8 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 303.223996][T12036] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 303.232388][T12036] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 303.240346][T12036] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 303.248302][T12036] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 303.256256][T12036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 303.264211][T12036] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 303.289439][T12047] block nbd3: server does not support multiple connections per device. [ 303.299690][T12048] FAULT_INJECTION: forcing a failure. [ 303.299690][T12048] name failslab, interval 1, probability 0, space 0, times 0 [ 303.324177][T12043] block nbd3: shutting down sockets [ 303.332938][T12048] CPU: 0 PID: 12048 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 303.341996][T12048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 303.352163][T12048] Call Trace: [ 303.355474][T12048] dump_stack+0x172/0x1f0 [ 303.359826][T12048] should_fail.cold+0xa/0x15 [ 303.364527][T12048] ? fault_create_debugfs_attr+0x180/0x180 [ 303.370348][T12048] ? ___might_sleep+0x163/0x2c0 [ 303.375241][T12048] __should_failslab+0x121/0x190 [ 303.380189][T12048] should_failslab+0x9/0x14 [ 303.384700][T12048] __kmalloc+0x2e0/0x770 [ 303.388977][T12048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 303.395246][T12048] ? d_absolute_path+0x11b/0x170 [ 303.400665][T12048] ? __d_path+0x140/0x140 [ 303.405793][T12048] ? tomoyo_encode2.part.0+0xf5/0x400 [ 303.411185][T12048] tomoyo_encode2.part.0+0xf5/0x400 [ 303.416400][T12048] tomoyo_encode+0x2b/0x50 [ 303.420823][T12048] tomoyo_realpath_from_path+0x1d3/0x7b0 [ 303.426505][T12048] tomoyo_path_number_perm+0x1dd/0x520 [ 303.431972][T12048] ? tomoyo_path_number_perm+0x193/0x520 [ 303.437618][T12048] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 303.444211][T12048] ? __f_unlock_pos+0x19/0x20 [ 303.448916][T12048] ? __fget+0x37f/0x550 [ 303.453089][T12048] ? ksys_dup3+0x3e0/0x3e0 [ 303.457505][T12048] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 303.463741][T12048] ? fput_many+0x12c/0x1a0 [ 303.468339][T12048] tomoyo_file_ioctl+0x23/0x30 [ 303.473115][T12048] security_file_ioctl+0x77/0xc0 [ 303.478060][T12048] ksys_ioctl+0x57/0xd0 [ 303.482219][T12048] __x64_sys_ioctl+0x73/0xb0 [ 303.486817][T12048] do_syscall_64+0xfa/0x760 [ 303.491333][T12048] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 303.497350][T12048] RIP: 0033:0x459a59 [ 303.501240][T12048] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 303.520843][T12048] RSP: 002b:00007f9a2875ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 303.531153][T12048] RAX: ffffffffffffffda RBX: 00007f9a2875ac90 RCX: 0000000000459a59 [ 303.539203][T12048] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 303.547163][T12048] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 303.556166][T12048] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a2875b6d4 [ 303.564232][T12048] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 0000000000000009 [ 303.574645][T12048] ERROR: Out of memory at tomoyo_realpath_from_path. [ 303.594471][ T9110] block nbd2: Receive control failed (result -22) [ 303.611546][T12046] block nbd2: shutting down sockets 05:00:20 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:20 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) 05:00:20 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:20 executing program 1 (fault-call:3 fault-nth:2): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:20 executing program 2 (fault-call:7 fault-nth:3): r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 305.368060][T12061] FAULT_INJECTION: forcing a failure. [ 305.368060][T12061] name failslab, interval 1, probability 0, space 0, times 0 [ 305.372363][T12058] block nbd3: server does not support multiple connections per device. [ 305.405438][T12063] FAULT_INJECTION: forcing a failure. [ 305.405438][T12063] name failslab, interval 1, probability 0, space 0, times 0 [ 305.426519][T12056] block nbd3: shutting down sockets [ 305.438783][T12063] CPU: 0 PID: 12063 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 305.447867][T12063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.457949][T12063] Call Trace: [ 305.461272][T12063] dump_stack+0x172/0x1f0 [ 305.465737][T12063] should_fail.cold+0xa/0x15 [ 305.470458][T12063] ? fault_create_debugfs_attr+0x180/0x180 [ 