f65f3bf156357623d3aeca4f0d936e290dd5515738b1d6548579e41ffca87e2c6e5751e240ea0dfc01b0719a5a36e51138c8c5c6ec30f1746ae82d7c368123347d8c4833919e9def7a4188ad890840426443483a1ad2adc63b824b058"}, {0xc0, 0x199, 0x8, "a8aa932e8530fdb371ed963af6580e502634413b7c646ab7cbf74ac8af481f50a0e1335d3f6225291ba72f566d10d5981c83a108aa78a21c40062143f19e94186129e0ce56875778a68d671f816d84c4d22a531edeedfc1fe9884fdd9b135c4f02c389d0fd585c3330c00fbf2c474d4706628ee1d5e00e14b8a0e7477760727df0be91ba9daeec50e702ce5c624a16ccd0290e543c6807256cd38885d965b6218ab5f13037463b2514f3fb7f21"}, {0xe8, 0x13f, 0xbe, "d62a5d4b2f8cd8497c45627fad9ea22fc3fb37ea3c0685c43a19637d8bcc2d0297c2adbe9ff22c6e84329936111abdd4f77cbb3f225d42ffaf16f13d405ebd205077cb7828ffdea80adb74cb37a7f61d130d5d79f74b066957a8ad03dc333bb1a1a8cd23dff10aced974197802154892d8d6b06fa932b95169187c685d459b85bac77b605d38dbbfa4bdc7867be79c3c15388a1a409c0d353fd094f12c6c57f7cc5de02bdaf4a772cb7e084d777c1b2b70587838b63950f73e1862c7e0fc98ddad05e27e389388258a8c9c05cde00e72cbc9c40a01880f"}, {0x90, 0x11f, 0x6, "5bec75dd784abb7c40186a0df4ee93f9010066f4d13fe32bcde60f7ffe4b4d65372d3a19d17f1f20817c11761be1273117fcd6a605d8d4f0232a8fcaaf8a452617422e90028adcc1e15e0cecb936cd0de205f6bcd378f1ae99687cfa0ee321ac19593fd3dd042b64c85dc30677eeb8cb43b0e2a48d80f998d9d787b6381a2702"}], 0x810, 0x840}, 0x0) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f00000000c0)=r1) 2018/04/01 00:14:11 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) dup2(0xffffffffffffffff, 0xffffffffffffffff) [ 210.443923] FAT-fs (loop0): Directory bread(block 6) failed [ 210.478274] FAT-fs (loop0): Directory bread(block 7) failed [ 210.487471] FAT-fs (loop0): Directory bread(block 8) failed [ 210.515723] FAT-fs (loop0): Directory bread(block 9) failed [ 210.538141] FAULT_INJECTION: forcing a failure. [ 210.538141] name failslab, interval 1, probability 0, space 0, times 0 [ 210.546012] FAT-fs (loop0): Directory bread(block 10) failed [ 210.549532] CPU: 1 PID: 17973 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 210.562441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 210.571778] Call Trace: [ 210.574349] dump_stack+0x194/0x24d [ 210.577962] ? arch_local_irq_restore+0x53/0x53 [ 210.582611] ? __lock_is_held+0xb6/0x140 [ 210.586660] should_fail+0x8c0/0xa40 [ 210.590357] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 210.595441] ? lock_release+0xa40/0xa40 [ 210.599403] ? preempt_schedule_common+0x22/0x60 [ 210.604142] ? _cond_resched+0x1d/0x30 [ 210.608011] ? __getblk_gfp+0xfc/0xb80 [ 210.611893] ? __lock_is_held+0xb6/0x140 [ 210.615946] ? check_same_owner+0x320/0x320 [ 210.620248] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 210.624985] ? rcu_note_context_switch+0x710/0x710 [ 210.629911] should_failslab+0xec/0x120 [ 210.633866] kmem_cache_alloc+0x47/0x760 [ 210.637908] ? __lock_is_held+0xb6/0x140 [ 210.641950] ? ext4_get_group_desc+0x1bd/0x2b0 [ 210.646523] jbd2__journal_start+0x1d3/0x9f0 [ 210.650926] ? jbd2_write_access_granted.part.9+0x3a0/0x3a0 [ 210.656620] ? rcu_note_context_switch+0x710/0x710 [ 210.661527] ? __lock_is_held+0xb6/0x140 [ 210.665575] ? __might_sleep+0x95/0x190 [ 210.669536] ? _cond_resched+0x14/0x30 [ 210.673406] __ext4_journal_start_sb+0x15f/0x550 [ 210.678142] ? __ext4_new_inode+0x1bae/0x4e80 [ 210.682618] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 210.688571] ? find_next_zero_bit+0xe3/0x110 [ 210.693047] __ext4_new_inode+0x1bae/0x4e80 [ 210.697368] ? ext4_free_inode+0x1740/0x1740 [ 210.701755] ? __kernel_text_address+0xd/0x40 [ 210.706231] ? unwind_get_return_address+0x61/0xa0 [ 210.711140] ? __save_stack_trace+0x7e/0xd0 [ 210.715462] ? save_stack+0xa3/0xd0 [ 210.719073] ? save_stack+0x43/0xd0 [ 210.722685] ? __kasan_slab_free+0x11a/0x170 [ 210.727074] ? kasan_slab_free+0xe/0x10 [ 210.731031] ? kmem_cache_free+0x83/0x2a0 [ 210.735163] ? putname+0xee/0x130 [ 210.738595] ? filename_create+0x245/0x520 [ 210.742804] ? SyS_mkdir+0xd4/0x2a0 [ 210.746411] ? do_syscall_64+0x281/0x940 [ 210.750451] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 210.755799] ? _raw_spin_unlock_irqrestore+0xa6/0xc0 [ 210.760886] ? debug_check_no_obj_freed+0x3da/0xf1f [ 210.765883] ? d_alloc+0x269/0x340 [ 210.769409] ? __dquot_initialize+0x2d2/0xb70 [ 210.773896] ? trace_hardirqs_off+0x10/0x10 [ 210.778220] ? free_obj_work+0x690/0x690 [ 210.782262] ? mark_held_locks+0xaf/0x100 [ 210.786394] ? dquot_get_next_dqblk+0x160/0x160 [ 210.791057] ? __lock_is_held+0xb6/0x140 [ 210.795104] ext4_mkdir+0x395/0xcd0 [ 210.798714] ? putname+0xee/0x130 [ 210.802154] ? ext4_init_dot_dotdot+0x4d0/0x4d0 [ 210.806803] ? make_kprojid+0x30/0x30 [ 210.810583] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 210.815498] ? security_inode_permission+0xbb/0xf0 [ 210.820413] ? security_inode_mkdir+0xd0/0x110 [ 210.824976] vfs_mkdir+0x390/0x600 [ 210.828502] SyS_mkdir+0x220/0x2a0 [ 210.832034] ? SyS_mkdirat+0x2b0/0x2b0 [ 210.835909] ? do_syscall_64+0xb7/0x940 [ 210.839862] ? SyS_mkdirat+0x2b0/0x2b0 [ 210.843728] do_syscall_64+0x281/0x940 [ 210.847596] ? vmalloc_sync_all+0x30/0x30 [ 210.851727] ? _raw_spin_unlock_irq+0x27/0x70 [ 210.856203] ? finish_task_switch+0x1c1/0x7e0 [ 210.860678] ? syscall_return_slowpath+0x550/0x550 [ 210.865589] ? syscall_return_slowpath+0x2ac/0x550 [ 210.870500] ? prepare_exit_to_usermode+0x350/0x350 [ 210.875499] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 210.880847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 210.885674] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 210.890840] RIP: 0033:0x454e79 [ 210.894007] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 210.901713] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 210.908973] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 2018/04/01 00:14:11 executing program 1: pwritev(0xffffffffffffffff, &(0x7f0000001c00)=[{&(0x7f0000000000)="f9dad311738fafca77cf837dd1aabc2be72dae6db82d90f891d7c817148a5112d12a0ff7a83fbddd0a4b6f6624e9aa6e09567c8d98f45760fa070000", 0x3c}], 0x1, 0x0) mkdir(&(0x7f00000003c0)='//file0\x00', 0x2) r0 = open$dir(&(0x7f0000000300)="2f2f66696c6530022f66696c653000", 0x40000, 0x8) r1 = open(&(0x7f0000000500)="2f2f66696c653002", 0x400000, 0x0) renameat(0xffffffffffffffff, &(0x7f0000000280)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000340)="2f2f66696c6530022f66696c653000") rmdir(&(0x7f00000006c0)="2f2f66696c653002") r2 = open(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0) rmdir(&(0x7f0000000840)='./file0\x00') preadv(r0, &(0x7f0000000f00)=[{&(0x7f00000008c0)=""/67, 0x43}, {&(0x7f0000000b00)=""/254, 0xfe}, {&(0x7f0000000940)=""/50, 0x32}, {&(0x7f00000011c0)=""/192, 0xc0}, {&(0x7f0000000980)=""/31, 0x1f}, {&(0x7f0000002c40)=""/4096, 0x1000}], 0x6, 0x0) symlinkat(&(0x7f0000000000)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f0000000080)='./file0\x00') syz_mount_image$bfs(&(0x7f0000000680)='bfs\x00', &(0x7f0000000140)='./file1\x00', 0x5, 0x0, &(0x7f0000001000), 0x0, 0x0) umount2(&(0x7f0000000000)='//file0/../..\x00', 0x2) write$rdma_cm(r1, &(0x7f0000000a40)=@create_id={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000a00)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r2, &(0x7f0000000a80)=@destroy_id={0x1, 0x10, 0xfa00, {&(0x7f0000000580), r3}}, 0x18) linkat(0xffffffffffffffff, &(0x7f00000000c0)='//file0/../..\x00', 0xffffffffffffffff, &(0x7f0000000140)='//file0/../..\x00', 0x1000) open$dir(&(0x7f0000000740)='./file1\x00', 0x0, 0x90) symlinkat(&(0x7f0000000700)="2f2f66696c6530022f66696c653000", 0xffffffffffffffff, &(0x7f0000000780)='//file0/../..\x00') renameat(r2, &(0x7f00000001c0)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000200)="2f2f66696c653002") splice(0xffffffffffffffff, &(0x7f0000000540), 0xffffffffffffffff, &(0x7f0000000640), 0x206, 0xa) umount2(&(0x7f0000000180)='./file0\x00', 0xe) name_to_handle_at(r2, &(0x7f0000000240)="2f2f66696c653002", &(0x7f0000000400)={0xea, 0x7, "41dbeaa54eca2033e51ae6346422b85106a175282f5f50c3f5858dd79e5bc81243c48bf9ca9440e57e5f96ebe0c578d0dbe6c7d1c53df251d82d24c99eb58a225318c87cfafe2687db89e33f27ac7b305c5de5fc510f771bf810bb7766d1dc1bee34185e97ab54deb44460b4a099692412fd23b657be2fe453ba959933497950a3474bc302c7043020a9bc78c28bc80bd083889d42e60d208baeab098f7e1d1f8b34856b8780ecb95dd09a32f67089eea262a798a864e07d6a8ada57251d5ee722a2150d699a14b229423669a283d26c19ed8021b4b2e495cc822c712de307cede8c"}, &(0x7f0000000380), 0x400) open$dir(&(0x7f0000000040)="2f2f66696c653002", 0x0, 0x0) renameat(r2, &(0x7f0000000100)="2f2f66696c653002", 0xffffffffffffffff, &(0x7f00000007c0)='./file0\x00') unlinkat(r0, &(0x7f00000000c0)='./file0\x00', 0xfffffffffffffffd) [ 210.916228] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 210.923476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 210.930723] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000003 [ 210.938411] EXT4-fs error (device sda1) in __ext4_new_inode:961: Out of memory [ 210.942908] FAT-fs (loop0): Directory bread(block 11) failed [ 210.952591] FAT-fs (loop0): Directory bread(block 12) failed 2018/04/01 00:14:11 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x1, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0), &(0x7f0000000240)=0xb) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1400000052000000000080f802f17de72feebc5c9109e013010000000000"], 0x14}, 0x1}, 0x0) r2 = socket(0x240000000018, 0x0, 0x1) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f0000000340)="0f01ca0f21913664660f382990e1e883e0672ef3650f070f350fc719b8ac00c0fe0f23c80f21f8350c0060000f23f8c4c17a2dd50fc7580fb9800000c00f3235001000000f30", 0x46}], 0x1, 0x0, &(0x7f0000000340), 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x400002, 0x0) ioctl$EVIOCGPHYS(r3, 0x80404507, &(0x7f0000000140)=""/206) 2018/04/01 00:14:11 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) sendfile(r3, r4, 0x0, 0xc08f) 2018/04/01 00:14:11 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000140), &(0x7f0000001440), &(0x7f0000001480)=0x0) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, r3, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:11 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) mmap(&(0x7f0000447000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 210.979671] FAT-fs (loop0): Directory bread(block 13) failed [ 210.996202] FAT-fs (loop0): Directory bread(block 14) failed [ 211.006279] FAT-fs (loop0): Directory bread(block 15) failed [ 211.011000] BFS-fs: bfs_fill_super(): No BFS filesystem on loop1 (magic=00000000) 2018/04/01 00:14:11 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000000840)='/dev/usbmon#\x00', 0x3ff, 0x40) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000880)={0x1, [0xfffffffffffffffd]}, &(0x7f00000008c0)=0x6) recvmsg(0xffffffffffffff9c, &(0x7f0000000140)={&(0x7f0000000000)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast2}}}, 0x4, &(0x7f00000001c0), 0x0, 0x0, 0x2cb}, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000100)={&(0x7f0000f4dff4)={0x10}, 0x4d9, &(0x7f0000000040)={&(0x7f0000000080)=@migrate={0x15c, 0x21, 0x1, 0x0, 0x0, {{@in6=@ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, @in6=@dev={0xfe, 0x80}}}, [@migrate={0x10c, 0x11}]}, 0x15c}, 0x1}, 0x0) 2018/04/01 00:14:11 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:11 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r3 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r3, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) fallocate(r4, 0x0, 0x4b99, 0x5) r5 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r5, r5, &(0x7f0000000040), 0x80000001) fallocate(r2, 0x0, 0x6, 0x3ffffff) [ 211.149453] attempt to access beyond end of device [ 211.154537] loop0: rw=2049, want=40, limit=6 [ 211.206169] attempt to access beyond end of device [ 211.211249] loop0: rw=0, want=40, limit=6 2018/04/01 00:14:11 executing program 1: mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0xfffffffffffffffd, 0x100000000032, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000001c0), &(0x7f0000000140)=0xffffffffffffff1f) 2018/04/01 00:14:11 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:11 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087703, 0x407) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:11 executing program 7: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000588ff8)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x100000000, 0x40) ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f00000001c0)={0x7, 0xadb, &(0x7f0000000040)="0c6e76ca888486e30b2a42ca93be48be7ea28b2df2a4d9570f678095c6d55f80b966486b61649f39da71fc62d30a5adb2cc75cf7b11dc9fe59c3270100f3eaf92d5dc604aedb470d0d482d892007", &(0x7f00000000c0)="dc83f30c9fb9ecb5abc2f6eddaa34d8575a59680b4547b53ab35b56e5d6546bbc3c30d44ecbe3d194b32e1e86ced2dbb8cdd06a6462c74df656c486b2b2de562359a30d539e8571bfa5feaf000a6367c064bb170046309a32ad8335a6190e9f5eee3440de21f82b860aa8440d3096d4fbfebbdf23083e6422de6f686dbdb7bd3a872760957a0d412e1526ce72ff5fc9f098c694737da6a4f3025b496b49a5d67d4650d1515711371253286430f77685db89d112c80e3de5047048e9dc11dd7b9d3c735f22ae5bd62a3afe709500ea5e5fb94db15473341e78c4f371486f341b67886c329973b5847aca6ef05af4a8776079c20d53068561af6", 0x4e, 0xf9}) fcntl$lock(r1, 0x7, &(0x7f0000002000)) unshare(0x400) fsync(r2) fcntl$lock(r1, 0x7, &(0x7f0000010000)) syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f0000000240)='./file0\x00', 0x80000000, 0x7, &(0x7f0000000580)=[{&(0x7f0000000280)="a041fcbc9afc642dd9ef2f090edca7010f41f1302480", 0x16, 0x2d1}, {&(0x7f00000002c0)="3dedbfa40e1d71c51339d33d3a8b29540b7e5aaef836ec678badaaf7d8507b580751e52dc10037bfe123d0c546b6d6f7971ca638332c62101b43eff5e1a719111bc4257974332276ee6d72e94acecfde9f49dc25150bea22eba4393fd920612fd49a50b6b76fd3658009cc835542a79149554007692609b9b27c86a9e934898da6a06438c3cccf7f96a1635c9eef8e71b580111530dda229bbd7a5f9b811a7adc7", 0xa1, 0x1ff}, {&(0x7f0000000380)="fafa1e41e552be3390f90ef27400f63eb216061bc078554bfe92b159d73d6557c5714cb183ad5a81c65ef29017f19c1ce62ffdf14ea6eb2d09ca7afa74626988d7ac6619f7d53f5beff851633d30c33a8c5aa995517a3d0ba0491c632d86", 0x5e, 0x81}, {&(0x7f0000000400), 0x0, 0x20}, {&(0x7f0000000440)="71b9fe33019a0090d72f538c68f726bf0c6ef4a6867acb5c1b11f30690f0", 0x1e, 0x1}, {&(0x7f0000000480)="466bdd368a4c136f516de99bbf7662feb3b9efeb05d059de70ab561c8e631c28ffc75174160b132941925e76164fd1066ed90af59b172cb64b15a160d30bb686d3ce06b3acf453f86ae09d806b4a9c71758c2e416cad2858c4e2470ca38803f023485be2bff59bc33ffc26647d0536ab4d6c2e1aff4d9b7100585ffe449a5b9903aaab2c8a999ee02a34a60ab5909c19eb6c28d58ec75e6fb8e3e01a4dddc0222ae9c2af2d3d5f17a5", 0xa9, 0x2d30}, {&(0x7f0000000540)="40d1d0ea6b6d2ae27eb3772ebca7fbf40c1c729dd684a09b52b7b67c42d22f597a117964e8f6", 0x26, 0xff}], 0x0, &(0x7f0000000640)={[{@errors_continue='errors=continue', 0x2c}, {@tz_utc='tz=UTC', 0x2c}, {@codepage={'codepage', 0x3d, '874'}, 0x2c}, {@sys_immutable='sys_immutable', 0x2c}, {@nfs_nostale_ro='nfs=nostale_ro', 0x2c}, {@errors_remount='errors=remount-ro', 0x2c}, {@umask={'umask', 0x3d, [0x32, 0x31, 0x35, 0x30, 0x37, 0x34, 0x33]}, 0x2c}, {@check_strict='check=strict', 0x2c}]}) dup3(r0, r1, 0x0) 2018/04/01 00:14:11 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(cast6))\x00'}, 0x58) r1 = syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0xcf, 0x680) ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f00000000c0)) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000200)={0x0, 0xe10}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000280)={r2, @in6={{0xa, 0x4e24, 0x1000000000, @mcast2={0xff, 0x2, [], 0x1}, 0x3}}}, &(0x7f0000000340)=0x84) socket$pppoe(0x18, 0x1, 0x0) socket$alg(0x26, 0x5, 0x0) ioctl$TCGETS(r1, 0x5401, &(0x7f00000001c0)) getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r1, 0x12, 0x2, &(0x7f0000000580)=""/140, &(0x7f0000000540)=0x8c) setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0) syz_open_pts(r1, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000480)={r3, 0x6, 0x30}, &(0x7f00000004c0)=0xc) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000500)=0x7, 0x4) 2018/04/01 00:14:11 executing program 4 (fault-call:0 fault-nth:4): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:11 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f00000002c0)=""/4096) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:11 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r2 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r3, 0x0, 0x0, 0x4) fallocate(r3, 0x0, 0x4b99, 0x5) r4 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) sendfile(r4, r4, &(0x7f0000000040), 0x80000001) [ 211.364415] FAULT_INJECTION: forcing a failure. [ 211.364415] name failslab, interval 1, probability 0, space 0, times 0 [ 211.375757] CPU: 1 PID: 18027 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 211.382940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 211.392284] Call Trace: [ 211.394864] dump_stack+0x194/0x24d [ 211.398499] ? arch_local_irq_restore+0x53/0x53 [ 211.403152] ? __lock_is_held+0xb6/0x140 [ 211.407205] should_fail+0x8c0/0xa40 [ 211.410904] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 211.415993] ? rcu_note_context_switch+0x710/0x710 [ 211.420909] ? lock_release+0xa40/0xa40 [ 211.424868] ? __might_sleep+0x95/0x190 [ 211.428824] ? _cond_resched+0x14/0x30 [ 211.432690] ? __getblk_gfp+0xfc/0xb80 [ 211.436565] ? __lock_is_held+0xb6/0x140 [ 211.440615] ? check_same_owner+0x320/0x320 [ 211.444917] ? trace_hardirqs_off+0x10/0x10 [ 211.449222] ? rcu_note_context_switch+0x710/0x710 [ 211.454136] ? __raw_spin_lock_init+0x1c/0x100 [ 211.458707] should_failslab+0xec/0x120 [ 211.462661] kmem_cache_alloc+0x47/0x760 [ 211.466701] ? __lock_is_held+0xb6/0x140 [ 211.470741] ? ext4_get_group_desc+0x1bd/0x2b0 [ 211.475311] jbd2__journal_start+0x1d3/0x9f0 [ 211.479704] ? jbd2_write_access_granted.part.9+0x3a0/0x3a0 [ 211.485405] ? rcu_note_context_switch+0x710/0x710 [ 211.490317] ? __lock_is_held+0xb6/0x140 [ 211.494358] ? __might_sleep+0x95/0x190 [ 211.498314] ? _cond_resched+0x14/0x30 [ 211.502186] __ext4_journal_start_sb+0x15f/0x550 [ 211.506920] ? __ext4_new_inode+0x1bae/0x4e80 [ 211.511396] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 211.517086] ? find_next_zero_bit+0xe3/0x110 [ 211.521489] __ext4_new_inode+0x1bae/0x4e80 [ 211.525844] ? ext4_free_inode+0x1740/0x1740 [ 211.530232] ? __kernel_text_address+0xd/0x40 [ 211.534707] ? unwind_get_return_address+0x61/0xa0 [ 211.539616] ? __save_stack_trace+0x7e/0xd0 [ 211.543931] ? save_stack+0xa3/0xd0 [ 211.547538] ? save_stack+0x43/0xd0 [ 211.551143] ? __kasan_slab_free+0x11a/0x170 [ 211.555530] ? kasan_slab_free+0xe/0x10 [ 211.559480] ? kmem_cache_free+0x83/0x2a0 [ 211.563607] ? putname+0xee/0x130 [ 211.567040] ? filename_create+0x245/0x520 [ 211.571252] ? SyS_mkdir+0xd4/0x2a0 [ 211.574860] ? do_syscall_64+0x281/0x940 [ 211.578903] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 211.584244] ? _raw_spin_unlock_irqrestore+0xa6/0xc0 [ 211.589326] ? debug_check_no_obj_freed+0x3da/0xf1f [ 211.594323] ? d_alloc+0x269/0x340 [ 211.597844] ? __dquot_initialize+0x2d2/0xb70 [ 211.602362] ? trace_hardirqs_off+0x10/0x10 [ 211.606660] ? free_obj_work+0x690/0x690 [ 211.610698] ? mark_held_locks+0xaf/0x100 [ 211.614826] ? dquot_get_next_dqblk+0x160/0x160 [ 211.619484] ? __lock_is_held+0xb6/0x140 [ 211.623531] ext4_mkdir+0x395/0xcd0 [ 211.627139] ? putname+0xee/0x130 [ 211.630576] ? ext4_init_dot_dotdot+0x4d0/0x4d0 [ 211.635243] ? make_kprojid+0x30/0x30 [ 211.639029] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 211.643942] ? security_inode_permission+0xbb/0xf0 [ 211.648854] ? security_inode_mkdir+0xd0/0x110 [ 211.653416] vfs_mkdir+0x390/0x600 [ 211.656937] SyS_mkdir+0x220/0x2a0 [ 211.660463] ? SyS_mkdirat+0x2b0/0x2b0 [ 211.664329] ? do_syscall_64+0xb7/0x940 [ 211.668284] ? SyS_mkdirat+0x2b0/0x2b0 [ 211.672151] do_syscall_64+0x281/0x940 [ 211.676023] ? vmalloc_sync_all+0x30/0x30 [ 211.680156] ? _raw_spin_unlock_irq+0x27/0x70 [ 211.684631] ? finish_task_switch+0x1c1/0x7e0 [ 211.689105] ? syscall_return_slowpath+0x550/0x550 [ 211.694017] ? syscall_return_slowpath+0x2ac/0x550 [ 211.698934] ? prepare_exit_to_usermode+0x350/0x350 [ 211.703944] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 211.709295] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 211.714122] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 211.719291] RIP: 0033:0x454e79 [ 211.722464] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 211.730155] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 211.737402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 [ 211.744647] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 211.751897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 2018/04/01 00:14:12 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000ffa000/0x1000)=nil}) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40000, 0x0) clone(0x0, &(0x7f0000000000), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a}, &(0x7f0000000300)="03", 0x1, 0xfffffffffffffffd) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}]}, &(0x7f0000000280)=0x10) r2 = syz_open_dev$tun(&(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'bcsh0\x00', 0x3}) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8923, &(0x7f0000000380)={'bcsh0\x00', 0xfff}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000400)={{0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x5c) fcntl$getown(r1, 0x9) sysfs$3(0x3) setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000100)='highspeed\x00', 0xa) ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000340)) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x0, 0x2, 0x0, 0xffff}) write(0xffffffffffffffff, &(0x7f00000007c0)="0dcf1f1578c0849eab01aa5548569a6657585413a8aea84be0d34c27848c4b9426f77a0faf06385c14411175fe27a51ee0c1684e5d2c2a5981fed743ff4aa35f935ae95ba3f2c1ff5bdc6665116d9d24478e894cd1130618d2ca9c164bc449c50686d6f447b840d22c45829819cf95fdb95c3ed252e51796a9c83f0324b66a471a85aaa89e962a5a9154165fe2782ad5e4276b6d51d56c415785de3bddb3ee0ae9b03c5256acc632cd4e146647a33bcf8823b75cca3d26b1c71892df37fc611d0a18930f0d46612c166f2a8558fd27b4f7a096db6205ef1fadf904ca5fe1edd836eb99206fb1508b28d6d5f7d1605c0e56b481a6e4f16b9a4426f17f51cd1d0c427132934b499efaf5ef0cb48878c17f11221ac7a1c59ad77eab82501fb7d231eaae631dc24750f20eb44a5ce226cf81c578c88f5015602492f51b70f23dbba3bdd772b23ff4f8e966e54869a4714dcb161ff50a0374e1c1429559c6c4312c5a31bf4a08f2aade8c76a1cd8ba2dee827b936c7b330a3dfcddfbb382a731bb6c9db66a692b4de0d50943a90f51817faccd0bac45bd580826b9e2e310bbbbec7b6288c273118b1afea08763d7665b2f4bbcd49ddbba2be21356cda77bbd7d69183078807d0cfd6d5eefb8b30c014623ca931c9ede48cfa191dd3107eced6e5c6d1de5e74a90eb6efb07b3899000000000000000000000000000000", 0x1fa) getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000180), &(0x7f00000001c0)=0xc) socket$bt_cmtp(0x1f, 0x3, 0x5) 2018/04/01 00:14:12 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) openat$rtc(0xffffffffffffff9c, &(0x7f0000001300)='/dev/rtc\x00', 0x22881, 0x0) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) [ 211.759144] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000004 [ 211.766615] EXT4-fs error (device sda1) in __ext4_new_inode:961: Out of memory [ 211.787282] FAT-fs (loop7): invalid media value (0x86) [ 211.792717] FAT-fs (loop7): Can't find a valid FAT filesystem 2018/04/01 00:14:12 executing program 4 (fault-call:0 fault-nth:5): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 211.853206] FAT-fs (loop7): invalid media value (0x86) [ 211.858650] FAT-fs (loop7): Can't find a valid FAT filesystem [ 211.885844] FAT-fs (loop0): Directory bread(block 6) failed [ 211.917939] FAT-fs (loop0): Directory bread(block 7) failed [ 211.927491] FAULT_INJECTION: forcing a failure. [ 211.927491] name failslab, interval 1, probability 0, space 0, times 0 [ 211.939226] CPU: 0 PID: 18052 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 211.946413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 211.955761] Call Trace: [ 211.958353] dump_stack+0x194/0x24d [ 211.961992] ? arch_local_irq_restore+0x53/0x53 [ 211.966658] ? trace_event_raw_event_lock+0x340/0x340 [ 211.971851] should_fail+0x8c0/0xa40 [ 211.975562] ? trace_hardirqs_off+0x10/0x10 [ 211.979886] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 211.985004] ? print_irqtrace_events+0x270/0x270 [ 211.989772] ? __lock_is_held+0xb6/0x140 [ 211.993845] ? check_same_owner+0x320/0x320 [ 211.998174] ? block_commit_write+0x30/0x30 [ 212.002505] ? rcu_note_context_switch+0x710/0x710 [ 212.007437] ? __ext4_handle_dirty_metadata+0xdd/0x5d0 [ 212.012727] should_failslab+0xec/0x120 2018/04/01 00:14:12 executing program 7: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_version\x00', 0x2, 0x0) accept4$packet(r0, 0x0, &(0x7f0000000040), 0x80000) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x8000, 0x290040) pwrite64(r0, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0x4010, r0, 0x0) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ashmem\x00', 0x200, 0x0) 2018/04/01 00:14:12 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r2 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r3, 0x0, 0x0, 0x4) fallocate(r3, 0x0, 0x4b99, 0x5) open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) [ 212.016708] __kmalloc+0x63/0x760 [ 212.020160] ? perf_trace_lock+0xd6/0x900 [ 212.024306] ? perf_trace_lock_acquire+0xe3/0x980 [ 212.029158] ? ext4_find_extent+0x6ae/0x930 [ 212.033496] ext4_find_extent+0x6ae/0x930 [ 212.037658] ext4_ext_map_blocks+0x264/0x4410 [ 212.042155] ? perf_trace_lock_acquire+0xe3/0x980 [ 212.047009] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 212.052024] ? find_held_lock+0x35/0x1d0 [ 212.055269] FAT-fs (loop0): Directory bread(block 8) failed [ 212.056082] ? trace_hardirqs_off+0x10/0x10 2018/04/01 00:14:12 executing program 7: r0 = syz_open_dev$random(&(0x7f0000a33ff4)='/dev/random\x00', 0x0, 0x0) preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000180)=""/174}, {&(0x7f0000000600)=""/4096}, {&(0x7f0000000400)=""/184, 0x391}, {&(0x7f0000000000)=""/9}], 0x1000000000000063, 0x0) timer_create(0x0, &(0x7f0000580000)={0x0, 0x12, 0x0, @thr={&(0x7f0000f44000), &(0x7f0000ff5fd2)}}, &(0x7f00000c6000)) r1 = socket$alg(0x26, 0x5, 0x0) r2 = semget(0x3, 0x0, 0x20) semctl$IPC_RMID(r2, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f0000aabff1)='net/xfrm_stat\x00') bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'tgr160\x00'}, 0x58) r4 = accept4$alg(r1, 0x0, 0x0, 0x0) sendfile(r4, r3, &(0x7f0000000100), 0x7f) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r5 = getpgid(0x0) syz_open_dev$random(&(0x7f0000000040)='/dev/random\x00', 0x0, 0xa00) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x41, 0x32, 0xffffffffffffffff, 0x0) fchmod(r0, 0x40) getpgrp(r5) tkill(r5, 0x1000000000016) [ 212.066874] ? trace_hardirqs_off+0x10/0x10 [ 212.066886] ? lock_downgrade+0x980/0x980 [ 212.066899] ? lock_release+0xa40/0xa40 [ 212.066911] ? ext4_init_acl+0x2b0/0x2b0 [ 212.066939] ? lock_acquire+0x1d5/0x580 [ 212.066948] ? lock_acquire+0x1d5/0x580 2018/04/01 00:14:12 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) fadvise64(r0, 0x0, 0x0, 0x3) [ 212.066959] ? ext4_map_blocks+0xa8d/0x1830 [ 212.066975] ? lock_release+0xa40/0xa40 [ 212.066985] ? ext4_es_cache_extent+0x600/0x600 [ 212.067000] ? rcu_note_context_switch+0x710/0x710 [ 212.067013] ? __might_sleep+0x95/0x190 [ 212.067028] ? down_read+0x96/0x150 [ 212.067035] ? ext4_map_blocks+0xa8d/0x1830 [ 212.067044] ? __down_interruptible+0x6b0/0x6b0 2018/04/01 00:14:12 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/ashmem\x00', 0x0, 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:12 executing program 4 (fault-call:0 fault-nth:6): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 212.067053] ? ext4_free_inode+0x1740/0x1740 2018/04/01 00:14:12 executing program 2: prctl$intptr(0x29, 0xffffffffffff0000) sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001fc8)={&(0x7f0000005ff0)=@in={0x2, 0x0, @broadcast=0xffffffff}, 0x10, &(0x7f0000eff000), 0x0, &(0x7f0000000000)}, 0x0) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x30000, 0x0) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) 2018/04/01 00:14:12 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r2 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r3, 0x0, 0x0, 0x4) fallocate(r3, 0x0, 0x4b99, 0x5) [ 212.067063] ? __kernel_text_address+0xd/0x40 [ 212.067077] ext4_map_blocks+0xd69/0x1830 [ 212.067092] ? ext4_issue_zeroout+0x170/0x170 [ 212.067104] ? save_stack+0xa3/0xd0 [ 212.067113] ? save_stack+0x43/0xd0 [ 212.067121] ? __kasan_slab_free+0x11a/0x170 [ 212.067129] ? kasan_slab_free+0xe/0x10 [ 212.067137] ? kmem_cache_free+0x83/0x2a0 [ 212.067146] ? putname+0xee/0x130 [ 212.067154] ? filename_create+0x245/0x520 [ 212.067161] ? SyS_mkdir+0xd4/0x2a0 [ 212.067174] ext4_getblk+0x110/0x500 2018/04/01 00:14:12 executing program 2: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x400, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa}, 0x1c) sendmmsg(r1, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x80, &(0x7f0000000180), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="100000000000000029000000030000003f3f4e4011918d6b0925dbf8d332854649e1056d5f0f6b131585b5e40459c18db60f739c04eab75247253df654e219f81ed5050eb4d612c2d94f1dd56af4adc6d804782e6aad7ef949710783cff9e617725a70cb43c665dffe132bee537e8d1e2f092b"], 0x10}}], 0x2, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000100)=0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000180)=0xc) ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f00000001c0)={0x2, 0x40, r2, 0x1, r3, 0x5, 0x1, 0xffff}) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000200)={0x7, {0x2, 0x4e22}, {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e23, @multicast1=0xe0000001}, 0x2, 0x1, 0x8, 0x7fff, 0x9, 0x0, 0x9, 0x6, 0xfff}) 2018/04/01 00:14:12 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:12 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r2 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r3 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r3, 0x0, 0x0, 0x4) 2018/04/01 00:14:12 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) r1 = memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) ioctl$TCFLSH(r1, 0x540b, 0x52) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 212.067184] ? debug_check_no_obj_freed+0x3da/0xf1f [ 212.067198] ? ext4_iomap_begin+0x1150/0x1150 [ 212.067211] ? __dquot_initialize+0x2d2/0xb70 [ 212.067225] ext4_bread+0x8d/0x240 [ 212.067236] ? ext4_getblk+0x500/0x500 [ 212.067255] ext4_append+0x146/0x340 [ 212.067269] ext4_mkdir+0x571/0xcd0 2018/04/01 00:14:13 executing program 4 (fault-call:0 fault-nth:7): mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 212.067277] ? putname+0xee/0x130 [ 212.067294] ? ext4_init_dot_dotdot+0x4d0/0x4d0 [ 212.067307] ? make_kprojid+0x30/0x30 [ 212.067318] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 212.067328] ? security_inode_permission+0xbb/0xf0 [ 212.067341] ? security_inode_mkdir+0xd0/0x110 [ 212.067354] vfs_mkdir+0x390/0x600 [ 212.067365] SyS_mkdir+0x220/0x2a0 [ 212.067379] ? SyS_mkdirat+0x2b0/0x2b0 [ 212.067391] ? do_syscall_64+0xb7/0x940 [ 212.067403] ? SyS_mkdirat+0x2b0/0x2b0 [ 212.067415] do_syscall_64+0x281/0x940 [ 212.067427] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 212.067438] ? syscall_return_slowpath+0x550/0x550 [ 212.067449] ? syscall_return_slowpath+0x2ac/0x550 [ 212.067465] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 212.067480] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 212.067496] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 212.067505] RIP: 0033:0x454e79 [ 212.067511] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 212.067523] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 212.067529] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 [ 212.067534] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 212.067540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 212.067546] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000005 [ 212.077825] FAT-fs (loop0): Directory bread(block 9) failed [ 212.077843] FAT-fs (loop0): Directory bread(block 10) failed [ 212.077858] FAT-fs (loop0): Directory bread(block 11) failed [ 212.077875] FAT-fs (loop0): Directory bread(block 12) failed [ 212.077889] FAT-fs (loop0): Directory bread(block 13) failed [ 212.077905] FAT-fs (loop0): Directory bread(block 14) failed [ 212.077931] FAT-fs (loop0): Directory bread(block 15) failed [ 212.114006] attempt to access beyond end of device [ 212.114071] loop0: rw=2049, want=40, limit=6 [ 212.114600] attempt to access beyond end of device [ 212.114608] loop0: rw=0, want=40, limit=6 [ 212.244730] FAT-fs (loop0): Directory bread(block 6) failed [ 212.244749] FAT-fs (loop0): Directory bread(block 7) failed [ 212.244852] FAT-fs (loop0): Directory bread(block 8) failed [ 212.244870] FAT-fs (loop0): Directory bread(block 9) failed [ 212.244887] FAT-fs (loop0): Directory bread(block 10) failed [ 212.244901] FAT-fs (loop0): Directory bread(block 11) failed [ 212.244928] FAT-fs (loop0): Directory bread(block 12) failed [ 212.244945] FAT-fs (loop0): Directory bread(block 13) failed [ 212.244960] FAT-fs (loop0): Directory bread(block 14) failed [ 212.244978] FAT-fs (loop0): Directory bread(block 15) failed [ 212.257310] attempt to access beyond end of device [ 212.257321] loop0: rw=2049, want=40, limit=6 [ 212.287397] attempt to access beyond end of device [ 212.287417] loop0: rw=0, want=40, limit=6 [ 212.409061] FAULT_INJECTION: forcing a failure. [ 212.409061] name failslab, interval 1, probability 0, space 0, times 0 [ 212.409211] CPU: 1 PID: 18100 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 212.409218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 212.409223] Call Trace: [ 212.409240] dump_stack+0x194/0x24d [ 212.409254] ? arch_local_irq_restore+0x53/0x53 [ 212.409268] ? __lock_acquire+0x664/0x3e00 [ 212.409285] should_fail+0x8c0/0xa40 [ 212.409302] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 212.409319] ? find_held_lock+0x35/0x1d0 [ 212.409341] ? is_bpf_text_address+0x7b/0x120 [ 212.409354] ? perf_trace_lock+0xd6/0x900 [ 212.409364] ? perf_trace_lock_acquire+0xe3/0x980 [ 212.409372] ? lock_release+0xa40/0xa40 [ 212.409386] ? perf_trace_lock+0x900/0x900 [ 212.409409] ? trace_hardirqs_off+0x10/0x10 [ 212.409420] ? is_bpf_text_address+0xa4/0x120 [ 212.409433] ? kernel_text_address+0xd1/0xe0 [ 212.409444] ? __unwind_start+0x169/0x330 [ 212.409460] should_failslab+0xec/0x120 [ 212.409470] kmem_cache_alloc+0x47/0x760 [ 212.409485] ? __es_tree_search+0x181/0x1e0 [ 212.409498] __es_insert_extent+0x2a3/0x1050 [ 212.409513] ? ext4_es_free_extent+0x7e0/0x7e0 [ 212.409522] ? lock_release+0xa40/0xa40 [ 212.409536] ? __lock_is_held+0xb6/0x140 [ 212.409557] ext4_es_insert_extent+0x296/0x720 [ 212.409571] ? ext4_es_find_delayed_extent_range+0xae0/0xae0 [ 212.409596] ? rcu_read_lock_sched_held+0x108/0x120 [ 212.409604] ? __kmalloc+0x46e/0x760 [ 212.409617] ext4_ext_put_gap_in_cache+0x147/0x1b0 [ 212.409627] ? ext4_zeroout_es+0x150/0x150 [ 212.409648] ext4_ext_map_blocks+0x15d2/0x4410 [ 212.409671] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 212.409680] ? find_held_lock+0x35/0x1d0 [ 212.409694] ? trace_hardirqs_off+0x10/0x10 [ 212.409707] ? trace_hardirqs_off+0x10/0x10 [ 212.409717] ? lock_downgrade+0x980/0x980 [ 212.409730] ? lock_release+0xa40/0xa40 [ 212.409740] ? ext4_init_acl+0x2b0/0x2b0 [ 212.409760] ? lock_acquire+0x1d5/0x580 [ 212.409769] ? lock_acquire+0x1d5/0x580 [ 212.409777] ? ext4_map_blocks+0xa8d/0x1830 [ 212.409793] ? lock_release+0xa40/0xa40 [ 212.409802] ? ext4_es_cache_extent+0x600/0x600 [ 212.409814] ? rcu_note_context_switch+0x710/0x710 [ 212.409828] ? __might_sleep+0x95/0x190 [ 212.409842] ? down_read+0x96/0x150 [ 212.409850] ? ext4_map_blocks+0xa8d/0x1830 [ 212.409860] ? __down_interruptible+0x6b0/0x6b0 [ 212.409870] ? ext4_free_inode+0x1740/0x1740 [ 212.409880] ? __kernel_text_address+0xd/0x40 [ 212.409893] ext4_map_blocks+0xd69/0x1830 [ 212.409912] ? ext4_issue_zeroout+0x170/0x170 [ 212.409921] ? save_stack+0xa3/0xd0 [ 212.409931] ? save_stack+0x43/0xd0 [ 212.409939] ? __kasan_slab_free+0x11a/0x170 [ 212.409947] ? kasan_slab_free+0xe/0x10 [ 212.409955] ? kmem_cache_free+0x83/0x2a0 [ 212.409963] ? putname+0xee/0x130 [ 212.409970] ? filename_create+0x245/0x520 [ 212.409978] ? SyS_mkdir+0xd4/0x2a0 [ 212.409990] ext4_getblk+0x110/0x500 [ 212.409999] ? debug_check_no_obj_freed+0x3da/0xf1f [ 212.410011] ? ext4_iomap_begin+0x1150/0x1150 [ 212.410024] ? __dquot_initialize+0x2d2/0xb70 [ 212.410038] ext4_bread+0x8d/0x240 [ 212.410049] ? ext4_getblk+0x500/0x500 [ 212.410067] ext4_append+0x146/0x340 [ 212.410081] ext4_mkdir+0x571/0xcd0 [ 212.410088] ? putname+0xee/0x130 [ 212.410105] ? ext4_init_dot_dotdot+0x4d0/0x4d0 [ 212.410117] ? make_kprojid+0x30/0x30 [ 212.410127] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 212.410136] ? security_inode_permission+0xbb/0xf0 [ 212.410150] ? security_inode_mkdir+0xd0/0x110 [ 212.410163] vfs_mkdir+0x390/0x600 [ 212.410175] SyS_mkdir+0x220/0x2a0 [ 212.410188] ? SyS_mkdirat+0x2b0/0x2b0 [ 212.410200] ? do_syscall_64+0xb7/0x940 [ 212.410211] ? SyS_mkdirat+0x2b0/0x2b0 [ 212.410223] do_syscall_64+0x281/0x940 [ 212.410233] ? vmalloc_sync_all+0x30/0x30 [ 212.410243] ? _raw_spin_unlock_irq+0x27/0x70 [ 212.410253] ? finish_task_switch+0x1c1/0x7e0 [ 212.410265] ? syscall_return_slowpath+0x550/0x550 [ 212.410276] ? syscall_return_slowpath+0x2ac/0x550 [ 212.410287] ? prepare_exit_to_usermode+0x350/0x350 [ 212.410300] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 212.410315] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 212.410333] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 212.410342] RIP: 0033:0x454e79 [ 212.410348] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 212.410360] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 [ 212.410366] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 [ 212.410372] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 212.410378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 212.410384] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000006 [ 212.515292] FAT-fs (loop0): Directory bread(block 6) failed [ 212.556546] FAULT_INJECTION: forcing a failure. [ 212.556546] name failslab, interval 1, probability 0, space 0, times 0 [ 212.600085] FAT-fs (loop0): Directory bread(block 7) failed [ 212.607193] CPU: 0 PID: 18114 Comm: syz-executor4 Not tainted 4.16.0-rc7+ #9 [ 212.607201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 212.607206] Call Trace: [ 212.607229] dump_stack+0x194/0x24d [ 212.614726] FAT-fs (loop0): Directory bread(block 8) failed [ 212.621752] ? arch_local_irq_restore+0x53/0x53 [ 212.621767] ? rcutorture_record_progress+0x10/0x10 [ 212.621786] should_fail+0x8c0/0xa40 [ 212.621795] ? kernel_text_address+0xd1/0xe0 [ 212.621807] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 212.629290] FAT-fs (loop0): Directory bread(block 9) failed [ 212.634837] ? unwind_get_return_address+0x61/0xa0 [ 212.634849] ? __save_stack_trace+0x7e/0xd0 [ 212.634871] ? print_irqtrace_events+0x270/0x270 [ 212.634886] ? save_stack+0xa3/0xd0 [ 212.640740] FAT-fs (loop0): Directory bread(block 10) failed [ 212.646433] ? __lock_is_held+0xb6/0x140 [ 212.646443] ? ext4_bread+0x8d/0x240 [ 212.646463] ? check_same_owner+0x320/0x320 [ 212.646471] ? __lock_acquire+0x664/0x3e00 [ 212.646484] ? rcu_note_context_switch+0x710/0x710 [ 212.652336] FAT-fs (loop0): Directory bread(block 11) failed [ 212.658025] ? free_obj_work+0x690/0x690 [ 212.658041] should_failslab+0xec/0x120 [ 212.658052] __kmalloc+0x63/0x760 [ 212.658063] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 212.658077] ? ext4_find_extent+0x6ae/0x930 [ 212.663934] FAT-fs (loop0): Directory bread(block 12) failed [ 212.669619] ext4_find_extent+0x6ae/0x930 [ 212.669636] ext4_ext_map_blocks+0x264/0x4410 [ 212.669648] ? perf_trace_lock_acquire+0xe3/0x980 [ 212.669666] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 212.674647] FAT-fs (loop0): Directory bread(block 13) failed [ 212.678945] ? find_held_lock+0x35/0x1d0 [ 212.678959] ? trace_event_raw_event_lock+0x340/0x340 [ 212.678971] ? trace_hardirqs_off+0x10/0x10 [ 212.678980] ? lock_downgrade+0x980/0x980 [ 212.678991] ? trace_hardirqs_off+0x10/0x10 [ 212.679009] ? lock_acquire+0x1d5/0x580 [ 212.683988] FAT-fs (loop0): Directory bread(block 14) failed [ 212.688039] ? lock_acquire+0x1d5/0x580 [ 212.688056] ? ext4_map_blocks+0x377/0x1830 [ 212.688070] ? lock_release+0xa40/0xa40 [ 212.688078] ? ext4_map_blocks+0xc14/0x1830 [ 212.688091] ? rcu_note_context_switch+0x710/0x710 [ 212.688103] ? __might_sleep+0x95/0x190 [ 212.688126] ? down_write+0x87/0x120 [ 212.693907] FAT-fs (loop0): Directory bread(block 15) failed [ 212.699496] ? ext4_map_blocks+0x377/0x1830 [ 212.699507] ? down_read+0x150/0x150 [ 212.699515] ? ext4_free_inode+0x1740/0x1740 [ 212.699531] ext4_map_blocks+0xc90/0x1830 [ 212.699549] ? ext4_issue_zeroout+0x170/0x170 [ 212.717251] attempt to access beyond end of device [ 212.722487] ? save_stack+0xa3/0xd0 [ 212.722497] ? save_stack+0x43/0xd0 [ 212.722506] ? __kasan_slab_free+0x11a/0x170 [ 212.722514] ? kasan_slab_free+0xe/0x10 [ 212.722522] ? kmem_cache_free+0x83/0x2a0 [ 212.722532] ? putname+0xee/0x130 [ 212.728342] loop0: rw=2049, want=40, limit=6 [ 212.734095] ? filename_create+0x245/0x520 [ 212.734104] ? SyS_mkdir+0xd4/0x2a0 [ 212.734123] ext4_getblk+0x110/0x500 [ 212.753136] attempt to access beyond end of device [ 212.754975] ? debug_check_no_obj_freed+0x3da/0xf1f [ 212.754992] ? ext4_iomap_begin+0x1150/0x1150 [ 212.755006] ? __dquot_initialize+0x2d2/0xb70 [ 212.755019] ext4_bread+0x8d/0x240 [ 212.755030] ? ext4_getblk+0x500/0x500 [ 212.755045] ext4_append+0x146/0x340 [ 212.759970] loop0: rw=0, want=40, limit=6 [ 212.764084] ext4_mkdir+0x571/0xcd0 [ 212.764093] ? putname+0xee/0x130 [ 212.764113] ? ext4_init_dot_dotdot+0x4d0/0x4d0 [ 213.568753] ? make_kprojid+0x30/0x30 [ 213.572531] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 213.577435] ? security_inode_permission+0xbb/0xf0 [ 213.582341] ? security_inode_mkdir+0xd0/0x110 [ 213.586897] vfs_mkdir+0x390/0x600 [ 213.590409] SyS_mkdir+0x220/0x2a0 [ 213.593927] ? SyS_mkdirat+0x2b0/0x2b0 [ 213.597793] ? do_syscall_64+0xb7/0x940 [ 213.601749] ? SyS_mkdirat+0x2b0/0x2b0 [ 213.605619] do_syscall_64+0x281/0x940 [ 213.610272] ? vmalloc_sync_all+0x30/0x30 [ 213.614398] ? _raw_spin_unlock_irq+0x27/0x70 [ 213.618869] ? finish_task_switch+0x1c1/0x7e0 [ 213.623346] ? syscall_return_slowpath+0x550/0x550 [ 213.628247] ? syscall_return_slowpath+0x2ac/0x550 [ 213.633147] ? prepare_exit_to_usermode+0x350/0x350 [ 213.638501] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 213.643838] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 213.648677] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 213.653844] RIP: 0033:0x454e79 [ 213.657009] RSP: 002b:00007f02a00c6c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 213.664701] RAX: ffffffffffffffda RBX: 00007f02a00c76d4 RCX: 0000000000454e79 2018/04/01 00:14:14 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) prctl$seccomp(0x16, 0x0, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x1, 0x2, 0xc90000000000000, 0x2}, {0x8001, 0x6, 0xff, 0x100000000}, {0xed1b, 0x2, 0x7d7, 0xfffffffffffffffe}, {0x8, 0x0, 0x8, 0x3}, {0x0, 0x1, 0x4, 0x3f}]}) rt_sigprocmask(0x0, &(0x7f00000000c0), 0x0, 0x8) 2018/04/01 00:14:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) memfd_create(&(0x7f0000000080)=']eth1,\x00', 0x3) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:14 executing program 2: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:14 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r2 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x4) 2018/04/01 00:14:14 executing program 7: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000180)={0x0, 0x23, "feadec4b4208ab10b60f434e24149421173afbb48c662e459632135436c1fd982128ad"}, &(0x7f0000000240)=0x2b) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000280)={r2, 0x80000000}, 0x8) getpeername$llc(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000140)=0x10) r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) fcntl$F_GET_RW_HINT(r3, 0x40b, &(0x7f0000000000)) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x101240, 0x0) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000000080)=0x8000, 0x4) setreuid(r0, 0x0) setpriority(0x2, 0x0, 0x0) 2018/04/01 00:14:14 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) write(r1, &(0x7f00000001c0)="c232cf898f424b0e1687e6bbc60ab6e814f9d32f2dd020a2b492a11593ffba5de292e889635c2e74f0ad1b826309ac64e055aae97fc23c17c60a63e5d769292c48dfd4dc89f4f452ead5b1c684dbc5889a324d9fb9f1d3256720d68b87da72635ad47f0be100add567ec4acd4122dafcc06368ef2eb895ae2a121a30754bb6a1a0fa3095c0917c9a95a29d1dd8d98e9c5f2bf1a84379d746a550ddf33700831e47e1317862bc", 0xa6) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:14 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:14 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 213.671949] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000202b2000 [ 213.679189] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 213.686431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 213.693682] R13: 00000000000003ea R14: 00000000006f7e90 R15: 0000000000000007 2018/04/01 00:14:14 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x400200, 0x0) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:14 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x0, 0x400) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) [ 213.788817] FAT-fs (loop2): Directory bread(block 6) failed [ 213.826145] FAT-fs (loop2): Directory bread(block 7) failed 2018/04/01 00:14:14 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x0, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f00000001c0)={0xfffffdfa, "f654c1"}, 0xffffffffffffff4c) r1 = memfd_create(&(0x7f0000000000)='eth1security\x00', 0x3) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ioctl$TIOCSPGRP(r1, 0x5410, &(0x7f0000000080)=r2) [ 213.834046] FAT-fs (loop0): Directory bread(block 6) failed 2018/04/01 00:14:14 executing program 7: capset(&(0x7f0000034ff8)={0x20080522}, &(0x7f0000034000)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00') ioctl$KVM_SET_TSC_KHZ(r0, 0xaea2, 0x8000) ioctl$KVM_SET_SREGS(r0, 0x4138ae84, &(0x7f0000000280)={{0xf000, 0xf000, 0x3, 0x100, 0x4, 0x0, 0x8ba, 0x7, 0x4, 0x1f, 0x81, 0x4}, {0x6000, 0x1000, 0xf, 0x800, 0x3f, 0x20b, 0xaf0, 0x3, 0x2, 0x6, 0x500000, 0x6}, {0x3000, 0x100000, 0x3, 0x10001, 0x1, 0x100, 0x3, 0x40, 0xff, 0x7ff, 0x8, 0x3f}, {0x2002, 0xd001, 0x10, 0x5, 0x4, 0x10001, 0x7, 0x3ff, 0x3dadb5ec, 0x10000, 0x9f31, 0x2}, {0x0, 0x0, 0x8, 0x3ff, 0x200, 0x1, 0x2, 0x2, 0xef1, 0x2, 0x8f, 0x8be}, {0x7b54ba5863de53a6, 0x4004, 0x3, 0x202, 0x6, 0x7fff, 0x10001, 0x209, 0x2, 0x8, 0x81, 0x1f}, {0x5, 0x6000, 0xb, 0x93b, 0x8, 0x0, 0x5, 0x5, 0x5, 0x3, 0x4, 0x1}, {0x10000, 0x10000, 0x4, 0x93b2, 0x4, 0x1, 0x1ff, 0x0, 0x1004000000000000, 0x1000, 0x7f, 0x60fef208}, {0x5000, 0x4000}, {0x5000, 0x5000}, 0x4, 0x0, 0x0, 0x4021, 0x0, 0x2100, 0x17000, [0x1, 0x2, 0x0, 0xa853]}) r1 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f0000000200)={'nat\x00', 0x0, 0x0, 0x1000, [], 0x0, &(0x7f0000000180), &(0x7f0000000740)=""/4096}, &(0x7f00000000c0)=0x50) [ 213.866462] FAT-fs (loop0): Directory bread(block 7) failed [ 213.893301] FAT-fs (loop2): Directory bread(block 8) failed [ 213.922468] FAT-fs (loop0): Directory bread(block 8) failed [ 213.931098] FAT-fs (loop2): Directory bread(block 9) failed [ 213.955149] FAT-fs (loop0): Directory bread(block 9) failed [ 213.960140] FAT-fs (loop2): Directory bread(block 10) failed [ 213.973974] FAT-fs (loop0): Directory bread(block 10) failed [ 213.986808] FAT-fs (loop2): Directory bread(block 11) failed [ 213.993519] FAT-fs (loop0): Directory bread(block 11) failed [ 214.006801] FAT-fs (loop0): Directory bread(block 12) failed [ 214.021224] FAT-fs (loop2): Directory bread(block 12) failed [ 214.027270] FAT-fs (loop0): Directory bread(block 13) failed [ 214.039503] FAT-fs (loop2): Directory bread(block 13) failed [ 214.045875] FAT-fs (loop0): Directory bread(block 14) failed [ 214.049102] FAT-fs (loop2): Directory bread(block 14) failed [ 214.062347] FAT-fs (loop0): Directory bread(block 15) failed [ 214.063709] FAT-fs (loop2): Directory bread(block 15) failed [ 214.074288] attempt to access beyond end of device [ 214.079383] loop0: rw=2049, want=40, limit=6 [ 214.092430] attempt to access beyond end of device [ 214.097449] loop0: rw=0, want=40, limit=6 [ 214.107591] attempt to access beyond end of device [ 214.112628] loop2: rw=2049, want=40, limit=6 [ 214.118238] attempt to access beyond end of device 2018/04/01 00:14:14 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f000027efd4)={0xa, 0x9, 0x7c, 0x6}, 0x2c) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x40, 0x0) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r1, 0x111, 0x1, 0x8dc, 0x4) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040)}, 0x20) 2018/04/01 00:14:14 executing program 6: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) getpeername$packet(r0, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001340)=0x14) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:14 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x82) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000002400)='/dev/autofs\x00', 0xa00, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB="ae000074a497bec1c16824b2b1fb0478a2840ec4a1e2f5d700a1821ac6c867811ffbaccfd1385af24657294dbe11264388210907eeff2a660a5275c746dc4fb73c056b5bc0ee91915a54f5745f88207be05f342ea2b05daa1315c908d191b4a0138c4e5c0d113547225bcf220c694f6863519e56406031f3d52a19b1c9764a571c894c487d7cc7f72f85dc87af1ad9a31564a937e67e9c1db3160f24867fd715ded1e4a588a527e98809ab65f3f2e44bf11c388011540254d3f6c2488d368ab7d65d28bd4ad66c13c0047729ca97fd569049c2ecb110d0d79886535b2df4"], &(0x7f0000002500)=0xb6) syz_mount_image$jfs(&(0x7f0000000100)='jfs\x00', &(0x7f0000000140)='./file0\x00', 0x5a, 0x1, &(0x7f0000000200)=[{&(0x7f0000000180)="771a12be3635d44ab583eb84b0625d1463ddad8e2341722c9fc7fca182347dbb6ebee6789dc361528cb6b1dbfc4a48cd1982060ce7f63d3baf4e8240c21a844166606cef295ceef968fc14980aef27d03130c88ea3358202648b65b6f5d5d1a9d80f81b7d275433a570fd9d6f6164bb932ab01acdaa1ed26c1eb59", 0x7b, 0x7}], 0x2000800, &(0x7f0000000240)={[{@usrquota='usrquota', 0x2c}, {@nodiscard='nodiscard', 0x2c}, {@discard='discard', 0x2c}, {@nointegrity='nointegrity', 0x2c}, {@resize='resize', 0x2c}, {@resize_size={'resize', 0x3d, [0x78, 0x61340f16a7934e88]}, 0x2c}]}) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000002540)={r1, 0x7}, &(0x7f0000002580)=0x8) 2018/04/01 00:14:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) ioctl$EVIOCGABS0(0xffffffffffffffff, 0x80184540, &(0x7f0000000100)=""/11) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:14 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) bpf$MAP_CREATE(0x0, &(0x7f0000003fec)={0x1, 0x2, 0x0, 0x8}, 0x187) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) 2018/04/01 00:14:14 executing program 7: r0 = memfd_create(&(0x7f00000002c0)='@\x00', 0x3) r1 = getuid() getresgid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=0x0) fchownat(r0, &(0x7f0000000300)='..', r1, r2, 0x1000) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x2) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='..', 0x0, 0x0) stat(&(0x7f0000000100)='..', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x2, &(0x7f00000001c0)=[0x0, 0xffffffffffffffff]) fchownat(r3, &(0x7f00000000c0)='..', r4, r5, 0x1900) fchownat(r3, &(0x7f0000000200)='..', r4, r5, 0x400) bind$nfc_llcp(r3, &(0x7f0000000240)={0x27, 0x1, 0x1, 0x2, 0x80000001, 0x3, "6a4c268dcee896bafdef92a8d405ce14c7476e5b8e7b005e9ed489892c19b1220a264e76e7aa3e0dd526b6b58f86f086a79008210d919cc9496d2287b53c9f", 0x2d}, 0x60) ioctl$GIO_CMAP(r3, 0x4b70, &(0x7f0000000400)) fchownat(r3, &(0x7f0000000080)='..', 0x0, 0x0, 0x1100) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000004c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r3, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x1c, r6, 0x500, 0x70bd29, 0x25dfdbfb, {0xa}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xe65088d45e5a9f95}, 0x1) connect$pppoe(r3, &(0x7f0000000440)={0x18, 0x0, {0x3, @empty, 'vcan0\x00'}}, 0x1e) 2018/04/01 00:14:14 executing program 2: r0 = socket$inet(0x2, 0x5, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x4, 0x658, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000b80], 0x0, &(0x7f0000001980), &(0x7f0000000080)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000050000006400000060067369743000000000000000000000000065716c00000000000000000000000000697036746e6c3000000000000000000064756d6d793000000000000000000000aaaaaaaaaa00000000000000ffffffffffff0000000000000000180100001801000048010000636c7573746572000000000000000000000000000000000000000000000000001000000000000000000000000400000000000000000000007374700000000000000000000000000000000000000000000000000000000000480000000000000000000000000000000000aaaaaaaaaaaa0000ff0000000000000000000000000000000000aaaaaaaaaa000000000000ff4e200000000000000000000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff020000001b0000000000000000006772653000000000000000000000000069726c616e30000000000000000000007465716c30000000000000000000000064756d6d793000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d00000005801000088010000706b7474797065000000000000000000000000000000000000080000000000000000000000000000006370750000000000000000000000000000000000000000000000000000000000080000000000000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a300000000000000000000000000000000000000000000000000000000000000000000000006d61726b000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000003000000000000000000627071300000000000000000000000006270713000000000000000000000000062707130000000000000000000000000766c616e300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaa0000000000000000007000000070000000a00100005345434d41524b000000000000000000000000000000000000000000000000000801000000000000000000000000000073797374656d5f753a6f626a6563745f723a72616e646f6d5f6465766963655f743a73300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff01000000090000000000000000007663616e300000000000000000000000a70d00000000000008bf0fafab1c350073797a6b616c6c6572300000000000007663616e300000000000000000000000aaaaaaaaaabb0000000000000180c2000000000000000000000070000000f800000028010000646e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000feffffff000000005d39a3d49fab9ca553c1d4230d9c4838175e5cf67c2b804725f1cf8b1e0826f2c07637bde1e509316178b486ffb6c78faa083eda3266f360550b1e0e2b410d489cfc793c3970cc9ff088d968e925b0cad3d76f13ab48fa7409a89236e5f0797e749460e32b5a624712003d36a3e9cc0b27933ae6"]}, 0x73d) 2018/04/01 00:14:14 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) [ 214.123252] loop2: rw=0, want=40, limit=6 [ 214.186647] JFS: discard option not supported on device [ 214.192121] JFS: Cannot determine volume size [ 214.196670] jfs: Unrecognized mount option "resize=xˆ" or missing value [ 214.222600] kernel msg: ebtables bug: please report to author: Wrong len argument [ 214.263708] FAT-fs (loop0): Directory bread(block 6) failed [ 214.290801] FAT-fs (loop0): Directory bread(block 7) failed [ 214.309171] JFS: discard option not supported on device [ 214.314658] JFS: Cannot determine volume size [ 214.319198] jfs: Unrecognized mount option "resize=xˆ" or missing value [ 214.339858] FAT-fs (loop0): Directory bread(block 8) failed [ 214.348603] FAT-fs (loop0): Directory bread(block 9) failed [ 214.376291] FAT-fs (loop0): Directory bread(block 10) failed [ 214.386224] FAT-fs (loop0): Directory bread(block 11) failed [ 214.392333] FAT-fs (loop0): Directory bread(block 12) failed [ 214.403439] FAT-fs (loop0): Directory bread(block 13) failed [ 214.410665] FAT-fs (loop0): Directory bread(block 14) failed [ 214.417569] FAT-fs (loop0): Directory bread(block 15) failed 2018/04/01 00:14:14 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000004000)={0xffffffffffffffff, &(0x7f0000007000), &(0x7f0000000000), 0x4000}, 0x373) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) 2018/04/01 00:14:14 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:14 executing program 6: openat$vcs(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/vcs\x00', 0x80, 0x0) syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:14 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x1, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f00000000c0)) r3 = syz_open_procfs(r1, &(0x7f0000000940)="6d617073004825d4f99062d857d0fdd852295fdf8d8a73ebdfedc34ac4ef25f232c029a2ca6e6361068e0d6a62529679b5aa6a713b56577bdffca934fd2f1beb669feec6d8f81ad88b2b98b111bf69d73059f44f113f4e0ca41f40b4e265062f5bef45034318bc89c0ef9e1103bb86e85822248c01feeadabe78c65da0a0ef01576fbede3eb4e925cb82f52ef29a55edb45ac831995065e938214e31efa2c62ed041fd97b9768915bcd4e9979c06fe31d5825a71b413b4229a8220fade2d3cca80e8c427ada6010f6bc29484d0d61da4841d733e14f7b0a0855ae5266e180f82da04d602d00b71f8ab8161d1220dee5d7f16748a01007775430000003f12e20ab1725700000000000000000000") bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha512_mb\x00'}, 0x58) r4 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r4, r3, &(0x7f0000000040), 0x40003b) ioctl(r2, 0x1, &(0x7f0000000a80)="30483c6b45bdc7fbd1b2c9437941066ae05b53be83635f4aaf1845f76d192c28a22f35cc6b174d25b2c401d3868f0b9b5b97099c9ead569d099324303e5e24e0ad6d7d5067c175c4bd0a122b47de4ef5eee59d97f60e86717bc94a2a53173fd48a1ca4f69a8727e3823879fba56a037888c0240bc5f119edbe13f3a1cb3fff70ae8362a1554bf1ba0d75141a0928ceff154912e254d624b253523dc861e049b7b4e89bd356647d534a1f16253af9ede3042bfee8bba381d64200a2700ffe6a1f78808690c6b4bc1a02060b22ae26047534ee6c7f5e8e61e4794b402856fdc230c29df008d4d8a1becae4858c055ed24cd175363d4a88c4f22d5da79a581f17b539eed87f8856250866f35af522eb270896b7fd790b0bbed8d768d32bebd050d75e5a0b18041f39aa2e6d33f1bba4f8436bd0623784615b1184b915ec1c520985e7709ce0b6d3381ec8d9149f582c6c09a0d0971c9b687cb5346f1e539044b7f06434546532e18de5895e0bb2cf66531dbf56c8c4d5ab49694d8623be84bd88f9836c10b85298433f0c1d1a18128869f74b8555a91a07af58295a664bab537b9e2a9e28a0cd7001969b44380a89a2112e0501258dcac6907d2781ff56756d69b378a4e63149e2e7799c1d852835380b639289a2a6a87a59e413e242389fc4ae3244057fd069617bec0e9a95d4abc62563a4fef8ad872476f8ca5934f4e30ce9c8ef3f286688e329b295b029d7f06b2731ccfaaf69ade65057c75f3e5ce59ad1d5177eabb670a35d7c4a172816f02c0045f36160cff27c7bc3a13f72342533ece44d8e6ac8f0514043d175d2262eaad642cee0086c5f2e320a6c2c60357df4a09c51dd3cdcda63634e67feb3989597ae974cb7f3d7c8912b3dfece5679cbfb8ff64df52334db22d1fb2e4e5aa94e9058e3918c08ae66a8364dd3314d587636681764c9d6bc6a8fcc6c623b86ad29f9496984c7351eaf54e17d60e56f8b22c8779c4baaf8bf15f2aa13b6a07da4c179e5f2739db0ab2262cfa68c90bf516734a9b9e7f52af8f19a34665a28fc4b606ec3c37b57e8d4a78e14cf3e4b62f7b5f57ed94c40d14e110577c018e07e6fedd0efeef3ee27e30a0ab96bb3372038d55b8b9fb1528a761e6901535dd381ec82e90f05c383fe0945d288d6c78a407e14b35dc3e2e36934a7943a45a726cb7892f780bd5a83cbb550b4446da079102b45455f0f31a76090c3853798fdc7218221a4fd36544f5647e8983c3bb73b2a9e69e56e0cf157d0f8f7023b5aaa31c0111ec43ffbc6af2ca796373355b4433a76fc571640542d6dbe829ec7fe26e7d1a684e24009e7fce67225e64501dc818f17f1e0eaae9ed82d68003c3a6bdb6c973ef276e636f3146ecd6b5e5bf799d95f01624973695e8455034366a2dcc4a6a8d2d9d12cf53f3c9e4500a1f25ec1c073a79fdb0ced62a4f7b544a824af137656eb99c72384db71ce9b15a2839f411737f4dd57836893d92071c5f283568939605671e1bf1d2854f833f1774d15359f0b21b1301b540b4353686bc1be96705d5feb45391701c1da91f1581e8d049fdc1aaf847cbf70fc82ea54987967d91dc95100966d762c0ae1100d7714dcfef83b23061df27914b5ff05c7eb45158653df521bcb6a2b616e5127c37472c5dd991c66e5450aa98d8930771df9d67a05cb87696820d29ae5205d9acdecb4a9332b861d4e9b247f92e623d9c0d58834adff8f1a24afa078376692b0f5fa2b79383a31e5633a826c342b164849f03c5a8946f383ad92ba2d04f56732bbab79b3760d12ff1f0942e891be16f909d4cc0d549a486e9ca1e94591b597c3a60a26258595820279b411636f2ed430e38ebfb53940bfbcf96dc249f706438443d495990fe6488ac78b1b9ba613534ceacd26dea73d31eb6c8f74f497abf317faf67f90fde1d25414e0c41363429229a2f7d0dfa5e51d4c087f746bb35e2466f55e51e51a103e02275c210c287e94582f7678683ad27928a6ef2df83c98b3094b9a731cdd11935e66ce282d0e45d886ce57afb86d036594f9dcc6c7031155e5c8d13d431b7fdbb2afae80e1cc8c80ee5e52234da6fa4c093ef2995bd3e13d6bc15911c4ece82a2e830a1dad6a8f368aa7f83686236afa430328797d33e357bedf8123920fcc81697f05a8fa82326326b55a7378d95edeb98402494bd08da4881eef1acee9d6295f5f7d8c97e369e200c3e2449201f12dc1f5ef9a4757839ca19b42eab74e139fc01e43e12ca87b5b46c8a976725db58f1a6399b810dae2b2984c8bbf84a067b1d98a479c62563ba3a95ca31b2fa47438beeedb0448efd5102e3f447b6f21bd1c11295f03ddfe8d7e952be8e1a76f54709574081b3f357d77c849a6c38e9dd9de9ad9d70b810380ec1b740c59098c3a707fa3a0e62aefe8d6c9dfede5b3574a1e1518759c36c486fbaa7e42391661e5d0db491d25acebad9d8d65722f2245e21e5227316cad10d2e70456076f9817cb3a45f9ed367f1bbcb6faff19be131f3fd0df880dd10707645b75b7b5fb295d9636e98952a08e1bdfcd30126903a6a3607b2c54a881db32f466655ea724c7cd79f04e0e00f6c3fd7519d8faef5b7dcc33d690fb775cce736dcce691d89c73fd42974d53d870e6210fae17f2415ced7f70b5ae23a58249cef1dbbb6d1999141fe8d54e7b738c2d18eefe49b483c9a1c42676b172ff3f7476c305f3bdfefab5afe079167feca8fae34212c169c182f08eb7de38208fa3c15288c9629570856acbcfc54a2a4ecca22df797e712f49c56eb5f8f855f68b4496c821279c1afcc8a99759626948de04f94e9ecf108cf2854279fe8f7386b294e2b8005cc04deda69f5be0bc5425429a946c4dc329fca234ca9ab2aa114211b44c4f3428552afd22c1685d4c9bc4ed5d5185c4a2447f4f917a93849e6980a346c1a9bcd2b8336b7aaa1ef6aba1fed0454bc6f5f28be6f6b10b0f7a773582cad60533300c0d130757fe7c676dab975f490b2cb2cac67b56bac407eab1652fcd3f2188535637265ba364b5e2939b06df152d67279faab87e783ea484835cb080a7097fbefc12cf815ca92f1e76ba10d4796f81365a135a7b549c84ea09759611850763f88da6ae033dfa61dd242d2d89f7ea4042116ee55f525d27ca94f92c7b122ded0a1f48a2e2341ca241e7e6164b0a31f7db151bd3c1eed47b687bf85986adfdd137f18daea7797a897345c0053aa5fcba3494f73c76d7843d459e59c4dd62d2932e0503ef8d4b0871a2acd41fa4c0b2c9bbd217237622a76359aed3f58859a5c1406c866800b5bfc79149203beb7201ab829339eb259fc8dc04291ec8b9b1427a474b62f2e0783dceb3da1618eabc91c092e00da8f4395bfb7a6ffe88b7cfbf40e40e36263dfc84277683569f28aeed2e6b648cd760c5d96c78b7ee2314923473dd8d7a1cf4eb5fcda965735c2cb08e6b1d4e9b18876e1fe6982e3e3fddcba04c4f9f77ad21ab38b5f9bf470ca473a6024567b1cc6ceb3505ccbf6e854226d6f80c08e2f8769140da7ca25c31ef5ca11dc1a557754cfe76741d5907da1d8276724706e50b8f1cecdc1cc07ab2e934d21efd5e8da5cdb054f86d055eba314fde89505debff8323848081e843369f00324c019f244db4fbf10169f8a36f644b88d3f147ed13ec1fc9f0d5b2f7a20a8198349050f978ed432fbe4714cfd2d0de2a020842d12791b4fbb988584e51534e2d803d61380537ab12e068c51c37dd270bd5f8e80afadbb5a1b9381624ebd6194583e3287d85b7a88018c5d013f9d5fa48aa012397f8420ae4d0182aa6be6850692a66596470ce0feaca44eef83e3221f3ce672a51a26075da874433b58d78d8f85307161ace57e5b313676eef044bd60bf9588c9e1d6fc191279957c63d9a7f8e0e87a6b15170a535c56dd962dce8e8cc5009e464e8c1f62d84fad769ec537d03bccc6a6150601b91d6e592568c37e098daac940c90e3c812222c9a22e8b21b90209abf333b41e04b5f158b04be58cced4c5b5a421671c1ae42e9400eee79963363f90d1baf02b09b227cce0c8e4ff852d0261dff90e257dca304171a0a88cd886ea6ff8f57ff15f23157d22d2bc435e14b853150b540301cb58d4ce4b0f88ff0b7a8000b712d7328fb681c0bad357bda85f079807e4b77702151e61bff7bd795cb4d4b0ebd881ae6e8f936e3607faacaa075d95c44f8fbde9ea45b07e2eac3f286ae74d345ebcc6154e732bc6d4d3829dc514d3c48baec1d39a6cdfe17a338f4675dd563fed3493e19df777adadfdee36b8c01b3b64cc072ef3ad1358f9d6743d9aea4fcec46e1dcb5a3290747a7f3c9534c3417930b98c19b962c9efaffede2ee425e60797c28cddee18b1f750f89139c297db7b9dc82cac80161bcf40b09dabee1b2cf9f04f845bb9be12a1c70e0088a7ade08aabbef9ca7e2e780e5b32207402eb3c3cd41374049a852c15b5a6756d8cc82ff027b83a674299b18bc3bf681f2eab98f15b1413186ae20ac490c8163f1ff9523e790e773febe5fbe062eddb06ae6e9f27dc16b25b73621c8fccd95e9ae1e2e62a07283d46f31479846be9d3b0801adee83f00bec4763b082d519e6a9eb6ea96faf0b9d75a96b0c2e928682cc1d04ced2e3e14af4d309bac7c401fbe2f58ae5ddb609c82956448635d33b390959b4f07281c6379ab7de330f67b18125bb03f0476d62116920f968a680209046d06957026f78cebc38fa7530eac0fbd74b7ad06bd04b1d405736a7c8b9e49d97ab32eadf286f12582891644e95ecd759e493569b9185227d409305cd7d99749cc4f4dc3e68b65dc6823a4963c8d65bfcb3e42b54a78563696cd3db4b7376ea97e1980fce40f2b6d2bbff2e5971792942dd4d3cc000e75f841ad6bd1f25df3fe55cff1b3426a82c19f0bccaee0e0e71add688d68ae4c5ae0e29ce502c51ca560480ad9d7661c674b52c416e735c7c9fe8c03952633eb41cb1698458718b651a9e41fb7a2a9d222498ddb576a9541e5118bc86854d1e5b516c56c925ba33aba7c7204099a365c0e0a1128d27f6b58e05d97f2311457b7d94d63f02d615fa3bb407d43fd7463329c3665063b5d5f3b85a7ca82d959fbd4b95f85306f89ce413c5633520decf4f1979372fdea1829888c7f923ace6911be8d1f192f9c6f3dc0d20b0f8899032d28361d820799a5d757162d7e9090c6f3a0187e95cbed93463a6c94a3f024494c0d043424af7f3405b0c8a76c16f4fb99ad3bd8ed42dbc22647b53d834800cdbc4f93d0b200c00d98005e7ba503b07b5f00644d3fcd84db0913015c1dc9a4ca3dc1c15e7b67c9fab76c9113ec1139caff1f56ce8dec76a1aaf42fe82d379c878148ff5a36f9a30917e0cc90c9dd71f61bb84a623473d738cd821cecbffa678f31e8981189278821287d98555e55eb33a25e9955fe26a157ea552b90ddb2d1195457759dc39ef95bb3fd0d5af767daf7651c09f7cd15c82485c8674677177008981084069020dcecc9edff6cafe2afe84c90732df7bb61484bdc18211be142f6857437389dfc5f93eb55d32ebb4f8d10da4e3fc82d199201a7e05c83341400b6be808bdc0e3d1efb4055f8e14c50f7e24dfee10aa78e2c0ad24e89425b9ac3e6828ad2bd610486c520f3bd5387b8b2bae60f7767d9e35d98e6304a2bcbf3c69706c4dccc71e364c1686fd2cc9a607eef4293f8582cb91c813226150f2c6c0d1ed92b8c818e80d20db93c895dbd01049c95f7404007a1ca95670bdf225fba91b3609e79e96e0021b718b49dfa54") sendfile(r3, r0, 0x0, 0x8718) 2018/04/01 00:14:14 executing program 1: r0 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x7, 0x40000) r1 = perf_event_open(&(0x7f0000aaa000)={0x40000000000002, 0x70, 0x12, 0x1000000000000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x5, 0x3, &(0x7f0000346fc8)=@framed={{0x18}, [], {0x95}}, &(0x7f00000001c0)='GPL\x00', 0xfffffffffffffffc, 0xfb, &(0x7f0000000080)=""/251}, 0x48) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000200)={0x4, 0x5, 0xfffffffffffffffd, 0x91ae, 0x0}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={r3, 0x9c, &(0x7f0000000340)=[@in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e21, 0x9, @mcast1={0xff, 0x1, [], 0x1}, 0x1f}, @in6={0xa, 0x4e22, 0x10000, @dev={0xfe, 0x80, [], 0x17}, 0x2}, @in6={0xa, 0x4e22, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x3ff}, @in6={0xa, 0x4e21, 0x10000, @mcast1={0xff, 0x1, [], 0x1}}, @in6={0xa, 0x4e20, 0x2258, @remote={0xfe, 0x80, [], 0xbb}, 0x7fff}]}, &(0x7f00000002c0)=0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) 2018/04/01 00:14:14 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x2, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8000, 0xdffffffffffffffc}) 2018/04/01 00:14:14 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='memory.high\x00', 0x2, 0x0) r1 = accept4$vsock_stream(0xffffffffffffff9c, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10, 0x80000) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x9, 0x5a5000) r3 = dup2(r2, r1) setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f00000000c0)={0x21, @loopback=0x7f000001, 0x4e20, 0x1, 'wrr\x00', 0x1, 0x8, 0x6d}, 0x2c) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000100)={0xffffffffffff0000, 0xd555, 0x68f, 0x0, 0x0, 0x3, 0xfffffffffffffbff, 0x8, 0xc92, 0x5, 0x14d4, 0x0, 0x0, 0xd20, 0x5, 0x1c, 0x9, 0x8, 0xa52}) ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) fcntl$dupfd(r0, 0x406, r3) 2018/04/01 00:14:14 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) [ 214.428447] attempt to access beyond end of device [ 214.433454] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:15 executing program 6: syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x4000, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:15 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r2 = syz_fuseblk_mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x1, r0, r1, 0x7, 0xba, 0x80000) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000200)={0x0}, &(0x7f0000000240)=0xc) r4 = fcntl$getown(r2, 0x9) rt_tgsigqueueinfo(r3, r4, 0x2, &(0x7f0000000280)={0x23, 0x10000, 0x9, 0x78}) r5 = syz_open_dev$vcsn(&(0x7f00000002c0)='/dev/vcs#\x00', 0x3, 0x2000) ioctl$KVM_SIGNAL_MSI(r5, 0x4020aea5, &(0x7f0000000300)={0x5, 0x6000, 0x7fc9, 0x1, 0x3bc}) 2018/04/01 00:14:15 executing program 7: bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000002800000720a00ffffffff007401"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180)='ramfs\x00', 0x40000000040000, &(0x7f00000001c0)) mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='.', &(0x7f0000000140)='vxfs\x00', 0x3080, &(0x7f0000000080)="cddde05f372d514f09aaec19140dd61fb453b79473d9040595238c360826111104a7f279ae0a83ca5d656bd9f38865") pivot_root(&(0x7f0000000040)='.', &(0x7f0000000500)='.') r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/rtc\x00', 0x2, 0x0) statfs(&(0x7f0000000540)='.', &(0x7f0000000580)=""/4096) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffff9c, 0x84, 0x18, &(0x7f0000000400)={0x0}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000480)={r1, 0xa245, 0xc3a1, 0x0, 0x1}, &(0x7f00000004c0)=0x14) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x1ff) recvfrom(r2, &(0x7f00000002c0)=""/6, 0x6, 0x100, &(0x7f0000000340)=@in6={0xa, 0x4e20, 0x3ff, @loopback={0x0, 0x1}, 0xfffffffffffffffa}, 0x80) r3 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000200)={r1, 0x7fffffff}, 0x8) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000240)={@remote={0xfe, 0x80, [], 0xbb}, 0x8, 0x2, 0x1, 0x3, 0x7, 0x2, 0x20000}, &(0x7f0000000300)=0x20) 2018/04/01 00:14:15 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) 2018/04/01 00:14:15 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) getgid() sendto$inet(r0, &(0x7f0000000080)="d4", 0x1, 0x20020003, &(0x7f0000000100)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) recvfrom$inet(r0, &(0x7f0000434fae)=""/82, 0x52, 0x41, 0x0, 0x0) [ 214.583622] FAT-fs (loop0): Directory bread(block 6) failed [ 214.626189] FAT-fs (loop0): Directory bread(block 7) failed [ 214.663850] FAT-fs (loop0): Directory bread(block 8) failed 2018/04/01 00:14:15 executing program 6: syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0xcea, 0x7, 0x4) 2018/04/01 00:14:15 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r1 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r0, r1) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) [ 214.692086] FAT-fs (loop0): Directory bread(block 9) failed [ 214.704871] FAT-fs (loop0): Directory bread(block 10) failed 2018/04/01 00:14:15 executing program 4: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f00000000c0), 0xffffffffffffffd8) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) accept4$netrom(0xffffffffffffffff, &(0x7f0000000040), &(0x7f0000000080)=0x10, 0x80800) 2018/04/01 00:14:15 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) r0 = accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) connect$ax25(r0, &(0x7f0000000280)={0x3, {"5ad2e5ee4dcedc"}, 0xffffffffffffffe1}, 0x10) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 214.733536] FAT-fs (loop0): Directory bread(block 11) failed [ 214.767487] FAT-fs (loop0): Directory bread(block 12) failed [ 214.800245] FAT-fs (loop0): Directory bread(block 13) failed [ 214.826573] FAT-fs (loop0): Directory bread(block 14) failed [ 214.835096] FAT-fs (loop0): Directory bread(block 15) failed 2018/04/01 00:14:15 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:15 executing program 7: r0 = socket(0x810, 0x2, 0x8000) write(r0, &(0x7f0000000040)="1f00ff03fd4354c007110000f305010008000100010423dcffdf0000000000", 0x1f) recvfrom(r0, &(0x7f0000000200)=""/34, 0x22, 0x0, &(0x7f0000000240)=@rc={0x1f, {0x4, 0x0, 0x8, 0x7ff, 0x8, 0x2}, 0xa1}, 0x80) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x1}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000180)=0x4) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={r1, 0x9, 0x10}, &(0x7f0000000100)=0xc) write(r0, &(0x7f00000001c0)="1f0000000104fffff13b54c007110009f30501000b00024000000000020000", 0x1f) 2018/04/01 00:14:15 executing program 1: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x80000, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000001c0)={0x3, &(0x7f0000000180)=[{}, {}, {0x0}]}) ioctl$DRM_IOCTL_NEW_CTX(r1, 0x40086425, &(0x7f0000000200)={r2, 0x2}) fcntl$getownex(r0, 0x10, &(0x7f000045fff8)={0x0, 0x0}) ioctl$KVM_GET_CPUID2(r1, 0xc008ae91, &(0x7f0000000380)=ANY=[@ANYBLOB="02001f0000008bcdab160000000042698e717a3a6d44bfc0f075a2f3e6000000f113f0d1718ff133d0d75f980000000000000000000000000000000000000100000000000000779254203b9369f319e9d3a1652cb4a000000000eafffffffffff7ff0000000000000000004000000000000000f0e914d45682c8251d3aefeca41e16ad076150ed89e4453a039d31250f5f039f4848cdc3c64a3bb782de6d33d2dff4085f427f7e5f32892c3d61bf94022ed5c46b20963d28d3cde46a311e79274280f979cc318b875f011ea5a0"]) ptrace$setopts(0x4206, r3, 0x0, 0x0) ptrace(0x4207, r3) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$setopts(0xffffffffffffffff, r3, 0x10000, 0xffffffffffffffff) r4 = syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x1, 0x10000) ioctl$GIO_SCRNMAP(r4, 0x4b40, &(0x7f00000000c0)=""/77) 2018/04/01 00:14:15 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) getgid() r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:15 executing program 6: syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x7, 0x4) 2018/04/01 00:14:15 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) connect$netlink(r0, &(0x7f0000000040)=@unspec, 0xc) 2018/04/01 00:14:15 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 214.873490] attempt to access beyond end of device [ 214.878682] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:15 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:15 executing program 4: chdir(&(0x7f0000000140)='./file0\x00') rmdir(&(0x7f0000000000)='./file0\x00') ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffff9c, 0x1}) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x0}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f00000001c0)={r1, 0x2}) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:15 executing program 6: syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x4) 2018/04/01 00:14:15 executing program 7: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f000018efdc)="2400000052001f0014b2f40700090400020007fd07000100ffffffff0800000000000000", 0x24) accept4$unix(r0, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e, 0x80000) [ 215.058123] FAT-fs (loop0): Directory bread(block 6) failed [ 215.081839] FAT-fs (loop0): Directory bread(block 7) failed [ 215.091535] FAT-fs (loop0): Directory bread(block 8) failed [ 215.128947] FAT-fs (loop0): Directory bread(block 9) failed [ 215.145176] FAT-fs (loop0): Directory bread(block 10) failed [ 215.151230] FAT-fs (loop0): Directory bread(block 11) failed [ 215.157072] FAT-fs (loop0): Directory bread(block 12) failed [ 215.162901] FAT-fs (loop0): Directory bread(block 13) failed [ 215.168735] FAT-fs (loop0): Directory bread(block 14) failed [ 215.174551] FAT-fs (loop0): Directory bread(block 15) failed [ 215.187456] attempt to access beyond end of device [ 215.192500] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:16 executing program 2: r0 = getpgrp(0x0) r1 = gettid() r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = dup(r2) getsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x6) mmap(&(0x7f0000000000/0xfd0000)=nil, 0xfd0000, 0xfffffefffffffffd, 0x32, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x936000)=nil, 0x936000, 0x3, 0x32, 0xffffffffffffffff, 0x0) rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0xb, &(0x7f0000055000)={0x0, 0x0, 0x3}) rt_sigtimedwait(&(0x7f0000001ff8)={0x3ffff}, &(0x7f0000f0aff0), &(0x7f0000fbcff0)={0xffffd, 0x989680}, 0x8) 2018/04/01 00:14:16 executing program 1: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xeb0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = dup3(r0, r0, 0x0) openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'ipddp0\x00', 0x10}) inotify_init1(0x80000) 2018/04/01 00:14:16 executing program 4: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0xc) getgroups(0x4, &(0x7f0000000140)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff]) setresgid(r0, r1, r2) mkdir(&(0x7f0000000040)='./file0\x00', 0xa0) 2018/04/01 00:14:16 executing program 7: unshare(0x400) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000ade000)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000040)={0x0, 0x4000000000001, 0x2, &(0x7f0000000080)}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40, 0x0) 2018/04/01 00:14:16 executing program 3: fstat(0xffffffffffffffff, &(0x7f0000000280)) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:16 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:16 executing program 6: syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:16 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:16 executing program 6 (fault-call:0 fault-nth:0): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:16 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:16 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x4700) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10) [ 215.750791] FAT-fs (loop0): Directory bread(block 6) failed [ 215.785217] FAT-fs (loop0): Directory bread(block 7) failed 2018/04/01 00:14:16 executing program 7: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f0000000040)={0x4, 0x0, 0x5, 'queue1\x00'}) r1 = getpgid(0x0) sched_setattr(r1, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x9, 0x100) r3 = inotify_add_watch(0xffffffffffffffff, &(0x7f00000001c0)='./control/file0\x00', 0x80000101) inotify_rm_watch(r2, r3) userfaultfd(0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) ioctl$VT_DISALLOCATE(r4, 0x5608) write$sndseq(r4, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f0000f86000)='./control/file0\x00') rmdir(&(0x7f00000000c0)='./control\x00') chown(&(0x7f00000003c0)='./control\x00', 0x0, 0x0) socket$can_raw(0x1d, 0x3, 0x1) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00002a7ffc)=0x4000000011) ioctl$sock_bt_bnep_BNEPGETCONNINFO(r5, 0x800442d3, &(0x7f0000000100)={0x100, 0x1, 0x2, @link_local={0x1, 0x80, 0xc2}, 'bpq0\x00'}) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000180)={0x0, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) [ 215.820585] FAT-fs (loop0): Directory bread(block 8) failed [ 215.843457] FAULT_INJECTION: forcing a failure. [ 215.843457] name failslab, interval 1, probability 0, space 0, times 0 [ 215.854754] CPU: 1 PID: 18334 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 215.854852] FAT-fs (loop0): Directory bread(block 9) failed [ 215.861936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 215.861942] Call Trace: [ 215.861965] dump_stack+0x194/0x24d [ 215.861982] ? arch_local_irq_restore+0x53/0x53 [ 215.862006] should_fail+0x8c0/0xa40 [ 215.862022] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 215.862043] ? find_held_lock+0x35/0x1d0 [ 215.862060] ? find_held_lock+0x35/0x1d0 [ 215.862085] ? check_same_owner+0x320/0x320 [ 215.862098] ? rcu_note_context_switch+0x710/0x710 [ 215.862114] should_failslab+0xec/0x120 [ 215.884861] FAT-fs (loop0): Directory bread(block 10) failed [ 215.892647] kmem_cache_alloc+0x47/0x760 [ 215.892671] getname_flags+0xcb/0x580 [ 215.892686] getname+0x19/0x20 [ 215.892699] do_sys_open+0x2e7/0x6d0 [ 215.892715] ? filp_open+0x70/0x70 [ 215.892727] ? SyS_read+0x220/0x220 [ 215.892742] SyS_open+0x2d/0x40 [ 215.892750] ? do_sys_open+0x6d0/0x6d0 [ 215.892761] do_syscall_64+0x281/0x940 [ 215.892775] ? vmalloc_sync_all+0x30/0x30 [ 215.896502] FAT-fs (loop0): Directory bread(block 11) failed [ 215.899009] ? _raw_spin_unlock_irq+0x27/0x70 [ 215.899025] ? finish_task_switch+0x1c1/0x7e0 [ 215.899040] ? syscall_return_slowpath+0x550/0x550 [ 215.899053] ? syscall_return_slowpath+0x2ac/0x550 [ 215.899067] ? prepare_exit_to_usermode+0x350/0x350 [ 215.899081] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 215.899096] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 215.899117] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 215.899126] RIP: 0033:0x40f0d1 [ 215.904238] FAT-fs (loop0): Directory bread(block 12) failed [ 215.907475] RSP: 002b:00007f901d8c3b00 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 215.907488] RAX: ffffffffffffffda RBX: 00007f901d8c46d4 RCX: 000000000040f0d1 [ 215.907494] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000004b979e [ 215.907500] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 215.907506] R10: 00000000200000c0 R11: 0000000000000293 R12: 0000000000000000 [ 215.907511] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 216.076801] FAT-fs (loop0): Directory bread(block 13) failed [ 216.083051] FAT-fs (loop0): Directory bread(block 14) failed [ 216.089154] FAT-fs (loop0): Directory bread(block 15) failed [ 216.143751] attempt to access beyond end of device [ 216.148777] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:16 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00003cefe4)={&(0x7f0000000000)={0x10, 0x34000}, 0xc, &(0x7f0000007ff0)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000002d00fdffffffffffffff018713a079fcb5fd8f2b047e423be158bd97f93d2154e235f362ba77c0efe6bc14c5ceeadfd989bc77d6283b242c198795389c5a05fd490ae03f5c95d1c495ca2395fb1a6a6dee85ef4fb4363d032186f2a201dcd334df4bd636f635130d374a2934dacf31ddd4adaa5d55ac8fdba5f2ab9ff690c820198445fd2fb07f9dc56cc404036126705cb37f8df5c5a22cb9058ef4e3d5726418e0f2e0fdcb4c5cea8ec39cc66c3420f397bb02b779d2dd303f3bb7eb2cce344fecd5f0d40b512336d8e2513471bd31112c353d1053ef154e553bb8a9a1a627a356576ff3afa6e9e2eb5d4f712c92b8421b7616225957c84a252b78ab05964f7723b751de8ab2838a1990eeee084f80e85ace77ad5053c71d577f9f945a"], 0x1}, 0x1}, 0x0) 2018/04/01 00:14:16 executing program 6 (fault-call:0 fault-nth:1): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:16 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:16 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x8002, 0x0) getsockname$packet(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x14) r1 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_SET_DIRECT_IO(r1, 0x401870c8, 0x0) 2018/04/01 00:14:16 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0xffffffffffffffff) 2018/04/01 00:14:16 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:16 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:16 executing program 7: sendto$inet(0xffffffffffffffff, &(0x7f0000a88f88), 0x29f, 0x0, &(0x7f0000e68000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendto$inet(0xffffffffffffffff, &(0x7f0000000000)="1d6fde797136c2386a228b2c7dc0db9fe425c699e778d27d2a0be2dd0a8181144dc32436b22ffc6811f328a5c037dda211dbb5af", 0x34, 0x0, 0x0, 0x0) r0 = syz_open_dev$binder(&(0x7f000000cff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) mmap$binder(&(0x7f000000d000/0x4000)=nil, 0x4000, 0x1, 0x10, r0, 0x200) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000040)={0x14, 0x0, &(0x7f0000000000)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f0000011f9d)}) [ 216.242660] FAULT_INJECTION: forcing a failure. [ 216.242660] name failslab, interval 1, probability 0, space 0, times 0 [ 216.248331] binder_alloc: 18375: binder_alloc_buf, no vma [ 216.253957] CPU: 1 PID: 18376 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 216.259512] binder: 18375:18378 transaction failed 29189/-3, size -6545714802281664590--5785477277494200384 line 2963 [ 216.266632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 216.266638] Call Trace: [ 216.266655] dump_stack+0x194/0x24d [ 216.266669] ? arch_local_irq_restore+0x53/0x53 [ 216.266686] ? __lock_is_held+0xb6/0x140 [ 216.301632] should_fail+0x8c0/0xa40 [ 216.305346] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 216.310445] ? __lock_acquire+0x664/0x3e00 [ 216.314677] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 216.319855] ? find_held_lock+0x35/0x1d0 [ 216.323918] ? check_same_owner+0x320/0x320 [ 216.328229] ? rcu_note_context_switch+0x710/0x710 [ 216.333138] ? find_held_lock+0x35/0x1d0 [ 216.337187] should_failslab+0xec/0x120 [ 216.341144] kmem_cache_alloc+0x47/0x760 [ 216.345186] ? lock_downgrade+0x980/0x980 [ 216.349314] ? trace_hardirqs_off+0x10/0x10 [ 216.353619] get_empty_filp+0xfb/0x4f0 [ 216.357485] ? proc_nr_files+0x60/0x60 [ 216.361353] ? rcutorture_record_progress+0x10/0x10 [ 216.366351] ? __lock_is_held+0xb6/0x140 [ 216.370392] ? trace_hardirqs_off+0x10/0x10 [ 216.374697] ? unwind_get_return_address+0x61/0xa0 [ 216.379611] path_openat+0xed/0x3530 [ 216.383306] ? find_held_lock+0x35/0x1d0 [ 216.387351] ? path_lookupat+0xba0/0xba0 [ 216.391394] ? lock_downgrade+0x980/0x980 [ 216.395521] ? do_sys_open+0x2e7/0x6d0 [ 216.399390] ? lock_release+0xa40/0xa40 [ 216.403345] ? do_raw_spin_trylock+0x190/0x190 [ 216.407907] ? __lock_is_held+0xb6/0x140 [ 216.411954] ? _raw_spin_unlock+0x22/0x30 [ 216.416088] ? __alloc_fd+0x29b/0x750 [ 216.419878] do_filp_open+0x25b/0x3b0 [ 216.423660] ? may_open_dev+0xe0/0xe0 [ 216.427442] ? strncpy_from_user+0x323/0x430 [ 216.431835] ? mpi_resize+0x200/0x200 [ 216.435614] ? __lock_is_held+0xb6/0x140 [ 216.439661] ? get_unused_fd_flags+0x121/0x190 [ 216.444225] ? __alloc_fd+0x750/0x750 [ 216.448021] ? getname_flags+0x256/0x580 [ 216.452076] do_sys_open+0x502/0x6d0 [ 216.455771] ? do_sys_open+0x502/0x6d0 [ 216.459641] ? filp_open+0x70/0x70 [ 216.463166] ? SyS_read+0x220/0x220 [ 216.466778] SyS_open+0x2d/0x40 [ 216.470039] ? do_sys_open+0x6d0/0x6d0 [ 216.473917] do_syscall_64+0x281/0x940 [ 216.477784] ? vmalloc_sync_all+0x30/0x30 [ 216.481911] ? _raw_spin_unlock_irq+0x27/0x70 [ 216.486386] ? finish_task_switch+0x1c1/0x7e0 [ 216.490872] ? syscall_return_slowpath+0x550/0x550 [ 216.495783] ? syscall_return_slowpath+0x2ac/0x550 [ 216.500693] ? prepare_exit_to_usermode+0x350/0x350 [ 216.505691] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 216.511041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 216.515868] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 216.521040] RIP: 0033:0x40f0d1 [ 216.524211] RSP: 002b:00007f901d8c3b00 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 216.531904] RAX: ffffffffffffffda RBX: 00007f901d8c46d4 RCX: 000000000040f0d1 2018/04/01 00:14:17 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x4) [ 216.539838] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000004b979e [ 216.547092] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 216.554342] R10: 00000000200000c0 R11: 0000000000000293 R12: 0000000000000000 [ 216.561591] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 216.654908] FAT-fs (loop0): Directory bread(block 6) failed [ 216.710648] FAT-fs (loop0): Directory bread(block 7) failed [ 216.727513] binder: BINDER_SET_CONTEXT_MGR already set [ 216.742236] FAT-fs (loop0): Directory bread(block 8) failed [ 216.756469] binder: 18375:18378 ioctl 40046207 0 returned -16 [ 216.758783] FAT-fs (loop0): Directory bread(block 9) failed [ 216.779275] FAT-fs (loop0): Directory bread(block 10) failed [ 216.795796] FAT-fs (loop0): Directory bread(block 11) failed [ 216.809149] FAT-fs (loop0): Directory bread(block 12) failed [ 216.816886] binder: undelivered TRANSACTION_ERROR: 29189 [ 216.828163] FAT-fs (loop0): Directory bread(block 13) failed [ 216.842250] FAT-fs (loop0): Directory bread(block 14) failed [ 216.859236] FAT-fs (loop0): Directory bread(block 15) failed 2018/04/01 00:14:17 executing program 4: modify_ldt$write2(0x11, &(0x7f0000000000)={0x4, 0x20001000, 0xffffffff, 0x8, 0x5, 0x1, 0x80000000, 0x7, 0xffffffffffffffff, 0x7}, 0x10) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:17 executing program 1: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x70, 0x1e2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000140)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='configfs\x00', 0x0, &(0x7f0000000040)="93173aadf7a31bb63206a87f044b78e60047ea6a96658d42acbe708dbb5d69e768") r0 = open(&(0x7f0000f04ff8)='./file0\x00', 0x0, 0x0) getdents64(r0, &(0x7f0000004940)=""/4096, 0x1091) 2018/04/01 00:14:17 executing program 2: r0 = getpgrp(0x0) r1 = gettid() mlock2(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0) rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_tgsigqueueinfo(r0, r1, 0x11, &(0x7f0000055000)={0x0, 0x0, 0x6}) rt_sigtimedwait(&(0x7f0000001ff8)={0x3ffff}, &(0x7f0000f0aff0), &(0x7f0000fbcff0)={0xffffd, 0x989680}, 0x8) 2018/04/01 00:14:17 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x0) 2018/04/01 00:14:17 executing program 7: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1a}}, @in6={0xa, 0x4e21, 0x101, @dev={0xfe, 0x80, [], 0x13}, 0x7}, @in6={0xa, 0x4e21, 0xffffffff80000001, @loopback={0x0, 0x1}, 0x57b8}, @in={0x2, 0x4e24, @multicast2=0xe0000002}, @in6={0xa, 0x4e22, 0x8, @dev={0xfe, 0x80, [], 0xd}, 0xfff}], 0x74) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000002c0), 0x6) 2018/04/01 00:14:17 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) accept$ax25(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0x10) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:17 executing program 6 (fault-call:0 fault-nth:2): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:17 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) [ 216.894920] attempt to access beyond end of device [ 216.899978] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:17 executing program 3 (fault-call:1 fault-nth:0): r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:17 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000100)) symlink(&(0x7f00000007c0)='./file0/file0\x00', &(0x7f0000000200)='./file0/file0\x00') r0 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x8, 0x300) socketpair$ax25(0x3, 0x5, 0x7, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) syz_mount_image$xfs(&(0x7f00000002c0)='xfs\x00', &(0x7f0000000300)='./file0/file0\x00', 0x2, 0x6, &(0x7f0000000680)=[{&(0x7f0000000340)="1d1806f10cb6aba65b4469a5da182058c757d46b3936e533ae826e0d1c87c3f0f1436bb868062f7e885f78112fc6c6bae7de4d4c85b9e048d9f714d1a3a32a1ceb2cf7ffb7af1e82c10efbba7aa088a1e47bc82e919d0d69c7b655db6957f6f4e34546f92e72addf3203ba7c78c13067bafbb53ac396ab857f515246b3d359c2", 0x80, 0x4}, {&(0x7f00000003c0)="23d0011df7c54ff5b20c68340f0e07de17722f4fe7a401203535f74288f43d1d16bda5072be96ddb191d91fae562a9b6077115d0fe3ebe221f0d765d50bccf37db3164e55cee67f1d2e259e00d3ba51f34b944a5919ea709ba57a336fdee479c8c2cb2f597771cac1149d4bdf69be21031a8223d4e097f994cfba25308629f488f0338db6f6d9acf76b5f9d19e05a8d4", 0x90, 0xed08}, {&(0x7f0000000480)="63e56500ac477e812f28bfa77de926b479caac54dd19d10256f873235a2a3acf637a15323dfe3754dc3adb402c06ea3d1c28629be884bb4616fcf46614fa636748e607801a7bda885404d9f580e7eeca9558e6e849aee6e069f1b4f42403a0e4faea8dd3c77e636d2aac7956dcafeec430860a465719", 0x76, 0x401}, {&(0x7f0000000500)="b2c7d1371feee79150fc7c806d221e50059519cdb5ed0c1e10f7ba705388d4fb9eb6e4fe2f0556407109288ea2dc6efe5ed6f8a32c", 0x35, 0xffffffff}, {&(0x7f0000000540)="80253fd32317ca9d3f4dd25472c99794a6edfc44730044dc24919df3fc1f619b8059070a61bb014faedefd8647ca7c941754a5c4c4a7a8", 0x37, 0x7}, {&(0x7f0000000580)="e2c28ef2f7b36065a401211eee02a3bd03ffece6b9624d180abe4484bd7bc0d0440799cf1373fb0f860710734d6eddb25be34c8b282fdbbf4ba71137cf80bfdb0567efa1857f870856231a6f51942a168a7fa1ce7e34522abe1c5241b6ffaf880ac311f67d43d8df0e01114eee782c6f40e102e4baeabd88c24737138ca7c63c643f7d1df906cbd9f02886c2f6769c7c52d8530f583dd797429965b08bf4fa17b3d25cd67a1545e8da5fc7e45fbafd42fa75edcc49056358b29938f39c01c5f05b7bd556afc7c1f65c4fabc6152f8c0ee8fd358776d84c3c5826d8a51d644583", 0xe0, 0x20}], 0x400, &(0x7f0000000740)={'nouuid,', {[{@noattr2='noattr2', 0x2c}, {@gqnoenforce='gqnoenforce', 0x2c}, {@gquota='gquota', 0x2c}]}}) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000280)={&(0x7f0000000240)='./file0\x00', 0x0, 0x8}, 0x10) unlink(&(0x7f0000000000)='./file0/file0\x00') 2018/04/01 00:14:17 executing program 4: clock_gettime(0x4, &(0x7f0000000000)) mkdir(&(0x7f0000000040)='./file0\x00', 0x6) 2018/04/01 00:14:17 executing program 7: syz_emit_ethernet(0x3e, &(0x7f0000000080)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff2f, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @local={0xfe, 0x80, [], 0xaa}, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f00000000c0)={0x0, 0x2, [0x571, 0x826]}) [ 217.029956] FAT-fs (loop0): Directory bread(block 6) failed [ 217.067946] FAULT_INJECTION: forcing a failure. [ 217.067946] name failslab, interval 1, probability 0, space 0, times 0 [ 217.074592] FAT-fs (loop0): Directory bread(block 7) failed [ 217.079629] CPU: 1 PID: 18431 Comm: syz-executor3 Not tainted 4.16.0-rc7+ #9 [ 217.092615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 217.101972] Call Trace: [ 217.104564] dump_stack+0x194/0x24d [ 217.108193] ? arch_local_irq_restore+0x53/0x53 [ 217.111291] FAT-fs (loop0): Directory bread(block 8) failed [ 217.112862] ? print_irqtrace_events+0x270/0x270 [ 217.112883] should_fail+0x8c0/0xa40 [ 217.112900] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 217.112912] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 217.112924] ? __lock_is_held+0xb6/0x140 [ 217.112938] ? print_irqtrace_events+0x270/0x270 [ 217.146081] ? __lock_is_held+0xb6/0x140 [ 217.150133] ? check_same_owner+0x320/0x320 [ 217.154436] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 217.159636] ? rcu_note_context_switch+0x710/0x710 [ 217.164556] should_failslab+0xec/0x120 [ 217.168513] kmem_cache_alloc+0x47/0x760 [ 217.172554] ? __lock_is_held+0xb6/0x140 [ 217.176605] jbd2__journal_start+0x1d3/0x9f0 [ 217.180997] ? jbd2_write_access_granted.part.9+0x3a0/0x3a0 [ 217.186701] ? rcu_note_context_switch+0x710/0x710 [ 217.191624] ? __lock_is_held+0xb6/0x140 [ 217.195668] ? __might_sleep+0x95/0x190 [ 217.199628] ? _cond_resched+0x14/0x30 [ 217.203500] __ext4_journal_start_sb+0x15f/0x550 [ 217.208238] ? trace_event_raw_event_lock+0x340/0x340 [ 217.213408] ? ext4_alloc_file_blocks+0x528/0xa40 [ 217.218231] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 217.223924] ? ext4_ext_index_trans_blocks+0xef/0x120 [ 217.229098] ? ext4_meta_trans_blocks+0x216/0x2d0 [ 217.233928] ext4_alloc_file_blocks+0x528/0xa40 [ 217.238580] ? lock_release+0xa40/0xa40 [ 217.242543] ? ext4_access_path+0x110/0x110 [ 217.246860] ? __might_sleep+0x95/0x190 [ 217.250835] ? inode_newsize_ok+0x188/0x280 [ 217.255136] ? down_write+0x87/0x120 [ 217.258829] ? setattr_copy+0x540/0x540 [ 217.262780] ? down_read+0x150/0x150 [ 217.266482] ext4_fallocate+0xc9d/0x1f90 [ 217.270525] ? __fget+0x36b/0x5b0 [ 217.273964] ? ext4_insert_range+0x1350/0x1350 [ 217.278528] ? iterate_fd+0x3f0/0x3f0 [ 217.282311] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 217.287145] ? trace_hardirqs_off+0x10/0x10 [ 217.291450] ? lock_acquire+0x1d5/0x580 [ 217.295406] ? lock_acquire+0x1d5/0x580 [ 217.299362] ? vfs_fallocate+0x515/0x6f0 [ 217.303411] ? __lock_is_held+0xb6/0x140 [ 217.307460] ? rcu_read_lock_sched_held+0x108/0x120 [ 217.312456] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 217.317194] ? __sb_start_write+0x209/0x2a0 [ 217.321498] ? ext4_insert_range+0x1350/0x1350 [ 217.326062] vfs_fallocate+0x33c/0x6f0 [ 217.329937] SyS_fallocate+0x53/0x90 [ 217.333631] ? compat_SyS_ftruncate+0x30/0x30 [ 217.338108] do_syscall_64+0x281/0x940 [ 217.341977] ? vmalloc_sync_all+0x30/0x30 [ 217.346109] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 217.351627] ? syscall_return_slowpath+0x550/0x550 [ 217.356541] ? syscall_return_slowpath+0x2ac/0x550 [ 217.361455] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 217.366812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 217.371643] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 217.376814] RIP: 0033:0x454e79 [ 217.379982] RSP: 002b:00007ff7dd5f7c68 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 217.387681] RAX: ffffffffffffffda RBX: 00007ff7dd5f86d4 RCX: 0000000000454e79 [ 217.394931] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 217.402181] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 217.409442] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000014 [ 217.416692] R13: 000000000000007d R14: 00000000006f2c58 R15: 0000000000000000 [ 217.424683] FAULT_INJECTION: forcing a failure. [ 217.424683] name failslab, interval 1, probability 0, space 0, times 0 [ 217.425128] FAT-fs (loop0): Directory bread(block 9) failed [ 217.436049] CPU: 0 PID: 18411 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 217.448863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 217.458216] Call Trace: [ 217.460814] dump_stack+0x194/0x24d [ 217.464447] ? arch_local_irq_restore+0x53/0x53 [ 217.469123] ? kernel_text_address+0xd1/0xe0 [ 217.472279] FAT-fs (loop0): Directory bread(block 10) failed [ 217.473540] should_fail+0x8c0/0xa40 [ 217.473556] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 217.473573] ? save_stack+0xa3/0xd0 [ 217.473584] ? save_stack+0x43/0xd0 [ 217.473594] ? __kasan_slab_free+0x11a/0x170 [ 217.479513] FAT-fs (loop0): Directory bread(block 11) failed [ 217.483079] ? kasan_slab_free+0xe/0x10 [ 217.483090] ? kmem_cache_free+0x83/0x2a0 [ 217.483099] ? putname+0xee/0x130 [ 217.483116] ? find_held_lock+0x35/0x1d0 [ 217.483140] ? check_same_owner+0x320/0x320 [ 217.488324] FAT-fs (loop0): Directory bread(block 12) failed [ 217.491819] ? get_unused_fd_flags+0x190/0x190 [ 217.491829] ? may_open_dev+0xe0/0xe0 [ 217.491842] ? rcu_note_context_switch+0x710/0x710 [ 217.491860] should_failslab+0xec/0x120 [ 217.491869] kmem_cache_alloc+0x47/0x760 [ 217.491879] ? putname+0xee/0x130 [ 217.495582] FAT-fs (loop0): Directory bread(block 13) failed [ 217.499870] ? rcu_read_lock_sched_held+0x108/0x120 [ 217.499883] getname_flags+0xcb/0x580 [ 217.499891] ? putname+0xf3/0x130 [ 217.499904] SyS_mknodat+0x17a/0x480 [ 217.499919] ? do_file_open_root+0x4d0/0x4d0 [ 217.499930] ? do_syscall_64+0xb7/0x940 [ 217.505807] FAT-fs (loop0): Directory bread(block 14) failed [ 217.509654] ? do_file_open_root+0x4d0/0x4d0 [ 217.509665] do_syscall_64+0x281/0x940 [ 217.509677] ? vmalloc_sync_all+0x30/0x30 [ 217.509690] ? _raw_spin_unlock_irq+0x27/0x70 [ 217.509700] ? finish_task_switch+0x1c1/0x7e0 [ 217.509710] ? syscall_return_slowpath+0x550/0x550 [ 217.513943] FAT-fs (loop0): Directory bread(block 15) failed [ 217.517276] ? syscall_return_slowpath+0x2ac/0x550 [ 217.517288] ? prepare_exit_to_usermode+0x350/0x350 [ 217.517300] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 217.517315] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 217.517328] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 217.517336] RIP: 0033:0x454e79 [ 217.571134] attempt to access beyond end of device [ 217.574149] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 217.574161] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 217.574167] RDX: 0000000000006000 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 217.574173] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 217.574178] R10: 00000000000007c7 R11: 0000000000000246 R12: 0000000000000000 [ 217.574184] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 217.702334] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:18 executing program 7: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000080)={'syzkaller0\x00', {0x2, 0x0, @loopback=0x7f000001}}) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) close(r0) pwritev(r0, &(0x7f0000001200)=[{&(0x7f00000001c0)="d0552604605253cab16db44b77562d90133740a6fcf165ea1338e285887e055152a391d102211ee20125a55a6572989077f6728387973670d06e360da09e25", 0x3f}, {&(0x7f0000000200)="d50666e1e80b8e9b0dedebd488d575c02b85fa4e47e38cb4e2caedd6526550ee0c77b400a90c6896b27a5f746f5646dc85bd7a9c3f4bf4e591b1943a57c70d073e61df230967bf7b06814b5087ac56d09bb0feb752c5ad6f8907f13b057cd51c072bcded8f1dbdf0e542c1dc45bcf2a027d57b75ab088a4223720cf552290e79a4fb095417667eb65872ff898ee79b13828869bfabe0a3574bb3df18cbc5a2d1eddc580dbdd7c3f16d983377ac90e6d4016fed3788d721c4c0f737ff5f8f02a27225ac9104841e49bb5724203f44e83122cd12ac9d08e55b0f0acffebcf0cb76be52828f562535e12a36e17f2487d52f60d99189de791b0a68de50f6d568ed3dd179655117e9c4b6c869867e1ae7f5189d006805e6adc08bf3a9184d4a8a52f26c11d6889b70d78dc201663759c43ff0270c6d613cd2fa346061342cb64accca2e11f864081f60a5192011c7736c2c43827b24af9dbadaa3bc7ebc4043f03fed537a5ab7bca7f806601bb65acd19c085741ab6957575368b59388cf75764294d355dcad545941402b437b917be58d9b70d17db63c7241a456b1bfdf23beb840d9a22d4225d9bfa79601c2881b1ff71c1bb97e1f8839b33f64a6feabdbfcbcebe8f5591ace582b3ac8324ea46b4b779e14295a5e4ecd6827d47d0b6f670d13593ded0ffb88cf902e984cc1e94aed78edf1a2a178f74f62222e0ec2201a9bb5f28348f77370cd0d594f638daf4e8b5d84e91eac9190bd103453c891338855ab84a3ea261bb59b05e2e3f3e206e7adb9d8a33120ec7ed85831070488ae43caa17e382f90f8f7f1fd420dabbc7a6c546c1c33cb198909b79f0cedc26c0afed8b15014ae95c0dba2c55e890a8534415b8b06b734ec9a29b495cdad14df208bf1d08cdfd291b5fa2dd0ce805b8adfc4e9e40af0aaffa09203a79a5b3487110dfcb601819ed3be4cb87a020c6b76c859e91bc20be98d927e80b0b838051582dfd861b78ed88847115418b18390c4c2f7ab26cf5930acb3cb470c4d61f8f1a3c6fc2311edc4be9bc4b6a8cdbf0475a44de0be5b71c4790aa9930504e9c63e5e95a51a97bbb7237d46738e890ba1463ce91908f609822c7000e2d94958b2d383a83ea584a733e7bce9e2a1abf9c61a9537d6e8bda17504ffec43f0c6d380f3ddd5f45515cdcb6a264ed2267ad4751c7ae6c12da77bd1382ee099b293cff2ab19d0fb384933ca202b0795f2fb93862a5db96e2a3b301b3ef42ba7ab84991a8f59ecf68ab1c7d49d6641373d61fdc37844bcdfe0e2fd96a8a58329d126d4a39e563461a686fc00314032981e092c5c510e57c0b0fe3933d9cd89fa62a5c9f83f8af76de7f109a195096cfe0116b9f36ab2547be0c9093a31efae74ccde450c603a493a4ffa1535de011d0c972790dd8a6d995497a3e36b7aeb1e165aff8f7ee3a963062187fd9f16aed4694a9b16ac4e597e8cc1264139d6abb6f9a2f33ffa5d1239a5f4e1eb629ceac82c1d917ba7573ecf1fdcb9adf192268a521a8629052581925b2026aab1709dcf7c628913a56a3ecb5ed256c86f446175b1045489a6a537169cb3a0e07344a8ebede2f1f74d91f9a52e701157e06bc0e817da46c424c9a2a354e2de156636f49f319a8f888b2176f796cf2de2f8b11c3ea97844767661cc1f5e4e29028e9f9097706beec2811e0aaa908dea5205993af7c194fbdb98674fd70910d5accef4b5605f58ebb05f2c70e67264af25f64bbebdf2bbbe3b8913f6b434f8b09b9af03c1d8f334d29dfdc35142d45309514e67014c4a6f26c17fe886a4f561932c729c7939818676af6374d927ed83d718b31952f851182a02c2f2e31d034500ed980e80fcfbb2693f4cd44cd50755e1298265831c4698f8a7d4b1e3af221ca7e5c9d66dd231fc98a9eb9736250a691eb13bc1a30c4814c4f52040fd3d5e69e1debec9ad5043a0ff5cfd38e501f82bd230ce3559bb5274ba4dac14a384aa327553f9d55a389c3d41cdec9f1798c1294532a56134880086e107c69076b5cac9cf94d1f0ffe65145cb992f1588d3cf5b9fa4aad702a5a143bd17daaef05e2d9c1b48230a0d0facd3871f5f610be013450f0ebc3105d0bd3f2063fa9097761343c83c35c8ce5eb64b971a3ddc0c6a517f65734307355eea617f0c82610a6cab44140d655190822ddd35ebd2646491b4d9f5d1c84b3c2063de25f9a712eab7a7fd1ef06849e8320abcb760aee83aa12994d8a40b92f5ccc9e0022f43f068f0d4a8a93f0993364c8fbfa6d04eae462d2961535f937ab8d38229f387e381c8993e8a43101c290737b6f97f89dab728ca50c37c7e497939477f76a0a42e20d3444f17e1fbfe7ab71b956a2e2fc19905a05044128f76617a7ce0fecd942606c4ca9a2bd55c3c8259fab091c137aab24563db3750c3dae94b0f2b99df35eca17e530ddd62d4ef3895e0d4c1b797367401d75f431a2104318c8ab31816d3ba8997590ef59b727e05251e79b5c7d27b6a090468f172534df9b265e2fdb2fe36fed2f04ce2a74e6c4d7f3c1dd78991ed2d0a124a51656da014cdaad1ea97bb5fd0d5f69e0fa5e41c1e5031ae1ee318c1b57a10029a5c82ab542914eeed7548a01a2b8a2d334d88a7cd6be9019c7e00f295333d43def9f7a60be080bbb58126b9d4523c8ebd8dc5fc0db33959f9d957fbbca9b51c15a3f6296e22594fe0fc427cbed42c0f50b0158dca7635f9e8b6ec797af6da9a314064618297feb48e1103e1a44828bdf82adb66e434ac7979a7b92b5d2bcf34b9dd101ddf8fa20f7587e178a8efa4ccbc160e8c88398eb02bf6dc6ed1a3777edf0e300949f4e7558f0e64abd9f9ac0ad59613f75f6a28c7f5e60373d2225983532841d3b28d25a55abc8e63f120d4cd378644444ce004aaae96e213bed1a14ceb8651256ff2207fdaee6440dd8b38af65998878ad23797d5909f61d6ab1e83bad1e611622ef0d71cf82dda8582c8d54cad6924b7ab3df5f8508b225ac847d0992a6918fdd2c564a81a90061fc01df8157eb5e49368d0d5ef0a1548b1d650715838e5510382e17177ff38169e67451b33a050c4012a12d150741ab2ab65ffec1e7f4bca783973f15fc18f9dce16bcb8344714af798ce26be5a5e5fb128d172891158be551eb7b6d66c008b3af4f6695977caf93a2517459c8ffe6298a0723f68493b6088c6cfb80550d024fd4216f28f60db0dabc064895284bfcffdb17a49f01c640d7572db4b2695890d09379cbd8458af64c32dad3eb666926740a855fb0c1dfb612e8f5c0c9d89e483849211de7fafbf768aba50c7e1377225d841b5eb7cc9879dba0538d792942dc480b5c4bfded71f9c673b4169c339a2fd48b25c957fc71e248cfde096dd12833eb0f79dd15fb1e113df0e1a492dd412962d6c0f4c30e6c58c7316e15ff7f5ac002560130417bb68ab746069dc36fb97b437e3f677eb10bdb16069268f1b8b50e1c656418c310e709c89136c99db93fd0a8e101eaea97c3b1755d81889db408117330465602f16d654cb085711b0afc3fc48e4a9137ffd6ef3685c7e672699d17a206ccd8190195ec92afefbc8a1bb3d499ff41db124d0c43d8f42bf18176387a07446d938421af7caf1a91e54c4ce4eb46a3507d0776169cd4452cfbcb33e470a10304d22b8222c88e9671e0d3793665354270990be8de0c9bf7fa2a556f09c1effd1edbfc012dc7ffd242d00cc7997a096a20e48130618f34ef560e6c380c705ef68862acc060b62716c018b4574f597fd8199eabde6030682d22f99241c385274b9a5beb2ca6f3e3a97905eb801ebca6bd7494fb2351d7ece646edbacb8d9400d63714b42c2a2082b14498615233d758e4bd34b1fd8a0ff79b569b71a84945e0790efa00695db844ee3e5767a7c950c35990c7ae4be6ce78cf9206f90a3312de2bd355d4e8409ae060a89946e6844fc31806b8e6985d5064cc23d11c5b9b51a2b0abfa0f5951abcd55d687d7376c339c946b863499ad94ce9a860f5c1c55a89a9619f6148415ba3f35c986c4cb2a0dfab8370b56bf382b54eb91f245e07b864966b1999f19a9a8c892408f42915c09acf7a1bdedc251f51f1d86f54955586a1d8336093a1c36adc21fb33174d56e808ad45639248c8673af2ce789f1529f879290f6019997c5c8dc1d39911d19642119429a421883a682943726e23f3e5c56b7f30972726d2d184ba0fcd32144eb621f26af8f01260e72e050caa27989962ee6d2b1c33fc00eb7f0e93ff978b2d1bc2cb17dd2086cc214f9b2f42dd6c277dbb6c499e23364c6ae148f6d6566b27586811d935206d0b356a182c9aa41fbf490b52730c9d9dd9215f19b95b19a5c2c4442a49b9681d31ad7095eee744bef48ef63e2ea7e8791fefa55540ba10a585c1a36d53741e5eb735c4ff71c3bf051d2dc04c790500cecabcadb34a81c1df9b515858b41c3e69b6d829ce493d2058b1b635e0a9b25ef9d3f011fb102d3423e40af0d7df03d7f40a91af2ff1b8e7569460f938fb671bb5755051a110dbaf337b7d4da033a01fa67a461c0c6479f0016db442e381e9653464b9654d71733b9c8a865c0e8e78aa2d3fc620791af691b3db53a6897995c5f61ec3599a0797ef9c8d3060700715d919ff076e523e2d23b4c47f8f7b70d68feaf50b5ce62c8efbdf57f1e992b599505853cb3845b6d1820f446765cb822477e31013617e62b2b0c85c34d75626be2c753ed99a158371769e3920cbd41aeac0fef9b5fc537a6562c15300c4904ba98ba6e6077b9e75b04ab3d6b2a461a2b0c3a368663bcf890632274a195f41b8086f85a4d00970f15b477a94b57c62175412d38373ae8737c6b0971beb7f7b990cfcf9d220d9ba5b05effa7e6db45176404c1950ad840bc75d0499f6740c7ca8b1d20f372a9e0ac03439b7ece014b8b9cc92b94106cf401559a206c10784bcff60c58a53b6aa3ebdc60891222c5e8f6e21196e981ce71cad3243e79be301ebed0cdd8d5e58b52713a7ac1994065a6fd020af56768dc942eb4ffebaf6d513b91f915ec9521e4ecf554f82e1a5c3711a29dcc0222ad8854712e9e5d0c6655ad0c47236d7cb3e196e29894b492a4ba2037259bb2d61bde82e141afca3b9fcece3b23a708d2049512c9658d1893f0e6d0d2e6edfd811c74f7175cb1b720b3ec37d96c31dced9d27e68692e25f171556cd24e55a549a604eac3cb0a01093fd9e0c61c80724380f4089c6e7c84a526122aae2381861ce877751a746caa74bb21da07c6959f034e15adf6cf876222c6b7c08582a9809dcce5dde98c8214d4084439c8d5f83548926bd4197d36b154bdf7e82d6f5d5a987a65b2bb6bf1e9ec9c12033d93461624ff474bd8d59488d848951cfc5209c153ddaff9c602c3db2897e1a68e10f0c7299c939a2dbbdc506c6f38b895a285c5c383b86cc04290ec0c6701d20092d40affe84b52a03ea49cc0246cefd3658a68549b24d921051926d97a8abba9184c72ba34d010265b38cec12349775cb9412566987c2f7ebb9137297a29a022a67ec732a4490c0543f8db5fda710a46a20da72ee23b51e11b19f6822649ab92917acbe32341196d3442a93b2a0badfbb0dc7e6cf97c488301d03dd8a6eaa27557af286c236316ebcabf20812760827cb78938076989e436fc02aeac3b26f8788df12f246dd555cf44d3fda98a85a6511de7cbb9bc40f20cdf2ecdcd403d7282396b562cb9541f0dc05beb685a50647a7edf5f67d283521336da2e7f4c5411c4ad2518f97d7cbabafb3b7ac709ab9a605ba2aa082f6c", 0x1000}], 0x2, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) statx(r1, &(0x7f0000001240)='./file0\x00', 0x5e4f240e892aace3, 0x1, &(0x7f0000001280)) accept4$netrom(r1, &(0x7f0000000040), &(0x7f0000000180)=0x10, 0x80800) setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f00000000c0)={0x10001, {{0xa, 0x4e21, 0xaa1, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x7ff}}}, 0x88) 2018/04/01 00:14:18 executing program 6 (fault-call:0 fault-nth:3): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:18 executing program 3 (fault-call:1 fault-nth:1): r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:18 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockname$inet(r0, &(0x7f0000000040)={0x0, 0x0, @remote}, &(0x7f0000000080)=0x10) truncate(&(0x7f0000000000)='./file0\x00', 0x9) 2018/04/01 00:14:18 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000000c0), 0x4) bind$inet6(r0, &(0x7f000000d000)={0xa, 0x4e20}, 0x1c) r1 = socket$inet6(0xa, 0x8000000000002, 0x0) sendto$inet6(r1, &(0x7f0000000140)="db826840cfb7ece9286e0f51a8f2b7da04e3fbc1a2df01ffffff44b89c918ce7086ad5001cedecf9cd05688a6d7af625f091c431e19de5c84c8e83bebb22f4cd33d718bebc4541a217554e7321605468c9210600a79b2a745064a09e928df0c80f16cdd715e8b1e1233655ffd501deac21255182d13b0bbd9efa50837973024d9e7cf01df21eb697000000", 0x8b, 0x0, &(0x7f0000824fe4)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x3e, &(0x7f0000000100)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @random="73f956e05894", [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff11, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @local={0xfe, 0x80, [], 0xaa}, {[], @udp={0x0, 0x4e20, 0x8}}}}}}, &(0x7f0000000040)={0x0, 0x0, [0x0, 0x0, 0x4, 0x10000]}) 2018/04/01 00:14:18 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:18 executing program 2: r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x0) fstat(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, 0x0}) capget(&(0x7f00000003c0)={0x19980330, r2}, &(0x7f0000000440)={0x10001, 0x9, 0xfffffffffffffc00, 0x2, 0x1, 0x43}) r3 = getgid() lchown(&(0x7f0000000200)='./file0\x00', r1, r3) perf_event_open(&(0x7f000000a000)={0x6, 0xfffffecf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff}, 0x200000400, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x7a10, 0x800) setsockopt$inet_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000001c0)='tls\x00', 0x4) mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000144000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00007fc000)='nfs\x00', 0x0, &(0x7f000000a000)) sendmsg$IPVS_CMD_DEL_SERVICE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00'], 0x1}, 0x1, 0x0, 0x0, 0x24000040}, 0x800) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x4) r5 = open(&(0x7f0000002000)='./bus\x00', 0x80000000, 0x20) ioctl$KVM_GET_SUPPORTED_CPUID(r5, 0xc008ae05, &(0x7f0000000540)=""/204) preadv(r5, &(0x7f0000000000)=[{&(0x7f0000001140)=""/95, 0x5f}], 0x1, 0x0) lseek(r5, 0x0, 0x3) ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f00000004c0)={0x81, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, 0x4, 0x1, 0x5, 0x8, &(0x7f0000000480)='teql0\x00', 0x3, 0xc1de, 0x2}) r6 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r6, 0x0, 0x0, 0x4) fallocate(r5, 0x2, 0xffffffff7fffffff, 0x5) r7 = open(&(0x7f0000000080)='./bus\x00', 0x141042, 0x8) fallocate(r6, 0x1, 0x0, 0x4000003) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r7, &(0x7f00000000c0)={0xc}) sendfile(r7, r6, 0x0, 0xc08f) dup2(r0, r0) getpeername$llc(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) 2018/04/01 00:14:18 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) write(0xffffffffffffffff, &(0x7f0000000080)='-', 0x1) write(0xffffffffffffffff, &(0x7f0000001200)="f8", 0x1) sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x4) fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x3) [ 217.775564] FAULT_INJECTION: forcing a failure. [ 217.775564] name failslab, interval 1, probability 0, space 0, times 0 [ 217.779828] FAULT_INJECTION: forcing a failure. [ 217.779828] name failslab, interval 1, probability 0, space 0, times 0 [ 217.786917] CPU: 1 PID: 18454 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 217.786926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 217.786930] Call Trace: [ 217.786947] dump_stack+0x194/0x24d [ 217.786960] ? arch_local_irq_restore+0x53/0x53 [ 217.786975] ? kernel_text_address+0xd1/0xe0 [ 217.786984] ? __unwind_start+0x169/0x330 [ 217.787006] should_fail+0x8c0/0xa40 [ 217.787020] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 217.787035] ? save_stack+0xa3/0xd0 [ 217.787043] ? save_stack+0x43/0xd0 [ 217.850299] ? __kasan_slab_free+0x11a/0x170 [ 217.854695] ? kasan_slab_free+0xe/0x10 [ 217.858651] ? kmem_cache_free+0x83/0x2a0 [ 217.862780] ? putname+0xee/0x130 [ 217.866323] ? find_held_lock+0x35/0x1d0 [ 217.870380] ? check_same_owner+0x320/0x320 [ 217.874685] ? get_unused_fd_flags+0x190/0x190 [ 217.879249] ? may_open_dev+0xe0/0xe0 [ 217.883036] ? rcu_note_context_switch+0x710/0x710 [ 217.887962] should_failslab+0xec/0x120 [ 217.891921] kmem_cache_alloc+0x47/0x760 [ 217.895971] ? putname+0xee/0x130 [ 217.899406] ? rcu_read_lock_sched_held+0x108/0x120 [ 217.904408] getname_flags+0xcb/0x580 [ 217.908189] ? putname+0xf3/0x130 [ 217.911629] SyS_mknodat+0x17a/0x480 [ 217.915678] ? do_file_open_root+0x4d0/0x4d0 [ 217.920075] ? do_syscall_64+0xb7/0x940 [ 217.924035] ? do_file_open_root+0x4d0/0x4d0 [ 217.928429] do_syscall_64+0x281/0x940 [ 217.932301] ? vmalloc_sync_all+0x30/0x30 [ 217.936434] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 217.941978] ? syscall_return_slowpath+0x550/0x550 [ 217.946892] ? syscall_return_slowpath+0x2ac/0x550 [ 217.951812] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 217.957162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 217.962765] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 217.967937] RIP: 0033:0x454e79 [ 217.971112] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 217.978807] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 217.986062] RDX: 0000000000006000 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 217.993312] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 218.000562] R10: 00000000000007c7 R11: 0000000000000246 R12: 0000000000000000 [ 218.007817] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 218.015086] CPU: 0 PID: 18457 Comm: syz-executor3 Not tainted 4.16.0-rc7+ #9 [ 218.022274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.031625] Call Trace: [ 218.034219] dump_stack+0x194/0x24d [ 218.037846] ? arch_local_irq_restore+0x53/0x53 [ 218.042525] should_fail+0x8c0/0xa40 [ 218.046248] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 218.051345] ? unlock_page_memcg+0x2c/0x40 [ 218.055577] ? print_irqtrace_events+0x270/0x270 [ 218.060327] ? __lock_is_held+0xb6/0x140 [ 218.064391] ? lock_release+0xa40/0xa40 [ 218.068350] ? check_same_owner+0x320/0x320 [ 218.072654] ? rcu_note_context_switch+0x710/0x710 [ 218.077569] should_failslab+0xec/0x120 [ 218.081524] __kmalloc+0x63/0x760 [ 218.084957] ? lock_acquire+0x1d5/0x580 [ 218.088908] ? lock_acquire+0x1d5/0x580 [ 218.092864] ? start_this_handle+0x488/0x1080 [ 218.097341] ? ext4_find_extent+0x6ae/0x930 [ 218.101646] ext4_find_extent+0x6ae/0x930 [ 218.105781] ext4_ext_map_blocks+0x264/0x4410 [ 218.110266] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 218.115265] ? find_held_lock+0x35/0x1d0 [ 218.119311] ? trace_hardirqs_off+0x10/0x10 [ 218.123617] ? trace_hardirqs_off+0x10/0x10 [ 218.127924] ? lock_downgrade+0x980/0x980 [ 218.132052] ? lock_release+0xa40/0xa40 [ 218.136021] ? lock_acquire+0x1d5/0x580 [ 218.139978] ? lock_acquire+0x1d5/0x580 [ 218.143930] ? ext4_map_blocks+0xa8d/0x1830 [ 218.148236] ? lock_release+0xa40/0xa40 [ 218.152192] ? check_same_owner+0x320/0x320 [ 218.156591] ? ext4_es_cache_extent+0x600/0x600 [ 218.161255] ? rcu_note_context_switch+0x710/0x710 [ 218.166165] ? __might_sleep+0x95/0x190 [ 218.170123] ? down_read+0x96/0x150 [ 218.173728] ? ext4_map_blocks+0xa8d/0x1830 [ 218.178032] ? __down_interruptible+0x6b0/0x6b0 [ 218.182690] ? __might_sleep+0x95/0x190 [ 218.186653] ext4_map_blocks+0xd69/0x1830 [ 218.190785] ? __ext4_journal_start_sb+0x167/0x550 [ 218.195699] ? ext4_issue_zeroout+0x170/0x170 [ 218.200174] ? ext4_ext_index_trans_blocks+0xef/0x120 [ 218.205345] ? ext4_meta_trans_blocks+0x216/0x2d0 [ 218.210173] ext4_alloc_file_blocks+0x554/0xa40 [ 218.214826] ? lock_release+0xa40/0xa40 [ 218.218787] ? ext4_access_path+0x110/0x110 [ 218.223089] ? __might_sleep+0x95/0x190 [ 218.227044] ? inode_newsize_ok+0x188/0x280 [ 218.231345] ? down_write+0x87/0x120 [ 218.235038] ? setattr_copy+0x540/0x540 [ 218.238989] ? down_read+0x150/0x150 [ 218.242722] ext4_fallocate+0xc9d/0x1f90 [ 218.246781] ? __fget+0x36b/0x5b0 [ 218.250217] ? ext4_insert_range+0x1350/0x1350 [ 218.254779] ? iterate_fd+0x3f0/0x3f0 [ 218.258560] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 218.263380] ? trace_hardirqs_off+0x10/0x10 [ 218.267686] ? lock_acquire+0x1d5/0x580 [ 218.271638] ? lock_acquire+0x1d5/0x580 [ 218.275592] ? vfs_fallocate+0x515/0x6f0 [ 218.279633] ? __lock_is_held+0xb6/0x140 [ 218.283676] ? __lock_is_held+0xb6/0x140 [ 218.287724] ? rcu_read_lock_sched_held+0x108/0x120 [ 218.292719] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 218.297463] ? __sb_start_write+0x209/0x2a0 [ 218.301860] ? ext4_insert_range+0x1350/0x1350 [ 218.306430] vfs_fallocate+0x33c/0x6f0 [ 218.310304] SyS_fallocate+0x53/0x90 [ 218.313997] ? compat_SyS_ftruncate+0x30/0x30 [ 218.318479] do_syscall_64+0x281/0x940 [ 218.322344] ? vmalloc_sync_all+0x30/0x30 [ 218.326473] ? _raw_spin_unlock_irq+0x27/0x70 [ 218.330946] ? finish_task_switch+0x1c1/0x7e0 [ 218.335426] ? syscall_return_slowpath+0x550/0x550 [ 218.340336] ? syscall_return_slowpath+0x2ac/0x550 [ 218.345246] ? prepare_exit_to_usermode+0x350/0x350 [ 218.350242] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 218.355587] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 218.360414] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 218.365587] RIP: 0033:0x454e79 [ 218.368756] RSP: 002b:00007ff7dd5f7c68 EFLAGS: 00000246 ORIG_RAX: 000000000000011d 2018/04/01 00:14:18 executing program 4: mkdir(&(0x7f00000000c0)='./file0\x00', 0x1) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200, 0x0) connect$unix(r0, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e21}, 0x6e) [ 218.376446] RAX: ffffffffffffffda RBX: 00007ff7dd5f86d4 RCX: 0000000000454e79 [ 218.383694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 218.390943] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 218.398192] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000014 [ 218.405442] R13: 000000000000007d R14: 00000000006f2c58 R15: 0000000000000001 2018/04/01 00:14:19 executing program 7: socket$can_raw(0x1d, 0x3, 0x1) syz_open_dev$sg(&(0x7f0000000140)='/dev/sg#\x00', 0x9, 0x40000) r0 = socket$inet(0x2, 0x800, 0x2) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x200, 0x6, 0x9, 0x0}, &(0x7f0000000040)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0x80000001, 0x8, 0x8004, 0x8, 0x7fffffff, 0x6, 0x100000000, 0x97, r1}, &(0x7f00000000c0)=0x20) connect$inet(r0, &(0x7f0000d0aff0)={0x2, 0x0, @rand_addr}, 0xf) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000100)=0x10005, 0x4) 2018/04/01 00:14:19 executing program 6 (fault-call:0 fault-nth:4): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 218.503993] FAULT_INJECTION: forcing a failure. [ 218.503993] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 218.510542] FAT-fs (loop0): Directory bread(block 6) failed [ 218.515823] CPU: 1 PID: 18478 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 218.515831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.515838] Call Trace: [ 218.515856] dump_stack+0x194/0x24d [ 218.515870] ? arch_local_irq_restore+0x53/0x53 [ 218.515890] should_fail+0x8c0/0xa40 2018/04/01 00:14:19 executing program 1: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0xffff, 0x4) fallocate(r0, 0x0, 0x4b99, 0x5) r1 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0) fallocate(r0, 0x1, 0x4000000000000000, 0x4000003) ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60) ioctl$fiemap(r1, 0xc020660b, &(0x7f0000000080)=ANY=[@ANYBLOB="e6070006dfffffff7f00007543d1794ed6"]) [ 218.553302] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 218.558422] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 218.563619] ? lock_downgrade+0x980/0x980 [ 218.567774] ? lock_release+0xa40/0xa40 [ 218.571758] ? unwind_dump+0x4d0/0x4d0 [ 218.575657] ? rcutorture_record_progress+0x10/0x10 [ 218.580686] ? perf_trace_lock+0xd6/0x900 [ 218.584837] ? perf_trace_lock_acquire+0xe3/0x980 [ 218.589685] ? is_bpf_text_address+0xa4/0x120 [ 218.594184] ? kernel_text_address+0xd1/0xe0 [ 218.598597] ? trace_event_raw_event_lock+0x340/0x340 2018/04/01 00:14:19 executing program 4: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000040)={0x0, 0x3, 0x5, [0x5, 0x7fffffff, 0x8, 0x10001, 0x81]}, &(0x7f0000000080)=0x12) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f00000000c0)={r1, 0x2}, 0x8) inotify_init1(0x80000) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) [ 218.603789] ? perf_trace_lock+0x900/0x900 [ 218.608031] ? should_fail+0x23b/0xa40 [ 218.611934] __alloc_pages_nodemask+0x327/0xdd0 [ 218.616614] ? __alloc_pages_slowpath+0x2d10/0x2d10 [ 218.621719] ? kmem_cache_free+0x83/0x2a0 [ 218.625866] ? putname+0xee/0x130 [ 218.629327] ? find_held_lock+0x35/0x1d0 [ 218.633404] ? check_same_owner+0x320/0x320 [ 218.637725] ? get_unused_fd_flags+0x190/0x190 [ 218.642309] ? may_open_dev+0xe0/0xe0 [ 218.646118] cache_grow_begin+0x72/0x640 [ 218.650179] kmem_cache_alloc+0x400/0x760 [ 218.654332] ? putname+0xee/0x130 [ 218.654757] FAT-fs (loop0): Directory bread(block 7) failed [ 218.657782] getname_flags+0xcb/0x580 [ 218.657791] ? putname+0xf3/0x130 [ 218.657805] SyS_mknodat+0x17a/0x480 [ 218.657821] ? do_file_open_root+0x4d0/0x4d0 [ 218.657835] ? do_syscall_64+0xb7/0x940 [ 218.657846] ? do_file_open_root+0x4d0/0x4d0 [ 218.657856] do_syscall_64+0x281/0x940 [ 218.657867] ? vmalloc_sync_all+0x30/0x30 [ 218.657881] ? _raw_spin_unlock_irq+0x27/0x70 [ 218.699727] ? finish_task_switch+0x1c1/0x7e0 [ 218.704229] ? syscall_return_slowpath+0x550/0x550 [ 218.709160] ? syscall_return_slowpath+0x2ac/0x550 [ 218.714086] ? prepare_exit_to_usermode+0x350/0x350 [ 218.719093] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 218.724456] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 218.729289] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 218.734462] RIP: 0033:0x454e79 [ 218.737631] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 218.745323] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 2018/04/01 00:14:19 executing program 3 (fault-call:1 fault-nth:2): r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:19 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000280)=0x242, 0x4) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f000012afe4)={0xa, 0x4e22}, 0x1c) ioctl$sock_bt_cmtp_CMTPCONNADD(r0, 0x400443c8, &(0x7f00000002c0)={r0, 0x401}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000003c0)={0x0, 0x3, 0x100000001}, &(0x7f0000000400)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000180)={r2, 0x401}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000200)={0x9, 0x0, 0x800d, 0x401, 0x1, 0x0, 0xc494, 0x7}, &(0x7f0000000240)=0x20) listen(r0, 0x0) getsockname(r1, &(0x7f0000000340)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, &(0x7f00000001c0)=0x80) accept4$unix(r3, &(0x7f0000000440)=@abs, &(0x7f00000004c0)=0x6e, 0x80000) read(r1, &(0x7f0000000100)=""/17, 0x11) socket$bt_hidp(0x1f, 0x3, 0x6) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000500)=0x52d218f4, 0x4) bind(r1, &(0x7f0000000080)=@in={0x2, 0x4e20, @loopback=0x7f000001}, 0x80) getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) sendto$inet6(r0, &(0x7f0000eb9fff), 0xffffff31, 0x20000003, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) shutdown(r1, 0x0) socket$l2tp(0x18, 0x1, 0x1) [ 218.752574] RDX: 0000000000006000 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 218.759823] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 218.767083] R10: 00000000000007c7 R11: 0000000000000246 R12: 0000000000000000 [ 218.774332] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 218.784233] FAT-fs (loop0): Directory bread(block 8) failed 2018/04/01 00:14:19 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x823800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 218.805449] FAT-fs (loop0): Directory bread(block 9) failed [ 218.830462] FAULT_INJECTION: forcing a failure. [ 218.830462] name failslab, interval 1, probability 0, space 0, times 0 [ 218.842328] CPU: 1 PID: 18501 Comm: syz-executor3 Not tainted 4.16.0-rc7+ #9 [ 218.849529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 218.849682] FAT-fs (loop0): Directory bread(block 10) failed [ 218.858871] Call Trace: [ 218.867310] dump_stack+0x194/0x24d [ 218.870941] ? arch_local_irq_restore+0x53/0x53 [ 218.875611] ? print_irqtrace_events+0x270/0x270 [ 218.880367] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 218.885600] should_fail+0x8c0/0xa40 [ 218.889346] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 218.894455] ? find_held_lock+0x35/0x1d0 [ 218.898521] ? is_bpf_text_address+0x7b/0x120 [ 218.903028] ? lock_downgrade+0x980/0x980 [ 218.907175] ? lock_release+0xa40/0xa40 [ 218.911139] ? unwind_next_frame.part.6+0x1a6/0xb40 [ 218.916145] ? unwind_dump+0x4d0/0x4d0 [ 218.920028] ? rcutorture_record_progress+0x10/0x10 [ 218.925042] ? trace_hardirqs_off+0x10/0x10 [ 218.929347] ? is_bpf_text_address+0xa4/0x120 [ 218.933822] ? kernel_text_address+0xd1/0xe0 [ 218.938208] ? __unwind_start+0x169/0x330 [ 218.942342] should_failslab+0xec/0x120 [ 218.946301] kmem_cache_alloc+0x47/0x760 [ 218.950342] ? find_held_lock+0x35/0x1d0 [ 218.954384] ? __es_tree_search+0x181/0x1e0 [ 218.958692] __es_insert_extent+0x2a3/0x1050 [ 218.963084] ? ext4_es_free_extent+0x7e0/0x7e0 [ 218.967647] ? lock_release+0xa40/0xa40 [ 218.971604] ? __lock_is_held+0xb6/0x140 [ 218.975653] ext4_es_insert_extent+0x296/0x720 [ 218.980219] ? ext4_es_find_delayed_extent_range+0xae0/0xae0 [ 218.986015] ? rcu_read_lock_sched_held+0x108/0x120 [ 218.991032] ? __kmalloc+0x46e/0x760 [ 218.994729] ext4_ext_put_gap_in_cache+0x147/0x1b0 [ 218.999639] ? ext4_zeroout_es+0x150/0x150 [ 219.003860] ext4_ext_map_blocks+0x15d2/0x4410 [ 219.008435] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 219.013429] ? find_held_lock+0x35/0x1d0 [ 219.017475] ? trace_hardirqs_off+0x10/0x10 [ 219.021776] ? trace_hardirqs_off+0x10/0x10 [ 219.026079] ? lock_downgrade+0x980/0x980 [ 219.030212] ? lock_release+0xa40/0xa40 [ 219.034174] ? lock_acquire+0x1d5/0x580 [ 219.038145] ? lock_acquire+0x1d5/0x580 [ 219.042098] ? ext4_map_blocks+0xa8d/0x1830 [ 219.046403] ? lock_release+0xa40/0xa40 [ 219.050355] ? check_same_owner+0x320/0x320 [ 219.054657] ? ext4_es_cache_extent+0x600/0x600 [ 219.059306] ? rcu_note_context_switch+0x710/0x710 [ 219.064222] ? __might_sleep+0x95/0x190 [ 219.068181] ? down_read+0x96/0x150 [ 219.071810] ? ext4_map_blocks+0xa8d/0x1830 [ 219.076130] ? __down_interruptible+0x6b0/0x6b0 [ 219.080790] ? __might_sleep+0x95/0x190 [ 219.084797] ext4_map_blocks+0xd69/0x1830 [ 219.088925] ? __ext4_journal_start_sb+0x167/0x550 [ 219.093844] ? ext4_issue_zeroout+0x170/0x170 [ 219.098323] ? ext4_ext_index_trans_blocks+0xef/0x120 [ 219.103496] ? ext4_meta_trans_blocks+0x216/0x2d0 [ 219.108324] ext4_alloc_file_blocks+0x554/0xa40 [ 219.112974] ? lock_release+0xa40/0xa40 [ 219.116934] ? ext4_access_path+0x110/0x110 [ 219.121236] ? __might_sleep+0x95/0x190 [ 219.125194] ? inode_newsize_ok+0x188/0x280 [ 219.129494] ? down_write+0x87/0x120 [ 219.133186] ? setattr_copy+0x540/0x540 [ 219.137138] ? down_read+0x150/0x150 [ 219.140839] ext4_fallocate+0xc9d/0x1f90 [ 219.144885] ? __fget+0x36b/0x5b0 [ 219.148321] ? ext4_insert_range+0x1350/0x1350 [ 219.152892] ? iterate_fd+0x3f0/0x3f0 [ 219.156676] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 219.161502] ? trace_hardirqs_off+0x10/0x10 [ 219.165807] ? lock_acquire+0x1d5/0x580 [ 219.169759] ? lock_acquire+0x1d5/0x580 [ 219.173714] ? vfs_fallocate+0x515/0x6f0 [ 219.177756] ? __lock_is_held+0xb6/0x140 [ 219.181799] ? __lock_is_held+0xb6/0x140 [ 219.185848] ? rcu_read_lock_sched_held+0x108/0x120 [ 219.190847] ? rcu_sync_lockdep_assert+0x6d/0xb0 [ 219.195587] ? __sb_start_write+0x209/0x2a0 [ 219.199889] ? ext4_insert_range+0x1350/0x1350 [ 219.204454] vfs_fallocate+0x33c/0x6f0 [ 219.208336] SyS_fallocate+0x53/0x90 [ 219.212038] ? compat_SyS_ftruncate+0x30/0x30 [ 219.216520] do_syscall_64+0x281/0x940 [ 219.220387] ? vmalloc_sync_all+0x30/0x30 [ 219.224516] ? _raw_spin_unlock_irq+0x27/0x70 [ 219.228994] ? finish_task_switch+0x1c1/0x7e0 [ 219.233475] ? syscall_return_slowpath+0x550/0x550 [ 219.238387] ? syscall_return_slowpath+0x2ac/0x550 [ 219.243294] ? prepare_exit_to_usermode+0x350/0x350 [ 219.248291] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 219.253637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 219.258466] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 219.263639] RIP: 0033:0x454e79 [ 219.266806] RSP: 002b:00007ff7dd5f7c68 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 219.274494] RAX: ffffffffffffffda RBX: 00007ff7dd5f86d4 RCX: 0000000000454e79 [ 219.281743] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 219.288993] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 219.296247] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000014 2018/04/01 00:14:19 executing program 7: mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x401, 0x432, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) write$sndseq(r1, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) mount(&(0x7f0000000200)='./control/file0\x00', &(0x7f0000000240)='./control/file0\x00', &(0x7f0000000100)='ext4\x00', 0x5000, &(0x7f0000000180)) unlink(&(0x7f00000000c0)='./control/file0\x00') utime(&(0x7f0000000300)='./control/file0\x00', &(0x7f0000000340)) close(r0) syz_mount_image$minix(&(0x7f0000000040)='minix\x00', &(0x7f0000000080)='./control\x00', 0x5, 0x7, &(0x7f0000000680)=[{&(0x7f0000000140)="6f5990eb3c74048551e639b2a0095c21641550008a7e2ce8621b7037be213c03248638d141ea67a93d935c59d3cdc021abe5a096f576a5174db0a4daca9b86630a7c90f13f7ce22bcdd8c6c662fd4fcda41cb3da8e30f1a88d16b94adadebeecd69e0a668a3d5dcacfc38ce9ed0eb407a75821", 0x73, 0xfff}, {&(0x7f0000000380)="3fddac8872656a5d06dcfcb131ca6757f209abae72a8a15b86021be5c8637013fbd5a687369f4fab692c834078198592460b9dc9318026e7033a4d2bc90d675ba41a68ad3a89c19a175d1742c6cd63838106473066fb9f50fc24c9f648de32c63c7ade82df42452c2baba3bb1a39529aecf7080cb10eb448244c3760b676244845381b2f8567859d5230ba332aaa1939", 0x90, 0x2}, {&(0x7f0000000440)="57244aa77c67106580b406f2dd7cde5bd06c7db9df9e3aa9bd07d8920e85b68103e59fa3c53d7bdf17c1dba628df85cfd0fd9a1372305f12892a6ce37536e7bead269921ab5093b22bbbd83a56f307c30c2ccd54bc261b2ed838c8839f6fff0e82e1ac825aa55c9d504fc48e126691e7ea70e8d9d1e133e560c74b1fb3a6153b2d0c474fda0fada7245a1c8940ad4660", 0x90, 0xec}, {&(0x7f0000000500)="a1e3f0e8c1e9513605f09d7355145f67424e330b40df98ea580b597035f6a73474ca7c72e3b4cb25d569c6b86986714efe49e5b81d36909c1c09efb16f72d523b18d43228dd652c378cd665f1d7847d12084c6ace3e625f1e40d5afe3529ae1b98186847e01376549abf737b88535504f1f6763b07537665208271f86c59c999ca54a8e65cc812e31a58ab22e84d32b4148daf62c665", 0x96}, {&(0x7f00000001c0)="233f5f157714b612b30273f3fd93e2786ed8779c219aae7826e9a540", 0x1c, 0x5}, {&(0x7f0000000280)="a17aebdd5be29777571d140cb74c80a589369f10f6e9bfa3938646542397ea03e2f0f9aa23924f3411768880665e7fe82f", 0x31, 0x7}, {&(0x7f00000005c0)="16b191cc1f4cc33206dc866eebbc1ad90d5262149a3c04fc91f48150ebbecfa7aebff0406c7adbd120e323f32c3c41c04786f10b858cefb752a53bc5b4a828fb551a3583dc45c36a9b51d8a6f15391678fde31f8a30b0a9737d64637ad62e9a9c375a16ee1f9ea9f9592cc636690647615664cd8e747a72afe3716773d32d0f51b9d37eeb11d8abd4e20b98772fdbd6b6d4f15b51ca63befb437fb5f06ce87683c0a580f4603", 0xa6, 0x6}], 0x200027, 0x0) 2018/04/01 00:14:19 executing program 6 (fault-call:0 fault-nth:5): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:19 executing program 4: mkdir(&(0x7f00000001c0)='./file1\x00', 0xa1) socketpair$inet(0x2, 0x806, 0x2, &(0x7f0000000200)={0xffffffffffffffff}) getpeername(r0, &(0x7f0000000240)=@pptp={0x0, 0x0, {0x0, @loopback}}, &(0x7f00000002c0)=0x80) r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={0xffffffff, 0x8}, 0xc) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file1\x00', r1}, 0x10) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2001, 0x100) inotify_add_watch(r2, &(0x7f0000000040)='./file1\x00', 0xa00) fsetxattr(r2, &(0x7f0000000140)=@known='com.apple.FinderInfo\x00', &(0x7f0000000180)="65746830d4216d696d655f74797065657468306d696d655f747970652c70707031292627657468303a2a00", 0x2b, 0x2) [ 219.303498] R13: 000000000000007d R14: 00000000006f2c58 R15: 0000000000000002 [ 219.336619] FAT-fs (loop0): Directory bread(block 11) failed [ 219.346080] FAULT_INJECTION: forcing a failure. [ 219.346080] name failslab, interval 1, probability 0, space 0, times 0 [ 219.357448] CPU: 0 PID: 18516 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 219.360090] FAT-fs (loop0): Directory bread(block 12) failed [ 219.364631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 219.364637] Call Trace: [ 219.364656] dump_stack+0x194/0x24d [ 219.364672] ? arch_local_irq_restore+0x53/0x53 [ 219.364695] should_fail+0x8c0/0xa40 [ 219.376638] FAT-fs (loop0): Directory bread(block 13) failed [ 219.379878] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 219.379895] ? trace_event_raw_event_lock+0x340/0x340 [ 219.379909] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 219.379925] ? path_parentat+0x24/0x140 [ 219.379940] ? find_held_lock+0x35/0x1d0 [ 219.382888] FAT-fs (loop0): Directory bread(block 14) failed [ 219.386125] ? __lock_is_held+0xb6/0x140 [ 219.386149] ? check_same_owner+0x320/0x320 [ 219.386159] ? __d_lookup+0x4f4/0x830 [ 219.386175] ? rcu_note_context_switch+0x710/0x710 [ 219.386194] should_failslab+0xec/0x120 [ 219.399960] FAT-fs (loop0): Directory bread(block 15) failed [ 219.400368] kmem_cache_alloc+0x47/0x760 [ 219.400385] __d_alloc+0xc1/0xbd0 [ 219.463819] ? shrink_dcache_for_umount+0x290/0x290 [ 219.468827] ? d_alloc_parallel+0x1b40/0x1b40 [ 219.473741] ? lock_release+0xa40/0xa40 [ 219.477707] ? mark_held_locks+0xaf/0x100 [ 219.481840] ? d_lookup+0x133/0x2e0 [ 219.485451] ? d_lookup+0x1d5/0x2e0 [ 219.489065] ? rcu_note_context_switch+0x710/0x710 [ 219.493981] d_alloc+0x8e/0x340 [ 219.497239] ? __d_alloc+0xbd0/0xbd0 [ 219.500933] ? down_write_nested+0x8b/0x120 [ 219.505234] __lookup_hash+0x58/0x190 [ 219.509033] filename_create+0x1c7/0x520 [ 219.513084] ? kern_path_mountpoint+0x40/0x40 [ 219.517572] ? putname+0xee/0x130 [ 219.521023] ? getname_flags+0x256/0x580 [ 219.525076] ? putname+0xf3/0x130 [ 219.528518] SyS_mknodat+0x18d/0x480 [ 219.532217] ? do_file_open_root+0x4d0/0x4d0 [ 219.536605] ? do_syscall_64+0xb7/0x940 [ 219.540568] ? do_file_open_root+0x4d0/0x4d0 [ 219.544955] do_syscall_64+0x281/0x940 [ 219.548820] ? vmalloc_sync_all+0x30/0x30 [ 219.552950] ? _raw_spin_unlock_irq+0x27/0x70 [ 219.557523] ? finish_task_switch+0x1c1/0x7e0 [ 219.562024] ? syscall_return_slowpath+0x550/0x550 [ 219.566950] ? syscall_return_slowpath+0x2ac/0x550 [ 219.571866] ? prepare_exit_to_usermode+0x350/0x350 [ 219.576873] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 219.582238] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 219.587079] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 219.592259] RIP: 0033:0x454e79 [ 219.595432] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 219.603119] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 219.610367] RDX: 0000000000006000 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 219.617629] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 219.624885] R10: 00000000000007c7 R11: 0000000000000246 R12: 0000000000000000 2018/04/01 00:14:19 executing program 2: r0 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f00002d2000)="4411091a0000000000ffff7b0010000013", 0x11) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000080)=""/15, &(0x7f0000000000)=0xa) 2018/04/01 00:14:19 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x40) pwritev(r0, &(0x7f0000000200)=[{&(0x7f0000000080)="a6b24147db8f22b02159021ede4218bf0f46a542c0bdf5956d38e9e6d6b34cce3f1c6c3757f930e04a6378e9ed6f4fecf72d5cc3ccd3ff001299ad394b7ffc1361a88e596d23c5d32b52a5e0a13b542ac700b97551eea697957bb2d1547fd718acea2aeca09c9255ebdc5484ad7d93b0ad340be11009470115d46b70439c08bbeabd8709b6535c7bf20b376a0363cfcd18ef7df88c688ed986c103", 0x9b}, {&(0x7f0000000140)="e94b493568f2c2b5b7f82b2fef1ed8ca8676f2db17697ff24970e365d21332f19bd1d284e1ceb2a2569dcca0a9d15bd26c286ac971c0800c2cd2161803b82c290c45d3fc40eb339b4e687120538cac8cacc8b10b8971015a0c08317d0b401388591b9480b626a9519e51a8e1468795263382be9d57a1bb760b031b0702b197118649012765131fac1787e5a04988f9c1581c8d9df609463c3bf5f2832ae19c2fdfb4088888ba43cc36bdc91c0086a70650e78680dc9fb4", 0xb7}, {&(0x7f0000000300)="cbf793c9376e2c2fbe136f08a2d1cb9f62c7f7ea4e4f074b693fa2ce7e43933cc606a54f7c10163a6e5cc0c402e3f7f9bb28beb4d1bce345eac9e27a4bcea833437a6d11c1ce03749d6a9e02b33923b40c3039e5713fa45731ba7c96995d94ecc5afb97b2a75a371dc6bcc21fcb81dfee9009eaf641b1458629e1af7ba396dc44b690077c29017eca3a5813d5ae9ef1a7d7b09cf66c559fe06d49c685e4c54936d189557a991828d8b75d230daf3d3961819ad5d8748e8ebc9bd8672b14ea2af86c0b36207d9cf73cb74e520d0b653de2c63b97df9b733667e3f7574001b9cb4a175e40b297751e4a84894b7e9aca31e8c248605fe681fb84f772057a27368", 0xff}, {&(0x7f0000000400)="3c9667c3360cf5ec8d38c2237a446dafed5095e716b045efce59144a638ec135d000e1d024035319a95c0e06d63cc41c11691e396a80662665891d88ceb6f6f9cec16ced1c3be0594c7170d4b9f16e076fcc12f16209579f656b57780527c94ca2abecb6c5bf7c70dda4a6823af92641b08b0dffd7f337228aa0d8030dc16400ffd40a1fa8b81d144d5ca201718cca403d7537e2c6f3e6babc94fe35e7527ef4033c0ca01eaea4483b3d8e2b13034dbe9d08b3307417f87f678c3cafcd3d437a7debc09078e4babd4d9f552553a5407c266a85bdda45f8dd94e5a5a1dde225f5446772a923c4793a7a7f60a79c6a0525c1c971b8b5241a95b3d205b844b9ab500930c61987c13b4cd02d4601f412badf42821efcea6a8eb389e5da7d99864788b7ef022df99cfa4717346d34f77b15a6d51a89da927c20e0b79f6555421131b6a03c4bba6849346eafed4360540474c016ce4813f46d2366d92810241fb8bc659b3804811d92c86a0e6d0e2843a58a91448cfa3bbd1129bb13ac23e91676c02ce700081e16116193e24fa2bcfa067c8cbfb3a6c703eda3e6f6c8a770a9a4d044ad4f3606e53a915158be4837599c5eae2ee9ae4c4576e05fc4d2d6ecc000c8fc78193229d3e6f4644c8988f4cccc2643192d50dca4d14658d745598e9218f0aa7c9e2d16d5c7e99d5fd1408f91f860a0fe14cd370321ca4dd6e3deacfc30d71eba1873023a43b08f68e3adf98cdad1c4fd66b70f02728bf8d343df95a3a4987b92a48af7cc5d350398aab690d178b2ab4234e9ba605f1a39bc8b3488d0ab1c8b8be143002b772469756e8812f9619d563ca63ab4da2099ab8f0790b7c98a65b0567e917e20e959b19f9c4b8a688c68a9b6301f1a32638297c423b871b705da5a92255d1e3f112bd21722b2fa26da93d2960539729e7c38c71cffd77073f0004b4e2ba1c302e346ef57669d606117ac3f10c040990f3dd9f6bdb0364d5f23e8005a1a9f740bc1e7be046b5511e6e64179888618091c0a087f05258c96b630cc2518244cf895c1e593b47946ca1b5c582e1fb480f309bc81a6325e0727e10fed64dc0bb4ece6a769068a650ff1af49ee75266e49e81a33c3171ca4927a36cf554fb0bdf62ff3bc30d9972868333ae420bfe61862643dc43bc9e93e4b9373f66df612b4de0d7eda9a95b91d33d1f2d6d1de55fc99f924450cd83b7b27cdcba4b2a68603bfc275156d69d9d60885c98469a733757b7ce8af9de396791ae511b0152099b85e19b62caa99cb3157b0eccdabb0741bffef9b5ff2e2717c77f50b5890330ee2c0a2bcd3ebe8b460602c75e7b01719963f9631254a2017678bbc191d7d477715415e2cd8a8e864cbd87af2e9b52c8d54565d85347cfa6a27556c88a613297990a42e1b7d9deacfa7e2879c33bd8bd9bfeb4fe638a7db5c5ce9f06feba0067d56ba652e9b0eda647a9661c33fbd1c4d8a57f962c6072ed86151d0f17846678e58981cce0f9810a1a4995f465d136e7c009a9b003a15081ff1b6fa4b2b8e9d5d132e382c26619b9b2acddc8cd3976c0ae0ebe12e4827707997c92f01caf48cf7c9ffd33dd4d575bbe974b3a79d69af0d3d13c135010d40acb86cac2961fffc4bbd6d47d91eb2358d4c0aeb5dc35c57548272bf78d166672500ba285b08593791b81c2b66c0c86751fa8e7057a9aecdd949969ac2557e7af045172ab7db980796ab155f7f8ad6e9bc63f2f34981c73378972f74c2ae6f6d0c1d3c8f7fcd444852eb73956eb007941c1d217b461b79a92eb30343ab5444baeaa61855789d7e0cb77b82ed332c28fe41f9bd4b081c2ab1c6bef0caa30892cb8a9bc8f684ac401736ecfe62bb49840b9a2e7237b633f1cfeda762b426d68f9d352d3b4f8f13822b92c8f92f5ce6ceca8165bbd157a459ad51dd0738f4adcc94faa251aeec7a377377bfccd289984eb1d589897979f03f1afa40b11a0600ecf1194e64ab83fdec196d046d077e66dba56815eca6904921e515ae22aa0c15e89c74d9e07de1cbba6e0c338ff09913661f8458d1acff2ce7ae342ab14170739804e379c75a15095035d1990c0caf2fbf5851f9cae0ae2182cc7d1127fd0f1d6e6d63d64804a45fa260ecd6b0e6a06c483b9f64cd295d2b7db86451db0ef46193791194122dd3d74f888bee55c016963df91b4bd38e3d29b597a3f611b4137d4d4066cdb6d6688563a2c6081d1ca24cf0f6966315bbe03ad9ce6b8d4a84973744ee33ef9afbdec95d6b6092d67e32c4c15e4518b5d8824d9e5cea7d18df6804c12a266b562bbdf7aad7030c4335d30288310e900415eea99685feceb82f9890c7271227597af2c057ce73935c7f299e108d96b2adab08966b681a07a06e41936efa961e0f38d11ee67ff944e64ed16eb183c642b66c507837c54ff815be38c084e0b64e88d276f3b8de7734feee1546e954ee572d6ff87eb95e73e55b410dbd6f6c10bda5f442ad1ece89ea59011cc152fbb96dc2a6c700b6f6e35e9529b707d36d3b598c2832b6630f70807c42cfbdc9e474a00569d782a529d12189181595112d3f32758a69d6304b43b856913fea670aa459c0ff5830b8dc3af67cdfcb12b9fd13d3f3958824822bbadf22b9349ecc600b546be11657738c1e64d681d2777fac055e6d2d75005955d86d6b4c0c90030323e3b65e47e7a97195f3d6e73d66ce13ccd78688c22fc1cd72fd3174791c9c6156855e0faee38f4476d6478356b93c46bbd1013dbe8bc1fe311336fc54105ef06052f067dc2bcc385c007cdbfc9e02ab2618f1a2e788ecae841cca9e5787715a693fc801c2b60eb31e294e05ef023702a25202b06ce4972662e1ecd9a7e862d881fd64363e6493337dab946617045ec7d49aeba371816fc32a734f2e3c1e2658c60d068b551964973a22c1edb568c1ac5e3cfa1a7327b877c3dd2d3847d5ed62260a1323aceca2ad5d6ab665aead57cae1ec5d655efa91a5b3eadc1d4c144d5861e0fc50c006dce67c95ee171ac817ddf51e823fb966dffe7b7324ed1810719af7d8edaa562b97fd4ce9227ec95ad16ad0daba1fe4ab8a707ab21078332e5c6576e29266c39bfd2d5abc81c9abbd0bcf51f0803cd90c4ff0d74c5479481717815e70a9848a5de7ac7b4af29f01163a855bb67dae5e8702d044a03550dd84cf113b2a2de04c7d0eeb7c3d4c632f1eae8481c2babac21a8581467ba878a4ff8fcdb54ffd0a46d84db22e02502e6d16e3f9f79135365525e38c7763f966d4c88724098a063c1ca946bebb3f3288efc0ffdca64ee07d7f0ef7dccb3911d7339fbdaf038babf2982c852c5c1e1f3bf6b741fe20ccfe56d1cabb2b98b76cd22701a81138a393256515f1750349149424208188b2ed092f0623164d67f9d7bdd4e3ac8b7dfa8859c25e8fb120048b3a82293db0cc6d6357818777dab5a27b6169316475c491d912509d87c466f692dc8aec2b703869781b8b46c6b70c7d75b668781e1724bcd297944c986d54adce27f0c7c41de0cc9e1f84e4b3bf1ae796ff2f04195e691215c49608f998c41a8872b6ac979ce8c2b3ef0f0d4a80e8aeb1c580cb80040adfd2699e515ffb588efeff31e0464a9eb78cbc9608d67fc565ffa53ecc06434be7f81161225d408cf43ef504d773ae3cfa2deec40957cadb85de890f611a681c6e50a2348dc215051a3e00d96ba15f02063c18d73052e80d49f8c7245990c2fb84033dba64fd38d72c1e83d685c87dab234705a6d5d91be9537851b34a784795b8795f486bbb506f29e78d2696900bc77814fb817ad5538f4d3cd30f708c64bbe0910f432335d5456b08290ec1fb456221f6380de1423baf4214def0d7458c5135b93821672d434dfa94907e7f551336a7fc8bfd734b13e1789ae6376162bcf5cd77f44a1ce100a93c656059016eea382331f96f2078734bd493bba113110d7f7a29768b0d3aa43d69775d838b9bd1f58a1bab75ed413648ac0846174962a5bb473b171a7db552cab80400bb795161f9c896579964f2a2e0c1451c7ad4e8afd86ada796bd3f4d40827e80da8bee59b2ad72912bdb90f0890ae92e300693857af001183f125e281eb5e7766dd0752875331ba59629df0759bd093f34b5ea9d207b25f64aeed94945b1bdb6712b2271e967535f96d3f47868980011a2ce3469496736bad2807a73171ae89328b506eac31ba3662d9ff4ecd8cb13e2f2bb6d234e9f5475c4efe564584c3d738fe7260f77a5b64bf5c37b4943c24b869742b0bd20dbf00bee98d256b176db21d1075122f295924f87cc1f797a2249dcf91be76327b12368196f7e4de69deb11ea8cd844977f795b4bd51c54721b220dfd5a1a3c08ec821aff80e5b95e416d3f90edb6642715967c0fccd3dd03961b73405d4d8ba730f8d2c5f92fdb6bd6834fcc81271d1728c59ea86b553dc82b9ed68d929c3ef7bfd40c7641cb467978fadc4c346b4d70f3cbda78cc7a5a8e6eb03b632e44a9e6f4c431c7bc0de7c6adac697cabe0de6cd35a0246d06b86f1a39a5ebc82c1a448de61869872f554da0c880da86ce43489ad28c43de7bf0b57a6a76ad8c1b136a3134f7f1c6d73726faab3414b4f4337e5730fbee32271a3f99fc148a8376baf6b0f4baad2a178824bd23b2dfff0436d34a22bb8139bfe0b4b95440c18d9dd9cd0fba68681bb1963c02aa4eac908d04d854724b4363d83294217ebca2f6ed5ad67f3030b71cea951242b6439e5f2ab5da678b531f2343213c0e7ffd0a5a70975c0fe84eb1dcddcee70d9fc1113574be11dda508fd4dd805498b5024d610d920f14c9b03e4f7c15a9046fa1670f475fbb97a97a8b6b4a653fc149fd6c40d26eb701f4b53d72541196f60eaecbe308345446705a3dc806d62bf3eaff6416cb36de550a8ae0bf761dbc09702474ea9aec8451bb6f9d6239738e6fb33ab8044be26f248ac567d68c1fcdb13f2d054b4dea3669beb8d5a8fb74cd3f68d9e80735ec63b30b794aadbc6bb755b7463263cab95506ce6ed27ed729e12a4be3edec24598cd47b5d0e389e0f152634287cc12fc4a0a88461c41676a7e23ee40da796262c1edce9ccf9942ba1eb657f8b6ba1457e5d431e4f08defd17ed137fa1fb7c96bfdc39968493dad49ae39a9c09c0e7f6d9fc0b534e1ca73d374700cab6e53cfaba73a2414279ef431b66f273c6fcca3942397e8e250c036bc097c4366d9eb12983589819c47a1c4103b3713e798e49f73685cca860b50a5631252d1181ef293083db953f431036f7e241f2872abbf53dd85df72aa9235c14b3e5d7a846b20776d9e44425b7e5df2d8fecf76a9f76fc7f996352f0554e2450e69e2c716a90238ff7d12b3df07081a6d34b6adbd25683e80449470d0db01b19435d6af015f2c5356ef2237854f745742bf3fda2599c4ad068e33a0d4f9ae5e79956cbcd9ef13e825677b3f7f37e3189f9078ce23558f6d96e0191eca8a01c15cf9b7b36c833931ce4d95c9eb911ba477f53cf5e9d91fbc003f48e554ea83fc8dfd678dea822aab593bae7b1d9cfc7b0a10771b5a57fee1d384fcac6f578a7726c5d8ede3de65bafd6aa3c719996daacbcf4b3387053816c7729d15d5bb6ae4e54c4ab710f2f35537d078451837e72e734a20f2932a5366521a1b5f5cf17edb74c7af704c49bc9973cfd17b758f8af71cdb845890f46095722619dbeb12330346d4136f4c6e0495b269b58183dd79245f7ecacdb4d5d9857e43e41756bb88767c2c7266a4fe911cac66943c1fdcd3638c54ccd8f64f09db1c9c0bd9305b730b8f29bb", 0x1000}], 0x4, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = add_key$keyring(&(0x7f0000001540)='keyring\x00', &(0x7f0000001580)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffa) add_key$keyring(&(0x7f00000014c0)='keyring\x00', &(0x7f0000001500)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r2) r3 = dup2(r0, r1) sendmsg$nl_route(r3, &(0x7f0000001440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40020110}, 0xc, &(0x7f0000001400)={&(0x7f0000000280)=@ipv4_getnetconf={0x24, 0x52, 0x200, 0x70bd2d, 0x25dfdbfe, {0x2}, [@NETCONFA_RP_FILTER={0x8, 0x3, 0x6c9ee98e}, @NETCONFA_RP_FILTER={0x8, 0x3, 0x80000000}]}, 0x24}, 0x1, 0x0, 0x0, 0x4040004}, 0x0) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'bond0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="17"]}) openat$hwrng(0xffffffffffffff9c, &(0x7f0000001480)='/dev/hwrng\x00', 0x101000, 0x0) [ 219.632141] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:20 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x7, 0x40) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='cgroup.events\x00', 0x0, 0x0) openat(r1, &(0x7f0000000080)='./file0\x00', 0x10800, 0xc) r3 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_udp_int(r3, 0x11, 0x40000000065, &(0x7f0000000000), &(0x7f0000012000)=0x4a) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r2, 0x6, 0x16, &(0x7f00000000c0)=[{0x8}, {0xf, 0x80000000}, {0x7, 0x9}, {0xa, 0x9}, {0x7, 0x3f}], 0x5) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_ZEROPAGE(r0, 0x8010aa02, &(0x7f0000908ff0)={&(0x7f0000011000/0x3000)=nil, 0x3000}) 2018/04/01 00:14:20 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) ioctl$sock_ifreq(r0, 0x8938, &(0x7f0000000080)={'syzkaller1\x00', @ifru_settings={0xffff, 0x7, @cisco=&(0x7f0000000040)={0x200, 0x5}}}) connect$inet(r0, &(0x7f0000301000)={0x2, 0x0, @rand_addr=0x80000001}, 0x10) shutdown(r0, 0x1) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000000c0)) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000280)=0xc) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f000062fff8)={r1, 0x2000040001}, 0x7) r2 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x3a2, 0x0) sendto$ipx(r2, &(0x7f0000000300)="fe0f333b8cd382dd36b24fe2eca669e2c23797d949592a069a9b54e51163526fa18cd83ecf549e1ea1eacf514417c6767960de67578d4d4b0a5fa0656af56cd7190928dc34d89770d93e1cc0078e66a36f9d3fe26fd5f333cf1b20452bd5e24932c842e2adb425fafd5382568b43e616d4e9563ecb2b6ac1", 0x78, 0x1, &(0x7f0000000380)={0x4, 0x9, 0x0, "ecfa5a9c3a99", 0x800}, 0x10) accept4$alg(r2, 0x0, 0x0, 0x800) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000000200)={0x7, 0xffffffff}) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x4800, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, &(0x7f0000000140)=""/96) sendto(r0, &(0x7f0000000000)=':', 0x1, 0x0, 0x0, 0x0) shutdown(r0, 0x1) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r3, 0x111, 0x4, 0x1, 0x4) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x101, 0x0) 2018/04/01 00:14:20 executing program 0: r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:20 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:20 executing program 6 (fault-call:0 fault-nth:6): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 219.807784] FAULT_INJECTION: forcing a failure. [ 219.807784] name failslab, interval 1, probability 0, space 0, times 0 [ 219.819278] CPU: 1 PID: 18546 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 219.826470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 219.835827] Call Trace: [ 219.838421] dump_stack+0x194/0x24d [ 219.842057] ? arch_local_irq_restore+0x53/0x53 [ 219.846735] should_fail+0x8c0/0xa40 [ 219.850462] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 219.855576] ? print_irqtrace_events+0x270/0x270 [ 219.860341] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 219.865534] ? trace_hardirqs_off+0x10/0x10 [ 219.869850] ? __perf_event_task_sched_in+0x200/0xc20 [ 219.875033] ? perf_event_sync_stat+0x5b0/0x5b0 [ 219.879697] ? __lock_is_held+0xb6/0x140 [ 219.883739] ? mld_ifc_timer_expire+0x5b0/0x770 [ 219.888407] ? check_same_owner+0x320/0x320 [ 219.892722] ? rcu_note_context_switch+0x710/0x710 [ 219.897639] should_failslab+0xec/0x120 [ 219.901601] kmem_cache_alloc+0x47/0x760 [ 219.905660] ? __lock_acquire+0x664/0x3e00 [ 219.909901] ext4_alloc_inode+0xc1/0x7e0 [ 219.913959] ? ext4_drop_inode+0x390/0x390 [ 219.918178] ? find_held_lock+0x35/0x1d0 [ 219.922237] ? get_cached_acl+0x295/0x3b0 [ 219.926381] ? lock_downgrade+0x980/0x980 [ 219.930520] ? lock_release+0xa40/0xa40 [ 219.934479] ? __lock_is_held+0xb6/0x140 [ 219.938556] ? trace_hardirqs_off+0x10/0x10 [ 219.942871] ? ext4_drop_inode+0x390/0x390 [ 219.947098] alloc_inode+0x65/0x180 [ 219.950710] new_inode_pseudo+0x69/0x190 [ 219.954753] ? prune_icache_sb+0x1a0/0x1a0 [ 219.958970] new_inode+0x1c/0x40 [ 219.962319] __ext4_new_inode+0x3a0/0x4e80 [ 219.966556] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 219.971724] ? rcutorture_record_progress+0x10/0x10 [ 219.976723] ? is_bpf_text_address+0xa4/0x120 [ 219.981200] ? kernel_text_address+0xd1/0xe0 [ 219.985597] ? ext4_free_inode+0x1740/0x1740 [ 219.989996] ? trace_hardirqs_off+0x10/0x10 [ 219.994311] ? save_stack+0xa3/0xd0 [ 219.997923] ? save_stack+0x43/0xd0 [ 220.001534] ? __kasan_slab_free+0x11a/0x170 [ 220.005929] ? kasan_slab_free+0xe/0x10 [ 220.009887] ? kmem_cache_free+0x83/0x2a0 [ 220.014021] ? trace_hardirqs_off+0x10/0x10 [ 220.018338] ? __cgroup_bpf_check_dev_permission+0x4b8/0x7e0 [ 220.024135] ? lock_downgrade+0x980/0x980 [ 220.028280] ? print_irqtrace_events+0x270/0x270 [ 220.033031] ? find_held_lock+0x35/0x1d0 [ 220.037090] ? __dquot_initialize+0x2d2/0xb70 [ 220.041586] ? dquot_get_next_dqblk+0x160/0x160 [ 220.046250] ? match_exception+0x360/0x360 [ 220.050484] ? __lock_is_held+0xb6/0x140 [ 220.054545] ext4_mknod+0x239/0x570 [ 220.058514] ? ext4_add_nondir+0x90/0x90 [ 220.062563] ? security_inode_mknod+0xd9/0x110 [ 220.067135] vfs_mknod+0x34f/0x6a0 [ 220.070659] SyS_mknodat+0x2bc/0x480 [ 220.074358] ? do_file_open_root+0x4d0/0x4d0 [ 220.078753] ? do_syscall_64+0xb7/0x940 [ 220.082707] ? do_file_open_root+0x4d0/0x4d0 [ 220.087095] do_syscall_64+0x281/0x940 [ 220.090966] ? vmalloc_sync_all+0x30/0x30 [ 220.095101] ? _raw_spin_unlock_irq+0x27/0x70 [ 220.099580] ? finish_task_switch+0x1c1/0x7e0 [ 220.104072] ? syscall_return_slowpath+0x550/0x550 [ 220.108982] ? syscall_return_slowpath+0x2ac/0x550 [ 220.113893] ? prepare_exit_to_usermode+0x350/0x350 [ 220.118897] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 220.124240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 220.129073] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 220.134243] RIP: 0033:0x454e79 [ 220.137411] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 220.145097] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 220.152356] RDX: 0000000000006000 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 220.159604] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 220.166857] R10: 00000000000007c7 R11: 0000000000000246 R12: 0000000000000000 [ 220.174113] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:21 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) unlink(&(0x7f0000000000)='./file0\x00') 2018/04/01 00:14:21 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:21 executing program 3: r0 = accept$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs, &(0x7f00000000c0)=0x6e) fcntl$getown(r0, 0x9) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) 2018/04/01 00:14:21 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x2, 0x0) setsockopt$sock_timeval(r1, 0x1, 0x0, &(0x7f0000000080), 0x10) sendmsg$nl_route(r1, &(0x7f00008f4000)={&(0x7f000076fff4)={0x10}, 0xc, &(0x7f000009b000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001900210500000000000040001c00001f000000000000000004000100"], 0x20}, 0x1}, 0x0) getsockopt$sock_buf(r1, 0x1, 0x3f, &(0x7f0000000200)=""/213, &(0x7f0000000100)=0xd5) r2 = gettid() r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KVM_PPC_ALLOCATE_HTAB(r3, 0xc004aea7, &(0x7f00000000c0)=0x1b1) fcntl$setown(r0, 0x8, r2) 2018/04/01 00:14:21 executing program 6 (fault-call:0 fault-nth:7): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:21 executing program 1: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={"62726964c19330000000008000", 0x0}) connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d, r1}, 0x10) 2018/04/01 00:14:21 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000000)='cpuset.cpus\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000040)={[0x3a, 0x0]}, 0x2) accept4$ipx(0xffffffffffffffff, &(0x7f00000001c0), &(0x7f0000000200)=0x10, 0x80800) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x83, 0x0) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x500, 0x0) ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000140)={0x3, r3}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, 0x3000}) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/qat_adf_ctl\x00', 0x20000, 0x0) [ 220.693357] FAULT_INJECTION: forcing a failure. [ 220.693357] name failslab, interval 1, probability 0, space 0, times 0 [ 220.704812] CPU: 1 PID: 18574 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 220.712001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 220.721356] Call Trace: [ 220.723950] dump_stack+0x194/0x24d [ 220.727586] ? arch_local_irq_restore+0x53/0x53 [ 220.732260] ? __lock_is_held+0xb6/0x140 [ 220.736335] should_fail+0x8c0/0xa40 2018/04/01 00:14:21 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x10) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000000c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) 2018/04/01 00:14:21 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 