305.476309][T12063] ? ___might_sleep+0x163/0x2c0 [ 305.481206][T12063] __should_failslab+0x121/0x190 [ 305.486184][T12063] should_failslab+0x9/0x14 [ 305.490711][T12063] kmem_cache_alloc_trace+0x2d3/0x790 [ 305.496272][T12063] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 305.502556][T12063] ? _copy_from_user+0x12c/0x1a0 [ 305.507521][T12063] copy_mount_options+0x5c/0x3f0 [ 305.512479][T12063] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 305.518756][T12063] ksys_mount+0xa7/0x150 [ 305.523041][T12063] __x64_sys_mount+0xbe/0x150 [ 305.527761][T12063] do_syscall_64+0xfa/0x760 [ 305.532298][T12063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 305.538212][T12063] RIP: 0033:0x459a59 [ 305.542120][T12063] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 305.561739][T12063] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:00:20 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) [ 305.570190][T12063] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 305.578587][T12063] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 305.586597][T12063] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 305.594601][T12063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 305.602604][T12063] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 305.610764][T12061] CPU: 1 PID: 12061 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 305.619909][T12061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.629994][T12061] Call Trace: [ 305.633301][T12061] dump_stack+0x172/0x1f0 [ 305.637656][T12061] should_fail.cold+0xa/0x15 [ 305.642261][T12061] ? fault_create_debugfs_attr+0x180/0x180 [ 305.648092][T12061] ? ___might_sleep+0x163/0x2c0 [ 305.652968][T12061] __should_failslab+0x121/0x190 [ 305.657929][T12061] should_failslab+0x9/0x14 [ 305.663323][T12061] __kmalloc+0x2e0/0x770 [ 305.668112][T12061] ? lock_acquire+0x190/0x410 [ 305.672896][T12061] ? nbd_ioctl+0x16d/0xc44 [ 305.677336][T12061] ? alloc_workqueue+0x166/0xf10 [ 305.682291][T12061] alloc_workqueue+0x166/0xf10 [ 305.687086][T12061] ? nbd_ioctl+0x16d/0xc44 [ 305.691525][T12061] ? workqueue_sysfs_register+0x3f0/0x3f0 [ 305.697273][T12061] ? save_stack+0x23/0x90 [ 305.701623][T12061] ? __kasan_slab_free+0x102/0x150 [ 305.706772][T12061] ? kasan_slab_free+0xe/0x10 [ 305.711539][T12061] ? mutex_trylock+0x2d0/0x2d0 [ 305.716327][T12061] ? refcount_dec_and_test_checked+0x1b/0x20 [ 305.722325][T12061] ? apparmor_capable+0x2ed/0x630 05:00:21 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) [ 305.727368][T12061] ? cap_capable+0x205/0x270 [ 305.731979][T12061] nbd_start_device+0x17a/0xbb0 [ 305.736861][T12061] nbd_ioctl+0x6db/0xc44 [ 305.741116][T12061] ? find_held_lock+0x35/0x130 [ 305.745896][T12061] ? nbd_release+0x150/0x150 [ 305.750504][T12061] ? lock_downgrade+0x920/0x920 [ 305.755380][T12061] ? lockdep_hardirqs_on+0x421/0x5e0 [ 305.760682][T12061] ? nbd_release+0x150/0x150 [ 305.765293][T12061] blkdev_ioctl+0xedb/0x1c20 [ 305.769904][T12061] ? blkpg_ioctl+0xa90/0xa90 05:00:21 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) [ 305.774521][T12061] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 305.780353][T12061] ? __schedule+0x952/0x1e70 [ 305.784967][T12061] block_ioctl+0xee/0x130 [ 305.789314][T12061] ? blkdev_fallocate+0x410/0x410 [ 305.794358][T12061] do_vfs_ioctl+0xdb6/0x13e0 [ 305.798969][T12061] ? compat_ioctl_preallocate+0x210/0x210 [ 305.804700][T12061] ? preempt_schedule_irq+0xf3/0x160 [ 305.810026][T12061] ? tomoyo_file_ioctl+0x23/0x30 [ 305.814994][T12061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 305.822219][T12061] ? security_file_ioctl+0x8d/0xc0 05:00:21 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) [ 305.827364][T12061] ksys_ioctl+0xab/0xd0 [ 305.831550][T12061] __x64_sys_ioctl+0x73/0xb0 [ 305.836283][T12061] do_syscall_64+0xfa/0x760 [ 305.840822][T12061] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 305.846761][T12061] RIP: 0033:0x459a59 [ 305.850686][T12061] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 305.870297][T12061] RSP: 002b:00007f9a2875ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 05:00:21 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(0xffffffffffffffff, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:21 executing program 1 (fault-call:3 fault-nth:3): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 305.878726][T12061] RAX: ffffffffffffffda RBX: 00007f9a2875ac90 RCX: 0000000000459a59 [ 305.886726][T12061] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 