220.740061] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 220.745169] ? rcu_note_context_switch+0x710/0x710 [ 220.750100] ? lock_release+0xa40/0xa40 [ 220.754084] ? __might_sleep+0x95/0x190 [ 220.758062] ? _cond_resched+0x14/0x30 [ 220.761965] ? __getblk_gfp+0xfc/0xb80 [ 220.765864] ? __lock_is_held+0xb6/0x140 [ 220.770047] ? check_same_owner+0x320/0x320 [ 220.774370] ? trace_hardirqs_off+0x10/0x10 [ 220.778699] ? rcu_note_context_switch+0x710/0x710 [ 220.783636] ? __raw_spin_lock_init+0x1c/0x100 [ 220.788240] should_failslab+0xec/0x120 [ 220.792223] kmem_cache_alloc+0x47/0x760 [ 220.796290] ? __lock_is_held+0xb6/0x140 [ 220.800360] ? ext4_get_group_desc+0x1bd/0x2b0 [ 220.804966] jbd2__journal_start+0x1d3/0x9f0 [ 220.809404] ? jbd2_write_access_granted.part.9+0x3a0/0x3a0 [ 220.815130] ? rcu_note_context_switch+0x710/0x710 [ 220.820077] ? __lock_is_held+0xb6/0x140 [ 220.821551] QAT: Invalid ioctl [ 220.824143] ? __might_sleep+0x95/0x190 [ 220.824158] ? _cond_resched+0x14/0x30 [ 220.824178] __ext4_journal_start_sb+0x15f/0x550 [ 220.824190] ? fuse_iget+0x468/0x6d0 2018/04/01 00:14:21 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200, 0x2) ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f00000000c0)) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000040)={0x0, 0x5}, &(0x7f0000000080)=0x8) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={r1, 0xff}, 0x8) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:21 executing program 3: r0 = open(&(0x7f0000000100)='./bus\x00', 0x20000, 0x0) fallocate(r0, 0x0, 0x0, 0x4) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 220.824198] ? __ext4_new_inode+0x1bae/0x4e80 [ 220.824209] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 220.824218] ? find_next_zero_bit+0xe3/0x110 [ 220.824238] __ext4_new_inode+0x1bae/0x4e80 [ 220.824249] ? rcutorture_record_progress+0x10/0x10 [ 220.824269] ? ext4_free_inode+0x1740/0x1740 [ 220.835659] netlink: 'syz-executor7': attribute type 1 has an invalid length. [ 220.840054] ? perf_trace_lock+0xd6/0x900 [ 220.840064] ? trace_hardirqs_off+0x10/0x10 [ 220.840078] ? trace_event_raw_event_lock+0x340/0x340 [ 220.840091] ? save_stack+0x43/0xd0 [ 220.840100] ? __kasan_slab_free+0x11a/0x170 [ 220.840108] ? kasan_slab_free+0xe/0x10 [ 220.840116] ? kmem_cache_free+0x83/0x2a0 [ 220.840127] ? trace_hardirqs_off+0x10/0x10 [ 220.840143] ? __cgroup_bpf_check_dev_permission+0x4b8/0x7e0 [ 220.840155] ? lock_downgrade+0x980/0x980 [ 220.915899] QAT: Invalid ioctl [ 220.919361] ? print_irqtrace_events+0x270/0x270 [ 220.919375] ? find_held_lock+0x35/0x1d0 [ 220.919386] ? __dquot_initialize+0x2d2/0xb70 2018/04/01 00:14:21 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) connect$netrom(r0, &(0x7f0000000100)=@full={{0x3, {"f3d0ec088abd73"}, 0x8}, [{"a47f5db9e166e0"}, {"6bdd95ac9a3acf"}, {"1d9959d3accb3b"}, {"74655cafae508e"}, {"17f932965ee107"}, {"d32963cfa62a59"}, {"328b1a4e596bf9"}, {"0750045b4e0e96"}]}, 0x48) fallocate(r0, 0x0, 0x0, 0x4) [ 220.919401] ? dquot_get_next_dqblk+0x160/0x160 [ 220.919415] ? match_exception+0x360/0x360 [ 220.919426] ? __lock_is_held+0xb6/0x140 [ 220.919441] ext4_mknod+0x239/0x570 [ 220.919457] ? ext4_add_nondir+0x90/0x90 [ 220.919470] ? security_inode_mknod+0xd9/0x110 [ 220.919481] vfs_mknod+0x34f/0x6a0 [ 220.919494] SyS_mknodat+0x2bc/0x480 [ 220.919510] ? do_file_open_root+0x4d0/0x4d0 [ 220.924466] netlink: 'syz-executor7': attribute type 1 has an invalid length. [ 220.926841] ? do_syscall_64+0xb7/0x940 [ 220.926855] ? do_file_open_root+0x4d0/0x4d0 [ 220.926867] do_syscall_64+0x281/0x940 [ 220.926879] ? vmalloc_sync_all+0x30/0x30 [ 220.926891] ? _raw_spin_unlock_irq+0x27/0x70 [ 220.926903] ? finish_task_switch+0x1c1/0x7e0 [ 220.926914] ? syscall_return_slowpath+0x550/0x550 [ 220.926924] ? syscall_return_slowpath+0x2ac/0x550 [ 220.926934] ? prepare_exit_to_usermode+0x350/0x350 [ 220.926945] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 220.926957] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 220.926972] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 220.926980] RIP: 0033:0x454e79 2018/04/01 00:14:21 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x1000000000000fd) 2018/04/01 00:14:21 executing program 2: perf_event_open(&(0x7f0000220000)={0x2, 0x70, 0x3e3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r0, 0x400448ca, &(0x7f0000000280)) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000040)={'bond0\x00', {0x2, 0x4e23, @broadcast=0xffffffff}}) [ 220.926990] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 0000000000000103 [ 221.050850] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 221.058144] RDX: 0000000000006000 RSI: 0000000020000100 RDI: 00000000ffffff9c [ 221.065429] RBP: 0000000020000100 R08: 0000000000000000 R09: 0000000000000000 [ 221.072715] R10: 00000000000007c7 R11: 0000000000000246 R12: 0000000000000000 [ 221.079998] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 221.087421] EXT4-fs error (device sda1) in __ext4_new_inode:961: Out of memory 2018/04/01 00:14:21 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:21 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) ioctl$KVM_GET_PIT(r0, 0xc048ae65, &(0x7f0000000040)) fallocate(r0, 0x0, 0x3, 0x4) [ 221.107938] FAT-fs (loop0): bogus number of reserved sectors [ 221.113922] FAT-fs (loop0): Can't find a valid FAT filesystem 2018/04/01 00:14:21 executing program 7: socketpair$unix(0x1, 0x400000001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = memfd_create(&(0x7f0000000180)='dev ', 0x0) ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000080)={0x15, 0x6, &(0x7f0000000040)="1d8ed55eb766"}) ftruncate(r1, 0x40001) sendfile(r0, r1, &(0x7f0000001000), 0x400000000fee) ppoll(&(0x7f00000001c0)=[{r0}], 0x1, &(0x7f0000000140), &(0x7f0000000240), 0x8) 2018/04/01 00:14:21 executing program 6 (fault-call:0 fault-nth:8): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:21 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:21 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x2) syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0xff, 0x800) 2018/04/01 00:14:21 executing program 1: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) r1 = getpgrp(r0) r2 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) r3 = memfd_create(&(0x7f0000000040)='%\x00', 0x2) getsockopt$inet6_int(r3, 0x29, 0x35, &(0x7f00000000c0), &(0x7f0000000100)=0x4) rt_tgsigqueueinfo(r1, r2, 0x2b, &(0x7f0000000080)={0x0, 0x0, 0x1}) r4 = signalfd4(0xffffffffffffffff, &(0x7f0000000ff8)={0xfffffffffffffdb0}, 0x8, 0x0) mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x64031, 0xffffffffffffffff, 0x0) read(r4, &(0x7f0000deefe7)=""/128, 0x80) 2018/04/01 00:14:21 executing program 7: openat$cuse(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/cuse\x00', 0x0, 0x0) r0 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'bridge0\x00'}) fchown(0xffffffffffffffff, 0x0, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) socket$unix(0x1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) unshare(0x4002) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000140)) r3 = open(&(0x7f00000001c0)='./file0\x00', 0x4003, 0x20000000000050) mkdir(&(0x7f00008e9ff8)='./file0\x00', 0x1f0) r4 = syz_open_dev$sndpcmp(&(0x7f0000000280)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffe, 0x2) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r4, 0x84, 0x70, &(0x7f0000000340)={r5, @in6={{0xa, 0x0, 0x8}}, [0x0, 0x0, 0x8, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x80, 0x80000000, 0x51455210]}, &(0x7f0000000440)=0x100) r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu\x00', 0x200002, 0x0) r7 = openat$cgroup_procs(r6, &(0x7f0000000940)='tasks\x00', 0x2, 0x0) ftruncate(0xffffffffffffffff, 0x1) sendfile(r7, r7, 0x0, 0x2) connect$bt_rfcomm(r4, &(0x7f0000000900)={0x1f, {0x1f, 0x3, 0x3, 0x5, 0x6, 0x101}, 0x90}, 0xa) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000480)='net/softnet_stat\x00') ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f00000004c0)={"67631923f982caf652a95b9865374263c55567812d397d43556470136605fb77d62d77dd4bdf0906ae48686723c1140bdfe79745312f5e28d5fda341b12028dc65bd282d5dcdb68f8965f8b33441bdf1fedc4b0f131479185766f886017a73a6afffe947555ecd433b4376c65187a821761452029ec91b5b5c40fb0749550ef371d24d3998c3ad9a0aeed94e955d32dfc181aa299dc4b9fbe44fb859129292ff8aa2a4af8aeadc59bfb77894da5edb384c4c3f2f7fd69864f65ae9495e4e16a5b4a31964705a0ae3f81fccb4788e7bd81fadc846d5edde3e6171c193b369b8a6450adfc975c720121627b5a0bae1c3b8f92fbed6c34a67fbc5e84f704a8bf8a7c9f9f6b2602f96f095be355d7da881bdd64c11bff4c322b82b95ff156a7ffd1f0860bab72417fc8cc3554014157921375dd9b56a3f1ae201ebbb017b7b656960b5b0a9b6250b79a1fa120b138722d019a6453a8d467b9bbdc883c7c82b1e07ecfa855a18c5816d9955fe1fae30bd1c2afe58f1c2fecadc0a3ebf9f2a4f167695dd2895ab7fff61745ccb50fda49a4217a4797cae901fb561db607d8de08bd1de03ddf8ad2a2c1d3ebba6ba3032b06d9de8d6bf8caaa2370894eba0574484ba83df727d330cf758e9ab4b1374e24913d34130bac14c67a9c00a9ecd27b3e25adbe37478f66e4617257b546abd6040471306dd6d2ea47b6adb10d7644932f1a6d1b7f4e89f23f2f45dd6e9d974ad83473f2e6cb539fae5780c7e6eb205c8e036a7b0eb729a2ca78d4cefb68c6c7e812e69e3f8b38d52c2cac7d5bf2498616bbf44f4da20d8de9c7a2482d80e00b04dee7d73de9bb5292039e5ba4ac30ecbe97f387cc06834101171ee66241c2cff6d82cc416107885242c4c2fec51285b32c34f35776363ca107d08a53a626c2eb6421567c756dc7dade283671ff0c011ecc77a8d4cca7da7b47af3ec7d414b1cf9e7ccfba4fed0cc2a34574a5b42cbcaba6561c9cd11e14eb78e6734b0ab2f2deeda6319732751bfd2752b529a7535dcaf03c85a58e695285fa01b4aee3ec6285e5c11b5d8d9d16ba2841fb7434ad7c4ff33fd1b5ab8cf71980d52a93886c3ea80d29f31ef6236776bb57eab7c03238c3c328fce247d0259404c8712b4a222b9343b85654783148880be5eebdb04a40d637277474c2c1295573d4e1ee8a60de7a2523b873b3b1e3234697400cd148598ba8f5b8776a91fce4c010cfa4f0a840b74da655848d7f5df832ca9d83663986acfd8c8a2dfc192ca04ecf88183ed927ffd56392cc0de075578308bb455422a22755c5d606262b93d2548022487c139424eee61eed0f59ee55170478c28e9d3fd0d68b77551568b28d303d9a73c5625d79c7d055758e941cdec7832432ea340208558283592cddf51b5f9cae8079a4f7f80d08e0ff213dfa723a5bdd142c71cdee56c3c5"}) r8 = inotify_add_watch(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x9) inotify_rm_watch(r3, r8) readv(r7, &(0x7f0000000440)=[{&(0x7f0000000340)=""/71, 0x47}, {&(0x7f00000002c0)=""/61, 0x9}, {&(0x7f00000003c0)=""/17, 0x11}, {&(0x7f0000000400)=""/6, 0x6}], 0x4) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f00000009c0)) fchdir(r7) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000100)={0x3, 0x0, 0x4, 0xfffffffffffffffd, 0xff, 0x3, 0xfba, 0xf2}, &(0x7f0000000180)=0x20) syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4, 0x4000) 2018/04/01 00:14:21 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x1, 0x448, 0xfffffffffffffffd) 2018/04/01 00:14:21 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000b", 0x10) sendmmsg$alg(r1, &(0x7f0000002c80)=[{0x0, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) write(r1, &(0x7f0000000040)="791f7dfde0815c48c13197fc2e324deacdee8360e87bd43086d67d777a025e309b4949b81f3600000000000001000000", 0x30) recvmsg(r1, &(0x7f0000158000)={&(0x7f00002fffa0)=@nfc_llcp, 0x5c, &(0x7f0000000000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0) sendmsg$alg(r1, &(0x7f0000002740)={0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000240)="47311915bd9d5ce5633ccf8ccf7fdbef88122e8345209748eedc520f3688beb5db48369324fc8d71aba47a53f9a6383cd32f1af2cbb8d0787d1a04298d797b4cc542fb8c0e2894bfe2b7d828a1b53286149460054e702cb592aad04fd50035959a8bf6231d256753dba3d27f42bbfec64b13001055f1138ea6fa891592a102aa69f9088635af81f346d35d890ef0dd165737bb8d02adc1719e43704470e683ae4a122169b84be422e3183415906860a7ddaa38d7fbb424245bc98bb73a9a68e306a46c3a4b97d38c", 0xc8}, {&(0x7f0000000140)="c0c2513a82ceb68176308049c7db5ebe21dfca2523bdcaa1650114a4beab81fcfbadb2227345627f528064a2b869c758d4c58ea679c95575dff052015f2bc78f35e007adee4978f14dc5b2b44713f58859ce150400bba0527dbe62e918e8f2a9324076f703411c8f4e93a219b6ae74831def64bda2dbb313aec416b0fdb87ad0df736f3f362dc40c816396c9", 0x8c}, {&(0x7f0000000340)="3d2dd15854083381a2a15c3cc4b75007f653f2e1e11b9b9cc84af508f3060fc5971b11d2f1412aef6421e5b116f37d050c0d918df462146b51e6aef3435d4f9f67bde91ec17c519f1a860b1574cf650c7b09b9b67bc28699b8a2e6416eb374eebc6fbeee4e6659f9d2984f612893ffcf02aa46fd2dd61b64b60464436f028580108b7d4b5be3d0084dadbd00c1b530811288eb5e07df6cea922bfe3dbf9a2b367c9e287d9fbee853c2e64093f14ddb8a90c504b9", 0xb4}, {&(0x7f0000000080)="e6de849adcac2e246338adc2a2", 0xd}, {&(0x7f0000000400)="ee01dc22158121d49cc4fd88493134495f09c6a2ebebfcc03d9d9841add7d59dbc6ad8a7d0ce7b208dcdbb77899266e4365ca2e51af5b4eec19c97c49793f578e0077e5fde223e00f2af31f10db9a1d730f7bb94d124a15d5b003ee348632869a0d177e5ffdd19058078bb69126e0a79297dfe1e7e13b16ae66cfa2010361f0770afdaad4d73bc1bd81d32563fe58bd3f30266337a8b5a86a184f7b64c598fb7b1582025afc60366d6074f928fee00a94d2da50dd2a9a5523c22a5c98cbfd99e2f81855dbf8a99f3f0f6cb546e158c3b39fa2740083ac0ae8227cfc582cd5b458b8eb7fdb395b788a3bd0f4eb0b3b9e60065c6fefabd3c48157137541b7c3e53a2f0ec83f0d4274301b10bc56d85f38728bdb85e9846016a9c7822bba928fc596d1cd36708ec00a17fe81f943d5b8af81001cc58fa50321ed8f695144b4e210c5dffb118c50a48b54dec6327f9779ba2662a806fada4d4f34806a5ba4bdccfa5d8eb970d118f878b7644f3e71688da206de2ed0633928032bb2fed3f8701d3c81b043112cd432a61679fe6cbff84a65e3e9e73e72fb00986e98c5a5f27983a930674a5088fb75011d6a97a4ba82d3bab534e206a1ab7b90a769b9e6aa362e041d33c92c6f284bf99d0422eb35b19b43bb29bd26b0bb3cef7438f5d893e8cd6098dd914ad4c1eaf8f138ea2d87f38491ecb254659e3f5046afc917a7e0c9f01203ff9385e4e5ce6d047e474e29b19aa156f06a7f1e734432ac882c19743b8e1d757310b661b9907b79b1e8aaba60830dcc557afff6646ab9acdb565bdbdbafa48e064c4b2998e4280f963865a1805882ef23c834bf472386d19869a26c9461d8aa4424c95f1ce7871b8468eeeeb80262eaf9e8e83f80e50c4290e85a0bfeb26968a458abed5afb30d0076a776d1ede60924beea4b078131ebfdff647e5ff5fc8766bcfe52096db1fc361b7e6819c9706a8ac208772d3114ab12148dc2afd197dc7cca331f4833bd3a833105b0d8aedb09bfd25a10daa3efa605ca633ee97a2025ea8d4920dec8cfa61475e69d6fc960ca0cf40d8e39a6a450130a45ef320ff0fa76ec4bf51fe65cda724c23096d0d484e4de4060b08f3ae22f2edae00a174b7da96f463677c8127342194d72fadcff41ad27e7114a1db4789de6ae30c78024dbc6a7d5563951dcf4f58dc04157076a1faaea662bf70d5d658f231b7a2d757592a1fdfc0731f1cb53a1e254b08acbdcd46475ca0e4dcf33914e9db013717e8d9934b8306966ff8afcfad48a3c3fc49e33798579d850f07cd8c03958af3c5f3fa4308d6d6af554f377fd861265ef5fa9762b1e62cabf7de61f902dbd5ca44e86e485622cf1a07b4bc8bef05fca34b89f104be6ad066b2c866786a70708db2ab76f70df1e4285404045646ec9663c390d85ec35e7478d0e84eb8336fd50e36a95c673fb2fc9d4589b87bfa8e56ee1d6dba4348975665add9f0d27611b6c76b4d4e1c8bdfaaf990c88c7f6520a00a1956b06a7569606f1a4a786ac47f1d15bc83d981f4e62bbd33506b5a1881436245c12018e1b1d638589988cbe1d25b11b57296e0f4e705b01b56a51e3d661353bb816cc831c7d0a8a863477ebce0bc8ec18d95257753c3bc7de3aad5327486a83f47c49feafa826cdc1b937c851206607ef692c49b5c0a37135188c7ef8aefa3f84d21ed808c22cb218ebd51057388f0a413843ba5fd7c1d7a6f501a3f90cac04a6a171de7e4a5c7285779e69975a6bb8f721f7c4a4928a51665d666ef11e7427a98b49bb5f73ceba986f00255aa6af558bf173f1bc2b17ee681e484d3b1d7efd7a614e729472a2ace5a34ca90875005bfb449370d7cb79f996b1373037cc18e7547560eeee6f0849d7f6e924ac85f8a853a7c9bf7bf893e37e9f08de0aa1c8cdf1c4ee67501756464d8a17f655e70757136bc97042da7f61fb474fa1804dcc81efdc1e4c4fbf20da4ca78980bec66b5c7735b03bd942f4c29cf97681293106a5eb5a867a3e9676498c46d88401681ffab8d042f1c405d1889ab6aeb58892877d61ff1416afe1c7a0ceaaa7af8a72dc6fa527841cc410042e7d7c8db76507b35ad7259cc9846e25810b4843af541c8e1a924fd62a1ed7b14c0d726272e3c38a20573a9b7d3e8ce37ade3f2dafc7905ac3575dcbd728ca7923be105c9647c0860efef22c925476da85d487be660a97c1cd846ef6a09f86231de8be524cf8c2a9c8eb1b908a1dde3696700e37ee473097439eb3e64ffd20e4588a2d6b47ee02b221a5d9940fa6c375a2685a223fcb6b953363c848d98729ebbed1c539b0dbb4c8de32c79052e5b9355cf1086eb0bcecc47166d1a4cc46ef483d6304addb8acf7800c78ddd16c1d044996a23a5be72fa9cced38369c4ecfa69bb4031f850a8479c6c1cba6e6e0f379b5b211774bbeb39bdde96dffe52870af38d0b208e8e00cfae848671aa9099de9a8a52f5584bc33df3cc34397d11f5b02603bbb89b7ae7bea08296dc4e85c245957305454ab3a359db69897374514dd1fe28935abe164eb1dfefa57625d499457c920f9320a3ced6cad73732bc7c7a265e818ae62bb772a6ac786ef64d64fafc08a8858717f997548b90eae2d0451ca83f9cf3d66d290cbb5840cee87f45c3cbeb8cb79a52c5fe8d583e1329db402aceb1ddc0b0a76d5d4a590f94a23add5c39c6d1522e6e3235dc10b422c638781e5fa2cc0e3848a67cd5c418f6d7b0833b5f2920244c394a618367cbb8814d491f65c3b3387301b0604bc88e93c1eac9ec3340a73568284e47afaeafd7d62ab1388e9986a270c8f509a7cb9dbab51c3e01a7e5303494a14d547c1c25ba46ad73e38e913783d976818cc9d3df26bab3bba87c09a25a844cace2f7b95952d9ce128b93ce3039a3fad3563ac73d58ad8a24431572ccc34b0a48891b2175073982f9e4ad73fa0e8d4a95bb8231a20cd3fc40da9fa769c9de857fd3f0c13eb845105c3cac48162ae7fa0bcd2184d2cb76601ed200130dcc118634c9578ebf9e9abf98003cefa9ad1420aa86849c57303fbc2fc7054496658f16a1f51f07ed6e9b42da637f47bf8fb47b6704df950bdfc350565644f622da36168fd7141962dcdd17bdb42fa7b34d8f94174d13b51da54c80e41c85083c1d6aa2dd1bf57f2c46dc9b71f3c7e2227c6f28f403008dd1776839106a6ddb9a8f012175d1ce29227f5f81632d59d54844d2603c0ccc8cd3a3976d6f5428280b5b2987f98c1988b762808f90a6122759e442e4e4e47f63c603c137dd5a16feff57ae6fe61d04096e1d46f0012f36927ded41c90b0827afa7f6b1da1cc87f27d6ef66d90dd3bf4e65eb79e5f20100a3631255596d3e7483580b06dae291d21f4d5b75abad55989b1e564fd7bde0c028b6688a37c4e699473425c46f58ed8cdeef3cddc7ef71515bc389fcbc26561586df7c81369958918776d3bbf03dc67c27cd46a7be12cb80708feea0186cfe85d1ea09376f134b3f54d84b4c12eb799fac6f4da05582a4a551c837708cabb2ce62c8ecb4c80017750513de71a9e7abcaa94440daa15ed013c4b0a7bfd047601d39e9c2d7a7ae5ba5e7100a3fe2bcb2567a09947e1cc1bf64883554f0d07cc517eb508e5cd9f84544a82c794d5a6bd3e6c95cb20c913c94932f3b9c3e72605be3ad916010a3798dd8a1c413298501b91466c7028e8f1d87145d69fe9435cdab59a6aba065f855d7b79e65209f358e6e0ab2fdf75f023c64e7cde621d9195686601248f15648f1d82cd5e3bbd0641ac3638cebf172c2b0e0181e4e6db8be44065186ed6c87637361a2f35897863d96c60d8f40adf2010a9a19c04fbbf4082cea1e8242b530b37b3440634bf65ebeea6d1193ae0b8f7c386ad9fef3630ae42328594959737e4adc1730fc8207f3a043a0f754d8480366cd2f2f5273af215c1d56e37a3908cc31a63e751f9483f806269c5640042fd9578ec26508b3ed21ed96dc6a09c799288559e564722d71d5e4fd01dd53f8cb2129f5edb470eef914cf4e33c60935cbeb00943d126496a3c55eecce377e3ca291967537a70b1123948ca25b9e5cab9972ba9bda03f800f15c0389e5c36501d5385f747f506ef0f5a03fdb9085549740ec43f6abc8add1a769b6637d755f69f7513c5605e18ae33abbe1934155d17a3dca8dcae89fc014f047c576b32e28765435954722b018ded28d783e976960a1a6075f3f8f1d61db4686d6aa0ef95bddc850ee0913cf5eb99bce1cafba95d80c28335452c1a20e14b7d263c1bff74876274b5dcc2d6304867ec419f66937d6c1598e9cbf5eb6a6362f9f6f22897eb0b0d0c6df0d26bef50e449c6504bc7e40494b8eeca2ce174d5400000d673688c95767eebb39ff373cb99dfe8197bb749640bd8331416af2d84f60a2fc6b18dd0a5a006d39e0a801d30c46841cbf09f82131044a4fe22b2ec7054106514ef8d5a7e119a64479f062395cf1d1c8d8a1d113e36ebf20a4c9177ce83e501c03c269e21693d218d889cb044a1019ca12572b16cf8a9acaca3eb7a59e1ccfcdaaa7a82ce408cce804ef3609bea9360560d069d9c8dc4c9b6cfeb125397e080be6394a6767f0a843c4274cf393a46fed5d0a11424d340152b635f9b31a89ffd8d0034771c97efaf4347aeff07bcd66166a1336e4b4fd9abecf7f20cb9c0cbc5aeff3e87884c35a9936d92ef6522a37cc49310bc165f19432034d8a0afb6d0376c216401c5bd8b7b7577cbd1ab06ee43325c08fd24cc5a2cac26afbc944ad3e42329f104cee4414405070cd667770ccb0535e8306131642137855b7a657044caaa9154a0c411a6bd9025723e2b4273ead2da9029d3119af0039de728fbb32d6cedaa605c9df1498a51e5949f675fd0dae5fc9cb9fbdf1a46645eaee61a81f6ef69849d567b9512110026139d8c922a96219390453b666b358c218d7370b1abcbffb34456bbf013bb10acd6da22ae9ade3ac6b9de1a844449eef8cd52e9afd5ac36ad2598b39ae60676897b0dcfdc67b932a35e4b1bf93fcb5ecd44af4f0c392ecd9984bad38fa92d1e18f880f9e1984eaf259648a2e8c229a18543b0a4ce8f0d1db329ce989b6dfad55d2ac3396b979a33157ee5c449f2d1a89098ad1c282c2b5e32d08f60988236ef8356f724808c734bb6a65e1966ce0d3af1716f38616dfef39d21f43e6d9e55f3a275ac5eae369416727658347dff70e97299487e2b434a5e3b67269f52fc4e90f611b2c2db9b46e8a4f4c46776255da100131896718f978b72cd425a02b2b850e57cdfaa82c3c2e00906b066c0391133b21284f29df73e86afed0e57d6cbb3d4924422438dce38561cc5828da6e21d08a124a45e08af5b1a6065da4857a5d1d18ba911f3eb4c77d2a95e91905d4792a96104d4ef9bd84164ac262c8ba7c7bf19512ddf9ae26c903bd337214897585ffd0a2b4b17da6256b243cb0cc8ac6cfe6b16547deaeacd65ddbec84ea1d9b1995d34f95b6cd969259b678d9b7cb3f836185790a06af38993cc91a01bdf39446f2de28f10b7ef463a73893e2eaa4f10627bcde0d792dcde31920459375457b1bf8acc4224622fe6a3b67b743b15bff875e8b543444e6d6f75a666398bf3f97ea8743fb3a6fc96bfbf6fdaa8c2a8a9bb2a64aed77b8fa23d94cc74a32e73bf23ea3dac5fe14fef4d6e5334a9cbc20d7dca36a5f13dc76687ca1817d8c11ff2c6ce51bbbb3fd570fabbe3b6786374d63133039c418b042fe29457b71a61b9629e0a308072c493e9dbb6fb6fffda27a36e47b9bdff91671931fad5", 0x1000}, {&(0x7f0000001400)="6193f7dc54e0a7c59d9145ae6b437f2af2115b53680bd3e54ef9b2b89c1d6c22e5910cf65bf738683e2cc097041202577be888e02722d842c838d4929bc8f9b2a895bb7f56035c07dfaca321562d514c73aa88676388256288f2503ef55f09d2e0176c78b1e7be7d85a621e9fce4bbd3f2d3c151861db4907b90faca19b9346038840890a1058162606d7b98cda777f5992476306e2ccb36d72688090a751638c22977b7f61bd61e0fddfca13132ed68e29b1214178cb359be90858464e0c98dde48c27e673cd0ed70690ab0e5057f3e78131c4056c5626e7d1a71b7e35fd77ae0d99933d33416b5d8fd94c66e0725f97463", 0xf2}, {&(0x7f0000001500)="efefac5f1d4656abbbbf0220669a61b4a1facc41f12e5f57b8a9", 0x1a}], 0x7, &(0x7f00000015c0)=[@op={0x18, 0x117, 0x3}, @iv={0x1018, 0x117, 0x2, 0x1000, "c9082b5f7e04870802b799f3785b0a2f784456a90dd2fd82466a3d37ddc8e7a04a5b2a793769ae7194e7d82f1b898926ac31631015f648ef263e505c7b98a8303ca2c119345d2a6472940a03e7646db3717a6354a6f1392b169b8d846ae4c73c3b686f7387c6bbac0975cc845aaebb1610fd54fa1f658146d0dcec7d3ea9f99522cd53f60e655f4792d5d368e55d50bbdceec76cc37c94b445e2113ad932c3fcadb0ecbb2e33368b25bc3a4dd29ee4cfd8bbed76283adf5405a29d4137661d7f143cddd980564b3f0b317292c5b59678086a13da3027bd089a238a95c498820b91447a3a2993e2ab536d338656589c4f8daf0c94c4ffef69cde273182bea46eb0a0957b5296fd08284233bfe2cfb6da1659f79251a61ba006b768dcb277cf74bbb7d73393e658917e4ffccdb410e485a64dd45052f33d9ad4bbb8b4677d54689b7144a950bebea3b50b9352db05c406dcecde76f8478dd545783ef5e6cf33852026b2c1bf1c35d5b10a7a784e0611c2f7a6829077899c91228f2fdacac7d87fddf48d1e796e85e33ef65976cd441050075ce71754d3cb6abbb3d5d3bcb6d83b344cf3e0662238666955d4f8aebc0f1408153d1d5b812ee097ef87e8cd4ef52744a68b6b790e16f3f8d89ab2ee23de880e081b776a628cd41d82fa7a201f180cc502ff31ce5a63df5cac49a418be06ea01b6e411b6c5b804b8eef7f479ee20cf50d1d3591f8a5c87c4716a4f28067ba345b7414089a2fee0efb983f7c55f15edb1e7f1030097a3935e1450fc19f5c92ac23b81139a7468a838c476be7cb31baa877ab34f0c1ee36f914e61c3fe872a2887ae673a14eb5aeed858917e0de97810976f92d66740c81df0cf17768ba7623b09658153aedef46a3c54ede854cc802678ba5e16171260a5dfa0122193636a4332e4259e7ddded784713fc213057c7242a237e8a5d277a02940c641459f3921f52da724e5f79b4e9d0222e1ba6eb3fc2da9f1c7589b73bff87e4b7dd93b8f0663729f62d51d1128401b7a07e9d7dcd30a4d3378c6dc06706016ab988d0051ac5dbb179cb699795a82d8dbfe74744fdc1c50072a6f4ea2e7a607c83c52e682b1e4b1fb945eccd7f9cd1fe457dc599ee7cf70394d945ee66efa406d2b0531eb696646325a4057c682d3586bdad35a216724f19ef33acc8af1def0bfcec23f67804757833ff9efb05804dc88ff482a2f5dac92d29b9d111e383311c08843db4c39e6a8ef1f47c82f0ded5599bc9ee5b1c2de2e099253a077072aa3922a209394226644d0aa11954ad4561985489aef7cbf5c4779d865d3c81a283ea76c736f45ea40108aa76c1eafccf8ac3024ad39d88b23615ac216a855f65f44a9a6c21c8be37796d2f83ff26585e8eb7cf72a56c28de5ac4386f9bd7c4517a6b3e6db2adddc48d9bea8c60292b22b9e73e664fb8404f12cf91efeda20e0f0e02865ea35658f5e6f22dde2823dac669f8654104139f7fc4c67b225403c178657ca123a19411ec75128aff4bd2c274729e8102cf6b2b8b996394f3fe695bc4c98f3ad66b3c8c2839333ba60964dd57fce70076ca44b5c8e658c15389eb82d9f1a807a80afe563b921a6da36cd002d33cc503ddd3439275766b82028c20164ee32655a5bfa785ee6973f433a992bfa93720f79f5524e3d991179c06bffcb43e93d36c4300c91053a42bb1b261a81b69fb155874b0bf14e60393df11b799f8ed8e92399de235c89227c7695b005eff9bcad232ff38a1ef26e1c78336a66fdc27fea0e962d60faf6bc28052b64d79400b75768c6eb579d1f7f7fc1647b3da3bcf2f2e0b9869d1c7a329850de169928bde212c2e2d49d31933950367b785542362ab11c5f90a0479c699baf3cd037687c32015eb3ea16ed4c6bfbcaee8bfa2d8d3df3c175117ea30f73d132f0e8b841179528966822b590e5128bbea309027df3dd480bc2edef562f0e89faeae11097864d84725dd31e97b5d4f26e3b391d3cfa6da1f7556ec99ea06d8ac1f977ef44d4bd5a0d39b47d629c50848a7a0fc48b09eb5240d1b95dd295941d5172b01c57d01f713c7eef606a3e980ddd582c4552b5c7603999639744d7f7505885b94a878de471a5c27e90e53ab72c0eca35270c1a9d4ed844c388ac84373ec789c8b43b54dc0432a885aa20573d35006afe2cf2bd3f5ec4dc363141dd3009272e822a0a9b6822168df25f2940db8c5b66876b9087028cb984fe5f81a9290b49766ededb2b21a7a847b5522d2d48ad22a8fa4c7c8022e6e739dec7f235262aa490f11eac592cb1da25719583953c6def31ca089931f8bd8e819d8845ef543568a12646aee392639d1c0426e6527c753c1f2a1d271edd1797ac76143c5f06fda263f96644832355b1244c20825837a7d900e00cab916db10874ed7d3fe630843fea105c990ad75c5aad7605b961fb21328a10694af7eaa0ebbc2ed4c3235f3ee814262c728681189d17ce9cbf9b3eb0708147baaf76c04acc01bdf6efcbd2f76f49636022a08cacc8ce9611c54696b0ff338994f8249112c963b516b05b99f950278580e2916e94e60fe72780a2176efa42a822b9e2848cbbf5b14ee84bbd52220b6c77654d3526bcad0e1c51efc6a13eb3dd6ba05a152f3dd6a7b048e9554ed986808f4d34d88bacd3907be772b5e78e1fce94da9f4b0c6a61c38d10b52e8d4b06cbf2c57b44baa0621fce1b7e3f8bb1e1f7697dd994afc22dbc4bc34fee2cb20c5793995a203bcb81c26461a85bd0eb2e5d27f48277e5cbc3a2f030f52a6997c1b9222441b903192a297d625271ef2848ed8e507753e21e479ccd35c7eaf50b139ba8ef977b5dfdbfdac5899816ce7a21316226e028796e0be16c3d2d25ffaae7708c8f6dd0cd83817e209340505c717f0def6a0df3cd7e812b69a75963e722b04fe1641896ce90b8c31f54486877517c6cd836aaf1a82d49a72bff77f270f3b48d2faf9e542a4e3a869789a078cc1c57337992029b0e6a8035bba1882e8d2a076719c07d5e48d8c281c807861f55b9d8b2724c8c939c67e305d259177bdc16104ad82f43c162995cc0ecceec4289f4d3715b7ac708fe3e9fc1a078458989021fbfd2949e813df6787fea780bfd11d4ac58d314bc400875a949b59a87d2ff61dc4d0a802033510b3c5825856c621a9b61ca52541cff4785b6b26e6db787d9904e8f9c71e2daf0ff226e8320b23d26143630c3c7ccae130974d317259096b931738876e54a36d99dba2b63c574d4ff008af41c1dfc1ed94270ffbe06c4c58f4782dca7f941694d7af587e4caa27b957233199ad84fb8828abe8c8742b487508b77a9df5fb7c28ebffbe667c73e2863f13b6e3da66fe8212b0c3076625b97e81580b755191faf63dc0092fa0137392dc0b39b603e518f27ac8dd93223a17f6f7d3e589503bb2079ac4e0a85757085761fbf3204bbb4cf7d584aaba9388c3e6495604ad6a9b0edc4ab4dbc13903ee6c83ce08b602ca9cebf149e29c8d3ce5ad697553ca508ec47eddc062530274f6f601f2f7127a9cc2c9eb2ceca69dbb3f9ae20665490ce98d6a0aaa485ceedad4339bb87b70c7606929d1dbb6e31d30edeef336ccaca1de7087a94ccd835bf806182e78e9a7cf85d2f029c40ab5b59f0de6cc0b9ac195dd70037036bee611078b3edd835112c1e4d24889517c2bcacb59887a80ddc083154acb6416584162058820272bddacfbf87313099a1682494ed3dd24b61c8fdaa773c6ca2aa2cc4b7b3b80968226f21630cec2de5076a3954641f5cdd10940078d41f20df70ac2e7a8b18d1ecea168f3ff5634ec353790afc68e0792badefe1a20fde1eb8dfe13549b1585bbbc8d9ddd944be5844e0085d9cbecb11d0a4f94bdd8bf2a7829666304ff22413ae4ac888319b88aed1e1d97e47a32c85716907a06b6b2fc6fb73bb99551d3ded8292c2ce58d697153f6c44fd13763646587a5a4cabf74488169da5e73dd01fb39c8b3fde865ef07e24dd8172bc9180c25e34991b9c2cae3a3ef56631c8bc0a79cd8b0c01355c1e85eeb6da5b199852433c67d1820ff93d23ab039ae26eeadcadbdd8d1a4d5df67b52b157caaa6b611b376fa33c019f660cfebc5042e9869ec3e5c3f7ee6fac9507fdda16833887c43008c44ca6963cd5967226dec35dccff9928ff6aa6d4f3156aadf6cf8efe202dca44995c976470183234aaaba404825cbd1b599ea95508b31092be8554491e0996ddb731ef3fc88a89a59d6db0a95d5eb8cc56b04389c6db39e345bc88ad1cf62a15107dfcb43521534fcdb664eeecd1a4c45a36dc2543be88711a71cf3259382d24ecd696b7e469b4262fb7fd43bf93f7226e3da86f679b658263f6679b597a7b708d83148cacd4ccc84490ea9c22bf29ff1d05c42e8c9ca6109095f41e4c26b2be0221bda990cfdc9297384c7085dd10dcbf4734789a2975adf1a356df14dda0f1987a2ef8cdd59fc81044a3c2b0738f94211772c1d49f8fd0f96215e1e77d5acf70958dbbdfa0154eacb0378ab3c691b359d71e9b68855ef7ee42999ea7456a29f6cffdbc1fbe797106382184864054e61236489fd78321dc4b2ce4f2d86f716337d97950c8df7d4b457ad0df84aea02904b958200e8b58ea1c3102f6fb532c99d5a6b7d0cbc8d930ee1894316eaa14e8b68961fc1a7a0d98876e563b6cf4745f9348510d23359a167f3dc66a57def3d9b28aa42b03d9ee0236b591c93070b0f17202fb712e82038ee8d70b56cd9aa5501d06163e3537b1dad5dc8564cefb16309f970c8ad178fc6d4c4a3b45f22afedbda2f173b131213c356e71983e3fa3298725401e3fcd2aadf88501723e1100769b5966284d7c5b7eda037706ceabc9972edb2c1458cb8337f376c7e91a28f1a337030a8e38dc7fef0ac5271d10fe7fa682061f81e2f4ac01f219c79883c621147a7010d4bb29b113ac8d0e28cf5a187b4995e47e7f5e471de3c9e067b819c45356b164915e5c0cd4761c8b36893b4a76465ab5f94f5a50d8fb8ef8edff6947c2c048c7baae63666cff06d06c45f28eeae454dedd2144caea8343b62e8882a1fcdfe4c9d69b043c848abd386e463eebcab1ba1ca6ca58d7f8b6fe75eef27e94d07b1b58cc24c5865594b6174284ce7bfc5de19ca4b5f98878f914abb723673bf60677bcc503969fa16df0b8c848e1f4feba260e70b94c738337b543ad927db1c90d62ac3698f62650ec5efeb70ae5c8094fcca130f69a49e0c7e8ac3931c04bbb678b1d15dd232c8d4053b7acab8553d1c553dea49a35a5a9638f8c307ae10b4b9af64ea923794e8b1b2787b8e55ed53a9c1d5f9db215253317f6c9392f08535a8cc0c101c7775c56b40428ffdf8ec6bb5daf8d218c5fb1f7a079943772f3577f13b8436c81a549cebd2527e361560be72ebf2489b696fb76d0821f19d04a40f00e49dedb5653628f9d5293e4b48099d47a7779d66492d8f1dc37ca30b831407b16473c1c8e80e779bbc72de5a32448312be6986588b25895371ef92d2c251d0665f4005d4c56d210eedf7862866bad352a8c878ff85d3706944a575d46371f90266469bead582c96ef91d2d6b59d8dc9ea3d19be1fb92f15de5c146b91b53acad9b030858371b8f63d8f3ef929e32355b4d853cb2c6dea0052e30717ce5b731174b7c68fd5bc72db18d427ca6f1d0b9371db158e774d2647101d9ac5cae5d471930246ad190e93ff368efd97e5f99f8236b9d41acc4bae4fcc7cee4327d031febf683ec5fd0b4fbbbcc797a535f299da86333a26602da63be884bdaba9836b"}, @assoc={0x18, 0x117, 0x4}, @assoc={0x18, 0x117, 0x4, 0x8}, @assoc={0x18, 0x117, 0x4, 0xcc}, @iv={0xe0, 0x117, 0x2, 0xc7, "5d399d7045597eba4bfd78d3ef86de08d83370664e0d676d536c03a787d5cc408b76de59e307b4b42d4eebe6087af3a147c8ef1e589c088a3f1fbb10025b43d222a216405654a50d01e427688c19f462239335e2c1c4ccb99e9c3102d14a420a33178450e3946580c455496e08e443093e84a60fc3ccf59e993a0db298ac7655e57e0beab10be947626064d92acc719e5661cc0e57f10bac50f8c35a2d37822780dc4940aa905b82b94821e719f51d11ae849d9e13a50fd5a5aa92ef243d35333c4862ee5be7e3"}, @op={0x18, 0x117, 0x3, 0x1}], 0x1170, 0x8000}, 0x20004001) [ 221.328607] FAULT_INJECTION: forcing a failure. [ 221.328607] name failslab, interval 1, probability 0, space 0, times 0 [ 221.339904] CPU: 1 PID: 18637 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 221.347112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.356482] Call Trace: [ 221.359092] dump_stack+0x194/0x24d [ 221.362741] ? arch_local_irq_restore+0x53/0x53 [ 221.367430] ? trace_hardirqs_off+0x10/0x10 [ 221.371774] should_fail+0x8c0/0xa40 [ 221.375508] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 221.380628] ? mntput_no_expire+0x130/0xa90 [ 221.384969] ? lock_downgrade+0x980/0x980 [ 221.389138] ? find_held_lock+0x35/0x1d0 [ 221.393240] ? check_same_owner+0x320/0x320 [ 221.397582] ? dput.part.20+0x207/0x830 [ 221.401575] ? rcu_note_context_switch+0x710/0x710 [ 221.406557] ? d_path+0x930/0x930 [ 221.410038] should_failslab+0xec/0x120 [ 221.414037] __kmalloc_track_caller+0x5f/0x760 [ 221.418629] ? strncpy_from_user+0x430/0x430 [ 221.419057] FAT-fs (loop0): bogus number of reserved sectors [ 221.423038] ? strndup_user+0x62/0xb0 [ 221.423053] memdup_user+0x2c/0x90 [ 221.423065] strndup_user+0x62/0xb0 [ 221.423075] SyS_mount+0x3c/0x120 [ 221.423082] ? copy_mnt_ns+0xb30/0xb30 [ 221.423094] do_syscall_64+0x281/0x940 [ 221.423101] ? vmalloc_sync_all+0x30/0x30 [ 221.423116] ? finish_task_switch+0x1c1/0x7e0 [ 221.428928] FAT-fs (loop0): Can't find a valid FAT filesystem [ 221.432688] ? syscall_return_slowpath+0x550/0x550 [ 221.432700] ? syscall_return_slowpath+0x2ac/0x550 [ 221.432711] ? prepare_exit_to_usermode+0x350/0x350 [ 221.432722] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 221.432734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 221.490623] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 221.495822] RIP: 0033:0x454e79 [ 221.499014] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 221.506730] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 221.514006] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 221.521286] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 2018/04/01 00:14:22 executing program 1: r0 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x1, 0x20000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x100, 0x0) inotify_add_watch(r2, &(0x7f0000000200)='./file0\x00', 0x0) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000840)=0x3, 0x362) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x10800, 0x0) ioctl$DRM_IOCTL_FREE_BUFS(0xffffffffffffffff, 0x4010641a, &(0x7f0000000180)={0x2, &(0x7f00000000c0)=[0x5, 0x9]}) inotify_add_watch(r4, &(0x7f0000000280)='./file0\x00', 0xa200000c) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f0000000300)={0x3, 0xbea, 0xfffffffffffffff7, 0x3}, 0x6) setsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f0000000000)={0x80000002, 0x5, 0x6, 0x9, 0x6, 0x10000040, 0x6}, 0xc) perf_event_open(&(0x7f0000940000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$inet_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000540)={@in={{0x2, 0x4e23, @multicast2=0xe0000002}}, 0x2, 0x9, 0x4, "33a93e86f876fec3d71c7f2cfef0c8fee50cb4279329962b941a8806d4b65d9fb99c1e1b71906c0b986391461a14e78a42598b6e60dfd14b9752c3a79d3d45c9ad2f5d63c0b8cfe28ac8857548461026"}, 0xd8) r5 = msgget$private(0x0, 0x0) msgrcv(r5, &(0x7f0000001900)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000084d7dddd291effb2f9f4cd7dd494cd8f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c64557af578e2119407547b13eff763c4ccdf62e77aaa4877badd7697fc86be3a7632cd838c8d342cf287d6fad0aad3c4dfa08"], 0x1, 0x3, 0x0) r6 = epoll_create1(0x0) ppoll(&(0x7f0000005640)=[{r6, 0x41}], 0x1, &(0x7f00000056c0)={0x77359400}, &(0x7f0000005700), 0x8) r7 = socket$inet_udp(0x2, 0x2, 0x0) r8 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) sendto(r8, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000140)=@pppoe={0x18, 0x0, {0x0, @link_local={0x1, 0x80, 0xc2}, 'ip6_vti0\x00'}}, 0x80) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000a7eff4)) epoll_pwait(r6, &(0x7f0000643fb8)=[{}], 0x1, 0xfffffffffffffffb, &(0x7f000006bff8), 0x8) ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000001c0)=0x1) epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r7, &(0x7f0000e8c000)={0x7}) ioctl$DRM_IOCTL_GEM_FLINK(r3, 0xc008640a, &(0x7f0000000240)) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x17, 0x0, 0x5, "c8359fce490ca02ecefdc53e73084ece594cbbfa26425f45a5ad399d933bca798a9193201dceecd36f8b1f40cf8aabbaaefcf6eea30bd095e114e4e753b5969e", "5f4181c544bcf28eb0c70561bf8018b24fca2c78a6951e03b2dfc3869a3e37f9eb09f6ea64737d499bca6964ad59d3f141a3b829683e1a2a4693d9701cf216dd", "69c5d7727622538d9291884448c99379a71d13c395e0c4b1529b97618f89cd61", [0x935, 0x1]}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000002c0)={0x0, 0x80000, r2}) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000500)=0x6, 0x8) getsockopt$IP_VS_SO_GET_VERSION(0xffffffffffffffff, 0x0, 0x480, &(0x7f0000000380), &(0x7f00000004c0)=0x40) [ 221.528561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.535847] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:22 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0xfffffffffffffffd) 2018/04/01 00:14:22 executing program 3: r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xaa43, 0x10000) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=@setneightbl={0x5c, 0x43, 0x208, 0x70bd2a, 0x25dfdbfd, {0x1f}, [@NDTA_THRESH3={0x8, 0x4, 0xb91c}, @NDTA_THRESH3={0x8, 0x4, 0xea9f}, @NDTA_PARMS={0x38, 0x6, [@NDTPA_UCAST_PROBES={0x8, 0xa, 0x32f}, @NDTPA_BASE_REACHABLE_TIME={0xc, 0x4, 0x6}, @NDTPA_MCAST_REPROBES={0x8, 0x11}, @NDTPA_DELAY_PROBE_TIME={0xc, 0x7, 0x4}, @NDTPA_GC_STALETIME={0xc, 0x6, 0x100000001}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) 2018/04/01 00:14:22 executing program 7: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) r1 = getpgid(0x0) sched_setattr(r1, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x3}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x80080000) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$rdma_cm(r0, &(0x7f0000001480)=ANY=[@ANYBLOB="8c050000180000fa04000000386e38"], 0xf) write$rdma_cm(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000180000fa"], 0x8) r3 = creat(&(0x7f0000000000)='./control/file0\x00', 0x0) ioctl$VT_DISALLOCATE(r3, 0x5608) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f0000f86000)='./control/file0\x00') chown(&(0x7f00000003c0)='./control\x00', 0x0, 0x0) close(r2) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) clock_adjtime(0x5, &(0x7f0000000240)={0x4, 0x1000, 0x5, 0xc862, 0x1000, 0x20, 0x1, 0x8, 0x92, 0x4, 0xb7, 0x2, 0xed, 0x6, 0x8, 0x4, 0x3e10, 0x3db9b7ae, 0x10000, 0xe4e1, 0x5, 0x4, 0x7, 0x200, 0x7, 0x3}) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)) r5 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x8001}) 2018/04/01 00:14:22 executing program 2: remap_file_pages(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x3, 0x2, 0x10) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x141042, 0x0) ioctl$void(r0, 0xc0045878) ftruncate(r0, 0x8000) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, &(0x7f0000001340), &(0x7f0000001380)=0x4) r1 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r1, 0x0) read(r0, &(0x7f0000000240)=""/4096, 0x1000) r2 = syz_open_procfs(0x0, &(0x7f0000000240)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") ioctl$sock_inet_SIOCADDRT(r2, 0x890b, &(0x7f0000000040)={0x4, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14}}, {0x2, 0x4e23, @loopback=0x7f000001}, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}, 0x0, 0x0, 0x0, 0x0, 0x8000, &(0x7f0000000000)='syzkaller1\x00', 0x8001, 0x0, 0x81}) epoll_wait(r2, &(0x7f0000000200)=[{}, {}], 0x2, 0x10000) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000013c0)={0x0}, &(0x7f00000012c0)=0x8) fcntl$setstatus(r2, 0x4, 0x6000) pread64(0xffffffffffffffff, &(0x7f0000003c00)=""/4096, 0xffffff72, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000001300)={r3, 0x1}, &(0x7f00000014c0)=0x8) r4 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000001280)={0x2000000000005, 0x0, 0x0, 0xfffffffffffffffc, 0x0}, &(0x7f0000001240)=0x10) setsockopt$inet_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000540)={0x8}, 0x4) add_key$keyring(&(0x7f0000000480)='keyring\x00', &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r4) request_key(&(0x7f0000000680)='dns_resolver\x00', &(0x7f0000000700)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000006c0)="7b2d23776c616e3076626f786e657431766d6e657430142400", r4) setsockopt$inet_sctp_SCTP_RESET_ASSOC(0xffffffffffffffff, 0x84, 0x78, &(0x7f0000000440)=r5, 0x4) ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000500)=0x0) getpriority(0x2, r6) setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000001500)={0x2, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x9}}, 0x0, 0x9, [{{0xa, 0x4e21, 0x5, @dev={0xfe, 0x80, [], 0x15}, 0x8}}, {{0xa, 0x4e21, 0x1ff, @mcast1={0xff, 0x1, [], 0x1}, 0x69b}}, {{0xa, 0x4e21, 0x80000001, @dev={0xfe, 0x80, [], 0x1a}, 0x3ff}}, {{0xa, 0x4e24, 0x9, @empty, 0x56d}}, {{0xa, 0x4e24, 0x10000, @mcast1={0xff, 0x1, [], 0x1}, 0x1}}, {{0xa, 0x4e22, 0x80000000, @dev={0xfe, 0x80, [], 0x13}, 0x2e93}}, {{0xa, 0x4e24, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0xffffffffffff7fff}}, {{0xa, 0x4e23, 0x7, @empty, 0x80000001}}, {{0xa, 0x4e20, 0xfff, @mcast1={0xff, 0x1, [], 0x1}, 0x6}}]}, 0x510) request_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000140)='vboxnet1\x00', 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000001a40)={r3, 0xe2, "956d7ecd887314673092d3af0ee66353abc6f6cadffe340789def0520aea65f65489d7d14f9c65fdd496487a0b1e62c1db83e5c1a137c4a4690bc2f499ddd9fda087a025ce6047d4d2df9d09ed7a3f99f0d7fb969bc5db4199eee02a555c7e2fc0866c6acd84aa944350ea3212139659c5e649ff5c6233873a556d82c10c6afe371cba342666e16975766482e55913d5780de205c15fef990fd0a7f58d90c471810f35d84f6b054386cf596f5b5fcf76b87ca7707d9e8530f5359ab2f8197794cc965a976e5be605238ae99fc39dd4595a2aed7495bb278880c6ddcf155f4d60d677"}, &(0x7f0000001b40)=0xea) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000001400)={r5, @in={{0x2, 0x4e21}}, 0x9, 0x0, 0x1, 0x8, 0x9}, 0x98) add_key$user(&(0x7f0000000280)='user\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000300)="3dde79763ec09bbf6917ffd1e8c401c99e25f23f4979b631bf4aa314195f066c86763061ba5fe74f345a408ba4c56bba2ac4f64642a19a81f72b1d3fb74e5d348e1ebba568683ff0239d512690e15513090485647b5e6cf3c325e2617b08d0977acc58881ccab2dee3754f484a36de5d157e161b881b08d3bd4638a58e83814385f71a085426a0", 0x87, r4) 2018/04/01 00:14:22 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:22 executing program 6 (fault-call:0 fault-nth:9): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:22 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x0, 0x0) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000080)) [ 221.628265] FAULT_INJECTION: forcing a failure. [ 221.628265] name failslab, interval 1, probability 0, space 0, times 0 [ 221.639632] CPU: 1 PID: 18678 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 221.646840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.656207] Call Trace: [ 221.658810] dump_stack+0x194/0x24d [ 221.662452] ? arch_local_irq_restore+0x53/0x53 [ 221.667139] should_fail+0x8c0/0xa40 [ 221.668292] FAT-fs (loop0): bogus number of reserved sectors [ 221.670853] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 221.670866] ? __kmalloc_track_caller+0x15e/0x760 [ 221.670877] ? strndup_user+0x62/0xb0 [ 221.670885] ? SyS_mount+0x6b/0x120 [ 221.670896] ? trace_hardirqs_off+0x10/0x10 [ 221.676732] FAT-fs (loop0): Can't find a valid FAT filesystem [ 221.681787] ? find_held_lock+0x35/0x1d0 [ 221.681811] ? check_same_owner+0x320/0x320 [ 221.681821] ? lock_release+0xa40/0xa40 [ 221.681831] ? check_same_owner+0x320/0x320 [ 221.681840] ? rcu_note_context_switch+0x710/0x710 2018/04/01 00:14:22 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000) ioctl$KVM_TPR_ACCESS_REPORTING(r0, 0xc028ae92, &(0x7f0000000000)={0x80000000, 0x98}) 2018/04/01 00:14:22 executing program 3: socket$nl_route(0x10, 0x3, 0x0) r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x8) fallocate(r0, 0x0, 0x0, 0x4) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000000)) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="7261770000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000022c16c10000000000000"], 0x68) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000100)="de8059c5620c4f42b78690c5491aa79dc8d7dfe93264121924e62285f7f8ea499bc3d488d96b7710b43954667e4a6756ad369009a239f023261145c1eab8f31641552beb7aac6e1d9681deddceb45f97a9fb464aa93997007ee77b6510307ca0bfb827b0e6642fd7cba3e824770cf557ad8e6a") [ 221.681853] should_failslab+0xec/0x120 [ 221.729811] kmem_cache_alloc_trace+0x4b/0x740 [ 221.734407] ? kasan_check_write+0x14/0x20 [ 221.738655] ? _copy_from_user+0x99/0x110 [ 221.742814] copy_mount_options+0x5f/0x2e0 [ 221.747060] SyS_mount+0x87/0x120 [ 221.750520] ? copy_mnt_ns+0xb30/0xb30 [ 221.754413] do_syscall_64+0x281/0x940 [ 221.758310] ? vmalloc_sync_all+0x30/0x30 [ 221.762463] ? _raw_spin_unlock_irq+0x27/0x70 [ 221.766965] ? finish_task_switch+0x1c1/0x7e0 [ 221.771470] ? syscall_return_slowpath+0x550/0x550 2018/04/01 00:14:22 executing program 4: r0 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000000)={'broute\x00'}, &(0x7f0000000080)=0x78) mkdir(&(0x7f00002b2000)='./file1\x00', 0x40) [ 221.776411] ? syscall_return_slowpath+0x2ac/0x550 [ 221.781351] ? prepare_exit_to_usermode+0x350/0x350 [ 221.786381] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 221.791758] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 221.796622] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 221.801832] RIP: 0033:0x454e79 [ 221.805019] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 221.812728] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 221.820013] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 2018/04/01 00:14:22 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'osx.', '\x00'}, &(0x7f0000000080)='[:(\x00', 0x4, 0x3) 2018/04/01 00:14:22 executing program 7: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_ifreq(r0, 0x89f2, &(0x7f0000000080)={'gre0\x00', @ifru_data=&(0x7f0000000140)="e9a9072b742384f0b294eacfbe8d4f702b65fc751c2846bcf57dfa707e25566f"}) [ 221.827302] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 221.834573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.841855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:22 executing program 6 (fault-call:0 fault-nth:10): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:22 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000001c0), &(0x7f0000000200)=0x4) r1 = creat(&(0x7f0000000040)='./bus\x00', 0x8) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000080)={0x0, 0x41, "dc8d6947b52ee3ea3e41a93a043fbd7e87637f0ea13c81531a9a1d3de5930e0c0cbbc9a1edaae74edbe8ada13b36a5d7176566679a13621f49c38cbe3265ebfba8"}, &(0x7f0000000100)=0x49) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={r2, 0x1, 0x0, 0x3, 0x1, 0x200}, &(0x7f0000000180)=0x14) [ 221.966128] FAULT_INJECTION: forcing a failure. [ 221.966128] name failslab, interval 1, probability 0, space 0, times 0 [ 221.977482] CPU: 1 PID: 18720 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 221.984671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 221.994028] Call Trace: [ 221.996625] dump_stack+0x194/0x24d [ 222.000270] ? arch_local_irq_restore+0x53/0x53 [ 222.004983] should_fail+0x8c0/0xa40 [ 222.008711] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 222.013822] ? __kmalloc_track_caller+0x15e/0x760 [ 222.018679] ? strndup_user+0x62/0xb0 [ 222.022484] ? SyS_mount+0x6b/0x120 [ 222.026114] ? trace_hardirqs_off+0x10/0x10 [ 222.030449] ? find_held_lock+0x35/0x1d0 [ 222.034532] ? check_same_owner+0x320/0x320 [ 222.038843] ? lock_release+0xa40/0xa40 [ 222.042798] ? check_same_owner+0x320/0x320 [ 222.047116] ? rcu_note_context_switch+0x710/0x710 [ 222.052050] should_failslab+0xec/0x120 [ 222.056034] kmem_cache_alloc_trace+0x4b/0x740 [ 222.060609] ? kasan_check_write+0x14/0x20 [ 222.064837] ? _copy_from_user+0x99/0x110 [ 222.068977] copy_mount_options+0x5f/0x2e0 [ 222.073204] SyS_mount+0x87/0x120 [ 222.076646] ? copy_mnt_ns+0xb30/0xb30 [ 222.080513] do_syscall_64+0x281/0x940 [ 222.084377] ? vmalloc_sync_all+0x30/0x30 [ 222.088505] ? _raw_spin_unlock_irq+0x27/0x70 [ 222.092990] ? finish_task_switch+0x1c1/0x7e0 [ 222.097474] ? syscall_return_slowpath+0x550/0x550 [ 222.102395] ? syscall_return_slowpath+0x2ac/0x550 [ 222.107317] ? prepare_exit_to_usermode+0x350/0x350 [ 222.113536] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 222.118895] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 222.123732] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 222.128904] RIP: 0033:0x454e79 [ 222.132073] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 222.139762] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 222.147020] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 222.154452] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 222.161711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.168964] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:23 executing program 7: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1f83, 0x200) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x7fffffff, 0x4) r1 = socket$netlink(0x10, 0x3, 0x0) setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r0, 0x111, 0x5, 0x0, 0x4) sendmsg$nl_route(r1, &(0x7f000001bfc8)={&(0x7f0000db4000)={0x10}, 0xc, &(0x7f00006bcff0)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001800010300000000000000000a00000500000072d0440fffbe5831587d9ed1000000000008000000af1685c04073a0b56a86112f9d1f036d2a1af3fc0a6bfea4ce15adc4d8e888a2295b5ebbff832576a620c724d4a70915ad699d9569587268c167f42cf54e9cc6052de5b88d04b704cb4cf0019d74874c163d0aa11f9a7fd792ab393e8f6176d7d92dfe031a28337b5b0e69e7034ee4c80176579b02b1067b1d53bd6e44f0c3cf25f61b756629b53fa4e59d29bd8a65fee66b472e709eb44e60ddaf022e01d32c0496f583dad9631eb7df964a0983b9c7b7f1c852de47ffcfc24093f87b7280a15e678e8d5e26af9fb060f0dd53a1921005391bd0ab8765831f63e8f73dd292eb3ae80de8"], 0x30}, 0x1}, 0x0) 2018/04/01 00:14:23 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:23 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0x14, 0x1, 0xb, 0x323}, 0x14}, 0x1}, 0x0) readahead(r0, 0x3, 0x1ff) 2018/04/01 00:14:23 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) 2018/04/01 00:14:23 executing program 3: r0 = open(&(0x7f0000000080)='./bus\x00', 0x40000, 0x0) fallocate(r0, 0x0, 0x0, 0x4) lsetxattr(&(0x7f0000000180)='./bus\x00', &(0x7f0000000140)=@random={'system.', 'security.evm\x00'}, &(0x7f0000000200)="657468316367726f7570c75b657468312428706f7369785f61636c5f6163636573737573657200", 0xffffffffffffffa1, 0x1) 2018/04/01 00:14:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000680), &(0x7f00000006c0)=0x8) bind$inet(r0, &(0x7f0000738ff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000a6efff), 0x0, 0x2001ffff, &(0x7f0000000280)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x22d3) setsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000f43ffc)=0xfffffffffffffffc, 0x4) sendto$inet(r0, &(0x7f00000002c0)='-', 0x1, 0xc0c0, &(0x7f00000000c0)={0x2, 0x0, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000000300)="b89f74470a8786c25b8d5902ab73835dab85ab91b4643dd1522dc2ea3d7c947e65d4e553c0d6d8ea01e45248c4b2aa9508db9eeb5465b2ec01c4ff31c0d4d50fcfe633aeae8fec620b24912d56ee7a645623f044974f38ed2fbd2bb3054f3568fcb72eeda0dc026bfc478fdb5664e89131cf2b1d4ac8faa91c43397af097f82a252aff835d1afa2733644b4dc6b28d0fcb877511a4cd8884ce", 0x99, 0x0, &(0x7f0000000140)={0x2, 0x0, @broadcast=0xffffffff}, 0x10) sendmsg(r0, &(0x7f0000000400)={&(0x7f00000001c0)=@l2={0x1f}, 0x80, &(0x7f00000005c0)=[{&(0x7f00000017c0)="5be3639f32e604bf11300cfab4dbb055d2f5b6059bb32379222b7bf674ead94ab84ab9ff94283fb22bdc3d4eb669ea8ac6320f9cbf2cec896aa886876c40be56e5b02d96a18de577a2ff338f26c8d4e1e4ed9131a602c43d283f884559ff54ac0ebb18f1eb6e0f0adf89ed9af74277d38985300975eed49764260354a574666582d97356a21e9b569f0096d4bfc3b5ddc70377f6a6b80196434697061c88962b82191a1013d01aa910be17a09ec250b5c0d53eb22d48809af9073d0ec96832eec616ee3cc3670886ee99e6d947c98825dc519ab4bca71da69051d4416c5ce748a907fe4f82d900d93e73daabbfb321f4993116f7e5d55b83054a31cd729c1cacfafb304efbd7911c4beb953670601634f1fb334c46843f79747d3c6218073b88ba86b1a26c373fdb81e496a97f13949fdbf2d325c3843eb361dfe439d2c0c20a2e8603d7c6eaef4a4c3a36f4bd5cc40fee0293b2989890fd901f9b01c869982ebb67a42c1cd11ca40a9412ae09b1fbaca8eaf9fda16500b265edd756a21523d7a2f49b3b8718719498d7807f96c076842fd488de7b565d5e4fb91c0796194e06e4f941dc5ac8942abad3d6941b4f38e26a3c836020b1d2d79ff8e9f3008f3b3d9be7d800d5ed3d89c8e53cf26f271500ee96aa9c73ed07834edccdf1dfdae205124109912a87a18fcf72a802e8c48899f212d4404c142095c3b9083d0c6a1fba11b12575ba5f86dda93777cc563882a2071508edd354b3ed1a062d50c3dd31f52e9205206b949c2f6330a3c38ee966878737bfccdadb6d2f57db170d7eed32c8b0a0d7c2be9c7312091f4d5c545ccc8835f9cb0c89d65dc4ae34213655c88b20f352a2c6999d57a12e9d1a4fdc78be6a23716c3fe03f4b3fcf868a8699e3fcb3f761e98e25e1182b8fa23c8dbf8da0e90ab1915b6873a2db3c1e5eecbf55175c345c6b2a6c61ceff5d824942d06afb33f4762be7df1f06bd6a4318309370fc469d832d6fcf2fbbb1618d92e0367762c5c2ccf14eeea985a2afcb39e166d58c97da61ec4dba0f43a683e4b18cb495b8a9088a37af4a2b1ee4d66778c58b7ef00ab20d23e71167be3054db5aa7ff5d1fdf904f6352bd3bfa7fe5e7454134892749b9f651cb55dcdba28701df74194c020d46c947c2c7883b2d8138720f207631108e858642a5dab5aca33286d6c1a0e1cbfac798bc97191f785c3bedc0f97009c7846548c7e31af2", 0x367}], 0x1, &(0x7f0000000a40)=ANY=[]}, 0x0) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100)={0x0, 0x7ffb, 0x7fffffff, 0x2000000}, 0x14) sendto$inet(r0, &(0x7f0000000440)="3eea35dd3633d4a3c5877bef83ccdfece07bc82d02276df3c43283179355731e90543f800caa57df005ec3d6ad6fc20db291e08ef202ca53a0d1f2ff87652308e32bf820b0716d9e8ed3fbbfda31446391d4c22481eb942e610000", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x2, @multicast1=0xe0000001}, 0x5c) 2018/04/01 00:14:23 executing program 6 (fault-call:0 fault-nth:11): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:23 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x4) link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000000100)={0x1, 0x0, 0x10001, 0x1, 0x7f, 0x1}) [ 222.717106] FAULT_INJECTION: forcing a failure. [ 222.717106] name failslab, interval 1, probability 0, space 0, times 0 [ 222.722293] netlink: 20 bytes leftover after parsing attributes in process `syz-executor7'. [ 222.728404] CPU: 1 PID: 18739 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 222.744020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 222.753377] Call Trace: [ 222.755977] dump_stack+0x194/0x24d [ 222.759614] ? arch_local_irq_restore+0x53/0x53 [ 222.764297] should_fail+0x8c0/0xa40 [ 222.768018] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 222.773137] ? lock_release+0xa40/0xa40 [ 222.777122] ? unwind_dump+0x4d0/0x4d0 [ 222.781023] ? find_held_lock+0x35/0x1d0 [ 222.785098] ? check_same_owner+0x320/0x320 [ 222.789437] ? rcu_note_context_switch+0x710/0x710 [ 222.791114] netlink: 20 bytes leftover after parsing attributes in process `syz-executor7'. [ 222.794369] should_failslab+0xec/0x120 [ 222.794383] kmem_cache_alloc+0x47/0x760 [ 222.794399] getname_flags+0xcb/0x580 2018/04/01 00:14:23 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x200002, 0x4) write$cgroup_pid(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\b63'], 0x4) 2018/04/01 00:14:23 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000002180)='/dev/vcsa#\x00', 0x1f, 0x40000) ioctl$VT_RELDISP(r1, 0x5605) recvmmsg(r0, &(0x7f0000002040)=[{{&(0x7f0000000140)=@pppol2tpv3in6, 0x80, &(0x7f0000000280)=[{&(0x7f0000000000)=""/1, 0x1}, {&(0x7f00000001c0)=""/192, 0xc0}], 0x2, &(0x7f00000002c0)=""/128, 0x80, 0x6}, 0x3}, {{&(0x7f0000000340)=@can, 0x80, &(0x7f0000001440)=[{&(0x7f00000003c0)=""/114, 0x72}, {&(0x7f0000000440)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x10001}, 0x66}, {{0x0, 0x0, &(0x7f0000001a40)=[{&(0x7f0000001480)=""/2, 0x2}, {&(0x7f00000014c0)=""/153, 0x99}, {&(0x7f0000001580)=""/223, 0xdf}, {&(0x7f0000001680)=""/96, 0x60}, {&(0x7f0000001700)=""/61, 0x3d}, {&(0x7f0000001740)=""/169, 0xa9}, {&(0x7f0000001800)=""/159, 0x9f}, {&(0x7f00000018c0)=""/191, 0xbf}, {&(0x7f0000001980)=""/165, 0xa5}], 0x9, &(0x7f0000001b00)=""/96, 0x60, 0xaac5}, 0xfffffffffffffff7}, {{&(0x7f0000001b80)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001c00)=""/204, 0xcc}, {&(0x7f0000001d00)=""/201, 0xc9}, {&(0x7f0000001e00)=""/125, 0x7d}, {&(0x7f0000001e80)=""/20, 0x14}, {&(0x7f0000001ec0)=""/145, 0x91}], 0x5, &(0x7f0000002000)=""/39, 0x27, 0x40}, 0x9}], 0x4, 0x2001, &(0x7f0000002140)) sendmsg$nl_generic(r0, &(0x7f0000000080)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f00000021c0)=ANY=[@ANYBLOB="00b4fc90db7a61317c0000000000e2607ad18ac56e68302c5c5bf06dbf9a9ea905a348fc46afa45b58b9bc74ba29e8b6c591d0b72124fc6299c637a3b58469a9846dccffc03302c033032e404b886e53d52b3fa6c0ed1574804fb755942ccce6e3efd11a642c2164ff25feef9dba250d32ac51eb9a779d02fcc3d161a93fecec8865040f7081e12d612ef85b68cf4f6db3f1535aadb5b6dbef74fdb20f73768db278fd9623b8f51f0072f3ef9ed76de5f6d732a5f865a3d0"], 0x14}, 0x1}, 0x0) [ 222.794412] user_path_at_empty+0x2d/0x50 [ 222.818814] do_mount+0x15f/0x2bb0 [ 222.822354] ? copy_mount_string+0x40/0x40 [ 222.826594] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 222.831612] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 222.836369] ? retint_kernel+0x10/0x10 [ 222.840260] ? copy_mount_options+0x149/0x2e0 [ 222.844756] ? __sanitizer_cov_trace_pc+0x2b/0x50 [ 222.849594] ? copy_mount_options+0x1f7/0x2e0 [ 222.854086] SyS_mount+0xab/0x120 [ 222.857572] ? copy_mnt_ns+0xb30/0xb30 [ 222.861465] do_syscall_64+0x281/0x940 2018/04/01 00:14:23 executing program 7: r0 = dup(0xffffffffffffffff) poll(&(0x7f0000002800)=[{}], 0x1, 0xf038) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0x40085400, &(0x7f0000000000)={0x7}) [ 222.865415] ? vmalloc_sync_all+0x30/0x30 [ 222.869558] ? _raw_spin_unlock_irq+0x27/0x70 [ 222.874054] ? finish_task_switch+0x1c1/0x7e0 [ 222.878547] ? syscall_return_slowpath+0x550/0x550 [ 222.883481] ? syscall_return_slowpath+0x2ac/0x550 [ 222.888410] ? prepare_exit_to_usermode+0x350/0x350 [ 222.893428] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 222.898791] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 222.903638] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 222.908823] RIP: 0033:0x454e79 2018/04/01 00:14:23 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x10000, 0x1, &(0x7f0000000100)=[{&(0x7f0000000080)="e8cc365491065e01ad382a6da6703d4b27b29118f4f52663b50bfef912d0c23889056fcb01578e5ae2de6aa131bc28f4ad4494fbaf8eec7ea08287aad6f13537533fbcf8fd3cfa163c6fa19400b2b39c4d0fefdb14c7ff0bd99c94215375", 0x5e, 0x835}], 0x10000, &(0x7f0000000140)={[{@nocase='nocase', 0x2c}, {@quiet='quiet', 0x2c}, {@sys_immutable='sys_immutable', 0x2c}, {@dos1xfloppy='dos1xfloppy', 0x2c}, {@check_normal='check=normal', 0x2c}, {@time_offset={'time_offset', 0x3d, [0x34]}, 0x2c}]}) 2018/04/01 00:14:23 executing program 3: accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000740), 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00006f3ff0)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$KDGKBLED(r0, 0x40045108, &(0x7f0000000000)) r1 = open(&(0x7f0000000040)='./bus\x00', 0x40000, 0x0) fallocate(r1, 0x0, 0x0, 0x4) 2018/04/01 00:14:23 executing program 1: r0 = syz_open_dev$adsp(&(0x7f0000000440)='/dev/adsp#\x00', 0x7, 0x2080000) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000080)=""/222) connect$can_bcm(r0, &(0x7f0000000180)={0x1d}, 0x10) r1 = fcntl$getown(r0, 0x9) wait4(r1, &(0x7f00000003c0), 0x80000001, 0x0) mmap(&(0x7f000000c000/0x2000)=nil, 0x2000, 0x10000003, 0x100000000030, r0, 0x0) pipe2(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000bc8000)={0xaa}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'ip6gretap0\x00', 0x4000}) r4 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) r5 = openat$ion(0xffffffffffffff9c, &(0x7f0000005ff7)='/dev/ion\x00', 0x0, 0x0) set_mempolicy(0x3, &(0x7f00000d9ff8), 0x400) ioctl(r5, 0xc0184900, &(0x7f0000000380)="60bc836ead2c9193cf") openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x80000, 0x0) rmdir(&(0x7f0000000400)='./file1\x00') write$sndseq(r4, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00003b3000)='./file0\x00') r6 = syz_open_procfs(0x0, &(0x7f0000000040)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a") ioctl$DRM_IOCTL_RES_CTX(r6, 0xc0185879, &(0x7f0000000080)={0x2a0, &(0x7f0000001540)}) sendmsg$inet_sctp(r6, &(0x7f00000014c0)={&(0x7f0000000180)=@in6={0xa, 0x4e22, 0x6, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x6}, 0x1c, &(0x7f0000001400)=[{&(0x7f00000001c0)="1605dd", 0x3}], 0x1, &(0x7f0000001480), 0x0, 0x20000800}, 0x40000) semget$private(0x0, 0xfffffffffffffffc, 0x3d) syz_fuse_mount(&(0x7f0000000140)='./file0\x00', 0x4002, 0x0, 0x0, 0x8, 0x10c820) dup2(0xffffffffffffffff, r3) futex(&(0x7f00000001c0)=0x10000004, 0x80000000000b, 0x4, &(0x7f0000000000)={0x0, 0x1c9c380}, &(0x7f0000048000), 0x0) getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000300)=""/2, &(0x7f0000000340)=0x2) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0x4e24, @multicast2=0xe0000002}, {0x1, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xf}}, 0x18, {0x2, 0x4e22, @multicast1=0xe0000001}, 'syz_tun\x00'}) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) [ 222.912009] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 222.919715] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 222.926981] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 222.934248] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 222.941515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.948785] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:23 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r0, 0x0, r0) ioctl$DRM_IOCTL_IRQ_BUSID(r2, 0xc0106403, &(0x7f00000000c0)={0x3, 0x8000, 0x0, 0x1}) recvmmsg(r1, &(0x7f0000002700)=[{{&(0x7f0000000040)=@pppoe={0x0, 0x0, {0x0, @link_local}}, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000100)=""/202, 0xca, 0x92e}, 0x5}, {{&(0x7f0000000200)=@rc, 0x80, &(0x7f0000000680)=[{&(0x7f0000000280)=""/49, 0x31}, {&(0x7f00000002c0)=""/115, 0x73}, {&(0x7f0000000340)=""/90, 0x5a}, {&(0x7f00000003c0)=""/10, 0xa}, {&(0x7f0000000400)=""/229, 0xe5}, {&(0x7f0000000500)=""/161, 0xa1}, {&(0x7f00000005c0)=""/135, 0x87}], 0x7, &(0x7f0000000700)=""/122, 0x7a, 0x7ff}, 0x6}, {{&(0x7f0000000780)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000800)=""/193, 0xc1}, {&(0x7f0000000900)=""/162, 0xa2}, {&(0x7f00000009c0)=""/160, 0xa0}, {&(0x7f0000000a80)=""/131, 0x83}], 0x4, 0x0, 0x0, 0x8}, 0x7}, {{&(0x7f0000000b80)=@vsock={0x0, 0x0, 0x0, @host}, 0x80, &(0x7f0000001100)=[{&(0x7f0000000c00)=""/36, 0x24}, {&(0x7f0000000c40)=""/53, 0x35}, {&(0x7f0000000c80)=""/118, 0x76}, {&(0x7f0000000d00)=""/242, 0xf2}, {&(0x7f0000000e00)=""/229, 0xe5}, {&(0x7f0000000f00)=""/147, 0x93}, {&(0x7f0000000fc0)=""/232, 0xe8}, {&(0x7f00000010c0)=""/53, 0x35}], 0x8, &(0x7f0000001180)=""/4096, 0x1000, 0x23}, 0x100000001}, {{&(0x7f0000002180)=@in={0x0, 0x0, @broadcast}, 0x80, &(0x7f0000002380)=[{&(0x7f0000002200)=""/95, 0x5f}, {&(0x7f0000002280)=""/174, 0xae}, {&(0x7f0000002340)=""/24, 0x18}], 0x3, &(0x7f00000023c0)=""/195, 0xc3, 0x280}}, {{&(0x7f00000024c0)=@ax25, 0x80, &(0x7f0000002680)=[{&(0x7f0000002540)=""/137, 0x89}, {&(0x7f0000002600)=""/88, 0x58}], 0x2, &(0x7f00000026c0)=""/55, 0x37}, 0x6}], 0x6, 0x60, &(0x7f0000002880)) socket$inet6(0xa, 0x2, 0x9) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000028c0)={0x0, 0x0, 0x8}, &(0x7f0000002900)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000002940)=@assoc_id=r4, 0x4) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) [ 222.965736] FAT-fs (loop0): bogus number of reserved sectors [ 222.971607] FAT-fs (loop0): Can't find a valid FAT filesystem [ 222.998355] FAT-fs (loop4): bogus number of reserved sectors [ 223.004260] FAT-fs (loop4): This doesn't look like a DOS 1.x volume; no bootstrapping code [ 223.012704] FAT-fs (loop4): Can't find a valid FAT filesystem 2018/04/01 00:14:23 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000040)=@ethtool_ringparam={0x10, 0xfff, 0x0, 0x101, 0x3feb113f, 0x9, 0x3, 0x3, 0x200}}) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:23 executing program 5 (fault-call:3 fault-nth:0): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:23 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:23 executing program 6 (fault-call:0 fault-nth:12): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:23 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x8000, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000040)={0xfff, 0x9}) mkdir(&(0x7f00000000c0)='./file0\x00', 0xfffffbffff7ffffc) [ 223.134842] FAT-fs (loop0): bogus number of reserved sectors [ 223.140733] FAT-fs (loop0): Can't find a valid FAT filesystem [ 223.152610] FAULT_INJECTION: forcing a failure. [ 223.152610] name failslab, interval 1, probability 0, space 0, times 0 [ 223.161487] FAULT_INJECTION: forcing a failure. [ 223.161487] name failslab, interval 1, probability 0, space 0, times 0 [ 223.163876] CPU: 1 PID: 18794 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 223.182221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.191560] Call Trace: [ 223.194138] dump_stack+0x194/0x24d [ 223.197752] ? arch_local_irq_restore+0x53/0x53 [ 223.202406] ? lock_downgrade+0x980/0x980 [ 223.206546] should_fail+0x8c0/0xa40 [ 223.210244] ? trace_hardirqs_off+0x10/0x10 [ 223.214639] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 223.219731] ? is_bpf_text_address+0xa4/0x120 [ 223.224213] ? find_held_lock+0x35/0x1d0 [ 223.228270] ? check_same_owner+0x320/0x320 [ 223.232574] ? putname+0xee/0x130 [ 223.236009] ? filename_lookup+0x315/0x500 [ 223.240226] ? user_path_at_empty+0x40/0x50 [ 223.244536] ? rcu_note_context_switch+0x710/0x710 [ 223.249445] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 223.254793] should_failslab+0xec/0x120 [ 223.258750] kmem_cache_alloc+0x47/0x760 [ 223.262792] ? free_obj_work+0x690/0x690 [ 223.266839] alloc_vfsmnt+0xe0/0x9c0 [ 223.270538] ? path_lookupat+0x238/0xba0 [ 223.274582] ? mnt_free_id.isra.21+0x50/0x50 [ 223.278974] ? trace_hardirqs_off+0x10/0x10 [ 223.283281] ? putname+0xee/0x130 [ 223.286731] ? putname+0xee/0x130 [ 223.290170] ? rcu_read_lock_sched_held+0x108/0x120 [ 223.295170] ? find_held_lock+0x35/0x1d0 [ 223.299218] ? __get_fs_type+0x8a/0xc0 [ 223.303092] ? lock_downgrade+0x980/0x980 [ 223.307223] ? module_unload_free+0x5b0/0x5b0 [ 223.311709] ? lock_release+0xa40/0xa40 [ 223.315671] ? mpi_resize+0x200/0x200 [ 223.319462] vfs_kern_mount.part.26+0x84/0x4a0 [ 223.324030] ? may_umount+0xa0/0xa0 [ 223.327652] ? _raw_read_unlock+0x22/0x30 [ 223.331780] ? __get_fs_type+0x8a/0xc0 [ 223.335653] do_mount+0xea4/0x2bb0 [ 223.339176] ? copy_mount_string+0x40/0x40 [ 223.343395] ? rcu_pm_notify+0xc0/0xc0 [ 223.347270] ? copy_mount_options+0x5f/0x2e0 [ 223.351663] ? rcu_read_lock_sched_held+0x108/0x120 [ 223.356663] ? kmem_cache_alloc_trace+0x459/0x740 [ 223.361489] ? kasan_check_write+0x14/0x20 [ 223.365713] ? copy_mount_options+0x1f7/0x2e0 [ 223.370194] SyS_mount+0xab/0x120 [ 223.373628] ? copy_mnt_ns+0xb30/0xb30 [ 223.377502] do_syscall_64+0x281/0x940 [ 223.381376] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 223.386895] ? syscall_return_slowpath+0x550/0x550 [ 223.391804] ? syscall_return_slowpath+0x2ac/0x550 [ 223.396722] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 223.402082] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 223.406910] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 223.412084] RIP: 0033:0x454e79 [ 223.415430] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 223.423124] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 223.430377] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 223.437628] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 223.444878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.452132] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 223.459402] CPU: 0 PID: 18785 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 223.466589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.475941] Call Trace: [ 223.478536] dump_stack+0x194/0x24d [ 223.482189] ? arch_local_irq_restore+0x53/0x53 [ 223.486857] ? __fdget_pos+0x12b/0x190 [ 223.490747] should_fail+0x8c0/0xa40 [ 223.494445] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 223.499529] ? find_held_lock+0x35/0x1d0 [ 223.503571] ? _parse_integer+0xe9/0x140 [ 223.507614] ? find_held_lock+0x35/0x1d0 [ 223.511661] ? check_same_owner+0x320/0x320 [ 223.515961] ? rcu_note_context_switch+0x710/0x710 [ 223.520871] ? find_held_lock+0x35/0x1d0 [ 223.524919] should_failslab+0xec/0x120 [ 223.528873] kmem_cache_alloc+0x47/0x760 [ 223.532912] ? lock_downgrade+0x980/0x980 [ 223.537045] ? get_pid_task+0xbc/0x140 [ 223.540913] getname_flags+0xcb/0x580 [ 223.544693] ? handle_mm_fault+0x35b/0xb10 [ 223.548906] SyS_rename+0x220/0xc90 [ 223.552512] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 223.557333] ? SyS_renameat+0xca0/0xca0 [ 223.561287] ? __lock_is_held+0xb6/0x140 [ 223.565330] ? __sb_end_write+0xa0/0xd0 [ 223.569291] ? fput+0xd2/0x140 [ 223.572462] ? SyS_write+0x184/0x220 [ 223.576154] ? SyS_read+0x220/0x220 [ 223.579759] ? do_syscall_64+0xb7/0x940 [ 223.583712] ? SyS_renameat+0xca0/0xca0 [ 223.587663] do_syscall_64+0x281/0x940 [ 223.591528] ? vmalloc_sync_all+0x30/0x30 [ 223.595651] ? _raw_spin_unlock_irq+0x27/0x70 [ 223.603939] ? finish_task_switch+0x1c1/0x7e0 [ 223.608411] ? syscall_return_slowpath+0x550/0x550 [ 223.613317] ? syscall_return_slowpath+0x2ac/0x550 [ 223.618221] ? prepare_exit_to_usermode+0x350/0x350 [ 223.623214] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 223.628554] ? trace_hardirqs_off_thunk+0x1a/0x1c 2018/04/01 00:14:24 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) r1 = semget$private(0x0, 0x2, 0x30) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast2, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f0000000440)=0xe8) fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) semctl$IPC_SET(r1, 0x0, 0x1, &(0x7f0000000600)={{0x8001, r2, r3, r4, r5, 0xc0, 0x80}, 0x5, 0x8, 0x6}) statx(r0, &(0x7f0000000040)='./file0\x00', 0x7400, 0x80, &(0x7f0000000080)) fallocate(r0, 0x0, 0x0, 0x4) [ 223.633373] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 223.638537] RIP: 0033:0x454e79 [ 223.641699] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 223.649383] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 223.656628] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 223.663872] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 223.671125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 223.678378] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000000 2018/04/01 00:14:24 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:24 executing program 6 (fault-call:0 fault-nth:13): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:24 executing program 4: unlink(&(0x7f0000000000)='./file0\x00') mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 223.818931] FAT-fs (loop0): bogus number of reserved sectors [ 223.824939] FAT-fs (loop0): Can't find a valid FAT filesystem [ 223.848071] FAULT_INJECTION: forcing a failure. [ 223.848071] name failslab, interval 1, probability 0, space 0, times 0 [ 223.859447] CPU: 1 PID: 18813 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 223.866639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 223.875991] Call Trace: [ 223.878590] dump_stack+0x194/0x24d [ 223.882223] ? arch_local_irq_restore+0x53/0x53 [ 223.886901] ? lock_downgrade+0x980/0x980 [ 223.891072] should_fail+0x8c0/0xa40 [ 223.894791] ? trace_hardirqs_off+0x10/0x10 [ 223.899124] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 223.904234] ? is_bpf_text_address+0xa4/0x120 [ 223.908726] ? find_held_lock+0x35/0x1d0 [ 223.912782] ? check_same_owner+0x320/0x320 [ 223.917084] ? putname+0xee/0x130 [ 223.920514] ? filename_lookup+0x315/0x500 [ 223.924722] ? user_path_at_empty+0x40/0x50 [ 223.929024] ? rcu_note_context_switch+0x710/0x710 [ 223.933929] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 223.939271] should_failslab+0xec/0x120 [ 223.943395] kmem_cache_alloc+0x47/0x760 [ 223.947433] ? free_obj_work+0x690/0x690 [ 223.951476] alloc_vfsmnt+0xe0/0x9c0 [ 223.955167] ? mnt_free_id.isra.21+0x50/0x50 [ 223.959553] ? trace_hardirqs_off+0x10/0x10 [ 223.963850] ? putname+0xee/0x130 [ 223.967276] ? putname+0xee/0x130 [ 223.970709] ? find_held_lock+0x35/0x1d0 [ 223.974750] ? __get_fs_type+0x8a/0xc0 [ 223.978615] ? lock_downgrade+0x980/0x980 [ 223.982737] ? module_unload_free+0x5b0/0x5b0 [ 223.987208] ? retint_kernel+0x10/0x10 [ 223.991076] vfs_kern_mount.part.26+0x84/0x4a0 [ 223.995638] ? may_umount+0xa0/0xa0 [ 223.999243] ? _raw_read_unlock+0x22/0x30 [ 224.003375] ? __get_fs_type+0x8a/0xc0 [ 224.007244] do_mount+0xea4/0x2bb0 [ 224.010769] ? copy_mount_string+0x40/0x40 [ 224.014989] ? rcu_pm_notify+0xc0/0xc0 [ 224.018862] ? copy_mount_options+0x5f/0x2e0 [ 224.023243] ? rcu_read_lock_sched_held+0x108/0x120 [ 224.028235] ? kmem_cache_alloc_trace+0x459/0x740 [ 224.033055] ? kasan_check_write+0x14/0x20 [ 224.037265] ? _copy_from_user+0x99/0x110 [ 224.041389] ? copy_mount_options+0x1f7/0x2e0 [ 224.045861] SyS_mount+0xab/0x120 [ 224.049287] ? copy_mnt_ns+0xb30/0xb30 [ 224.053150] do_syscall_64+0x281/0x940 [ 224.057014] ? vmalloc_sync_all+0x30/0x30 [ 224.061140] ? _raw_spin_unlock_irq+0x27/0x70 [ 224.065608] ? finish_task_switch+0x1c1/0x7e0 [ 224.070079] ? syscall_return_slowpath+0x550/0x550 [ 224.074983] ? syscall_return_slowpath+0x2ac/0x550 [ 224.079889] ? prepare_exit_to_usermode+0x350/0x350 [ 224.084879] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 224.090219] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.095038] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 224.100202] RIP: 0033:0x454e79 [ 224.103367] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 224.111052] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 224.118303] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 224.125545] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 224.132789] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.140032] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:24 executing program 5 (fault-call:3 fault-nth:1): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:24 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000080)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) r2 = openat$cgroup_int(r0, &(0x7f0000000180)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0) set_robust_list(&(0x7f0000000040)={0x0, 0x7}, 0x18) dup3(r1, r2, 0x0) r3 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$read(0xb, r3, &(0x7f00000001c0)=""/241, 0xf1) 2018/04/01 00:14:24 executing program 4: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x4a3e, 0x10000) unlink(&(0x7f0000000040)='./file0\x00') r1 = socket$inet_icmp(0x2, 0x2, 0x1) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r0, 0x50, &(0x7f0000000140)}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r0, 0x50, &(0x7f0000000280)}, 0x10) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000003c0)={r0, 0x50, &(0x7f0000000340)={0x0, 0x0}}, 0x10) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000240)=r2, 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000080)={r1, r3}) mkdir(&(0x7f00002b2000)='./file0\x00', 0x42) 2018/04/01 00:14:24 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x141045, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:24 executing program 7: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000028000007a0a00ffffffff006b01"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000500)=""/206}, 0x48) ioctl$TUNSETLINK(r0, 0x400454cd, 0x309) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48) 2018/04/01 00:14:24 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:24 executing program 6 (fault-call:0 fault-nth:14): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:24 executing program 1: clone(0x200, &(0x7f0000151000), &(0x7f0000000080), &(0x7f0000f8b000), &(0x7f0000000100)) mknod(&(0x7f0000b75ff8)='./file0\x00', 0x2001001, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000240), &(0x7f0000000480)) r0 = syz_open_procfs(0x0, &(0x7f0000000280)='syscall\x00') r1 = getpgid(0x0) sched_setaffinity(r1, 0x8, &(0x7f00009ad000)=0x1) preadv(r0, &(0x7f0000000040)=[{&(0x7f00006f0000)=""/154, 0x9a}], 0x1, 0x0) execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000540)) execve(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)=[&(0x7f0000000100)='#\x00', &(0x7f0000000140)='#cgroupnodev-\x00', &(0x7f0000000180)='cgroupvboxnet1*,\x00', &(0x7f00000001c0)='syscall\x00', &(0x7f0000000200)='syscall\x00', &(0x7f0000000240)='\x00'], &(0x7f0000000440)=[&(0x7f0000000300)='bdev:!selinux\x00', &(0x7f0000000340)='posix_acl_access)\x00', &(0x7f0000000380)='vboxnet0+eth0\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='syscall\x00']) creat(&(0x7f0000b7a000)='./file0\x00', 0x0) lsetxattr(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)=@known='trusted.syz\x00', &(0x7f0000000500)='@Wwlan1\x00', 0x8, 0x2) 2018/04/01 00:14:24 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400, 0x40) ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000040)={0x0, 0x1000, 0x4}) socket$packet(0x11, 0x3, 0x300) socket$inet6(0xa, 0x5, 0x0) [ 224.224788] FAULT_INJECTION: forcing a failure. [ 224.224788] name failslab, interval 1, probability 0, space 0, times 0 [ 224.236057] CPU: 0 PID: 18839 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 224.243237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.252591] Call Trace: [ 224.255185] dump_stack+0x194/0x24d [ 224.258826] ? arch_local_irq_restore+0x53/0x53 [ 224.263501] ? __unwind_start+0x169/0x330 [ 224.267660] ? __kernel_text_address+0xd/0x40 [ 224.272165] should_fail+0x8c0/0xa40 [ 224.275885] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.281003] ? save_stack+0xa3/0xd0 [ 224.284628] ? save_stack+0x43/0xd0 [ 224.288252] ? kasan_kmalloc+0xad/0xe0 [ 224.292137] ? kasan_slab_alloc+0x12/0x20 [ 224.296369] ? kmem_cache_alloc+0x12e/0x760 [ 224.300688] ? alloc_vfsmnt+0xe0/0x9c0 [ 224.304582] ? vfs_kern_mount.part.26+0x84/0x4a0 [ 224.309345] ? do_mount+0xea4/0x2bb0 [ 224.313063] ? find_held_lock+0x35/0x1d0 [ 224.317140] ? check_same_owner+0x320/0x320 [ 224.321468] ? rcu_note_context_switch+0x710/0x710 [ 224.326401] should_failslab+0xec/0x120 [ 224.330375] __kmalloc_track_caller+0x5f/0x760 [ 224.334966] ? do_raw_spin_trylock+0x190/0x190 [ 224.339546] ? kstrdup_const+0x39/0x50 [ 224.343438] kstrdup+0x39/0x70 [ 224.346621] kstrdup_const+0x39/0x50 [ 224.350314] alloc_vfsmnt+0x1a5/0x9c0 [ 224.354114] ? path_lookupat+0x238/0xba0 [ 224.358165] ? mnt_free_id.isra.21+0x50/0x50 [ 224.362569] ? trace_hardirqs_off+0x10/0x10 [ 224.367060] ? putname+0xee/0x130 [ 224.370496] ? putname+0xee/0x130 [ 224.373926] ? rcu_read_lock_sched_held+0x108/0x120 [ 224.378931] ? find_held_lock+0x35/0x1d0 [ 224.382990] ? __get_fs_type+0x8a/0xc0 [ 224.386867] ? lock_downgrade+0x980/0x980 [ 224.391007] ? module_unload_free+0x5b0/0x5b0 [ 224.395502] ? lock_release+0xa40/0xa40 [ 224.399458] ? mpi_resize+0x200/0x200 [ 224.403242] vfs_kern_mount.part.26+0x84/0x4a0 [ 224.407809] ? may_umount+0xa0/0xa0 [ 224.411422] ? _raw_read_unlock+0x22/0x30 [ 224.415553] ? __get_fs_type+0x8a/0xc0 [ 224.419428] do_mount+0xea4/0x2bb0 [ 224.422962] ? copy_mount_string+0x40/0x40 [ 224.427177] ? rcu_pm_notify+0xc0/0xc0 [ 224.431055] ? copy_mount_options+0x5f/0x2e0 [ 224.435457] ? rcu_read_lock_sched_held+0x108/0x120 [ 224.440459] ? kmem_cache_alloc_trace+0x459/0x740 [ 224.445290] ? kasan_check_write+0x14/0x20 [ 224.449506] ? _copy_from_user+0x99/0x110 [ 224.453639] ? copy_mount_options+0x1f7/0x2e0 [ 224.458111] SyS_mount+0xab/0x120 [ 224.461551] ? copy_mnt_ns+0xb30/0xb30 [ 224.465434] do_syscall_64+0x281/0x940 [ 224.469309] ? vmalloc_sync_all+0x30/0x30 [ 224.473436] ? _raw_spin_unlock_irq+0x27/0x70 [ 224.477911] ? finish_task_switch+0x1c1/0x7e0 [ 224.482746] ? syscall_return_slowpath+0x550/0x550 [ 224.487654] ? syscall_return_slowpath+0x2ac/0x550 [ 224.492562] ? prepare_exit_to_usermode+0x350/0x350 [ 224.497557] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 224.502909] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.507747] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 224.512910] RIP: 0033:0x454e79 [ 224.516086] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/04/01 00:14:25 executing program 2: r0 = socket(0x10, 0x3, 0x0) pwrite64(r0, &(0x7f0000000080)="a79de23338a302ae53ddc77deed57baccb457e66180e6320eb70bf422a83c5f2e31e991808c9011f1fdbb80c1b91bcbfb0109b0f62d20b3bcc1139a828a152cb943f050ae08d6401b83fd44d2ac45fb7b28c8f9a5b1b74daaab0c21849bb267bba07d5422c4753885c39f8af963b5ef8f82778eee0cdf1ed5d122f724e72eb0ec44ad95fe266f780698589850c3150efe16d91f58de5", 0x96, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3}]}, 0x34}, 0x1}, 0x0) 2018/04/01 00:14:25 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x100) [ 224.523778] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 224.531029] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 224.538288] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 224.545541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.552786] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 224.588109] FAT-fs (loop0): bogus number of reserved sectors [ 224.594185] FAT-fs (loop0): Can't find a valid FAT filesystem [ 224.597061] FAULT_INJECTION: forcing a failure. [ 224.597061] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 224.611855] CPU: 0 PID: 18843 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 224.619040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.628392] Call Trace: [ 224.630986] dump_stack+0x194/0x24d [ 224.634623] ? arch_local_irq_restore+0x53/0x53 [ 224.639307] should_fail+0x8c0/0xa40 [ 224.643023] ? __lock_acquire+0x664/0x3e00 [ 224.647261] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.652457] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 224.657672] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 224.662860] ? print_irqtrace_events+0x270/0x270 [ 224.667618] ? print_irqtrace_events+0x270/0x270 [ 224.672401] ? trace_hardirqs_off+0x10/0x10 [ 224.676723] ? __fdget_pos+0x12b/0x190 [ 224.680611] ? trace_hardirqs_off+0x10/0x10 2018/04/01 00:14:25 executing program 4: r0 = creat(&(0x7f0000000000)='./file0\x00', 0xc) ioctl$TCSBRKP(r0, 0x5425, 0x43) mkdir(&(0x7f0000000080)='./file0\x00', 0x3de6402a86496afd) 2018/04/01 00:14:25 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffffffffffbfd, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) sched_setattr(0x0, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x3e}, 0x0) mknod(&(0x7f0000b75ff8)='./file0\x00', 0x2001001, 0x0) r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0) open(&(0x7f0000000100)='./file0\x00', 0x0, 0x0) ioctl$TCSETSW(r1, 0x5402, &(0x7f00009dc000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}) r3 = syz_open_pts(r1, 0x200000000) readv(r3, &(0x7f00001aa000)=[{&(0x7f00006aaf01)=""/255, 0xff}], 0x1) r4 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x0, 0x2) add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffa) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000000140)) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f00000000c0)={0xffffffffffffffe1, 0x0, 0x6, 0x0, 0xcbbe}) ioctl$KVM_GET_DIRTY_LOG(r4, 0x4010ae42, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil}) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x2) ioctl$TCSETS(r3, 0x5402, &(0x7f0000000000)={0x6, 0x10000000, 0x4, 0x9, 0x0, 0x1, 0x0, 0x800, 0x8, 0x40, 0x1, 0x1}) r5 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r5) ioctl$TCSETAW(r1, 0x5407, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7636}) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETGROUP(r4, 0x400454ce, r6) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={0xffffffffffffffff, &(0x7f0000000380)="8281f22d00259f3966a7515e1811fe7fc41282e89a92cab2af256880da31befd8098854e3028ff8ee02be574edc779c0f77d04cff5846ff9448e996d881793a2faa725df2bec8092d2141f34c753b7973f10cd5920c4febf2805baeb4505e69a5068", &(0x7f0000000480)=""/31}, 0x18) close(r1) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000640)={0x3, 0x6}) getsockopt$inet6_mreq(r4, 0x29, 0x1f, &(0x7f0000000180)={@mcast1, 0x0}, &(0x7f0000000500)=0x14) bind$can_raw(0xffffffffffffffff, &(0x7f0000000600)={0x1d, r7}, 0x10) 2018/04/01 00:14:25 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000100)=""/41, &(0x7f0000000140)=0x29) getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f0000000040)=""/77, &(0x7f00000000c0)=0x4d) getsockopt$nfc_llcp(r0, 0x118, 0x3, &(0x7f0000000180), 0x0) 2018/04/01 00:14:25 executing program 6 (fault-call:0 fault-nth:15): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 224.684948] ? __lock_acquire+0x664/0x3e00 [ 224.689180] ? check_same_owner+0x320/0x320 [ 224.693502] ? should_fail+0x23b/0xa40 [ 224.697393] __alloc_pages_nodemask+0x327/0xdd0 [ 224.702065] ? __alloc_pages_slowpath+0x2d10/0x2d10 [ 224.707086] ? find_held_lock+0x35/0x1d0 [ 224.711164] ? check_same_owner+0x320/0x320 [ 224.715495] cache_grow_begin+0x72/0x640 [ 224.719578] kmem_cache_alloc+0x400/0x760 [ 224.723726] ? lock_downgrade+0x980/0x980 [ 224.727878] ? get_pid_task+0xbc/0x140 [ 224.731801] getname_flags+0xcb/0x580 [ 224.735610] ? handle_mm_fault+0x35b/0xb10 [ 224.739846] SyS_rename+0x220/0xc90 [ 224.743478] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 224.748322] ? SyS_renameat+0xca0/0xca0 [ 224.752295] ? __lock_is_held+0xb6/0x140 [ 224.756349] ? __sb_end_write+0xa0/0xd0 [ 224.760316] ? fput+0xd2/0x140 [ 224.763499] ? SyS_write+0x184/0x220 [ 224.767202] ? SyS_read+0x220/0x220 [ 224.770815] ? do_syscall_64+0xb7/0x940 [ 224.774786] ? SyS_renameat+0xca0/0xca0 [ 224.778754] do_syscall_64+0x281/0x940 [ 224.782629] ? vmalloc_sync_all+0x30/0x30 [ 224.786757] ? _raw_spin_unlock_irq+0x27/0x70 [ 224.791239] ? finish_task_switch+0x1c1/0x7e0 [ 224.795720] ? syscall_return_slowpath+0x550/0x550 [ 224.800645] ? syscall_return_slowpath+0x2ac/0x550 [ 224.805567] ? prepare_exit_to_usermode+0x350/0x350 [ 224.810572] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 224.815927] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 224.820761] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 224.825925] RIP: 0033:0x454e79 [ 224.829087] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 224.836773] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 224.844027] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 224.851281] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 224.858527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 224.865776] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000001 2018/04/01 00:14:25 executing program 5 (fault-call:3 fault-nth:2): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 224.886123] FAULT_INJECTION: forcing a failure. [ 224.886123] name failslab, interval 1, probability 0, space 0, times 0 [ 224.897422] CPU: 0 PID: 18873 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 224.904610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 224.913957] Call Trace: [ 224.916551] dump_stack+0x194/0x24d [ 224.920184] ? arch_local_irq_restore+0x53/0x53 [ 224.924850] ? __unwind_start+0x169/0x330 [ 224.928992] ? __kernel_text_address+0xd/0x40 [ 224.933492] should_fail+0x8c0/0xa40 [ 224.937210] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 224.942324] ? save_stack+0xa3/0xd0 [ 224.944184] FAULT_INJECTION: forcing a failure. [ 224.944184] name failslab, interval 1, probability 0, space 0, times 0 [ 224.945952] ? save_stack+0x43/0xd0 [ 224.945963] ? kasan_kmalloc+0xad/0xe0 [ 224.945972] ? kasan_slab_alloc+0x12/0x20 [ 224.945982] ? kmem_cache_alloc+0x12e/0x760 [ 224.945993] ? alloc_vfsmnt+0xe0/0x9c0 [ 224.946002] ? vfs_kern_mount.part.26+0x84/0x4a0 [ 224.946008] ? do_mount+0xea4/0x2bb0 [ 224.946021] ? find_held_lock+0x35/0x1d0 [ 224.946041] ? check_same_owner+0x320/0x320 [ 224.946052] ? rcu_note_context_switch+0x710/0x710 [ 224.946066] should_failslab+0xec/0x120 [ 224.946080] __kmalloc_track_caller+0x5f/0x760 [ 224.946090] ? do_raw_spin_trylock+0x190/0x190 [ 225.012012] ? kstrdup_const+0x39/0x50 [ 225.015887] kstrdup+0x39/0x70 [ 225.019066] kstrdup_const+0x39/0x50 [ 225.022768] alloc_vfsmnt+0x1a5/0x9c0 [ 225.026548] ? path_lookupat+0x238/0xba0 [ 225.030592] ? mnt_free_id.isra.21+0x50/0x50 [ 225.034987] ? trace_hardirqs_off+0x10/0x10 [ 225.039291] ? putname+0xee/0x130 [ 225.042841] ? putname+0xee/0x130 [ 225.046275] ? rcu_read_lock_sched_held+0x108/0x120 [ 225.051275] ? find_held_lock+0x35/0x1d0 [ 225.055321] ? __get_fs_type+0x8a/0xc0 [ 225.059189] ? lock_downgrade+0x980/0x980 [ 225.063318] ? module_unload_free+0x5b0/0x5b0 [ 225.067793] ? lock_release+0xa40/0xa40 [ 225.071749] ? mpi_resize+0x200/0x200 [ 225.075534] vfs_kern_mount.part.26+0x84/0x4a0 [ 225.080098] ? may_umount+0xa0/0xa0 [ 225.083707] ? _raw_read_unlock+0x22/0x30 [ 225.087836] ? __get_fs_type+0x8a/0xc0 [ 225.091710] do_mount+0xea4/0x2bb0 [ 225.095233] ? copy_mount_string+0x40/0x40 [ 225.099447] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 225.104448] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 225.109189] ? retint_kernel+0x10/0x10 [ 225.113061] ? copy_mount_options+0x18b/0x2e0 [ 225.117536] ? audit_kill_trees+0x430/0x430 [ 225.121841] ? copy_mount_options+0x1f7/0x2e0 [ 225.126320] SyS_mount+0xab/0x120 [ 225.129753] ? copy_mnt_ns+0xb30/0xb30 [ 225.133619] do_syscall_64+0x281/0x940 [ 225.137491] ? vmalloc_sync_all+0x30/0x30 [ 225.141620] ? _raw_spin_unlock_irq+0x27/0x70 [ 225.146094] ? finish_task_switch+0x1c1/0x7e0 [ 225.150569] ? syscall_return_slowpath+0x550/0x550 [ 225.155480] ? syscall_return_slowpath+0x2ac/0x550 [ 225.160389] ? prepare_exit_to_usermode+0x350/0x350 [ 225.165385] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 225.170736] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.175563] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 225.180734] RIP: 0033:0x454e79 [ 225.183904] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 225.191591] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 225.198844] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 225.206096] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 225.213344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.220591] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 225.227853] CPU: 1 PID: 18881 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 225.235032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.244382] Call Trace: [ 225.246976] dump_stack+0x194/0x24d [ 225.250777] ? arch_local_irq_restore+0x53/0x53 [ 225.255445] should_fail+0x8c0/0xa40 [ 225.259157] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 225.264257] ? __isolate_free_page+0x8a0/0x8a0 [ 225.268836] ? find_held_lock+0x35/0x1d0 [ 225.272895] ? __lock_is_held+0xb6/0x140 [ 225.276954] ? check_same_owner+0x320/0x320 [ 225.281271] ? rcu_note_context_switch+0x710/0x710 [ 225.286194] ? __save_stack_trace+0x7e/0xd0 2018/04/01 00:14:25 executing program 6 (fault-call:0 fault-nth:16): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 225.290513] should_failslab+0xec/0x120 [ 225.294481] kmem_cache_alloc+0x47/0x760 [ 225.298535] ? print_irqtrace_events+0x270/0x270 [ 225.303288] ? __lock_acquire+0x664/0x3e00 [ 225.307516] __d_alloc+0xc1/0xbd0 [ 225.310960] ? print_irqtrace_events+0x270/0x270 [ 225.315706] ? shrink_dcache_for_umount+0x290/0x290 [ 225.320717] ? __lock_acquire+0x664/0x3e00 [ 225.324945] ? __lock_acquire+0x664/0x3e00 [ 225.329170] ? find_held_lock+0x35/0x1d0 [ 225.333229] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 225.334883] FAULT_INJECTION: forcing a failure. [ 225.334883] name failslab, interval 1, probability 0, space 0, times 0 [ 225.338405] ? lock_pin_lock+0x360/0x360 [ 225.338421] d_alloc+0x8e/0x340 [ 225.338434] ? __mem_cgroup_largest_soft_limit_node+0x780/0x780 [ 225.338442] ? __d_alloc+0xbd0/0xbd0 [ 225.338454] ? print_irqtrace_events+0x270/0x270 [ 225.338465] d_alloc_parallel+0x152/0x1b40 [ 225.338475] ? print_irqtrace_events+0x270/0x270 [ 225.338482] ? page_add_new_anon_rmap+0x750/0x750 [ 225.338495] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 225.390308] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 225.395480] ? print_irqtrace_events+0x270/0x270 [ 225.400218] ? __d_lookup_rcu+0xa00/0xa00 [ 225.404352] ? trace_hardirqs_off+0x10/0x10 [ 225.408660] ? lock_acquire+0x1d5/0x580 [ 225.412613] ? lock_acquire+0x1d5/0x580 [ 225.416565] ? lookup_slow+0x18e/0x4d0 [ 225.420437] ? lock_release+0xa40/0xa40 [ 225.424393] ? check_same_owner+0x320/0x320 [ 225.428696] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 225.433697] ? rcu_note_context_switch+0x710/0x710 [ 225.438608] ? __might_sleep+0x95/0x190 [ 225.442563] ? down_read+0x96/0x150 [ 225.446169] ? lookup_slow+0x18e/0x4d0 [ 225.450037] ? __down_interruptible+0x6b0/0x6b0 [ 225.454685] ? print_irqtrace_events+0x270/0x270 [ 225.459423] lookup_slow+0x1e5/0x4d0 [ 225.463119] ? vfs_unlink+0x480/0x480 [ 225.466906] ? lookup_fast+0x505/0xfa0 [ 225.470773] ? find_held_lock+0x35/0x1d0 [ 225.474826] walk_component+0x89f/0x13d0 [ 225.478873] ? follow_dotdot_rcu+0x1150/0x1150 [ 225.483436] ? rcutorture_record_progress+0x10/0x10 [ 225.488433] ? path_init+0xabc/0x1fa0 [ 225.492212] ? debug_lockdep_rcu_enabled+0x77/0x90 [ 225.497123] ? security_inode_permission+0xbb/0xf0 [ 225.502031] ? inode_permission+0x88/0x470 [ 225.506243] ? __save_stack_trace+0x7e/0xd0 [ 225.510546] link_path_walk+0xd4e/0x1470 [ 225.514585] ? __follow_mount_rcu.isra.28+0x7d0/0x7d0 [ 225.519762] ? walk_component+0x13d0/0x13d0 [ 225.524065] ? find_held_lock+0x35/0x1d0 [ 225.528106] ? check_stack_object+0x68/0x140 [ 225.532498] ? __check_object_size+0x8b/0x530 [ 225.536974] path_parentat+0x43/0x140 [ 225.540754] filename_parentat+0x256/0x550 [ 225.544967] ? check_same_owner+0x320/0x320 [ 225.549270] ? getname+0x20/0x20 [ 225.552616] ? strncpy_from_user+0x323/0x430 [ 225.557005] ? mpi_resize+0x200/0x200 [ 225.560787] ? get_pid_task+0xbc/0x140 [ 225.564655] ? getname_flags+0x256/0x580 [ 225.568701] SyS_rename+0x241/0xc90 [ 225.572304] ? SyS_rename+0x241/0xc90 [ 225.576086] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 225.580909] ? SyS_renameat+0xca0/0xca0 [ 225.584867] ? __lock_is_held+0xb6/0x140 [ 225.588915] ? __sb_end_write+0xa0/0xd0 [ 225.592872] ? fput+0xd2/0x140 [ 225.596046] ? SyS_write+0x184/0x220 [ 225.599748] ? SyS_read+0x220/0x220 [ 225.603359] ? do_syscall_64+0xb7/0x940 [ 225.607315] ? SyS_renameat+0xca0/0xca0 [ 225.611268] do_syscall_64+0x281/0x940 [ 225.615134] ? vmalloc_sync_all+0x30/0x30 [ 225.619264] ? _raw_spin_unlock_irq+0x27/0x70 [ 225.623740] ? finish_task_switch+0x1c1/0x7e0 [ 225.628215] ? syscall_return_slowpath+0x550/0x550 [ 225.633121] ? syscall_return_slowpath+0x2ac/0x550 [ 225.638030] ? prepare_exit_to_usermode+0x350/0x350 [ 225.643027] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 225.648374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.653201] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 225.658367] RIP: 0033:0x454e79 [ 225.661538] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 225.669224] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 225.676475] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 225.683727] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 225.690976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 225.698223] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000002 [ 225.705489] CPU: 0 PID: 18891 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 225.712672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 225.722015] Call Trace: [ 225.724601] dump_stack+0x194/0x24d [ 225.728226] ? arch_local_irq_restore+0x53/0x53 [ 225.732905] should_fail+0x8c0/0xa40 [ 225.736612] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 225.741706] ? pcpu_free_area+0xa00/0xa00 [ 225.745871] ? find_held_lock+0x35/0x1d0 [ 225.749938] ? check_same_owner+0x320/0x320 [ 225.754258] ? rcu_note_context_switch+0x710/0x710 [ 225.759185] should_failslab+0xec/0x120 [ 225.763154] kmem_cache_alloc+0x47/0x760 [ 225.767218] ? __alloc_pages_slowpath+0x2d10/0x2d10 [ 225.772232] getname_kernel+0x54/0x340 [ 225.776117] kern_path+0x1e/0x40 [ 225.779478] lookup_bdev+0xec/0x200 [ 225.783104] ? blkdev_open+0x250/0x250 [ 225.786989] ? find_held_lock+0x35/0x1d0 [ 225.791048] blkdev_get_by_path+0x1f/0xa0 [ 225.795191] mount_bdev+0x4d/0x370 [ 225.798726] ? fuse_get_root_inode+0x190/0x190 [ 225.803309] fuse_mount_blk+0x34/0x40 [ 225.807103] mount_fs+0x66/0x2d0 [ 225.810467] vfs_kern_mount.part.26+0xc6/0x4a0 [ 225.815048] ? may_umount+0xa0/0xa0 [ 225.818654] ? _raw_read_unlock+0x22/0x30 [ 225.822777] ? __get_fs_type+0x8a/0xc0 [ 225.826641] do_mount+0xea4/0x2bb0 [ 225.830157] ? copy_mount_string+0x40/0x40 [ 225.834369] ? rcu_pm_notify+0xc0/0xc0 [ 225.838233] ? copy_mount_options+0x5f/0x2e0 [ 225.842622] ? rcu_read_lock_sched_held+0x108/0x120 [ 225.847613] ? kmem_cache_alloc_trace+0x459/0x740 [ 225.852442] ? kasan_check_write+0x14/0x20 [ 225.856655] ? copy_mount_options+0x1f7/0x2e0 [ 225.861127] SyS_mount+0xab/0x120 [ 225.864552] ? copy_mnt_ns+0xb30/0xb30 [ 225.868424] do_syscall_64+0x281/0x940 [ 225.872290] ? vmalloc_sync_all+0x30/0x30 [ 225.876411] ? _raw_spin_unlock_irq+0x27/0x70 [ 225.880879] ? finish_task_switch+0x1c1/0x7e0 [ 225.885346] ? syscall_return_slowpath+0x550/0x550 [ 225.890254] ? syscall_return_slowpath+0x2ac/0x550 [ 225.895161] ? prepare_exit_to_usermode+0x350/0x350 [ 225.900154] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 225.905504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 225.910333] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 225.915494] RIP: 0033:0x454e79 [ 225.918658] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 225.926339] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 225.933583] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 2018/04/01 00:14:26 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:26 executing program 2: r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x8, 0x100) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080)=0x3, 0x4) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) readv(r1, &(0x7f0000000400)=[{&(0x7f0000000240)=""/30, 0x1e}, {&(0x7f0000000380)=""/86, 0x56}], 0x2) 2018/04/01 00:14:26 executing program 3: r0 = dup(0xffffffffffffffff) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={0xfffffffffffffffb, {0x2, 0x4e24}, {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x0, 0xfffffffffffffffc, 0x401, 0x80, 0x8, &(0x7f0000000040)='bpq0\x00', 0x5, 0x4, 0x1}) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000080)={0x6}) fallocate(r1, 0x0, 0x0, 0x4) 2018/04/01 00:14:26 executing program 5 (fault-call:3 fault-nth:3): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:26 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:26 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setrlimit(0x7, &(0x7f000018f000)) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) mlock(&(0x7f0000914000/0x2000)=nil, 0x2000) socket$bt_hidp(0x1f, 0x3, 0x6) r2 = open(&(0x7f0000000040)='./file0\x00', 0x60000, 0x20) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r2, 0xc0105303, &(0x7f0000000080)={0x3cc3d51d, 0x6, 0x100000000}) 2018/04/01 00:14:26 executing program 6 (fault-call:0 fault-nth:17): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:26 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000140)=0x8, 0x4) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e23, 0x4}, 0x1c) connect$inet6(r0, &(0x7f0000966fe4)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x11}}}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000d5affc), 0x4) write(r0, &(0x7f00000002c0)="a5c0d294e10af640a5d4c3ab7a67bd9724e29156f75ddd6bfe53bc50ba3ef9085c6c52cd0e2a6fddd326ec364494acc24ad3e8bf9c690e919681896f4c09a387a36b8c063ef78ddb4306eae01ed10e740d68aa5c7a92939c1fd5a19c5dd3860f7d4de1fd24088df73b72b416a7450caff19dd2779519577c9cf87149c3258dcd9dd2d0bc7e05ea8fa2a678851e021578e71db2b3ab4a0ad6f194332242cec9673d388ec0501720f92b15c3267bd4e3fc700a7a8028a9b7f1969d5aa719debb8b16df77b2cbee45dd90bef410563ce182e355495154e9585d087bda16a9dd02a231354df99325dc3f051dc3dc77efe569211d22fe39faed990263c5db984e1232afe53c71e30146f358cb4c0a202a1964f5387a5d8e6233b0038e30d376a1e80e12137be7733c716144faa53085c731e21009be9339dbb69c4c97580b753db5e6a9af646e3f2bf08cbe13b7a79f44f96a708134207c6b0e5085de94a0c73f29a4352e1b588e6bbc5eaa4a9c4f6fff95bf721972fd36a75d2b91456c192874a98ce1393d19f917b59e7d976549fd1fc7f10b379edbea0aff66de013e9dd762e2f04d7697f49415c1e6ddcdb8ffe3d2fbf064757275e19174f039158edd14a13938af8a908c31d18766373b4f30ac5758494a6a178b5cdead94563120ba65a0a6cef66caeaf7c2681a9c374f1e280b513669559774994ce05832994762465ca5fc39d71b8a0bc8495fc7898f6f80ee4e3850ece618007b5b548f5ea69e2ce4fb27055f1248b100ac1f45dc475963e1e7aff05e49795ed973a27d91aa4703066c6503a216e5d7b5401d5757ba639cf811b4b48b1504457e2db669dc3e51b567a5b9f2b4315162a72abb324488a0f0784d74d86c68413b56bd7bab1679a578d6907f12cc4e68027a68430517d7bb1add436f45fcaf8d98208a84b200606b153a0a76a5d98fc9e4caea6c01bb13ddcd378e6426cc9e15c6fe6d7f058f7d2128728b2e1bc7f6a16d36ae1793d4672977e6e88af63ee2c352221512bd5810225a5884e235fa88512563a25f51b1a269590466d503acfb63fbc7a188eeba92059fa86fc733ef69633b0491d509f2319c760b5c83099ecbbf2f949c7d0ce17f2e14a73752b9ad23f0fd7ca70f96485812d6f4c924507eafbc01eafd295c69f4379746967c97038db1f7440c0ab3553de2bbbcad63f459df71b5f16cfe86e5d20a75769ee04383b573e88e1b4cb30842234469ed63331e9cd05466fdf51d8a5a1a4785e23af42541c01b1f092e96102adf74f27cd1cb457981f1ebe4b18faea58205cde42d0c8aa89f0ef62bae0a3a6f64d0b17ec92b8b948e1c86b21006aa99c988a0c1e744f607d43865c2c58ceda1568295392af43a93edc9a19f4cf5f9b0a84b60e8dd15f0754aaccad00010000fc3c5b27cbbbc4f182321d2c312cbaf611a08fad4c51786c8ea19f6b6504829eb56fbc6cd940f6f67a06ac3982c51199fb58d4a5014628cad0943382765b5ea323b2d1daac67e903ec672f13ba637c11dd0b1ce0e97627a46060c47ec802754ebf9ff6122a3d611a5bd587a65604ac9c73f9c04dffd4bcc25de6bfd96c5a27fddc2bed65669c2f3466236b67c29a920529e9fbe6cc1e9acb9c55f9e03442fd30b1af3a528074b8eb5a1f2bef98cef8989a8f894fa63658c8c886e50f863a6847d3755db4b84c6fe358720aae0291f407901be0d9312a44f4032052ec365a02a8e32cf395ecb4ab10712e73e611d2a28805cc55fe38c3c6af5b431d59551879306b4fc30deb977081b529e1c00cfd5dec1e04e5a748d1c1754523d98889c96997c98987d2191533d5db74798fc45cd79525dd219d2858ab0cc9e4e72576c938a8176ae08408f0725eedf2e55e57f85d8449ac00f53954ecfb5a268d242ed58a11a224786d1bb82d6661db0104000023ce49459c6a5021d394cba4f2d846791e74fd28c1f1e7ec90aebca7ae8fa8844c084850a018ff39db3f0b309364cc481bbf74767c40edb61a5ae94c278ea6d38676a51a1703c2b94fd75f9ae0d725ecad24536565c994442e7428df55cd7de35a109f3c6361edf4a3ae6c3a26d5de87b4284d2ef2140b1bf84a3a73ffa3c5dcfba621414fa2d741d0acc261c05d47138099d82d9971b38f5be6ce1a8f355440709a8c499194d59620617017e4c164cf3696f191984b06207e686c922ef0741b8123dfab52f2f41a7fdc7273ff85ae38ac381369647eca81278522310d3bb8260ce1e7f404fa79d8f8c708ba9f18c36b9459c1a4d3ccb0fd466f2d7752be51e9cb9bb232d1c5be9425bc080146dd58ec10d93d05b276ab46174e9a77de759e571319cdd1cec3370fb76142ef2925ea07276fba192b4c80e83dc7a63b434ec84859f9cb915765b7155b7bbbaecaf0911b2245169c2c414124d3abace74136dbd188201d13b3659d50078c5be7b8c227a4e1363b8da2cafe1c280961c6fe4715b72e16b662", 0x6dc) write(r0, &(0x7f000069efac)="e26d4afed4d3467b7ee66e9ebb4039955b1d97a427cc701c5e5e6447b6510bff58c6313283eae8186bf1c22f39347ebb869277e809a7002f38611d02a6e3d4e4f6b8923c59ff9438d8c3d353b76131b90e044f80", 0x54) read(r0, &(0x7f0000000c00)=""/85, 0x55) write$sndseq(0xffffffffffffffff, &(0x7f0000000b80)=[{0x100, 0x0, 0x0, 0x0, @time={0x77359400}, {}, {}, @result}], 0x30) write$eventfd(0xffffffffffffffff, &(0x7f0000000280), 0xffd8) recvfrom(r0, &(0x7f0000000180)=""/226, 0xfffffffffffffff6, 0x0, 0x0, 0xfffffffffffffcd1) write$eventfd(0xffffffffffffffff, &(0x7f0000000bc0), 0x8) sendmmsg$alg(0xffffffffffffffff, &(0x7f0000cef000)=[{0x0, 0x0, &(0x7f0000281fc6)=[{&(0x7f0000699f21)="c2", 0x1}], 0x1, &(0x7f00001e4000)}], 0x1, 0x0) sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000dc8000)=[{&(0x7f0000000080)="0f", 0x1}], 0x1, &(0x7f0000d57000)}, 0x0) sendto$ipx(0xffffffffffffffff, &(0x7f0000000000)="a9", 0x1, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x810, r0, 0x0) r1 = gettid() ptrace$getregset(0x4204, r1, 0x202, &(0x7f0000000100)={&(0x7f00000009c0)=""/87, 0x57}) [ 225.940835] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 225.948083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.955330] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:26 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) getsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000080), 0xfffffffffffffef4) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0), &(0x7f0000000100)=0x4) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000040)=0x8, 0x4) [ 226.028431] FAT-fs (loop0): bogus number of reserved sectors [ 226.034334] FAT-fs (loop0): Can't find a valid FAT filesystem [ 226.055953] FAULT_INJECTION: forcing a failure. [ 226.055953] name failslab, interval 1, probability 0, space 0, times 0 [ 226.067540] CPU: 0 PID: 18902 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 226.074450] FAULT_INJECTION: forcing a failure. [ 226.074450] name failslab, interval 1, probability 0, space 0, times 0 [ 226.074720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.074726] Call Trace: [ 226.074743] dump_stack+0x194/0x24d [ 226.074758] ? arch_local_irq_restore+0x53/0x53 [ 226.074778] should_fail+0x8c0/0xa40 [ 226.074790] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.074801] ? walk_component+0x13d0/0x13d0 [ 226.074822] ? find_held_lock+0x35/0x1d0 [ 226.074839] ? find_held_lock+0x35/0x1d0 [ 226.074864] ? check_same_owner+0x320/0x320 [ 226.131944] ? rcu_note_context_switch+0x710/0x710 [ 226.136867] should_failslab+0xec/0x120 [ 226.140832] kmem_cache_alloc+0x47/0x760 [ 226.144878] ? get_pid_task+0xbc/0x140 [ 226.148756] getname_flags+0xcb/0x580 [ 226.152543] SyS_rename+0x270/0xc90 [ 226.156160] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 226.160991] ? SyS_renameat+0xca0/0xca0 [ 226.164966] ? __sb_end_write+0xa0/0xd0 [ 226.168923] ? fput+0xd2/0x140 [ 226.172100] ? SyS_write+0x184/0x220 [ 226.175806] ? SyS_read+0x220/0x220 [ 226.179419] ? do_syscall_64+0xb7/0x940 [ 226.183375] ? SyS_renameat+0xca0/0xca0 [ 226.187335] do_syscall_64+0x281/0x940 [ 226.191202] ? vmalloc_sync_all+0x30/0x30 [ 226.195332] ? _raw_spin_unlock_irq+0x27/0x70 [ 226.199816] ? finish_task_switch+0x1c1/0x7e0 [ 226.204296] ? syscall_return_slowpath+0x550/0x550 [ 226.209210] ? syscall_return_slowpath+0x2ac/0x550 [ 226.214122] ? prepare_exit_to_usermode+0x350/0x350 [ 226.219123] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 226.224474] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.229304] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 226.234476] RIP: 0033:0x454e79 [ 226.237649] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 226.245340] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 226.252678] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 226.259927] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 226.267179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 2018/04/01 00:14:26 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0xfffffffffffffffe) r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0xd500, 0x400000) ioctl$KVM_SET_ONE_REG(r0, 0x4010aeac, &(0x7f0000000080)={0x2, 0x8}) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000000040)={0x5, 0x14, [0x80, 0x6, 0xfb6, 0x4bb000000, 0x10001]}) [ 226.274429] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000003 [ 226.281699] CPU: 1 PID: 18917 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 226.288883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.298228] Call Trace: [ 226.300814] dump_stack+0x194/0x24d [ 226.304446] ? arch_local_irq_restore+0x53/0x53 [ 226.309110] ? __save_stack_trace+0x7e/0xd0 [ 226.313437] should_fail+0x8c0/0xa40 [ 226.317147] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.322244] ? kasan_kmalloc+0xad/0xe0 [ 226.326127] ? kmem_cache_alloc_trace+0x136/0x740 [ 226.330956] ? __memcg_init_list_lru_node+0x169/0x270 [ 226.336123] ? __list_lru_init+0x544/0x750 [ 226.340334] ? sget_userns+0x691/0xe40 [ 226.344197] ? mount_fs+0x66/0x2d0 [ 226.347718] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 226.352449] ? do_mount+0xea4/0x2bb0 [ 226.356141] ? SyS_mount+0xab/0x120 [ 226.359747] ? do_syscall_64+0x281/0x940 [ 226.363786] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 226.369131] ? find_held_lock+0x35/0x1d0 [ 226.373176] ? __lock_is_held+0xb6/0x140 [ 226.377226] ? check_same_owner+0x320/0x320 [ 226.381548] ? rcu_note_context_switch+0x710/0x710 [ 226.386461] should_failslab+0xec/0x120 [ 226.390412] kmem_cache_alloc_trace+0x4b/0x740 [ 226.394970] ? __kmalloc_node+0x33/0x70 [ 226.398920] ? __kmalloc_node+0x33/0x70 [ 226.402875] ? rcu_read_lock_sched_held+0x108/0x120 [ 226.407870] __memcg_init_list_lru_node+0x169/0x270 [ 226.412867] ? list_lru_add+0x7c0/0x7c0 [ 226.416817] ? __kmalloc_node+0x47/0x70 [ 226.420774] __list_lru_init+0x544/0x750 [ 226.424817] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 226.430682] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 226.435676] ? __lockdep_init_map+0xe4/0x650 [ 226.440063] ? lockdep_init_map+0x9/0x10 [ 226.444101] sget_userns+0x691/0xe40 [ 226.447794] ? kill_litter_super+0x90/0x90 [ 226.452012] ? ns_test_super+0x50/0x50 [ 226.455882] ? destroy_unused_super.part.6+0xd0/0xd0 [ 226.460961] ? do_raw_spin_trylock+0x190/0x190 [ 226.465524] ? kobject_put+0x6b/0x250 [ 226.469306] ? blkdev_get+0x3a1/0xb00 [ 226.473087] ? cap_capable+0x1b5/0x230 [ 226.476949] ? __blkdev_get+0x13b0/0x13b0 [ 226.481076] ? security_capable+0x8e/0xc0 [ 226.485202] ? kill_litter_super+0x90/0x90 [ 226.489413] ? ns_capable_common+0xcf/0x160 [ 226.493713] ? ns_test_super+0x50/0x50 [ 226.497574] ? kill_litter_super+0x90/0x90 [ 226.501789] sget+0xd2/0x120 [ 226.504792] mount_bdev+0x109/0x370 [ 226.508398] ? fuse_get_root_inode+0x190/0x190 [ 226.512961] fuse_mount_blk+0x34/0x40 [ 226.517523] mount_fs+0x66/0x2d0 [ 226.520874] vfs_kern_mount.part.26+0xc6/0x4a0 [ 226.525434] ? may_umount+0xa0/0xa0 [ 226.529040] ? _raw_read_unlock+0x22/0x30 [ 226.533999] ? __get_fs_type+0x8a/0xc0 [ 226.537885] do_mount+0xea4/0x2bb0 [ 226.541408] ? copy_mount_string+0x40/0x40 [ 226.545620] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 226.550616] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 226.555356] ? retint_kernel+0x10/0x10 [ 226.559229] ? copy_mount_options+0x181/0x2e0 [ 226.563705] ? copy_mount_options+0x1f7/0x2e0 [ 226.568180] SyS_mount+0xab/0x120 [ 226.571610] ? copy_mnt_ns+0xb30/0xb30 [ 226.575477] do_syscall_64+0x281/0x940 [ 226.579341] ? vmalloc_sync_all+0x30/0x30 [ 226.583476] ? _raw_spin_unlock_irq+0x27/0x70 [ 226.587949] ? finish_task_switch+0x1c1/0x7e0 [ 226.592437] ? syscall_return_slowpath+0x550/0x550 [ 226.597345] ? syscall_return_slowpath+0x2ac/0x550 [ 226.602254] ? prepare_exit_to_usermode+0x350/0x350 [ 226.607253] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 226.612600] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.617424] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 226.622590] RIP: 0033:0x454e79 2018/04/01 00:14:27 executing program 2: r0 = perf_event_open(&(0x7f0000271000)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000000)='IPVS\x00') r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/loop-control\x00', 0x900, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) socket$inet(0x2, 0x3, 0x8) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) r3 = dup3(0xffffffffffffffff, r1, 0x80000) ioctl$KVM_CREATE_DEVICE(r3, 0xc00caee0, &(0x7f0000000080)={0x2, r3, 0xfffffffffffffffe}) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000340)='/dev/cuse\x00', 0x2000, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0) fchdir(r0) ioctl$sock_inet_tcp_SIOCATMARK(r4, 0x8905, &(0x7f00000002c0)) r6 = creat(&(0x7f0000000080)='./file0\x00', 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r5, 0x29, 0x22, &(0x7f0000000700)={{{@in6=@loopback, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@dev}}, &(0x7f0000000040)=0xa5) r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.net/syz0\x00', 0x200002, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c) truncate(&(0x7f0000000140)='./file0\x00', 0x0) write(r6, &(0x7f0000000180)="15", 0x1) fchdir(r3) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000380)={&(0x7f0000000200)='./file0\x00', r3}, 0x10) r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'syzkaller0\x00', r7}) close(r0) open(&(0x7f0000000100)='./file0\x00', 0x200, 0x80) r10 = dup2(r1, r1) bind$ipx(r10, &(0x7f0000000280)={0x4, 0x0, 0x80, "34c1b884fbec", 0x81}, 0x10) connect$ax25(0xffffffffffffffff, &(0x7f0000000240)={0x3, {"2000000002ca3f"}}, 0xfffffffffffffee0) fcntl$setflags(r8, 0x2, 0x1) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r9, 0x10e, 0x2, &(0x7f0000000300)=0x10, 0x4) [ 226.625755] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 226.633442] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 226.640689] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 226.647934] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 226.655192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.662447] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:27 executing program 5 (fault-call:3 fault-nth:4): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 226.771219] FAULT_INJECTION: forcing a failure. [ 226.771219] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 226.783048] CPU: 1 PID: 18933 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 226.790225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 226.799575] Call Trace: [ 226.802173] dump_stack+0x194/0x24d [ 226.805809] ? arch_local_irq_restore+0x53/0x53 [ 226.810488] should_fail+0x8c0/0xa40 [ 226.814203] ? legitimize_links+0x2f0/0x2f0 [ 226.818526] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 226.823633] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 226.828809] ? cap_capable+0x1b5/0x230 [ 226.832677] ? from_kgid+0x4a/0x60 [ 226.836192] ? privileged_wrt_inode_uidgid+0x8e/0xb0 [ 226.841282] ? capable_wrt_inode_uidgid+0x9b/0xc0 [ 226.846108] ? security_inode_permission+0xbb/0xf0 [ 226.851022] ? inode_permission+0x88/0x470 [ 226.855237] ? __save_stack_trace+0x7e/0xd0 [ 226.859537] ? link_path_walk+0xbed/0x1470 [ 226.863747] ? __follow_mount_rcu.isra.28+0x7d0/0x7d0 [ 226.868914] ? should_fail+0x23b/0xa40 [ 226.872782] __alloc_pages_nodemask+0x327/0xdd0 [ 226.877424] ? walk_component+0x13d0/0x13d0 [ 226.881726] ? __alloc_pages_slowpath+0x2d10/0x2d10 [ 226.886719] ? find_held_lock+0x35/0x1d0 [ 226.890770] ? find_held_lock+0x35/0x1d0 [ 226.894827] ? check_same_owner+0x320/0x320 [ 226.899125] cache_grow_begin+0x72/0x640 [ 226.903163] kmem_cache_alloc+0x400/0x760 [ 226.907290] ? get_pid_task+0xbc/0x140 [ 226.911154] getname_flags+0xcb/0x580 [ 226.914930] SyS_rename+0x270/0xc90 [ 226.918532] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 226.923360] ? SyS_renameat+0xca0/0xca0 [ 226.927317] ? __lock_is_held+0xb6/0x140 [ 226.931360] ? __sb_end_write+0xa0/0xd0 [ 226.935311] ? fput+0xd2/0x140 [ 226.938479] ? SyS_write+0x184/0x220 [ 226.942178] ? SyS_read+0x220/0x220 [ 226.945781] ? do_syscall_64+0xb7/0x940 [ 226.949727] ? SyS_renameat+0xca0/0xca0 [ 226.953684] do_syscall_64+0x281/0x940 [ 226.957555] ? vmalloc_sync_all+0x30/0x30 [ 226.961677] ? _raw_spin_unlock_irq+0x27/0x70 [ 226.966154] ? finish_task_switch+0x1c1/0x7e0 [ 226.970643] ? syscall_return_slowpath+0x550/0x550 [ 226.975550] ? syscall_return_slowpath+0x2ac/0x550 [ 226.980458] ? prepare_exit_to_usermode+0x350/0x350 [ 226.985449] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 226.990786] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 226.995612] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 227.000797] RIP: 0033:0x454e79 [ 227.003958] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 227.011640] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 2018/04/01 00:14:27 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) [ 227.018884] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 227.026126] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 227.033383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 227.040640] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000004 2018/04/01 00:14:27 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000040)='./file0\x00', 0x7ff, 0x2, &(0x7f0000000240)=[{&(0x7f0000000080)="1269080c256dc05289d23aff7e0cce92c7c8a6752e25129647049c0594c6c1ae5f32a7ec3adc70443bde30ec6917042bc89cb11d7c6ddc7437a481112499ca2bdbfaedfba6cfdfb8b20e106fd666db6ecd0aee1e1bcb32493adc29343dc89edcacd836d2f000b113c8dca7bda963c5d9841b588c751141f91b1eaff4a0ce1692ebc68d2508813868c713911cdb534a8f7d6f54ec0b939a09e7955af66841d557255bc5b7bc7d5cfafb7d9a8f36b0ca61983a90", 0xb3, 0x8}, {&(0x7f0000000140)="09728d4f81329102de963aa1a4ff09f6a52a2f115875571babce9675f8300923cec7cec95fefb42a827937cb2a1e0028dce5faf08e0ef002cce10fc53481cf692a41a8f9130790f86356790aa5087c156f44a6c0469439d18cbd0368fa86a99fb71ada4ef84a6b997a0ea5377a9804a850760c9a5fe766e1f08deb0bf1793a000dc2e471182d75f372da6e5e01c5b94d8daf7270fa4192022cf6660db4c4b74324a09d9de5a5f93e5103dbdd73553fe80376d9b97c863d82e65f75f5254bb430ed46b4e8379740382caf961a41b94f8cbd804049f7f9c3dfee10cd343c87a00f45c06048d1a297a2935d40d52e", 0xed, 0x7fffffff}], 0x1000, &(0x7f0000000280)={[{@disable_sparse_yes={'disable_sparse=yes', 0x3d, [0x78, 0x36, 0x0, 0x30, 0x7f]}, 0x2c}, {@dmask={'dmask', 0x3d, [0x32, 0x36, 0x36, 0x34, 0x33, 0x32, 0x36]}, 0x2c}, {@fmask={'fmask', 0x3d, [0x35]}, 0x2c}, {@case_sensitive_yes={'case_sensitive=yes', 0x3d, [0x3f]}, 0x2c}, {@disable_sparse_yes={'disable_sparse=yes', 0x3d, [0x37, 0x78, 0x39, 0x7c, 0x36, 0x31, 0x37]}, 0x2c}]}) 2018/04/01 00:14:27 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) fallocate(r0, 0x3, 0x3ff, 0x7f) 2018/04/01 00:14:27 executing program 6 (fault-call:0 fault-nth:18): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:27 executing program 2: perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000e4e000)=0x200000000) write$vnet(r0, &(0x7f0000000140)={0x1, {&(0x7f0000000100)=""/24, 0x18, &(0x7f00000001c0)=""/101, 0x0, 0x3}}, 0x68) 2018/04/01 00:14:27 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0xbfb, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f00000000c0)=0x14, 0x4) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000040)="3900000011000947011b61e6c30500fe070000000200000045efffff08009b0019001a000300000900000100000000000600040004000d0005", 0x39}], 0x1) 2018/04/01 00:14:27 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000000600)='/dev/snd/seq\x00', 0x0, 0x484400) read(r0, &(0x7f0000fb6000)=""/28, 0xfffffffffffffe13) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0), 0x20) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) close(r1) r3 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000280)=0x8000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d137e637, 0x10800a}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f000019ffe9)={0xc1}) llistxattr(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)=""/14, 0xe) socketpair$unix(0x1, 0x7, 0x0, &(0x7f00000005c0)) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000928f74)={0x0, 0x0, 0x0, 'queue1\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000200)) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f000006ff44)={0x7, 0x0, 'client0\x00', 0x0, "6318ca4c372bbf06", "99f3c2e1541fe1bfdf54840c086e666dec2aef8735f8bc6ae79d506a1f00f7b8"}) socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000140)={0x4, 0x1ff, 0x800}) ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f00000006c0)=""/128) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0xfffffffffffffffe, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000540)) ioctl$TIOCGPGRP(r4, 0x540f, &(0x7f0000001840)) openat$rtc(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/rtc\x00', 0x400000, 0x0) clock_gettime(0xffffffffffffffff, &(0x7f0000000300)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) utimes(&(0x7f0000000500)='./file0\x00', &(0x7f0000000040)={{0x77359400}, {r5, r6/1000+30000}}) getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000400), &(0x7f0000000680)=0x4) 2018/04/01 00:14:27 executing program 5 (fault-call:3 fault-nth:5): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 227.121996] FAULT_INJECTION: forcing a failure. [ 227.121996] name failslab, interval 1, probability 0, space 0, times 0 [ 227.133282] CPU: 1 PID: 18953 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 227.140464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.149458] FAULT_INJECTION: forcing a failure. [ 227.149458] name failslab, interval 1, probability 0, space 0, times 0 [ 227.149805] Call Trace: [ 227.149822] dump_stack+0x194/0x24d [ 227.149839] ? arch_local_irq_restore+0x53/0x53 [ 227.171823] ? __save_stack_trace+0x7e/0xd0 [ 227.176138] should_fail+0x8c0/0xa40 [ 227.179843] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 227.184930] ? kasan_kmalloc+0xad/0xe0 [ 227.188799] ? kmem_cache_alloc_trace+0x136/0x740 [ 227.193629] ? __memcg_init_list_lru_node+0x169/0x270 [ 227.198809] ? __list_lru_init+0x544/0x750 [ 227.203031] ? sget_userns+0x691/0xe40 [ 227.206905] ? mount_fs+0x66/0x2d0 [ 227.210430] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 227.215169] ? do_mount+0xea4/0x2bb0 [ 227.218866] ? SyS_mount+0xab/0x120 [ 227.222477] ? do_syscall_64+0x281/0x940 [ 227.226521] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 227.231874] ? find_held_lock+0x35/0x1d0 [ 227.235920] ? __lock_is_held+0xb6/0x140 [ 227.239971] ? check_same_owner+0x320/0x320 [ 227.244282] ? rcu_note_context_switch+0x710/0x710 [ 227.249197] should_failslab+0xec/0x120 [ 227.253158] kmem_cache_alloc_trace+0x4b/0x740 [ 227.257720] ? __kmalloc_node+0x33/0x70 [ 227.261674] ? __kmalloc_node+0x33/0x70 [ 227.265630] ? rcu_read_lock_sched_held+0x108/0x120 [ 227.270630] __memcg_init_list_lru_node+0x169/0x270 [ 227.275629] ? list_lru_add+0x7c0/0x7c0 [ 227.279584] ? __kmalloc_node+0x47/0x70 [ 227.283543] __list_lru_init+0x544/0x750 [ 227.287588] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 227.293455] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 227.298452] ? __lockdep_init_map+0xe4/0x650 [ 227.302845] ? lockdep_init_map+0x9/0x10 [ 227.306894] sget_userns+0x691/0xe40 [ 227.310588] ? kill_litter_super+0x90/0x90 [ 227.314808] ? ns_test_super+0x50/0x50 [ 227.318680] ? destroy_unused_super.part.6+0xd0/0xd0 [ 227.323767] ? do_raw_spin_trylock+0x190/0x190 [ 227.328336] ? kobject_put+0x6b/0x250 [ 227.332126] ? blkdev_get+0x3a1/0xb00 [ 227.335920] ? cap_capable+0x1b5/0x230 [ 227.339797] ? __blkdev_get+0x13b0/0x13b0 [ 227.343937] ? security_capable+0x8e/0xc0 [ 227.348067] ? kill_litter_super+0x90/0x90 [ 227.352290] ? ns_capable_common+0xcf/0x160 [ 227.356594] ? ns_test_super+0x50/0x50 [ 227.360461] ? kill_litter_super+0x90/0x90 [ 227.364678] sget+0xd2/0x120 [ 227.367686] mount_bdev+0x109/0x370 [ 227.371295] ? fuse_get_root_inode+0x190/0x190 [ 227.375860] fuse_mount_blk+0x34/0x40 [ 227.379646] mount_fs+0x66/0x2d0 [ 227.382999] vfs_kern_mount.part.26+0xc6/0x4a0 [ 227.387566] ? may_umount+0xa0/0xa0 [ 227.391176] ? _raw_read_unlock+0x22/0x30 [ 227.395308] ? __get_fs_type+0x8a/0xc0 [ 227.399185] do_mount+0xea4/0x2bb0 [ 227.402720] ? copy_mount_string+0x40/0x40 [ 227.406937] ? rcu_pm_notify+0xc0/0xc0 [ 227.410811] ? copy_mount_options+0x5f/0x2e0 [ 227.415207] ? rcu_read_lock_sched_held+0x108/0x120 [ 227.420211] ? kmem_cache_alloc_trace+0x459/0x740 [ 227.425037] ? kasan_check_write+0x14/0x20 [ 227.429256] ? _copy_from_user+0x99/0x110 [ 227.433388] ? copy_mount_options+0x1f7/0x2e0 [ 227.437868] SyS_mount+0xab/0x120 [ 227.441302] ? copy_mnt_ns+0xb30/0xb30 [ 227.445173] do_syscall_64+0x281/0x940 [ 227.449048] ? vmalloc_sync_all+0x30/0x30 [ 227.453177] ? _raw_spin_unlock_irq+0x27/0x70 [ 227.457655] ? finish_task_switch+0x1c1/0x7e0 [ 227.462134] ? syscall_return_slowpath+0x550/0x550 [ 227.467049] ? syscall_return_slowpath+0x2ac/0x550 [ 227.471961] ? prepare_exit_to_usermode+0x350/0x350 [ 227.476964] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 227.482311] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.487141] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 227.492310] RIP: 0033:0x454e79 [ 227.495481] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 227.503171] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 227.510423] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 2018/04/01 00:14:28 executing program 7: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000080), 0x2) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2042, 0x0) openat$cgroup_int(r1, &(0x7f0000000040)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) [ 227.517672] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 227.524922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.532174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 227.539465] CPU: 0 PID: 18957 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 227.546650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.555998] Call Trace: [ 227.558582] dump_stack+0x194/0x24d [ 227.562206] ? arch_local_irq_restore+0x53/0x53 [ 227.566880] should_fail+0x8c0/0xa40 [ 227.570593] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 227.575696] ? trace_event_raw_event_lock+0x340/0x340 [ 227.580886] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 227.586086] ? __lock_acquire+0x664/0x3e00 [ 227.590331] ? find_held_lock+0x35/0x1d0 [ 227.594397] ? __lock_is_held+0xb6/0x140 [ 227.598451] ? check_same_owner+0x320/0x320 [ 227.602754] ? __d_lookup+0x4f4/0x830 [ 227.606542] ? rcu_note_context_switch+0x710/0x710 [ 227.611457] should_failslab+0xec/0x120 [ 227.615413] kmem_cache_alloc+0x47/0x760 [ 227.619454] __d_alloc+0xc1/0xbd0 [ 227.622891] ? shrink_dcache_for_umount+0x290/0x290 [ 227.627894] ? d_alloc_parallel+0x1b40/0x1b40 [ 227.632366] ? lock_release+0xa40/0xa40 [ 227.636333] ? mark_held_locks+0xaf/0x100 [ 227.640466] ? d_lookup+0x133/0x2e0 [ 227.644079] ? d_lookup+0x1d5/0x2e0 [ 227.647702] d_alloc+0x8e/0x340 [ 227.650972] ? __d_alloc+0xbd0/0xbd0 [ 227.654670] ? _down_write_nest_lock+0x120/0x120 [ 227.659413] __lookup_hash+0x58/0x190 [ 227.663207] SyS_rename+0x542/0xc90 [ 227.666825] ? SyS_renameat+0xca0/0xca0 [ 227.670789] ? __sb_end_write+0xa0/0xd0 [ 227.674739] ? fput+0xd2/0x140 [ 227.677916] ? SyS_write+0x184/0x220 [ 227.681610] ? SyS_read+0x220/0x220 [ 227.685214] ? do_syscall_64+0xb7/0x940 [ 227.689169] ? SyS_renameat+0xca0/0xca0 [ 227.693131] do_syscall_64+0x281/0x940 [ 227.697010] ? vmalloc_sync_all+0x30/0x30 [ 227.701825] ? _raw_spin_unlock_irq+0x27/0x70 [ 227.706318] ? finish_task_switch+0x1c1/0x7e0 [ 227.710799] ? syscall_return_slowpath+0x550/0x550 [ 227.715710] ? syscall_return_slowpath+0x2ac/0x550 [ 227.720625] ? prepare_exit_to_usermode+0x350/0x350 [ 227.725628] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 227.730980] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 227.735822] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 227.740998] RIP: 0033:0x454e79 [ 227.744170] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 227.751862] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 227.759126] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 227.766370] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 2018/04/01 00:14:28 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x5, 0x40, 0x7, 0x9}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f00000001c0), &(0x7f00000002c0)}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000240)={r0, &(0x7f0000000100)='L', &(0x7f00000001c0)=""/124}, 0x18) preadv(r0, &(0x7f00000014c0)=[{&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/101, 0x65}], 0x2, 0x27) unshare(0x20000400) r1 = socket(0x7, 0xf, 0x1) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000140)={{0x2, 0x4e23}, {0x307, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x1078e6e9a087f4e5, {0x2, 0x4e24, @rand_addr=0x2}, 'bcsf0\x00'}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) pread64(r3, &(0x7f0000000280)=""/200, 0xc8, 0x0) syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000380)="0f32c744240000000000c7442402d3000000c7442406000000000f011c2466450f38800533000000c74424004b000000c744240209000000ff1c24263e642e660f38807d00f3640f09c481fd7f39b9800000c00f3235000400000f30650f07b8010000000f01c1", 0x67}], 0x1, 0x20, &(0x7f0000000400)=[@efer={0x2, 0x1}, @flags={0x3}], 0x2) vmsplice(r3, &(0x7f0000f14000)=[{&(0x7f00006bc4ba)}], 0x1, 0x0) bind$bt_sco(r3, &(0x7f0000000080)={0x1f, {0x7, 0xffffffffffffff79, 0x20, 0x4, 0x1, 0x2}}, 0x8) 2018/04/01 00:14:28 executing program 6 (fault-call:0 fault-nth:19): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 227.773615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 227.780860] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000005 [ 227.795346] FAT-fs (loop0): bogus number of reserved sectors [ 227.801363] FAT-fs (loop0): Can't find a valid FAT filesystem 2018/04/01 00:14:28 executing program 4: mkdir(&(0x7f0000000080)='./file0\x00', 0x5) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'eql\x00', 0x0}) bind(r0, &(0x7f00000000c0)=@hci={0x1f, r1, 0x2}, 0x80) 2018/04/01 00:14:28 executing program 3: r0 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0x6, 0x80) getsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f00000001c0)=0x600000000, &(0x7f0000000200)=0x2) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x3, 0xffffffffffffff9c, 0x1}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000080)={{0x5, 0x8}, {0x0, 0x9}, 0x7fffffff, 0x6, 0x7}) r2 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r0, 0x800448d2, &(0x7f00000004c0)={0x4, &(0x7f0000000240)=[{}, {}, {}, {}]}) getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) [ 227.885198] FAULT_INJECTION: forcing a failure. [ 227.885198] name failslab, interval 1, probability 0, space 0, times 0 [ 227.896497] CPU: 0 PID: 18978 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 227.903681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 227.913030] Call Trace: [ 227.915624] dump_stack+0x194/0x24d [ 227.919256] ? arch_local_irq_restore+0x53/0x53 [ 227.923924] ? kernel_text_address+0xd1/0xe0 [ 227.928331] ? __unwind_start+0x169/0x330 [ 227.932488] should_fail+0x8c0/0xa40 [ 227.936207] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 227.941314] ? save_stack+0x43/0xd0 [ 227.944940] ? kasan_kmalloc+0xad/0xe0 [ 227.948824] ? __kmalloc+0x162/0x760 [ 227.952534] ? __list_lru_init+0xcf/0x750 [ 227.956687] ? find_held_lock+0x35/0x1d0 [ 227.960751] ? __lock_is_held+0xb6/0x140 [ 227.964808] ? check_same_owner+0x320/0x320 [ 227.969126] ? rcu_note_context_switch+0x710/0x710 [ 227.974062] should_failslab+0xec/0x120 [ 227.978037] kmem_cache_alloc_node_trace+0x5a/0x760 [ 227.983051] ? mark_held_locks+0xaf/0x100 [ 227.987198] ? __raw_spin_lock_init+0x1c/0x100 [ 227.991773] __kmalloc_node+0x33/0x70 [ 227.995567] kvmalloc_node+0x99/0xd0 [ 227.999278] __list_lru_init+0x5d5/0x750 [ 228.003341] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 228.009231] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 228.014251] ? __lockdep_init_map+0xe4/0x650 [ 228.018669] ? lockdep_init_map+0x9/0x10 [ 228.022722] sget_userns+0x691/0xe40 [ 228.026424] ? kill_litter_super+0x90/0x90 [ 228.030671] ? ns_test_super+0x50/0x50 [ 228.034547] ? destroy_unused_super.part.6+0xd0/0xd0 [ 228.039627] ? do_raw_spin_trylock+0x190/0x190 [ 228.044187] ? kobject_put+0x6b/0x250 [ 228.047968] ? blkdev_get+0x3a1/0xb00 [ 228.051754] ? cap_capable+0x1b5/0x230 [ 228.055621] ? __blkdev_get+0x13b0/0x13b0 [ 228.059918] ? security_capable+0x8e/0xc0 [ 228.064050] ? kill_litter_super+0x90/0x90 [ 228.068274] ? ns_capable_common+0xcf/0x160 [ 228.072579] ? ns_test_super+0x50/0x50 [ 228.076439] ? kill_litter_super+0x90/0x90 [ 228.080655] sget+0xd2/0x120 [ 228.083684] mount_bdev+0x109/0x370 [ 228.087298] ? fuse_get_root_inode+0x190/0x190 [ 228.091854] fuse_mount_blk+0x34/0x40 [ 228.095639] mount_fs+0x66/0x2d0 [ 228.099003] vfs_kern_mount.part.26+0xc6/0x4a0 [ 228.103580] ? may_umount+0xa0/0xa0 [ 228.107193] ? _raw_read_unlock+0x22/0x30 [ 228.111331] ? __get_fs_type+0x8a/0xc0 [ 228.115195] do_mount+0xea4/0x2bb0 [ 228.118713] ? copy_mount_string+0x40/0x40 [ 228.122939] ? rcu_pm_notify+0xc0/0xc0 [ 228.126810] ? copy_mount_options+0x5f/0x2e0 [ 228.131195] ? rcu_read_lock_sched_held+0x108/0x120 [ 228.136186] ? kmem_cache_alloc_trace+0x459/0x740 [ 228.141011] ? kasan_check_write+0x14/0x20 [ 228.145227] ? _copy_from_user+0x99/0x110 [ 228.149353] ? copy_mount_options+0x1f7/0x2e0 [ 228.153826] SyS_mount+0xab/0x120 [ 228.157259] ? copy_mnt_ns+0xb30/0xb30 [ 228.161127] do_syscall_64+0x281/0x940 [ 228.164996] ? vmalloc_sync_all+0x30/0x30 [ 228.169130] ? _raw_spin_unlock_irq+0x27/0x70 [ 228.173607] ? finish_task_switch+0x1c1/0x7e0 [ 228.178080] ? syscall_return_slowpath+0x550/0x550 [ 228.182994] ? syscall_return_slowpath+0x2ac/0x550 [ 228.187907] ? prepare_exit_to_usermode+0x350/0x350 [ 228.192909] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 228.198255] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 228.203077] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 228.208247] RIP: 0033:0x454e79 [ 228.211417] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 228.219106] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 228.226349] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 228.233591] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 228.240835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.248093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:28 executing program 7: syz_open_dev$tun(&(0x7f0000000500)='/dev/net/tun\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000100), 0x4) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000140)={0x3, 0x6, 0x2, 0x1f, "deb7e1f78603eb3473f09fe72814fbc348323c38d14637e48fd4bd27d7e269542d1795a8baa68083473c63fe", 0x5}) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/arp\x00') r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x3}) ioctl$sock_inet_SIOCSARP(r2, 0x8955, &(0x7f0000000240)={{0x2, 0x0, @rand_addr}, {}, 0x2000000000008, {0x2, 0x0, @multicast2=0xe0000002}, 'syzkaller0\x00'}) ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f00000001c0)={0x8, 0x3, 0x4, 0x2}) r4 = dup3(r1, r3, 0x0) ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000000580)={0x2, r4}) 2018/04/01 00:14:28 executing program 5 (fault-call:3 fault-nth:6): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:28 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:28 executing program 2: epoll_create1(0x0) socket$unix(0x1, 0x5, 0x0) unshare(0x8000400) mq_open(&(0x7f000004b000)='/$cgrouplo\x00', 0x42, 0x0, &(0x7f000004b000)={0x3, 0x7, 0x3}) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x10000, 0x0) pselect6(0x40, &(0x7f00000abfc0)={0x3ffffd}, &(0x7f0000768000), &(0x7f00007fbfc0), &(0x7f0000f22000)={0x0, 0x989680}, &(0x7f0000f14000)={&(0x7f0000553ff8), 0x8}) 2018/04/01 00:14:28 executing program 6 (fault-call:0 fault-nth:20): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:28 executing program 1: r0 = socket$packet(0x11, 0x0, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000240)={0x0, 0x0, 0xffffffffffffff9c}) r1 = socket$nl_generic(0x10, 0x3, 0x10) socketpair(0xb, 0x80004, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$DRM_IOCTL_VERSION(r2, 0xc0406400, &(0x7f0000000600)={0xf1, 0x40000040009, 0x800000008000, 0x41, &(0x7f00000007c0)=""/188, 0x44, &(0x7f0000000880)=""/176, 0xc2, &(0x7f0000000a80)=""/194}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x1, 0x6, @random="7c2e1626459d"}, 0xffffffffffffff54) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000980)='bcsf0\x00') ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000000000)='bcsf0\x00') getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000080), 0x10) accept4$inet6(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000340)=0x1c, 0x80800) accept(0xffffffffffffffff, &(0x7f0000000140)=@pptp={0x0, 0x0, {0x0, @rand_addr}}, &(0x7f00000001c0)=0x80) 2018/04/01 00:14:28 executing program 4: r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x5, 0x31b000) getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000040)=0x80, &(0x7f0000000080)=0x4) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f00000000c0), &(0x7f0000000140)=0x4) sendmmsg$nfc_llcp(r0, &(0x7f0000004100)=[{&(0x7f0000000180)={0x27, 0x1, 0x1, 0x1, 0xca, 0x9, "2d3b0fd3479f23c7ee5ea6d61a07d33d8f398cca20f782bb99449638dcba643cc14f50decfae5ea635390269856a6d93f7feeb87e0bd37ad3b20b44e3b2d2f", 0x1c}, 0x60, &(0x7f00000005c0)=[{&(0x7f0000000100)="8bf051d18e47d28995656dc44b6a8874402dd4bfd45f779c22e1bb1e", 0x1c}, {&(0x7f0000000200)="50d58dce65005acab75afb21c5d25f5acee0043ccca53748f7816ba6a1fca7cdfb8f52eb7fe0b90fa1165a77a606a3587217f5d711e7cf8afeac98f4b2ecba91a36a87e10c", 0x45}, {&(0x7f0000000280)="15dd8ccba06a9555454cc8f96257d2b658a82dc9b1037ea27f3fa01aa72600b434f86c62cb375e4fbd527b6d1c7fc2a56c8eeb6047604355183e9819eb8032c07c50db2f7fcefca730ba02f8904bae68305c886809479e5861566c4c8c9693d8856177967357e5e3283730496ebd9a307d656892cd35486185a96637c0ac422a1fdada9762a3c17fa2c0730006c61f3e306ec0b03f52d50c31ed456d4f653561081843a1896755ce2cfd14a6efd8f4008777e99a81c511a1a0cc0d094aa4de52a7e14c4f02ec622183e574a6bfd0b7d2158d4529285c72a39276790b551f0f675dc21f0d1155e3736be394c578aa313c4a73fc6051fb42c5b9a9ebc1", 0xfc}, {&(0x7f0000000380)="3993428edf3fda40fe4c011081ceba5ac6c8228f2fe772be1b6b2142f89b3b4326be91bbd2ba55132abaeb3df14e6ea33239", 0x32}, {&(0x7f00000003c0)="c673b155b5826e67bd", 0x9}, {&(0x7f0000000400)="de6489d66d7ef5fd8be54c61b8b9c3ff5baa045aceb644b7122fd657fca766586d35f89434543d5afd556dfe3a6b90214a637e9022766cd123769a7aef5a71b90f4e4ca8886ee0d2ac74cd7d1857638320b29edf03a579a6c320934a03118682bf5f6185df287b911773e18185b5fb13171c629d17eb8b40ad2f442dd3d42eaec2168439144109910480aae53704e9c3afe09fa2f7bf1bfd6192975b854ff9102d64aed1011426e75f09adc347c4b53884998dca273c50905d2f54fd886f85164a38780ed40962ce1546ac4d2dea1995f006990bdeb1c0fbf972", 0xda}, {&(0x7f0000000500)="d79d4f33bab4917f7c8a50ac451d753a01463467e07b6eb51227795c51baf8b57b8fddce4e5d41dbe7633d19b7f90df4855c9404c2adef88830673a8ea4577f0cb409acfd657c0e2e69957ae4c6775231ff509bd2a248da0c2fd0540d99fd4ad9e5512b622ff9876fc8541a42f7234edf65c77f07bb4bbdb94e9b54015028c0b153143e4b6e02feeba322547a26a514d4dfca2d131278fbd0d4831c3", 0x9c}], 0x7, &(0x7f0000000640)={0x100, 0x102, 0x5, "a1c415ae5fe22691577b5d1c42ec48f293e9a1a60f3fd96506534b6ec49506d9ff7a7c8e22bfbfe13558ce8555c0306b941d91b15478bc6c3b9b08b5141a6ee6a1a50ec9c6b7e52b5b51112f5f5e0b4ac0f0f86f8b28dfb6e6795b3634bd7343ad7b572eb4ad5d1af529117d5d20eb8dc91ec5a6b3ad1fe8b0ecb30d9b537747d831d42038ce3fc526dc4a400887ff8ba8b4d748b5385c7cb2b7e0468ec73e55ef7e67c3e1b3a6374787729afaf4969f7a4f11ce0c15cab889b71bbb304ce4e9b549737c52186b938b129fecc3b6e85ccfa13c6f379659b1e19cabe9365655058b295989e74126626345c5d9319e8f"}, 0x100, 0x4000001}, {&(0x7f0000000740)={0x27, 0x1, 0x2, 0x4, 0x1, 0x7, "3a817f8259c00b47d6ced6523b959b1c588278bbb4a6e21fabaff2e548a4b90220f534e5df522b38695408152091f174460d436beb9eedc05004c82b36d184", 0x33}, 0x60, &(0x7f0000001b00)=[{&(0x7f00000007c0)="dd22749084d43102008fa98a9c1e7e44fae39d13e5a53b722c153ff5767b790b8e8a849a5eca33eb8d13b6cdabf8b1684620ed0412ff6e24b095fd94c2af4c", 0x3f}, {&(0x7f0000000800)="53c0789a7dbd3a17ca7e08cae0a1f9dc7fcdd860ce3028beda25ead41e25c2ceb5a9271ef6da627a51323ff28bfd4f2311c8529fc870ecd9a4d3644907a17cbb12132a37b7057989ee9067a666f940eef803458d0f30cd", 0x57}, {&(0x7f0000000880)="879d532f855fa908f64f9c2297fcae36a0ec9ce243fe717f3395cb7dc1178c7bceed4b0c65b535168b8d9b7b4a7c26aff48dad01a34ebf5207f6702f050ec28ebe41b2f851ee94a8c677937435453dd75030a078340b263a3cb04fffbc77d072dbc0d7dc9393966f1ad8959967ef7b30053da4b64b682b26150779267b4142daf4afdde88d43da00bd9d8d61345d31ebf6744d4400cfcbbff619b7ef7c87644a7ff268b4adc582b4078faa20c834dc95c159e6d4deab2e639d816892ec4862f78165822517d6b650c27b53b8fde4d61cf5", 0xd1}, {&(0x7f0000000980)="e59c82e2b9427246e49d8e0f9939e32ba69899a3", 0x14}, {&(0x7f00000009c0)="a08373e9a9bb196af9409448aa04ba9dbcde0fffbab1e56b421e86ad87072d4ef3c3f5d21180d809ce25c5c980543fa7709eaef0a31178ee29a3b79e744b5569e9de3efa142ff80f5affeaf9296c1e735b2ed7eb81137f60d52959ebdaa414589320cab9ec4fe8f1228677d2828d2363017538731e7eb450137e952c891b2e64f774604b5fa6e8104ad07a5b871f8b959a9cd01be772d4f011857a8422ba67bbb023d2a8f3fcf681d7cf89987f2822a476a0ad576843113e22adb79909e4eb50e88dfdfcbff350e96db2b9b976f0b9858b483bb9d3a8c2be19880c13bccea2f322559a94edd80b811e84006a11ba5363a7208f2a29f915116b968ef02a0c6753a13d79d02ba1c667e5dbdc0edeb9919f6b9ff198993eb9ad2da98d649ffdc53337399c49178530ee3622c07f8907d405afc2f31e91eba5c3ddec4a879735fd67c66779106bf544b8e0b5a007c18513a708b24f2ad3b9025c5861a067b43b7f48aa123351746fa3e7063c2299dad3a85ae5a25097ebbed68644510cd77b8b847300240c3422541ea0edf5c1939d094fc32f753577d8db75d55b563630919daa193016e64d419666619e1328c84475c15d2ce029e06b82bb3734d020782d27ee9a37ead5f395409442df9be1c3c043209b9fe74a75cd32cf11c04a454c4fe50b911b25b02b3403ae0063cfd4743fe2e3aa6d48d0dbd6c8cdba5f071143441177f0f00954ed5c15f08a5fb0965dbbe903810b90ba00347521b8cf9a88a29193c1204a8b6826742eff129301883992039b469bc925e5ab0e0796705b3a9635d9c9505967c0d8f4ade0c0d8c288cc6a517870adab050720052f27e3874d39ab5ddeb32b7c9bf8e6ec23fc9deda94b6c6fd83c27ba12ee0259dbe5068ceaaaa007229b1ddb746117c4c7a5ab0a1b8c2bbb32f412ae15b0469a434743a59335def27239a26d6f49a7d0ead0d446505f9caf11064708016860c1f73c8bf7fe036c59cd547ef699162f5473ddbeaca2a205518bf00f6f5ef4714990a7c074c76bdeeea7180f0033aa1cb54319e13ba5cc6bdb7ba62eec41979d09f4bf85dd54f62fa69e93ce3ff0c4d8cd49a489e8a0906c66b6ee919d61bd316d5312371649a041a73aeb0f098d7af4855f8f6b8854fe934b184d6885453bcf37ed199aa015440735f6bd9c365e13beb68f251a70c54b51893d7170e992e9d10abf4b5666b2b3d9d2a419ae267b30a9e66c1503c0952cf33cfc49531d1435369f9a51a62a51494931a21075c403297333471108c60b73b1740dd15e11fa064dbd88a591f691b2c22922f95c8bbf80a58a5224fde3ac55bbf2997aebf1984302aa2c433175ae059a1cf8bb187b5976d803a8fd79ad90d9d714b3b3f7cf8d85d506dab82fca831e2e89c48b151ba480498fe97e9d820764742eb2d78d45780b85928b9f70186b366a16f4abbd1539822d046b93d3aea6986bf104ca74f81f5b4793047e75aa60cdb85b00edd86690f6fec5af32ad18d90ae36243dad2597f5bacc39620dab1d4a4e49fdd347219b07a3f7d3751e96e155527eadf63066d1135db8b71ee2d2cb4095dc8792d7bc5d6eefec2941efcedc36e9ddc53b0aa6827b0a5cb9f3bb08b6327bfb45c47d4bc43896436b12d532e63e44ce4783ed99baaaf377acab86d425d414d7ac466391ee9eeb32e7e60671ac3fc033a99cfa46192e085d5b236ab4a1d57b299a5c4f687e97e3026a7ca30dbc11a74735820762b695ccfb3e9ae8a635731e0f9b0d08f6c31a54a9dab86c24a57afd9607ed63a2acbeb1a8cd72d2331b7e656e6675445fd8e20db706260e6c07707e67b1c3cb4bf7d9a442440f68ad2b212f2394583c10e0e4fafbb71c32a174c661e434c105d375b013f8e6d6fa77584b8f98b7b53da06049b10f0dd785b7f7e407f5f450b20b3b04d83333dbd2e3e6544fcc57eaea3f732ea02252ffbd6cdbc217013b60bcbdc83075b52d5cb34458d0516d8c762ba38e21b35055b0bc3048af672d801c5cc19f812c052504cce68726a1943a2157438ae6865c6a0e428338eaeca8bec354fcb08bbf9727ad5c61ace9ccea85347f620913cc7f2eab5f741771093afe2f9e10bbc1f1dca774df482250a4c1783cde47954dd9017c5f27596d709a5eecb0fe289727e63d2423d7c54fc19d8fb5adb62faab71756db1d411cf8773d9f0605345dd4091ca08b494d694c51123df3735b70e35559eed22baa41bab8927a5ec3d524e94e4558a73a08dad357befe2cf612b02b7a491290c0bf1aed9f8e6ab62089852118a2d9c8f4d90c6b6e956740b03205a36de51eec6106bd4d7d1350190f2a6c252797d07a3a4a5379a757c71008f725cd381cd0b8582e40e50716859b29abc39938fdfcb2535bc98a86f954f0d74de7c933790f8a339bbe3be9955f9a7a882866d8af3d7b5cd10dd3deb7644b867fb26b9077d8d9076c28a896b792159feaf1dd03707662d9a415a6837c5f0f6b7b525942156cff8ca7b586671eec4565d698e288c575acf3335d2d725846a55052ecc7825ace132aa584051005371cbff3cf5da314628a35c1f2e273a0c7fb457db2e5c70b772d2e56f97af3a847bffad60216a0409879cac1efc4c8c83d8767ba983f4de81011136eae45c0fdc6eb90a8cf7edd2316856303da9952fdf4e00a8062672ecfa90fd750d07ce9d6473b0c0c29ef47a0392e451e31de7c90a7b845101b4120234eecacdbcf29db8b9c8815ec6cd5e13103a7b2cf768c749fde3ac8ca0c0d5a47fbc4480b43ad828cfdb5b2e288eca176bceb5d1782027ba5fd3a74a9fb57070af23d28c9bcdfeaefe2d4f84447f2d155a5258c5bc50909f43408413369239063d6271f19fcb51da10c6b5c3d0ae385573a61bc633edc280b591d9cb9518f68e53f83ff867c380a2b070a0a5d03787719726b7f9c426dc1fa9a7b9c11fce31a12331dd9b9d973ebbeaee789662984e7a3b2fbfc76894a2fb520749e327b5fefb1cce7a1143f505f27a4ee858051b0257b0c43e8e8be7fd350a36491b043768633fe23d67ffc41d6e1f3fa1468547b83df5af24d30ad319f17c9ca868cef7f39267264c896d8ea60f6ef7b8d7a09598678da88f587bf26d8d9b882aad607e72ef3c1d466ddbd161aef560eb44dfb24a03410f09d4476b232f9cdbde7b895e6d1b0531df21a64ff15dbbf0c64d0df22eee7752c878c335427b1fffbdc1e01700fb20dfd53cd40cc2f8f9f5db414cc92218d262972e8a483be72a1d3b933f64e5c94e16e0d6a9f18717795c3a5c5103a2e96508c650d6a4aef7e669d89ccb8a3e05fe289c7a844e92554102a569dff006390851cc1ff505ce04abe0a62ebcf7b9a54933f93b1fce0691c0a865b2724f425655eb02afe31b1a895dcf5316247d40ae39e36e96cedce751a7d6358610df69af8be33f5c9627ff29eed4977d75e2b86fafc895936bb90d9e6d7b4a098939fcfd1a03d26a85b91b29e8e473615a95731a689edf793dd70149fb5493b7a44d50a457934d8316710140fcf508f26b529f45933e8417dc150888a24d9ba01a7dd970adea83c23f8e19fcd84041c7021ff563dd411f846b60edfb44a15d848e3e2a11359c0bcda59b55bfdba6827c02216ea2d416e34c6963700ac2854c6322097c519803e758f7d0ace7eb21a7d911c273510c3894611ed453ad2535ed1c1bf9a0985857ee59ca14edd596c615dbfc18f6439b7a436ceb47e0dfcb60a477ddf44c2c4b65f92d29e24fbb229a73faca68de954e95e4697264bdcbf9fe75244dacefd8d5f0dc32bcaafc90f86097555441818ce1697edcf3d4e2e918666bf915c35cf39e6f8ffd280db560a5b65f71be873418cb941516608aac9578d03d797d5ced24dea72c6a603b0d0c80456f98ee0cb0908694fb4d4834df20809e3b8e39239094f5b7128eeaf50785254bb66a980d104096fa73f051e69e88f49117e25c9b87830c6c9a9a77d8ee88846e4ebe02012d672e7c09e79f064a4b20c7eb622e4d24afb1deeb2bb88d920de5a101d5c28f25828277258ea8e92d67d7b26eb4cc40b0eaa4d4b15896605072ace2f7cd341bf4c1782e93c2658d0ce7cb720762a51e31c9a533a8cdb4262e0bfd06f4e3dbc2bd9a422b3ba21eb0fac9185cf6c5fd6d52449e14e5ba0d205ba334d29a40af8cb1ee01726a61814e003d939dc977455a7a89dead8874e2c2d88dcabe9527f0ce68a52698aaafcc2f9e75080a69d1c101de8a04cd43f9317b140a65cce762f6be0b26074c3dfa47488cb4e2b5cb7f7757bc3b73c6f19174475dcdf5171cb170f2933f5c8a4b7e48f89374016f543fa3940a2b446965f9aa6c10866d68f37277d0b5f021ebe5d7727922e9dd1725f20b53a585fb7bff2058a046474028b957b4ce92b8ed36f5c740c015355b81421b539b00d36c053a641dc2e606a8197971d4c2a48d2cc4591cb9845c94130a67860b5f2c2a5d84fb395ebb4de88d4eef098313c006df898011312431f190496a16ed5814569e2a843372cb98e6eabf36088771bf5f7c3376038e60cd81d921eeb5394f250a45efcb35756e249704a879c5903c9d1604211973bbc3a1a3ee6e35721c3dfab40a1fc5d3921bebc1107c05343a9f962c1fe836b55dee460e08daf1340ee696e117e47ffaa544d885147a0a1fc1f9e49da5f2a2e4665630763461103174cce532aeec87738bfd58392b60e113c7d8acd6c05980c58356028856aae170ce64f494974e5646137f85a22e4cb014ffbce32c1af6c8485437c1c6e67cb6f37b4462886fffc5e0bd47463b8011ebdb2964db96cde0f68c4abb4ada97bffbd60c5b45b0fac65fd0f5a70de10361c8698739c65ba6666b9a3fa8066daf78b01d56a8c271e4cbb4389ec3321793921f2ca512da96cdc4b92d1ca0336f9859740349385b63342e8b0d64dfd37a64d0ef23d12e119d38d9b231c38156f0090b0b1fe4c105434aacefcd9ae9ce9eaae2521135dad83de046c2e4848ce4031d064103a18ce3354105a244d6b9927ae0a21ba0c1c0d4985382450049a5816b23def2507a3b82c34b2d6685a63fe4fb34ca8801ffdd720cca599c53a22a7361449432a214a562b0a40353b141986067553d0cd82eda8bfbe0d5499d8e9f336858facc276cbbf856f20b873c8fb105b6dd022d27e50e84bf12ba7d0dd851bc47aad5518f6f348f200033d9a0f85a41b7428a3172a6c24b679be09ed1491790eaf92854d4bc2cbec1d6a686c33b86f0479669d064ece960b0a8da93f5f9b4f98d98d5ad72c7a5e5479c0828d6ef02a6db8812ca48c5edc588278d4a4491c173e784cb57fa82fd586e21331211ec1069e43ef8158e33a4c7e5cdcabe21f2cbdb5fe814f83f6949307767657934af1c72cfc3540fc97461eb6068b70831a5a43a6b9ccf5855f0e7ca19881fb8ba6f6e3d86149ca4828c175287e465a1214848e3d2696a3ca53ff9927d2b902c2e6f8dec83dd4ac86c42abd28298dbb9b0a087a6694246721bbec5bba2e060d0eee1672448e363198d2151599d4995efee93c0273a18ee33a2f4cb4033ac9a2e090b318be7a88be818671c0a507a80f95df6fae3976224fb00d69b56e3b5f226b151cfbabf37a93d5390a059d8b89feedafbfc4cd6c44d5c4ba94e72d0af6dba503d40ef799e84b0d7d6a33cb327929473913adc3e9b83e9d6a30b9dbf4f875e40eb9fa276484d35de344859fed48cce52baf27e195def166c37f616acb081035de424e36ef107409e5244e0fe3b209296d5e28c0b2837575801d0c41f8ef4c46d10791f9f3c8bf229", 0x1000}, {&(0x7f00000019c0)="84", 0x1}, {&(0x7f0000001a00)="3b507b3cc55f46911fbc8843925b9c33d4333c0b16e68db4bb7b717f173672c3ee74b0bb53910a8a1e4d6af925e013873b20906a3202860b5ee634db935d0f2525601a9463d24826d5b394c9a414a4caaf1a962d77bb5c04a0f0328066d70b8c48edd1347f92cf7bda2efdbecacdaf54cd323af5576238d56ffc29db619736b8fe8fb451853813b903d1a90e88f74be43fdc7e8c00b22ad8f17442592d0e848b2d7a92a1f9879a4fef13200b66c33de601328dcdd2f21fc9ccf69098ef7239a0ee59a8577c899c9f9c21f20bf30a30a55b4f09d8aa3a15822d53025698a6be864477fd11deb17b449e790844388b7c0663f6", 0xf2}], 0x7, &(0x7f0000001b80)={0xc0, 0x88, 0x7fff, "d939562e8360a46a93867427db70a636054c3c8ca6aa9e3fa7aeef2c0b772867f2f52508e775cea2adfbe5bbaf8f9ed73d2324cd2e23545e9ae7c2cbe48649cb8f6cc635a59e9e5563b3d61ba6ace62edde0d088d1eae7e4ca5740ab1b2bf80a6cd163de104925c64146302c12e3039bb9775c5f20026f1a444770a8904c668a0d7ed2c19bc0a57e478abbef9604779688ed711b76ce1b76d390f2fb682540e1d42e6f3fb43bcb190b94680e9a"}, 0xc0, 0x90}, {&(0x7f0000001c40)={0x27, 0x0, 0x0, 0x7, 0x1, 0xd56d, "c045dcf0b19264cbc2cf93364b052580fe62df78fd51c868562b4194b43d01585000f57550ab81ecb20f9bd687bd75bb589807ca2328e386a8730b1924f5d1", 0x39}, 0x60, &(0x7f0000003fc0)=[{&(0x7f0000001cc0)="0557062f0bbf078d5514e6e543b828aa6a4fda4aeb5567d6e24c4d299baecabe6ad3f80659394b8bb6f2e8929004153d90fc7c", 0x33}, {&(0x7f0000001d00)="44da29488c36d8a0a89f217e591d96e8187c07a1539bd207b85ecd3da8dd7ac59efee042b3c5476385a7f1106932b0f02a8d8e67af409689a4d3a1ab9ee804c322cc03657b664e4da52a9df7a381d5eebef5f02a", 0x54}, {&(0x7f0000001d80)="960f0cf0effc6a5be7fb10406c0a3e14cfe5a5ed030c8b6c0556fc5d0a5435c74509c50a0bf0195481eae93fc440eea82ec2258b26bb7bf130af25f6c41786ff398ab0b002ac12c24cb84f59f0d722d12a5f4df384a6d436aec49ba740131581b76ebed2b44129a45aaf9584258f9762129a1d2696ccb471a17f6d994613927dadc7b07fa0830f2fb169204234e0586a7e8b013e6c216761b8fc669a054fea9185b418b42eb5ed6c75c46e573f0bd338afeb7db1ef76e72bffa0f8af6eb0bcb4124846dfa46dbae6c340865723b59180a64a2f1f51c363b1c4f09440acdb286e75d6025ce514343761d3458927762a7a251dd270630d71d38da3627830b63c970cfb33d3087dc82c53bfd6a3bf476b1376c108165dc15f496c3020d781b23a6b27b3e941a67a69ea8c08c516a151c4dd58926f501889c2dbf0419067874ffcde3f333abc13132d9768fecb9cca550981675fca9184301c517687846965843f306c8b1a6cadbb2d98638ff4c2de488f52976ead7db2136bb155c505d949f35bc251e5c248ed36772b84dd40b37636c425e279898013d6ce155431678222acdda933e6e22d8001d5a562114d678f7ba0961271672750053daae1301d065f092efc1c3694f0bd089bdcfcfa49ea4fe16a7934ed8d7ae4fc74e9f1834713ad379b76c35e73d98aa09dad9c1a576a23f829520a23a1c0c7b90d3b909b1fd03f1a5ebc0b293210016089b128d17e8cc0bded1437b49a5551619a5e146b3bdd4413e33d1a2e20d554069ed90f0b2f011a347782ceac5ada5110ad1adab795537e51925b67fc6510fcb771c79f120e93cc03b54a2be55dd7b4b795038526f3bbc731af9f90734fba8def8c034d87c7f073a3990f1511781d79382732ee60ecff161310d45b5d79b86dcc67ec9c3e05c91a389c8a857770e8046828a8dbaad404cafd35feaf92298c2c26991acea48b575a447e080980da66d454388369feb88d7ba5fc5705d1441b6979a9975a76b54395f66c4196395d2bbd717a3d5c699390fde15f1841e46d2dfdf32b255312c67bf406a21a02c59ddffaf20256aa03b45dba0e89af0622d8cf76b4258200fef35edb12530ea888db2187e88c89512181ec3c7c71005c7e943fc30c485e9e9ac35f93d59389884a4e7198b7b763caa44cdbdd43a3ed59d00940ef86470fee1f40bcc9a8cbb778396dc91e6d8aff6a028a3e4a089ac2455fb865557ce3e8c25ccab30332452661998aac7bec38f8346d5f49a2ad0fc0c2fe531e98e322b43ab4778e51dbf16866cbae914230a8582e2ca58c191617dbbdbf3484fb31ff90a7a7469e5ad37e9c5d7923aebc49780fa2520df0dc9974ea9323ed872101ec9c135ec097d60af794c5b24ef72fd42bff5d5f50ff37f1b9bd2659824a61359dfe1a9c1c0ac7c2064192cb658104cc088057bb94e828d2b0d500e4f31de1d0976567f76a44d85aa59c216e4929d4b35f07b31d0552680a0e70453d78992a22c588839b0bd0cea7f6a5edeaf8783b37f639e2e6ad70972e4c56e8fb24d9123665537d210e70d40695ad11fa91d1f9fcc1d7aa0df080d72865d7e0aa4a6e2aa71eb3d1e88e4afb371dd177e0b40ac7f0daf753fe390fc7e6706055826edeb21ac64804636f7a7d1a2fde6d1dd9a42f46fdfd6ccf07f6dfe3365865ccdcaa49b4f7476a3cc07290ce6042c01a97e83b913485b79a630dcf09730f10ad33b19d484cc5976a42819475a98afc0c4166bf4933dbfcff5dd7abe6df53f13e6abcc396c1c73d62296a38d37c3f35964187b38add79a8eea1e707fcc1b6d3bc5791a79de7d624e213ee2ca6dab956db4ac772195401632085e5e9d5b2aa6e658ab2a37e4bba7d68619a48d44ba5aaa268360aa45f21f2172b09b22dc0378a5b18f66c675d4a4ba861a27639484f1c85db1fcb148d1056327ec97f5eb59bcfe9ca08851e7fc1d59d6ccc932a370e5fbcccd157b63070d452d5cac76c3879500b1f77170f4e7991165ecce55a70f8aba3f40796697e90ec503e4cbd200789ae765dc82a7655eb1dac8cd19eab9aaf92d296fa18d3b36249f57a0a7a2b90a6a27980ec651e79f7e1824e6640152fd5a89b5aaf9dd6418033f6b3e42ea3366b894f2bd94ae1fd6e8f748eaeb39d4e451f9fd0adec6cefeff4e3ef42804faf39fe691a3db8b31b8420ef8dfbba85991e2ff76a13da1fad892832d3ef88a1916edd43626cc85fb5675f24b75befe069775cbc5db987ce7da819ce67988c029272fe2cedca6ba8a37abe0f21f2ccb96e5302efdc1cc274e7b405e0908a74260e49340fa3bcef6379f507c076572324fad70a18129fbbe52532dfdaefd4d7a19b7c4bd855f7f41c3fb40be022a372bd12256448835aaf0d49315f3f87f5fb31b158f3cf7d063efbbcfcb2fbc0135352cd1983404756c5ec4efff90d2d64fa04827b5add41c0a23687844bd840764297fd0786568447dc3f15cdf61a91154db0768557177a0cca641e45e4a27130fe5e81a38863f45a1f47df6a3e976a6d92eaf6b312fb491961e4b3592bb4557f11e1926f54955255ceed38d31f83fd5c052e95aacc63a8085c27e544f36ab36765322c8d7b1eaa22b5fc3ab267bdfc6242ce345ab6c77921504895bb0b4338a06c0841c70840b3a15448214c695ff628ef8d6f420f598184baa94b0c9718cfbd304fe064257fd715d64464dd158ca55f2cd5ce683c94cbb51d079fa39a417538a82247451fb30e609c543d31cb36ead5d132f49c807c3eefc10c5895d9c1e1fe2e4481cddecfee481bcb0b132e30c43f7109ee9d024d48cd7544ad239c65dac08f3113e13727af9877d2a65cd620a207e27a114d12a5ce9b562bb9a7e454e77670bea921294b1f117648f50b9523ef2e5106e7301ae52c1ed07532fc16cb6809192c998886a9f661ed1447fd4fa6bfd0aba18734e9d482b77448e519556eea3d7235043e46261346de9da8183ba64fe20b9b9db6dca6f8f403b36ac927f56cafff901453fa8674658d3f378a9efa85b9ef1b424031237e6c546fcc423bf65bb1ae89ac9f3a7a6d5ca36733743f6a08585fc1bdbda887eba0748cacc402cce89540954d2b259a4e52849bafb97202d9023b3b9546710d7d7a083fcffc41ec29b68e3f85f78c5d990164a9c15d766a4b55253d8eb5dd818bddab95c013d3a587e8636ce0f8b615ec04b39b768dfe8c3ab1622aae5eba8d1ea3b4b687b23cf9c415c5f5a0769596007da99f5c18e66b4ae2a821169df0a6525e0d3344a706563643801f1f6b71623cf10a1e742c09442f630e9ba8f366c7699898749892d58f1c0268a8a90e8b6d1b5ef78915dc34e68438eee8ba5b56c133ddabfce38cbbacd74e418c3f2619d000183ce21da9619163fe99f544274f44a0d54a4199633ff37a969a828a96d684784d5a8c43ecc6385360e044347802e383ca8489ac26dff2d16d8b8b4f38dc53a9a19daf3e1382ff2e2a6474f003f29ebb9e9b1a56bafcaaa2450b7c029d8725aed2c22a8b395c37151843fe8295510ee153abafb6587645277ca405a2b334b49761221073d5a07904b4be32d41d8d81cb0a0b533e11ce74c5e3d4a96fcd12c8edbaf7f2e852e826cf9547b99221f2d486c28a013435d9c76978262aeff56cdeee6e29194673d8cb95a74c6fbc22b8b930b136b8421192e304be94217ddf1a155fe16b3fd06fb37897ff7d7af5bcb35a097289b030f9301c5df4f6970ae3a775d2a925a00879afabdb295428bd590c45efd18d6fdf3474c99a7c2b337ecbd045a68dea913ee80afec4253822b7746b583bec953fa6985ab076c695e4827b9e152961682ca1e8cd2ed5dc0928422bdfd447ad5507796509eeae2ebb78c7eb8a670448ddd2a4f4b5826391614dbd34c0059202428f6dc730b7e9c3a2ef9dbd10bf6a84bbde24f5c27f9e863d62c34b3b20550cedced476a2880e454a0b5dfab7dbd44fa6bb0cb113a877001e69f0e1db8f43f6fac7ee293e11dc5ed5cdb11e7e8cd6ea6b4b5faa9f251d8fb6b5dfcc77f7bc9a03ea2c1a1860b3f9142d687338a5bee34cac45419ecc9566e9437f376d39b81497f2f10d69778d5cf41df08b53b4d7b311e5c917657afe06160d34fa89f9d3dfdd69480ecfe6ee5c4874942ebc4837faf0019be878a32da918d326e4923ade3e028223147827002ccee23042e287b73376aa1bdb7fdee964af503fd83cd2f2d55e4bb85d95a47c1669484f5bfcdfed849073b1daf76ced4824ffa0162f2b3d4e897736e3e82f19fe14ebe393b83953ec8f857b33008417c907d667a0a09389ee0e680503e794ed29128d9ba09ee5c1f2bc2ce25675d1b272b93a0f50997279706afc76095bb5ee827c210677078962062086004a61542a1f5c5863022c5fe0819a21a3d6f0c7a1c294586814810f59dfaa77c0cd931c15712be94af5f503b0c9368bbd14b663b06910581091005af3b0068044da34380dd516863ee360d97661b5461ba3dfcef325300503a1d97867fdf824dc21d9648e3acb05964de7ecf96db233132dcc7d62c1ca95b341faf21b497ed3f2d68d10277da6c49fe49debf940e4a7a44cf7ddd2e0fcb933e74e0e7c187666c4680870ced13f26a25ba1ecb17af36fa825a492e8197ba2cb705cd5b827e0c76041e2ac545121cb604fecf426e82c351ed6e4764aadae8a5106b6caf5f11baf50d232bd71f65254b97b75e69216fa3592eb4524ff6eeb81269ab79dba57420ef12b8cbf474fcf3a55c77d998ca4958d4d30024a17cd0ffa1573c197e49b60be1666558f4edf2558a3a334d61b46ad7fed6355a2625f7d89e302d0ca535684433cd1bc2d63cfd2003aec214451ee78f5a983ec1097e3a3c7a5bd6f36c4e2ac15f1bbc8fc5ea9da10d27a9895136be8253ef5828d5ea2673379cef2a5cf451af874b1fa62e34b0449cd207ab307b33c70e15c4e1b6c1c9b974ff298749f0b26adbf09c7f5e3e8ee30b4bde021ed5982bf75934ef6cc1745d3545ea3d9e6a17c8e5821c8d13b00eca2875daa3a14bbaa04dcd868e3d92334510e42d6a3279c9348109db4cddbf9fdee628dd8a89f533dd40de577afd3da3fa1b0b55b626a238aab108958326c236d8b9755c5f5ec43ce79f2d95ba5be5b3bb3ce0e00d0861b2a11c14db41a141fa3769bb6074b86f20365c2fefa42b9616cc1f84288f6c8d8738fd5623408151b9a8dd97d744a3abd52fb4c9886abafe0f0d9784175844a727578400bd71730f33b06cad21c4fb85e0450ebe1836abff20243245489f274bee2a9f2d21297ff8a8bb2286ed2a36f06d1d70c2a14aacbf3a315dbce7b6e630e33814a15945cf082a3da7aafcb0fd6545142519ed8bb1b14eef1d28d36481fe67e5fe04ff8dc31981cdc203c4a9c4699d48fbc259e2b9305969fe48250c684928e9cda69e88f617fe7d336ab2ecfe40b443794077b87aed7b331d5b09c55c115ba023c155645801201e2fc52a20cdc5d9332d0b41c414be8c639fbf42a7e1ccd0b2ebad486b0f7df279b02ba0226b8b25048e8a5c4ffc7c3a9f57d5180fc3da1a25338f5bc6b390cb6253c6e281b0dc20d057b1a863476019cc028911a2fa27dcc4426d857cefa7f1a46a0f5db0128df00c2a94255efe43fee51798b6901eb181d1ab64071d149e44ba6e6592aa539223dcf0c477574f77d136fb4f93826f9f4490da9c85878799df4de01fd12cc5ddc03dd0537252b3f934a4897eae690f1836942fd199b3665f625c16c6a2349b3070bbd5463dc577f98cb96ab13e21ae260914941b6878176984f64c05f", 0x1000}, {&(0x7f0000002d80)="79c00270f8298455abfc1736c5ce20cdda0bb903405bfd5e709c0867efb6d28aaf43d42f968b0b235cc6e65541a02b88ae58ecec5399865742388b4e96a62e3f39c6d1e80723b75fd32b3035ddd95e29c34bfa61e59c73", 0x57}, {&(0x7f0000002e00)="c5b10c8356f9204f7a75af39b0a48f4679ad66db97d0923f976e1d8fd34df358e48c3416ed87077370f6be1e817e152a3533e854a0c5611c52f1c1105e5d6a0f88b6890781d7f0f3ee7ee019b0832a33b5a644e86f4ff37dacb2133240508a8f910aedec284472e34cef95a52f7308586a766c1f77825c3ed25444e8dd4e561f7b9a141bb43a9eeef5d3552480835a2967394a15f55d980796b1fd8f66fbdce10a4bf4047db65120b4389d74566053751aae2b333bce9965ac424d858d8575d74ed792e691def7212c4d0aa1181719735e8edaf425fef1702da2b57e8f683cbb79a306918b3d712183e8a811f1c4195dd8d870d0e76cb3d1c8", 0xf9}, {&(0x7f0000002f00)="52f0b218dfbafe66e10ba8433507838f6960242176acf787bd20abbb360a7cb2c48ff525a2475baab87da4adf0d2c93ed2ab1499dc1f1d8828416ba3d47f9fb193a43175f451d135a356c77e146d9ad966d55d242eb87d33da877d14919642b7d5d51cbc36e9dbe2b2118a5cb68bb12d2eb975c78b2c52327f0758e6efb090166efdfe6e8773b01761fa79aa3c3e95fe873ecc32960ecc14a085b525b60c108a969552cd3f740e1fa3409b96", 0xac}, {&(0x7f0000002fc0)="65bd4504daf259f47affee3ca3af4669c1e166cccedaf069f8b02945082b75698a4784abb9c50921976e7ccd21cf7a8b6f4b243c4f7c0f981ffa45176eb1f97ceaf7185be6e7d5870f4e1974a620d2b3cc295e99733bb2ac3d98cf053fe573d4385cd5d7455e15f6f0c43501d9834eee0ac3eb67bf94be7e14e63d8faa5afe0b39133dd0b252eb899c9c4be3065205dcbe1cd8590357d1686db42f5680a56aa567a7d44a0305a12587af0e02808aca0fcf8076d97456eadfc5018ad4a8cd8e07457c6779656236e44fb67a83a3c9f324a941017badcdab18606820060ecb57e66eae98ed1228a4ba5c05b8275c96fd2e00a65ce4a9dcbb4c97d3957775a91435ec2a3a19bf8683e6b9f68ff23418426c5898fe958f6a8464e2662832af87fc35ff6711dad4274467d51827aba247fdc9ae7224d301d940a336b223b66b10c44ee093cca89778e349e235f0a2af7647aa797a5d1437c7f2217c14cbd0c5c6d40b504080bfece85560d870d49d9ea592b621bdea5b4c1dadec88d75613f8fbb09cf9acdc028033f34c59080b3b811b88a1c1b8a2a60d6dcc8e8f2e28885527d6ee85d00e9c726030aad83d9c9b0a516ecd51b9988763e3bfa08c68bbb746b5924e9e38e19afbeb03e2668221368fded70bb90a0b5d9e08a9918f08341e30949cbd637bec16158aecc9a188a98ca9e34af7970253ca63077a75f0ff5b7fa671039808677bb909d7943880725b128b073f57ecc10057d6f66f5ec86b081a4feaa3f49a8652735c1b96d696616d81199f378c4c6e6410495b9bf57f3713a156df8693c835b0f00697e70cb7d637d8dc221cd4d876291e75d7edf26986758b386abcad68be7f380690bb6c206a516f800c3096edb70d4f9add514e1001b6ddc9140f1dfda568a320563f455b05a478e373861fe71de82b7e90cc13469e207aed7b977298da13888de3f5dbdca9a3cea827dba218e46981d8250d6d43a843db817e25a6292790dee579daaf65c26a943b95a49c118a9fa12eb96a17c9a312cb908eea111ff7dbbeaf8a91462edaec3a7136715bd93bd4f06de6f25a7ed0df29311488b29e6b4d57cf042c0225ff02db0a7180d2197f40f010f4b65a3a0b4704e01a0e85d3533b65b90cdabf1543efabe4430f4c359c0200410833f73fb7677c4c7085a63be45b7739ed16f7fb375e6f37540e8639241a59cdc1e47fe04d4dad81f05709ff1390e9a5f9bda6e8f879a9a47bd7144666540ea28af49dd2499d00f67c412ffdfe91e176df44266638ad5925c6debd8f21796a7d61fa75f77ebc1088a7c267b3b3c680a462d9ae483740d0f1352610ecf5ee4b4f7f0471efa87969957c332be398a455692d85e5de1745e281143447641482ddfb93666387bbd6638feb319d48ee8c20d42205c320d5df93e7192fabc9c19de82c7b192175576241624724f62be8d847509d91cb971a6ce97b9fe1da6c37f3b03a8ea4b86be0b748919cbf1f0bfb193cdc13d61ddc5b41d7e2b726c78fdfb0d96e639e69c849611f40800072c822b2178a2dd2d47fe843115f97671da88faebf7eb36306f756b605e13bec16edb5dd233061fa64f23c60d8b4c14843caff6b66df14588612f112c894486f719b98dab12a39618bff40cab69f2e098d9e620fdb3d11d5c35e79d90339ab5aa6f340127f01646eb14b2f579832a57c9bdedcd23c5891544235bec2783aade28ecf6c2ef4dc0beb25db4117f975c51220e3f1e83e32bb7c96e794f50ef6903131edcdb7a3333bd8c1682b34b9d7160a19bb311a0bb1a0354c61404fcc0e7e8bc785dd4a2bcb2157f6cb19260a693dea3cda9469b06c5e0bd473dbf6ed67a1460b01fd15d82a143e097bd574f2dd3538d1a9aa9c48f5462b9fc1ee27d265ccc945bf6a9d5f64ffaacd43b484d355b1dbdaad9d1220fe7c8750a55f127525e8490688f5e67ec3abb68806f932c176620d06962ea6ee17e7bc3470394040f2c2461b9705652573b9d46dca019cf60ba394a50d9d981bb95d30a04267bc172725d44572fada48c85409d0fbbde91157473293ca0e99df40e6e44eff98dcd9898aae7caf6fc5773516373d3bae6767f411c229f4247ad07fd1a9be6e79410e76b6f5101f74d25e1d77e2e2cf94ee1ad5d44ec152663734052eb1d040253cbc61997dbdcd82b2bf6d8a4f7d84a2114101358f78bd73299aaacf92479f4482bb879c69cdd57eead3def244e9ecb8bd77029be8ab1f84da116c9077c5c5513903dd0fd381bf36cb716afb094b74a1820eeb947892065d53c9db7e212024a6f5e61a79a707c286e563be8f481f6b11488e1507c2b63d7ca6200d68642168bd42c45d35811801af6b8202ee059890b11023f8198ad6fa47dfd38912239cb72c20dd770b165dc7c0b523488b32b08986781cae8e427dd421b958fc2b5b0027b1c2cb4c445e2049a832ca413b4bd68b5f71909ad1cd787b1ad5a48c8d9d492e4d76fcaf63835ec2cfd5a40ae05da9ff3930e13c7f4493722e4f1070f23b405ca99827c62f7a410164e5399973dffcff97bd6e62de355c9a9fbe0a50c1cd843c471b4cefe4c35fe4eb6705a696f46e88b73ef7819abd4cbebdbd1d8e5a892b7ee1c7b40734ccd578d7280e4c4552e0f1f90a1019e8288fb3da417c12a0486b8cc46d918d775cfd7051881eea3274ec394ab15f2404b6829b2b3652c1c963bbfb61feb02f5b13c4b35255d1354b72dff6dcaf20fa96062bc39df861c82d8ec787b78375f0c15e494197a744d334df67513cff758e52e6c4fbdae0b3a0d0dcd70f9bfb9e04f894cb73ba9f7c04b2b461f95a73392d5a4af44fef9649b2fd6fbb0fcb9f6453e1ed657ee03f495e61fa674acb44829f440891fc5bea8e023a809f10bc50570611c4b78d4c76186479c336fd46baef6ff8c345509b4426207dc2df95dc7147f8105ae4cb5f17f32188ff0933a3ae0f5eb10eb8835fbce7d7505563e7c9c5b4ae76aadcc1911cdb95703d58c06dfc9d8955f51f3bb00c2d3cfd1592052db66baa97a6f5116599af07621ecd0d9e056fc61cf01a7099eb33ee7d791331bc0639fb8dd28c0186fe144405b34f74b9d9014c170732488d63c161ad11373030e08d2fcd18c6628f0f625dd279026809c66e0a685465a7946183c2f454040e462219ef3559a84ae03d9e43e8ef47e8582a10a6c7aed2471adbace468d31c1e3c1ed06eaf734ba4ba719838b896ff6c1fef977dddb7e7ad5eb4c95b82feb2936ba8bb8eb5a1d051b17e321a35ea092689d8ffe5498f98d846a57244bf7aeae8c0110634cd190ded826585616b544d3e076d0c19c689d5ffa104a480bed12d57aa9f5d72e110d0875804c7c734f9549d17ab0234f3091d0a11a28dced1b19a015994c2cd0397f68421eaa6a01cfa152ac39c184adff34095cf70ea70d5e75a1428eaf554897cd406d89f91cae3eb02ca70b387d3b8d99149bea48d6fce3132313b6de03519ed800a709cb006b38e03313b40f975585ccba1a40b2103a53e06c7d69a53e66765c4b62fb34bb637e18e4ebfa5471ea6b8f5d38033fe68a6a3eba9e708596cb98b61259ceb11f85747caf8ce5c186775db36e99c1b3ac6c67f1db7f095df59db27f87f55a287fd3ae94fee92e1360e747a9daa32651e03f70cf9a52128ddf87a14025378c3a925f82174445cf93e617ec268fc84cc1883d1266319dd6bc0ed062b08b53fea62067b251cf89b2c3fa17b730c2b71e7070147d40910ee6eb214f8aa976a812906079108aee0bc4904ba9149e791c8470a2463fb90f19c0b9429a4c4bfa0adc391726fde1afdc23748a76242ff34c3bf76e11f46d3cb902562fd7d959a23669939feac26f19f2dd8f6362b382830169ed9ae1c469431e7a7ea901c4e6e303a53138421724ba4cd466170d681d65ea163a1c8304b124a55f8a1d4f032b97cd29578041bf617a482e9557173ebd4ef895e4cbe098e78fad85b8ce57f3c3dc6f8ff790d3fc9e8277d5ea047ad41ce8de0d8657c523ff79611acd06c681cc47ee7d0a806f23ff552cf32cea4a64c5c1c2e25a812f8143fb0622c67edd4ca66236e1c04d019d193830875e99ea5edd9666a0846e4042db887a057bbf5434bc5beaaa4013cec51fa93e9ed54fba39182dd10f46dc6817bf16ef1c37dd2d49e3669f74ea97578b13a975ea8245bb279c360a451434f449d35c49d1faa2ab733c957388a87aada74e3eb77935955079ba0abc5f3670baf47284a34efa5face22bd4a1bbd3ff6a8317057cd00f1ca845ce33ea124c4e86b7b87748ec29bebecab88affe322d84b4321682fedccb5aae827c7820600546354d275311631f6e5ef3f6458c3964004d0dc0b33ad2d1e4424adde1d11a021e4b4590bec2d04507ad72f7fe402c8e9c5de08db73c58ca77245ef045b1e6394faadee8dd5b299e87300871f8083f1dff59c30d0e0d7b94ddc90bb3033fa9e2cb5037888319e8cfc5c59e6d2e09f10581ce541c4b68d7652f6fe0f5f723c9a7f848e6f61cbbc6e6ce10a6e4faa0ba1966e7f5bf4d683024fb943c9bba360fd17b9cdbca18031f962a87ba2f034b0758be756095d1f0ddc1259dc35f3b3e3f8cce7ee485d25a29a752ff9e0621d5ccfaf9135e27e49338aa3643b6b4859125e1a2f238230d626229958e43fc9001329734c7857949acd769fd2debdf4b6f75144dcb88fea6a860da49ef49a5e2125a5eb26c27ec552b08994aa787240de365e78047e13ea85a2563ed32b17b1735e59e239196e95d0523401b8984d19862e1f5bfe7702be3b0dd2dbbaadedac3db29eb5446c1826bc6b09a127305f7fa5755fe278dd2bde66a9961131906d1ac03b8b62294385e05e2b92f7c06942b4e076e6e57c0c6ea2ef73943cd4c345eddc8ccd09a373e38c54e896b8c1b6cc3122048cc127a27a62279cf1ef8c5fb5f0ad73ae0ea4c2f5fd38eecbd3b176021990b91eb5cec2de83628acd20470628209e0407c782079776ebfaf244be3827c161643927c7404cc19a8110a7ed57a20abd33b9b59532cd082b587bddc0f52a3a1e24482dbd1fd49176956012031f74318d6f61feec2af73753901b5e1e58ff46ad67a650df995722144d102686c64d13fca225b90b2b8390ba84bf0e74a16ef1d3cf9cd099f190b7820a00e2dc61233cfcb8f66a9f1fdf329bf7c37db3e2657fb23e06f21a26e1493cee51ef906694a8434bc564b344e85f8b93c7ea45ef6e8a3c705d7016824f621d627c1ddeffd936b7a960acb384e7e2687c2b1682b3d7a0fc4011c7a78201b93efec119c958d65cb523d4726d58835b39d0eade70379ff9fb3ba053021d4b279bb5db282da858f2a8b1112bab00979510e8ddb42e56659a5d28739c45f16953335a67e34f2c87d1dd130a9797133513449cc0c9fbb703456bba4b737351e44d3a14bb144963f56efa83a03f73c67ce3af42a7b9fe49032825862c59ed34781ce9ee154b580ebb1ca36d173796b207a0659ef08461e20ea6365abc54dc9d5c59c6dd2e17e2b47a7f04fd32d958f1862b74f899d3c18a65da344dfdd3132efa49b8a9ac62725e30969568293dc488fc3409b682fc6812b762de91c3c9d2d72f6e01e1c29b155da0e1d88662969985182fc4416424b61c196f54d7055f23c63312e04b47e5b4706015538af56623cfa8be14489ff84a18c88bc215164d5f8936fa04dfe21c6eed526025769dc9a6880da9432ebdab81705d39698f969d3819b37708b515b287643442272a322710397dce3bda13299a1b5db9d669d4324a01856cb0468c5d29b1b7a", 0x1000}], 0x7, &(0x7f0000004040)={0x90, 0x117, 0xf10000000000000, "9497f025249ef6e6c72fec01679a12c2d4dbe5174bb6417dc32c3737fc02c70dc84de77d383a2217646edec03eccbe9f0104197999577a232baef0d1cfe88935d2affe92d82fcc0d51aacf335cbf349964cea0e0a565de9d407cabb61a4ddfe4bc8f8c71bbb008129ed09c2a526b415045acef55667e9f2b0e0474c844f74b16"}, 0x90, 0x1}], 0x3, 0x4000000) 2018/04/01 00:14:28 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) connect$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10) fallocate(r0, 0x0, 0x0, 0x4) [ 228.434894] FAULT_INJECTION: forcing a failure. [ 228.434894] name failslab, interval 1, probability 0, space 0, times 0 [ 228.446170] CPU: 0 PID: 19002 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 228.453353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.460057] FAULT_INJECTION: forcing a failure. [ 228.460057] name failslab, interval 1, probability 0, space 0, times 0 [ 228.462693] Call Trace: [ 228.462712] dump_stack+0x194/0x24d [ 228.462726] ? arch_local_irq_restore+0x53/0x53 [ 228.462745] should_fail+0x8c0/0xa40 [ 228.462757] ? is_bpf_text_address+0xa4/0x120 [ 228.462767] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 228.462781] ? __kernel_text_address+0xd/0x40 [ 228.502452] ? unwind_get_return_address+0x61/0xa0 [ 228.507371] ? find_held_lock+0x35/0x1d0 [ 228.511418] ? __lock_is_held+0xb6/0x140 [ 228.515468] ? check_same_owner+0x320/0x320 [ 228.519776] ? rcu_note_context_switch+0x710/0x710 [ 228.524691] should_failslab+0xec/0x120 [ 228.528648] kmem_cache_alloc_trace+0x4b/0x740 [ 228.533217] ? __kmalloc_node+0x33/0x70 [ 228.537171] ? __kmalloc_node+0x33/0x70 [ 228.541130] ? rcu_read_lock_sched_held+0x108/0x120 [ 228.546128] __memcg_init_list_lru_node+0x169/0x270 [ 228.551125] ? list_lru_add+0x7c0/0x7c0 [ 228.555083] ? __kmalloc_node+0x47/0x70 [ 228.559044] __list_lru_init+0x544/0x750 [ 228.563088] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 228.568954] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 228.573964] ? __lockdep_init_map+0xe4/0x650 [ 228.578356] ? lockdep_init_map+0x9/0x10 [ 228.582837] sget_userns+0x691/0xe40 [ 228.586541] ? kill_litter_super+0x90/0x90 [ 228.590760] ? ns_test_super+0x50/0x50 [ 228.594631] ? destroy_unused_super.part.6+0xd0/0xd0 [ 228.599713] ? do_raw_spin_trylock+0x190/0x190 [ 228.604279] ? kobject_put+0x6b/0x250 [ 228.608067] ? blkdev_get+0x3a1/0xb00 [ 228.611852] ? cap_capable+0x1b5/0x230 [ 228.615719] ? __blkdev_get+0x13b0/0x13b0 [ 228.619849] ? security_capable+0x8e/0xc0 [ 228.623978] ? kill_litter_super+0x90/0x90 [ 228.628280] ? ns_capable_common+0xcf/0x160 [ 228.632585] ? ns_test_super+0x50/0x50 [ 228.636460] ? kill_litter_super+0x90/0x90 [ 228.640673] sget+0xd2/0x120 [ 228.643676] mount_bdev+0x109/0x370 [ 228.647284] ? fuse_get_root_inode+0x190/0x190 [ 228.651848] fuse_mount_blk+0x34/0x40 [ 228.655630] mount_fs+0x66/0x2d0 [ 228.658980] vfs_kern_mount.part.26+0xc6/0x4a0 [ 228.663544] ? may_umount+0xa0/0xa0 [ 228.667152] ? _raw_read_unlock+0x22/0x30 [ 228.671282] ? __get_fs_type+0x8a/0xc0 [ 228.675152] do_mount+0xea4/0x2bb0 [ 228.678764] ? copy_mount_string+0x40/0x40 [ 228.682979] ? rcu_pm_notify+0xc0/0xc0 [ 228.686853] ? copy_mount_options+0x5f/0x2e0 [ 228.691241] ? rcu_read_lock_sched_held+0x108/0x120 [ 228.696238] ? kmem_cache_alloc_trace+0x459/0x740 [ 228.701062] ? kasan_check_write+0x14/0x20 [ 228.705276] ? _copy_from_user+0x99/0x110 [ 228.709406] ? copy_mount_options+0x1f7/0x2e0 [ 228.713884] SyS_mount+0xab/0x120 [ 228.717319] ? copy_mnt_ns+0xb30/0xb30 [ 228.721199] do_syscall_64+0x281/0x940 [ 228.725068] ? vmalloc_sync_all+0x30/0x30 [ 228.729198] ? _raw_spin_unlock_irq+0x27/0x70 [ 228.733675] ? finish_task_switch+0x1c1/0x7e0 [ 228.738152] ? syscall_return_slowpath+0x550/0x550 [ 228.743071] ? syscall_return_slowpath+0x2ac/0x550 [ 228.747980] ? prepare_exit_to_usermode+0x350/0x350 [ 228.752983] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 228.758340] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 228.763167] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 228.768336] RIP: 0033:0x454e79 [ 228.771508] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 228.779199] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 228.786448] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 228.793718] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 228.800968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.808307] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 228.815571] CPU: 1 PID: 19005 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 228.822760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.832103] Call Trace: [ 228.834674] dump_stack+0x194/0x24d [ 228.838280] ? arch_local_irq_restore+0x53/0x53 [ 228.842931] should_fail+0x8c0/0xa40 [ 228.846625] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 228.851704] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 228.856869] ? trace_hardirqs_off+0x10/0x10 [ 228.861171] ? check_same_owner+0x320/0x320 [ 228.865554] ? find_held_lock+0x35/0x1d0 [ 228.869592] ? __lock_is_held+0xb6/0x140 [ 228.873634] ? check_same_owner+0x320/0x320 [ 228.877929] ? __d_lookup+0x4f4/0x830 [ 228.881709] ? rcu_note_context_switch+0x710/0x710 [ 228.886612] ? ext4_iget+0x170/0x3990 [ 228.890391] should_failslab+0xec/0x120 [ 228.894339] kmem_cache_alloc+0x47/0x760 [ 228.898377] __d_alloc+0xc1/0xbd0 [ 228.901807] ? shrink_dcache_for_umount+0x290/0x290 [ 228.906797] ? d_alloc_parallel+0x1b40/0x1b40 [ 228.911267] ? lock_release+0xa40/0xa40 [ 228.915217] ? mark_held_locks+0xaf/0x100 [ 228.919340] ? d_lookup+0x133/0x2e0 [ 228.922945] ? d_lookup+0x1d5/0x2e0 [ 228.926545] d_alloc+0x8e/0x340 [ 228.929798] ? __d_alloc+0xbd0/0xbd0 [ 228.933487] ? _down_write_nest_lock+0x120/0x120 [ 228.938222] __lookup_hash+0x58/0x190 [ 228.942000] SyS_rename+0x7a7/0xc90 [ 228.945612] ? SyS_renameat+0xca0/0xca0 [ 228.949561] ? __lock_is_held+0xb6/0x140 [ 228.953605] ? __sb_end_write+0xa0/0xd0 [ 228.957553] ? fput+0xd2/0x140 [ 228.960723] ? SyS_write+0x184/0x220 [ 228.964412] ? SyS_read+0x220/0x220 [ 228.968020] ? do_syscall_64+0xb7/0x940 [ 228.971971] ? SyS_renameat+0xca0/0xca0 [ 228.975918] do_syscall_64+0x281/0x940 [ 228.979781] ? vmalloc_sync_all+0x30/0x30 [ 228.983903] ? finish_task_switch+0x1c1/0x7e0 [ 228.988374] ? syscall_return_slowpath+0x550/0x550 [ 228.993282] ? syscall_return_slowpath+0x2ac/0x550 [ 228.998188] ? prepare_exit_to_usermode+0x350/0x350 [ 229.003181] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 229.008519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.013341] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 229.018503] RIP: 0033:0x454e79 [ 229.021669] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 229.029350] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 229.036593] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 229.043838] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 229.051084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 229.058326] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000006 [ 229.081718] FAT-fs (loop0): bogus number of reserved sectors 2018/04/01 00:14:29 executing program 4: ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x3, 0xffffffffffffffff, 0x1}) openat$cgroup_int(r0, &(0x7f0000000040)='cpu.weight\x00', 0x2, 0x0) socketpair$inet(0x2, 0x0, 0x2, &(0x7f00000000c0)) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x0) 2018/04/01 00:14:29 executing program 2: bind$inet(0xffffffffffffffff, &(0x7f00000a9000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x200, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x84) ioctl$TIOCCONS(r0, 0x541d) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$unix(r0, &(0x7f0000000200)="3a21276d47aa685e5cc3985c803768a047fd8bcf54f609f8a735cc6725bea8806097693c4c3f423ec4e001413d2f84289fe874a6ca69b8541e8981434b454b43f74083b6e95d67d69adf6c209f70fbc4f650007518ac207bb70e63", 0x5b, 0x40000, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e) umount2(&(0x7f0000000340)='./file1\x00', 0x8) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000140)) umount2(&(0x7f00000003c0)='./file0\x00', 0x1) r2 = socket(0x15, 0x80005, 0x0) getsockopt(r2, 0x114, 0x2715, &(0x7f0000af0fe7)=""/13, &(0x7f000033bffc)=0xffffffffffffff95) chroot(&(0x7f00000001c0)='./file1\x00') r3 = semget(0x2, 0x5, 0x0) semctl$SEM_INFO(r3, 0x0, 0x13, &(0x7f0000000400)=""/238) r4 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffc, 0x8000) unlink(&(0x7f0000000180)='./file0\x00') openat(r4, &(0x7f00000000c0)='./file0\x00', 0x4000, 0x2) ioctl$VHOST_SET_VRING_NUM(r1, 0x4008af10, &(0x7f0000000300)={0x0, 0xc}) 2018/04/01 00:14:29 executing program 3: r0 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0x80) fallocate(r0, 0x1000000000000000, 0x0, 0x7c80000000000) 2018/04/01 00:14:29 executing program 6 (fault-call:0 fault-nth:21): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 229.087637] FAT-fs (loop0): Can't find a valid FAT filesystem 2018/04/01 00:14:29 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:29 executing program 5 (fault-call:3 fault-nth:7): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 229.192320] FAULT_INJECTION: forcing a failure. [ 229.192320] name failslab, interval 1, probability 0, space 0, times 0 [ 229.203638] CPU: 1 PID: 19031 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 229.210827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.220171] Call Trace: [ 229.222758] dump_stack+0x194/0x24d [ 229.226386] ? arch_local_irq_restore+0x53/0x53 [ 229.231060] should_fail+0x8c0/0xa40 [ 229.234757] ? is_bpf_text_address+0xa4/0x120 [ 229.239227] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 229.244305] ? __kernel_text_address+0xd/0x40 [ 229.248863] ? unwind_get_return_address+0x61/0xa0 [ 229.253777] ? find_held_lock+0x35/0x1d0 [ 229.257825] ? __lock_is_held+0xb6/0x140 [ 229.261866] ? check_same_owner+0x320/0x320 [ 229.266165] ? rcu_note_context_switch+0x710/0x710 [ 229.271076] should_failslab+0xec/0x120 [ 229.275033] kmem_cache_alloc_trace+0x4b/0x740 [ 229.279595] ? __kmalloc_node+0x33/0x70 [ 229.283543] ? __kmalloc_node+0x33/0x70 [ 229.287495] ? rcu_read_lock_sched_held+0x108/0x120 [ 229.292489] __memcg_init_list_lru_node+0x169/0x270 [ 229.297480] ? list_lru_add+0x7c0/0x7c0 [ 229.301429] ? __kmalloc_node+0x47/0x70 [ 229.305384] __list_lru_init+0x544/0x750 [ 229.309428] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 229.315292] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 229.320288] ? __lockdep_init_map+0xe4/0x650 [ 229.324671] ? lockdep_init_map+0x9/0x10 [ 229.328709] sget_userns+0x691/0xe40 [ 229.332398] ? kill_litter_super+0x90/0x90 [ 229.336608] ? ns_test_super+0x50/0x50 [ 229.340472] ? destroy_unused_super.part.6+0xd0/0xd0 [ 229.345550] ? do_raw_spin_trylock+0x190/0x190 [ 229.350110] ? kobject_put+0x6b/0x250 [ 229.353887] ? blkdev_get+0x3a1/0xb00 [ 229.357663] ? cap_capable+0x1b5/0x230 [ 229.361523] ? __blkdev_get+0x13b0/0x13b0 [ 229.365646] ? security_capable+0x8e/0xc0 [ 229.369768] ? kill_litter_super+0x90/0x90 [ 229.373977] ? ns_capable_common+0xcf/0x160 [ 229.378273] ? ns_test_super+0x50/0x50 [ 229.382132] ? kill_litter_super+0x90/0x90 [ 229.386337] sget+0xd2/0x120 [ 229.389333] mount_bdev+0x109/0x370 [ 229.392938] ? fuse_get_root_inode+0x190/0x190 [ 229.397494] fuse_mount_blk+0x34/0x40 [ 229.401268] mount_fs+0x66/0x2d0 [ 229.404612] vfs_kern_mount.part.26+0xc6/0x4a0 [ 229.409169] ? may_umount+0xa0/0xa0 [ 229.412790] ? _raw_read_unlock+0x22/0x30 [ 229.416913] ? __get_fs_type+0x8a/0xc0 [ 229.420785] do_mount+0xea4/0x2bb0 [ 229.424304] ? copy_mount_string+0x40/0x40 [ 229.428512] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 229.433505] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 229.438238] ? retint_kernel+0x10/0x10 [ 229.442102] ? copy_mount_options+0x18b/0x2e0 [ 229.446573] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 229.451390] ? copy_mount_options+0x1f7/0x2e0 [ 229.455860] SyS_mount+0xab/0x120 [ 229.459286] ? copy_mnt_ns+0xb30/0xb30 [ 229.463148] do_syscall_64+0x281/0x940 [ 229.467022] ? vmalloc_sync_all+0x30/0x30 [ 229.471152] ? _raw_spin_unlock_irq+0x27/0x70 [ 229.475622] ? finish_task_switch+0x1c1/0x7e0 [ 229.480090] ? syscall_return_slowpath+0x550/0x550 [ 229.484994] ? syscall_return_slowpath+0x2ac/0x550 [ 229.489900] ? prepare_exit_to_usermode+0x350/0x350 [ 229.494892] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 229.500235] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.505055] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 229.510217] RIP: 0033:0x454e79 [ 229.513380] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 229.521322] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 229.528563] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 229.535805] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 2018/04/01 00:14:30 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x3) fallocate(r0, 0x0, 0x0, 0x4) [ 229.543049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.550292] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:30 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000)=0x0) ptrace$getsig(0x4202, r0, 0x6, &(0x7f0000000040)) [ 229.621215] FAT-fs (loop0): bogus number of reserved sectors [ 229.627255] FAT-fs (loop0): Can't find a valid FAT filesystem [ 229.675489] FAULT_INJECTION: forcing a failure. [ 229.675489] name failslab, interval 1, probability 0, space 0, times 0 [ 229.687294] CPU: 0 PID: 19052 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 229.694481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 229.704272] Call Trace: [ 229.706863] dump_stack+0x194/0x24d [ 229.710493] ? arch_local_irq_restore+0x53/0x53 [ 229.715176] should_fail+0x8c0/0xa40 [ 229.718898] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 229.724000] ? trace_hardirqs_off+0x10/0x10 [ 229.728324] ? ext4_search_dir+0x3c9/0x650 [ 229.732562] ? ext4_search_dir+0x40d/0x650 [ 229.736803] ? __lock_is_held+0xb6/0x140 [ 229.740855] ? rcu_read_lock_sched_held+0x108/0x120 [ 229.745854] ? check_same_owner+0x320/0x320 [ 229.750163] ? ext4_find_entry+0xf01/0x18d0 [ 229.754484] ? rcu_note_context_switch+0x710/0x710 [ 229.759410] should_failslab+0xec/0x120 [ 229.763362] kmem_cache_alloc+0x47/0x760 [ 229.767398] ? __lock_is_held+0xb6/0x140 [ 229.771446] ? trace_hardirqs_off+0x10/0x10 [ 229.775761] jbd2__journal_start+0x1d3/0x9f0 [ 229.780165] ? jbd2_write_access_granted.part.9+0x3a0/0x3a0 [ 229.785858] ? rcu_note_context_switch+0x710/0x710 [ 229.790766] ? __lock_is_held+0xb6/0x140 [ 229.794806] ? __might_sleep+0x95/0x190 [ 229.798760] ? _cond_resched+0x14/0x30 [ 229.802652] __ext4_journal_start_sb+0x15f/0x550 [ 229.807395] ? ext4_rename+0xb79/0x2e80 [ 229.811348] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 229.817058] ext4_rename+0xb79/0x2e80 [ 229.820853] ? ext4_tmpfile+0x470/0x470 [ 229.824809] ? dget_parent+0x5b0/0x5b0 [ 229.828676] ? lock_acquire+0x1d5/0x580 [ 229.832636] ? lock_acquire+0x1d5/0x580 [ 229.836615] ? vfs_rename+0x3c0/0x1b00 [ 229.840499] ? down_write+0x87/0x120 [ 229.844199] ? vfs_rename+0x3c0/0x1b00 [ 229.848079] ext4_rename2+0x16e/0x1f0 [ 229.851871] vfs_rename+0xfe6/0x1b00 [ 229.855581] ? vfs_mkobj+0x4e0/0x4e0 [ 229.859287] ? security_path_rename+0x14c/0x2a0 [ 229.863951] SyS_rename+0x8f5/0xc90 [ 229.867567] ? SyS_renameat+0xca0/0xca0 [ 229.871551] ? __sb_end_write+0xa0/0xd0 [ 229.875509] ? fput+0xd2/0x140 [ 229.878686] ? SyS_write+0x184/0x220 [ 229.882376] ? SyS_read+0x220/0x220 [ 229.885993] ? do_syscall_64+0xb7/0x940 [ 229.889962] ? SyS_renameat+0xca0/0xca0 [ 229.893915] do_syscall_64+0x281/0x940 [ 229.897779] ? vmalloc_sync_all+0x30/0x30 [ 229.901913] ? _raw_spin_unlock_irq+0x27/0x70 [ 229.906390] ? finish_task_switch+0x1c1/0x7e0 [ 229.910867] ? syscall_return_slowpath+0x550/0x550 [ 229.915773] ? syscall_return_slowpath+0x2ac/0x550 [ 229.920676] ? prepare_exit_to_usermode+0x350/0x350 [ 229.925669] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 229.931017] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 229.935850] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 229.941020] RIP: 0033:0x454e79 [ 229.944192] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 229.951965] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 229.959226] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 229.966485] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 229.973742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 229.980991] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000007 2018/04/01 00:14:30 executing program 6 (fault-call:0 fault-nth:22): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:30 executing program 4: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000600)='/dev/autofs\x00', 0x200000, 0x0) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000640)={'syzkaller0\x00', 0xd3a}) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000080)) openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x800, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:30 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:30 executing program 5 (fault-call:3 fault-nth:8): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:30 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) unlinkat(r0, &(0x7f0000000540)='./file0\x00', 0x200) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = semget$private(0x0, 0x3, 0x40000000000000c) semctl$GETZCNT(r3, 0x4, 0xf, &(0x7f00000003c0)=""/171) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2000, 0x18) readlinkat(r5, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=""/105, 0x69) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='stack\x00') ioctl$DRM_IOCTL_GET_STATS(r6, 0x80f86406, &(0x7f0000000300)=""/143) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'syz_tun\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000080)=@ipv6_newaddr={0x34, 0x14, 0x109, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r7}, [@IFA_FLAGS={0x8, 0x8, 0x284}, @IFA_ADDRESS={0x14, 0x1, @local={0xfe, 0x80, [], 0xaa}}]}, 0x34}, 0x1}, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYBLOB="00000000180000fa0000000000000000", @ANYPTR=&(0x7f0000000080)=ANY=[@ANYRES32=0xffffffff], @ANYBLOB="02000000000000001ab31fde3d3fe6da09c2154800b4c0a6cee2fa5dafe91ca0af8e3995dfbca4840305e3c5b5221c561dab821e31930caa9d15f32c2958fc6c8daf17cfd9a7ea39c83504487e3e42087c8d77ed8ea3d07cdc8ef017d441af981c3e0355da2234bac23ad8c70a707720d130d494e09dfade5c70d781e00573dcf8d405beae93ed6943a012bcb117e4f528e6dcd4d80250d5ddbde8613384072d5550cae5058d07d8128fbcc6b9f0ee3bff8d14649bec77e568bb04ce3f520ac8174ea89b5cd85161581d6ee6683ae5e1e70e8cbdba"], 0xffffff9e) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0x8) r9 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/schedule_icmp\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r9, 0x404c534a, &(0x7f0000000480)={0x70, 0x78c, 0xb7}) r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rfkill\x00', 0x10000, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r10, 0xc008ae09, &(0x7f00000003c0)=""/150) write$rdma_cm(r1, &(0x7f0000000180)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, r8}}, 0x7dbc) poll(&(0x7f0000000580)=[{r6, 0x8}, {r2, 0x1149}, {r1, 0x20}, {r4, 0x80}, {r2, 0x801c}], 0x5, 0x1) write$rdma_cm(r1, &(0x7f0000000040)=@get_event={0xc, 0x8, 0xfa00, {&(0x7f0000000240)}}, 0x10) 2018/04/01 00:14:30 executing program 2: unshare(0x1000000) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000b81fef)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000000)=""/11) timerfd_settime(r0, 0x0, &(0x7f0000610000)={{0x0, 0x1c9c380}, {0x77359400}}, &(0x7f0000924000)) 2018/04/01 00:14:30 executing program 7: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5452, &(0x7f00004d1000)=0x3) poll(&(0x7f0000000000)=[{r0, 0x4}, {r0}, {r0, 0x36}, {r0, 0x4000}, {r0, 0x184}], 0x5, 0x6a6b9f77) 2018/04/01 00:14:30 executing program 3: r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x101, 0x101000) openat$cgroup_subtree(r0, &(0x7f0000000140)='cgroup.subtree_control\x00', 0x2, 0x0) ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000100)={'vlan0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}) fallocate(r0, 0x3, 0x2, 0x4) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f00000000c0)=0x20) [ 230.080448] FAULT_INJECTION: forcing a failure. [ 230.080448] name failslab, interval 1, probability 0, space 0, times 0 [ 230.091741] CPU: 0 PID: 19068 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 230.098922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.108353] Call Trace: [ 230.110939] dump_stack+0x194/0x24d [ 230.114566] ? arch_local_irq_restore+0x53/0x53 [ 230.119231] ? __save_stack_trace+0x7e/0xd0 [ 230.123561] should_fail+0x8c0/0xa40 [ 230.127275] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 230.132376] ? kasan_kmalloc+0xad/0xe0 [ 230.136259] ? kmem_cache_alloc_trace+0x136/0x740 [ 230.141090] ? __memcg_init_list_lru_node+0x169/0x270 [ 230.146262] ? __list_lru_init+0x544/0x750 [ 230.150493] ? sget_userns+0x691/0xe40 [ 230.154367] ? mount_fs+0x66/0x2d0 [ 230.157893] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 230.162637] ? do_mount+0xea4/0x2bb0 [ 230.166330] ? SyS_mount+0xab/0x120 [ 230.169934] ? do_syscall_64+0x281/0x940 [ 230.173973] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 230.179321] ? find_held_lock+0x35/0x1d0 [ 230.183369] ? __lock_is_held+0xb6/0x140 [ 230.187419] ? check_same_owner+0x320/0x320 [ 230.191724] ? rcu_note_context_switch+0x710/0x710 [ 230.196647] should_failslab+0xec/0x120 [ 230.200602] kmem_cache_alloc_trace+0x4b/0x740 [ 230.205161] ? __kmalloc_node+0x33/0x70 [ 230.209111] ? __kmalloc_node+0x33/0x70 [ 230.213065] ? rcu_read_lock_sched_held+0x108/0x120 [ 230.218062] __memcg_init_list_lru_node+0x169/0x270 [ 230.223057] ? list_lru_add+0x7c0/0x7c0 [ 230.227011] ? __kmalloc_node+0x47/0x70 [ 230.230976] __list_lru_init+0x544/0x750 [ 230.235024] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 230.240910] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 230.245915] ? __lockdep_init_map+0xe4/0x650 [ 230.250309] ? lockdep_init_map+0x9/0x10 [ 230.254352] sget_userns+0x691/0xe40 [ 230.258041] ? kill_litter_super+0x90/0x90 [ 230.262255] ? ns_test_super+0x50/0x50 [ 230.266120] ? destroy_unused_super.part.6+0xd0/0xd0 [ 230.271199] ? do_raw_spin_trylock+0x190/0x190 [ 230.275761] ? kobject_put+0x6b/0x250 [ 230.279547] ? blkdev_get+0x3a1/0xb00 [ 230.283330] ? cap_capable+0x1b5/0x230 [ 230.287196] ? __blkdev_get+0x13b0/0x13b0 [ 230.291325] ? security_capable+0x8e/0xc0 [ 230.295452] ? kill_litter_super+0x90/0x90 [ 230.299670] ? ns_capable_common+0xcf/0x160 [ 230.303978] ? ns_test_super+0x50/0x50 [ 230.307846] ? kill_litter_super+0x90/0x90 [ 230.312059] sget+0xd2/0x120 [ 230.315061] mount_bdev+0x109/0x370 [ 230.318666] ? fuse_get_root_inode+0x190/0x190 [ 230.323227] fuse_mount_blk+0x34/0x40 [ 230.327016] mount_fs+0x66/0x2d0 [ 230.330369] vfs_kern_mount.part.26+0xc6/0x4a0 [ 230.334928] ? may_umount+0xa0/0xa0 [ 230.338541] ? _raw_read_unlock+0x22/0x30 [ 230.342674] ? __get_fs_type+0x8a/0xc0 [ 230.346546] do_mount+0xea4/0x2bb0 [ 230.350069] ? copy_mount_string+0x40/0x40 [ 230.354283] ? rcu_pm_notify+0xc0/0xc0 [ 230.358152] ? copy_mount_options+0x5f/0x2e0 [ 230.362540] ? rcu_read_lock_sched_held+0x108/0x120 [ 230.367537] ? kmem_cache_alloc_trace+0x459/0x740 [ 230.372360] ? kasan_check_write+0x14/0x20 [ 230.376570] ? _copy_from_user+0x99/0x110 [ 230.380699] ? copy_mount_options+0x1f7/0x2e0 [ 230.385175] SyS_mount+0xab/0x120 [ 230.388609] ? copy_mnt_ns+0xb30/0xb30 [ 230.392479] do_syscall_64+0x281/0x940 [ 230.396343] ? vmalloc_sync_all+0x30/0x30 [ 230.400480] ? _raw_spin_unlock_irq+0x27/0x70 [ 230.404953] ? finish_task_switch+0x1c1/0x7e0 [ 230.409429] ? syscall_return_slowpath+0x550/0x550 [ 230.414336] ? syscall_return_slowpath+0x2ac/0x550 [ 230.419245] ? prepare_exit_to_usermode+0x350/0x350 [ 230.424251] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 230.429593] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 230.434419] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 230.439584] RIP: 0033:0x454e79 [ 230.442751] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 230.450436] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 230.457686] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 230.464934] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 230.472179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/04/01 00:14:31 executing program 2: syz_mount_image$jfs(&(0x7f0000001140)='jfs\x00', &(0x7f00000000c0)='./file0\x00', 0x1760, 0x0, &(0x7f00000001c0), 0x0, &(0x7f0000000100)=ANY=[]) r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x40440) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000280)={0x0, 0x7, 0x1000}) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x81, 0x0) r4 = socket$inet_dccp(0x2, 0x6, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) r6 = socket$inet6_dccp(0xa, 0x6, 0x0) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f0000000200)=[{r0, 0x5001}, {r1}, {r2, 0x8000}, {r3, 0x40}, {r4, 0x40}, {r5, 0x2}, {}, {r6, 0xa0}, {r7, 0x40}], 0x9, 0x135f) r8 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x6, 0x4000) ioctl$KDDELIO(r8, 0x4b35, 0x3) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f00000002c0)) [ 230.479425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 230.529662] FAULT_INJECTION: forcing a failure. [ 230.529662] name failslab, interval 1, probability 0, space 0, times 0 [ 230.541406] CPU: 0 PID: 19085 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 230.548596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 230.557948] Call Trace: [ 230.560553] dump_stack+0x194/0x24d [ 230.564187] ? arch_local_irq_restore+0x53/0x53 [ 230.568862] ? print_irqtrace_events+0x270/0x270 [ 230.573709] ? print_irqtrace_events+0x270/0x270 [ 230.578473] should_fail+0x8c0/0xa40 [ 230.582187] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 230.587295] ? perf_trace_lock_acquire+0xe3/0x980 [ 230.592144] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 230.597334] ? print_irqtrace_events+0x270/0x270 [ 230.602089] ? print_irqtrace_events+0x270/0x270 [ 230.606849] ? __lock_is_held+0xb6/0x140 [ 230.610919] ? check_same_owner+0x320/0x320 [ 230.615239] ? __lock_acquire+0x664/0x3e00 [ 230.619499] ? rcu_note_context_switch+0x710/0x710 [ 230.624440] should_failslab+0xec/0x120 [ 230.628431] kmem_cache_alloc+0x47/0x760 [ 230.632518] ? __lock_is_held+0xb6/0x140 [ 230.635401] FAULT_INJECTION: forcing a failure. [ 230.635401] name failslab, interval 1, probability 0, space 0, times 0 [ 230.636583] jbd2__journal_start+0x1d3/0x9f0 [ 230.652241] ? jbd2_write_access_granted.part.9+0x3a0/0x3a0 [ 230.657943] ? rcu_note_context_switch+0x710/0x710 [ 230.662856] ? __lock_is_held+0xb6/0x140 [ 230.666903] ? __might_sleep+0x95/0x190 [ 230.670862] ? _cond_resched+0x14/0x30 [ 230.674735] __ext4_journal_start_sb+0x15f/0x550 [ 230.679474] ? __lock_is_held+0xb6/0x140 [ 230.683522] ? ext4_evict_inode+0x836/0x17d0 [ 230.688698] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 230.694403] ? __sb_start_write+0x209/0x2a0 [ 230.698715] ext4_evict_inode+0x836/0x17d0 [ 230.702938] ? ext4_da_write_begin+0x1020/0x1020 [ 230.707678] ? inode_wait_for_writeback+0x2f/0x40 [ 230.712524] ? lock_downgrade+0x980/0x980 [ 230.716658] ? lock_release+0xa40/0xa40 [ 230.720615] ? __inode_wait_for_writeback+0x292/0x330 [ 230.725789] ? do_raw_spin_trylock+0x190/0x190 [ 230.730356] ? bit_waitqueue+0x30/0x30 [ 230.734233] ? _raw_spin_unlock+0x22/0x30 [ 230.738365] ? ext4_da_write_begin+0x1020/0x1020 [ 230.743104] evict+0x481/0x920 [ 230.746293] ? destroy_inode+0x200/0x200 [ 230.750338] ? iput+0x7b1/0xaf0 [ 230.753603] ? lock_downgrade+0x980/0x980 [ 230.757737] ? rcu_read_lock_sched_held+0x108/0x120 [ 230.762734] ? ext4_drop_inode+0x10c/0x390 [ 230.766952] ? ext4_sync_fs+0x9f0/0x9f0 [ 230.770909] ? do_raw_spin_trylock+0x190/0x190 [ 230.775561] ? cpumask_local_spread+0x260/0x260 [ 230.780214] ? lock_downgrade+0x980/0x980 [ 230.784346] iput+0x7b9/0xaf0 [ 230.787545] ? ext4_sync_fs+0x9f0/0x9f0 [ 230.791503] ? dispose_list+0x3f0/0x3f0 [ 230.795466] ? fsnotify_grab_connector+0x17f/0x270 [ 230.800381] ? fsnotify_recalc_mask.part.6+0xa0/0xa0 [ 230.805470] ? do_raw_spin_trylock+0x190/0x190 [ 230.810035] ? fsnotify_first_mark+0x2b0/0x2b0 [ 230.814604] ? fsnotify_destroy_marks+0x13e/0x190 [ 230.819439] dentry_unlink_inode+0x4b0/0x5e0 [ 230.823830] ? __dentry_kill+0x3a2/0x700 [ 230.827876] ? release_dentry_name_snapshot+0x70/0x70 [ 230.833053] ? reacquire_held_locks+0x1f9/0x3e0 [ 230.837704] ? dput.part.20+0x492/0x830 [ 230.841662] ? do_raw_spin_trylock+0x190/0x190 [ 230.846225] ? d_add+0xa70/0xa70 [ 230.849573] ? lock_acquire+0x1d5/0x580 [ 230.853529] ? lock_acquire+0x1d5/0x580 [ 230.857491] __dentry_kill+0x3de/0x700 [ 230.861364] ? check_and_drop+0x1b0/0x1b0 [ 230.865507] ? rcu_note_context_switch+0x710/0x710 [ 230.870432] dput.part.20+0x5a0/0x830 [ 230.874218] ? d_path+0x930/0x930 [ 230.877661] dput+0x1f/0x30 [ 230.880575] SyS_rename+0x909/0xc90 [ 230.884200] ? SyS_renameat+0xca0/0xca0 [ 230.888159] ? __lock_is_held+0xb6/0x140 [ 230.892217] ? __sb_end_write+0xa0/0xd0 [ 230.896174] ? fput+0xd2/0x140 [ 230.899348] ? SyS_write+0x184/0x220 [ 230.903049] ? SyS_read+0x220/0x220 [ 230.906661] ? do_syscall_64+0xb7/0x940 [ 230.910618] ? SyS_renameat+0xca0/0xca0 [ 230.914578] do_syscall_64+0x281/0x940 [ 230.918450] ? vmalloc_sync_all+0x30/0x30 [ 230.922579] ? _raw_spin_unlock_irq+0x27/0x70 [ 230.927059] ? finish_task_switch+0x1c1/0x7e0 [ 230.931537] ? syscall_return_slowpath+0x550/0x550 [ 230.936452] ? syscall_return_slowpath+0x2ac/0x550 [ 230.941366] ? prepare_exit_to_usermode+0x350/0x350 [ 230.946368] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 230.951717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 230.956546] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 230.961717] RIP: 0033:0x454e79 [ 230.964891] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 230.972583] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 2018/04/01 00:14:31 executing program 3: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000000)={0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000080)={0x10}) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) fallocate(r2, 0x0, 0x0, 0x4) 2018/04/01 00:14:31 executing program 4: mkdir(&(0x7f0000000000)='./file1\x00', 0x4a) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:31 executing program 6 (fault-call:0 fault-nth:23): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 230.979838] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 230.987093] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 230.994344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 231.001598] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000008 [ 231.008869] CPU: 1 PID: 19098 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 231.009201] EXT4-fs error (device sda1) in ext4_evict_inode:258: Out of memory 2018/04/01 00:14:31 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x3, 0x10000) futimesat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) getrusage(0xffffffffffffffff, &(0x7f00000000c0)) [ 231.016046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.016051] Call Trace: [ 231.016066] dump_stack+0x194/0x24d [ 231.016079] ? arch_local_irq_restore+0x53/0x53 [ 231.043651] ? __save_stack_trace+0x7e/0xd0 [ 231.047994] should_fail+0x8c0/0xa40 [ 231.051706] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 231.056807] ? kasan_kmalloc+0xad/0xe0 [ 231.060689] ? kmem_cache_alloc_trace+0x136/0x740 [ 231.065524] ? __memcg_init_list_lru_node+0x169/0x270 [ 231.070705] ? __list_lru_init+0x544/0x750 [ 231.074934] ? sget_userns+0x691/0xe40 [ 231.078821] ? mount_fs+0x66/0x2d0 [ 231.082359] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 231.082668] FAT-fs (loop0): bogus number of reserved sectors [ 231.087101] ? do_mount+0xea4/0x2bb0 [ 231.087111] ? do_syscall_64+0x281/0x940 [ 231.087123] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.087138] ? find_held_lock+0x35/0x1d0 [ 231.087153] ? __lock_is_held+0xb6/0x140 [ 231.087174] ? check_same_owner+0x320/0x320 [ 231.087190] ? rcu_note_context_switch+0x710/0x710 [ 231.087207] should_failslab+0xec/0x120 [ 231.087217] kmem_cache_alloc_trace+0x4b/0x740 [ 231.087226] ? __kmalloc_node+0x33/0x70 [ 231.087233] ? __kmalloc_node+0x33/0x70 [ 231.087241] ? rcu_read_lock_sched_held+0x108/0x120 [ 231.087269] __memcg_init_list_lru_node+0x169/0x270 [ 231.087279] ? list_lru_add+0x7c0/0x7c0 [ 231.087286] ? __kmalloc_node+0x47/0x70 [ 231.087298] __list_lru_init+0x544/0x750 [ 231.087310] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 231.087320] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 231.087330] ? __lockdep_init_map+0xe4/0x650 [ 231.087341] ? lockdep_init_map+0x9/0x10 [ 231.087352] sget_userns+0x691/0xe40 [ 231.087359] ? kill_litter_super+0x90/0x90 [ 231.087370] ? ns_test_super+0x50/0x50 [ 231.087380] ? destroy_unused_super.part.6+0xd0/0xd0 [ 231.087388] ? do_raw_spin_trylock+0x190/0x190 [ 231.087401] ? kobject_put+0x6b/0x250 [ 231.093212] FAT-fs (loop0): Can't find a valid FAT filesystem [ 231.096887] ? blkdev_get+0x3a1/0xb00 [ 231.096902] ? cap_capable+0x1b5/0x230 [ 231.096917] ? __blkdev_get+0x13b0/0x13b0 [ 231.096929] ? security_capable+0x8e/0xc0 [ 231.228038] ? kill_litter_super+0x90/0x90 [ 231.232254] ? ns_capable_common+0xcf/0x160 [ 231.236556] ? ns_test_super+0x50/0x50 [ 231.240420] ? kill_litter_super+0x90/0x90 [ 231.244634] sget+0xd2/0x120 [ 231.247637] mount_bdev+0x109/0x370 [ 231.251257] ? fuse_get_root_inode+0x190/0x190 [ 231.255820] fuse_mount_blk+0x34/0x40 [ 231.259599] mount_fs+0x66/0x2d0 [ 231.262946] vfs_kern_mount.part.26+0xc6/0x4a0 [ 231.267506] ? may_umount+0xa0/0xa0 [ 231.271112] ? _raw_read_unlock+0x22/0x30 [ 231.275239] ? __get_fs_type+0x8a/0xc0 [ 231.279107] do_mount+0xea4/0x2bb0 [ 231.282631] ? copy_mount_string+0x40/0x40 [ 231.286848] ? rcu_pm_notify+0xc0/0xc0 [ 231.290719] ? copy_mount_options+0x5f/0x2e0 [ 231.295109] ? rcu_read_lock_sched_held+0x108/0x120 [ 231.300108] ? kmem_cache_alloc_trace+0x459/0x740 [ 231.304931] ? kasan_check_write+0x14/0x20 [ 231.309148] ? copy_mount_options+0x1f7/0x2e0 [ 231.313621] SyS_mount+0xab/0x120 [ 231.317053] ? copy_mnt_ns+0xb30/0xb30 [ 231.320920] do_syscall_64+0x281/0x940 [ 231.324804] ? vmalloc_sync_all+0x30/0x30 [ 231.328929] ? _raw_spin_unlock_irq+0x27/0x70 [ 231.333405] ? finish_task_switch+0x1c1/0x7e0 [ 231.337879] ? syscall_return_slowpath+0x550/0x550 [ 231.342797] ? syscall_return_slowpath+0x2ac/0x550 [ 231.347703] ? prepare_exit_to_usermode+0x350/0x350 [ 231.352697] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 231.358043] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 231.362870] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 231.368042] RIP: 0033:0x454e79 [ 231.371389] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/04/01 00:14:31 executing program 5 (fault-call:3 fault-nth:9): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:31 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x4a) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:31 executing program 1: openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c) ioctl$KVM_SET_TSC_KHZ(r0, 0xaea2, 0x9800000000000000) clone(0x1000000, &(0x7f00000004c0)="6106e802c4455821b500339bbc33f3982ecbda0b4de8fe940a9d00505b74e485", &(0x7f0000000500), &(0x7f0000fef000), &(0x7f0000000380)="cbc5268168638fea702e6a94348cc6d6c7b84a027d27c42c15cadd2ff7d4345276cae16ba05fa5feca936e104b22a8b564fec21749af3e7e735cd250669261169e5b72f849192a785a87506b03855b06b1bf70d6152d01a8b150491ee7e068ae34d8e38d6932d723ddcdf7c8564bda47f52fa8fd66ded411fc63aff1f7d55432b8b420432b6c32b40d0267ebfb28f31cf3a260e8866a47d42e90f6e52192b8c962c354243b987814fbb0e78ba97e327cfb10af17ab538cc641") perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0xa, 0x5, 0x84) timer_create(0x7, &(0x7f0000000040)={0x0, 0x24, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000001080)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001100)={{{@in=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast2}}, &(0x7f0000001200)=0xe8) recvfrom(r1, &(0x7f00000010c0)=""/9, 0x9, 0x140, &(0x7f0000001240)=@ll={0x11, 0x19, r3, 0x1, 0x2b, 0x6, @link_local={0x1, 0x80, 0xc2}}, 0x80) timer_delete(r2) getsockopt$bt_hci(r1, 0x84, 0xfffffffffffffffc, &(0x7f0000000080)=""/4096, &(0x7f00000012c0)=0x1000) r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x4181c3, 0x0) ioctl$TIOCGSID(r4, 0x5429, &(0x7f0000000140)=0x0) r6 = syz_open_procfs(r5, &(0x7f0000000100)='net/wireless\x00') mkdir(&(0x7f0000578000)='./file0\x00', 0x0) lsetxattr(&(0x7f0000672000)='./file0\x00', &(0x7f0000000100)=@known='system.posix_acl_access\x00', &(0x7f0000000140)="02000000020000000000e90005070000001f06a0", 0x14, 0x0) r7 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$sock_ipx_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000100)={'\x00', {0x4, 0x3f, 0x8, "a86e5e30a7a8", 0x3ff}}) r8 = open(&(0x7f0000001340)='./file0\x00', 0x82004, 0x0) r9 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fallocate(r8, 0x0, 0xffff, 0x4) open(&(0x7f0000002000)='./bus\x00', 0x101000, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r8, 0x84, 0x1, &(0x7f0000000180)={0x0, 0xbff, 0x0, 0x7fffffff, 0x3, 0x3f}, &(0x7f00000001c0)=0x14) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r7, 0x84, 0x6, &(0x7f0000000640)={r10, @in={{0x2, 0x0, @broadcast=0xffffffff}}}, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$SNDRV_TIMER_IOCTL_START(r6, 0x54a0) socket$netlink(0x10, 0x3, 0x9) r11 = socket$packet(0x11, 0x200000000003, 0x300) ioctl$sock_ifreq(r11, 0x80000089a2, &(0x7f0000000000)={"6272696467653000e7ffffff00", @ifru_settings={0x5, 0x0, @fr_pvc=&(0x7f0000000040)}}) write(r9, &(0x7f0000000540)="260000002a0047d2ff0800000000ce206c3d8ed67ef9000000000700000000000000982dcf84c6b4f922dc72679c54a69860bb4e1b2e7753d4d93a67cb7bbf6db6123c0dd2dcaa47edac90c2570b3b0f038bd691e0edbdd0f2f09510ae96e3df3da5b3935cee3c3dba4cb1022e1822262075f28610762fd80f85f9b3fceb9a0f3c92385b434dfe4630c649c5a0104ca109112deefe587f47307a2edb53fbeb73af7310c226a5a21b6fa9f816f91f59f80be24e831774df1621f2879aa9beea39", 0xc0) [ 231.379078] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 231.386326] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 231.393574] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 231.400820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.408066] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 231.542743] FAULT_INJECTION: forcing a failure. [ 231.542743] name failslab, interval 1, probability 0, space 0, times 0 [ 231.554564] CPU: 1 PID: 19118 Comm: syz-executor5 Not tainted 4.16.0-rc7+ #9 [ 231.561758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.571105] Call Trace: [ 231.573693] dump_stack+0x194/0x24d [ 231.577320] ? arch_local_irq_restore+0x53/0x53 [ 231.581988] ? lock_downgrade+0x980/0x980 [ 231.586142] should_fail+0x8c0/0xa40 [ 231.589857] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 231.594969] ? __lock_is_held+0xb6/0x140 [ 231.599030] ? __kernel_text_address+0xd/0x40 [ 231.603534] ? __lock_is_held+0xb6/0x140 [ 231.607604] ? check_same_owner+0x320/0x320 [ 231.611922] ? _cond_resched+0x14/0x30 [ 231.615810] ? rcu_note_context_switch+0x710/0x710 [ 231.620745] should_failslab+0xec/0x120 [ 231.624727] __kmalloc+0x63/0x760 [ 231.628189] ? ext4_ext_remove_space+0x1809/0x4370 [ 231.633294] ext4_ext_remove_space+0x1809/0x4370 [ 231.638049] ? ext4_es_free_extent+0x293/0x7e0 [ 231.642618] ? ext4_es_free_extent+0x293/0x7e0 [ 231.647183] ? rcu_read_lock_sched_held+0x108/0x120 [ 231.652186] ? kmem_cache_free+0x258/0x2a0 [ 231.656404] ? ext4_ext_index_trans_blocks+0x120/0x120 [ 231.661662] ? trace_hardirqs_off+0x10/0x10 [ 231.665964] ? ext4_chunk_trans_blocks+0x30/0x30 [ 231.670698] ? jbd2_write_access_granted.part.9+0x230/0x3a0 [ 231.676390] ? __jbd2_journal_temp_unlink_buffer+0x6a0/0x6a0 [ 231.682166] ? rcu_note_context_switch+0x710/0x710 [ 231.687076] ? find_held_lock+0x35/0x1d0 [ 231.691122] ? ext4_es_remove_extent+0xf4/0x460 [ 231.695771] ? lock_downgrade+0x980/0x980 [ 231.699914] ? ext4_es_scan+0x840/0x840 [ 231.703882] ? lock_release+0xa40/0xa40 [ 231.707841] ? do_raw_write_trylock+0x190/0x190 [ 231.712499] ? _raw_write_unlock+0x22/0x30 [ 231.716711] ? ext4_es_remove_extent+0xf9/0x460 [ 231.721358] ? rcu_note_context_switch+0x710/0x710 [ 231.726265] ? ext4_es_lookup_extent+0xce0/0xce0 [ 231.730999] ? __might_sleep+0x95/0x190 [ 231.734961] ? down_write+0x87/0x120 [ 231.738650] ? ext4_truncate+0xd58/0x1460 [ 231.742777] ? down_read+0x150/0x150 [ 231.746472] ext4_ext_truncate+0x1a9/0x1f0 [ 231.750686] ext4_truncate+0xda1/0x1460 [ 231.754636] ? ext4_reserve_inode_write+0x125/0x230 [ 231.759631] ? ext4_punch_hole+0x1090/0x1090 [ 231.764019] ? ext4_evict_inode+0x937/0x17d0 [ 231.768419] ? ext4_expand_extra_isize+0x580/0x580 [ 231.773328] ? __might_sleep+0x95/0x190 [ 231.777280] ? _cond_resched+0x14/0x30 [ 231.781151] ? ext4_evict_inode+0x836/0x17d0 [ 231.785540] ? ext4_journal_abort_handle.isra.5+0x2a0/0x2a0 [ 231.791235] ? __sb_start_write+0x209/0x2a0 [ 231.795537] ext4_evict_inode+0x97e/0x17d0 [ 231.799752] ? ext4_da_write_begin+0x1020/0x1020 [ 231.804487] ? inode_wait_for_writeback+0x2f/0x40 [ 231.809310] ? lock_downgrade+0x980/0x980 [ 231.813439] ? lock_release+0xa40/0xa40 [ 231.817393] ? __inode_wait_for_writeback+0x292/0x330 [ 231.822560] ? do_raw_spin_trylock+0x190/0x190 [ 231.827121] ? bit_waitqueue+0x30/0x30 [ 231.830991] ? _raw_spin_unlock+0x22/0x30 [ 231.835120] ? ext4_da_write_begin+0x1020/0x1020 [ 231.839859] evict+0x481/0x920 [ 231.843036] ? destroy_inode+0x200/0x200 [ 231.847075] ? iput+0x7b1/0xaf0 [ 231.850330] ? lock_downgrade+0x980/0x980 [ 231.854458] ? rcu_read_lock_sched_held+0x108/0x120 [ 231.859450] ? ext4_drop_inode+0x10c/0x390 [ 231.863661] ? ext4_sync_fs+0x9f0/0x9f0 [ 231.867611] ? do_raw_spin_trylock+0x190/0x190 [ 231.872169] ? cpumask_local_spread+0x260/0x260 [ 231.876815] ? lock_downgrade+0x980/0x980 [ 231.880942] iput+0x7b9/0xaf0 [ 231.884030] ? ext4_sync_fs+0x9f0/0x9f0 [ 231.887983] ? dispose_list+0x3f0/0x3f0 [ 231.891940] ? fsnotify_grab_connector+0x17f/0x270 [ 231.896851] ? fsnotify_recalc_mask.part.6+0xa0/0xa0 [ 231.901933] ? do_raw_spin_trylock+0x190/0x190 [ 231.906493] ? fsnotify_first_mark+0x2b0/0x2b0 [ 231.911060] ? fsnotify_destroy_marks+0x13e/0x190 [ 231.915885] dentry_unlink_inode+0x4b0/0x5e0 [ 231.920272] ? __dentry_kill+0x3a2/0x700 [ 231.924311] ? release_dentry_name_snapshot+0x70/0x70 [ 231.929480] ? check_same_owner+0x320/0x320 [ 231.933777] ? reacquire_held_locks+0x1f9/0x3e0 [ 231.938423] ? dput.part.20+0x492/0x830 [ 231.942378] ? do_raw_spin_trylock+0x190/0x190 [ 231.946934] ? d_add+0xa70/0xa70 [ 231.950279] ? lock_acquire+0x1d5/0x580 [ 231.954232] ? lock_acquire+0x1d5/0x580 [ 231.958189] __dentry_kill+0x3de/0x700 [ 231.962058] ? check_and_drop+0x1b0/0x1b0 [ 231.966181] ? check_same_owner+0x320/0x320 [ 231.970483] ? rcu_note_context_switch+0x710/0x710 [ 231.975397] dput.part.20+0x5a0/0x830 [ 231.979179] ? d_path+0x930/0x930 [ 231.982618] dput+0x1f/0x30 [ 231.985526] SyS_rename+0x909/0xc90 [ 231.989139] ? SyS_renameat+0xca0/0xca0 [ 231.993092] ? __lock_is_held+0xb6/0x140 [ 231.997143] ? __sb_end_write+0xa0/0xd0 [ 232.001096] ? fput+0xd2/0x140 [ 232.004269] ? SyS_write+0x184/0x220 [ 232.007961] ? SyS_read+0x220/0x220 [ 232.011582] ? do_syscall_64+0xb7/0x940 [ 232.015535] ? SyS_renameat+0xca0/0xca0 [ 232.019486] do_syscall_64+0x281/0x940 [ 232.023349] ? vmalloc_sync_all+0x30/0x30 [ 232.027474] ? _raw_spin_unlock_irq+0x27/0x70 [ 232.031946] ? finish_task_switch+0x1c1/0x7e0 [ 232.036418] ? syscall_return_slowpath+0x550/0x550 [ 232.041324] ? syscall_return_slowpath+0x2ac/0x550 [ 232.046232] ? prepare_exit_to_usermode+0x350/0x350 [ 232.051229] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 232.056578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 232.061404] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 232.066577] RIP: 0033:0x454e79 [ 232.069744] RSP: 002b:00007f663c376c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 232.077442] RAX: ffffffffffffffda RBX: 00007f663c3776d4 RCX: 0000000000454e79 [ 232.084688] RDX: 0000000000000000 RSI: 0000000020ab3ff0 RDI: 0000000020b2a000 [ 232.091936] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 232.099182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 232.106514] R13: 000000000000049a R14: 00000000006f8f10 R15: 0000000000000009 [ 232.121872] EXT4-fs error (device sda1): ext4_evict_inode:293: comm syz-executor5: couldn't truncate inode 16551 (err -12) 2018/04/01 00:14:32 executing program 6 (fault-call:0 fault-nth:24): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:32 executing program 4: r0 = syz_open_dev$sndmidi(&(0x7f0000000400)='/dev/snd/midiC#D#\x00', 0x8, 0x40) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000440)={0x0, 0xda, "fe6b65f5d6bbf4b9b738581bfe87ec1bba6cf8305caa366c63fa886cb1f000a531bd586e9d781db5d811906cec23d5e5691d73caca32160e135bcada384388569f88aebaa6759460cc8276d009237d1959a618a38259e1043492df63857394cd1b1456b2f314d4129be7342805abfa925ba96ba9999b62360ffd581acdd4caab35e31fcf684e5c62a23774f677599e8ac957661f827afe4eb0a7bf1b84fd67eaee6fb2f8b951afd93b623e85b0df0b851a5b8c4b95a379d9afdcb20691bf9bebb06ce6e73a8c212746cc2cff8a1e16998d6503d7677f8bfb1296"}, &(0x7f0000000540)=0xe2) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000580)={r1, 0xfb95}, 0xffd4) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0xfffffffffffffffe, 0x100000000041) bind$ipx(r2, &(0x7f0000000080)={0x4, 0x2d9c, 0x4, "3755f5d4389b", 0x8}, 0xffffffffffffff27) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4) readahead(r0, 0x0, 0x6) mkdir(&(0x7f00002b2000)='./file0\x00', 0x20000) syz_mount_image$vfat(&(0x7f0000000200)='vfat\x00', &(0x7f0000000240)='./file0\x00', 0x3, 0x2, &(0x7f0000000380)=[{&(0x7f0000000280)="63d3e0a3d870f61e237f87cfa5f1433eb8665171ac9fa10d2d57febafda3600acbe1bca057092c2d345488baa36573243b7e433b", 0x34, 0x7}, {&(0x7f00000002c0)="32baddd9c09f39aeec48e06cfcd273a4248f86afdabbf43bc84e0366139c86ab41c86b8b89edc00c29e1126d27a990bd5b81a16afdfd738f4899c21136ab0a2b67cb7b145bfb87652e85be33bea3e3baa8deea34a8f25b666829978785323eb1eb27669f33594d04b481b4721c444a3203e0964293bfac8150680d6c9380d2fc698434752b97447936b67298374e42c3dbfe037b1031c968b857faf1ef875824fe1afd", 0xa3, 0x1d9b6f8d}], 0x1410, &(0x7f00000003c0)=ANY=[@ANYBLOB='errocontinue,errors=continue,flush,codepage=864,\x00']) ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000000c0)) ioctl$sock_ipx_SIOCAIPXPRISLT(r2, 0x89e1, &(0x7f00000005c0)=0x7) 2018/04/01 00:14:32 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x4a) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:32 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x400000000000080) io_setup(0xeec, &(0x7f0000000040)) fallocate(r0, 0x1, 0x7, 0x4) 2018/04/01 00:14:32 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x53, r0, 0x0) ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) 2018/04/01 00:14:32 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200", 0x12}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:32 executing program 1: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) sendfile(r0, r0, &(0x7f0000000000), 0xed) fchmod(r0, 0x0) 2018/04/01 00:14:32 executing program 5 (fault-call:3 fault-nth:10): mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 232.211289] FAULT_INJECTION: forcing a failure. [ 232.211289] name failslab, interval 1, probability 0, space 0, times 0 [ 232.222900] CPU: 0 PID: 19139 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 232.230090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.239442] Call Trace: [ 232.242034] dump_stack+0x194/0x24d [ 232.245666] ? arch_local_irq_restore+0x53/0x53 [ 232.250340] ? __save_stack_trace+0x7e/0xd0 [ 232.254668] should_fail+0x8c0/0xa40 [ 232.258388] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 232.263492] ? kasan_kmalloc+0xad/0xe0 [ 232.267384] ? kmem_cache_alloc_trace+0x136/0x740 [ 232.272225] ? __memcg_init_list_lru_node+0x169/0x270 [ 232.277430] ? __list_lru_init+0x544/0x750 [ 232.281666] ? sget_userns+0x691/0xe40 [ 232.285553] ? mount_fs+0x66/0x2d0 [ 232.289090] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 232.293839] ? do_mount+0xea4/0x2bb0 [ 232.297550] ? SyS_mount+0xab/0x120 [ 232.301176] ? do_syscall_64+0x281/0x940 [ 232.305238] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 232.310601] ? find_held_lock+0x35/0x1d0 [ 232.314685] ? __lock_is_held+0xb6/0x140 [ 232.318752] ? check_same_owner+0x320/0x320 [ 232.323076] ? rcu_note_context_switch+0x710/0x710 [ 232.328008] should_failslab+0xec/0x120 [ 232.331979] kmem_cache_alloc_trace+0x4b/0x740 [ 232.336560] ? __kmalloc_node+0x33/0x70 [ 232.340526] ? __kmalloc_node+0x33/0x70 [ 232.344503] ? rcu_read_lock_sched_held+0x108/0x120 [ 232.349527] __memcg_init_list_lru_node+0x169/0x270 [ 232.354543] ? list_lru_add+0x7c0/0x7c0 2018/04/01 00:14:32 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x4a) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:32 executing program 1: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000ee9000)=0x40000000000800, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000469ffc)=0x7fe, 0x4) sendto$inet(r0, &(0x7f0000edf000), 0x0, 0x0, &(0x7f0000011ffd)={0x2, 0x4e20}, 0x10) setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000080)=0x800014e4, 0x4) recvmsg(r0, &(0x7f0000bd9000)={0x0, 0x0, &(0x7f0000eec000), 0x0, &(0x7f00009fdfaf)=""/81, 0x51}, 0x40002106) r1 = fcntl$getown(r0, 0x9) ptrace(0x420f, r1) 2018/04/01 00:14:32 executing program 7: symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:32 executing program 2: clock_getres(0x3, &(0x7f0000000000)) 2018/04/01 00:14:32 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 232.358512] ? __kmalloc_node+0x47/0x70 [ 232.362487] __list_lru_init+0x544/0x750 [ 232.366556] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 232.372438] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 232.377456] ? __lockdep_init_map+0xe4/0x650 [ 232.381865] ? lockdep_init_map+0x9/0x10 [ 232.385920] sget_userns+0x691/0xe40 [ 232.389623] ? kill_litter_super+0x90/0x90 [ 232.393850] ? ns_test_super+0x50/0x50 [ 232.397729] ? destroy_unused_super.part.6+0xd0/0xd0 [ 232.402824] ? do_raw_spin_trylock+0x190/0x190 [ 232.407404] ? kobject_put+0x6b/0x250 2018/04/01 00:14:32 executing program 1: r0 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binder(&(0x7f0000005ff3)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="05630440000000000c319fdbc39575bd97e93dd7577f3c68ac5aff8b9437588324422c096e5d9e999640fd0595286af0803ca914fa45f20ff49682da0c2466c782c19a47dac0e027faea90047d1dfccc3435908a703c02c6063fa8fd7e0a2531447588c32b18b13ea609b0a2213de44924e520a8724831cab543d496274bc0c4693a48cdcaabbe1dc2a0cec55cef00000000000000"], 0x0, 0x0, &(0x7f0000000100)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000007000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f000000e000)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000fd0)={0x8, 0x0, &(0x7f000000ff80)=[@release={0x40046306}], 0x0, 0x0, &(0x7f0000001000)}) 2018/04/01 00:14:32 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 232.411205] ? blkdev_get+0x3a1/0xb00 [ 232.415000] ? cap_capable+0x1b5/0x230 [ 232.418879] ? __blkdev_get+0x13b0/0x13b0 [ 232.423019] ? security_capable+0x8e/0xc0 [ 232.427156] ? kill_litter_super+0x90/0x90 [ 232.431385] ? ns_capable_common+0xcf/0x160 [ 232.435699] ? ns_test_super+0x50/0x50 [ 232.439652] ? kill_litter_super+0x90/0x90 [ 232.443878] sget+0xd2/0x120 [ 232.446891] mount_bdev+0x109/0x370 [ 232.450514] ? fuse_get_root_inode+0x190/0x190 [ 232.455091] fuse_mount_blk+0x34/0x40 [ 232.458881] mount_fs+0x66/0x2d0 2018/04/01 00:14:33 executing program 7 (fault-call:1 fault-nth:0): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 232.462245] vfs_kern_mount.part.26+0xc6/0x4a0 [ 232.466823] ? may_umount+0xa0/0xa0 [ 232.470449] ? _raw_read_unlock+0x22/0x30 [ 232.474592] ? __get_fs_type+0x8a/0xc0 [ 232.478478] do_mount+0xea4/0x2bb0 [ 232.482016] ? copy_mount_string+0x40/0x40 [ 232.486244] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 232.491255] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 232.496008] ? retint_kernel+0x10/0x10 [ 232.498766] FAULT_INJECTION: forcing a failure. [ 232.498766] name failslab, interval 1, probability 0, space 0, times 0 [ 232.499886] ? copy_mount_options+0x18b/0x2e0 [ 232.499899] ? __sanitizer_cov_trace_pc+0x14/0x50 [ 232.499909] ? copy_mount_options+0x1f7/0x2e0 [ 232.499921] SyS_mount+0xab/0x120 [ 232.499929] ? copy_mnt_ns+0xb30/0xb30 [ 232.499941] do_syscall_64+0x281/0x940 [ 232.499951] ? vmalloc_sync_all+0x30/0x30 [ 232.499962] ? _raw_spin_unlock_irq+0x27/0x70 [ 232.499971] ? finish_task_switch+0x1c1/0x7e0 [ 232.499984] ? syscall_return_slowpath+0x550/0x550 [ 232.554005] ? syscall_return_slowpath+0x2ac/0x550 [ 232.558916] ? prepare_exit_to_usermode+0x350/0x350 [ 232.563913] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 232.569260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 232.574085] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 232.579253] RIP: 0033:0x454e79 [ 232.582424] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 232.590113] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 232.597360] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 232.604608] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 232.611857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.619103] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 232.626367] CPU: 1 PID: 19171 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #9 [ 232.633551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.642896] Call Trace: [ 232.645482] dump_stack+0x194/0x24d [ 232.649138] ? arch_local_irq_restore+0x53/0x53 [ 232.653802] ? trace_hardirqs_off+0x10/0x10 [ 232.658128] should_fail+0x8c0/0xa40 [ 232.661848] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 232.666948] ? __f_unlock_pos+0x19/0x20 [ 232.670918] ? find_held_lock+0x35/0x1d0 [ 232.674979] ? check_same_owner+0x320/0x320 [ 232.679378] ? vfs_write+0x374/0x510 [ 232.683082] ? rcu_note_context_switch+0x710/0x710 [ 232.688006] should_failslab+0xec/0x120 [ 232.691971] kmem_cache_alloc+0x47/0x760 [ 232.696033] getname_flags+0xcb/0x580 [ 232.699828] ? SyS_symlinkat+0x250/0x250 [ 232.703885] SyS_symlink+0x7d/0x240 [ 232.707507] ? SyS_write+0x184/0x220 [ 232.708270] FAULT_INJECTION: forcing a failure. [ 232.708270] name failslab, interval 1, probability 0, space 0, times 0 [ 232.711210] ? SyS_symlinkat+0x250/0x250 [ 232.711223] ? do_syscall_64+0xb7/0x940 [ 232.711233] ? SyS_symlinkat+0x250/0x250 [ 232.711244] do_syscall_64+0x281/0x940 [ 232.711255] ? vmalloc_sync_all+0x30/0x30 [ 232.711266] ? _raw_spin_unlock_irq+0x27/0x70 [ 232.711277] ? finish_task_switch+0x1c1/0x7e0 [ 232.711286] ? syscall_return_slowpath+0x550/0x550 [ 232.711296] ? syscall_return_slowpath+0x2ac/0x550 [ 232.711305] ? prepare_exit_to_usermode+0x350/0x350 [ 232.711321] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 232.771561] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 232.776395] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 232.781569] RIP: 0033:0x454e79 [ 232.784741] RSP: 002b:00007fe25dc30c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 232.792429] RAX: ffffffffffffffda RBX: 00007fe25dc316d4 RCX: 0000000000454e79 [ 232.799679] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040 [ 232.806927] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 2018/04/01 00:14:33 executing program 6 (fault-call:0 fault-nth:25): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 232.814178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 232.821428] R13: 0000000000000649 R14: 00000000006fb778 R15: 0000000000000000 [ 232.828691] CPU: 0 PID: 19179 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 232.835872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 232.845216] Call Trace: [ 232.847802] dump_stack+0x194/0x24d [ 232.851428] ? arch_local_irq_restore+0x53/0x53 [ 232.856092] ? __save_stack_trace+0x7e/0xd0 [ 232.860415] should_fail+0x8c0/0xa40 [ 232.863867] FAT-fs (loop0): invalid media value (0x00) [ 232.864121] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 232.864133] ? kasan_kmalloc+0xad/0xe0 [ 232.864141] ? kmem_cache_alloc_trace+0x136/0x740 [ 232.864150] ? __memcg_init_list_lru_node+0x169/0x270 [ 232.864156] ? __list_lru_init+0x544/0x750 [ 232.864167] ? sget_userns+0x691/0xe40 [ 232.869490] FAT-fs (loop0): Can't find a valid FAT filesystem [ 232.874506] ? mount_fs+0x66/0x2d0 [ 232.874516] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 232.874523] ? do_mount+0xea4/0x2bb0 [ 232.874530] ? SyS_mount+0xab/0x120 [ 232.874538] ? do_syscall_64+0x281/0x940 [ 232.874552] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 232.927283] ? find_held_lock+0x35/0x1d0 [ 232.931346] ? __lock_is_held+0xb6/0x140 [ 232.935408] ? check_same_owner+0x320/0x320 [ 232.939716] ? rcu_note_context_switch+0x710/0x710 [ 232.944634] should_failslab+0xec/0x120 [ 232.948590] kmem_cache_alloc_trace+0x4b/0x740 [ 232.953147] ? __kmalloc_node+0x33/0x70 [ 232.957094] ? __kmalloc_node+0x33/0x70 [ 232.961061] ? rcu_read_lock_sched_held+0x108/0x120 [ 232.966082] __memcg_init_list_lru_node+0x169/0x270 [ 232.971085] ? list_lru_add+0x7c0/0x7c0 [ 232.975043] ? __kmalloc_node+0x47/0x70 [ 232.978996] __list_lru_init+0x544/0x750 [ 232.983052] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 232.988913] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 232.993913] ? __lockdep_init_map+0xe4/0x650 [ 232.998312] ? lockdep_init_map+0x9/0x10 [ 233.002351] sget_userns+0x691/0xe40 [ 233.006047] ? kill_litter_super+0x90/0x90 [ 233.010280] ? ns_test_super+0x50/0x50 [ 233.014155] ? destroy_unused_super.part.6+0xd0/0xd0 [ 233.019237] ? do_raw_spin_trylock+0x190/0x190 [ 233.023811] ? kobject_put+0x6b/0x250 [ 233.027606] ? blkdev_get+0x3a1/0xb00 [ 233.031394] ? cap_capable+0x1b5/0x230 [ 233.035267] ? __blkdev_get+0x13b0/0x13b0 [ 233.039395] ? security_capable+0x8e/0xc0 [ 233.043522] ? kill_litter_super+0x90/0x90 [ 233.047730] ? ns_capable_common+0xcf/0x160 [ 233.052032] ? ns_test_super+0x50/0x50 [ 233.055905] ? kill_litter_super+0x90/0x90 [ 233.060119] sget+0xd2/0x120 [ 233.063213] mount_bdev+0x109/0x370 [ 233.066822] ? fuse_get_root_inode+0x190/0x190 [ 233.071396] fuse_mount_blk+0x34/0x40 [ 233.075214] mount_fs+0x66/0x2d0 [ 233.078557] vfs_kern_mount.part.26+0xc6/0x4a0 [ 233.083223] ? may_umount+0xa0/0xa0 [ 233.086843] ? _raw_read_unlock+0x22/0x30 [ 233.090965] ? __get_fs_type+0x8a/0xc0 [ 233.094828] do_mount+0xea4/0x2bb0 [ 233.098343] ? copy_mount_string+0x40/0x40 [ 233.102552] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 233.107544] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 233.112286] ? retint_kernel+0x10/0x10 [ 233.116166] ? copy_mount_options+0x181/0x2e0 [ 233.120636] ? copy_mount_options+0x1f7/0x2e0 [ 233.125115] SyS_mount+0xab/0x120 [ 233.128547] ? copy_mnt_ns+0xb30/0xb30 [ 233.132411] do_syscall_64+0x281/0x940 [ 233.136276] ? vmalloc_sync_all+0x30/0x30 [ 233.140401] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 233.145910] ? syscall_return_slowpath+0x550/0x550 [ 233.150820] ? syscall_return_slowpath+0x2ac/0x550 [ 233.155728] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 233.161073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 233.165898] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 233.171066] RIP: 0033:0x454e79 [ 233.174245] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 233.181935] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 233.189182] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 233.196429] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 233.203673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.210915] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:33 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000004000)={0x4, 0x0, &(0x7f0000000040)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f00004c1000)}) socket$key(0xf, 0x3, 0x2) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$inet6(0xa, 0x3, 0x3a) setsockopt$inet6_int(r2, 0x29, 0xd1, &(0x7f00000000c0), 0x4) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xc8, &(0x7f0000000000), 0x4) setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x0, 0x100000001, 0x158, 0xfffffffffffffe01}, 0xc) preadv(r0, &(0x7f0000000080), 0x0, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) bind$unix(r3, &(0x7f0000fe1000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) connect$unix(r1, &(0x7f0000932000)=@file={0x1, "e91f7189591e9233614b00"}, 0xc) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000cf7ff4)) 2018/04/01 00:14:33 executing program 7 (fault-call:1 fault-nth:1): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:33 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x8) mkdir(&(0x7f0000000080)='./file0\x00', 0xc) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:33 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000232ff6)='/dev/ptmx\x00', 0x204000000002, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x40004) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.memory_pressure\x00', 0x0, 0x0) name_to_handle_at(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=ANY=[@ANYBLOB="2400000003000000acadfffffffb3ffb05ff9bd45f70abc5fff0e2ecc0669ca43d5b6c5a"], &(0x7f0000000100), 0x400) syz_emit_ethernet(0x3e, &(0x7f0000976000)={@link_local={0x1, 0x80, 0xc2}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "06f526", 0x6, 0x200000003a, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@echo_request={0x80, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}}}}}, &(0x7f0000a95fe8)) write(r0, &(0x7f00000003c0)="a2f5d65772deea303e0200001100002d89360ac2017c926d5ec1a2420de2395f6427e3efbb00000f04", 0x29) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f00000000c0)) 2018/04/01 00:14:33 executing program 6 (fault-call:0 fault-nth:26): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:33 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000", 0x15}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:33 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) uselib(&(0x7f0000000000)='./file0\x00') 2018/04/01 00:14:33 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fcntl$getown(r0, 0x9) ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000040)) fallocate(r0, 0x0, 0x0, 0x4) [ 233.308567] FAULT_INJECTION: forcing a failure. [ 233.308567] name failslab, interval 1, probability 0, space 0, times 0 [ 233.317946] FAULT_INJECTION: forcing a failure. [ 233.317946] name failslab, interval 1, probability 0, space 0, times 0 [ 233.319918] CPU: 1 PID: 19200 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #9 [ 233.338181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.347521] Call Trace: [ 233.350096] dump_stack+0x194/0x24d [ 233.353709] ? arch_local_irq_restore+0x53/0x53 [ 233.358372] should_fail+0x8c0/0xa40 [ 233.362071] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 233.367157] ? kasan_kmalloc+0xad/0xe0 [ 233.371027] ? kmem_cache_alloc+0x12e/0x760 [ 233.375332] ? getname_flags+0xcb/0x580 [ 233.379290] ? SyS_symlink+0x7d/0x240 [ 233.383073] ? do_syscall_64+0x281/0x940 [ 233.387121] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 233.392471] ? __f_unlock_pos+0x19/0x20 [ 233.396430] ? find_held_lock+0x35/0x1d0 [ 233.400486] ? check_same_owner+0x320/0x320 [ 233.404786] ? vfs_write+0x374/0x510 [ 233.408485] ? rcu_note_context_switch+0x710/0x710 [ 233.413403] should_failslab+0xec/0x120 [ 233.417360] kmem_cache_alloc+0x47/0x760 [ 233.421408] getname_flags+0xcb/0x580 [ 233.425192] SyS_symlink+0xc1/0x240 [ 233.428800] ? SyS_write+0x184/0x220 [ 233.432499] ? SyS_symlinkat+0x250/0x250 [ 233.436543] ? do_syscall_64+0xb7/0x940 [ 233.440499] ? SyS_symlinkat+0x250/0x250 [ 233.444545] do_syscall_64+0x281/0x940 [ 233.448416] ? vmalloc_sync_all+0x30/0x30 [ 233.452546] ? _raw_spin_unlock_irq+0x27/0x70 [ 233.457026] ? finish_task_switch+0x1c1/0x7e0 [ 233.461503] ? syscall_return_slowpath+0x550/0x550 [ 233.466414] ? syscall_return_slowpath+0x2ac/0x550 [ 233.471325] ? prepare_exit_to_usermode+0x350/0x350 [ 233.476332] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 233.481678] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 233.486510] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 233.491681] RIP: 0033:0x454e79 [ 233.494852] RSP: 002b:00007fe25dc30c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 233.502544] RAX: ffffffffffffffda RBX: 00007fe25dc316d4 RCX: 0000000000454e79 [ 233.510230] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040 [ 233.517479] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 233.524733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 233.531990] R13: 0000000000000649 R14: 00000000006fb778 R15: 0000000000000001 [ 233.539259] CPU: 0 PID: 19203 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 233.546445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 233.555795] Call Trace: [ 233.558383] dump_stack+0x194/0x24d [ 233.562014] ? arch_local_irq_restore+0x53/0x53 [ 233.566681] ? __save_stack_trace+0x7e/0xd0 [ 233.571008] should_fail+0x8c0/0xa40 [ 233.574720] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 233.579825] ? kasan_kmalloc+0xad/0xe0 [ 233.583703] ? kmem_cache_alloc_trace+0x136/0x740 [ 233.587608] FAT-fs (loop0): invalid media value (0x00) [ 233.588534] ? __memcg_init_list_lru_node+0x169/0x270 [ 233.588541] ? __list_lru_init+0x544/0x750 [ 233.588550] ? sget_userns+0x691/0xe40 2018/04/01 00:14:34 executing program 7 (fault-call:1 fault-nth:2): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:34 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0\x00', 0x20000000000003) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) r2 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0xf4a000000000, 0x101000) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000180)=[@in6={0xa, 0x4e23, 0x6, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x58a}, @in={0x2, 0x4e24, @loopback=0x7f000001}, @in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}], 0x3c) r3 = geteuid() ioprio_get$uid(0x0, r3) utimes(&(0x7f0000000000)='./file0/control\x00', &(0x7f00000000c0)={{r0, r1/1000+10000}, {0x77359400}}) [ 233.588559] ? mount_fs+0x66/0x2d0 [ 233.588569] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 233.588577] ? do_mount+0xea4/0x2bb0 [ 233.588583] ? SyS_mount+0xab/0x120 [ 233.588592] ? do_syscall_64+0x281/0x940 [ 233.588606] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 233.593883] FAT-fs (loop0): Can't find a valid FAT filesystem [ 233.599031] ? find_held_lock+0x35/0x1d0 [ 233.599043] ? __lock_is_held+0xb6/0x140 [ 233.599060] ? check_same_owner+0x320/0x320 [ 233.599074] ? rcu_note_context_switch+0x710/0x710 [ 233.655223] should_failslab+0xec/0x120 [ 233.659186] kmem_cache_alloc_trace+0x4b/0x740 [ 233.663759] ? __kmalloc_node+0x33/0x70 [ 233.667725] ? __kmalloc_node+0x33/0x70 [ 233.671692] ? rcu_read_lock_sched_held+0x108/0x120 [ 233.676695] __memcg_init_list_lru_node+0x169/0x270 [ 233.681698] ? list_lru_add+0x7c0/0x7c0 [ 233.685654] ? __kmalloc_node+0x47/0x70 [ 233.689613] __list_lru_init+0x544/0x750 [ 233.693670] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 233.699959] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 233.704961] ? __lockdep_init_map+0xe4/0x650 [ 233.709369] ? lockdep_init_map+0x9/0x10 [ 233.713414] sget_userns+0x691/0xe40 [ 233.717113] ? kill_litter_super+0x90/0x90 [ 233.721335] ? ns_test_super+0x50/0x50 [ 233.725208] ? destroy_unused_super.part.6+0xd0/0xd0 [ 233.730287] ? do_raw_spin_trylock+0x190/0x190 [ 233.734849] ? kobject_put+0x6b/0x250 [ 233.738627] ? blkdev_get+0x3a1/0xb00 [ 233.742414] ? cap_capable+0x1b5/0x230 [ 233.746293] ? __blkdev_get+0x13b0/0x13b0 [ 233.750421] ? security_capable+0x8e/0xc0 [ 233.754554] ? kill_litter_super+0x90/0x90 [ 233.758779] ? ns_capable_common+0xcf/0x160 [ 233.763087] ? ns_test_super+0x50/0x50 [ 233.766950] ? kill_litter_super+0x90/0x90 [ 233.771165] sget+0xd2/0x120 [ 233.774174] mount_bdev+0x109/0x370 [ 233.777795] ? fuse_get_root_inode+0x190/0x190 [ 233.782352] fuse_mount_blk+0x34/0x40 [ 233.786136] mount_fs+0x66/0x2d0 [ 233.789480] vfs_kern_mount.part.26+0xc6/0x4a0 [ 233.794048] ? may_umount+0xa0/0xa0 [ 233.797652] ? _raw_read_unlock+0x22/0x30 [ 233.801784] ? __get_fs_type+0x8a/0xc0 [ 233.805648] do_mount+0xea4/0x2bb0 [ 233.809169] ? copy_mount_string+0x40/0x40 [ 233.813381] ? rcu_pm_notify+0xc0/0xc0 [ 233.817245] ? copy_mount_options+0x5f/0x2e0 [ 233.821628] ? rcu_read_lock_sched_held+0x108/0x120 [ 233.826622] ? kmem_cache_alloc_trace+0x459/0x740 [ 233.831445] ? kasan_check_write+0x14/0x20 [ 233.835654] ? _copy_from_user+0x99/0x110 [ 233.839778] ? copy_mount_options+0x1f7/0x2e0 [ 233.844261] SyS_mount+0xab/0x120 [ 233.847696] ? copy_mnt_ns+0xb30/0xb30 [ 233.851569] do_syscall_64+0x281/0x940 [ 233.855450] ? vmalloc_sync_all+0x30/0x30 [ 233.859578] ? _raw_spin_unlock_irq+0x27/0x70 [ 233.864057] ? finish_task_switch+0x1c1/0x7e0 [ 233.868540] ? syscall_return_slowpath+0x550/0x550 [ 233.873445] ? syscall_return_slowpath+0x2ac/0x550 [ 233.878355] ? prepare_exit_to_usermode+0x350/0x350 [ 233.883350] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 233.888699] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 233.893549] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 233.898723] RIP: 0033:0x454e79 [ 233.901896] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 233.909581] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 233.916829] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 233.924077] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 233.931330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.938588] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 233.986902] binder: BINDER_SET_CONTEXT_MGR already set [ 233.998989] FAULT_INJECTION: forcing a failure. [ 233.998989] name failslab, interval 1, probability 0, space 0, times 0 [ 234.003095] binder: 19194:19210 ioctl 40046207 0 returned -16 [ 234.010298] CPU: 1 PID: 19220 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #9 [ 234.010308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.032707] Call Trace: [ 234.035306] dump_stack+0x194/0x24d [ 234.038942] ? arch_local_irq_restore+0x53/0x53 [ 234.043617] should_fail+0x8c0/0xa40 [ 234.047343] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 234.052543] ? kasan_kmalloc+0xad/0xe0 [ 234.056426] ? kmem_cache_alloc+0x12e/0x760 [ 234.060741] ? getname_flags+0xcb/0x580 [ 234.064707] ? SyS_symlink+0x7d/0x240 [ 234.068508] ? do_syscall_64+0x281/0x940 [ 234.072561] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 234.077922] ? find_held_lock+0x35/0x1d0 [ 234.081982] ? find_held_lock+0x35/0x1d0 [ 234.086089] ? check_same_owner+0x320/0x320 [ 234.090424] ? vfs_write+0x374/0x510 [ 234.094137] ? rcu_note_context_switch+0x710/0x710 [ 234.099068] should_failslab+0xec/0x120 [ 234.103038] kmem_cache_alloc+0x47/0x760 [ 234.107101] getname_flags+0xcb/0x580 [ 234.110910] SyS_symlink+0xc1/0x240 [ 234.114532] ? SyS_write+0x184/0x220 [ 234.118246] ? SyS_symlinkat+0x250/0x250 [ 234.122302] ? do_syscall_64+0xb7/0x940 [ 234.126269] ? SyS_symlinkat+0x250/0x250 [ 234.130324] do_syscall_64+0x281/0x940 [ 234.134208] ? vmalloc_sync_all+0x30/0x30 [ 234.138349] ? _raw_spin_unlock_irq+0x27/0x70 [ 234.142839] ? finish_task_switch+0x1c1/0x7e0 [ 234.147332] ? syscall_return_slowpath+0x550/0x550 [ 234.152257] ? syscall_return_slowpath+0x2ac/0x550 [ 234.157180] ? prepare_exit_to_usermode+0x350/0x350 [ 234.162194] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 234.167637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 234.172475] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 234.177656] RIP: 0033:0x454e79 2018/04/01 00:14:34 executing program 4: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x40840, 0x0) setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000040)=0x1, 0x4) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:34 executing program 1: r0 = dup(0xffffffffffffffff) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x101800, 0x0) renameat2(r0, &(0x7f0000000000)='./file1\x00', r1, &(0x7f0000000080)='./file0\x00', 0x4) syz_mount_image$jfs(&(0x7f0000000240)='jfs\x00', &(0x7f0000000280)='./file0\x00', 0x430, 0x1, &(0x7f0000000540)=[{&(0x7f00000003c0), 0x0, 0x5f96}], 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="6e6f6469736361c4c35ab8939bfe074b190d9b72642c756573697a652c696f636861727365743d69736f38643e3ab153416a1da83835392d352c00602ddcd853974dd2459e35f43f2b997e672d358395564518339c8857b97a0b2064cfd40db8a879e9781812ab15f479b2e797d985d70b1598e752221b495c76f95bbd4fb11702ef250c832b8857a2c98b143dbed2d6948965b9985961fc5c3a22c6be0cf10cd4e1bc77125316fa518bf1a364144d1eda56e030409cb66c88ccbf1a2738db2bb23b2937975d1b1dbb10054093fd90a8ec3511a6d90180bb80385caa81fd63923fb65497b84beac84b1f3f22d926be6df0895cf4ece02d53186e5770221d628123e389e983ed4641aa972825d6f37febfc013ea0713438dfc3aee1d743b8d311"]) r2 = syz_open_dev$sg(&(0x7f0000000100)='/dev/sg#\x00', 0x3, 0x301000) connect$pppoe(r2, &(0x7f0000000140)={0x18, 0x0, {0x0, @empty, 'ip6gre0\x00'}}, 0x1e) pipe2(&(0x7f00000000c0), 0x4000) 2018/04/01 00:14:34 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000", 0x15}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:34 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) r0 = msgget(0x2, 0x41) msgctl$IPC_INFO(r0, 0x3, &(0x7f0000000080)=""/98) rename(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0\x00') 2018/04/01 00:14:34 executing program 6 (fault-call:0 fault-nth:27): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:34 executing program 3: r0 = open(&(0x7f0000000080)='./file0\x00', 0x141042, 0x42) mkdirat(r0, &(0x7f0000000040)='./bus\x00', 0xf0) fallocate(r0, 0x0, 0x0, 0x4) [ 234.180837] RSP: 002b:00007fe25dc30c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 234.188537] RAX: ffffffffffffffda RBX: 00007fe25dc316d4 RCX: 0000000000454e79 [ 234.195800] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040 [ 234.203061] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 234.210324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 234.217593] R13: 0000000000000649 R14: 00000000006fb778 R15: 0000000000000002 [ 234.232801] jfs: Unrecognized mount option "nodiscaÄÃZ¸“›þK ›rd" or missing value [ 234.249504] FAULT_INJECTION: forcing a failure. [ 234.249504] name failslab, interval 1, probability 0, space 0, times 0 [ 234.260769] CPU: 1 PID: 19241 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 234.267948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.277296] Call Trace: [ 234.279886] dump_stack+0x194/0x24d [ 234.283515] ? arch_local_irq_restore+0x53/0x53 [ 234.288183] ? __save_stack_trace+0x7e/0xd0 [ 234.292505] should_fail+0x8c0/0xa40 [ 234.296218] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 234.301317] ? kasan_kmalloc+0xad/0xe0 [ 234.305202] ? kmem_cache_alloc_trace+0x136/0x740 [ 234.310042] ? __memcg_init_list_lru_node+0x169/0x270 [ 234.315222] ? __list_lru_init+0x544/0x750 [ 234.319451] ? sget_userns+0x691/0xe40 [ 234.323355] ? mount_fs+0x66/0x2d0 [ 234.326897] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 234.331644] ? do_mount+0xea4/0x2bb0 [ 234.335359] ? SyS_mount+0xab/0x120 [ 234.338988] ? do_syscall_64+0x281/0x940 [ 234.343051] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 234.348417] ? find_held_lock+0x35/0x1d0 [ 234.352480] ? __lock_is_held+0xb6/0x140 [ 234.356559] ? check_same_owner+0x320/0x320 [ 234.360888] ? rcu_note_context_switch+0x710/0x710 [ 234.365822] should_failslab+0xec/0x120 [ 234.369797] kmem_cache_alloc_trace+0x4b/0x740 [ 234.374374] ? __kmalloc_node+0x33/0x70 [ 234.378344] ? __kmalloc_node+0x33/0x70 [ 234.382314] ? rcu_read_lock_sched_held+0x108/0x120 [ 234.387330] __memcg_init_list_lru_node+0x169/0x270 [ 234.393141] ? list_lru_add+0x7c0/0x7c0 [ 234.397110] ? __kmalloc_node+0x47/0x70 [ 234.397314] FAT-fs (loop0): invalid media value (0x00) [ 234.401075] __list_lru_init+0x544/0x750 [ 234.401090] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 234.401106] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 234.401117] ? __lockdep_init_map+0xe4/0x650 [ 234.401128] ? lockdep_init_map+0x9/0x10 [ 234.401139] sget_userns+0x691/0xe40 [ 234.401152] ? kill_litter_super+0x90/0x90 [ 234.406427] FAT-fs (loop0): Can't find a valid FAT filesystem [ 234.410449] ? ns_test_super+0x50/0x50 [ 234.410459] ? destroy_unused_super.part.6+0xd0/0xd0 [ 234.410468] ? do_raw_spin_trylock+0x190/0x190 [ 234.410483] ? kobject_put+0x6b/0x250 [ 234.460804] ? blkdev_get+0x3a1/0xb00 [ 234.464586] ? cap_capable+0x1b5/0x230 [ 234.468456] ? __blkdev_get+0x13b0/0x13b0 [ 234.472597] ? security_capable+0x8e/0xc0 [ 234.476734] ? kill_litter_super+0x90/0x90 [ 234.480942] ? ns_capable_common+0xcf/0x160 [ 234.485237] ? ns_test_super+0x50/0x50 [ 234.489115] ? kill_litter_super+0x90/0x90 [ 234.493337] sget+0xd2/0x120 [ 234.496331] mount_bdev+0x109/0x370 [ 234.499932] ? fuse_get_root_inode+0x190/0x190 [ 234.504491] fuse_mount_blk+0x34/0x40 [ 234.508268] mount_fs+0x66/0x2d0 [ 234.511615] vfs_kern_mount.part.26+0xc6/0x4a0 [ 234.516170] ? may_umount+0xa0/0xa0 [ 234.519770] ? _raw_read_unlock+0x22/0x30 [ 234.523894] ? __get_fs_type+0x8a/0xc0 [ 234.527753] do_mount+0xea4/0x2bb0 [ 234.531274] ? copy_mount_string+0x40/0x40 [ 234.535907] ? rcu_pm_notify+0xc0/0xc0 [ 234.539771] ? copy_mount_options+0x5f/0x2e0 [ 234.544155] ? rcu_read_lock_sched_held+0x108/0x120 [ 234.549149] ? kmem_cache_alloc_trace+0x459/0x740 [ 234.553963] ? kasan_check_write+0x14/0x20 [ 234.558169] ? _copy_from_user+0x99/0x110 [ 234.562289] ? copy_mount_options+0x1f7/0x2e0 [ 234.566757] SyS_mount+0xab/0x120 [ 234.570181] ? copy_mnt_ns+0xb30/0xb30 [ 234.574049] do_syscall_64+0x281/0x940 [ 234.577909] ? vmalloc_sync_all+0x30/0x30 [ 234.582045] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 234.587556] ? syscall_return_slowpath+0x550/0x550 [ 234.592461] ? syscall_return_slowpath+0x2ac/0x550 [ 234.597378] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 234.602731] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 234.607552] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 234.612714] RIP: 0033:0x454e79 [ 234.615881] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 234.623582] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 234.630831] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 2018/04/01 00:14:35 executing program 4: mkdir(&(0x7f0000000000)='./file0/file0\x00', 0x0) 2018/04/01 00:14:35 executing program 2: r0 = socket(0x10, 0x2, 0xc) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write(r0, &(0x7f0000828fe1)="1f0000000b06ffde0000f49f000000a9200600000900018001000000000600", 0x1f) 2018/04/01 00:14:35 executing program 7 (fault-call:1 fault-nth:3): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:35 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000009e40)='./file0/control\x00', 0xffffffffffffffff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000240)='hugetlb.2MB.max_usage_in_bytes\x00', 0x2, 0x0) read(r1, &(0x7f0000000140)=""/232, 0xfffffffffffffcba) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200, 0x0) r3 = socket$bt_cmtp(0x1f, 0x3, 0x5) ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000080)={r3, 0x1}) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000100)={0x5, &(0x7f00000000c0)=[{}, {}, {}, {}, {}]}) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000005c0)={0x0, 0x3}, &(0x7f0000000600)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000000640)={0x0, @in={{0x2, 0x4e23, @multicast1=0xe0000001}}, 0x1000, 0x0, 0x9, 0x81, 0x1f}, &(0x7f0000000700)=0x98) getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000003d80), &(0x7f0000003dc0)=0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000003e00)={0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000003e40)=0x2c) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r2, 0x84, 0xf, &(0x7f0000003e80)={0x0, @in6={{0xa, 0x4e21, 0x5, @empty, 0x6}}, 0x4, 0x5, 0x8aa8, 0x0, 0x9}, &(0x7f0000003f40)=0x98) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000004a80)={0x0, 0x7a, "872aee647f619f42d89a834c5e59478e92edb2abf33a48201d7129c60704f6850c56d179a44d89db21581f1687519f112ca46b8550e2303f3b71c25dce5bfe0c7703cd22445e82de96d55aee316c128924528e33cfa3812a7ddf2795adbb2242189f502a95d61e9b0eb6355d8a71b92d9fcb4ec646b18944035a"}, &(0x7f0000004b40)=0x82) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000004b80)={0x0, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x13}}}, [0x2d, 0x5e, 0x5, 0x4, 0xf606, 0x720, 0x0, 0xfffffffffffffff8, 0x3000000000, 0x1, 0xfffffffffffffffd, 0xe4a, 0x4, 0x7, 0x40]}, &(0x7f0000004c80)=0x100) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000007240)={0xd3bb, 0x20, 0x206, 0x6, 0x5, 0x3f, 0x6, 0x9, r5}, &(0x7f0000009d80)=0x20) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f0000006f40)={0x0, 0xfa, "c704890f956eb79d107ac85f6682478930f728cae95c98c4ba0d730834855652e17cb4c6729c9096f64a7e0f7d4793560dc5b51bfd72bd58e1a7e391b85521869c70ced5b57119abe72ca3b94a2b2b9729c670ab92666d7349c0244485d1e987a755b4035aefbd684eea881342b80f8b08a9f99912c2085ae653662153dc79a478e4939745c4999b4484365c4eb806a3bb08436f668bb2243998b2fc35e498907b97a8afb4f84bc9991f9ad3781ee881f90ae74f61046047073fbed13a9b4207e092e2a8aaa352d6a7cabe1f4d5d8a04b65bc584655bd134a6eeca30b44c813efb2295fa9c8dd2e905df74ff9b3ff40539679eb4a70039cd35f3"}, &(0x7f0000007080)=0x102) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000007300)={0x0, 0x13, "526ae697f4f3fb44af9da6b80376dbfa981dd2"}, &(0x7f0000007340)=0x1b) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000007380)={0x0, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x411, 0xc2, 0x6, 0x0, 0x10}, &(0x7f0000007440)=0x98) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000007480)={r4, 0x7fffffff}, &(0x7f00000074c0)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000007d00)={0x0, 0x9}, &(0x7f0000007d40)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000009dc0)={r6, 0x1}, &(0x7f0000007dc0)=0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000009e80)=ANY=[@ANYRES32=0x0, @ANYBLOB="a4000000eeb497e858132aaa1a565af98d98a589e23a5d2ce58e447c7be4a9a790c0c31086f60e7202ed84a1f002a1bc2d8017f86981e35c63ce0ea69bb1d2fabbab1e24bda224a401979f1bb33bc505cafde133639387af01bc334369e2eea6ccb08411b6bfccf0403905a78c1b0a358d107dbef9a629e40172cdb17fb60cbf88c556e30ee1fa81220adada5ce0ab8570db3738c490752cdf5f5b3855a60f8f1d7b207f84ba039a72920946ea8d82de288f091a2d0104a0f60420ac5c56eb28659038df34ebce61216105064d0d76352f2e3d5ac39a778d05055fc38fff39003bcad7e343b6cc1ccb3fc68b2720aa0da214eb4ae44a1eb61901837c79f59f52c734b62b59f23eebfab7cce1172e630e84"], &(0x7f0000009480)=0xac) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000009540)={0x0, 0x68, &(0x7f00000094c0)=[@in={0x2, 0x4e22, @broadcast=0xffffffff}, @in6={0xa, 0x4e20, 0x81, @mcast2={0xff, 0x2, [], 0x1}, 0x100}, @in={0x2, 0x4e22, @broadcast=0xffffffff}, @in6={0xa, 0x4e24, 0x93, @loopback={0x0, 0x1}, 0x5}, @in={0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}]}, &(0x7f0000009580)=0x10) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f00000095c0)={0x0, 0x400}, &(0x7f0000009600)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000009640)=@sack_info={0x0, 0x1ff, 0xffffffffffffffff}, &(0x7f0000009680)=0xc) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000040)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000009700)=0x1c) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000009a40)={0x0, 0x9}, &(0x7f0000009a80)=0x8) 2018/04/01 00:14:35 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0xffffffffffffffff}, 0x1c) sendto$inet6(r0, &(0x7f000023effe)="7f", 0x1, 0x0, &(0x7f000010e000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000002c0), 0x8) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x2, 0x0) write$fuse(r1, &(0x7f0000000080)={0x28, 0x0, 0x0, @fuse_notify_delete_out={0x9, 0x5, 0x4}}, 0x28) 2018/04/01 00:14:35 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) getsockopt$ax25_buf(r0, 0x101, 0x19, &(0x7f0000000040)=""/13, &(0x7f0000000080)=0xd) fallocate(r0, 0x0, 0x0, 0x4) bind$vsock_stream(r0, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10) 2018/04/01 00:14:35 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000", 0x15}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:35 executing program 6 (fault-call:0 fault-nth:28): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 234.638073] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 234.645316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.652561] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 234.701847] FAULT_INJECTION: forcing a failure. [ 234.701847] name failslab, interval 1, probability 0, space 0, times 0 [ 234.713117] CPU: 1 PID: 19258 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #9 [ 234.720297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.729644] Call Trace: [ 234.732222] dump_stack+0x194/0x24d [ 234.735838] ? arch_local_irq_restore+0x53/0x53 [ 234.740489] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 234.745656] ? print_irqtrace_events+0x270/0x270 [ 234.750394] should_fail+0x8c0/0xa40 [ 234.754086] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 234.759171] ? print_irqtrace_events+0x270/0x270 [ 234.763911] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 234.769087] ? __lock_is_held+0xb6/0x140 [ 234.773126] ? __lock_acquire+0x664/0x3e00 [ 234.777349] ? check_same_owner+0x320/0x320 [ 234.781654] ? rcu_note_context_switch+0x710/0x710 [ 234.786559] ? __lock_acquire+0x664/0x3e00 [ 234.790780] should_failslab+0xec/0x120 [ 234.794731] kmem_cache_alloc+0x47/0x760 [ 234.798770] ? find_held_lock+0x35/0x1d0 [ 234.802813] ext4_alloc_inode+0xc1/0x7e0 [ 234.806854] ? ext4_xattr_get+0x16f/0xa00 [ 234.810979] ? ext4_drop_inode+0x390/0x390 [ 234.815193] ? lock_downgrade+0x980/0x980 [ 234.819326] ? ext4_xattr_inode_set_class+0x60/0x60 [ 234.824320] ? trace_hardirqs_off+0x10/0x10 [ 234.828622] ? down_read+0x96/0x150 [ 234.832229] ? ext4_xattr_get+0x137/0xa00 [ 234.836354] ? __down_interruptible+0x6b0/0x6b0 [ 234.841014] ? trace_hardirqs_off+0x10/0x10 [ 234.845321] ? ext4_drop_inode+0x390/0x390 [ 234.849535] alloc_inode+0x65/0x180 [ 234.853141] new_inode_pseudo+0x69/0x190 [ 234.857182] ? prune_icache_sb+0x1a0/0x1a0 [ 234.861403] new_inode+0x1c/0x40 [ 234.864747] __ext4_new_inode+0x3a0/0x4e80 [ 234.868960] ? rcutorture_record_progress+0x10/0x10 [ 234.873962] ? __unwind_start+0x169/0x330 [ 234.878091] ? ext4_free_inode+0x1740/0x1740 [ 234.882487] ? save_stack+0xa3/0xd0 [ 234.886093] ? save_stack+0x43/0xd0 [ 234.889696] ? __kasan_slab_free+0x11a/0x170 [ 234.894084] ? kasan_slab_free+0xe/0x10 [ 234.898034] ? kmem_cache_free+0x83/0x2a0 [ 234.902157] ? putname+0xee/0x130 [ 234.905587] ? filename_create+0x245/0x520 [ 234.909801] ? SyS_symlink+0xd5/0x240 [ 234.913580] ? do_syscall_64+0x281/0x940 [ 234.917620] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 234.922971] ? _raw_spin_unlock_irqrestore+0xa6/0xc0 [ 234.928053] ? debug_check_no_obj_freed+0x3da/0xf1f [ 234.933049] ? d_alloc+0x269/0x340 [ 234.936570] ? print_irqtrace_events+0x270/0x270 [ 234.941303] ? trace_hardirqs_off+0x10/0x10 [ 234.945603] ? free_obj_work+0x690/0x690 [ 234.949641] ? mark_held_locks+0xaf/0x100 [ 234.953770] ? __dquot_initialize+0x2d2/0xb70 [ 234.958253] ? dquot_get_next_dqblk+0x160/0x160 [ 234.962899] ? map_id_up+0x23b/0x420 [ 234.966592] ? make_kprojid+0x30/0x30 [ 234.970384] ext4_symlink+0x41e/0x1060 [ 234.974257] ? ext4_orphan_del+0xab0/0xab0 [ 234.978466] ? security_inode_permission+0xbb/0xf0 [ 234.983376] ? security_inode_symlink+0xc7/0x100 [ 234.988111] vfs_symlink+0x323/0x560 [ 234.991806] SyS_symlink+0x1d2/0x240 [ 234.995497] ? SyS_write+0x184/0x220 [ 234.999194] ? SyS_symlinkat+0x250/0x250 [ 235.003236] ? do_syscall_64+0xb7/0x940 [ 235.007192] ? SyS_symlinkat+0x250/0x250 [ 235.011235] do_syscall_64+0x281/0x940 [ 235.015099] ? vmalloc_sync_all+0x30/0x30 [ 235.019658] ? _raw_spin_unlock_irq+0x27/0x70 [ 235.024132] ? finish_task_switch+0x1c1/0x7e0 [ 235.028611] ? syscall_return_slowpath+0x550/0x550 [ 235.033520] ? syscall_return_slowpath+0x2ac/0x550 [ 235.038431] ? prepare_exit_to_usermode+0x350/0x350 [ 235.043437] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 235.048784] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 235.053613] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 235.058781] RIP: 0033:0x454e79 [ 235.061948] RSP: 002b:00007fe25dc30c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 235.069634] RAX: ffffffffffffffda RBX: 00007fe25dc316d4 RCX: 0000000000454e79 [ 235.076881] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040 [ 235.084126] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 235.091372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 235.098617] R13: 0000000000000649 R14: 00000000006fb778 R15: 0000000000000003 [ 235.135243] FAULT_INJECTION: forcing a failure. [ 235.135243] name failslab, interval 1, probability 0, space 0, times 0 [ 235.146511] CPU: 1 PID: 19273 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 235.152965] FAT-fs (loop0): invalid media value (0x00) [ 235.153687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.153693] Call Trace: [ 235.153709] dump_stack+0x194/0x24d [ 235.153724] ? arch_local_irq_restore+0x53/0x53 [ 235.159040] FAT-fs (loop0): Can't find a valid FAT filesystem [ 235.168334] ? __save_stack_trace+0x7e/0xd0 [ 235.168355] should_fail+0x8c0/0xa40 [ 235.168370] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 235.168383] ? kasan_kmalloc+0xad/0xe0 [ 235.202032] ? kmem_cache_alloc_trace+0x136/0x740 [ 235.206870] ? __memcg_init_list_lru_node+0x169/0x270 [ 235.206881] ? __list_lru_init+0x544/0x750 [ 235.206890] ? sget_userns+0x691/0xe40 [ 235.206901] ? mount_fs+0x66/0x2d0 [ 235.206914] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 235.206921] ? do_mount+0xea4/0x2bb0 [ 235.206928] ? SyS_mount+0xab/0x120 [ 235.206938] ? do_syscall_64+0x281/0x940 [ 235.206948] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 235.206961] ? find_held_lock+0x35/0x1d0 [ 235.206973] ? __lock_is_held+0xb6/0x140 [ 235.206990] ? check_same_owner+0x320/0x320 [ 235.207001] ? rcu_note_context_switch+0x710/0x710 [ 235.207016] should_failslab+0xec/0x120 [ 235.266562] kmem_cache_alloc_trace+0x4b/0x740 [ 235.271144] ? __kmalloc_node+0x33/0x70 [ 235.275095] ? __kmalloc_node+0x33/0x70 [ 235.279046] ? rcu_read_lock_sched_held+0x108/0x120 [ 235.284043] __memcg_init_list_lru_node+0x169/0x270 [ 235.289037] ? list_lru_add+0x7c0/0x7c0 [ 235.292988] ? __kmalloc_node+0x47/0x70 [ 235.296942] __list_lru_init+0x544/0x750 [ 235.300984] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 235.306845] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 235.311837] ? __lockdep_init_map+0xe4/0x650 [ 235.316224] ? lockdep_init_map+0x9/0x10 [ 235.320264] sget_userns+0x691/0xe40 [ 235.323953] ? kill_litter_super+0x90/0x90 [ 235.328166] ? ns_test_super+0x50/0x50 [ 235.332035] ? destroy_unused_super.part.6+0xd0/0xd0 [ 235.337116] ? do_raw_spin_trylock+0x190/0x190 [ 235.341675] ? kobject_put+0x6b/0x250 [ 235.345455] ? blkdev_get+0x3a1/0xb00 [ 235.349233] ? cap_capable+0x1b5/0x230 [ 235.353094] ? __blkdev_get+0x13b0/0x13b0 [ 235.357216] ? security_capable+0x8e/0xc0 [ 235.361341] ? kill_litter_super+0x90/0x90 [ 235.365550] ? ns_capable_common+0xcf/0x160 [ 235.369850] ? ns_test_super+0x50/0x50 [ 235.373711] ? kill_litter_super+0x90/0x90 [ 235.377920] sget+0xd2/0x120 [ 235.380918] mount_bdev+0x109/0x370 [ 235.384519] ? fuse_get_root_inode+0x190/0x190 [ 235.389080] fuse_mount_blk+0x34/0x40 [ 235.392856] mount_fs+0x66/0x2d0 [ 235.396201] vfs_kern_mount.part.26+0xc6/0x4a0 [ 235.400757] ? may_umount+0xa0/0xa0 [ 235.404361] ? _raw_read_unlock+0x22/0x30 [ 235.408485] ? __get_fs_type+0x8a/0xc0 [ 235.412348] do_mount+0xea4/0x2bb0 [ 235.415868] ? copy_mount_string+0x40/0x40 [ 235.420080] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 235.425074] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 235.429809] ? retint_kernel+0x10/0x10 [ 235.433673] ? copy_mount_options+0x18b/0x2e0 [ 235.438143] ? copy_mount_options+0x196/0x2e0 [ 235.442612] ? copy_mount_options+0x1f7/0x2e0 [ 235.447086] SyS_mount+0xab/0x120 [ 235.450513] ? copy_mnt_ns+0xb30/0xb30 [ 235.454381] do_syscall_64+0x281/0x940 [ 235.458244] ? vmalloc_sync_all+0x30/0x30 [ 235.462369] ? _raw_spin_unlock_irq+0x27/0x70 [ 235.466838] ? finish_task_switch+0x1c1/0x7e0 [ 235.471308] ? syscall_return_slowpath+0x550/0x550 [ 235.476215] ? syscall_return_slowpath+0x2ac/0x550 [ 235.481121] ? prepare_exit_to_usermode+0x350/0x350 [ 235.486114] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 235.491455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 235.496276] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 235.501441] RIP: 0033:0x454e79 [ 235.504604] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 235.512373] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 235.519705] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 235.526951] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 2018/04/01 00:14:35 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001800)={r1, &(0x7f0000000740)="8e0e7482a0c24da1b8410ddfd072c8ff1d4be1a8b7de4c0b613cbf5262af3cacefb25d2617bd9f2a674a6ccbef642b405454c4ed22d2267197056e7a7a268586136d5dcc3e3bae0b445afd1e914389271cc11a73df087bbed6964aca55289ad50ea563743fc666fdd81887ad832e13dd9a1198add79c2116b19e7958898f2b132399e7b5ea0e8ebcaa5e3296cd7104b8b35ff58bfcd60a4eec28e59ad190", &(0x7f0000000800)=""/4096}, 0x18) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r1, &(0x7f0000000000)="9130374fd40a64a3238c3766d86b1c48a55886e442a30cd0cbbff163505b109f140b319c60c8b6d3faa2b822f4145344262bab5c10bcd850", &(0x7f0000000040)=""/216}, 0x18) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00'}) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000300)={0x0, 0x1}, 0x8) socket$bt_bnep(0x1f, 0x3, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000b3dfc8)={&(0x7f0000001580)={0x10}, 0xc, &(0x7f00000015c0)={&(0x7f0000abf000)={0x14, 0x22, 0x109, 0x0, 0x0, {0x4}}, 0x14}, 0x1}, 0x0) preadv(r1, &(0x7f00000006c0)=[{&(0x7f00000001c0)=""/158, 0x9e}, {&(0x7f0000000140)=""/32, 0x20}, {&(0x7f0000000280)=""/94, 0x5e}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f0000000440)=""/174, 0xae}, {&(0x7f0000000500)=""/255, 0xff}, {&(0x7f0000000600)=""/177, 0xb1}], 0x8, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) getsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000001840), &(0x7f0000001880)=0x4) 2018/04/01 00:14:36 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x120) fallocate(r0, 0x2, 0x7ffffffd, 0x9) [ 235.534195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.541439] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:36 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:36 executing program 7 (fault-call:1 fault-nth:4): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:36 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000080)='./file0/file0\x00', 0xce, 0x7, &(0x7f0000000500)=[{&(0x7f00000000c0)="8ba86bf79753094f7aafcdd904b1c5b03c137b036536cfdb175d5d3bafa3506e599951d831d3efa58c3a4d357a180a804c7b84fa37afbf36b12a4eac9e6c5bc48fea3d0febb38f1bcebe4803f40c98f3eb4fdceeddefbd53e25a1c", 0x5b, 0x1da0}, {&(0x7f0000000180)="7b23c2bfb17d81515c1fd99ea93df2ce9b0ebd23ca851d1c5a", 0x19, 0x101}, {&(0x7f00000001c0)="98268d940d62d92f6fb94213c43fef3cdcb22809d1c989371de63f15714ffaebfce80de5c57fa63e57b44573bc809d79cd70fa2c8ecab43f4618f39883364f3d53566fa86e30792167ea3c1fcb78f8748fc304bdc22f692662d16034bdac3da07bd801600f20bee6ecdd5a0872cba7b091b41c71e605e1d463f86416639e3089b1d280acb04e68b53e1c8f010b46ded03a36da917f9f2202a4d5c120c016be22567016e087b721414a80e794d7d0e7896e950828cb1a28", 0xb7, 0x2c2d}, {&(0x7f0000000280)="0cab509e29061babf0040d6e3978d5d141281901552026caa2ec696687f30952566ebcffe18368b722d5eb47ac3e655fd300ddb51ea2079b6fe73893c077549953295aa6db3fab2ce7c42ef606a17ed95bc378e525626fc9e14c4b59aecc711b04413123fecb8ed813ea5fc2cda6e613617845c4fa6a75a078164b790a8d13aefd9f", 0x82, 0x9}, {&(0x7f0000000340)="4c1e535b1336883d8f20468cb1e6453e322a03abf398a28132d7f007a67988dc7bd3e4b136a1dcf2430cb78c6912fcd1e79427e989f90abf159915f3230884f06c46839a76023f24a692d138fa3716822cfdc7faadefc55610305ae1e76f36cc7a3146b321d865188ae92953211db230c25f5b31ca59af5b815e8e361de8da5af122f093e2e9bf570c93fb3044855c7637986f04068d81244cf1f5f30606e5d707b6676dccbec3e46ab3cbf7ae84d3d710bc27c478802e0aec0e4d132f37ad88e7eb6c32ca70378b4a7e780745", 0xcd}, {&(0x7f0000000440)='>', 0x1, 0x101}, {&(0x7f0000000480)="d931fb63b4302939379e89c5fe5e5ef5ed7c23bb58b4d918db49caa8d313f6c61557894e3f22533d47a59cd1d1c72455a3ac86e18d3e973bc7cacfaecb232ea865e055ff8045ef429a2f7555a93ba8ba91de966e1c914534ab229dc50028d23633a769b1175a51a78603c77ab94128dfa8624f9ce404c9baeab355", 0x7b, 0x5}], 0x1, &(0x7f00000005c0)={[{@statfs_quantum={'statfs_quantum', 0x3d, [0x3f, 0x35, 0x36, 0x0, 0x7f]}, 0x2c}, {@upgrade='upgrade', 0x2c}, {@nodiscard='nodiscard', 0x2c}, {@upgrade='upgrade', 0x2c}, {@nodiscard='nodiscard', 0x2c}]}) socket$inet6_udp(0xa, 0x2, 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:36 executing program 6 (fault-call:0 fault-nth:29): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 235.593071] netlink: 'syz-executor2': attribute type 1 has an invalid length. [ 235.670674] FAULT_INJECTION: forcing a failure. [ 235.670674] name failslab, interval 1, probability 0, space 0, times 0 [ 235.682191] CPU: 1 PID: 19294 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #9 [ 235.689378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.698729] Call Trace: [ 235.701315] dump_stack+0x194/0x24d [ 235.704947] ? arch_local_irq_restore+0x53/0x53 [ 235.709620] should_fail+0x8c0/0xa40 [ 235.713317] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 235.718401] ? trace_event_raw_event_lock+0x340/0x340 [ 235.723569] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 235.728734] ? __lock_acquire+0x664/0x3e00 [ 235.732951] ? make_kprojid+0x30/0x30 [ 235.736736] ? find_held_lock+0x35/0x1d0 [ 235.740777] ? __lock_is_held+0xb6/0x140 [ 235.744826] ? check_same_owner+0x320/0x320 [ 235.749133] ? __d_lookup+0x4f4/0x830 [ 235.752916] ? rcu_note_context_switch+0x710/0x710 [ 235.757834] should_failslab+0xec/0x120 [ 235.761790] kmem_cache_alloc+0x47/0x760 [ 235.765838] __d_alloc+0xc1/0xbd0 [ 235.769272] ? shrink_dcache_for_umount+0x290/0x290 [ 235.774267] ? d_alloc_parallel+0x1b40/0x1b40 [ 235.778746] ? lock_release+0xa40/0xa40 [ 235.782702] ? mark_held_locks+0xaf/0x100 [ 235.786826] ? d_lookup+0x133/0x2e0 [ 235.790435] ? d_lookup+0x1d5/0x2e0 [ 235.794043] ? rcu_note_context_switch+0x710/0x710 [ 235.798953] d_alloc+0x8e/0x340 [ 235.802212] ? __d_alloc+0xbd0/0xbd0 [ 235.805906] ? down_write_nested+0x8b/0x120 [ 235.810209] __lookup_hash+0x58/0x190 [ 235.813989] filename_create+0x1c7/0x520 [ 235.818036] ? kern_path_mountpoint+0x40/0x40 [ 235.822521] ? getname_flags+0x256/0x580 [ 235.826567] SyS_symlink+0xd5/0x240 [ 235.830172] ? SyS_write+0x184/0x220 [ 235.833864] ? SyS_symlinkat+0x250/0x250 [ 235.837903] ? do_syscall_64+0xb7/0x940 [ 235.841853] ? SyS_symlinkat+0x250/0x250 [ 235.845893] do_syscall_64+0x281/0x940 [ 235.849759] ? vmalloc_sync_all+0x30/0x30 [ 235.853883] ? _raw_spin_unlock_irq+0x27/0x70 [ 235.858358] ? finish_task_switch+0x1c1/0x7e0 [ 235.862829] ? syscall_return_slowpath+0x550/0x550 [ 235.867737] ? syscall_return_slowpath+0x2ac/0x550 [ 235.872644] ? prepare_exit_to_usermode+0x350/0x350 [ 235.877640] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 235.882993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 235.887822] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 235.892987] RIP: 0033:0x454e79 [ 235.896153] RSP: 002b:00007fe25dc30c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 235.903837] RAX: ffffffffffffffda RBX: 00007fe25dc316d4 RCX: 0000000000454e79 [ 235.911085] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040 2018/04/01 00:14:36 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0xd7, 0x7, &(0x7f0000001380)=[{&(0x7f0000000080)="591f9a13f4aba90630051ff1af13fa383566884d6a8ae5d36a4028c690aa0558f022c276c550000ed49fe041cbda6bb1e72d4a604605897d7d277b5913fc7bf4a44b648051d38437a76df44d81c6e511197258f36fd8989f1e430e5249c151ad1799cb7a8242dae1b9c7c58a51b16ca99c6ce516d4fdb9034e72988f8ae3ac90aa9dea27dca19399e2b346b4b345e5f1a9b743261949b7248c56abb1d7b778b38093b4c4676af6b9e906183a8d7d9bf7d3e73a164e5d23b61a2687f0ac035883fd473911cb2ef09de49979e6aa988103a6362e266dfe4b66a548b685beac5d1401185c3fc922758fe59f70eb3d71e191d773e4aee4fc998e3661117c057a45bef164aff3e5f1a5e128563dcf9789301febfd43674b5a83152279aa777893569d440531473fcddb41e3095434f72c0bce0fc41d642ee75a166119c60cec27eb288a377d2240c40ede69ea4d035bfe6e6666b3941598fc5a1eadff81a510aafef27f9a08182c0d5eb8f87c865cf6ff79007916047cf0c7bf13a27818a1a752f1dad878b583b4630b2e85ee34e5304324ba707a0fb226faed75429a9293bf1582a5430c6780d208fc144aa4134adc3e01e47e70f7df04bcbebaa60cd83fab248309714d0dbf9d61ca8082596135fbf05d56a18e8bc338e8f00b10c3a1f4a4812ecccdfb5fc8fc7ba4afdae40f1d8397c5e4c184466f1d64340d3dbc3c9202ee0f5be960020fc208958144216fa038b0d87854bed5b4ab98509b6c252c481d84b116babc8d8a09682a79f40a8c81e50d8bf50c2a0f418f87d0b44aad4fded48995ee0e96a13b8400630a4458e046199db88fc4c50e408fee5f2b8a074a87607084c78600c789c142028a23ccf130b90ae2335808e872a312e0c9f820431607fb5869233c8cc9ccf0d694b282b9e47c1203d80722d8fb883de18955014747e2ab37c905d5fb6185ab3294e237e71459a4269b179cffd6596aa81a5758f75d0b2eec187e49ea7a21df9d77826c962af018cd1f765663e2bd566418f31ae9ec18a88008f38cb66764cc82d3bf577755398a72d88411217812b39f30068596e6d5fb4b46787549aed9131d1d1356f7c9109de5e3422377516de5bfafa7cb121ba39133d6bf8ecfa1e39c363434e60bd6e19f87574ce9e2fb8855cecfc2ab904b2e43218d0d6869d8630417b554bb998d50b51a6d62f24586371e8f9a6c56d4e6c15f5ba9f374b9f33134d08881c8d6e11191906fc4c96712e345572504ce4469c410a827398a4f27407f53c4d24d543b4312ca682e41a1bbb1260738ae788ea60c673b8d10854519c0961c4a73a205a34550129d7c9aeb935de0c9df9463ddf8bf5797a6361fb42ce4b723a097ddb4ed5d852e662f82c6da42e1f23ff09b0e3e7ce2f2a6972bda1845c884ea072800192f3d62f182033fdd615141c46d51ea376abb30b6e4eb92f4810fc7ead41acf7225d6dfcab66f554e6a98cec429ec95a3ed94a757304fe315b23766410908010d0c01e7d5654b510889d4a846f8d6dab0570f6b5553abb2df762d04a9b4d1c913e3f428e31154d8863d97125472904e9c7c601003cd6502078ecd9fd3bcdcf60d979ad7af67c929658c82cf3cadad11f465c2a84b2b5254717b0ebf4c2f914f29764f05b45148cbdfae11339e72222c29c4d901d8fecf7c25bb15314b918fbfa843c4f600531ec6d4081fc1a652bd2a6614ca18989e4324add5606bedac85949602a28bf0ae1e92583ec5811bc1dbf4bbe8b5ef52a2bc4c93cb1975a5c1a97f8a5180bbfac8702662562652daeb4e6fe3c5660768c67d65c58893e623fc556543dc91574752e4c2eb5f29291f42cc77dba012ef5e14a1ea772d08105031c01686bbbbb41ead9431a06c1650595cf2f41ab68d09da611bb2b6d40ba7679e702b133bcae8ef667424c492165d0a2e4ab89e0e2e3ba0595b02b29a5bb525ab69595f3a6143522745b66fec4e7d469fcef8999eca71973e376a0c02c2b60422b984f293ec1af4340e4dddc74ade82f8bfdc7e6d98dc121dbb212fe3c6c688590caf7cdedf4663cb4355b4444aaf9ea1667580079e6eea740c12f809d8a7436f289f3bf7a53adc61065607f32c856fbbf0ee58a6aac9c47bfe45d3d791895469161737ceb21e1d934477fdbad251231d50508cf28c0dcb800e89e6f97371c67cf0f2b534d7048403b211c2a552737a87d94d259b74378e670710a6a382c9c1fdf7b9d460cf781fe1da7b2c58204700eb3fff9369ae614c4987ad7769f10157815d0c2458187e8cdea1f9140815d015b888a796cf6b81ccdbf968a5d35a003224febddd75eef8f110afa96d4a6820df12410c47f3e2b874a20a5a69a75390864fa1dc049b86a0d6e2903ff4e0aa09aedafd6adc02fe426da0e6edc30accf39254c1d2c073957cee67f6415fc7f51a3918a8a82bdcefe314c9cd4be482e31e6c7b97730c1ade4ed6b39d719e7ad91555f1801d05fe9ff1662eb677d216b279b4000b1a65a7ab5f1a0d47ddf4e40b2ffb76953fdc11cf8b1cec106a3313ec1ee3b3ddf89351e98c61ea46e29106bb19c384a65707804c70a2c8275fe622103f20001b704fc72664e5acfa5f4f6c249e8b9cf2b3a28a4f221bdb2d6e4745cec509aa6bca501324a82abc70ea049ebccbeca6f141d28a5f81450a436681a8ee39cd6a1ecc842827b3d3b09de4c7cffd7a43fe9cd95ef0644c0c92fa26d6755bb951a029c8c803a7006609d4abc780f7aded7844bb9291a46102f2954613008811a71e0611a5a7eaeea9e2c5ab80da68d622dd0c5fe1eeae35d54969a9dcba7d1bc6a27207e28d1f420a59803d3832ff2abe3a743112d78c768d0d1daa736031dd380f7672b0f2189426757b933e1df4357174dd8a88fe84be7dd52e76c0baab93890826111ebb5733566042c5ae7dc28bbf49285d0032bfd3016dfc3eec6aadfe88ec23e14eadbb28d1a81e2f5213a87ffb11ee7416fa90ebdfe4f2cd36e1f57807a1b4298254a86cb55f522b281a97f2e35afaf8bcdc21ef29384657e3770f8248dd99a775aa8ee384f71b060bd41c69c1a6b74367f85fb51adac144874a99bf773ab8713a2e68832de70e277ff6bd5ba4909fbc317664f34aeeb74c14b8814f2f4a856814ab10313fa3ebaa4f29d09dca2fc69ce01028b6c9a24b6a7fdada9bfb209bead4cfe79f4584f2d6f444db5c2d08afb9fac44693e515b4e9e48bc3857a5f1679cc987762591d4d118b1e6adfb835795374af3486350d623f9d0b11868932479dfd1d7a732573178d3eb5d5e4ab32b051ed0d9e6bfc24ab2747929c2e0657bd3578df8196869fdf9ab8c57f03f0090929dfee9f2157871ff145058c5d7f072c541cc25aaaf827c1e6b24111f1ef9ce0903a51e0c559c6c9853e14387ba5c0538e49a66982da6f1bd85d9f91d206ee34a128c11a30abac5702281b143c69dc16070a8e5c4562153a10b0ace9245c6aee5afb8950845e5b55566d4dbcc605105befcf551f8fafbad8bbead0836ef6208b57f3742c553b82096d523e629e07e8fc4ac408c3fc67678613397d541d9998faf9da391cf33240abc94c4ffd2cfc56d077bca2c4ad9db9c07b69dc38b0febe1ba80b71f97955ee646112132f11febe461efa5f9ddd68fab8e31906e233649592288cab5350bc8f1cf348bbd19c871d3992df0d50a9c57d62e35a47bc5a697b88cf0d04550ea4a44953fbe9a3b712667bba1bf883c597d21b5e0e393afed15c91b452a081d780269e81a15ed49bf915aefe4b928537269b8c780301a0f8c4ce1d53c009796bf0d6ad07420b9e1abe2ad0834ee3e9ecd9cadbaa15d19b0f4d58502d029b793c2954e270f2a624f0c5109370afa4f606e4b1867e71043f9f21000817ccf04548c8f611bc33f953cb4c8fc800028258b14d578814416ea72344bf2c634324beded729ab0e5dd23ccc585109342743bd49db41672ac009aaa2bd9c1302ee21950e9b5406d533eb2c67fa84272f541ba3381d4199b38ae2b1f941c55a272f2316677fb36538bef4a1dd54ff8067f7734b98d5af6610382318fea436d7345725a135be7a66466f1dcd36ba7ff455688567af2bf1b6d57166c95bec8bb9f0694f7fb8d2fa12b96a20c0c43118fa8ed1cd13a64a98b4dc37774280cdaa679c0ceafe825bd2c3d40a9f30a74f82039632429f000ad07166cdc10e8e23c853b072ed054074f9bc20afa22e1a1679ad6cf05c467264eb3b95b20397148da5a0cec28f6a4fccae36c493a97fe45f748e51be36731fb7e4ce6f5cc5cc5aba8030f1c21cb3035da459b13055ab11005bc737f2a06a20f3113a5bba46f7983646ab05bd78c81ca43098d4787cd0b0b2188ce2570db145c9740ff0a5b759228886db1ba38171debb26aeebf1ed80b9e23d101f2ff31f7dce06c69fb513113b764ef95ba113677ed98179b2603650155575ae94d71bd23eee7ff5d023a7cdcbf5d528ffc761ffbc9d8f52c8e9a178c81933aab44f072ce7b38bdd2bbf4c53245ac441863a241ed036678cfd980813ca9e073c46a95c93c3ffbdb61d1bc6fa9922d851119b875043a454236d50707920f49f826ea9f5b39c138f57ca59eaa0ff77a72eff0d7133c699026cdcf3879e91293ca4ec6147c690eb59263ac533a144b37dc74f5b37a163f665eb107afadf8b848b047fd4ab088cce384e6e82cb65f86a5189c9d26bdd9474d6822c02df37bca8cab75aaab47eadcd2aaf09d9b81bf1b0bb3058d39d567a3bdb3043eaf883a5b25187dd9dfb32be36443af05a9911c5780fa15343eed1f6a67a142472f1df6a8c7f82219f5f5d42c040ab3abc0bd90eb168779cb66c2a6e92f55429bb500fc84f1d057d1b6a9a1cfd3643ddab9a9aba8e745adad7656fab9b18c39b1f6029a824da2b39f986bdf4809c78c421b007b801763b936c4b91513d6504253ae8fdb419162db99602377c355a2995d31acb66acae8febbe28ae85962548c1ea19aed1187136ffcd21187e5f4ddfa45436086b3b90d8b1d65fca2263ae2d31daf5daf0c6b613f991fa37ac3368cbb8d289880353d83b776ddaec7c858a58fe11b0e57b7217be792518de417faf6b342f99f3c56249997aea14034b5b04ef42b2599d7b653e0dee8f46bd0d5e0a4b8c08b7523d26e24249fa50ff90638ff56a4605ab12213f4693f3ae0ec508e0d6cf6b698a16b138854099677b0273581524b78cbb8c263d4bcfaa68b2f4e2a2e5f9e11473984f2b38a9fe8c495542ac2234ca2b537df89e938acdf6e33db162b779ae319ba0f61d36cd4d61049675fa4fd9fb71c55d2daf0b12af3e8980d0333628cd08b4f38a4116f51b95bfd40c872212364ce2e5995762dff3ea1062107451070d3e3e099659f77024ebf24ee6eb4b77ac6700a67378d7820d6922c9df19cc48f8d48efcc918c8af81e23edb0057d51b294caa7da2d547e56c2077000cdd55b2e9b1b05d23a017cceb59df7743eb8c5fbcce2b1d010735fac1b0a5efa4823fb475549e50f82c8e682630a9b4734a1bc587e742d7c82b6217f502dccec8b2fe7836acfe1563ab0919ffd042839b8a0dd8aea22532e168932ff41715492d2261eedcd37d6c4757961f6c00e2eed012e5d0f264ba25e9d609d5a5304b7f9a7d9d7ccedbf1cc8c99f1d7789fed8ab7c687296b8e9b281f793ed52caaa3c4d721340be4d47f77c6a44cc17fdaac1b75255df178ddd004108fbe315fb6b2bd0b4f65cdacd1067059f43239456296ac7ad40f716837e662e4c193f1f6e1df72eb5faf6c28b420021dae0c43cd9ebb602f", 0x1000, 0x9}, {&(0x7f0000001080)="a713f7d25fb2b85e743529eca936f5b2572b32c1060d1ba50e26549f40cc9883c8ce5aa0e4ed03d73ec52390e095c43a67addab80b5a8bd2089ed1b319aa4f4564070c261f635ddddd1c3e03ee4e0fea95b004a2cff1e27f615921b10f281b27712d22252e32dd12c13207bf3c72a267887b7be27e43f862704e1c641448794ee2ab544625652a0e40", 0x89, 0x1}, {&(0x7f0000001140)="a2e0072c200425a5c1ae0e8fe8e38279ee130cd32de5858665f56b8d95f293f5a54c61a4b9d73da8ac171cec45eb979f60a6b41173f62a31cf8ebe5b1e3f06eb751f2f4838", 0x45, 0x8}, {&(0x7f00000011c0)="2e832ff9004efe0fed7eff3028a0480e324dbea303d7dd801a8fe052fb78556c3b38aadeed114db128c1bc82561f8c94650c0c0fe5e913e929ecedf4728d6bfc583c23f518db4cae8e11b4f01e7db682775cad7e0aa11922c6cbc4d0e052be2a109a3c48966bade0845c", 0x6a, 0x4}, {&(0x7f0000001240)="6a1aacee384c0e7dcfbba701a239dd34f25a2c3af98d8d6af8ea0fef69e28b3eaf", 0x21, 0x1710}, {&(0x7f0000001280)="88125556adbf667b0b9dbf698fb176a4", 0x10}, {&(0x7f00000012c0)="d0da68e6ca460e39bd6c560fde818a13e026d5ca1c6a0b69431507017389610d071e8f808f51be15ec2db6c80a017f78654495b82886b5f4d4aeef52f2da3a7edb22be140ca7fe4a30e0f60c209fa1a32b11a3c0105ef6391edeed0a28a67207ab510bebccda9800c4f79f1db3570f965cb94c3f2cf756bff0bc8af6bf4f76a1461c7f5e64d7f2fdea41972e7294", 0x8e, 0xffffffff00000000}], 0x2000, &(0x7f00000014c0)=ANY=[@ANYBLOB="6465636f6d706f73652c6465636f6d706f73652c6e6f64656320ca33ecfac06f6d706f73652c756d61736b3d3331323335313732362c6465636f6d706f73652c6769643d31310035312c706172743d372c6e6f626172726965722c73657373696f6e3dee3f2c00"]) [ 235.918331] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 235.925577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 235.932821] R13: 0000000000000649 R14: 00000000006fb778 R15: 0000000000000004 [ 235.950468] FAULT_INJECTION: forcing a failure. [ 235.950468] name failslab, interval 1, probability 0, space 0, times 0 [ 235.951919] gfs2: invalid mount option: statfs_quantum=?56 [ 235.961796] CPU: 1 PID: 19299 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 235.967406] gfs2: can't parse mount arguments [ 235.974551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 235.974557] Call Trace: [ 235.974574] dump_stack+0x194/0x24d [ 235.974587] ? arch_local_irq_restore+0x53/0x53 [ 235.974601] ? kernel_text_address+0xd1/0xe0 [ 236.003620] ? __unwind_start+0x169/0x330 [ 236.007783] should_fail+0x8c0/0xa40 [ 236.011499] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 236.016611] ? save_stack+0x43/0xd0 [ 236.020239] ? kasan_kmalloc+0xad/0xe0 [ 236.024120] ? __kmalloc+0x162/0x760 [ 236.027121] FAULT_INJECTION: forcing a failure. [ 236.027121] name failslab, interval 1, probability 0, space 0, times 0 [ 236.027820] ? __list_lru_init+0xcf/0x750 [ 236.027836] ? find_held_lock+0x35/0x1d0 [ 236.047161] ? __lock_is_held+0xb6/0x140 [ 236.051213] ? check_same_owner+0x320/0x320 [ 236.055527] ? rcu_note_context_switch+0x710/0x710 [ 236.060444] should_failslab+0xec/0x120 [ 236.064402] kmem_cache_alloc_node_trace+0x5a/0x760 [ 236.069398] ? mark_held_locks+0xaf/0x100 [ 236.073527] ? __raw_spin_lock_init+0x1c/0x100 [ 236.078092] __kmalloc_node+0x33/0x70 [ 236.081876] kvmalloc_node+0x99/0xd0 [ 236.085573] __list_lru_init+0x5d5/0x750 [ 236.089618] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 236.095485] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 236.100492] ? lockdep_init_map+0x9/0x10 [ 236.104543] sget_userns+0x6b1/0xe40 [ 236.108236] ? kill_litter_super+0x90/0x90 [ 236.112452] ? ns_test_super+0x50/0x50 [ 236.116321] ? destroy_unused_super.part.6+0xd0/0xd0 [ 236.121405] ? do_raw_spin_trylock+0x190/0x190 [ 236.125971] ? kobject_put+0x6b/0x250 [ 236.129754] ? blkdev_get+0x3a1/0xb00 [ 236.133539] ? cap_capable+0x1b5/0x230 [ 236.137406] ? __blkdev_get+0x13b0/0x13b0 [ 236.141535] ? security_capable+0x8e/0xc0 [ 236.145665] ? kill_litter_super+0x90/0x90 [ 236.149880] ? ns_capable_common+0xcf/0x160 [ 236.154182] ? ns_test_super+0x50/0x50 [ 236.158052] ? kill_litter_super+0x90/0x90 [ 236.162267] sget+0xd2/0x120 [ 236.165269] mount_bdev+0x109/0x370 [ 236.168882] ? fuse_get_root_inode+0x190/0x190 [ 236.173445] fuse_mount_blk+0x34/0x40 [ 236.177227] mount_fs+0x66/0x2d0 [ 236.180577] vfs_kern_mount.part.26+0xc6/0x4a0 [ 236.185143] ? may_umount+0xa0/0xa0 [ 236.188753] ? _raw_read_unlock+0x22/0x30 [ 236.192884] ? __get_fs_type+0x8a/0xc0 [ 236.196755] do_mount+0xea4/0x2bb0 [ 236.200280] ? copy_mount_string+0x40/0x40 [ 236.204496] ? rcu_pm_notify+0xc0/0xc0 [ 236.208374] ? copy_mount_options+0x5f/0x2e0 [ 236.212765] ? rcu_read_lock_sched_held+0x108/0x120 [ 236.217764] ? kmem_cache_alloc_trace+0x459/0x740 [ 236.222609] ? copy_mount_options+0x1f7/0x2e0 [ 236.227089] SyS_mount+0xab/0x120 [ 236.230522] ? copy_mnt_ns+0xb30/0xb30 [ 236.234395] do_syscall_64+0x281/0x940 [ 236.238267] ? vmalloc_sync_all+0x30/0x30 [ 236.242395] ? _raw_spin_unlock_irq+0x27/0x70 [ 236.246874] ? finish_task_switch+0x1c1/0x7e0 [ 236.251350] ? syscall_return_slowpath+0x550/0x550 [ 236.256259] ? syscall_return_slowpath+0x2ac/0x550 [ 236.261169] ? prepare_exit_to_usermode+0x350/0x350 [ 236.266168] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 236.271519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 236.276345] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 236.281518] RIP: 0033:0x454e79 [ 236.284690] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 236.292378] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 236.299626] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 236.306873] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 236.314123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/04/01 00:14:36 executing program 7 (fault-call:1 fault-nth:5): mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:36 executing program 6 (fault-call:0 fault-nth:30): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 236.321376] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 236.328641] CPU: 0 PID: 19308 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #9 [ 236.335818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.345160] Call Trace: [ 236.347744] dump_stack+0x194/0x24d [ 236.351367] ? arch_local_irq_restore+0x53/0x53 [ 236.356034] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 236.361222] ? print_irqtrace_events+0x270/0x270 [ 236.365978] should_fail+0x8c0/0xa40 [ 236.369693] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 236.372895] FAULT_INJECTION: forcing a failure. [ 236.372895] name failslab, interval 1, probability 0, space 0, times 0 [ 236.374782] ? print_irqtrace_events+0x270/0x270 [ 236.374798] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 236.374815] ? __lock_is_held+0xb6/0x140 [ 236.374823] ? __lock_acquire+0x664/0x3e00 [ 236.374841] ? check_same_owner+0x320/0x320 [ 236.408442] ? rcu_note_context_switch+0x710/0x710 [ 236.413355] ? __lock_acquire+0x664/0x3e00 [ 236.417578] should_failslab+0xec/0x120 [ 236.421535] kmem_cache_alloc+0x47/0x760 [ 236.425751] ? find_held_lock+0x35/0x1d0 [ 236.429794] ext4_alloc_inode+0xc1/0x7e0 [ 236.433838] ? ext4_xattr_get+0x16f/0xa00 [ 236.437964] ? ext4_drop_inode+0x390/0x390 [ 236.442181] ? lock_downgrade+0x980/0x980 [ 236.446317] ? ext4_xattr_inode_set_class+0x60/0x60 [ 236.451316] ? trace_hardirqs_off+0x10/0x10 [ 236.455621] ? down_read+0x96/0x150 [ 236.459228] ? ext4_xattr_get+0x137/0xa00 [ 236.463359] ? __down_interruptible+0x6b0/0x6b0 [ 236.468020] ? trace_hardirqs_off+0x10/0x10 [ 236.472326] ? ext4_drop_inode+0x390/0x390 [ 236.476545] alloc_inode+0x65/0x180 [ 236.480154] new_inode_pseudo+0x69/0x190 [ 236.484195] ? prune_icache_sb+0x1a0/0x1a0 [ 236.488415] new_inode+0x1c/0x40 [ 236.491762] __ext4_new_inode+0x3a0/0x4e80 [ 236.495983] ? rcutorture_record_progress+0x10/0x10 [ 236.500993] ? __unwind_start+0x169/0x330 [ 236.505126] ? ext4_free_inode+0x1740/0x1740 [ 236.509525] ? save_stack+0xa3/0xd0 [ 236.513132] ? save_stack+0x43/0xd0 [ 236.516739] ? __kasan_slab_free+0x11a/0x170 [ 236.521128] ? kasan_slab_free+0xe/0x10 [ 236.525086] ? kmem_cache_free+0x83/0x2a0 [ 236.529215] ? putname+0xee/0x130 [ 236.532655] ? filename_create+0x245/0x520 [ 236.536871] ? SyS_symlink+0xd5/0x240 [ 236.540652] ? do_syscall_64+0x281/0x940 [ 236.544694] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 236.550044] ? _raw_spin_unlock_irqrestore+0xa6/0xc0 [ 236.555128] ? debug_check_no_obj_freed+0x3da/0xf1f [ 236.560124] ? d_alloc+0x269/0x340 [ 236.563652] ? print_irqtrace_events+0x270/0x270 [ 236.568393] ? trace_hardirqs_off+0x10/0x10 [ 236.572698] ? free_obj_work+0x690/0x690 [ 236.576739] ? mark_held_locks+0xaf/0x100 [ 236.580873] ? __dquot_initialize+0x2d2/0xb70 [ 236.585354] ? dquot_get_next_dqblk+0x160/0x160 [ 236.590005] ? map_id_up+0x23b/0x420 [ 236.593703] ? make_kprojid+0x30/0x30 [ 236.597490] ext4_symlink+0x41e/0x1060 [ 236.601363] ? ext4_orphan_del+0xab0/0xab0 [ 236.605579] ? security_inode_permission+0xbb/0xf0 [ 236.610490] ? security_inode_symlink+0xc7/0x100 [ 236.615228] vfs_symlink+0x323/0x560 [ 236.618928] SyS_symlink+0x1d2/0x240 [ 236.622623] ? SyS_write+0x184/0x220 [ 236.626317] ? SyS_symlinkat+0x250/0x250 [ 236.630358] ? do_syscall_64+0xb7/0x940 [ 236.634314] ? SyS_symlinkat+0x250/0x250 [ 236.638358] do_syscall_64+0x281/0x940 [ 236.642226] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 236.647747] ? syscall_return_slowpath+0x550/0x550 [ 236.652659] ? syscall_return_slowpath+0x2ac/0x550 [ 236.657577] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 236.662929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 236.667757] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 236.672927] RIP: 0033:0x454e79 [ 236.676618] RSP: 002b:00007fe25dc30c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 236.684310] RAX: ffffffffffffffda RBX: 00007fe25dc316d4 RCX: 0000000000454e79 [ 236.691560] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000040 [ 236.698808] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 236.706060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 236.713309] R13: 0000000000000649 R14: 00000000006fb778 R15: 0000000000000005 [ 236.720578] CPU: 1 PID: 19311 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 236.727753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 236.737081] Call Trace: [ 236.739646] dump_stack+0x194/0x24d [ 236.743250] ? arch_local_irq_restore+0x53/0x53 [ 236.747893] ? save_stack+0x43/0xd0 [ 236.751497] ? mutex_lock_io_nested+0x1900/0x1900 [ 236.756316] should_fail+0x8c0/0xa40 [ 236.760007] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 236.765089] ? trace_hardirqs_off+0x10/0x10 [ 236.769383] ? lock_downgrade+0x980/0x980 [ 236.773504] ? trace_hardirqs_off+0x10/0x10 [ 236.777799] ? find_held_lock+0x35/0x1d0 [ 236.781840] ? __lock_is_held+0xb6/0x140 [ 236.785882] ? check_same_owner+0x320/0x320 [ 236.790178] ? rcu_note_context_switch+0x710/0x710 [ 236.795081] ? rcu_note_context_switch+0x710/0x710 [ 236.799991] should_failslab+0xec/0x120 [ 236.803941] __kmalloc+0x63/0x760 [ 236.807371] ? __kmalloc_node+0x47/0x70 [ 236.811318] ? __list_lru_init+0xcf/0x750 [ 236.815443] __list_lru_init+0xcf/0x750 [ 236.819398] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 236.825271] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 236.830266] ? lockdep_init_map+0x9/0x10 [ 236.834302] sget_userns+0x6b1/0xe40 [ 236.837987] ? kill_litter_super+0x90/0x90 [ 236.842197] ? ns_test_super+0x50/0x50 [ 236.846059] ? destroy_unused_super.part.6+0xd0/0xd0 [ 236.851133] ? do_raw_spin_trylock+0x190/0x190 [ 236.855692] ? kobject_put+0x6b/0x250 [ 236.859472] ? blkdev_get+0x3a1/0xb00 [ 236.863335] ? cap_capable+0x1b5/0x230 [ 236.867195] ? __blkdev_get+0x13b0/0x13b0 [ 236.871322] ? security_capable+0x8e/0xc0 [ 236.875446] ? kill_litter_super+0x90/0x90 [ 236.879660] ? ns_capable_common+0xcf/0x160 [ 236.883956] ? ns_test_super+0x50/0x50 [ 236.887816] ? kill_litter_super+0x90/0x90 [ 236.892025] sget+0xd2/0x120 [ 236.895027] mount_bdev+0x109/0x370 [ 236.898628] ? fuse_get_root_inode+0x190/0x190 [ 236.903185] fuse_mount_blk+0x34/0x40 [ 236.906964] mount_fs+0x66/0x2d0 [ 236.910305] vfs_kern_mount.part.26+0xc6/0x4a0 [ 236.914862] ? may_umount+0xa0/0xa0 [ 236.918464] ? _raw_read_unlock+0x22/0x30 [ 236.922587] ? __get_fs_type+0x8a/0xc0 [ 236.926452] do_mount+0xea4/0x2bb0 [ 236.929968] ? copy_mount_string+0x40/0x40 [ 236.934178] ? rcu_pm_notify+0xc0/0xc0 [ 236.938044] ? copy_mount_options+0x5f/0x2e0 [ 236.942427] ? rcu_read_lock_sched_held+0x108/0x120 [ 236.947420] ? kmem_cache_alloc_trace+0x459/0x740 [ 236.952239] ? copy_mount_options+0x1f7/0x2e0 [ 236.956710] SyS_mount+0xab/0x120 [ 236.960136] ? copy_mnt_ns+0xb30/0xb30 [ 236.964002] do_syscall_64+0x281/0x940 [ 236.967871] ? vmalloc_sync_all+0x30/0x30 [ 236.971994] ? _raw_spin_unlock_irq+0x27/0x70 [ 236.976473] ? finish_task_switch+0x1c1/0x7e0 [ 236.980946] ? syscall_return_slowpath+0x550/0x550 [ 236.985849] ? syscall_return_slowpath+0x2ac/0x550 [ 236.990753] ? prepare_exit_to_usermode+0x350/0x350 [ 236.995743] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 237.001080] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 237.005898] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 237.011061] RIP: 0033:0x454e79 [ 237.014225] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/04/01 00:14:37 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r0, r0}) 2018/04/01 00:14:37 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001800)={r1, &(0x7f0000000740)="8e0e7482a0c24da1b8410ddfd072c8ff1d4be1a8b7de4c0b613cbf5262af3cacefb25d2617bd9f2a674a6ccbef642b405454c4ed22d2267197056e7a7a268586136d5dcc3e3bae0b445afd1e914389271cc11a73df087bbed6964aca55289ad50ea563743fc666fdd81887ad832e13dd9a1198add79c2116b19e7958898f2b132399e7b5ea0e8ebcaa5e3296cd7104b8b35ff58bfcd60a4eec28e59ad190", &(0x7f0000000800)=""/4096}, 0x18) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r1, &(0x7f0000000000)="9130374fd40a64a3238c3766d86b1c48a55886e442a30cd0cbbff163505b109f140b319c60c8b6d3faa2b822f4145344262bab5c10bcd850", &(0x7f0000000040)=""/216}, 0x18) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00'}) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000300)={0x0, 0x1}, 0x8) socket$bt_bnep(0x1f, 0x3, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000b3dfc8)={&(0x7f0000001580)={0x10}, 0xc, &(0x7f00000015c0)={&(0x7f0000abf000)={0x14, 0x22, 0x109, 0x0, 0x0, {0x4}}, 0x14}, 0x1}, 0x0) preadv(r1, &(0x7f00000006c0)=[{&(0x7f00000001c0)=""/158, 0x9e}, {&(0x7f0000000140)=""/32, 0x20}, {&(0x7f0000000280)=""/94, 0x5e}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f0000000440)=""/174, 0xae}, {&(0x7f0000000500)=""/255, 0xff}, {&(0x7f0000000600)=""/177, 0xb1}], 0x8, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) getsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000001840), &(0x7f0000001880)=0x4) [ 237.021904] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 237.029157] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 237.036403] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 237.043646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.050890] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:37 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:37 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:37 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x108) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/control\x00', 0x100, 0xc0) recvfrom$unix(r0, &(0x7f0000000180)=""/255, 0xff, 0x40000000, 0x0, 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:37 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x400200, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e21, 0x10000000000, @local={0xfe, 0x80, [], 0xaa}, 0x8}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000140)={0x8, 0x200, 0x401, 0x9, 0x0}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f00000001c0)={r1, 0x9, 0x5b1, 0xffff, 0x666, 0xe7c3, 0x396a, 0xfffffffffffffffd, {r2, @in={{0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x8, 0x0, 0x5, 0x3, 0x7}}, &(0x7f0000000280)=0xb0) 2018/04/01 00:14:37 executing program 1: r0 = syz_open_dev$mice(&(0x7f0000015000)='/dev/input/mice\x00', 0x0, 0x82) write(r0, &(0x7f000000afc3)="dc", 0x1) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000005c80)=ANY=[@ANYRES32=0x0, @ANYBLOB="32000000752eb229155d428c7af5ba75ec85ab5aa241d5ad1dfe1d9ea857f50fa46518356a3c9e4d78c8c562513995b2c8b5e9b8012ad17c5fa1edb1847e0cfa9027627c4fef568a75b34576"], &(0x7f0000000080)=0x2) r2 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r2) socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000140)={r1, 0xc3, "ef684948a6fe44bdafb950aef8d2eefb4dbb6791c3880f0a543b93530bcdc9450b343a560fad1b4356f57df3ef3d7f5a8d32aa7f506f3b6c4e4e989ee47913b5708a90d83820abaf711cec10792eeaba976bba46a69cf0be2207ec415edf7a35dec7b0ee9d1b80a66f42360683dbd12bf5d57c5b3ac2696b9e0f653b41d7dc90404d70d6716959c421ec5bf363a6a15a8b381afea515304101406662e446d72d124317e66bade66a8cd89ba388860eb8b1e538d4f4a6cf1ee0259336022e7d66e3ae9f"}, &(0x7f00000000c0)=0xcb) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000000)={0x0, 0x1, '}'}, &(0x7f0000000100)=0x9) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000040)=0x4, 0x8) readv(r0, &(0x7f0000000000), 0x1) sendmmsg$nfc_llcp(r0, &(0x7f0000005a40), 0x283, 0x42) 2018/04/01 00:14:37 executing program 6 (fault-call:0 fault-nth:31): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:37 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000180)=""/198, &(0x7f0000000000)=0xc6) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:37 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001800)={r1, &(0x7f0000000740)="8e0e7482a0c24da1b8410ddfd072c8ff1d4be1a8b7de4c0b613cbf5262af3cacefb25d2617bd9f2a674a6ccbef642b405454c4ed22d2267197056e7a7a268586136d5dcc3e3bae0b445afd1e914389271cc11a73df087bbed6964aca55289ad50ea563743fc666fdd81887ad832e13dd9a1198add79c2116b19e7958898f2b132399e7b5ea0e8ebcaa5e3296cd7104b8b35ff58bfcd60a4eec28e59ad190", &(0x7f0000000800)=""/4096}, 0x18) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r1, &(0x7f0000000000)="9130374fd40a64a3238c3766d86b1c48a55886e442a30cd0cbbff163505b109f140b319c60c8b6d3faa2b822f4145344262bab5c10bcd850", &(0x7f0000000040)=""/216}, 0x18) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00'}) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000300)={0x0, 0x1}, 0x8) socket$bt_bnep(0x1f, 0x3, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000b3dfc8)={&(0x7f0000001580)={0x10}, 0xc, &(0x7f00000015c0)={&(0x7f0000abf000)={0x14, 0x22, 0x109, 0x0, 0x0, {0x4}}, 0x14}, 0x1}, 0x0) preadv(r1, &(0x7f00000006c0)=[{&(0x7f00000001c0)=""/158, 0x9e}, {&(0x7f0000000140)=""/32, 0x20}, {&(0x7f0000000280)=""/94, 0x5e}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f0000000440)=""/174, 0xae}, {&(0x7f0000000500)=""/255, 0xff}, {&(0x7f0000000600)=""/177, 0xb1}], 0x8, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) getsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000001840), &(0x7f0000001880)=0x4) 2018/04/01 00:14:37 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000280)={&(0x7f0000000240)='./file1/file0\x00', 0x0, 0xb}, 0xd) clock_getres(0x7, &(0x7f00000000c0)) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 237.296402] FAULT_INJECTION: forcing a failure. [ 237.296402] name failslab, interval 1, probability 0, space 0, times 0 [ 237.307746] CPU: 1 PID: 19349 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 237.314959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.324306] Call Trace: [ 237.324327] dump_stack+0x194/0x24d [ 237.324341] ? arch_local_irq_restore+0x53/0x53 [ 237.324352] ? kernel_text_address+0xd1/0xe0 [ 237.324366] ? __unwind_start+0x169/0x330 2018/04/01 00:14:37 executing program 4: syz_open_dev$random(&(0x7f0000000000)='/dev/random\x00', 0x0, 0x40000) mkdir(&(0x7f0000000140)='./file0/file0\x00', 0x0) 2018/04/01 00:14:37 executing program 1: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x404800, 0x10) getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000100)=0x1, &(0x7f0000000140)=0x4) ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0xc29) r2 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$llc(r0, &(0x7f0000000000)={0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}, 0x10) ustat(0x3, &(0x7f0000000040)) setsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000180)=0x3, 0x2) dup3(r2, r0, 0x0) 2018/04/01 00:14:37 executing program 3: r0 = gettid() sched_getparam(r0, &(0x7f0000000040)) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) 2018/04/01 00:14:37 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 237.343836] should_fail+0x8c0/0xa40 [ 237.347565] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 237.352677] ? save_stack+0x43/0xd0 [ 237.356307] ? kasan_kmalloc+0xad/0xe0 [ 237.360198] ? __kmalloc+0x162/0x760 [ 237.363909] ? __list_lru_init+0xcf/0x750 [ 237.368063] ? find_held_lock+0x35/0x1d0 [ 237.372133] ? __lock_is_held+0xb6/0x140 [ 237.376216] ? check_same_owner+0x320/0x320 [ 237.380538] ? rcu_note_context_switch+0x710/0x710 [ 237.385474] should_failslab+0xec/0x120 [ 237.389454] kmem_cache_alloc_node_trace+0x5a/0x760 [ 237.394467] ? mark_held_locks+0xaf/0x100 [ 237.398618] ? __raw_spin_lock_init+0x1c/0x100 [ 237.403206] __kmalloc_node+0x33/0x70 [ 237.407013] kvmalloc_node+0x99/0xd0 [ 237.410726] __list_lru_init+0x5d5/0x750 [ 237.414786] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 237.420669] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 237.425689] ? lockdep_init_map+0x9/0x10 [ 237.429749] sget_userns+0x6b1/0xe40 [ 237.433455] ? kill_litter_super+0x90/0x90 [ 237.437688] ? ns_test_super+0x50/0x50 [ 237.441570] ? destroy_unused_super.part.6+0xd0/0xd0 [ 237.446667] ? do_raw_spin_trylock+0x190/0x190 [ 237.451249] ? kobject_put+0x6b/0x250 [ 237.455048] ? blkdev_get+0x3a1/0xb00 [ 237.458839] ? cap_capable+0x1b5/0x230 [ 237.460438] FAT-fs (loop0): Directory bread(block 6) failed [ 237.462711] ? __blkdev_get+0x13b0/0x13b0 [ 237.462726] ? security_capable+0x8e/0xc0 [ 237.462737] ? kill_litter_super+0x90/0x90 [ 237.462747] ? ns_capable_common+0xcf/0x160 [ 237.462757] ? ns_test_super+0x50/0x50 [ 237.462764] ? kill_litter_super+0x90/0x90 [ 237.462772] sget+0xd2/0x120 [ 237.462784] mount_bdev+0x109/0x370 [ 237.478488] FAT-fs (loop0): Directory bread(block 7) failed [ 237.480953] ? fuse_get_root_inode+0x190/0x190 [ 237.480966] fuse_mount_blk+0x34/0x40 [ 237.480977] mount_fs+0x66/0x2d0 [ 237.480992] vfs_kern_mount.part.26+0xc6/0x4a0 [ 237.481003] ? may_umount+0xa0/0xa0 [ 237.481015] ? _raw_read_unlock+0x22/0x30 [ 237.481025] ? __get_fs_type+0x8a/0xc0 [ 237.481038] do_mount+0xea4/0x2bb0 [ 237.485864] FAT-fs (loop0): Directory bread(block 8) failed [ 237.489215] ? copy_mount_string+0x40/0x40 [ 237.489226] ? rcu_pm_notify+0xc0/0xc0 [ 237.489240] ? copy_mount_options+0x5f/0x2e0 [ 237.489250] ? rcu_read_lock_sched_held+0x108/0x120 [ 237.489261] ? kmem_cache_alloc_trace+0x459/0x740 [ 237.489273] ? kasan_check_write+0x14/0x20 [ 237.489283] ? _copy_from_user+0x99/0x110 [ 237.489294] ? copy_mount_options+0x1f7/0x2e0 [ 237.494150] FAT-fs (loop0): Directory bread(block 9) failed [ 237.496505] SyS_mount+0xab/0x120 [ 237.496514] ? copy_mnt_ns+0xb30/0xb30 [ 237.496526] do_syscall_64+0x281/0x940 [ 237.496537] ? vmalloc_sync_all+0x30/0x30 [ 237.496548] ? _raw_spin_unlock_irq+0x27/0x70 [ 237.496559] ? finish_task_switch+0x1c1/0x7e0 [ 237.496567] ? syscall_return_slowpath+0x550/0x550 [ 237.496578] ? syscall_return_slowpath+0x2ac/0x550 [ 237.500324] FAT-fs (loop0): Directory bread(block 10) failed [ 237.505867] ? prepare_exit_to_usermode+0x350/0x350 [ 237.505880] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 237.505893] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 237.505907] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 237.505915] RIP: 0033:0x454e79 [ 237.505920] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 237.505931] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 237.505936] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 237.505942] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 237.505946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.505952] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 237.511225] FAT-fs (loop0): Directory bread(block 11) failed 2018/04/01 00:14:38 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, r0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001800)={r1, &(0x7f0000000740)="8e0e7482a0c24da1b8410ddfd072c8ff1d4be1a8b7de4c0b613cbf5262af3cacefb25d2617bd9f2a674a6ccbef642b405454c4ed22d2267197056e7a7a268586136d5dcc3e3bae0b445afd1e914389271cc11a73df087bbed6964aca55289ad50ea563743fc666fdd81887ad832e13dd9a1198add79c2116b19e7958898f2b132399e7b5ea0e8ebcaa5e3296cd7104b8b35ff58bfcd60a4eec28e59ad190", &(0x7f0000000800)=""/4096}, 0x18) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r1, &(0x7f0000000000)="9130374fd40a64a3238c3766d86b1c48a55886e442a30cd0cbbff163505b109f140b319c60c8b6d3faa2b822f4145344262bab5c10bcd850", &(0x7f0000000040)=""/216}, 0x18) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00'}) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000300)={0x0, 0x1}, 0x8) socket$bt_bnep(0x1f, 0x3, 0x4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000b3dfc8)={&(0x7f0000001580)={0x10}, 0xc, &(0x7f00000015c0)={&(0x7f0000abf000)={0x14, 0x22, 0x109, 0x0, 0x0, {0x4}}, 0x14}, 0x1}, 0x0) preadv(r1, &(0x7f00000006c0)=[{&(0x7f00000001c0)=""/158, 0x9e}, {&(0x7f0000000140)=""/32, 0x20}, {&(0x7f0000000280)=""/94, 0x5e}, {&(0x7f0000000300)=""/78, 0x4e}, {&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f0000000440)=""/174, 0xae}, {&(0x7f0000000500)=""/255, 0xff}, {&(0x7f0000000600)=""/177, 0xb1}], 0x8, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) getsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000001840), &(0x7f0000001880)=0x4) 2018/04/01 00:14:38 executing program 5: mkdir(&(0x7f0000000080)='./file0\x00', 0x3f) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x20800, 0x0) statx(r0, &(0x7f00000000c0)='./file0/file0\x00', 0x6000, 0x0, &(0x7f0000000100)) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:38 executing program 4: mkdir(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffbc) 2018/04/01 00:14:38 executing program 6 (fault-call:0 fault-nth:32): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:38 executing program 7: r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x80000001, 0x8000) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@getneightbl={0x14, 0x42, 0x200, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4008010) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000200)=0x200) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:38 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:38 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000b5dfa8)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305-simd\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = dup(r1) r3 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x40) fallocate(r3, 0x0, 0x0, 0x7ff) sendfile(r2, r3, &(0x7f0000000000), 0x7fffffff) sendto$unix(r2, &(0x7f0000000040)=' ', 0x1, 0x0, &(0x7f0000000140)=@abs, 0x6e) 2018/04/01 00:14:38 executing program 3: r0 = open(&(0x7f0000000200)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0xa, 0x4) getsockname$netrom(r0, &(0x7f0000000000), &(0x7f0000000240)=0x10) write$vnet(r0, &(0x7f0000000180)={0x1, {&(0x7f0000000040)=""/218, 0xda, &(0x7f0000000140)=""/4, 0x3}}, 0x68) [ 237.698516] FAT-fs (loop0): Directory bread(block 12) failed [ 237.704999] FAT-fs (loop0): Directory bread(block 13) failed [ 237.713184] FAT-fs (loop0): Directory bread(block 14) failed [ 237.719151] FAT-fs (loop0): Directory bread(block 15) failed [ 237.781858] FAULT_INJECTION: forcing a failure. [ 237.781858] name failslab, interval 1, probability 0, space 0, times 0 [ 237.793238] CPU: 1 PID: 19386 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 237.800422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.809768] Call Trace: [ 237.812355] dump_stack+0x194/0x24d [ 237.815985] ? arch_local_irq_restore+0x53/0x53 [ 237.820649] ? __save_stack_trace+0x7e/0xd0 [ 237.824974] should_fail+0x8c0/0xa40 2018/04/01 00:14:38 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x238}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x105800, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x8000, @loopback={0x0, 0x1}, 0x8}, 0x1c) prctl$intptr(0x4, 0x5) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_opts(r1, 0x29, 0x36, &(0x7f0000000100)=""/183, &(0x7f0000000200)=0xb7) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty, 0x2}, 0x1c) connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x800}, 0x1c) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000240)={{{@in6, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000380)={@ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, @local={0xfe, 0x80, [], 0xaa}, @mcast1={0xff, 0x1, [], 0x1}, 0x80, 0xdd3b, 0x1, 0x100, 0x10001, 0x8000000c, r2}) [ 237.828689] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 237.833787] ? kasan_kmalloc+0xad/0xe0 [ 237.836269] FAT-fs (loop0): Directory bread(block 6) failed [ 237.837662] ? kmem_cache_alloc_trace+0x136/0x740 [ 237.837674] ? __memcg_init_list_lru_node+0x169/0x270 [ 237.837683] ? __list_lru_init+0x544/0x750 [ 237.837691] ? sget_userns+0x6b1/0xe40 [ 237.837700] ? mount_fs+0x66/0x2d0 [ 237.837708] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 237.837717] ? do_mount+0xea4/0x2bb0 [ 237.846671] FAT-fs (loop0): Directory bread(block 7) failed [ 237.848240] ? SyS_mount+0xab/0x120 [ 237.848252] ? do_syscall_64+0x281/0x940 [ 237.848266] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 237.848280] ? find_held_lock+0x35/0x1d0 [ 237.848292] ? __lock_is_held+0xb6/0x140 [ 237.900200] ? check_same_owner+0x320/0x320 [ 237.904507] ? rcu_note_context_switch+0x710/0x710 [ 237.909421] should_failslab+0xec/0x120 [ 237.913377] kmem_cache_alloc_trace+0x4b/0x740 [ 237.917936] ? __kmalloc_node+0x33/0x70 [ 237.921886] ? __kmalloc_node+0x33/0x70 [ 237.925841] ? rcu_read_lock_sched_held+0x108/0x120 [ 237.930855] __memcg_init_list_lru_node+0x169/0x270 [ 237.935853] ? list_lru_add+0x7c0/0x7c0 [ 237.939807] ? __kmalloc_node+0x47/0x70 [ 237.943762] __list_lru_init+0x544/0x750 [ 237.947802] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 237.953666] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 237.958662] ? lockdep_init_map+0x9/0x10 [ 237.962701] sget_userns+0x6b1/0xe40 [ 237.966390] ? kill_litter_super+0x90/0x90 [ 237.970605] ? ns_test_super+0x50/0x50 [ 237.974472] ? destroy_unused_super.part.6+0xd0/0xd0 [ 237.979550] ? do_raw_spin_trylock+0x190/0x190 [ 237.984113] ? kobject_put+0x6b/0x250 [ 237.987895] ? blkdev_get+0x3a1/0xb00 [ 237.991698] ? cap_capable+0x1b5/0x230 [ 237.995562] ? __blkdev_get+0x13b0/0x13b0 [ 237.999689] ? security_capable+0x8e/0xc0 [ 238.003815] ? kill_litter_super+0x90/0x90 [ 238.008030] ? ns_capable_common+0xcf/0x160 [ 238.012331] ? ns_test_super+0x50/0x50 [ 238.016194] ? kill_litter_super+0x90/0x90 [ 238.020405] sget+0xd2/0x120 [ 238.023406] mount_bdev+0x109/0x370 [ 238.027013] ? fuse_get_root_inode+0x190/0x190 [ 238.031579] fuse_mount_blk+0x34/0x40 [ 238.035364] mount_fs+0x66/0x2d0 [ 238.038715] vfs_kern_mount.part.26+0xc6/0x4a0 [ 238.043274] ? may_umount+0xa0/0xa0 [ 238.046882] ? _raw_read_unlock+0x22/0x30 [ 238.051006] ? __get_fs_type+0x8a/0xc0 [ 238.054881] do_mount+0xea4/0x2bb0 [ 238.058404] ? copy_mount_string+0x40/0x40 [ 238.062616] ? rcu_pm_notify+0xc0/0xc0 [ 238.066486] ? copy_mount_options+0x5f/0x2e0 [ 238.070869] ? rcu_read_lock_sched_held+0x108/0x120 [ 238.075862] ? kmem_cache_alloc_trace+0x459/0x740 [ 238.080683] ? kasan_check_write+0x14/0x20 [ 238.084895] ? _copy_from_user+0x99/0x110 [ 238.089029] ? copy_mount_options+0x1f7/0x2e0 [ 238.093501] SyS_mount+0xab/0x120 [ 238.096933] ? copy_mnt_ns+0xb30/0xb30 [ 238.100802] do_syscall_64+0x281/0x940 [ 238.104668] ? vmalloc_sync_all+0x30/0x30 [ 238.108793] ? _raw_spin_unlock_irq+0x27/0x70 [ 238.113268] ? finish_task_switch+0x1c1/0x7e0 [ 238.117743] ? syscall_return_slowpath+0x550/0x550 [ 238.122651] ? syscall_return_slowpath+0x2ac/0x550 [ 238.127560] ? prepare_exit_to_usermode+0x350/0x350 [ 238.132556] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 238.137899] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 238.142724] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 238.147891] RIP: 0033:0x454e79 [ 238.151055] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 238.158757] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 238.166007] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 238.173259] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 2018/04/01 00:14:38 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2680, 0x0) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000040)={0x2, 0x1, 0x3}) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080)=0x6, 0x4) 2018/04/01 00:14:38 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 238.180504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.187751] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:38 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) [ 238.227237] FAT-fs (loop0): Directory bread(block 8) failed [ 238.240044] FAT-fs (loop0): Directory bread(block 9) failed [ 238.249376] FAT-fs (loop0): Directory bread(block 10) failed [ 238.257000] FAT-fs (loop0): Directory bread(block 11) failed 2018/04/01 00:14:38 executing program 4: mkdir(&(0x7f0000000000)='./file0\x00', 0x80) [ 238.272962] FAT-fs (loop0): Directory bread(block 12) failed [ 238.306214] FAT-fs (loop0): Directory bread(block 13) failed [ 238.321713] FAT-fs (loop0): Directory bread(block 14) failed [ 238.340926] FAT-fs (loop0): Directory bread(block 15) failed 2018/04/01 00:14:38 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') r0 = creat(&(0x7f00000000c0)='./file1/file0\x00', 0x40) r1 = socket$can_raw(0x1d, 0x3, 0x1) r2 = eventfd(0x1000) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = open(&(0x7f0000000400)='./file1/file0\x00', 0x4000, 0xa0) r5 = signalfd4(0xffffffffffffff9c, &(0x7f0000000440)={0x7}, 0x8, 0x80800) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) r7 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) r8 = memfd_create(&(0x7f00000004c0)='\x00', 0x2) r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sequencer2\x00', 0x0, 0x0) r10 = ioctl$KVM_CREATE_VM(0xffffffffffffff9c, 0xae01, 0x0) r11 = openat(0xffffffffffffffff, &(0x7f0000000540)='./file1/file0\x00', 0x20000, 0x8) r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x8, &(0x7f0000000580)=@raw=[@generic={0xffffffffffff3a0e, 0xac3, 0x0, 0x7d2c00000}, @exit={0x95}, @map={0x18, 0xf, 0x1}, @ldst={0x3, 0x3, 0x3, 0x2, 0x7, 0xfffffff4, 0xfffffffffffffffd}], &(0x7f00000005c0)='syzkaller\x00', 0x5, 0xc1, &(0x7f0000000600)=""/193, 0x41100, 0x1}, 0x48) r13 = dup(0xffffffffffffff9c) r14 = syz_open_dev$sndpcmc(&(0x7f0000000780)='/dev/snd/pcmC#D#c\x00', 0x400, 0x8002) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00000007c0)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = syz_init_net_socket$nfc_raw(0x27, 0x1, 0x0) r17 = openat$dir(0xffffffffffffff9c, &(0x7f0000000800)='./file1\x00', 0x2000, 0x20) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f0000000840)={0xffffffffffffffff, 0xffffffffffffffff}) r19 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r20 = dup(0xffffffffffffff9c) r21 = accept$packet(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000b40)=0x14) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000b80)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000bc0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r0, &(0x7f0000000c40)=[{&(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000180)="828a3388071f94a707f1ca9236ac7ce650bdb14d4676aaf77c02c07c411490a348d0acb9d40029ed88445148f0ae5d65c0915bd7f40e41205ba6a8c020454f364148c18b75b3c3327ee8ef56b9223818d1a4d2467369eda622f6045d90a3a89173d9f2f2bd651ed442a5649c8a92a5b24de4c4f67e9341be942ed759b62920fdc9fb192a6d98606f9ce5439430c7759e6fe87d01db4c87bc23887f8b579610c0a2f5990d2d0c6f25ac712dd11b5355aa77ea", 0xb2}, {&(0x7f0000000240)="d28dc42dc59faa9f808fa0ada46c74a97ef99003f1782a4371260dafa2b0d687d8b3cd3240ccaaa882e83e17b89e4cb51ff64ebdfe0bb36e0cbf2fce13ffc1ee86d23d9b2defb829733163674d72c6787b0fdfcc360a5afe4be9092936c9c69787ab6286a20f3ad99b6a9168a14ca4eadcc27df7e5e0dbfc82ccfecfe2e340b988921f4a55a34187811bbdbc34dae04a52af7ca1660dd4b490a1af0e69bf0bfbff0dea71ef18bf13b6f50755d35a9b637895c48e5f5b27c2eea2", 0xba}, {&(0x7f0000000300)="10299fc86b44a0de1b7bff286d1b3262b0b773b4d658388e751c41832ec9ec64dc133012ddb3b01e1c861396354e4f97813aa5125ff8d36c065c319e29665e8ffcbffbd9197feea34f19947b178b372da40435ed77ff6f876360f07a1a3478be4085545c416da1978fac90967de5593d50493ae81b4d3b211a7a2bb744a98cc9f0910c222a5a05fe13618e50ed2d03bc1f45591dd59b6bef4b3f97c815ad32aa715e06312b26", 0xa6}], 0x3, &(0x7f0000000880)=[@rights={0x28, 0x1, 0x1, [r1, r2, r3, r4, r5]}, @rights={0x30, 0x1, 0x1, [r6, r7, r8, r9, r10, r11, r12]}, @rights={0x20, 0x1, 0x1, [r13, r14, r15]}, @rights={0x20, 0x1, 0x1, [r16, r17, r18]}], 0x98, 0x8040}, {&(0x7f0000000940)=@file={0x1, './file1/file0\x00'}, 0x6e, &(0x7f0000000ac0)=[{&(0x7f00000009c0)="ea00b69bb4a6e101d45735bd8b61200abc1fc429b6896b52d20818d1127467a9282781c7653ecdfcec22628afc5f34cfbd7d1b57019d924560519b7da4b77084a5571a71216c1c5a35d64e286eb6776c06e8e086cc64f3450b9487b5cdd356e1183fb9dea109d36c03798c6aecb7999eb3b011d548c51f94c2c0c33b7cd8b8f8af40dcfe508acea863847809fb08b61dfcdf156eac49dc233a401eee3c851dd10bb948331ff7bee8708fa00e56e96c8c75a4bff9c590697710ac8a0603cce1aa0e080f10bcda39", 0xc7}], 0x1, &(0x7f0000000c00)=[@rights={0x18, 0x1, 0x1, [r19, r20]}, @rights={0x20, 0x1, 0x1, [r21, r22, r23]}], 0x38, 0x1}], 0x2, 0x4c000) 2018/04/01 00:14:38 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) bind(r0, &(0x7f0000000080)=@llc={0x1a, 0x33d, 0x837, 0x3, 0x10001, 0x2064, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x80) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x0, 0x0) epoll_wait(r1, &(0x7f0000000100)=[{}, {}, {}, {}, {}], 0x5, 0xffffffff) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:38 executing program 6 (fault-call:0 fault-nth:33): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:38 executing program 2: r0 = socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) sysfs$1(0x1, &(0x7f0000000000)='wlan1system\x00') sendmmsg(r1, &(0x7f0000000a40), 0x3d86ece6cc649f6, 0x0) r2 = gettid() timer_create(0x0, &(0x7f00005b6000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r2, 0x1000000000016) 2018/04/01 00:14:38 executing program 3: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) fallocate(r0, 0x1, 0x8001, 0x1) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4) 2018/04/01 00:14:38 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x0, 0x0) write(r0, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:38 executing program 1: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f0000000880)='./file0\x00', &(0x7f0000000840)='./file0\x00', &(0x7f0000982ff9)='mqueue\x00', 0x0, &(0x7f0000653fff)) r0 = creat(&(0x7f00000003c0)='./file0/bus\x00', 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000040)="30a2f3a0b6ea872419f2bba8b0072f2f4bd7b19ff3306678f49a9124d479384032a58af75141b8c0670ee71cf8b907d0af6c7b3302293c80cd846ca0fbfdffc1c025283c5ac6c1e17c3ffe4c5f2b36876c6bd6f5569a7d69446346b33078b792a793826a8332a76871f4c769547fb4478c62a030780ffc74dea293afec677665f07d27ab1a760657426485398831f4b813000510772c1c648bbe92ee98154121cb77dc19048776a9c6a7cf4c8d6d0a38b988bf3141982adb5e2b4bf247e1f1a2e11fd73aa7ae50cfec57eebd6700d2ff", 0xd0}, {&(0x7f0000000140)="dc05390d561bcdfdab4b8a1526088163bcb6d7e7c2a015359a34fbdb21983fa755f2324d233f8a7e249e7fdd5e7c0b0381187fb9abceadcc984687a11526b3b73b61e414d253b8dc85eee3bcf35858125c9768e5b213c7198f5139afa7e4e5f9477aba629e1d10dd7920b92f8ac94ecde860a72deb973d210aa1558875cda30cedb97f5c19f59132e3329ad2fffb2127ca17cf97e16ca6d8818f12208f3bb34d78187d082f9398aabe56da5c5283a4aab284b51ad7f1b85ef347f6fdcdc9b7382b", 0xc1}], 0x2) syz_mount_image$vfat(&(0x7f0000000280)='vfat\x00', &(0x7f00000002c0)='./file0/bus\x00', 0x100000001, 0x6, &(0x7f0000000700)=[{&(0x7f0000000300)="cc5dee6adbe4be248a9ce7386d8dd05c9feb080e8accca645d7f25f3aa3cd22559931a9f9b", 0x25}, {&(0x7f0000000340)="ea25c6b16ba700e475830c4d049e90df1c9009053d727e182c2caadef0013c8fe8b62702dd39b9902684d37b6187afb4d8e7b2ad2bec9d6facb0204b59c8b22ff7da8bd035077923d64ca08f1224297e8a24bf2c060914ea375f41a1053eefc969db26c315ed6a57f26abeabf2f20d", 0x6f, 0x4}, {&(0x7f0000000400)="c9a3fd7b817b3c4e0ab7e76584bccae12ad9393eb7e359a56f96ada3a4078132e74cdb943aca024ad3d2c6be48350fd60637fc56084b61c2e13d45ca5a36c997a180c7b610e22d01ef1fddb5adf29aa47624feef45f5bf8deee07486fb61f2efdff6fb42e11c618da6d66bad5d39b46930a4a19b549c50cb1e1e51bb9f3439ce93b272620a8012f0c020556cb9394603fc27ca8c025f051973d7848a612c1ef3cf2d3a6ca678c56105a4a05649ac6e91fc056db1426dccaa68dd5593702cd1c88509051e938f0b35ea46e0f670128e0c563890b78ea1c32d78a0ecd7a62a5abc8cf6368bd71f9f02", 0xe8, 0x2235d5eb}, {&(0x7f0000000500)="60754d86492269fba5a0519dc6d94a879e52ce8b57eb9a4800161917a78267ed417d58e0f848528ccf671f308a78aec21fc0dfcd0a0c5daaf892b8775b390e6d3abe502e225b5d2f6a2fa3fa49d6f095893505af2f46bb29b7002df953d9741ba181e59aac7bced78085e39889d7c680c65478bbc3629adb9af4e315578322c3289614e01782b471ed3a443ea55b42b233b4bbe3d704199637cfc4cec7d27951094cbf5c03b69b73a40b86912bff62f06fc08acf28", 0xb5, 0x4}, {&(0x7f00000005c0)="d4cc16a2b2e21f46c7b3c5d65c665ca26e79cc7f66e1526f66f86991a14ae263cccbbcd19393d2e8f7ed8b5adef01dc9956c2226f6d47857b7977305e88a129e589602bc716bba9824243e92b31dc0c19db94e781de28c202c764b5ff8e45bc8537a0093dbad23264aedde9a4f20e7c9c7429420d799f29ea339c0fa8184a9f2ef6592f2d2996c606fe02e36db351d52e47d644df9a49a00f23461", 0x9b}, {&(0x7f0000000680)="1036414788f3f4b1a22254a0f5ab6825e11c7d719622fc22e9b632b53d0442ad7ab3b100be7d37d16133f9487f3efb64483fd0fd586360172aeb547b2f36705414ac923e093cff1ca6b9415e6191058d6669534108192fec5ef3d6792851fd2136a12461dfb5b6", 0x67}], 0x100008, &(0x7f00000007c0)={[{@time_offset={'time_offset', 0x3d, [0x35, 0x35, 0x34, 0x0, 0x3f, 0x39, 0x38, 0x39]}, 0x2c}, {@nfs_nostale_ro='nfs=nostale_ro', 0x2c}, {@codepage={'codepage', 0x3d, '861'}, 0x2c}, {@tz_utc='tz=UTC', 0x2c}, {@sys_immutable='sys_immutable', 0x2c}, {@quiet='quiet', 0x2c}, {@quiet='quiet', 0x2c}]}) unshare(0x401) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000940)) r1 = getpgid(0xffffffffffffffff) mq_notify(r0, &(0x7f0000000b40)={0x0, 0x23, 0x3, @tid=r1}) 2018/04/01 00:14:38 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x210102, 0x18) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000040)={0x2, 0x2, 0xff60, 0xffffffffffffff66, [], [], [], 0x4, 0x726, 0x483, 0x10a9a013, "0ede6f88929dcbf5b499ac902720027d"}) [ 238.468831] FAULT_INJECTION: forcing a failure. [ 238.468831] name failslab, interval 1, probability 0, space 0, times 0 [ 238.480142] CPU: 1 PID: 19426 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 238.487328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.496674] Call Trace: [ 238.499266] dump_stack+0x194/0x24d [ 238.502897] ? arch_local_irq_restore+0x53/0x53 [ 238.507570] ? __save_stack_trace+0x7e/0xd0 [ 238.511904] should_fail+0x8c0/0xa40 [ 238.515622] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 238.520717] ? kasan_kmalloc+0xad/0xe0 [ 238.524595] ? kmem_cache_alloc_trace+0x136/0x740 [ 238.529432] ? __memcg_init_list_lru_node+0x169/0x270 [ 238.535212] ? __list_lru_init+0x544/0x750 [ 238.539439] ? sget_userns+0x6b1/0xe40 [ 238.543331] ? mount_fs+0x66/0x2d0 [ 238.546868] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 238.549536] FAT-fs (loop0): Directory bread(block 6) failed [ 238.551613] ? do_mount+0xea4/0x2bb0 [ 238.551622] ? SyS_mount+0xab/0x120 [ 238.551634] ? do_syscall_64+0x281/0x940 [ 238.551647] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 238.551661] ? find_held_lock+0x35/0x1d0 [ 238.551672] ? __lock_is_held+0xb6/0x140 [ 238.568233] FAT-fs (loop0): Directory bread(block 7) failed [ 238.568727] ? check_same_owner+0x320/0x320 [ 238.568743] ? rcu_note_context_switch+0x710/0x710 [ 238.585117] FAT-fs (loop0): Directory bread(block 8) failed [ 238.587857] should_failslab+0xec/0x120 [ 238.587869] kmem_cache_alloc_trace+0x4b/0x740 [ 238.587878] ? __kmalloc_node+0x33/0x70 [ 238.587885] ? __kmalloc_node+0x33/0x70 [ 238.587896] ? rcu_read_lock_sched_held+0x108/0x120 [ 238.587911] __memcg_init_list_lru_node+0x169/0x270 [ 238.587922] ? list_lru_add+0x7c0/0x7c0 [ 238.587932] ? __kmalloc_node+0x47/0x70 [ 238.598220] FAT-fs (loop0): Directory bread(block 9) failed [ 238.602828] __list_lru_init+0x544/0x750 [ 238.602843] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 238.602856] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 238.602870] ? lockdep_init_map+0x9/0x10 [ 238.602882] sget_userns+0x6b1/0xe40 2018/04/01 00:14:39 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0/control\x00', &(0x7f00000000c0)='cramfs\x00', 0x20, &(0x7f0000000100)="b2b35b21e23900fe8ce6679c9ce2b81842a2fb90038f4124a9f13f81af7bf076cd3351a5") 2018/04/01 00:14:39 executing program 4: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x2000, 0x0) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000240)='bridge0\x00') getsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f00000001c0)=""/58, &(0x7f0000000200)=0x3a) write$vnet(r0, &(0x7f0000000140)={0x1, {&(0x7f0000000040)=""/66, 0x42, &(0x7f00000000c0)=""/86, 0x3}}, 0xffffff7c) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 238.602890] ? kill_litter_super+0x90/0x90 [ 238.602901] ? ns_test_super+0x50/0x50 [ 238.602911] ? destroy_unused_super.part.6+0xd0/0xd0 [ 238.607488] FAT-fs (loop0): Directory bread(block 10) failed [ 238.611420] ? do_raw_spin_trylock+0x190/0x190 [ 238.611435] ? kobject_put+0x6b/0x250 [ 238.611449] ? blkdev_get+0x3a1/0xb00 [ 238.611462] ? cap_capable+0x1b5/0x230 [ 238.611470] ? __blkdev_get+0x13b0/0x13b0 [ 238.611482] ? security_capable+0x8e/0xc0 [ 238.611492] ? kill_litter_super+0x90/0x90 [ 238.611500] ? ns_capable_common+0xcf/0x160 2018/04/01 00:14:39 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') [ 238.611510] ? ns_test_super+0x50/0x50 [ 238.615613] FAT-fs (loop0): Directory bread(block 11) failed [ 238.619405] ? kill_litter_super+0x90/0x90 [ 238.619413] sget+0xd2/0x120 [ 238.619426] mount_bdev+0x109/0x370 [ 238.619436] ? fuse_get_root_inode+0x190/0x190 [ 238.619449] fuse_mount_blk+0x34/0x40 [ 238.619459] mount_fs+0x66/0x2d0 [ 238.619473] vfs_kern_mount.part.26+0xc6/0x4a0 [ 238.619484] ? may_umount+0xa0/0xa0 [ 238.619495] ? _raw_read_unlock+0x22/0x30 [ 238.625159] FAT-fs (loop0): Directory bread(block 12) failed 2018/04/01 00:14:39 executing program 4: r0 = shmget$private(0x0, 0x3000, 0x1002, &(0x7f0000ffd000/0x3000)=nil) r1 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0xfffffffffffffb04, 0x400080) ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f00000001c0)=""/48) ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000140)={0x8, 0x2, 0x8, 0x8}) shmctl$IPC_INFO(r0, 0x3, &(0x7f0000000000)=""/207) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:39 executing program 6 (fault-call:0 fault-nth:34): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 238.629471] ? __get_fs_type+0x8a/0xc0 [ 238.629484] do_mount+0xea4/0x2bb0 [ 238.629497] ? copy_mount_string+0x40/0x40 [ 238.629509] ? rcu_pm_notify+0xc0/0xc0 [ 238.629523] ? copy_mount_options+0x5f/0x2e0 [ 238.629533] ? rcu_read_lock_sched_held+0x108/0x120 [ 238.629543] ? kmem_cache_alloc_trace+0x459/0x740 [ 238.629553] ? kasan_check_write+0x14/0x20 [ 238.633639] FAT-fs (loop0): Directory bread(block 13) failed [ 238.637448] ? _copy_from_user+0x99/0x110 [ 238.637460] ? copy_mount_options+0x1f7/0x2e0 [ 238.637471] SyS_mount+0xab/0x120 [ 238.637479] ? copy_mnt_ns+0xb30/0xb30 [ 238.637491] do_syscall_64+0x281/0x940 [ 238.637501] ? vmalloc_sync_all+0x30/0x30 [ 238.637511] ? _raw_spin_unlock_irq+0x27/0x70 [ 238.637521] ? finish_task_switch+0x1c1/0x7e0 [ 238.637531] ? syscall_return_slowpath+0x550/0x550 [ 238.643742] FAT-fs (loop0): Directory bread(block 14) failed [ 238.647247] ? syscall_return_slowpath+0x2ac/0x550 [ 238.647258] ? prepare_exit_to_usermode+0x350/0x350 [ 238.647270] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 2018/04/01 00:14:39 executing program 7: mkdir(&(0x7f0000000480)='./file1/file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') r0 = accept4$ipx(0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000180)=0x10, 0x800) recvfrom$ipx(r0, &(0x7f00000001c0)=""/165, 0xa5, 0x40000000, &(0x7f0000000280)={0x4, 0x4c3, 0x8, "ec6b93c4da61", 0x4}, 0x10) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000100)) r1 = open(&(0x7f00000000c0)='./file1/file0\x00', 0x224000, 0x181) mount(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)='./file1\x00', &(0x7f0000000340)='jfs\x00', 0x100000, &(0x7f0000000380)="02afb1c9ab0598f68f3435a4fbec9e96a9999dad520ceba657ab250735cab43368a2758ef2bbdfc89f17d6c024ba921c3b816d1e27f3a527a90feec6df7d7fb32d0738db7039b3edbb3312f9cbeee0e9844c7c51fc59876670bd4dacf68f322c5bd4c605a25d23e577cec75a83e65df8aefd721c769c7b01e27f4e559f73a2ef0c4e87838023ca08736182e579906d31e91ed7674b") ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000000)) [ 238.647283] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 238.647297] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 238.647304] RIP: 0033:0x454e79 [ 238.647314] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 238.647325] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 238.653323] FAT-fs (loop0): Directory bread(block 15) failed [ 238.658168] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 238.658173] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 238.658178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.658183] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 238.891658] FAULT_INJECTION: forcing a failure. [ 238.891658] name failslab, interval 1, probability 0, space 0, times 0 [ 238.942977] CPU: 1 PID: 19463 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 238.950156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.959503] Call Trace: [ 238.962088] dump_stack+0x194/0x24d [ 238.965718] ? arch_local_irq_restore+0x53/0x53 [ 238.970383] ? __save_stack_trace+0x7e/0xd0 [ 238.974708] should_fail+0x8c0/0xa40 [ 238.978421] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 238.983522] ? kasan_kmalloc+0xad/0xe0 [ 238.987406] ? kmem_cache_alloc_trace+0x136/0x740 [ 238.992248] ? __memcg_init_list_lru_node+0x169/0x270 [ 238.997432] ? __list_lru_init+0x544/0x750 [ 239.001664] ? sget_userns+0x6b1/0xe40 [ 239.005582] ? mount_fs+0x66/0x2d0 [ 239.009138] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 239.013890] ? do_mount+0xea4/0x2bb0 [ 239.017601] ? SyS_mount+0xab/0x120 [ 239.021221] ? do_syscall_64+0x281/0x940 [ 239.025285] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 239.030650] ? find_held_lock+0x35/0x1d0 [ 239.034706] ? __lock_is_held+0xb6/0x140 [ 239.038769] ? check_same_owner+0x320/0x320 [ 239.043087] ? rcu_note_context_switch+0x710/0x710 [ 239.048015] should_failslab+0xec/0x120 [ 239.051991] kmem_cache_alloc_trace+0x4b/0x740 [ 239.056574] ? __kmalloc_node+0x33/0x70 [ 239.060544] ? __kmalloc_node+0x33/0x70 [ 239.064511] ? rcu_read_lock_sched_held+0x108/0x120 [ 239.069526] __memcg_init_list_lru_node+0x169/0x270 [ 239.074530] ? list_lru_add+0x7c0/0x7c0 [ 239.078484] ? __kmalloc_node+0x47/0x70 [ 239.082439] __list_lru_init+0x544/0x750 [ 239.086479] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 239.092341] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 239.097336] ? lockdep_init_map+0x9/0x10 [ 239.101374] sget_userns+0x6b1/0xe40 [ 239.105064] ? kill_litter_super+0x90/0x90 [ 239.109292] ? ns_test_super+0x50/0x50 [ 239.113165] ? destroy_unused_super.part.6+0xd0/0xd0 [ 239.118250] ? do_raw_spin_trylock+0x190/0x190 [ 239.122843] ? kobject_put+0x6b/0x250 [ 239.126624] ? blkdev_get+0x3a1/0xb00 [ 239.130409] ? cap_capable+0x1b5/0x230 [ 239.134278] ? __blkdev_get+0x13b0/0x13b0 [ 239.138404] ? security_capable+0x8e/0xc0 [ 239.142533] ? kill_litter_super+0x90/0x90 [ 239.146743] ? ns_capable_common+0xcf/0x160 [ 239.151046] ? ns_test_super+0x50/0x50 [ 239.154908] ? kill_litter_super+0x90/0x90 [ 239.159123] sget+0xd2/0x120 [ 239.162137] mount_bdev+0x109/0x370 [ 239.165754] ? fuse_get_root_inode+0x190/0x190 [ 239.170319] fuse_mount_blk+0x34/0x40 [ 239.174101] mount_fs+0x66/0x2d0 [ 239.177451] vfs_kern_mount.part.26+0xc6/0x4a0 [ 239.182011] ? may_umount+0xa0/0xa0 [ 239.185630] ? _raw_read_unlock+0x22/0x30 [ 239.189760] ? __get_fs_type+0x8a/0xc0 [ 239.193624] do_mount+0xea4/0x2bb0 [ 239.197140] ? copy_mount_string+0x40/0x40 [ 239.201349] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 239.206347] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 239.211097] ? retint_kernel+0x10/0x10 [ 239.214958] ? copy_mount_options+0x18b/0x2e0 [ 239.219433] ? copy_mount_options+0x196/0x2e0 [ 239.223916] ? copy_mount_options+0x1f7/0x2e0 [ 239.228392] SyS_mount+0xab/0x120 [ 239.231820] ? copy_mnt_ns+0xb30/0xb30 [ 239.235685] do_syscall_64+0x281/0x940 [ 239.239554] ? vmalloc_sync_all+0x30/0x30 [ 239.243688] ? _raw_spin_unlock_irq+0x27/0x70 [ 239.248160] ? finish_task_switch+0x1c1/0x7e0 [ 239.252643] ? syscall_return_slowpath+0x550/0x550 [ 239.257571] ? syscall_return_slowpath+0x2ac/0x550 [ 239.262477] ? prepare_exit_to_usermode+0x350/0x350 [ 239.267471] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 239.272812] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 239.277645] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 239.282812] RIP: 0033:0x454e79 [ 239.285982] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 239.293679] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 239.300942] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 239.308203] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 239.315461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.322713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:39 executing program 5: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dsp\x00', 0x642, 0x0) openat$cgroup_int(r0, &(0x7f0000000380)='cpuset.mem_exclusive\x00', 0x2, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x8, 0x2200) ioctl$FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000240)=r2) r3 = syz_open_dev$admmidi(&(0x7f0000000300)='/dev/admmidi#\x00', 0x3, 0x4000) mkdir(&(0x7f0000000280)='./file0/file0\x00', 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) ioctl$DRM_IOCTL_AGP_INFO(r1, 0x80386433, &(0x7f00000002c0)=""/40) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) socket$inet6_udp(0xa, 0x2, 0x0) syz_fuse_mount(&(0x7f0000000000)='./file0\x00', 0x2, r4, r5, 0x3, 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') socket$bt_bnep(0x1f, 0x3, 0x4) openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ppp\x00', 0x48100, 0x0) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r3, 0x84, 0x6, &(0x7f0000000400)={0x0, @in6={{0xa, 0x4e21, 0x1, @remote={0xfe, 0x80, [], 0xbb}, 0x95d3}}}, &(0x7f00000004c0)=0x84) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000500)={r6}, &(0x7f0000000540)=0x8) 2018/04/01 00:14:39 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x8, 0x6000) r1 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x400, 0x111000) accept4$ipx(r0, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x800) renameat(r0, &(0x7f0000000040)='./file0\x00', r1, &(0x7f00000000c0)='./file0\x00') 2018/04/01 00:14:39 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(0xffffffffffffffff, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:39 executing program 2: perf_event_open(&(0x7f000025c000)={0x4, 0x70, 0x3e3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x258, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0106434, &(0x7f00000000c0)) r0 = socket(0x0, 0xb, 0xff) ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000fedf98)={&(0x7f000000d000)=[0x7, 0x6], 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8cfbc89fefc282b0e9b6d1b29d5500b5ff74b06ccbd9dee8c886586975b5446e"}}) getsockopt(r0, 0x0, 0x53, &(0x7f000000d000)=""/8, &(0x7f0000fedffc)=0x28) prctl$setname(0xf, &(0x7f0000000a80)="92ac856499a1942e5ed49cb120ba1bcfa9d8861f709484baad2572400da09502579034bb867530b9faa4abca7bc28f287e7100a5cab49fcc73f90268dcf74ff19c428c07da32c5") setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x3, 0x628, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200001c0], 0x0, &(0x7f0000000040), &(0x7f0000000b00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff02000000c0e49f8b40000000ffff79616d30000000000000000000000000000000000000000000000000000000006c6f0000000000000000000000000000766c616e300000000000000000000000aaaaaaaaaabbff00ffff00ffffffffffffff00c4ff0000ff00003801000000020000300200007068797364657600000000000000000000000000000000000000000000000000700000000000000069726c616e30000000000000000000000000000000000000000000000000ff0000000000000000000000000000006970366772657461703000000000000000000000000000000000000000ff0000000000000000000000000000002504000000000000000000000000000000000000006367726f757000000000000000000000000000000000000000000000000000000800000000000000080000000100000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000100000073797a30000000000000000000000000000000000000000000000000e3000000000000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000060000000700060000000000cd0b61c9b6bfbb27e19ab1187608884353031c660285603c4f105613ee9848e6556f066e781c72f24db438ca099fe5283fccd5dc1e8b95472a1f24afe2ce60e40000000000000000000000000000000000000000000000000000000000000000000000000800000000000000fbffff0900000004000000889f6e7230000000000000000000000000006970646470300000000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000000000000000ffffff0000ff0180c2000003ff000000ffff0000e000000088010000b8010000636f6e6e627974657300000000000000000000000000000000000000000000001800000000000000060000000000000007000000000000000002000000000000636f6e6e6c6162656c0000000000000000000000000000000000000000000000080000000000000000000100000000004e464c4f470000000000000000000000000000000000000000000000000000005000000000000000e7ffffff0500ca00000000001ea954f5671f1e66b6cac8cd49491344816d16156b9346ae23194c82891ba18aea912596f81b995a1519a5473be40a6967ff6e581f2b90903e6d7ce6a1687e6000000000415544495400000000000000000000000000000000000000000000000000000008000000000000000200000000000000434c4153534946590000000000000000000000000000000000000000000000000800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000002000000feffffff010000000d00000000000000001a627071300000000000000000000000000000000000000000000000000000000069705f76746930000000000000000000697036677265746170300000000000000180c200000e0000ffffff00aaaaaaaaaa12ffff000000ff0000a80000004801000080010000636c75737465720000000000000000000000000000000000000000000000000010000000000000000800000007000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000900000073797a31000000000000000000000000000000000000000000000000010000000000000049444c4554494d455200000000000000000000000000000000000000000000002800000000000000ffffffff73797a300000000000000000000000000000000000000000000000000200000000000000646e617400000000000000000000000000000000000000000000146c9cdc000010000000000000006ef04ae035420000fdffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff0000000078a383090833bb94375d79e0887bf319eb0331b439fec609459a101023aab946890b69465072bde9e7f0b938a30432a36c77243a482063984da16f0d01860760e78eeea7f1107ef664c81496b579e4f86fa8ef974648664f881cc2b1fbf628d9639ae6b0c897f6e96c175442bc797075950ca9e05dad48e04199f4ce942eacdcaa5b7b8d51c47686c585d71866448bbc1437fcdd3dcc60"]}, 0x732) shmget$private(0x0, 0x1000, 0x78000820, &(0x7f0000ffc000/0x1000)=nil) shmget$private(0x0, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil) r1 = shmget$private(0x0, 0x2000, 0x8, &(0x7f0000ffb000/0x2000)=nil) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0xf2, 0x8801) ioctl$KDDELIO(r2, 0x4b35, 0x5) shmget(0x1, 0x2000, 0x800, &(0x7f0000ffb000/0x2000)=nil) shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffa000/0x3000)=nil) shmget$private(0x0, 0x1000, 0x54000000, &(0x7f0000ffa000/0x1000)=nil) shmget$private(0x0, 0x600000, 0x78000086, &(0x7f0000a00000/0x600000)=nil) shmctl$SHM_UNLOCK(r1, 0xc) 2018/04/01 00:14:39 executing program 3: fallocate(0xffffffffffffffff, 0x0, 0x0, 0x4) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=0x0) syz_open_procfs(r0, &(0x7f0000000080)='net/unix\x00') 2018/04/01 00:14:39 executing program 1: r0 = socket(0xa, 0x802, 0x0) r1 = socket(0xa, 0x1, 0x0) getsockopt$inet6_tcp_buf(r1, 0x6, 0x1f, &(0x7f0000000040)=""/41, &(0x7f0000000080)=0x29) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000000000090000000000feff0000000002"]) ioctl(r1, 0x8916, &(0x7f0000000000)) connect$inet6(r0, &(0x7f00003b6fe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl(r1, 0x8936, &(0x7f0000000000)) sendmmsg$unix(r0, &(0x7f0000003fc0)=[{&(0x7f00000000c0)=@abs, 0x8, &(0x7f0000000080)}], 0x1, 0x0) 2018/04/01 00:14:39 executing program 6 (fault-call:0 fault-nth:35): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 239.406778] FAULT_INJECTION: forcing a failure. [ 239.406778] name failslab, interval 1, probability 0, space 0, times 0 [ 239.418076] CPU: 1 PID: 19484 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 239.425263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.434608] Call Trace: [ 239.437195] dump_stack+0x194/0x24d [ 239.440824] ? arch_local_irq_restore+0x53/0x53 [ 239.445492] ? __save_stack_trace+0x7e/0xd0 [ 239.449814] should_fail+0x8c0/0xa40 [ 239.453533] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 239.458635] ? kasan_kmalloc+0xad/0xe0 [ 239.462516] ? kmem_cache_alloc_trace+0x136/0x740 [ 239.467356] ? __memcg_init_list_lru_node+0x169/0x270 [ 239.472539] ? __list_lru_init+0x544/0x750 [ 239.476770] ? sget_userns+0x6b1/0xe40 [ 239.480656] ? mount_fs+0x66/0x2d0 [ 239.484188] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 239.488938] ? do_mount+0xea4/0x2bb0 [ 239.492644] ? SyS_mount+0xab/0x120 [ 239.496272] ? do_syscall_64+0x281/0x940 [ 239.500332] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 239.505697] ? find_held_lock+0x35/0x1d0 [ 239.509757] ? __lock_is_held+0xb6/0x140 [ 239.513819] ? check_same_owner+0x320/0x320 [ 239.518145] ? rcu_note_context_switch+0x710/0x710 [ 239.519331] FAT-fs (loop0): Directory bread(block 6) failed [ 239.523070] should_failslab+0xec/0x120 [ 239.523083] kmem_cache_alloc_trace+0x4b/0x740 [ 239.523094] ? __kmalloc_node+0x33/0x70 [ 239.523104] ? __kmalloc_node+0x33/0x70 [ 239.523115] ? rcu_read_lock_sched_held+0x108/0x120 [ 239.523128] __memcg_init_list_lru_node+0x169/0x270 2018/04/01 00:14:39 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') r0 = socket(0xb, 0x7, 0x80000001) stat(&(0x7f0000000bc0)='./file1/file0\x00', &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(0xffffffffffffff9c, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000640)={0x0}, &(0x7f0000000680)=0xc) fstat(0xffffffffffffff9c, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000740)='./file1\x00', &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getpgid(0xffffffffffffffff) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000800)={0x0, 0x0}, &(0x7f0000000840)=0xc) stat(&(0x7f0000000880)='./file1/file0\x00', &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r10 = accept$netrom(0xffffffffffffffff, &(0x7f0000000980)=@full, &(0x7f0000000a00)=0x48) r11 = userfaultfd(0x80800) r12 = accept4$vsock_stream(0xffffffffffffff9c, &(0x7f0000000a40)={0x28, 0x0, 0x2711, @hyper}, 0x10, 0x800) sendmsg$unix(r0, &(0x7f0000000b00)={&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000140)="5cb507302beb3aff1665fb89b25a25b7d9370dca954dc0922d13962233deb5b3c617559bf69eec4f7bfc5c795a2c653b34fdd7a00f6147a90ba415c51871ffdc7a4ff90e08e1a7843c0488324ebfa31321381c30631cbb8d31a95fe936ada2d93a82297b75d27ea53e4b846793b4d39ccfb54447757000e54fac071fa263ee8625695d01f2daaa04469542e23e311c8c253620e3a8b24a9f137c959dd4ac4efdea1e00ff7aeb7b570bbd7081057bfbd060a35d0a27629d08034b9c26791d3ecf253398a3d58c69166097a4dbabc7cf60f6197662e8d19d68f090435fd7", 0xdd}, {&(0x7f0000000240)="36f81f53d693d754fe91bb8590b4706c74c87d23768282d2993f7b3c44b39ce9207641b37babf53736b2808f9ca1b3fe7c36c6fcd8a66b8658223b53de3bd8440b92333d454e39b153d60b358621fddcf9aa94452db04ca2d1ce71a284896a95b48db5fddc5399915f4f9d75ff8832e2546c728b9464ceed6cd834ac749ee2837e74301a966ad49707395326a2ea4392b85a7e4309dc632c704598e18617447e7ea167acd47caa15fbd2ed43b0b940104092100fb4ac17e2dfcffbc8aa85b4bf0e4805ffbffb7e736e59a598d01e42cb75f08f45aa0f68b25ad48b709e883d576b091391183d395b69f6e3342073f66f3a28ad9a0860223960a692c4ffaf", 0xfe}, {&(0x7f0000000340)="71be19feed31af2c214e4d89f15d492574d273213555e22cf47133ab92df3bf3ec97928597d704684c29acac26638b0434488a76328ed8ea4264e86b5da67240a0e2ec23c773427a6b8d79034b2196973474bbe2aeac9167b4204981d62790090ee744a64c806c9fa5e2f80312dc2970dc1b38ec58b71d0ac8fc1fec6f9d60103e0a74a2b6809ece03d1d3bd5fcfc3995db582fab0e42a67c51acf755981a0f758cfaf1a3aa8c9b3a76ca2123bb37c80b27c7908bb36c45420a0e7b35b22b91c8b908c1f1795549c1ee4572e16", 0xcd}, {&(0x7f0000000440)="c7e047643562dcb60ca418b98fcf7ec01b05f81a0bbb7c8d0df0a658f203535cda26214e5b06893e", 0x28}], 0x4, &(0x7f0000000a80)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0000000020060000000007000000000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r9, @ANYRES32=r10, @ANYRES32=r11, @ANYRES32=r12], 0x80, 0x800}, 0x4004001) accept$packet(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000b40)=0x14) bind$bt_hci(r0, &(0x7f0000000b80)={0x1f, r13, 0x3}, 0xc) 2018/04/01 00:14:40 executing program 2: r0 = socket(0x40000000015, 0x5, 0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x10000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000000c0)={r1, 0x0, 0x10}, &(0x7f0000000100)=0xc) bind$inet(r0, &(0x7f00008a5ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @broadcast=0xffffffff}, 0x10) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000180), 0x4) [ 239.523140] ? list_lru_add+0x7c0/0x7c0 [ 239.523147] ? __kmalloc_node+0x47/0x70 [ 239.523159] __list_lru_init+0x544/0x750 [ 239.534492] FAT-fs (loop0): Directory bread(block 7) failed [ 239.537390] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 239.537403] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 239.537418] ? lockdep_init_map+0x9/0x10 [ 239.537430] sget_userns+0x6b1/0xe40 [ 239.537437] ? kill_litter_super+0x90/0x90 [ 239.537448] ? ns_test_super+0x50/0x50 [ 239.537458] ? destroy_unused_super.part.6+0xd0/0xd0 [ 239.537466] ? do_raw_spin_trylock+0x190/0x190 [ 239.537480] ? kobject_put+0x6b/0x250 [ 239.537494] ? blkdev_get+0x3a1/0xb00 [ 239.537508] ? cap_capable+0x1b5/0x230 [ 239.541947] FAT-fs (loop0): Directory bread(block 8) failed [ 239.545414] ? __blkdev_get+0x13b0/0x13b0 [ 239.545427] ? security_capable+0x8e/0xc0 [ 239.545438] ? kill_litter_super+0x90/0x90 [ 239.545449] ? ns_capable_common+0xcf/0x160 [ 239.545458] ? ns_test_super+0x50/0x50 [ 239.545466] ? kill_litter_super+0x90/0x90 [ 239.545474] sget+0xd2/0x120 2018/04/01 00:14:40 executing program 3: r0 = open(&(0x7f0000000240)='./bus\x00', 0x141042, 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x0}, {}, {}]}) ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f0000000200)={r1, &(0x7f0000000100)=""/238}) setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000040)=0x2, 0x4) fallocate(r0, 0x0, 0x0, 0x4) ioctl$DRM_IOCTL_ADD_MAP(r0, 0xc0286415, &(0x7f0000000000)={&(0x7f0000ffc000/0x2000)=nil, 0x3ff, 0x0, 0x14, &(0x7f0000ffc000/0x4000)=nil, 0x7}) 2018/04/01 00:14:40 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) r0 = accept(0xffffffffffffff9c, &(0x7f0000000000)=@pppoe={0x0, 0x0, {0x0, @local}}, &(0x7f0000000080)=0x80) sendmsg$kcm(r0, &(0x7f0000000400)={&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x3, @loopback=0x7f000001}}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000140)="97088eca597f2f34852851f483f878418f578250aa43bd8b58105aab38ee9e2ee3bd2fc4103cafd2a73724083f96a099b46034c60ad8ff339166a94ec5040c167a89cb5338c007a8ad45bacdafdbf6cb2c1706faa510d2f03db0cf", 0x5b}, {&(0x7f00000001c0)="d902886e0975e36c7b044af5219df5ede0e27080995f5fb456f25c2a88eb3b5d841a55d96278c4ded5b36790080f62300adacbb481700a1a2d24fc6f4afea5adf086fda4f860054a254595f457060423b10df519671dd7b517a59d800cb2cf612069f46273a7067918e4a2fdde4a4064d93e776536a4182394feea5f85d3c17e8b0c997582bad1f2179689f42ffb68cf60", 0x91}], 0x2, &(0x7f00000002c0)=[{0x50, 0x10f, 0x5, "7546d85c09cc4eabcc6d1d1739d5e9333af79ac8e0084fb6e2c57b644d1c41bc8cbbe8406c162119079904c169c93ee36a58b5c3163991f76ac0"}, {0x10, 0x19f, 0x3ff}, {0xe0, 0x18c, 0x1, "961c6439ef411cdbbc2429554178c1c0e0b1b38acc31d46eac2d31de03ddbb9e48b3be7ecbbb7e3e0e9002371536428b04c7d244f237bd6cb10e5f288abca8880bdc57d307cc294832de9acb3379aee40fbbebd14e4bcf0c1586534c845cd828d74632bf1497a9c0fea2796662a71c8aef2a36a731546177f325f3570dfd926ddf809dcacb00a1b8dfd1caab84b9612361e05a42629d2b6dda1e495ee9841214882cd3e43a853a7c096059df1103939917522bbc187596e81dbbac0527a8f22bececc8d91b5ca091f71f24fc"}], 0x140}, 0x10) [ 239.545485] mount_bdev+0x109/0x370 [ 239.545496] ? fuse_get_root_inode+0x190/0x190 [ 239.545508] fuse_mount_blk+0x34/0x40 [ 239.545518] mount_fs+0x66/0x2d0 [ 239.545532] vfs_kern_mount.part.26+0xc6/0x4a0 [ 239.545540] ? may_umount+0xa0/0xa0 [ 239.545552] ? _raw_read_unlock+0x22/0x30 [ 239.551695] FAT-fs (loop0): Directory bread(block 9) failed [ 239.555541] ? __get_fs_type+0x8a/0xc0 [ 239.555554] do_mount+0xea4/0x2bb0 [ 239.555568] ? copy_mount_string+0x40/0x40 [ 239.555580] ? rcu_pm_notify+0xc0/0xc0 2018/04/01 00:14:40 executing program 6 (fault-call:0 fault-nth:36): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:40 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x800, 0x90200) getsockopt$inet_buf(r0, 0x0, 0x25, &(0x7f0000000180)=""/210, &(0x7f0000000080)=0xd2) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:40 executing program 2: mq_open(&(0x7f0000000000)=')em0-GPL-\x00', 0x81, 0x40, &(0x7f00000000c0)={0x40, 0x0, 0x2, 0x1, 0x7, 0x3ff, 0xffff, 0x9}) clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f0000dacfc9)) mknod(&(0x7f0000000080)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000578fe8), &(0x7f0000775000)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00') pread64(r0, &(0x7f00009f3000), 0x352, 0x0) lseek(r0, 0x0, 0x1) open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27e, 0x0) [ 239.555594] ? copy_mount_options+0x5f/0x2e0 [ 239.555603] ? rcu_read_lock_sched_held+0x108/0x120 [ 239.555613] ? kmem_cache_alloc_trace+0x459/0x740 [ 239.555629] ? copy_mount_options+0x1f7/0x2e0 [ 239.555640] SyS_mount+0xab/0x120 [ 239.555647] ? copy_mnt_ns+0xb30/0xb30 [ 239.555658] do_syscall_64+0x281/0x940 [ 239.555670] ? vmalloc_sync_all+0x30/0x30 [ 239.561042] FAT-fs (loop0): Directory bread(block 10) failed [ 239.563572] ? _raw_spin_unlock_irq+0x27/0x70 [ 239.563583] ? finish_task_switch+0x1c1/0x7e0 [ 239.563596] ? syscall_return_slowpath+0x550/0x550 [ 239.563606] ? syscall_return_slowpath+0x2ac/0x550 [ 239.563617] ? prepare_exit_to_usermode+0x350/0x350 [ 239.563628] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 239.563641] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 239.563656] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 239.563664] RIP: 0033:0x454e79 [ 239.563669] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 239.563681] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 2018/04/01 00:14:40 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.net\x00', 0x200002, 0x0) fchdir(r0) r1 = syz_open_dev$sg(&(0x7f00000024c0)='/dev/sg#\x00', 0x0, 0x88400) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000002500)={[], 0x4b9, 0x7f910fbf, 0x6640, 0x0, 0x0, 0x4, 0xd000, [], 0x7}) mkdir(&(0x7f0000002700)='./file0\x00', 0x2000000000) unlink(&(0x7f0000000080)='./file0/file0\x00') r2 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x9e9a, 0x204200) setrlimit(0x1000000000000007, &(0x7f000068d000)) acct(&(0x7f0000002740)='./file0/file0\x00') bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0x5, 0x1, 0xc32, 0x8}, 0x2c) setsockopt$nfc_llcp_NFC_LLCP_RW(r2, 0x118, 0x0, &(0x7f0000000180), 0x4) mknod$loop(&(0x7f0000000200)='./file0/file0\x00', 0x100, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg$kcm(r3, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000140)=""/9, 0x9}, {&(0x7f0000000280)=""/36, 0x24}, {&(0x7f00000002c0)=""/150, 0x96}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/72, 0x48}], 0x5, &(0x7f0000001480)=""/4096, 0x1000, 0x5}, 0x40000021) ioctl$EVIOCGABS20(0xffffffffffffffff, 0x80184560, &(0x7f0000000080)) rmdir(&(0x7f00000000c0)='./file0\x00') unlink(&(0x7f0000000000)='./file1\x00') ioctl$sock_bt_cmtp_CMTPCONNADD(r4, 0x400443c8, &(0x7f00000026c0)={r0, 0x9}) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x7, &(0x7f0000d17ffc)=0x5, 0x4) getsockopt$inet6_tcp_int(r5, 0x6, 0x7, &(0x7f00001dcffc), &(0x7f0000d21ffc)=0x4) inotify_init() 2018/04/01 00:14:40 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x90) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) capset(&(0x7f00000fc000)={0x19980330}, &(0x7f0000244000)) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='ns/pid\x00') setns(r0, 0x0) r1 = accept4(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000100)=0x80, 0x80800) syz_mount_image$gfs2(&(0x7f0000000140)='gfs2\x00', &(0x7f0000000180)='./file0\x00', 0x8, 0x4, &(0x7f0000000340)=[{&(0x7f00000001c0)="c079ce0cc3fa2d9e62b56217cf98d7afeba2c0cbd2ab4426c92316ffd46435a13631545f1518daaf7a6f03ff8e76c2fea6", 0x31, 0x3}, {&(0x7f0000000200), 0x0, 0x2}, {&(0x7f0000000240), 0x0, 0x5}, {&(0x7f0000000280)="bab2adc45e8dca5df4905a48d327b5e94fde8c998e7ee9632f82787163d7f5e5a35f737d3390aac74102d486506ee2936bfb88665e0d766c80cb3ae4e6290b758e77f92ad07991820e840bed071dfbb6ef074361b6f5a29aed1dcd6f1b0a66d3f266e0bdbd5a7fdc3883fd3aadf97293e5c6fbac08ac08b142191741fdb1b4c667758a8fd2c4cf7ee442a08c42713d6cea2b0204e5e48c83eac9412b4303", 0x9e, 0x2}], 0x80000, &(0x7f00000003c0)={[{@lockproto_nolock='lockproto=lock_nolock', 0x2c}, {@quota_on='quota=on', 0x2c}, {@loccookie='loccookie', 0x2c}]}) recvmsg$kcm(r1, &(0x7f00000005c0)={&(0x7f0000000200)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000000500)=[{&(0x7f0000000400)=""/56, 0x38}, {&(0x7f0000000440)=""/156, 0x9c}], 0x2, &(0x7f0000000540)=""/70, 0x46}, 0x0) accept4$alg(r1, 0x0, 0x0, 0x800) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x1, 0x4) [ 239.568492] FAT-fs (loop0): Directory bread(block 11) failed [ 239.573400] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 239.573406] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 239.573411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.573416] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 239.846574] FAULT_INJECTION: forcing a failure. [ 239.846574] name failslab, interval 1, probability 0, space 0, times 0 [ 239.852344] FAT-fs (loop0): Directory bread(block 12) failed [ 239.857856] CPU: 1 PID: 19522 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 239.864584] FAT-fs (loop0): Directory bread(block 13) failed [ 239.870781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 239.870786] Call Trace: [ 239.870805] dump_stack+0x194/0x24d [ 239.870820] ? arch_local_irq_restore+0x53/0x53 [ 239.870831] ? __save_stack_trace+0x7e/0xd0 [ 239.870849] should_fail+0x8c0/0xa40 [ 239.876972] FAT-fs (loop0): Directory bread(block 14) failed [ 239.885963] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 239.885975] ? kasan_kmalloc+0xad/0xe0 [ 239.885986] ? kmem_cache_alloc_trace+0x136/0x740 [ 239.896305] FAT-fs (loop0): Directory bread(block 15) failed [ 239.896796] ? __memcg_init_list_lru_node+0x169/0x270 [ 239.935256] ? __list_lru_init+0x544/0x750 [ 239.939485] ? sget_userns+0x6b1/0xe40 [ 239.943368] ? mount_fs+0x66/0x2d0 [ 239.946901] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 239.951648] ? do_mount+0xea4/0x2bb0 [ 239.955347] ? SyS_mount+0xab/0x120 [ 239.958966] ? do_syscall_64+0x281/0x940 [ 239.963023] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 239.968384] ? find_held_lock+0x35/0x1d0 [ 239.972440] ? __lock_is_held+0xb6/0x140 [ 239.976501] ? check_same_owner+0x320/0x320 [ 239.980820] ? rcu_note_context_switch+0x710/0x710 [ 239.985752] should_failslab+0xec/0x120 [ 239.989720] kmem_cache_alloc_trace+0x4b/0x740 [ 239.994294] ? __kmalloc_node+0x33/0x70 [ 239.998259] ? __kmalloc_node+0x33/0x70 [ 240.002234] ? rcu_read_lock_sched_held+0x108/0x120 [ 240.007246] __memcg_init_list_lru_node+0x169/0x270 [ 240.012257] ? list_lru_add+0x7c0/0x7c0 [ 240.013725] attempt to access beyond end of device [ 240.016224] ? __kmalloc_node+0x47/0x70 [ 240.016238] __list_lru_init+0x544/0x750 [ 240.016251] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 240.016263] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 240.016278] ? lockdep_init_map+0x9/0x10 [ 240.016289] sget_userns+0x6b1/0xe40 [ 240.016298] ? kill_litter_super+0x90/0x90 [ 240.016309] ? ns_test_super+0x50/0x50 2018/04/01 00:14:40 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) flistxattr(r0, &(0x7f0000000040)=""/40, 0x28) renameat(r0, &(0x7f0000000080)='./bus\x00', r0, &(0x7f00000000c0)='./bus\x00') fallocate(r0, 0x0, 0x0, 0x4) fsync(r0) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000140)={'vlan0\x00'}) setsockopt$inet6_MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000100)={0x8, 0x1, 0x4, 0xff, 0x2}, 0xc) 2018/04/01 00:14:40 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000080)='./file0/control\x00', 0x1) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x1, 0xffffffffffffffff}) prctl$setfpexc(0xc, 0x80) ioctl$TIOCSBRK(r0, 0x5427) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)=ANY=[@ANYBLOB="0700000100000000000000004ef784000300"], 0x12) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000040), 0x1) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:40 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(0xffffffffffffffff, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) [ 240.016319] ? destroy_unused_super.part.6+0xd0/0xd0 [ 240.016325] ? do_raw_spin_trylock+0x190/0x190 [ 240.016338] ? kobject_put+0x6b/0x250 [ 240.021272] loop0: rw=2049, want=40, limit=6 [ 240.025208] ? blkdev_get+0x3a1/0xb00 [ 240.025222] ? cap_capable+0x1b5/0x230 [ 240.025228] ? __blkdev_get+0x13b0/0x13b0 [ 240.025239] ? security_capable+0x8e/0xc0 [ 240.089647] ? kill_litter_super+0x90/0x90 [ 240.093877] ? ns_capable_common+0xcf/0x160 [ 240.098199] ? ns_test_super+0x50/0x50 [ 240.102086] ? kill_litter_super+0x90/0x90 [ 240.106315] sget+0xd2/0x120 2018/04/01 00:14:40 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) rt_sigaction(0x1c, &(0x7f0000000100)={0x0, {0x8}, 0x10000000, 0x1}, &(0x7f0000001180), 0x8, &(0x7f0000001240)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x1, 0x0) recvfrom$unix(r0, &(0x7f0000000180)=""/4096, 0x1000, 0x2000, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e22}, 0x6e) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f00000011c0)='./file0/control\x00', &(0x7f0000001200)='./file0/file0\x00') socket$can_raw(0x1d, 0x3, 0x1) 2018/04/01 00:14:40 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) [ 240.109331] mount_bdev+0x109/0x370 [ 240.112949] ? fuse_get_root_inode+0x190/0x190 [ 240.117523] fuse_mount_blk+0x34/0x40 [ 240.121315] mount_fs+0x66/0x2d0 [ 240.124679] vfs_kern_mount.part.26+0xc6/0x4a0 [ 240.129253] ? may_umount+0xa0/0xa0 [ 240.132877] ? _raw_read_unlock+0x22/0x30 [ 240.137018] ? __get_fs_type+0x8a/0xc0 [ 240.140904] do_mount+0xea4/0x2bb0 [ 240.144439] ? copy_mount_string+0x40/0x40 [ 240.148674] ? rcu_pm_notify+0xc0/0xc0 [ 240.152559] ? copy_mount_options+0x5f/0x2e0 2018/04/01 00:14:40 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000080)="440d09033f00000000000000ec", 0xd) r1 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r1, 0x0, 0x0, 0x4) [ 240.156962] ? rcu_read_lock_sched_held+0x108/0x120 [ 240.161970] ? kmem_cache_alloc_trace+0x459/0x740 [ 240.166811] ? kasan_check_write+0x14/0x20 [ 240.171041] ? _copy_from_user+0x99/0x110 [ 240.175180] ? copy_mount_options+0x1f7/0x2e0 [ 240.179674] SyS_mount+0xab/0x120 [ 240.183117] ? copy_mnt_ns+0xb30/0xb30 [ 240.187002] do_syscall_64+0x281/0x940 [ 240.190881] ? vmalloc_sync_all+0x30/0x30 [ 240.195018] ? _raw_spin_unlock_irq+0x27/0x70 [ 240.199508] ? finish_task_switch+0x1c1/0x7e0 [ 240.203995] ? syscall_return_slowpath+0x550/0x550 2018/04/01 00:14:40 executing program 1: r0 = socket$netlink(0x2, 0x5, 0x0) r1 = dup(r0) r2 = getpid() perf_event_open(&(0x7f0000000000)={0x7, 0x70, 0x6, 0x2, 0x3, 0x361f35b, 0x0, 0x2, 0x800, 0xb, 0x80000001, 0x5, 0x1000, 0x3, 0xffffffffffff8001, 0x1, 0x5, 0x80, 0x8, 0xdc, 0x0, 0x1d0, 0x96f, 0x7ff, 0x8000, 0x9, 0x4, 0x9, 0x9, 0x0, 0x2, 0x9, 0xfffffffffffffff7, 0x3, 0x1, 0x7ff, 0x52, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0xfffffffffffffffa}, 0x1000, 0x4, 0x9, 0x6, 0x0, 0xff00000000, 0x6}, r2, 0x2, r1, 0x8) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r1, 0x84, 0x7d, &(0x7f0000004e80), 0xff09) [ 240.208917] ? syscall_return_slowpath+0x2ac/0x550 [ 240.213838] ? prepare_exit_to_usermode+0x350/0x350 [ 240.218847] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 240.224209] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 240.229049] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 240.234229] RIP: 0033:0x454e79 [ 240.237406] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 240.245110] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 240.252370] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 2018/04/01 00:14:40 executing program 7: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x400, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@mcast2, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}}}, &(0x7f0000000240)=0xe8) stat(&(0x7f0000000280)='./file1/file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r0, &(0x7f0000000100)='./file0\x00', r1, r2, 0x1400) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:40 executing program 3: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) r2 = accept4$ax25(0xffffffffffffff9c, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x800) r3 = syz_open_dev$sndmidi(&(0x7f0000000140)='/dev/snd/midiC#D#\x00', 0xd3, 0x40) kcmp(r0, r1, 0x0, r2, r3) r4 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r4, 0x0, 0x0, 0x4) 2018/04/01 00:14:40 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) r0 = memfd_create(&(0x7f0000000000)='proc.user-\x00', 0x2) pivot_root(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000200)='./file0/control\x00') ioctl$DRM_IOCTL_INFO_BUFS(r0, 0xc0106418, &(0x7f00000000c0)={0x1, 0x1e6ef484, 0x7f, 0x989, 0x10, 0x1}) mknodat(r0, &(0x7f0000000080)='./file0/control\x00', 0x8000, 0x7) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x20, @empty, 0x20}, @in6={0xa, 0x4e23, 0x4000, @loopback={0x0, 0x1}, 0xcac7}, @in6={0xa, 0x4e24, 0x2, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x10}}, 0x1b76b6e5}], 0x54) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) 2018/04/01 00:14:40 executing program 1: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000588ff1)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0xaf01, &(0x7f00001e3000)) r1 = eventfd(0x0) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000080)={0xffffffffffffffff}) setsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f00000000c0)={0x0, 0x7f}, 0x8) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x0, r1}) unshare(0x400) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000000)={0x0, r1}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000140)=0x5) [ 240.259631] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 240.266891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.274150] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:40 executing program 6 (fault-call:0 fault-nth:37): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 240.446452] FAULT_INJECTION: forcing a failure. [ 240.446452] name failslab, interval 1, probability 0, space 0, times 0 [ 240.457774] CPU: 0 PID: 19594 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 240.461201] FAT-fs (loop0): Directory bread(block 6) failed [ 240.464956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.464961] Call Trace: [ 240.464979] dump_stack+0x194/0x24d [ 240.464993] ? arch_local_irq_restore+0x53/0x53 [ 240.465004] ? __save_stack_trace+0x7e/0xd0 [ 240.465021] should_fail+0x8c0/0xa40 [ 240.465031] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 240.465043] ? kasan_kmalloc+0xad/0xe0 [ 240.479959] FAT-fs (loop0): Directory bread(block 7) failed [ 240.480089] ? kmem_cache_alloc_trace+0x136/0x740 [ 240.480100] ? __memcg_init_list_lru_node+0x169/0x270 [ 240.480112] ? __list_lru_init+0x544/0x750 [ 240.482890] FAT-fs (loop0): Directory bread(block 8) failed [ 240.486285] ? sget_userns+0x6b1/0xe40 [ 240.486297] ? mount_fs+0x66/0x2d0 [ 240.486309] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 240.486318] ? do_mount+0xea4/0x2bb0 [ 240.486326] ? SyS_mount+0xab/0x120 [ 240.486334] ? do_syscall_64+0x281/0x940 [ 240.486347] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 240.491108] FAT-fs (loop0): Directory bread(block 9) failed [ 240.495294] ? find_held_lock+0x35/0x1d0 [ 240.495307] ? __lock_is_held+0xb6/0x140 [ 240.495326] ? check_same_owner+0x320/0x320 [ 240.495339] ? rcu_note_context_switch+0x710/0x710 [ 240.495354] should_failslab+0xec/0x120 [ 240.499130] FAT-fs (loop0): Directory bread(block 10) failed [ 240.504116] kmem_cache_alloc_trace+0x4b/0x740 [ 240.504125] ? __kmalloc_node+0x33/0x70 [ 240.504133] ? __kmalloc_node+0x33/0x70 [ 240.504144] ? rcu_read_lock_sched_held+0x108/0x120 [ 240.504158] __memcg_init_list_lru_node+0x169/0x270 [ 240.504169] ? list_lru_add+0x7c0/0x7c0 [ 240.504177] ? __kmalloc_node+0x47/0x70 [ 240.504189] __list_lru_init+0x544/0x750 [ 240.508178] FAT-fs (loop0): Directory bread(block 11) failed [ 240.515381] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 240.515393] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 240.515407] ? lockdep_init_map+0x9/0x10 [ 240.515419] sget_userns+0x6b1/0xe40 [ 240.515427] ? kill_litter_super+0x90/0x90 [ 240.515439] ? ns_test_super+0x50/0x50 [ 240.520350] FAT-fs (loop0): Directory bread(block 12) failed [ 240.525421] ? destroy_unused_super.part.6+0xd0/0xd0 [ 240.525429] ? do_raw_spin_trylock+0x190/0x190 [ 240.525442] ? kobject_put+0x6b/0x250 [ 240.525455] ? blkdev_get+0x3a1/0xb00 [ 240.525468] ? cap_capable+0x1b5/0x230 [ 240.525475] ? __blkdev_get+0x13b0/0x13b0 [ 240.525486] ? security_capable+0x8e/0xc0 [ 240.529785] FAT-fs (loop0): Directory bread(block 13) failed [ 240.535383] ? kill_litter_super+0x90/0x90 [ 240.535393] ? ns_capable_common+0xcf/0x160 [ 240.535401] ? ns_test_super+0x50/0x50 [ 240.535408] ? kill_litter_super+0x90/0x90 [ 240.535415] sget+0xd2/0x120 [ 240.535427] mount_bdev+0x109/0x370 [ 240.535438] ? fuse_get_root_inode+0x190/0x190 [ 240.535448] fuse_mount_blk+0x34/0x40 [ 240.535456] mount_fs+0x66/0x2d0 [ 240.553383] FAT-fs (loop0): Directory bread(block 14) failed [ 240.554869] vfs_kern_mount.part.26+0xc6/0x4a0 [ 240.554881] ? may_umount+0xa0/0xa0 [ 240.554893] ? _raw_read_unlock+0x22/0x30 [ 240.554902] ? __get_fs_type+0x8a/0xc0 [ 240.554914] do_mount+0xea4/0x2bb0 [ 240.554930] ? copy_mount_string+0x40/0x40 [ 240.565807] FAT-fs (loop0): Directory bread(block 15) failed [ 240.569996] ? rcu_pm_notify+0xc0/0xc0 [ 240.570011] ? copy_mount_options+0x5f/0x2e0 [ 240.570020] ? rcu_read_lock_sched_held+0x108/0x120 [ 240.570032] ? kmem_cache_alloc_trace+0x459/0x740 [ 240.570043] ? kasan_check_write+0x14/0x20 [ 240.570054] ? _copy_from_user+0x99/0x110 [ 240.570065] ? copy_mount_options+0x1f7/0x2e0 [ 240.570076] SyS_mount+0xab/0x120 [ 240.570085] ? copy_mnt_ns+0xb30/0xb30 [ 240.584930] attempt to access beyond end of device [ 240.587361] do_syscall_64+0x281/0x940 [ 240.587371] ? vmalloc_sync_all+0x30/0x30 [ 240.587383] ? _raw_spin_unlock_irq+0x27/0x70 [ 240.587393] ? finish_task_switch+0x1c1/0x7e0 [ 240.587404] ? syscall_return_slowpath+0x550/0x550 [ 240.587413] ? syscall_return_slowpath+0x2ac/0x550 [ 240.587422] ? prepare_exit_to_usermode+0x350/0x350 [ 240.587433] ? retint_user+0x18/0x18 [ 240.591410] loop0: rw=2049, want=40, limit=6 [ 240.597162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 240.597179] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 240.597187] RIP: 0033:0x454e79 [ 240.597194] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 240.878585] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 240.885831] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 240.893082] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 240.900326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.907580] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:41 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) 2018/04/01 00:14:41 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) fchmodat(r0, &(0x7f0000000100)='./bus\x00', 0x40000000000120) 2018/04/01 00:14:41 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) syz_mount_image$xfs(&(0x7f00000000c0)='xfs\x00', &(0x7f0000000100)='./file1/file0\x00', 0x81, 0x6, &(0x7f0000001580)=[{&(0x7f0000000140)="2613eaa8e536b409a0692137a0d97d8204d42a0ec321803dee65461567200ddbe655de0350cce6461db3db83d703e98e6df85895de9f087388f3e79150b84680bac632f9b884c137237b959f0475fde759b1f5012b1c37b8713a7f9c6410a2932d379f2f8cce44a041b3fa9172940142703831b8a5b5ea6200633dbe3329cfc08b9b71846a4171d38fcf4742e874a174db514a9e8652267c27606c81e693615e3726ef7d7a1c2203c516254c4655d10d795f9020c4aa85849d9e4318fca1d2a023b486924810f09b90924b5cbd0c12dfca9f3ad9146d97dd1a0a6948269f76ccb2d15069f59bc29286c88356f59789589c06bfdad94db4", 0xf7, 0x80000001}, {&(0x7f0000000240)="d0b041e4cd4daad4fd247ed022aa2d0a7aae32b80261740533cabc6e1951ab94fa0f11c4d066b625d399c98c6764c22797190501f40153a46aa89a487f098690cd9994784e7e54a3393f86e5906f4d5fe6fc0906d0dda3e25fe26a8b287377111eb792e9a6e3e0cc45937d8e0f9101bd9b093aa336f460f488419bdd6372a0e0c03a60840cc169cc0fd7d39af617833468d136056d54441cc6f35d609b0a7aeb26756a49ba4360886c102d31f78ba2bc2fb03d06109cb7d3d1c90efe431cf9ed20fcce1cd9ad8038a821", 0xca}, {&(0x7f0000001740)="f3a71aa4c5b8fa0928ae5ebfdd508555fc7448dc0a296a04ef3bb4ac565d036afd164d536a791c3768dab8d6ecd04bf2df20c0aa7eefc08a42d684bc1f4ebd49b05472b6375e1976cdebcbbae283a5cd42ee6c78b040beee18444332f3557594b3a30c654e5846bf6ea474451a3586ff4ba9ed3244e23593838bf30b114f5a291accdd370d4585fae7b1eb0692ac83c904a12b01f0fa16f2e2a0acc8631dbbabd993f5309fdca3f1e83df303dba6123b1c1eb5665c2f4eb893f562abcadc5502bf64eaaf5d04ef2f03306c75d67b18faa70000000000000000000043ffd1edfb45157dac442a2c88c24dc80c2e7178fc59f7fec0b4ffd09f4d3cc621c28a6b0f34f6941554dde71394b3bb29e613288581df452369fc2733bd3e0899b9f1b517c73284be6a06fe5f600265f1d20947a91f2e5829a4ddcfab5b65d07ae00e3fd7f1bd49685cc2d6ba72dbe61af4c934dd4e152af099a0947b7316b5c5263bf18c0e9a0e39c1630710e93306faaa62293b2c83248b5e9607230bf8080a1b51e11530bd91f1d097ee971a23053c34df00f08cdbea91e523", 0x196, 0x5}, {&(0x7f0000000440)="e9674f6c92dee1581484c4a070d81d3b5d592e87c18f97e2380c5e381971ee0a768f189f0e0729ce99f7f6a1a751f1fa304dbfe663", 0x35, 0x6}, {&(0x7f0000000480)="3593e9be61a12306cacd879b1ffc7eff041c41a2596c3fb0e16e29744527e1199cb9c1205e6c64da05ff484fb40660372878ee958597e128468d1dd89c0923ad8b5892cc424685f3765ae91ad8463628cb3bb1bfdf37dff62cd1e8018287f0207e46b2fc1593777751d89edf0f73d9fa3c770b4287f3b8b2e913600cc6773f381ef3d796eb0a28b7b20763ed37b6843741f7b85736f5a9f3dc3f47a7454fac839b283cf629c8e331e174b64e031cdce84fd3380e4400f935d30e61d5765eaacdb070dc232619d7c1114f55a3c1ac77359f5b97c5ca3e230a8661f2d36999b062271311b8de76bddd3a482a5ca7ba0ba755509ca657dbad9586f45223efc1f65792ab223c17709b977a29c3e5bcf759819fc135a6ee12df2a1767855a6de90a7c4320162ec2553b5b898eef611d66a0c662bb03ac14058709a0bdf9527763651f1478fe4392fadfbe336ff722c7d7bdd003e95bfcc95893d85df0772082b3fe0d149b87a49f00f78a751c917243580bad3fcc03fcad69052dafaff214acfb3e94dcc01dd985756030622ad14e250abb712b73686c498e178d050a4d225bdb2aca51777e52306d48a18e29f05763459a5671ce6d1f2cbc4b6e24ed8605a92d36a9c686e07d933ee7aa21daa10e583f624bf8b261d73919fb786ed9b2725f6c850a2bd0fa7369bb2761fe893c99e5a5b6cf188d6f4007970ab33fe61207b1aa79709104aea09686dede53780ace633149f3bca4b38381efdb070c50a5dcdf63872217a7ef6a8f55624bbdf648dd6ff2adabed1b3e528c1b83c21c1925d19a29c5d9dfd4aa0d22a31d2617a7e6c7eb6f5906c76669f974dfb9c62190bfde4e177ff363eda8bd9eed5f5ea6e48c971d01b3032a563ee011deb0d8f99e91d69a2471a76601ec616812440a2df7ffa61b0d32670ccb56a271679ea7be80036e5849b747cabd40aab2ce818ee8ef2526699204f50603375e8910647572772a72de5365189c24cb82b2a3349c47c3cd957983287320d2c967714cf0d1be81e667859877803ed0494ce161d1ae7fd1c7e929e3a3c702e327306913af03a0453182e9912952f854849908eac8ec28f63416238d93c843ca12f2a18fbcb2ecb44d812c0dfefa6499c8da9c58b0ed5661f467885799277dae6db9a9b260e9adafcab2762054d4befed41cc84af8bd0b4775cd8ba6d01a297c7a02e8d038a31a6acad689e2c7ecb2e9a381690f7733f0e5767bd5a7981eb5989396cf7e1776c52b3ff980287df624408400364c393a66e800ae3d3bebd46369ad0066ef1be4c727497609812c47df0b0ee89d5125d116b6a2cb451519bb3026ba090345a7df7e5f10a7d968a019918da8d65e819ad99103ea6ecae900a5e59f2078ecb8d1e34c39d87a91b71804333eab4eddd27c53fc90d00c714009a3f4a73c92daf8efd7b8cdf422c553aef53e8036589eb1b43d2d919c94c884e79b206573b0565359eddaaefbde445a365a4f2447a631883ade8c8dc2a6c18f59f7adc57001f397d01fc709d453d30e62c5f77722d675d0145e72ea49af582def6c622e3edbb3d3fe38a31e4f26770416621fd81c1088c7ae8b1c25382e07d3d68491666c24704517838495c156df5ccaafc6a50323ec32c9d46d0d09aeeb2dd36b126392111cb90e56538cb99ad80314cba80e77d0a48416338caeee35e66388f3ad490483c856174762d694f0e2c5097da8d8e359f762a44ec40af62da98c6bca6fcf6eb9b50e59937723da84933c9166a6d200888b31c2fedb4be0f387c31e25cf89e11db67c793bd3fffe28552888d3603552ef615c86d7c6def35db5c949b5f875dec068022627b458037be72d9d84bfebe826548af0a0b0a74474626cce572c188cb9f2215af86073f4483e391098c8f6125263c54550f08ef3fd3777d564a81ea88bea24d4b5a3a36d3341827fe8c1e6c747c67cc0262ed83473b40acd592c32cabda045799a406aa6653b06cd3b1d5940097d21336ee479fc4aad7984485e335eadd64c1b768437c07fce3f029169e6805b5b1577199ec95a4540a91e3e47221060a0dc28309e56847818ad503bdd51ca6e933f89072cd9516a987be4be163c6fb3d70ed96979030376552683900af4d0a405ef49c07b77d118bf7e10f4d054d36778a7168a2525c2ea75b30bfe30de727e6edb4d90f175cb443e6fe3b8f91b3e5535093b0536d686ccc655e3da43a14c3c4102dbb82b9ec7ce65e7d38223e064d4de256e3cda8821d52c7a710196d8676a8b6f745689317f668948dc05400489ec4a529cfe1de5b1b950e66c14e4df77473c9f620246403835b7291d9f4d35971d9b1f699ad42ab778cdeb651c7e74d9fb46da240528021068f495fe7b008e5b34a14e41fa78b9ccd0580f3e7bbf800ad47eeaab8d61cee718acbeac64c0a8c2342e5a4e1b37edf0d14a560c3d16643399274e684456d7848c4bef31e1a149763bb4aac30e9dee2f31c7622aaa641a5f5be5a1e3467782b2eea4289295f39d05ed5e14459c4d3512aa1bd34ab802482477eb8edba238145ba84efda7b94735623bd48623b0668666ad0948ec8c91dd7535b8d957000f2d032f59321f52a9b15a014b9b9653db05225a0af64e7a542469ef06a1234988bb7ca8994b9f418b77f51de604ab4856875ad48e111c3d3a92f3ea48d12a62dd114266839a9b658ac29fdf4963c6175a49bb1f6354addd8a355ceba88bc01941199f19e59b4391350a2dcc1da0d384781d4b4fa1042dc67112e0bffae79e31896bb604482d74e799680bf4f9529f4e31ce01299b2ca66e4b87f089b0ef807cf46c60a4dc17b03970e122d3dea1e9a8affd3cc093192a4f3ae253f35de719a8879a38ddab4baa89ddc2c736a80018677e3702812ea6bafc7b73f86102d52ee466a77a5353391291db12a8c55414bf79f8bd8c73569e39840a11a3f57a5e8d5089b8f1fe29ed0702c900904c449242d10413a35856dcc22a467a5560f1945c12cbad1ee2d81beb1fce278be1971c2c496f4aa5f15ca449d01ffef664f934959cbe21cc984372ca165879e828f484d6603963de09bc6674de06d6ffe1e2251bf1b52118210736d7d1bdef0a3b1017c89ba162eecc94569dd96a9d74b93b92f75cb5f883d4977d096ecbfaff2a1196e6bc163a2407ebb54158c611b048935b54e58e6903b952b9cbf3a3e2a58ba9198955a7abe52e9041332fad49dd69ae03a611abc065305591942bdd9617f4419ee29161546a90ede9c66a09e7974520538e79356550af3fdb0a7aa43ea827bb51f165d15679c4a9607728f60fabcf13bd5915507d4ad8628880dace804c57a03d6d2a3eb8e9b86154986b1c295b75ee27d9ba54b6024781e871b6c74b67b3743731a947dd5739b522d4ee67f39f777072be655ecaf3f3ef035d91058139cbea1de4fb2324cfd5e130ff5bf3cdafa1024b84e58e3c92373bdcb81e9061d84b7c7979f7f7d87b231855b12cf526de10dc346050561d0b8717339729515fbb5abde6da4de40fcd12e6b3ba4300bee548fb3cf9c3cd59a1a7a1861bcb1b66f0f9ac5a72af2f4a89660e0096562900cd4e166932ca6e46c5cacad3d36939db15fa0981871f2ef70f06358357053ebd5511dce0d06bfc1759b3be61d160d315dc9098c0a2c047378eebdbe649550294c758163ccde5d232fa56dc5a99e70a19e38a71fc6508138d3dddf18dd7babd2173a93fb9e6f4c5769695040bdd752ee35f0476068e57f1573830ee3ce4ed2ac0ac6a89a31b9751c230ab73c7b4b00110b8f38b30ecb722ea3d4a92288767a2a877b42a786d6eb31423f8c3e832c95b831af333441d89f93195e914fe06fe98e5c1c9dfd88b44a415ba543e03757f538008762d097ed09bfb0f672b6103b62747c4b58f5383996eb0a81185b0c913bde9e7d9ccd29d3227ab635d0d166521a21a47d31fc84b28d0486c909de5d25445343bde65de05d42d5c12592067ad3d06ae94518d00de3d18b2cca7843ef122003de867a7c29ce6a6211e446800b99871835d6febeda5302a4af0e1a5a7daed38a81f7071a0917491b7608b98108a4730e782918d170e11c878bd936f85b8b450d516b548224a47492f07837fcb76e65cc5298057047fc4bd4206770cf8b6892bd2e768bb7a08ededcb87da0beaf0abbfade0ccb0e4463d346dc2a0d2120356e8ef0017f297a2ac279dcd844c5b544ef2b7f9081a0cff713ffb7917d185b5ce4a009936001182d322fc4f707713f2dd73f3f879e8eb6edc9a8eeffe6a89f209386112aed2734ea7be3d868941850cbde16c8ae92551b72b6ebae29e3ac634f5837b65c44d98bf42014c6b84e64e11c77b24451813c62e5bf238e42a8db791fe9dc2095238684dc24ce5c4b25b3f82f2e1e585e4a3a186694047c9c0ca83ccd4fe627d0ac95e9cd57bb3b1ffe23bfd03ee05f636daa46affbb56812a5e6b79c32245e28c1315373d09d87ff217c68af672a5e6f395188d475ea2e3c6e4502b49fb3855c240f9c5c7fc4c2ee25e564eb91df32afea48960da1fe8216335a5d1fac4a23851c916ed59ca724bb32da9cdc1785c9940d0d88c6723bd33d29029d1823252bc6f0ea964f0c8782c6753b573df8ef76a23d91ca8d49553a7c2382cc3f3ed2ce683a9d4a391c7d8d98127f2f195b1af153c263fe202bce1364972744e6741fb5fbe2e42dab15c04a3f79d41c5cddb4545459dd8dd6358bca1aa875cce6548849a72219196ca5701a00f8b916eb845617798a5bc01bc72f5f6496325523fdbc9bf52b640d3ad14a3a5d7d630a56fef46369cd215866d1ee7434ee4b490433729e45b15df78985ccdb0a1920ca98072b7966f8df25250efd57f043108e98a335b0d8eb531ff34697de64bc69de89dcc59a841afe62aef12ed2ed389384386613d639c9e35fef1928073b973bfec01e24734c669d728b5d28706ba39e65e1e968e11e1621b1fd5972a40b29d06102e475cd213748e6e2233cff038600a3e9eb2765f269ee209969f1c2eb3ac29d882a0cdf89768ef11d7fe8978ab932a49d985b2c707d3c9eb09a08a6682a5c6c3411f3a047acb2db41aacd61b747c521010ce757b455620ab005fa72c19bd7939415840fd835e906d305946000b997e9aa71a5710490cf463bff9f87f38ce6fe234ab66b3e4a36e6b4268f742e09d0b2528ea550b8335915887ba896c2a9cf67c0c677c41f721433a6bd140f73d58230a47427b09ced7dbb49f35b388da43b4fbcb70b93fb02f3c9b3f7b323db1ce9272e7004964729f4cbca6a2c3ec100f873b318c57743d410935b94713aad225ec830f47c4d347dba114318e517a1d81c3dcd1c47c81a6faf0627d777af02402c84f0b679d1f120d39556b6e62b24e8eaec35c92dd7404b0febd297fc07f64587d249d25d81fc2ae5548db4a493da65561ecc1351ff297df5f310fc6d35cf6ac7749f593dbaa13242f1e7d92d83e6e2af0329e0739985562fff4415407696545806d266d3fc4a6580121340832c827fe8a144c562f933789eef620a13042f2ac1dd7232f0b24e1277d1fc8460beee02163d9006d2f9aa85c13f5b0435b33f3866a5bc49002ef6388b70d926c715083cec7dc4fa9b913af8ad89727952cfdec0096f4d6942f0bf5f002eaafe3210a13e17301612d36e6368826b9da8ee612d1c5a0ca735b70b3891dbaa19287f7b53ddece6df5c6dd33613a2ef104070d55ac266a4e102cd10b37d8f924ccfb5ec6b7c2eb661c6510dfcef8382967589c353c86d235259af579133aaeef4fa9f37af224457f06", 0x1000, 0x3}, {&(0x7f0000001480)="0a1a635004768cb37f824f470155b3ff35c9390785f9fdbca5905266ef1fa19252524c82109e78698fe415675f36386b96935d83ba168f1d030ef466d72c9669d920be81dd5b5247639afe1e37670175f797aa07b2e8b96f5ef75e3485ef0fdb97cb9f61806b333173a776e975f1c8071454587074f16dbfacb4058d854df3f6e867d86c7ce902696ef6a7b90320a3ee9891201564cc5ce2ca9f3d4714ae645c4452a72601a81f079cecb739b91cc8e0ad7463fa11afc741ac32f09d68d4cd582573d27e350e60e915af71d0ac0a3ceece26b790e899", 0xd6}], 0x20, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f757569642c6e6f626172726965722c646973636172642c6e6f646973636172642c696b6565702c6e6f696b6565702c67727071756f7461c4c204c27c0f33bb1c6f683763532c75737271756f74612c7377616c6c6f632c00"]) symlink(&(0x7f0000000340)='./file1\x00', &(0x7f0000000080)='./file1\x00') 2018/04/01 00:14:41 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f00000001c0)='./file0/control\x00', 0x100) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x252880, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000200), &(0x7f0000000240)=0x4) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'yam0\x00', 0x0}) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000100)={r1, 0x1, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x420000, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000002580)={{{@in=@remote, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@dev}}, &(0x7f0000002680)=0xe8) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000026c0)={@loopback={0x0, 0x1}, 0x6a, r2}) 2018/04/01 00:14:41 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(0xffffffffffffffff, &(0x7f0000000080)='-', 0x1) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:41 executing program 2: r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000840), &(0x7f0000001000)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r2, &(0x7f0000000780)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) r3 = socket$inet(0x2, 0x6, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00'}) pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) execveat(r5, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000580)=[&(0x7f0000000300)='lo\x00', &(0x7f0000000340)='syzkaller\x00', &(0x7f0000000380)='bdev\x00', &(0x7f00000003c0)='\x00', &(0x7f0000000400)='syzkaller\x00', &(0x7f0000000440)='lo\x00', &(0x7f00000004c0)='#\x00', &(0x7f0000000500)='syzkaller\x00', &(0x7f0000000540)='syzkaller\x00'], &(0x7f00000006c0)=[&(0x7f0000000600)='syzkaller\x00', &(0x7f0000000640)='vmnet1+\x00', &(0x7f0000000680)='syzkaller\x00'], 0x1400) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000001c0)) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000080)={'lo\x00', 0x1000}) shutdown(0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r5, 0x84, 0x20, &(0x7f0000000700), &(0x7f0000000740)=0x4) connect$inet(r3, &(0x7f0000ccb000)={0x2, 0x4e23}, 0xfffffffffffffe8b) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000c00)={0x0}, &(0x7f0000000c40)=0xc) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f00000010c0)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f00000011c0)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001180)={&(0x7f0000001100)=ANY=[@ANYBLOB='\x00\x00\\(', @ANYRES16=r7, @ANYBLOB="200025bd7000fedbdf25030000000c00020008000600720d0000080004000300000028000100080004004e24000014000300ac14141a00000000000000000000000008000b0073697000"], 0x50}, 0x1, 0x0, 0x0, 0x811}, 0x20000000) syz_mount_image$btrfs(&(0x7f0000000ec0)='btrfs\x00', &(0x7f0000000f00)='./file0\x00', 0x7, 0x1, &(0x7f0000000fc0)=[{&(0x7f0000000f40)="197bf5e6b7d8b2084a03553106bdd0bf88ec8bfd08bc6513ad50412fcb14760196e3e66588704d4a3a20ba9222585e76d2a5210bf26ef89428f7e859158ba72c3e805e5a12dc866fa832dbb25824c196ff297eb11fad5be45c03b473d357b9e79999902960", 0x65, 0x10000}], 0x2000, &(0x7f0000001300)=ANY=[@ANYBLOB="6461746173756d2c6e6f666c7573686f6e636f6d6d69742c6e6f61636c2c6e6f747265656c6f672c736b69705f62616c616e63652c757365725f737562766f6c4d726d5f616c6c6f7765642c006fa5c37faf496e05fd62ce2887ea6c7697f8b8e2b4445cecaaff521fb0a28d4bc54fe56821ac72f99c507b4b0712fa69ea7ad3a193f61997b79ff117b89ad0f82fecf2a8f28cd746c3afc5112640b588eed88a6bab342ae3d6f4e3f8944a758e016caaa95faa5259899ce8467d0087f70e4fc8c2750cf95cbc410a84f805f0e107677d6d559b68a3ce02c40ff5120c6496c9"]) shutdown(r2, 0x1) getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000c80)={{{@in, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}}}, &(0x7f0000001040)=0xfffffffffffffffd) fstat(r3, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r5, &(0x7f0000000e80)={&(0x7f00000007c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000980)="ab7c8ad81cc4cd70ca5bb40aa77ce6405236ba344d111ef8322bf367dd9474f90de53f34c37ddab54d8f763697344bf13601a5a141c3dd64e59d66e774da7fc4002d923f596ddec6627f6268abe48c9a8cd0c8df465577be5f928cd14e903138c82d7a55f425c665fd6cfc4e464d63f3d559824a0b1e99e5393dfd767ce459e1c15f01ddf839", 0x86}, {&(0x7f0000000a40)="fc3cdff51708cc3f4a66e31b1cade62820ff88b9390b20af8c1207ea3dee17598aa6f50f4130504aa88dd6da32dc72aa3702ca6a0f3057524b0f837b74cba04308", 0x41}, {&(0x7f0000000ac0)="627d40a39dc2897963a50f5b5edc5b4e63fc57b45715ea927a8327e8e97e9ef0238bfa730ca68a7e68b587b96fb962d5dc1ef178286749168f37d7820beda6a24ff2a11842399ae59f94211d44326df9dfa5c4cc458996517c8dae3913d86873ce1117902487df01e2ee9dcfb5e077311bf3e23d468fd532da1629a0dbfe7d339d7eac3035ce4ba4d132b9b4566ba2b46776c3623c18226bd67ba05efd6d1f8cb4ca75527106fb1249ff48c476c69f3697a040aee702ce26642c3f4897647b17c4cd3e7343f971bbf46423db71be6f37646dcc529316f5c53862faf185c6ed8e33117468a6b7", 0xe6}], 0x3, &(0x7f0000000e40)=[@cred={0x20, 0x1, 0x2, r6, r8, r9}], 0x20, 0x40000}, 0x4000000) r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [], {0x95}}, &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183}, 0x48) r11 = socket$kcm(0x29, 0x4, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r11, 0x89e0, &(0x7f000031aff8)={r2, r10}) sendmsg$kcm(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000480)="5f4be9", 0x3}], 0x1, &(0x7f0000000640)}, 0x80) setsockopt$inet6_opts(r4, 0x29, 0x36, &(0x7f00000008c0)=ANY=[@ANYBLOB="7c29092a6d9a785d7f071000000000000401ad073800100077a68618608de4214d00000000810000001fb4c9b90b463c9d6400000000ffffff7f0000000006000000000000000004000000000085085037f4d84a7f7fad160e96a99b9389d2c37043be9bad6d5bcb42b7475493a0735e99537e271b068f73094dde47fc522e7a0da881653052071e60155b6293b4b0ea118828e60fb2e613294f7c81d5e2a472dbc93110b958613defcc22eb"], 0x48) setsockopt$kcm_KCM_RECV_DISABLE(r11, 0x119, 0x1, &(0x7f0000000200)=0x3ff, 0x4) sendto$inet6(r5, &(0x7f0000001040), 0x0, 0xfffffffffffffffc, &(0x7f0000bb6000)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x3}, 0x1c) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r4) 2018/04/01 00:14:41 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x400000000800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000f6bfe8)={0xaa}) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000000)) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000082000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000009000)='/dev/dsp\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000140)={0x0, 0x9, 0xdc8, &(0x7f0000000100)}) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000340)={'broute\x00', 0x0, 0x4, 0x8b, [], 0x0, &(0x7f0000000240), &(0x7f0000000280)=""/139}, &(0x7f00000003c0)=0x78) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f00005a2000)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) setsockopt$bt_rfcomm_RFCOMM_LM(r3, 0x12, 0x3, &(0x7f0000000080)=0x10, 0x4) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000002800)) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'lo\x00', 0x800}) creat(&(0x7f0000002b40)='./file0\x00', 0x101) r4 = socket$netlink(0x10, 0x3, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_MASTER={0x8, 0xa, 0xf}]}, 0x28}, 0x1}, 0x0) sendmsg$rds(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/240, 0xf0}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/248, 0xf8}, {&(0x7f0000002600)=""/217, 0xd9}], 0x5, &(0x7f0000002700)=[@cswp={0x58, 0x114, 0x7, {{0x8001, 0x1f8f}, &(0x7f0000000040)=0x4, &(0x7f0000000240)=0x8001, 0x0, 0xfd7e, 0x2, 0x100, 0x28, 0x40}}], 0x58, 0x8000}, 0x5) pipe(&(0x7f0000002840)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_SETCRTC(r7, 0xc06864a2, &(0x7f00000028c0)={&(0x7f0000002880)=[0x708, 0x2], 0x2, 0x5, 0x401, 0x8e1b, 0xffffffffffffffff, 0x480, {0xf999, 0x6, 0xff, 0x800, 0x81, 0x40, 0x6, 0x1, 0x800, 0x9, 0x2, 0x40000000000000, 0x8001, 0x40, "24b28889379fe175ae901e4ba355fa20f8bfdd26285da1b7d92c2c3a964b1caa"}}) ioctl$DRM_IOCTL_AGP_RELEASE(r7, 0x6431) setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f00000027c0)={0x9, 0xfffffffffffffe01, 0x401}, 0xc) setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000002980)={0x3, {{0xa, 0x4e22, 0x4000000000, @remote={0xfe, 0x80, [], 0xbb}, 0x4}}, {{0xa, 0x4e24, 0x7, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x2}}}, 0x108) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000002940)={'sit0\x00', 0x9000}) getsockopt$inet_tcp_buf(r7, 0x6, 0xd, &(0x7f0000002ac0)=""/62, &(0x7f0000002b00)=0x3e) ioctl$int_in(r1, 0x800000c0044dff, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f000072f000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x800000}, 0x8000}) 2018/04/01 00:14:41 executing program 6 (fault-call:0 fault-nth:38): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) [ 241.000317] FAULT_INJECTION: forcing a failure. [ 241.000317] name failslab, interval 1, probability 0, space 0, times 0 [ 241.011581] CPU: 1 PID: 19619 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 241.018768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.028130] Call Trace: [ 241.030717] dump_stack+0x194/0x24d [ 241.034336] ? arch_local_irq_restore+0x53/0x53 [ 241.038994] ? __save_stack_trace+0x7e/0xd0 [ 241.043320] should_fail+0x8c0/0xa40 [ 241.047028] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 241.052128] ? kasan_kmalloc+0xad/0xe0 [ 241.055996] ? kmem_cache_alloc_trace+0x136/0x740 [ 241.060820] ? __memcg_init_list_lru_node+0x169/0x270 [ 241.065988] ? __list_lru_init+0x544/0x750 [ 241.070201] ? sget_userns+0x6b1/0xe40 [ 241.074088] ? mount_fs+0x66/0x2d0 [ 241.077606] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 241.082339] ? do_mount+0xea4/0x2bb0 [ 241.086034] ? SyS_mount+0xab/0x120 [ 241.089653] ? do_syscall_64+0x281/0x940 [ 241.093694] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 241.099047] ? find_held_lock+0x35/0x1d0 [ 241.103091] ? __lock_is_held+0xb6/0x140 [ 241.107143] ? check_same_owner+0x320/0x320 [ 241.111445] ? rcu_note_context_switch+0x710/0x710 [ 241.116358] should_failslab+0xec/0x120 [ 241.120312] kmem_cache_alloc_trace+0x4b/0x740 [ 241.124873] ? __kmalloc_node+0x33/0x70 [ 241.128824] ? __kmalloc_node+0x33/0x70 [ 241.132776] ? rcu_read_lock_sched_held+0x108/0x120 [ 241.137782] __memcg_init_list_lru_node+0x169/0x270 [ 241.142778] ? list_lru_add+0x7c0/0x7c0 [ 241.146732] ? __kmalloc_node+0x47/0x70 [ 241.150692] __list_lru_init+0x544/0x750 [ 241.154736] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 241.160605] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 241.165606] ? lockdep_init_map+0x9/0x10 [ 241.169651] sget_userns+0x6b1/0xe40 [ 241.173341] ? kill_litter_super+0x90/0x90 [ 241.177554] ? ns_test_super+0x50/0x50 [ 241.181423] ? destroy_unused_super.part.6+0xd0/0xd0 [ 241.186505] ? do_raw_spin_trylock+0x190/0x190 [ 241.191069] ? kobject_put+0x6b/0x250 [ 241.194851] ? blkdev_get+0x3a1/0xb00 [ 241.198633] ? cap_capable+0x1b5/0x230 [ 241.202499] ? __blkdev_get+0x13b0/0x13b0 [ 241.206629] ? security_capable+0x8e/0xc0 [ 241.210765] ? kill_litter_super+0x90/0x90 [ 241.214978] ? ns_capable_common+0xcf/0x160 [ 241.219277] ? ns_test_super+0x50/0x50 [ 241.223139] ? kill_litter_super+0x90/0x90 [ 241.227354] sget+0xd2/0x120 [ 241.230353] mount_bdev+0x109/0x370 [ 241.233959] ? fuse_get_root_inode+0x190/0x190 [ 241.238520] fuse_mount_blk+0x34/0x40 [ 241.242299] mount_fs+0x66/0x2d0 [ 241.245648] vfs_kern_mount.part.26+0xc6/0x4a0 [ 241.250208] ? may_umount+0xa0/0xa0 [ 241.253815] ? _raw_read_unlock+0x22/0x30 [ 241.257938] ? __get_fs_type+0x8a/0xc0 [ 241.261805] do_mount+0xea4/0x2bb0 [ 241.265326] ? copy_mount_string+0x40/0x40 [ 241.269539] ? rcu_pm_notify+0xc0/0xc0 [ 241.273411] ? copy_mount_options+0x5f/0x2e0 [ 241.277799] ? rcu_read_lock_sched_held+0x108/0x120 [ 241.282791] ? kmem_cache_alloc_trace+0x459/0x740 [ 241.287703] ? kasan_check_write+0x14/0x20 [ 241.291918] ? _copy_from_user+0x99/0x110 [ 241.296048] ? copy_mount_options+0x1f7/0x2e0 [ 241.300522] SyS_mount+0xab/0x120 [ 241.303954] ? copy_mnt_ns+0xb30/0xb30 [ 241.307821] do_syscall_64+0x281/0x940 [ 241.311686] ? vmalloc_sync_all+0x30/0x30 [ 241.315813] ? _raw_spin_unlock_irq+0x27/0x70 [ 241.320287] ? finish_task_switch+0x1c1/0x7e0 [ 241.324761] ? syscall_return_slowpath+0x550/0x550 [ 241.329670] ? syscall_return_slowpath+0x2ac/0x550 [ 241.334577] ? prepare_exit_to_usermode+0x350/0x350 [ 241.339575] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 241.344928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 241.349754] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 241.354920] RIP: 0033:0x454e79 [ 241.358099] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 241.365785] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 241.373036] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 241.380287] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 241.387533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.394779] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:41 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x42) fallocate(r0, 0x0, 0x0, 0x4) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f0000000040)={0xeb570fd, 0x1000, 0x101, 'queue1\x00', 0x6}) 2018/04/01 00:14:41 executing program 4: r0 = shmget$private(0x0, 0x4000, 0x88, &(0x7f0000ff9000/0x4000)=nil) socketpair$inet(0x2, 0x5, 0x800000000, &(0x7f0000000000)={0xffffffffffffffff}) mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='vfat\x00', 0x80, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000040)={0x81}, 0x4) shmat(r0, &(0x7f0000ffc000/0x2000)=nil, 0x6000) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 241.405101] FAT-fs (loop0): Directory bread(block 6) failed [ 241.438058] FAT-fs (loop0): Directory bread(block 7) failed 2018/04/01 00:14:42 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') chroot(&(0x7f00000000c0)='./file0\x00') [ 241.488757] FAT-fs (loop0): Directory bread(block 8) failed [ 241.515895] FAT-fs (loop0): Directory bread(block 9) failed [ 241.532232] FAT-fs (loop0): Directory bread(block 10) failed 2018/04/01 00:14:42 executing program 3: open(&(0x7f0000000040)='./bus\x00', 0x7d, 0x109) r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) 2018/04/01 00:14:42 executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) fstat(r0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, 0x0}, &(0x7f00000004c0)=0xc) syz_fuse_mount(&(0x7f00000001c0)='./file0\x00', 0xa000, r1, r2, 0x7, 0x0) sendto(r0, &(0x7f0000000080)="ced7508614ee065047ab975363c2ac9af3aa8e859e75f6bedc0a74796321dc435cf019fd9a21db2766ebe53e406f3d1373f0f62dd91c3999fadceaae", 0x3c, 0x0, &(0x7f00000000c0)=@ipx={0x4, 0x52cc, 0x4000000000000000, "2df826097334", 0xe04c}, 0x80) syz_mount_image$hfs(&(0x7f0000000000)='hfs\x00', &(0x7f0000000040)='./file0\x00', 0x6, 0x1, &(0x7f0000000180)=[{&(0x7f0000000240)="bfccd096bc0f0051a7ddb4e3b15ac21b917896dc084e8b90d3907834fc75e6b209910d254c093dd4c32de9c78e442bca0289e9e671bd32e05e763951a6e408b79bd05a52ee272899d8768626fa256ae03d76d737e34caf10c94fce30d8c353a420db888f98a643779bce014830f0f1e91d6ff040b6adedc8000084e20f84895fee8c49545069fb3192263f3c95600ab7677d20190cea89a11843cb7ac5393a167d83bb31488c1682185d60bd9605691e22753a23db3f6ac82ec39d0327203cb8e63b4e245286b85d768e122c904ccb640b1b781e498e341b8446311f5956661dccf7ffb329f803557d2d1ef800000000009907b0cf0e5a30889ba91eac5b7d28f68b4445d060a9c5be0147c4e6754ce0", 0x110, 0x8000}], 0x810000, &(0x7f0000000380)=ANY=[@ANYBLOB="696f636861727365743d63703433372c71756965742c7569643d7b2c66696c655f756d61736b3d3637322c636f6465706167653d6d6163726f6d616e69616e2c696f636861727365743d63703836352c636f6465706167653d63703837342c009f898aca9e8da21ce4029649c5f2c84aa2d342cb41f8c6b12e17e3234910028fcd529b96baeccf407e0fcf74cb275705f73391c76296dc6ab4a0d977c9218d5fc9"]) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000140)={'rose0\x00', {0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}}) syz_mount_image$btrfs(&(0x7f0000000500)='btrfs\x00', &(0x7f0000000540)='./file0\x00', 0x1ff, 0x4, &(0x7f0000001740)=[{&(0x7f0000000580)="ba05d8f3dcb8f8f57f9ece83377579199b23d79523386662c9182ca0f00f209976", 0x21, 0x3}, {&(0x7f00000005c0)="131813c39b7028160f01a7853ab29e3859c71721628ab1a4f384c6a97c43a98d5f88ad14d26c43e5685c98df12cf845ad7e6fa3c38bef1f4354250f7b362b5ac217681fa7ac3aa83938d605aa08a4d876d22479cc0657637ff8ba0c8cdca02d376717afe06a71bbdc7b00153c2dff960f7a97759bebf98ad291b60e21fa77b391f5e90ef9f2be0a581b5832acd41e7fe6e542410547179682b45f740978b78b7704ffdea20695a0469b099db3fe8d25e09b345b36df893546a2e98d13486584449a56ac7f3073fec0556ee5b374af42f061444105785e8c87f4e6a3a822ba8979a73ec5145a188261fc851708347eadb5d009a17edccc6a9949ee255c250b072086a6ea37fa20ed2b9a12756f688e4f616bc36c01e19991ea1534777e5e3775d39a18bfe97ae6ab5fbde7e141b48b10beebdbac8e816c793845de2378e1843c129ae36815027c5413ce0daa45a760e509fcb040699efb9685f9e02d9bec26691e35d3c4536e2409e9dea71df083c0815476768a7d722e1b5b7a39bb09b64d0a30c0f8f3eadb23b086944480a3b553ade8e898c8815a89f14af7539428054fbdf4c07bf0c586d78b6a01c1b35c759d21d0ae1a739bb9ced24b06b5dbebe201d64fd933d0f51fb9aaf386cc5e297274fa3e71de73508eccef01a1d3912a5484c83fc59afdacb435429478f1ede05aa82ae8ece05b4b3db7df3dbbfa2c83aa4d549a5a6146c2cdd71a7cbd74bc25f249264a84b75b083e3df0d2e9f58e8ef54b1445675b9f98d552051acd3dc04e2148f854d2bda39037bea8b7000b672f0d340a78a8d8c3d005e90e02ea734775bc67ea58b41dbd67260475eb8c4c80857c8f02268b38ea077c105c86a07233c8c5dfbc058fb7f9ecfe78634226394ed23b2ca689df47b3b131b074a115083ad7f20bfa789074cc8fc9ea6704bb93bfc6cf1015b550f84064bc02c32a110d0d9cccedb680294a38072cfa4774240e4e800c92d498f84dfade1d75ab4d4b2bf209eb780140d74ecfcceeaa8c4ca994fe48912606f01770c8661e9924fa69e4806538c46bbd82169044b44ac806e3fcfb56a7e61f3fd8cb9251d0ee0e7a3749be1b10d02dffdea598265bf31dbd564a98048b769dc09121269b8c2d0e4631dfa9032e383b7589a86107e761e9fa0170d5f2f8bab2af8397c20da8ca20954c17139badbaf9da825a4790ac607247f11fcf7c80c398710fae45a78813301ffdf1bbe903bbe07df9f74adb910e0a71cb17f082003bb3462e4fa164d3a9d8213a178af35d4bdb82557bd6452daae8ba8f38711c5c3e2e856bf889defc1e0e351265e95737b42a1275a161df505288cd0a4e98f9c3360bec63ed9da63b36d4262b320ed2508de74b1f82cb7cfc38c11586f635b856e5a8d249db29aae09f3110813a38b39c3f1eef98dff222f00fd41c5dfe0c95a4f6c93c2982ec271c3fb4c9c8974960f3d9c6cd4a4c674c20b32915201335901cf7100723af9aa7dff6e6a479a4740a7985a50f9f1471b5586b3eb029c2f9fd87f67801108755154d39f652ebef51309b2393af8fdee2ffb587f7dc9f68aabde8f255443bc91d1567b6ed3fccbd35c1b5b70e1d285aa683e578e61a058c80a134180157c98990203d9618c7af9b5621daf8808603c1efd9137c60d82ca146983767b4846b195bdc3e2bbdd33dc6be3d844686d2a3196fbfe371f99a7192fb65e649dab55b6fa8ddffbce9293f4e075ed97f3b9ba45dca8c2e9e790a6f6a1439ff0707c692c343fd2d70e9d61db1ce37b4516e4947165af38557a3fcb4310107c3b1f46fe7d944be25b329f5195b9ad9836b76e286619a091163b3d8d817275603c862bf1b451a84b1cbf06441221d11082e37f745f37c89525c43903977fd05208075bc80578a804e7d659894aa3832c1f3a40a17a0cc19600530ea4fd7360916ba537c7b1230c3ddc4023f164d83bb8e06f223e9c3ff79088564338a54c1c1384377af3e5ef632b0e3cf27e9be8fbee96f9d9af02a91878217901a38758e5eec8d98142dc5cf98a33411acff304ce443213236dea2a9f84cb063bef30d334f012cc79670e8c0e7c31391f79c2d8bff21c6b7c4ac964b39dbfa3eb4313fd0179a8cc559db45b2ae35f6bfb321ea6d7175da996d32691861a8163b691e9ece2a65d2d6ca31d0f55701938cb6629d9838bbedd46a0149b8a500ae803433b2455e0f8f57dac01407c53ff589ef1ad6f987d3fb138241d6b216bd72e1875a76da6406b0f081d27f9e5d28837cc4ca722b99444f700e9c727a8a901299b396a13fed298b3fdd8d03c7e84914df0981894829d2dd77adc8e26e617706d922424bdd90a2ae0e25d3847bcf6fef39ede7fe6f3b46ed5306c3b0044eadef93f8ead3bc17a55170ae12453fdeb1886a7c0999a61982703d27f310c585209b10b11599ee25e6a8757e0ffbb811bf39e0206c28cef8f60f39ffe1277ca660a93d97741cdec017231e715e3cc678dff4c1de4f9751ab002b12c92bbb2ed61a96deec546872a4d93a5ef4769e45468d55f9792fdcdc5270fcb579e39180d8d90b2e0e595df37e7296932fc9ba17a851f9d7bf724b112ecd3b1afc389aa02663b8ffe9492f10f88eebb1a64585d3ef97a7590f3928ae9eb574fa47a82d6323b4cc702105cb89ef4b38af57d7d130a04dba17b30f317ac348a06db64f170ce95c0cedb720a8df4bf2459c92f2e367103d776b1a545f6ce5ceea955419400dce2bb38f6355d4f39fcbbc99d36e4e4052cc0388389323167e0b596b985eee6e9fe3f272aa534fa2ccc3e5fcb84a33d4934922ca26fe99557c2cd8dc5f41ff64c0a7136d7a852dea073c7dbe784ee75a2d8a3fc1175603cbc82fb4be1eabefb44880601f0a53cdf63e28a84f408eeb43c20a3c43ce2ca15cc5c61b712d97208691f6e114ec86631bdd7f38833662a48953fc6af2ba3be55d15452a6b4fc604f3f39280ae18ff4252bbbb8294f641eb38d62d237c11c3b69086c31848f40f6de77bf5c30067ae075314719c4f3c189d8464c74182d2ce9df445dd2f92b0a19076414ecdfe5b65548f8a42908b3dca46ec4cded5ebf89e2a20b33705c7ee69b4fa24832efec5913ec37396cf7c67c3b7ad2641988849e5716e47df3bbb3655e8c8d07565b71ed9d30030093b36e89c16d6b7b4c2fbf4339b69859a4b93b59aa8954baa22451c72dc39f81a3afeafe3bdced4bfd1015568e46930e49f8472285335f81d2e38bbfb021b7129a062d063dbce75d0faec18a409d778be65d032514460646d1afd59681ac7336e4b8971195f4235cbe7117105455c01ecb928745def5afa0d2a0276d71aa5744863abb98c8c8dc3f8646efdb040fd62d6ce4bb0a170b1537cfc1fd08a465b79c1120cbf8254b474d1ef4c30347a69c401271622dda9665d7ff54fec20c21c76dc705f6c6ac938d83b268d709686735cc55d9cb3d87a7d4005cecf3527af12afaee8bc1d644d9481cbdc2e27fe4fcd78e89107149536db51f2c1c98e157f60b9708e9393179689069a8d18c650549658d076e1760fa8f022b4928a2c9d12d76bcb36de869901c8d2b3054ca97bdfb1f8e2bf9f17fff18bea883f44572a6c7424ed8e72e2c078a5f1fb9556dbef018016da8538b1bec27ba26843a53f5846c6ab5ebb1e1a7625e7b9873741ebf2bd86f41c4aaacb707e1fe9593961a6aeff5c988f9b21775bb81cd539de31587a92d2d528f672479940d50e34076eb2bba68f261b161edaabf542cb9fb0ca3c71d70c2185324fa3e008e6bb55e6cbc2a35047d90c846d88d766fd52c862bf7bd18dd7519137c025716eccdb68e93f7cc2e9322eef5a43eeaf01409a7371e092ebc835e5b7e7dccb8b5bb98a54dc43dc3f41544f1527cd2fa2299b92938594881c19b54dd9134f45239dd7d7c488d88e2aefdee8f95ba4bbccebe5df08a09b1846cdd61e719315484b93264bf1b1daedd83f5358c86f2752cfad27dd83008929d898a45360a8b4c8db89491b67b2b420beff418952016dc4d8857a30756437d8dac1cc50e6e260a8c31b7181ebdc43c4c83cb5a13f1afa8e894f42dfba5a8eca8b08203128041d59ca81a029f3629a3c6a9613fc759bc6d62357b6b609101002bc931f4d8beb58701f0c69afe68d1a2247390a7a6d1ea358f3224eb2a27767d117ff62248224f8bb682250fa8ccae9869676f21fb53ce14ca1ff22b53fc7d6ffcdb05c18fd3b1af55f5064cd9683426ad93731f6f7c4a75f104fc08b79a11c8846991555762b4aaac918770b87e361c55a288081ce288fba0e6c66130e42096f04ae4ca446860f7d263a3bfb9dc7d5b2c7697d74f72db08985d024f2282fd9c92da5b83be9cf73bc89aaff1a9f4c8e9e99495224d2044bdc5f649fd39870890485454811f043877d6dd8b83ed2ff90d4fbb22d9797c57909aa8bee34872885bfa47a359850ce22ea800529db0efeb1b9370f3d1dbf9ae6edc26083abbf5a3e794deabcee71ae5d75a8af0a2ef9ae5f6849733e7df89a05cea5f6c5f0d728791cefde2d26c507da23d7130ba7ec041e06d06487e1cfb3ac546375079ac8be235429695c2b1627748a9d870d66bcae8a92964cd6672f1c05b6fa922bf47e60bfb431e568c7293768876806fb26724563bfe89e6211d9d3b42201b67b3f7e376f3343318a21c98e4df118cb37cefc4dcecc5846dd2bfe9a64be8e76d4af7d8e6ab17afd4f356cd3e94be54f6a89de7bfc191a71e4cd53b6ef25e6254d92a023d4aab85e872b3821497f6a373c546c70fea3f4643e317da50f546953a7b0df6e07d792c1c09f2aad0db4acd0d7efe662066dfef7d2fdf78810f287a7e2acdb88288a51db62adc67463c2670b7beb6e738aed688f640effef73260b12df7f8331772a2a15d425606942c8ea1788a1dd1afd3149957f5c31bf96636329e2c5f27adea91f0095bfe5ed0d66d6139efb0d52fa8dfa3d55c1b6dd0da7e2444d0676dca13725b58a6242878c24c364320271988306fd4c6fc5d5dc906ba9b6b9adadda267baf4ac2f446d28f1c4462b0f80a57cdf5ba45513f5ebadafff04b707796d33d8c8ca45fca67198fc41ee3346b22cfe933f8bcf446fa0432f98bb5dae42aeb0432a22fc76af8ae61b84e5d30d58601f92ed338e05553c7db47dbc04a3aa665e00352310874c78d12258e954f4588a520df411036c7cceb369394c1d3000fc03b2403a723cccd7b44aa9d86c271f96a26c1c3a40034b20240c32706ef146be7880032a0916452876ce10eb351a27f141672ec57ad7beae972fd54c84c1fda52da91ab7f2dd01a54aa16789cf4f1b4a42405b85c1e555adccacfc769bf5e553bcc3868a72bd7701452b646ec7336b4d644faba643382fc5846222b8955193aeaa572d52a6324ddb000678eb55ea5a1cbe0f6e0372c82a7e326f2914bfd89b62dbbe75f06606766d3356886fda23d161165c3d9631b7ed67cc08a563ad7b2cbe2742b1951741d7e528b9b0086dc4d298eaaecd11431a13eacc0637eb99caf1ce5453c505d5aa9d3a1c8e413139f46887532384a2f5d070f2c3ba0ac5344bcc3e366abdc8045939ba6271bd2ff4ba18bfbd945a5f8747773bca12adfdb2962a5ce14df105adf4855fb81aafa536b4b855a9b7c7470e21f0951dbc634b674210086fba934acf6d818e8ae1fde2ca82271e0b0c9898e6d25583b4731be5b49d079ed3e75e11b09e4d9be9f31db43451dd1d02934b7dcb61bb6f34a6dd9166c06782c007f009e9993ec4f212039a43b2234382bef08547694d464137", 0x1000, 0xfffffffffffff1e4}, {&(0x7f00000015c0)="5e7127fb54a0d0630470adca0aba624b4d82744647b27bcc4042909c7589b8963c56e06529183ee984d594b5ee97177892749fa0ece3551ca248a27400a5a2794187883cdc914d62fb1a706daeaff71a19cb964bea1b92f839b2619b5f1beec99e9c4109ef04a83e0ce677cbd176f58c0c73fa7ceafb2c1a", 0x78}, {&(0x7f0000001640)="b657d537d25e564ef7800a0bf649eece80800a0230031436d7b449e11a1656dedad7ce5a99c2b876a5b83fbfcc631563cc97b74b3b34f8c32d1a13cb7e2ad14c470ad4b3aa09ce5d4c880dd433aa0bf0229e15fbbf71a81b638ba67a10559d06be55931089313d449212ab8db1a8eaeecc6be0a748d5f3c75f885b415850ec9d76e363490f97e7a8c107663300534861d6c15eb41ef3a851166c59e9c36a8e9145d508c583ba72ab204300ab8ff5ec212ffbce6c1b64c84cd1d33b18843e0c1ce9beaadf509fa764ceaa06fd6461846fa815426c05bbab06a50d3a977d4c2c249f5e208f38caa273", 0xe8, 0x7}], 0x3180010, &(0x7f00000017c0)={[{@nodatacow='nodatacow', 0x2c}, {@space_cache_v1='space_cache=v1', 0x2c}, {@check_int='check_int', 0x2c}, {@space_cache_v1='space_cache=v1', 0x2c}, {@nodiscard='nodiscard', 0x2c}, {@ref_verify='ref_verify', 0x2c}]}) [ 241.549491] FAT-fs (loop0): Directory bread(block 11) failed [ 241.558166] FAT-fs (loop0): Directory bread(block 12) failed [ 241.579168] FAT-fs (loop0): Directory bread(block 13) failed [ 241.605223] FAT-fs (loop0): Directory bread(block 14) failed [ 241.636293] FAT-fs (loop0): Directory bread(block 15) failed [ 241.675522] hfs: unable to parse mount options [ 241.684476] attempt to access beyond end of device [ 241.689651] loop0: rw=2049, want=40, limit=6 [ 241.750441] bond0: enslaved VLAN challenged slave lo. Adding VLANs will be blocked as long as lo is part of bond bond0 [ 241.766675] bond0: Enslaving lo as an active interface with an up link [ 241.773567] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 241.792839] hfs: unable to parse mount options 2018/04/01 00:14:42 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000280)) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x4) r1 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000180)={0x0, @in6={{0xa, 0x4e22, 0x10001, @empty, 0x10000}}, 0xa46, 0x40, 0xff, 0x8, 0x10001}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000100)={r2, 0x9}, &(0x7f0000000240)=0x8) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000080), 0x10) rename(&(0x7f0000000000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/file0\x00') 2018/04/01 00:14:42 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) 2018/04/01 00:14:42 executing program 2: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000004000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f0000008000)={{&(0x7f0000cf7000/0x4000)=nil, 0x4000}, 0x20000000ffff8000, 0xffff8000}) r1 = dup3(r0, r0, 0x80000) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f0000000000)) 2018/04/01 00:14:42 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080), 0x0) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:42 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000140)={0xbf, @local={0xac, 0x14, 0x14, 0xaa}, 0x4e22, 0x1, 'lblcr\x00', 0x10, 0x8, 0x78}, 0x2c) syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0x0, 0x802) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x302, @time={0x0, 0x1c9c380}, 0x100000000, {0x6, 0x79d}, 0x4, 0x0, 0xffffffffffffffff}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x28, 0x6, &(0x7f0000000040)={0x77359400}, 0xff32) 2018/04/01 00:14:42 executing program 6 (fault-call:0 fault-nth:39): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:42 executing program 1: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x400000000800) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000f6bfe8)={0xaa}) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000000)) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000082000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000009000)='/dev/dsp\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f0000000140)={0x0, 0x9, 0xdc8, &(0x7f0000000100)}) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000340)={'broute\x00', 0x0, 0x4, 0x8b, [], 0x0, &(0x7f0000000240), &(0x7f0000000280)=""/139}, &(0x7f00000003c0)=0x78) r2 = socket$inet_tcp(0x2, 0x1, 0x0) r3 = socket(0x11, 0x800000003, 0x0) bind(r3, &(0x7f00005a2000)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) setsockopt$bt_rfcomm_RFCOMM_LM(r3, 0x12, 0x3, &(0x7f0000000080)=0x10, 0x4) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000002800)) ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000000)={'lo\x00', 0x800}) creat(&(0x7f0000002b40)='./file0\x00', 0x101) r4 = socket$netlink(0x10, 0x3, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000300)={'lo\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0xfffffff0}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=@setlink={0x28, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_MASTER={0x8, 0xa, 0xf}]}, 0x28}, 0x1}, 0x0) sendmsg$rds(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/240, 0xf0}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000002500)=""/248, 0xf8}, {&(0x7f0000002600)=""/217, 0xd9}], 0x5, &(0x7f0000002700)=[@cswp={0x58, 0x114, 0x7, {{0x8001, 0x1f8f}, &(0x7f0000000040)=0x4, &(0x7f0000000240)=0x8001, 0x0, 0xfd7e, 0x2, 0x100, 0x28, 0x40}}], 0x58, 0x8000}, 0x5) pipe(&(0x7f0000002840)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_SETCRTC(r7, 0xc06864a2, &(0x7f00000028c0)={&(0x7f0000002880)=[0x708, 0x2], 0x2, 0x5, 0x401, 0x8e1b, 0xffffffffffffffff, 0x480, {0xf999, 0x6, 0xff, 0x800, 0x81, 0x40, 0x6, 0x1, 0x800, 0x9, 0x2, 0x40000000000000, 0x8001, 0x40, "24b28889379fe175ae901e4ba355fa20f8bfdd26285da1b7d92c2c3a964b1caa"}}) ioctl$DRM_IOCTL_AGP_RELEASE(r7, 0x6431) setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f00000027c0)={0x9, 0xfffffffffffffe01, 0x401}, 0xc) setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000002980)={0x3, {{0xa, 0x4e22, 0x4000000000, @remote={0xfe, 0x80, [], 0xbb}, 0x4}}, {{0xa, 0x4e24, 0x7, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x2}}}, 0x108) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000002940)={'sit0\x00', 0x9000}) getsockopt$inet_tcp_buf(r7, 0x6, 0xd, &(0x7f0000002ac0)=""/62, &(0x7f0000002b00)=0x3e) ioctl$int_in(r1, 0x800000c0044dff, &(0x7f0000000000)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f000072f000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f00000a0fe0)={{&(0x7f00005e3000/0x800000)=nil, 0x800000}, 0x8000}) 2018/04/01 00:14:42 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) open(&(0x7f0000000000)='./file0\x00', 0x400000, 0x80) 2018/04/01 00:14:42 executing program 7: r0 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0xffffffffffffee1f, 0x2) ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000100)=0x4) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') 2018/04/01 00:14:42 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x7}, 0x0, 0x1, 0xffffffffffffffff, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f00002dfff4)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000010afdff0000000000000000f4ffffff"], 0x14}, 0x1}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x298f, 0xc000) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r1, &(0x7f0000000100)="9db96e71dfe9e420923fae3aea83ca86bbdc76b52069adf58c8e7a0e4ca988fc83e7347849336b103a7f76fd4033a21701f2bcc7dc9748d32798278dd061ccdb05d61d939ff7d93bfbad8b68a66532381a69d806a4a59ccf33763c7a9f861af943"}, 0x10) [ 241.880052] FAULT_INJECTION: forcing a failure. [ 241.880052] name failslab, interval 1, probability 0, space 0, times 0 [ 241.891704] CPU: 0 PID: 19686 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 241.898887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 241.908232] Call Trace: [ 241.910820] dump_stack+0x194/0x24d [ 241.914450] ? arch_local_irq_restore+0x53/0x53 [ 241.919121] ? __save_stack_trace+0x7e/0xd0 [ 241.923447] should_fail+0x8c0/0xa40 2018/04/01 00:14:42 executing program 7: pipe(&(0x7f00000000c0)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000180)=0x4) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 241.927166] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 241.932267] ? kasan_kmalloc+0xad/0xe0 [ 241.936149] ? kmem_cache_alloc_trace+0x136/0x740 [ 241.940992] ? __memcg_init_list_lru_node+0x169/0x270 [ 241.946174] ? __list_lru_init+0x544/0x750 [ 241.950400] ? sget_userns+0x6b1/0xe40 [ 241.954293] ? mount_fs+0x66/0x2d0 [ 241.957832] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 241.962594] ? do_mount+0xea4/0x2bb0 [ 241.966325] ? SyS_mount+0xab/0x120 [ 241.969945] ? do_syscall_64+0x281/0x940 [ 241.974005] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 2018/04/01 00:14:42 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x800, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000080)={0x1, 's'}, 0x2) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000002c0)={&(0x7f0000000100)={0x10}, 0xfffffffffffffee0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c006c4ed0b70afdb0e87ba3492a5ac600001900070000000000004000000a0000000007000000000000"], 0x1c}, 0x1}, 0xfffffffffffffffb) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x8, 0x3, [0x4, 0xc8f, 0xfffffffffffffffa]}, &(0x7f0000000140)=0xe) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYBLOB="0be84e42ac7272"], &(0x7f00000001c0)=0x13) ioctl$void(r0, 0x5451) [ 241.979369] ? find_held_lock+0x35/0x1d0 [ 241.983432] ? __lock_is_held+0xb6/0x140 [ 241.987503] ? check_same_owner+0x320/0x320 [ 241.991833] ? rcu_note_context_switch+0x710/0x710 [ 241.996766] should_failslab+0xec/0x120 [ 242.000738] kmem_cache_alloc_trace+0x4b/0x740 [ 242.005316] ? __kmalloc_node+0x33/0x70 [ 242.009290] ? __kmalloc_node+0x33/0x70 [ 242.013262] ? rcu_read_lock_sched_held+0x108/0x120 [ 242.018278] __memcg_init_list_lru_node+0x169/0x270 [ 242.023292] ? list_lru_add+0x7c0/0x7c0 2018/04/01 00:14:42 executing program 7: rename(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100)='./file1\x00') mkdir(&(0x7f0000000000)='./file1\x00', 0x0) r0 = memfd_create(&(0x7f0000000240)=']@self\x00', 0x3) getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000180)=0x2, &(0x7f00000001c0)=0x1) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1\x00') 2018/04/01 00:14:42 executing program 2: socket$inet6(0xa, 0x0, 0x34) [ 242.027261] ? __kmalloc_node+0x47/0x70 [ 242.031234] __list_lru_init+0x544/0x750 [ 242.035294] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 242.041178] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 242.046200] ? lockdep_init_map+0x9/0x10 [ 242.050264] sget_userns+0x6b1/0xe40 [ 242.053971] ? kill_litter_super+0x90/0x90 [ 242.058198] ? ns_test_super+0x50/0x50 [ 242.062080] ? destroy_unused_super.part.6+0xd0/0xd0 [ 242.067173] ? do_raw_spin_trylock+0x190/0x190 [ 242.071747] ? kobject_put+0x6b/0x250 [ 242.075549] ? blkdev_get+0x3a1/0xb00 [ 242.079346] ? cap_capable+0x1b5/0x230 [ 242.083227] ? __blkdev_get+0x13b0/0x13b0 [ 242.087384] ? security_capable+0x8e/0xc0 [ 242.091540] ? kill_litter_super+0x90/0x90 [ 242.095766] ? ns_capable_common+0xcf/0x160 [ 242.100082] ? ns_test_super+0x50/0x50 [ 242.103963] ? kill_litter_super+0x90/0x90 [ 242.108191] sget+0xd2/0x120 [ 242.111205] mount_bdev+0x109/0x370 [ 242.114825] ? fuse_get_root_inode+0x190/0x190 [ 242.119402] fuse_mount_blk+0x34/0x40 [ 242.123200] mount_fs+0x66/0x2d0 [ 242.126582] vfs_kern_mount.part.26+0xc6/0x4a0 2018/04/01 00:14:42 executing program 4: r0 = socket$inet6(0xa, 0x5, 0xce7) bind(r0, &(0x7f0000000040)=@pppoe={0x18, 0x0, {0x2, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 'ip6tnl0\x00'}}, 0x80) mkdir(&(0x7f0000000000)='./file0\x00', 0xc0) [ 242.131217] ? may_umount+0xa0/0xa0 [ 242.134841] ? _raw_read_unlock+0x22/0x30 [ 242.138984] ? __get_fs_type+0x8a/0xc0 [ 242.142870] do_mount+0xea4/0x2bb0 [ 242.146411] ? copy_mount_string+0x40/0x40 [ 242.150652] ? rcu_pm_notify+0xc0/0xc0 [ 242.154544] ? copy_mount_options+0x5f/0x2e0 [ 242.158949] ? rcu_read_lock_sched_held+0x108/0x120 [ 242.163958] ? kmem_cache_alloc_trace+0x459/0x740 [ 242.168802] ? copy_mount_options+0x1f7/0x2e0 [ 242.169622] FAT-fs (loop0): Directory bread(block 6) failed [ 242.173287] SyS_mount+0xab/0x120 [ 242.173296] ? copy_mnt_ns+0xb30/0xb30 [ 242.173307] do_syscall_64+0x281/0x940 [ 242.173318] ? vmalloc_sync_all+0x30/0x30 [ 242.173329] ? _raw_spin_unlock_irq+0x27/0x70 [ 242.173340] ? finish_task_switch+0x1c1/0x7e0 [ 242.173350] ? syscall_return_slowpath+0x550/0x550 [ 242.173360] ? syscall_return_slowpath+0x2ac/0x550 [ 242.173371] ? prepare_exit_to_usermode+0x350/0x350 [ 242.173383] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 242.173395] ? trace_hardirqs_off_thunk+0x1a/0x1c 2018/04/01 00:14:42 executing program 4: r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000240), 0x800) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0}) r2 = accept$ipx(0xffffffffffffff9c, 0x0, &(0x7f0000000380)) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/qat_adf_ctl\x00', 0x8801, 0x0) sendmsg$nl_netfilter(r0, &(0x7f0000001c00)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001bc0)={&(0x7f0000000400)={0x17ac, 0x7, 0x2, 0x8, 0x70bd26, 0x25dfdbfc, {0xf, 0x0, 0x9}, [@nested={0x298, 0x8, [@generic="e095d6807c1d40cbafaca88901af33ed7661f22d26507eec2c4eee933725fc9e816d8545068cb6a6e28124d0f8194a3b82fa24ff2fb2f036acbc6988fa94ceed21c1f32867244ea1c3094cc78a29a41f6ce9493c60250148c07cd7d079c35f3944eb6eef9ad2cfd0583ef38e247583800624aa44c213fc660a15811fe4787d00d2c39e6fae630c0b7b5b752799e73c1c260f475e1d9359cfb9211fab852f15f0e714972e95e40bbdf58aad31b0a48e09105fc29c22568b9b4ad817dcc35d4588821f1cf8244b51acc5ce8ba4ccbc2fa220c0f572fcf361e815b410183ec9480bc0dde224d4d7544257dfaf47a4", @typed={0xc, 0x90, @u64=0xfff}, @typed={0x8, 0x24, @uid=r1}, @generic="b2644f482b9d6041773ea194aa31aa015a91c6ba79f824b905b18dfaaf20e4a67dd20c2ca9d437bca447e2a93fa12f8ca787b5d005d5bf2bcd290895ad9af3ef7d5a8b969cf3916aadd78144643b4926ac70f75bd1c87cbb81651be65484d02d1d9e0fa48a9d6dae8127916a601e6ff56928c20fd2fda5", @generic="601ed4b8cea8a80f0f2fc51673b5bde3c9b0021ab7e45b746cc421596d5ddcb724ed7db20007e1edb33de38806e0e880c66c5d5c73e055fed4de187d55aad37bee0fdab92cd723dd96a851e6e5910a968998091a88a527c668e3138cecb5a4abd674967765216ef7af99157f015fc5b7430ccbd9d095bd48fc9911c90d8c4eea33a6f4400fa6f00cae45d5b1bca6f99a0751c9275c9a3be71cb097682464a9a68e9e72d54a3f0e8a9f3e86600dab1860b88bf750510c9da364e30c24ba97d4a9b2932d26a8b6f60ee2114c6f7f3c142eb010241c87d48453da08b4dcbf4017556083f497", @typed={0x4, 0x10}, @typed={0x4, 0x93}, @generic="a6f88a83aa59f1f08e28f2c1c3335104cb6d5ab3a2a6f0699c38775413b736bf0aaa53d9a73a23cea5b0cdea22a22e"]}, @nested={0x1004, 0x48, [@generic="4d10b3595f1edc0febe1e0dd7905004296f214e460bf549ad28757b9fe9ac14c440c5df160ed80bd227f4636afb56f2485776d5ca6d6c4565ba3ab684c350525457e203cf7ea72e8f3b05ae2e0f57fe41ef09d64576566c7f70439c891c50d04d390265d8275853fd40df8ca7d5b315918a3f8503a18babecd67bbe10a1df1af7416dba2648ac7a85cfed755cc442db19f7af305d3f73ff77f1c736c645d531d8d823532137d671eca5c88943938d49c06a5151e367fb9e90bb49f9983514f591716d009ba59986aa773f0f6a024a6cf8eea68fde897114f372bb3370179a65e2dc780ef007a0d611af4a692244bf532d46ae67d640d414e0f8f22cee694c500819666de2393f59adc22810a08e301f467eb7e62da87b0466f0951d646a2c70f1593975c46441f726f8b56ff620eaaf1115b7f12ae43b630c03c362a9123213345dee5cb385efab1d40ea4b24a3ae84309cd84002578b0de464f233b38dec95dfc9c464738d35376a1b03111eb6e5cb655b975b86818fe1e48ee969ef244c3146ca590aef5e5ef2e5545ccdc4f02cc8bc4f3173b671bcdd37435cf6d121540c6c368888054bd2be6ebbf2b195d700c98f33f3fdb2cae84b8e8f2b923d0205484336fca79c7dc0e575ce1fedfa70ef18ddf78237c221b122361f7c5fd94448889dbb3a4ffd1924aa57c5ed4692d0f5bb7ab9d47bd032f2b1d85377c7a177725fde7b1292695ba6ec443a6b9e2568531e3add14b0fe8938b48a62c45d3a4abc71725a82fce91807f3bca1a6343c6d5cabad1d9c7e96111b27a2611324769ff4722452513b6d2b8ee090967765af936d4ef1d688113a5ece69862b1f9e9a599173654bd27e31f01889bc0262c9d40382160501180a6078c6e26fef86930acadbba1c2b3aad6a5e9d6219d8e2445536169498cda013685b93b4bd201ad191255271109e5300f25da04c183ce18af6392fa5fb761cde0e6bb8522eb2588bcdf6b75df291a9dc151b2ed59c5e0bc377e017a6d272cbf0492829bdcbe17c309fc99bd65a4ba1a8806e9c36e22394d9241c1f62704cfb978f71189c9c2f0ca39c6812de93ae0cf5b3b6b4ef57a0ecbb6b3eb142ca3fccf60a64ea37a78e33f3c34a5de49fa7ddb066880fd32bc9622e6f84b7b55018ea51866a3d0b6667d5164bd6d33f88152c9c7636e73cd6fcca456925f321c8d2ba277c41307fd992c355deebe3755858446a4a69a86c3bae4bb02cca78e7e21d21f016bcf48f8a511fd733f084837f4e76ec6eb27ffddb154f8cc3f569eccfc42c659195c19965dd4b9b5697595ae2871a53995806b0f5977b4f753fb9831df8ee65588d5b84a10a70a508e2cf0f7fbfda905b33a3126d21c36742b3b21cb989fd205da4fd035475c7eaf7b4216e712b8dbb5e981b1f0218bf3120bc9248259bbf682a4d3bd38a3f1a660a78288ba908c500d3522f77589ed0a28a9d21a202979bcfc09c02336e734319bd70770489b6d75973db5a6005b77c2e74b2533bec11df9fd217aa45f2a8193b72a81d55709a68d77aab0494c143be67f741925df95c90fcdf68f8cf804eb47bbceb85d19cdb752383233d74ba4520f8ce220a2e427d1932e3731e32cef00b85fae94bfb42650a1b182ea0a12120955c4480ac21911bbd0cfd89da125efe49c62cb8679e4f10ff99811086623fed42fb2ec3d64b317a9844a257c18cec052605a916a31edee06720557107178713d444a89af8d40097ba3b0912160301f3c4ce221e6dde47e437578eeb0716ec46ba2d210e48ba2c113ee616e25cc83f2cfa4056833da2e6789cb1b5ca8944007bba009f2a2e13f1b5d6c36c9ba45e29b12aae9931fb2433ac63b0daef619e917a46bb09d517598755b720719d89164171f80bf80098bd779dca600e7e5e9c6997713d57820a8d926c21e8488347a0b3ddf74ad00a1035fbf65244a3845840607d0a2faa7e2e400159d17f986d5ad502ee48e4332c06a9c6203d7fcaf3563a0c312e6b0ab29eac042cc69075552a0718f646e12317c02446bda82343e4b6a11f2933a2ec1fda206109487beac1906ff4f33321e712493e9375d4d2ae5ac3fd3b27c552d0120e952bf0e08ddd59f09178a6fb08453d1e7812877428ed891fe128418088b39c0b3d926459c8fd40847ce427d210b47a593b314664d84e1da3426faa6c7f8000164b9bc4ede53f115f3a5e8110c2f36e299dd3dc5632070fbe118ffd286d525b5ea4ae20dcc155d7f2c60459653e6f2b338875050105b88cac9b3f00a328c88a58be4936f5e4bd4a41d8cb73fd7bb5700db386677d054a780aa03f847081e801bc22cd97c612d0a5c7b6c3a386c7902172a7f6e8a3454af2cd609c7f1ccda69657e2cba5c00f97753958d2257c910318080f367d04313b79e9fb5ad76e3e22c575b970d7aa779c3ca446ffd394f08e61e1670bd63ccb9f18364aa515fbf143f1408bbbbca8c855bc8d92fd36adc03c1c1d510a360c08bc7e0b11c20e033f98e15eaf83df8461a2c79b6edf6207ad412b2a5a4e920deae973b2b45a3722f0e49ab59aa5d98b07200faa8f5785b00596332ee53c02f533664628e65e32d5c95dfc323a258e076f541d12b00554cb4a8bc0299698e5886bbc6ceedf0cbe86864cb7e56f99b3fb17f80554ebb8395109abf63d4f36e5f8abbf469e525485849ca5d3940f696d3ad990fec634515a3309b3d325efdf21489102423469311a6e809cb77b09fdbe0924e2d4191ed2848b14de3f53df808615ce8df60192e05362c4231da5aa7b58654cc4831a9dd942124e4842fb61bfc32c5e0bf47d14b3f9f34f6ebca1f2c0dd55d538f9ed3928fe0a3f1d5a9b06bbe92c73bbbbf699d41b91b872cab8217dc0c6815de685241808ff36575905955d2c02c8465978ba980304f3cd1b4b8b63971de8ac79d3a7b79d590a032dd959007aac3951f40cd5b72cd8802794d84ad61c80c29d56d7a19d494b1af66c6454b199b6f4e8640e3b0195dd7ee696fdcc0af2be75bc30d9d306dedf3af0a5e326a5fe8c39359b57b49614a8d119b241c90414cb37bd1e70ecd36558780adf7177dbbf9f31e95f00462179c795550287d410abf2ae69050848c29658cdbbd03ff00f0eb3c1b19f6f482f85ad539f26fd9d16767ac308cfdecd16eddf184430c13c11e85dafc4cf235a2249c40a4ff465b90975e60cf3c3ab40c83ac19370e164a8db7422a0c8065a89b845bba0c5754d66bc7bf8c3e8f504d8bf40bca4d08ac9fe9e7201f1fb37e1effb864711fbcd12867cf7a3af04faa0688e3d039355ae825761a062acf0d2c488bda39ead0b53b99505b93301f5ef86fa1c64ed14ac34e5d270e2153d40986899af9078d3fc450be824460b59cc83d2ddad19332eaa10f14c5e08dd97e96ef5340a29dfb3d5b63088f03105bc48d02abf4a561a3f1438977dcc0958317de5f4cf1fa93ea6644d099705e31ee35f0c1f15aaecc453557ea920b99907af0b47d404f7491c9585913fd9a3fa26bbc7068b1781708f4949cc6624731f122a09972223529b7a74fbe8303a994cc1fe9e9af384b4655387ed75e444ea5216f84f382cec5b26cb5e4aebeb6256d4991574e1253d0e435a89d01954cdecd24a86b9ea87f53c1204dfc276253556f3ced68515d5bb321dc49f64f73ed249a955af93720f5462817c725007a14324b775aba6ee1bed76b7d2bbf7a65a658e322cfebdec795b15ae1d6fdf645663a337637313d5bc80a29ed6d03cf1ea6914270e51b3353e6ae0b20cf039e59c54e36be17a11cd06acc16333d2d1bf1f4103ac6a57a045b5d1dc22d641d3ec837d9a5ccbf588558792086ac42512c891cb30bce807575d3710ab786bbaea433aa413781ec3efe52aead3c6741d4b68c7e5c830235c572ecb213c2a51a90b9b957a494e46cf488a840598ab0375546d501bfa388eab4daed1250e7bfaa89a755a04e0ecf08ffd4770ef72a3f4773e7aebfa711a964aa4e43944b2bb96e9b0cdb67b345795534698b79ed30b3a591093b2371da4a38395a87ff7f506181493dab038583fa659634ec2c79f2414ed53b4a07cb757584da20167d4233268a831350d16e1770605e3c2c5389bc252fdea9952f4e5b5396eaaf5b5b806f9b0c29d5f886760b7c6034c539dcc97e45562aecc3d0e054618e25cd645b45060004f368b4424fa46ae5037373fc246b9378276c9cef45fbf9a1c9df0ff2722813eb07a1eb0c6014c06a48b2a3ae439dea705cbdb8f98bce1000822d5192514a38a59d37bf1b816cdec6c3c71de0577566965e193196173a17fc4b53d59a3aec75167b25e0465ff192bdda76cb47c01d2df4027339613adf88bfbd7d15c78289f497a186e549fe497d66d51300bbab541f4e0b616f2398a5681aeea68bc0a3a4d80363140ce4b83dfa3421e993d245d488e059a781f9a8a7f37e581902b2dee5a825fd94f270751506cdd3ed73e76178dbc38c18602e9e92bfdcff06bb7f15aa0a215741fdea9f8a48bbe8470b0e7c5cb8915c9cc21c200b65759854ba8004e1456a56a401f61b58af1bfc078c3cc7c231c07e590f0c25727356c4cb0924570542906e6dd2d623bc322adf25a71a1c5f9516bb26477c4ed0f9dc9d9b9951b9646dee0fb68306304ae6b21d52981ea8858865c18e2bd055471259cb1e253ba385d983d526500a3ce4f96f82a3ccf620e62ec643054194512e710733aee7d6ff47d8db98361e7a98bbcbc7bd0f2bc204eacac84e2d0442cc017f42d9c1c5137d506eb007c5b913b77d125ca297e7e44b53dc2d4a3916cc884028af0e0ffbe3ba057f1287ae48d00777aff253d028f9dc1d2c1b0dac5499821f7ab11b1681be121ae676d06880137418e8f4458a80a8b0c84f9b2b92656fc5e9c382166f478a5eddde01ce07a048a01a70fcaa8581337245301ba6a1accc6b91dc893c1384cf6fed4db4d3ce2a7e2496d3d192f01e93e17c35203a039c213277531dda3a802789b86cbfebb3acbe87cb312da1d67762d0feba97dad386635b91d80b8081aedd24a9897bce76d07b74c02c16cc3e1a49a736fd01f0711596063586c24f92963f1f33d236682f11a1a81298b9b9d65c2b74eab834995130aa48a8bc4ef40fa17c0d3c9068000d4985aeabc7420af7a21c89e4e7ccc9385cd14dcf795db0783121d0c06a58532b7f75bd1afe0325da57bc00e7f98286c00f82af90376c706898aa82d1b5cea2f3f552e2ff864fc41cd12c123268f2d8408b18b8dc32d79bd04b234d88ccb3b038771dacbf1de56ba9428d5fe7bd37a9500148ef9399c915ac375f191b6b2db0981121e2725faf76affae6474bb1dacd34fdc911e472d2d84d6f333dec9e8c6237ee3cab7a333c65e548fc844249c85baed0cdc9ed41ca825c577c441668113cdbcaa2bb0aadd5130cbe75a0566907d4de83f6eee716f0e1d563724fe9c76b6fc3483953396065e7f6acb29fb44a8d5cb0ab6072a1ee35555228158fe1d8c7ea1c5860f42e5bd9a08d2e4a0296a251f62cdd9fcdc1049361303245a16368bcf31a4398b5473ffb007c6e5208ff87ae5e95bfd0a32f2132b10db05704d9c391b8a43aa73e7b57f57b9b2b9d954d9903fca635c15362415f1189304f7d81e270b892544395ca39d56e82b597772ab616ecc604ff5ed56f2cf5678dfc92dff945e5f12009c09f86ec993da5147d463679d9043193415c237bc6f86d0d002ec182424d4871e1f9d8b75c59f620fc8d87ca1ec7a6b3256ffc49acad70a7da634318cffcf770e839e9eb4f0390c9c174310fb2e8a83534"]}, @generic="e997dc2e63ed0a3dd6ff5ca78cc1b9a9e1006844ef8509016e0ce47ab0a7573a9f681e366a0b733641086e332ca4cf900ccdb5f9144a79b29b7180b3f2cd3adb5b4f6a52f48b1270c8c7a75260fad7d0d17c7ad97c9e65582e09b14ace3c098e8e96bc8d86db35efdd703668e23ce9db090e382442bc0d5ce3e84e8250fac94c051d1838d926b59a10452ce46c1ba44c56b3a6b933654eaca81463a2120f28e94ea0a48658e18309426b3cc2195dd894064d238ee48c617f05f473cf99f80bf65432e828e53214d96ccf571492c7ace8979725803f69219ac2cd66004e14d07488a87c44a8c9403802", @nested={0x220, 0x2c, [@generic="8e989aed68d145e7048102ff988763aae52da2e2a7c40a8aa893480b99e47e237914c8d771d4c86d8cfe9391f75133a6308e116c395d4890f5e3e3bc20e864a378b4d4cfe511d637206d6e51ed6349f90f7d5bb58e65133cbe9fa24de719c50aa85d93e74e4bbe953a77ebb9a634eec9c2430ad41b764205832ea1f1853a485b42d169929f88d0a90ad1713e2d3124c8061a83f8793b4943b1abd36ad933671acf7c78acc6eee5faa570ae067c89f9481d9c2141c6ecad19e9510b2866bcf2ad86df90e19f013ce0f13b8f8aa1b7a5", @typed={0x8, 0x6e, @str='\x00'}, @generic="7fcf7e757f361080a191aa76d427bd72c7e7a20121d9d92d1610fbcb88e93ef63e3ff36e5fe02cff07954329e26f4bcf81ebceaf87dd80de89da06868b6d9c3d3d9be0f01ba67ce6d9574be7cc0e0e0306f17e523b960a25b946aa6665b6f0eaed713033b8583033e0106dfff22d906a91903f06bccda4ccdd82be700a59be547d2d0b6e418c0e9d369b48d452898ce5c347", @generic="9a6ae6aaf34a56f320ccb90e79de4ecc4578e000f1f2acda694159a371b367b607aa9b0ebcfd4ed9617e0ce32b38127fcc1e6afaee3b10eb862fb944855ba6e2ed40736d4145f47c418082f66275e682f44f4a78367b55f3df99be224a7988bccf6d51d66a1e1ddb169999dadce7e37404010272c1ecac143ef3a3abb8a9a42b194756ad85fec61b217d7018811a0850ce82ee90b8230bf37137df9bc497d5f16922983cc9afa002777698f30fd05a1007e275"]}, @nested={0x124, 0x71, [@generic="1304f5134b3dedea1293b4a6a6288730e873d559d88bba95be36d93e98673119f974f15bc6183383b1555a217ea5601fd8a1a9367511c4873f7309f145b7271238102333d2a7c143db1d5e227063e7c03dc08b0c3eaf187f49ea85171decb5aa6c60387fd62990e7d690978a2abe47ea683c86edbc7145dd6bbc2a4ee256dc3a", @typed={0xc, 0x15, @u64=0x7463}, @typed={0x8, 0x6d, @fd=r2}, @generic="7db9aaf7e464d4077e8d4af14e6ef6227f74f08f1944cabea2e201676d7e3c4cb57397807f18260bc688251dd7df353ba72a6f74219e076a609eb72992946e9baaa274171cd8f4d2484b7665d20824d41cbbeb308d182d3e1a7678782a2b221103a465ed1814429ea4db00491575b4dce863bf3950276d8dcb8952c24c0270e986861da875d07dd85ba079d9"]}, @generic="5b5c5d6620a02aa2697310a6b52188bf4f174a13ad0f472fe098182edf8d0a0c2af3a80fe92c612961e239fcd4cab0c584597ee4ffdb6f058e1de963c4906c5fe69690da0420011bbafe4ea636e052ca3f2fb6e7c47b7ecc0f614b7b427cd2911fc5", @generic="3e1d3290a746e253a3b0e67f7c5a6edcabeff62f4f0ff2ff6a3710b87f299413393e0845bbe643519ce97db21fcd4d520d2627f6f6b562ce86d7782b87c55e1daf395cac676c6a135d4b4d77809ba7b0f5a49569df4720ab79dc0ca417ff9554b0dafb3f4b", @typed={0x8, 0x65, @fd=r3}]}, 0x17ac}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) r4 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x44, 0x2004c0) getpeername$inet6(r4, &(0x7f00000001c0)={0x0, 0x0, 0x0, @mcast1}, &(0x7f0000000200)=0x1c) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x0) recvfrom$inet6(r5, &(0x7f0000000040)=""/193, 0xc1, 0x40000000, &(0x7f0000000140)={0xa, 0x4e22, 0x5, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c) syz_open_dev$sndpcmp(&(0x7f0000001c40)='/dev/snd/pcmC#D#p\x00', 0x3de, 0x0) mkdir(&(0x7f00002b2000)='./file0\x00', 0x0) [ 242.173409] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 242.173415] RIP: 0033:0x454e79 [ 242.173423] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 [ 242.181331] FAT-fs (loop0): Directory bread(block 7) failed [ 242.182549] ORIG_RAX: 00000000000000a5 [ 242.182556] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 242.182561] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 242.182567] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 242.182572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/04/01 00:14:42 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000080)='./file0\x00', 0x1ff, 0x6, &(0x7f0000000380)=[{&(0x7f0000000180)="492051f967e98a847f3d92462f9430a41b924450845d73b272ea6d10a30e4b95a078a23a1ba78927ff5de4499c1641048870cb772c6db1d180b6d16a732893bbaa05e07b8e0a13a0075a34a4031876ce672673963848dc830e692100e7735dbfec382ea5b1bfe7e5f7a3b193427cb9260008113e89a47507aa1a5db389c3497ed71f1b1b281a3bf1ec999758d6b403d910849ea37fd4daaf27cda925a7c121c3950ba4e6c44a671237f694c4311723417400e3a92e7c391aa4da0ec917f3ebd046788e32f397", 0xc6, 0x6}, {&(0x7f00000000c0)="0549839f868cd7d7597f26df7b14ac5c327ba1987f24ff4dc7", 0x19, 0x8}, {&(0x7f0000000100)="43248ee34ea4c0d69e9e9e89aa1e9cc9556886f697", 0x15, 0x1}, {&(0x7f0000000280)="c85f27784b", 0x5, 0x1000}, {&(0x7f00000002c0)="e6331d15014bfd5749a87607740dc9b4a123b9dc211c447cfe199a10117ed51f07feb5826a127f7c3d4ced6e814b209f90795f675e531135025368e1defcf6f5e6fa72d8ed39c595c8b6e8460873ed5ad49d14272b3a2c2f3217812d194b50c200", 0x61, 0x1}, {&(0x7f0000000340)="0eb5a1479e8fe4361d8cede1586c9a780e2636620abb4c15f0c4e5fa4f", 0x1d, 0x1}], 0x40080, &(0x7f0000000440)) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) execve(&(0x7f00000004c0)='./file0/control\x00', &(0x7f0000000540)=[&(0x7f0000000500)='reiserfs\x00'], &(0x7f0000000700)=[&(0x7f0000000580)='reiserfs\x00', &(0x7f00000005c0)='reiserfs\x00', &(0x7f0000000600)='cgroupppp0ppp1\x00', &(0x7f0000000640)='md5sum\x00', &(0x7f0000000680)='selfwlan0.em1\x00', &(0x7f00000006c0)=',vboxnet0selinuxselinux\x00']) creat(&(0x7f0000000740)='./file0\x00', 0x176) rename(&(0x7f0000000480)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/file0\x00') 2018/04/01 00:14:42 executing program 7: mkdir(&(0x7f0000000000)='./file1\x00', 0x0) chdir(&(0x7f0000000080)='./file1/file1\x00') symlink(&(0x7f0000000040)='./file1/file0\x00', &(0x7f00000000c0)='./file1\x00') lstat(&(0x7f0000000200)='./file1/file0\x00', &(0x7f0000000180)) [ 242.182577] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 242.290287] FAT-fs (loop0): Directory bread(block 8) failed [ 242.297854] FAT-fs (loop0): Directory bread(block 9) failed 2018/04/01 00:14:42 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f0000000040)) symlinkat(&(0x7f0000000080)='./bus\x00', r0, &(0x7f00000000c0)='./file0\x00') fallocate(r0, 0x26662754f1dc65e9, 0x4, 0x2) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000100)={0x4, [0x10d6, 0x92f, 0x401, 0x8ac]}, 0xc) [ 242.329605] FAT-fs (loop0): Directory bread(block 10) failed [ 242.397565] FAT-fs (loop0): Directory bread(block 11) failed [ 242.435604] FAT-fs (loop0): Directory bread(block 12) failed [ 242.467128] FAT-fs (loop0): Directory bread(block 13) failed [ 242.491386] FAT-fs (loop0): Directory bread(block 14) failed [ 242.497379] FAT-fs (loop0): Directory bread(block 15) failed 2018/04/01 00:14:43 executing program 1: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_LOG_BASE(r0, 0xaf01, &(0x7f0000307000)=&(0x7f0000989fff)) unlink(&(0x7f0000000000)='./file0\x00') ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af03, &(0x7f0000000080)) 2018/04/01 00:14:43 executing program 2: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0xc) fstat(0xffffffffffffff9c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(r0, r1) setrlimit(0x8, &(0x7f0000000000)={0x2, 0x9}) r2 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setreuid(0x0, r3) r4 = shmget$private(0x0, 0x2000, 0x0, &(0x7f0000910000/0x2000)=nil) shmctl$SHM_LOCK(r4, 0xb) 2018/04/01 00:14:43 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080), 0x0) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) 2018/04/01 00:14:43 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x40002) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x100000001, 0x6000) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f0000000080)={'icmp\x00'}, &(0x7f00000000c0)=0x1e) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') 2018/04/01 00:14:43 executing program 6 (fault-call:0 fault-nth:40): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:43 executing program 7: mkdir(&(0x7f0000000100)='./file1\x00', 0x101) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1\x00') r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x5, 0x0) ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, &(0x7f0000000180)={{0x8001, 0x9, 0x1800000000000000, 0x2, 0x7, 0x1}, 0x9}) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000140)={&(0x7f0000000000)='./file1\x00', r0}, 0x10) 2018/04/01 00:14:43 executing program 4: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x400100, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000040)={0xffff, 0x40, 0x8, 0x0, 0x1f, 0x6, 0x0, 0x334, 0x0, 0x0, 0x1, 0x8, 0x0, 0xc4, 0x0, 0x9, 0x4, 0x9, 0x4}) ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000080)=""/98) 2018/04/01 00:14:43 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000080)={0x5, 0xfffffffffffffffd}) r1 = getpgid(0x0) tgkill(r1, r1, 0x1) sched_getscheduler(r1) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000040)) [ 242.521340] attempt to access beyond end of device [ 242.526349] loop0: rw=2049, want=40, limit=6 2018/04/01 00:14:43 executing program 1: r0 = socket(0x10, 0x802, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000040)={&(0x7f0000765000)={0x10}, 0xc, &(0x7f0000572000)={&(0x7f0000000000)={0x14, 0x19, 0x301, 0x0, 0x0, {0x1d}}, 0x14}, 0x1}, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = eventfd(0x9) r3 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x7ff, 0x60081) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2, 0x2, 0x6, r3}) [ 242.562754] FAULT_INJECTION: forcing a failure. [ 242.562754] name failslab, interval 1, probability 0, space 0, times 0 [ 242.574062] CPU: 1 PID: 19777 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 242.581239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 242.590582] Call Trace: [ 242.593171] dump_stack+0x194/0x24d [ 242.596801] ? arch_local_irq_restore+0x53/0x53 [ 242.601465] ? __save_stack_trace+0x7e/0xd0 [ 242.605790] should_fail+0x8c0/0xa40 2018/04/01 00:14:43 executing program 1: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/rfkill\x00', 0x90080, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000900)={'filter\x00', 0x8e, "4feeac563a4ae573bb05070782274bf92354f279b6446cc8b1c4eeb6ae36d7bf241cd082e28f5c15a0b75cffc26e94631a5fea0477231715bdb1d645b81ffa6549f86ac9300c3f3616f179ee22380aec1842709caa6730b0a8d58f709d72d7467c7cfd95ec06a51885fb25390006691491438aa3d55ba7e29b98da7ec044bc2dc131e03ca4305683bdba9f3107e8"}, &(0x7f00000009c0)=0xb2) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x208100, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000200)=[@in6={0xa, 0x4e22, 0x6, @ipv4={[], [0xff, 0xff]}, 0x8}, @in6={0xa, 0x4e22, 0x14, @remote={0xfe, 0x80, [], 0xbb}, 0x2}, @in6={0xa, 0x4e20, 0x7ff, @mcast1={0xff, 0x1, [], 0x1}, 0x20}, @in={0x2, 0x4e23, @loopback=0x7f000001}, @in={0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}], 0x74) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000000c0)={r3, 0x1, 0x6, @random="7c2e1626459d"}, 0x10) ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a1, &(0x7f0000000000)='bcsf0\x00') accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000040)) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$packet(0x11, 0x3, 0x300) r7 = epoll_create1(0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000680)={0x0, 0x9}, &(0x7f00000006c0)=0x8) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000700)={r8, 0x8}, &(0x7f0000000880)=0x8) r9 = dup3(r5, r2, 0x80000) poll(&(0x7f00000000c0)=[{r7, 0x2283}], 0x1, 0x0) ioctl$ION_IOC_HEAP_QUERY(r9, 0xc0184908, &(0x7f0000000300)={0x81, 0x1, 0x1}) r10 = socket$inet_udp(0x2, 0x2, 0x0) epoll_wait(r7, &(0x7f0000000040), 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r10, &(0x7f00007ddff4)) epoll_pwait(r7, &(0x7f0000000080)=[{}], 0x1, 0xffffffff, &(0x7f0000e1d000), 0x8) epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r10, &(0x7f0000000000)={0x4}) syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000500)={0x0, @in6={{0xa, 0x4e20, 0x7, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x2}}, 0x3, 0x3}, &(0x7f0000000340)=0x90) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r5, 0x84, 0x18, &(0x7f00000005c0)={r11, 0x6}, &(0x7f0000000600)=0x8) sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x4400040}, 0xc, &(0x7f0000000740)={&(0x7f0000000400)=ANY=[@ANYBLOB="98e0475592ac33df8f2ae15f545f51bd18f67b80f40c0a81a2da9dbd495ffdaba466d3584ab4978aef41ede382d90901638293054ba13b51f2d444066678c45381180013b64b18915d03d91a8687f235f2ccce13a6fa1d88a599d53d44d6cd9444eb1fea", @ANYBLOB="000028bd7000000000000b00000008000600000000003c00020008000b000a000000080004000700000008000900ff7f00000800040000000000080004000000000008000500070000000800080002000000080005000100000008000400000000000800060006000000"], 0x2}, 0x1, 0x0, 0x0, 0x40000}, 0x800) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r9, 0x84, 0x6e, &(0x7f00000007c0)=[@in={0x2, 0x4e21, @broadcast=0xffffffff}, @in={0x2, 0x4e24, @multicast1=0xe0000001}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e20, 0x0, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x14}}, 0xffffffffffffff81}, @in6={0xa, 0x4e21, 0xfffffffffffffffe, @mcast1={0xff, 0x1, [], 0x1}, 0x7}, @in6={0xa, 0x4e21, 0x96a, @dev={0xfe, 0x80, [], 0x12}, 0x1}, @in6={0xa, 0x4e23, 0x4, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x4}, @in={0x2, 0x4e22, @multicast1=0xe0000001}], 0xb0) sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000180)=ANY=[@ANYBLOB="13040000000000004915"], 0x1}, 0x1, 0x0, 0x0, 0x1}, 0x10) setsockopt$packet_drop_memb(r6, 0x107, 0x2, &(0x7f0000000100)={r3, 0x1, 0x2eb, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10) setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f00000000c0)={0x0, 'eql\x00'}, 0x18) socket$inet_icmp_raw(0x2, 0x3, 0x1) 2018/04/01 00:14:43 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x1) [ 242.609509] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 242.614608] ? kasan_kmalloc+0xad/0xe0 [ 242.618482] ? kmem_cache_alloc_trace+0x136/0x740 [ 242.623317] ? __memcg_init_list_lru_node+0x169/0x270 [ 242.628506] ? __list_lru_init+0x544/0x750 [ 242.632740] ? sget_userns+0x6b1/0xe40 [ 242.636241] device bridge0 entered promiscuous mode [ 242.636616] ? mount_fs+0x66/0x2d0 [ 242.636629] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 242.636637] ? do_mount+0xea4/0x2bb0 [ 242.636644] ? SyS_mount+0xab/0x120 [ 242.636655] ? do_syscall_64+0x281/0x940 [ 242.643310] device bridge0 left promiscuous mode [ 242.645178] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 242.645196] ? find_held_lock+0x35/0x1d0 [ 242.645211] ? __lock_is_held+0xb6/0x140 [ 242.645231] ? check_same_owner+0x320/0x320 [ 242.645243] ? rcu_note_context_switch+0x710/0x710 [ 242.645257] should_failslab+0xec/0x120 [ 242.692574] kmem_cache_alloc_trace+0x4b/0x740 [ 242.697129] ? __kmalloc_node+0x33/0x70 [ 242.701075] ? __kmalloc_node+0x33/0x70 [ 242.705027] ? rcu_read_lock_sched_held+0x108/0x120 [ 242.710025] __memcg_init_list_lru_node+0x169/0x270 [ 242.715024] ? list_lru_add+0x7c0/0x7c0 [ 242.718971] ? __kmalloc_node+0x47/0x70 [ 242.722925] __list_lru_init+0x544/0x750 [ 242.726972] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 242.732840] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 242.737833] ? lockdep_init_map+0x9/0x10 [ 242.741879] sget_userns+0x6b1/0xe40 [ 242.745568] ? kill_litter_super+0x90/0x90 [ 242.749777] ? ns_test_super+0x50/0x50 [ 242.753638] ? destroy_unused_super.part.6+0xd0/0xd0 [ 242.758712] ? do_raw_spin_trylock+0x190/0x190 [ 242.763269] ? kobject_put+0x6b/0x250 [ 242.767045] ? blkdev_get+0x3a1/0xb00 [ 242.770821] ? cap_capable+0x1b5/0x230 [ 242.774689] ? __blkdev_get+0x13b0/0x13b0 [ 242.778812] ? security_capable+0x8e/0xc0 [ 242.782932] ? kill_litter_super+0x90/0x90 [ 242.787139] ? ns_capable_common+0xcf/0x160 [ 242.791433] ? ns_test_super+0x50/0x50 [ 242.795293] ? kill_litter_super+0x90/0x90 [ 242.799501] sget+0xd2/0x120 [ 242.802497] mount_bdev+0x109/0x370 [ 242.806099] ? fuse_get_root_inode+0x190/0x190 [ 242.810657] fuse_mount_blk+0x34/0x40 [ 242.814430] mount_fs+0x66/0x2d0 [ 242.817772] vfs_kern_mount.part.26+0xc6/0x4a0 [ 242.822330] ? may_umount+0xa0/0xa0 [ 242.825931] ? _raw_read_unlock+0x22/0x30 [ 242.830051] ? __get_fs_type+0x8a/0xc0 [ 242.833913] do_mount+0xea4/0x2bb0 [ 242.837427] ? copy_mount_string+0x40/0x40 [ 242.841636] ? rcu_pm_notify+0xc0/0xc0 [ 242.845499] ? copy_mount_options+0x5f/0x2e0 [ 242.849882] ? rcu_read_lock_sched_held+0x108/0x120 [ 242.854873] ? kmem_cache_alloc_trace+0x459/0x740 [ 242.859694] ? copy_mount_options+0x1f7/0x2e0 [ 242.864164] SyS_mount+0xab/0x120 [ 242.867592] ? copy_mnt_ns+0xb30/0xb30 [ 242.871456] do_syscall_64+0x281/0x940 [ 242.875319] ? vmalloc_sync_all+0x30/0x30 [ 242.879439] ? _raw_spin_unlock_irq+0x27/0x70 [ 242.883908] ? finish_task_switch+0x1c1/0x7e0 [ 242.888376] ? syscall_return_slowpath+0x550/0x550 [ 242.893279] ? syscall_return_slowpath+0x2ac/0x550 [ 242.898184] ? prepare_exit_to_usermode+0x350/0x350 [ 242.903175] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 242.908516] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 242.913335] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 242.918495] RIP: 0033:0x454e79 [ 242.921666] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 242.929348] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 242.936591] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 242.943833] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 242.951074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 2018/04/01 00:14:43 executing program 7: r0 = add_key(&(0x7f0000000240)='trusted\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)="a941e8f278c249e412c129d0bf82e13a3235a57c54c984dc0c0c704e507a6dd79da584d32a6c19939fd0efa95076a98d4b9fe599aab925ca706aa699746a2586c59bbf40d3acc2e439fe6e76da71676fedf4a0bc8b5da025f9808d3367346766ad6eab39fffa373ee0ccd4fe977b091165db6392dd801a2309591c69f9b4bd34b6279a80c76a0cd1f39f983b3daf49f20e0f614ae6bc6301af539f1b6c9a857c441989555b0702b9cef505fd8c9141932c17f87068fc2ec64366936b87ed2ae1db94201c788a40aff035197e0784dc5d4acbeafd0ca877bb472c1ef7aa3131b58001c9b27c158e4fd5780e099a6c7818168ac12272dcfb50c77d837200a9e02574cb281378e336981d93cb3394abf6600bb44bcae1ebeab3122fcf6a42f40541918f1fe1d3c64ce63d23490df40e9eb315a67354de8280d33321558b6cac03a337c00d584e91f5e6225025ed028a6621448b8bbf3cefb2559c90c0976016e3e81599a91d04a049ea0adcc0d2abaabbb80d9885849ed870201a6198c9c8dea23ffbd75260789f58cbd7ecb6bf5cfbbaefecf79be74047b2373621d0ea75547398b6faef63843a3b0380a4e3e3c58ade9765a75e12b1b2cddac498af32f1730683552a790574d53f61a6bbd3398eac698f18554ba1f5438335e502379d43d6078d288e8e9b68054eaf09818388bf95847ba8e7c4b69030a65075d113136f4307aaed85eee8130060f85fb2cd8cc8ca202190155b83ff2f097ddc3a2911b1ced90041bccfebf605317a840acf5cc6680754cc2d994ee0ed3c92c4ae6d40c80a35fa5da674e103912f59588c465651de112809bfa400056cfd75a74c1fdc7a801e0f622d7d038185d4c517c6617f194151161dba16fee6897c55f77b2a104d1982595d926baff0b86c0ff1090be940716beedfe070fd199d69c8367e852b2982827f8bac376f94032beb35a498aa5cddc4608c57b77ac1245f35830dd74b172df18b0611e05e0ce9f1aea7989646adfb856b5fb9bc56868ff849bbc225cded4ce01fb7b3d5120c011576d47e3e754d8cc8159d89d87458cc07fe02a99cf0224511c994323c20bd92ea75467bce9fa4b1d634c2e6f556e442c6a35ef31d5479f2abfcb5b031d30e3fdff9b2f5b831968d2c24cb2bbadb946dc179a6a201798ef81e875596df16646f3c110ad3b808ad40224c841ec9e7beffe2f6d6dbfe46ff310486f432d21ce43c051b09727fb38770e12ac4aef85eef6c38e6f4e631a3731f83e2a63d9beac43370ba7840881e1feccd98ffd1e64a32708ba031479578964315a3aeec39be8e0f848c195b6c87b690a4c60b166b735f4658c87cf53bf8c040c5dafa3674bc1a0a0f6a1243e083f6d3e5ff248b957f377c0a0b0f40625f25503a8042b21935f6de5bd035728282c9a83bcd16539a1659bf384b98a468b4c9c0257f108dec5dae94cf87a2e68c627b00dc7771f344eed38b6daf0df5adc013aa352c5e3beb6a2b24a36d5f312cac01e282c451005226169175c5fcea93fc079d1b54b259c723e1e21dcbfa2a2ac10e1373c66f194c70470ac0b1e31ee6284bb5eb0fd17207dde71ef742a9a467c6112053949b4fb6d14cedb9e15533843182617123e7939aee6421e6bcf0c342f80b7b73500f3f8c7cd701c63569e681512954e62a3e74b3eadc61cae32c779de656a76b1e6252ed3f2b8b852bd83837e608d4a007f3881aedf8330b6f8edd75553a1256e39511345b45975f07e53c542d9c792c4391903b8637a38cfb141a29a2d1913e1961b3af33d35fa6914fbb9dab044b28c67a4ec32e1985aa6df0304fc4918e21b2d6c707ad820eca53947a31a48f6c8ce388525250d7c4391548a43c5bbb981694e51b9271fa246d5f3084fe1af8e2023a7727135f272c0849433b5fe089d0b3b8de8bcd20efe8e01f75971a4c061fdc08f8ac3a0a033280062db2be8bd922e9aef6c7c8eb1faec25535c7f9e0b9bd1c0945cd22c4112be76cd70e651abeae853c4fa16f2e5c269a8d5ef23dd0f02a02c8e6ef56f0ec1312d00821ee2f924ba16a49085b71e9bf58a1be2abe9c185a2e5f51356fd27b30a68e9e58ecbf57eaff64b5ece70a5a31190056bf80e874bdf4fc2131fbf98fb651d8486e5b731a6a112c1578da6df7c343bd42aa93bfe5e634ed069a723d4257ecc0ecbb43543ca81133dde6c12275724d26632b280f0457681ce84b8422b79279dc9774fd2877756cb06e1dd189cde1d04855ab0362abf6185847ff51885055f5a3d1b207c7c333af188d113d6c1e6077a0eeabef29a0af50c445cbe87cb4bf6f830501f9954de3974efb3c9a0d9571e28efcda72d1350f4f48e9e132f40fc31b21876273fac33c816e0a97f4395586f1e4576b0b6cb8d903389517c4501179f195b789b34be364f072e2335f9efbacc5f6efee4a3ae47d5b73dd50e54390e101024526f1cfbc6cefcaaf0707bbbf3512fcc122896e20c80ee6f850da4c2b41ee0ac498b78c63e80d043cadadd2fb55ebbbbecabf84c8009450a0c962b7cfc1a77035df90e96751049740f4d99dc9c783c4f824a24c29dcaf05bcf7d3ba5680e1db04d88162225a3bfe2d1da6c9b917995f19eba29aa1a4b9fd41a9a3092c5adde4637e4dd5f4e9107a0cf63224e8f7e6445e6f5d0b13ebf92a67504057f2c9ce67d13d7080b7c261268c4d786b8b7e1304fd37a68902d9c61fa04e8d72d1ce862b3239352e6a4ca335647b532c197d224ba5867d6bddc576f9951df71c655ed0341fb64b943d6c92e2c36337b439f299662cd2d5ba6bc06ce91e1c3d63d07bb2f2a8ad7a245dcd2b513ba53c04f1523737c93f07aa8cd9753497d2cb19e7a7a1ea0a273d481da6055d88677f3672c5ce4dfc0169a8b666b0f4f3939d9ae60d25f3dcadf951d0696bdd58fb3a4c762862659af37ca94496b156ccafc655ce7056211de5e4fa37284165f1a3012eec7081389b85c1f62016575c2f2817357f0befe2ce745ebc04b2d0cf761b179acd70171f8ff63e33bb28d617147e34757cd4b7d300a2c39ab3241fd6102973b5c93ff03193f94d74d720de4a72106f30fd055baa79fb601dff6e8a353c71d75b53a117dbd6369be02582a4eb34b504a3820f20f3fdad4e409e8cde030bd38a157cddfebfe00edfec448d30d8adace0eb74a9759e682567229e020e6825b829d3d4b309afcd1b7fb033ac1615336d9a4cc70c73bf9a3c3acbe70e477fcc8b0b219fd88bf9551693f62221de9a744cb890b0645a86d6b04d4d0ca7d8932753319947ac0315e227e7ddcf2cdd482e3e3eca2e782aa88c8cc338153460605dd36b868ae16d1844a75304c2450e39b5ccf02d6fda7a46d1521125de2e1b9309ddfb128b6ac6aeac8ef927bd98037098d8d3e75c74e04dff1fe0a585c0bf160cee1cfe3d0098b0f7a3eeec76622adbcee3e4c936ab1bf409155c70cf121e0c6718da2948976474951b9501c1b96ccbdfe07b03b530867b5a240b8fca36fdb1e266daec9b68547f625bb8612c98b646544b2a7cde4a45cffd508f97aea5b4bd2626176b6a87ae72d60eaf69fc6521aeb6b32afba15ade3ce80349e9fcd7e17a91879ab4c9ea57194517a717915d07dd9dc3a8717f700dabafa1abd162b503a2feab01f18249cb8759ac6bb90e7890f6af65b60214fa9eacc25c4b44abfb7e18ee6a42301c65aff3e8933750128b68f83228ec532d2ccc773f82ef71abc7a296a1340363f33e2777473afac88b8f220f26a777e21fb15ea35ba5e0ca9128765b6bd2254a0fbfd97b417bc8253c36168cc6d244eb6f9321b695db9d2514b8c81c7fd012d039b8e3b679cb0b7d86266f4d357e4e5a34387933e9f4d89ab49188e2e7f67b4874cc5015729858c7b8a14e112f16db56c0523c542126f56b864b6fc66fc701f3bbcf7bd8c94bc467b88def26cd95561570c531276d362cafd8869b5e208d0e7e9db936b47383e46f6ca1c2152f952a1cc3e9dd55c6935746a36f6112b028d9244f7e2fedb98f8def5f938eb04ede97759bf8e834adc0cf0abb1de1b6afd9388bb51ea96bc7420c7ef0c111b18689b60a3c90244930225f1e5e590b34843e498c2bb925228ed3791192896217e359c5b3c84ec5fe279588077064224a635840bf8e23c640ca4383b0f76e70a499aa9d53c23968660704b4de599c9773603259cfcddcac665de9e0606b23f17de86ffd81abb4feb4098bf0eaaba2ba782a3190d9c5fae626c1e31b9533b70220bbbaddd8bc541a4f35533edd8777b85a004b151956590234f710126cceb0263eaa5391379ed7c385ee26bb937ad69a573fa8be9facd53ac6430338ee6844517a3f9c91c3af243590d87e13aea56952a47c0981c685176940b07ef583df5ab5b55edba4b86f944e2d3d49273c951451b4d6664a02fc496abe435c2acb70ddcb9869dad5dae5935a916f112b0855d23ba238203d80f494a96a61d839f07b6637a8f82cb0c9fd3964d5c339a5dcc7952c60c3e54b48fd93d51eaa934e9780015ad2af195a55b92dd0899d16882fac75875f0fdcdbbab9722d50fa3e54c669c294c99c4d8587fb9954ebe94c5a8b270eba92b2ecd2f1bfd22b46ef04547c7aceb1e120a213b08a239e42cca2adacbea9136ef3e105ed9796d05bcbfe787a149e047e2d443684ac780f98109536272497cda50ebc23cbef828d3d51f9a342bae924cfd58e02f3d7260923bb1b9ded80f0273971bae40690003aa7293046cb50f37b81bb58604218c26c8a66a5ea7bcf4f21257d5fcf6087eb6d177802b0dfca853a1e4a2d7cbbc72d70d8f56f0b03520b3cec25785972931b48cd15538198aa18e76b38633d016ad2e970feb91edd5fdd78e8d0d150ff472c261e655028046f55467b3f5a5ae640e5c882de799d0ab461b70aace8a41073629997cbaa9479f0bd270de8c5e6174bdebc5d73595cb32074f71808e6d9b14021bbe2bf625eed158a259eec779f9a3f85d153db770bc4e09c1814396061a2d4516469864f52a41b2f4eac199134c82700fcd75f7fddd217ab1164b18613036058df6c81f0f5a14a1614b5140c3ece7fee3697c841e44fe474614f006667c7eebe4ccb07d6b1d0a48211e2f34f93a15aaa506ffb670ecd43084e7bcdd071b79b1bf6649a7911b92cf58dcc780f966d384a705b3e33962ab664dc7ac609cc289002f4b3db2d5e7447a4857b88b73b0997c9ac214c28012601fcbc6475b929c318d31299eff33dfe381592d6c37589bf94955a64688c8cbd18c1091de1895c5730aba40bdf09440de880f921e481c28aa4cdf408a9f7b3ea4b2c60602e2645dbacf4481e35ac49d819581def45b8afd6eaa5f77f1b643e268342ebe98337c09d2e14a37be72a0e8cc53b6fc82e94b51bcfa4da027f0e7eff1aa28e5d89f44cee3a5450f615b4464695ac75adb1360d0f9db444c8b9dc7c1daf05a9c7a1e7fdfea1ab34259c1dbd5e1d965682f11416f2eb8c00186db4836f7ab8f005c3f93c2a372b061b6e74e2226b47877bc004551e2faab306f9d0a03550f99b9c899cda86f0c588c255e2755113da33b208c9fca44f9a26b0cf791ade646eddf6366dbdcc09d170d55292f3511a7c7d78bcd5fb4285855d793fd96e0c4e5a3b103592d610aa01add267186c574253df544a5e442485a183997bea0c9719246c1f993ef456a6ec9b095b2a8f5d02339898c36c27afad966546d7548aa9b59240eec095b8f70310c45ccf4369ae7bc9bd2a43de1e0082f69782f48434c3ed7d451bb0d3a4297e683ca5ac13876fbc41b077", 0x1000, 0xfffffffffffffffc) r1 = request_key(&(0x7f0000000200)='syzkaller\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000140)='\x00', r0) keyctl$get_keyring_id(0x0, r1, 0x3ff) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x10600, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0xf7) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') [ 242.958316] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 2018/04/01 00:14:43 executing program 4: mkdir(&(0x7f00002b2000)='./file0\x00', 0x5c) 2018/04/01 00:14:43 executing program 2: syz_emit_ethernet(0x22, &(0x7f0000000180)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@generic={0x800, "785d656c6ece15519956302910ec3485f7185cc9"}}}, &(0x7f0000000280)) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x123002, 0x0) ioctl$KVM_GET_PIT2(r0, 0x8070ae9f, &(0x7f0000000040)) 2018/04/01 00:14:43 executing program 7: symlink(&(0x7f0000000200)='./file1/file0\x00', &(0x7f0000000240)='./file1/file0\x00') r0 = socket(0x43, 0x2000000000000006, 0x1) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000003e40)=ANY=[@ANYRES32=0x0, @ANYBLOB="ca80329e2b5d6e0fe4a56abbd7d111740b21f02c5197a7c60c06a94cf96ec1984ff01cf71b492fd56f7763b5d2e20af0c477527c14ca82f445437d75b0df1f87cb7ee1e4b94e00"], &(0x7f0000003ec0)=0x4b) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000003f00)={r1}, &(0x7f0000003f40)=0x8) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0x8) sendto$unix(r0, &(0x7f0000000000)="53f0d4e3deb3ce7b4e57fcefd1d66f59bcd66f4d2a24d9e1b8c3c31895d76295a2505c9028607925ae6c0dd73754e34e2fb6c5e03a6f2da820a11cfa589f963a5a004e3a30dc4555b343d54fd931fdf9c5baef2fc07d6198d1ac41af07386890ca0435917ccb0f2cbd000534b5654bc418f94ef15cec3bfa42ff14ffc73c9fed3a66e2b885a8f5d217ba1791be0105eb0061a5e8a8e36b6e6f21241f86b0aec9c1edeecbc4fe881c577cb5f2a4485e0a7ab4f3693f7b8982484d686ac0bfe9565d15fe01bf02eadb06b3f6938a6c9319e4497f05b8e9a14f5f93869cacda6eff1aa7cb6dea1d923caa8e8cdc5c130d8be51f7a46e310fb261951", 0xfa, 0x40, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e22}, 0x6e) 2018/04/01 00:14:43 executing program 6 (fault-call:0 fault-nth:41): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:43 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x1, 0x4) r1 = request_key(&(0x7f0000000140)='big_key\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000001c0)='eth1*\x00', 0xfffffffffffffffc) add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000000c0)="bf9a6b2f17fff2e289be2f936f75939071ca4e2b10f97de0166f1ffe163ebb160d0b687a66188a1f52aca556c3c163f3a2647e852f65e16ace371725f541ed3674b32f15cb4f3d6cb4d7ea8affaade42bc201514ef6de43c9bc3ab641ec434d34fbefe73ea01c20a148230a708", 0x6d, r1) [ 243.067368] FAULT_INJECTION: forcing a failure. [ 243.067368] name failslab, interval 1, probability 0, space 0, times 0 [ 243.078672] CPU: 0 PID: 19801 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 243.085855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.095202] Call Trace: [ 243.097793] dump_stack+0x194/0x24d [ 243.101423] ? arch_local_irq_restore+0x53/0x53 [ 243.106095] ? __save_stack_trace+0x7e/0xd0 [ 243.110423] should_fail+0x8c0/0xa40 [ 243.114144] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 243.119249] ? kasan_kmalloc+0xad/0xe0 [ 243.123136] ? kmem_cache_alloc_trace+0x136/0x740 [ 243.127983] ? __memcg_init_list_lru_node+0x169/0x270 [ 243.133169] ? __list_lru_init+0x544/0x750 [ 243.134732] FAT-fs (loop0): Directory bread(block 6) failed [ 243.137399] ? sget_userns+0x6b1/0xe40 [ 243.137410] ? mount_fs+0x66/0x2d0 [ 243.137422] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 243.137431] ? do_mount+0xea4/0x2bb0 [ 243.137439] ? SyS_mount+0xab/0x120 [ 243.137456] ? do_syscall_64+0x281/0x940 [ 243.137472] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 243.171994] ? find_held_lock+0x35/0x1d0 [ 243.176061] ? __lock_is_held+0xb6/0x140 [ 243.180132] ? check_same_owner+0x320/0x320 [ 243.181767] FAT-fs (loop0): Directory bread(block 7) failed [ 243.184453] ? rcu_note_context_switch+0x710/0x710 [ 243.184472] should_failslab+0xec/0x120 [ 243.184482] kmem_cache_alloc_trace+0x4b/0x740 [ 243.184491] ? __kmalloc_node+0x33/0x70 [ 243.184498] ? __kmalloc_node+0x33/0x70 [ 243.184507] ? rcu_read_lock_sched_held+0x108/0x120 [ 243.184519] __memcg_init_list_lru_node+0x169/0x270 [ 243.207180] FAT-fs (loop0): Directory bread(block 8) failed [ 243.207601] ? list_lru_add+0x7c0/0x7c0 [ 243.207613] ? __kmalloc_node+0x47/0x70 [ 243.207624] __list_lru_init+0x544/0x750 [ 243.211754] FAT-fs (loop0): Directory bread(block 9) failed [ 243.216577] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 243.216589] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 243.216603] ? lockdep_init_map+0x9/0x10 [ 243.216615] sget_userns+0x6b1/0xe40 [ 243.216623] ? kill_litter_super+0x90/0x90 [ 243.216634] ? ns_test_super+0x50/0x50 [ 243.216644] ? destroy_unused_super.part.6+0xd0/0xd0 [ 243.216652] ? do_raw_spin_trylock+0x190/0x190 [ 243.216665] ? kobject_put+0x6b/0x250 [ 243.216678] ? blkdev_get+0x3a1/0xb00 [ 243.230728] FAT-fs (loop0): Directory bread(block 10) failed [ 243.231312] ? cap_capable+0x1b5/0x230 [ 243.231323] ? __blkdev_get+0x13b0/0x13b0 [ 243.231334] ? security_capable+0x8e/0xc0 [ 243.231345] ? kill_litter_super+0x90/0x90 [ 243.235614] FAT-fs (loop0): Directory bread(block 11) failed [ 243.239334] ? ns_capable_common+0xcf/0x160 [ 243.239344] ? ns_test_super+0x50/0x50 [ 243.239352] ? kill_litter_super+0x90/0x90 [ 243.239359] sget+0xd2/0x120 [ 243.239371] mount_bdev+0x109/0x370 [ 243.239382] ? fuse_get_root_inode+0x190/0x190 [ 243.239394] fuse_mount_blk+0x34/0x40 [ 243.239404] mount_fs+0x66/0x2d0 [ 243.239418] vfs_kern_mount.part.26+0xc6/0x4a0 [ 243.239429] ? may_umount+0xa0/0xa0 [ 243.239440] ? vfs_kern_mount.part.26+0x1/0x4a0 [ 243.245574] FAT-fs (loop0): Directory bread(block 12) failed [ 243.250983] do_mount+0xea4/0x2bb0 [ 243.250996] ? copy_mount_string+0x40/0x40 [ 243.251008] ? rcu_pm_notify+0xc0/0xc0 [ 243.251023] ? copy_mount_options+0x5f/0x2e0 [ 243.251032] ? rcu_read_lock_sched_held+0x108/0x120 [ 243.251043] ? kmem_cache_alloc_trace+0x459/0x740 [ 243.251054] ? kasan_check_write+0x14/0x20 [ 243.251067] ? copy_mount_options+0x1f7/0x2e0 [ 243.251077] SyS_mount+0xab/0x120 [ 243.251084] ? copy_mnt_ns+0xb30/0xb30 [ 243.251094] do_syscall_64+0x281/0x940 [ 243.256278] FAT-fs (loop0): Directory bread(block 13) failed [ 243.260114] ? vmalloc_sync_all+0x30/0x30 [ 243.260125] ? _raw_spin_unlock_irq+0x27/0x70 [ 243.260135] ? finish_task_switch+0x1c1/0x7e0 [ 243.260146] ? syscall_return_slowpath+0x550/0x550 [ 243.260156] ? syscall_return_slowpath+0x2ac/0x550 [ 243.260166] ? prepare_exit_to_usermode+0x350/0x350 [ 243.260178] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 243.260190] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 243.260205] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 243.260213] RIP: 0033:0x454e79 [ 243.264279] FAT-fs (loop0): Directory bread(block 14) failed [ 243.268097] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 243.268108] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 243.268114] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 243.268119] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 243.268124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 243.268130] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 243.515642] FAT-fs (loop0): Directory bread(block 15) failed [ 243.531222] attempt to access beyond end of device [ 243.536268] loop0: rw=2049, want=40, limit=6 [ 243.575393] device bridge0 entered promiscuous mode [ 243.592886] device bridge0 left promiscuous mode 2018/04/01 00:14:44 executing program 5: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mkdir(&(0x7f0000000040)='./file0/control\x00', 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000500)='/dev/usbmon#\x00', 0x1, 0x2000) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000540)) mkdir(&(0x7f0000155ff2)='./file0/file0\x00', 0x0) rename(&(0x7f0000b2a000)='./file0/file0\x00', &(0x7f0000ab3ff0)='./file0/control\x00') syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000080)='./file0\x00', 0x200, 0x5, &(0x7f0000000440)=[{&(0x7f00000000c0)="294a3c875d2f2aff4ef05dcf84f7582acb0bc55ce68d629bb83edf3111c69a15a83dd2416317cd92ee8adea73c8cd7c45d67aacbe34c2600b0ae4afa9eb2d8226ce3814eca1eb5c02c917ecef99b57f08cdf9e983f7de3b483c83cfcb029f2", 0x5f, 0x3}, {&(0x7f0000000180)="0e5d37d67895ec4063e9967325523c2f1b8cec0acdd1e64e11afd7b7e5998e9a1e9f1b33175dc2b358bfdd2085db492f2f7e9e525580ed9dc993174861841a71f2fad03390c93a596af0", 0x4a, 0x7ff}, {&(0x7f0000000200)="c2d86e11ca5c90eda8f613d88ad1385475f7e032074d113756c867770e0ceb024e12802d8750458c31df6ee7491ab22df1260f293119e25289fc07afe01928f0e54d3c70e61eba1e859c80acbc11198a1d1258f1a51888a184abd830e500a2c6d76034237ae48543558215b33b645b9a2b4f5962980d33e3df92a7576d517595a3b1f6899429a79e57419bb498396497479f4027a962fd06ea576f37ea30a81bacb6128cf1a7e6d41c85559687df47f1d00f57665024dc641ec84e64c413645aadfad62cfac4a7dc07a528c79adbbfffc30a97bab23ebaab27e5de1cfb99566ab5", 0xe1, 0x3ff}, {&(0x7f0000000300)="78a04f8ac5bd3eb0a2052926d1ccc3df73ba4ed38a719acdb461e9472c4c2c833b07a5fe90663c700a1a471ace18ea1fb8c1647953cd5050aaa0599ada919a655b5d92cd7c269eb44f2b4347f39ae3c90d38bf16aedf42d7f6160180ea4f95bd62e965b14dda1db5c89b5ee62feca26846336614ca0e82385d82e415f961b9eff66f617c61c2de6fab685e8a8c01b9560a508dcdea30825d8db9576ac0f61aa66ae4de31b977ec3275f98b9994137ac99b77b6350b1ec2a62f3f9050236d5c2f3494f694195aa8699c13e210e8ff11a0284ab17c1441e2a90fee897817bff10d5c9a8fc8dce1f64938d87d69869c6c3a6f50f3aae602bfb07154", 0xfa, 0x3}, {&(0x7f0000000400)="0b672de61a4e1797478ac6f6f369393eda17388e08a872", 0x17, 0x5}], 0x800040, &(0x7f00000004c0)={[{@resize_size={'resize', 0x3d, [0x3d, 0x3f]}, 0x2c}, {@discard='discard', 0x2c}, {@resize_size={'resize', 0x3d, [0x0, 0x31, 0x35, 0x33, 0x32, 0x0, 0x78, 0x30, 0x3f, 0x0]}, 0x2c}, {@noquota='noquota', 0x2c}, {@discard='discard', 0x2c}]}) 2018/04/01 00:14:44 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) sendmmsg$inet_sctp(r0, &(0x7f000093eee8)=[{&(0x7f00001f6000)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x0, &(0x7f0000562000), 0x0, &(0x7f00000c3000)=[@sndinfo={0x20, 0x84, 0x2, {0x0, 0x203}}], 0x30}, {&(0x7f0000957ff0)=@in={0x2, 0x0, @multicast2=0xe0000002}, 0x10, &(0x7f000093e000), 0x0, &(0x7f000093ef10)=[@sndinfo={0x20, 0x84, 0x2}], 0x30}], 0x2, 0x0) r1 = socket$bt_cmtp(0x1f, 0x3, 0x5) getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000000)=0x80000001, &(0x7f0000000040)=0x4) 2018/04/01 00:14:44 executing program 7: r0 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x8, 0x2000) getsockopt$inet_udp_int(r0, 0x11, 0x66, &(0x7f0000000100), &(0x7f0000000140)=0x4) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) symlink(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080)='./file1/file0\x00') lgetxattr(&(0x7f0000000180)='./file1/file0\x00', &(0x7f00000001c0)=@known='trusted.syz\x00', &(0x7f0000000200)=""/177, 0xb1) 2018/04/01 00:14:44 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) preadv(r0, &(0x7f0000000380)=[{&(0x7f0000000040)=""/114, 0x72}, {&(0x7f00000000c0)=""/64, 0x40}, {&(0x7f0000000100)=""/65, 0x41}, {&(0x7f0000000180)=""/248, 0xf8}, {&(0x7f0000000280)=""/253, 0xfd}], 0x5, 0x0) fallocate(r0, 0x0, 0x0, 0x4) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000400)="9de8052b5b89d8dc77c0e70265226eef7ea6abf69759596676448883f85c16da3070a38c6a7b8d68036d0741998b1770dfd66bb5e48df99d770c970b203559492dbdc280bfe60bae7aab7eb4bcd87e4802fea3ce9f593ded5e020b5fb5030cd9e7f5d4cf96c7d52befd114be4825895f29c0827752d20d45e193cd860e7118ade6086a0e4e3fa39933c8d2f8355782f0e789be9508e9841ed026ef2dc24875976f8cfc1a398a87671ce1016517d975831f65279c33f7bf3db7bdfcef8d87feed56a01474ba0b60885e8fc7eb6191e3f33ec898d68eca34a18c9dcf3e0bffb7c1781f1d34797b9b0a1a3d3bfb331d53019224") 2018/04/01 00:14:44 executing program 4: 2018/04/01 00:14:44 executing program 6 (fault-call:0 fault-nth:42): syz_fuseblk_mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 2018/04/01 00:14:44 executing program 1: prctl$seccomp(0x2b, 0x0, &(0x7f0000000380)={0x0, &(0x7f0000000340)}) r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xffffffffffffffff) keyctl$set_timeout(0xf, r0, 0x4) 2018/04/01 00:14:44 executing program 0: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000140)='./file0\x00', 0xcb9, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000780)='./file0/file0\x00', 0x3fffa, 0x0) write(r0, &(0x7f0000000080), 0x0) write(r0, &(0x7f0000001200)="f8", 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x4) fadvise64(r0, 0x0, 0x0, 0x3) [ 243.793500] FAULT_INJECTION: forcing a failure. [ 243.793500] name failslab, interval 1, probability 0, space 0, times 0 [ 243.805275] CPU: 1 PID: 19837 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #9 [ 243.812467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.821814] Call Trace: [ 243.824417] dump_stack+0x194/0x24d [ 243.828050] ? arch_local_irq_restore+0x53/0x53 [ 243.832731] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 243.837953] ? find_held_lock+0x35/0x1d0 2018/04/01 00:14:44 executing program 4: mkdir(&(0x7f0000000040)='./file0\x00', 0x3) 2018/04/01 00:14:44 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x4080, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000000)=""/235) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000fb8000)=""/246) ioctl$EVIOCGREP(r0, 0x40047451, &(0x7f0000000380)=""/174) [ 243.842022] should_fail+0x8c0/0xa40 [ 243.845733] ? __list_lru_init+0x352/0x750 [ 243.849974] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 243.855077] ? trace_hardirqs_off+0x10/0x10 [ 243.859409] ? print_irqtrace_events+0x270/0x270 [ 243.864171] ? find_held_lock+0x35/0x1d0 [ 243.868245] ? __lock_is_held+0xb6/0x140 [ 243.872321] ? check_same_owner+0x320/0x320 [ 243.876743] ? rcu_note_context_switch+0x710/0x710 [ 243.881737] ? find_held_lock+0x35/0x1d0 [ 243.885808] should_failslab+0xec/0x120 [ 243.889782] __kmalloc+0x63/0x760 2018/04/01 00:14:44 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x4, 0x404201) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1b, &(0x7f0000000080)={@local, 0x0}, &(0x7f00000000c0)=0x14) sendmsg$nl_xfrm(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xffffffffffffff5f, &(0x7f0000000180)={&(0x7f0000000100)=@delsa={0x50, 0x11, 0x300, 0x70bd2b, 0x25dfdbfc, {@in6=@mcast2={0xff, 0x2, [], 0x1}, 0x4d5, 0xa, 0xb085f04b0ed25641}, [@offload={0xc, 0x1c, {r1, 0x3}}, @coaddr={0x14, 0xe, @in6=@remote={0xfe, 0x80, [], 0xbb}}, @ipv6_hthresh={0x8, 0x4, {0x39, 0x23}}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c014}, 0x40010) 2018/04/01 00:14:44 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x111001) fallocate(r0, 0x3, 0xec2c, 0x10000) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000080)=0x4, 0x4) r3 = fcntl$getown(0xffffffffffffff9c, 0x9) tkill(r3, 0x40) syz_emit_ethernet(0x1, &(0x7f00006a4000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb080045000155000000000002907800000000e00000011100907800000000000000081e84d84b2db57b8a0af02ad8c4fda114a6e1200fd51c7ac998963739081ac9863e00c3a144b0020a99bc3d8bdf4fdb5e0fba973461c1a98f799e3d94a162efc1763146b22c169c07351b62a1c4bae8590f0bc322d3034fe9dd3e4c4584063a0f35b040fd90300fc46216e43787e45d5627492ffb4cfb282d780c688c3b7986dd839b15e48e2b8930f6dc3bb8490fc3ddc4bbed5116722aa50c9c1288a6d28df4e44bdec1095520dbaf24445a8c903788d8c35162f2f2487f67a18c9c6c7ac1af5dff578d40b6e17c1e9d1aef018d594f3d7ebf1668320566590a043c35a726cadbb9b4bf5ee9d028960fbcaa333c4c8ae0471645de6bc77287666c01a6654fed646b547b12bd5915b9da8d3b3bf44c77ed87a8a96dc2acd555708993cd0a3ade824cfd54fcd9396f47ebd847f818e5f62dc0585ab7"], &(0x7f0000aed000)={0x0, 0x4, [0x6, 0x0, 0x0, 0x100000]}) [ 243.893237] ? lock_downgrade+0x980/0x980 [ 243.897390] ? register_shrinker+0x10e/0x2d0 [ 243.901805] ? trace_event_raw_event_module_request+0x320/0x320 [ 243.907865] register_shrinker+0x10e/0x2d0 [ 243.912888] ? prepare_kswapd_sleep+0x1f0/0x1f0 [ 243.917651] ? memcpy+0x45/0x50 [ 243.920930] sget_userns+0xbbf/0xe40 [ 243.924642] ? kill_litter_super+0x90/0x90 [ 243.928881] ? ns_test_super+0x50/0x50 [ 243.932778] ? destroy_unused_super.part.6+0xd0/0xd0 [ 243.937883] ? do_raw_spin_trylock+0x190/0x190 2018/04/01 00:14:44 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x4000, 0x0) syz_extract_tcp_res$synack(&(0x7f0000000100), 0x1, 0x0) getdents64(r1, &(0x7f0000000040)=""/184, 0xb8) read(r0, &(0x7f0000000480)=""/28, 0x1c) r2 = open(&(0x7f00000001c0)='./bus\x00', 0x141042, 0x4) ftruncate(r2, 0x7fff) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000f40000)='/dev/ptmx\x00', 0x200000000101002, 0x0) sendfile(r3, r2, &(0x7f0000b4bff8), 0x100000002) ioctl$TIOCSLCKTRMIOS(r3, 0x5457, &(0x7f00000002c0)) [ 243.942479] ? kobject_put+0x6b/0x250 [ 243.946283] ? blkdev_get+0x3a1/0xb00 [ 243.950091] ? cap_capable+0x1b5/0x230 [ 243.953986] ? __blkdev_get+0x13b0/0x13b0 [ 243.958141] ? security_capable+0x8e/0xc0 [ 243.962290] ? kill_litter_super+0x90/0x90 [ 243.966522] ? ns_capable_common+0xcf/0x160 [ 243.970840] ? ns_test_super+0x50/0x50 [ 243.974722] ? kill_litter_super+0x90/0x90 [ 243.978946] sget+0xd2/0x120 [ 243.981961] mount_bdev+0x109/0x370 [ 243.985585] ? fuse_get_root_inode+0x190/0x190 [ 243.990165] fuse_mount_blk+0x34/0x40 2018/04/01 00:14:44 executing program 1: r0 = socket$inet6(0xa, 0x2000000802, 0x0) syslog(0x0, &(0x7f0000000000)=""/14, 0xe) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f000067c000)=@fragment, 0x8) close(r0) [ 243.993958] mount_fs+0x66/0x2d0 [ 243.997325] vfs_kern_mount.part.26+0xc6/0x4a0 [ 244.001910] ? may_umount+0xa0/0xa0 [ 244.005535] ? _raw_read_unlock+0x22/0x30 [ 244.009679] ? __get_fs_type+0x8a/0xc0 [ 244.013564] do_mount+0xea4/0x2bb0 [ 244.017106] ? copy_mount_string+0x40/0x40 [ 244.021339] ? rcu_pm_notify+0xc0/0xc0 [ 244.025225] ? copy_mount_options+0x5f/0x2e0 [ 244.029630] ? rcu_read_lock_sched_held+0x108/0x120 [ 244.034645] ? kmem_cache_alloc_trace+0x459/0x740 [ 244.039484] ? kasan_check_write+0x14/0x20 2018/04/01 00:14:44 executing program 3: r0 = open(&(0x7f0000000040)='./bus\x00', 0x100, 0x0) fallocate(r0, 0x0, 0x9, 0x40000009) [ 244.043715] ? _copy_from_user+0x99/0x110 [ 244.047855] ? copy_mount_options+0x1f7/0x2e0 [ 244.052357] SyS_mount+0xab/0x120 [ 244.055808] ? copy_mnt_ns+0xb30/0xb30 [ 244.059696] do_syscall_64+0x281/0x940 [ 244.063585] ? vmalloc_sync_all+0x30/0x30 [ 244.067732] ? _raw_spin_unlock_irq+0x27/0x70 [ 244.072232] ? finish_task_switch+0x1c1/0x7e0 [ 244.076721] ? syscall_return_slowpath+0x550/0x550 [ 244.081650] ? syscall_return_slowpath+0x2ac/0x550 [ 244.086576] ? prepare_exit_to_usermode+0x350/0x350 2018/04/01 00:14:44 executing program 3: r0 = open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0) fallocate(r0, 0x0, 0x0, 0x4) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=0x0) fcntl$setown(r0, 0x8, r1) [ 244.091592] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 244.096958] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 244.101804] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 244.106985] RIP: 0033:0x454e79 [ 244.110166] RSP: 002b:00007f901d8c3b08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 244.117867] RAX: ffffffffffffffda RBX: 0000000000000014 RCX: 0000000000454e79 [ 244.125137] RDX: 00000000004b97e5 RSI: 00000000200000c0 RDI: 0000000020000100 [ 244.132404] RBP: 0000000020000100 R08: 00007f901d8c3b20 R09: 0000000000000000 [ 244.139680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 244.146943] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000