305.894895][T12061] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 305.902892][T12061] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a2875b6d4 [ 305.910893][T12061] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 0000000000000009 [ 305.953082][T12061] block nbd2: Could not allocate knbd recv work queue. [ 305.983509][T12059] block nbd2: shutting down sockets [ 306.035139][T12085] block nbd3: server does not support multiple connections per device. [ 306.054715][T12081] block nbd3: shutting down sockets [ 306.056264][T12084] FAULT_INJECTION: forcing a failure. [ 306.056264][T12084] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 306.074637][T12084] CPU: 0 PID: 12084 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 306.084096][T12084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 306.094159][T12084] Call Trace: [ 306.097473][T12084] dump_stack+0x172/0x1f0 [ 306.101826][T12084] should_fail.cold+0xa/0x15 [ 306.106559][T12084] ? fault_create_debugfs_attr+0x180/0x180 [ 306.112493][T12084] ? __kasan_check_read+0x11/0x20 [ 306.117543][T12084] ? __lock_acquire+0x16f2/0x4a00 [ 306.122632][T12084] should_fail_alloc_page+0x50/0x60 [ 306.127837][T12084] __alloc_pages_nodemask+0x1a1/0x910 [ 306.127853][T12084] ? fs_reclaim_release+0xf/0x30 [ 306.127866][T12084] ? __alloc_pages_slowpath+0x2920/0x2920 [ 306.127881][T12084] ? fs_reclaim_release+0xf/0x30 [ 306.127902][T12084] ? fault_create_debugfs_attr+0x180/0x180 [ 306.127920][T12084] cache_grow_begin+0x90/0xd00 [ 306.159315][T12084] ? trace_hardirqs_off+0x62/0x240 [ 306.164414][T12084] kmem_cache_alloc_trace+0x6b3/0x790 [ 306.169773][T12084] copy_mount_options+0x5c/0x3f0 [ 306.174700][T12084] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 306.180924][T12084] ksys_mount+0xa7/0x150 [ 306.185411][T12084] __x64_sys_mount+0xbe/0x150 [ 306.190073][T12084] do_syscall_64+0xfa/0x760 [ 306.194560][T12084] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 306.200429][T12084] RIP: 0033:0x459a59 [ 306.204324][T12084] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 306.223908][T12084] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 306.232303][T12084] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 306.240271][T12084] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 306.248223][T12084] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 306.256191][T12084] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 306.264750][T12084] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 306.279344][T12084] overlayfs: conflicting lowerdir path 05:00:23 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:23 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:23 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@getlink={0x20}, 0x20}}, 0x0) 05:00:23 executing program 2 (fault-call:7 fault-nth:4): r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:23 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x0) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:23 executing program 1 (fault-call:3 fault-nth:4): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:23 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 308.459590][T12095] FAULT_INJECTION: forcing a failure. [ 308.459590][T12095] name failslab, interval 1, probability 0, space 0, times 0 [ 308.495350][T12094] FAULT_INJECTION: forcing a failure. [ 308.495350][T12094] name failslab, interval 1, probability 0, space 0, times 0 [ 308.513421][T12099] block nbd3: server does not support multiple connections per device. [ 308.540851][T12095] CPU: 0 PID: 12095 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 308.549663][T12090] block nbd3: shutting down sockets [ 308.551242][T12095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.551250][T12095] Call Trace: [ 308.551276][T12095] dump_stack+0x172/0x1f0 [ 308.551298][T12095] should_fail.cold+0xa/0x15 [ 308.579428][T12095] ? fault_create_debugfs_attr+0x180/0x180 [ 308.587186][T12095] ? ___might_sleep+0x163/0x2c0 [ 308.593366][T12095] __should_failslab+0x121/0x190 [ 308.598678][T12095] should_failslab+0x9/0x14 [ 308.603263][T12095] kmem_cache_alloc_trace+0x2d3/0x790 [ 308.603275][T12095] ? __kmalloc+0x608/0x770 [ 308.603292][T12095] ? lock_acquire+0x190/0x410 [ 308.603313][T12095] alloc_workqueue_attrs+0x3d/0xc0 [ 308.603329][T12095] alloc_workqueue+0x18b/0xf10 [ 308.630292][T12095] ? nbd_ioctl+0x16d/0xc44 [ 308.635001][T12095] ? workqueue_sysfs_register+0x3f0/0x3f0 [ 308.640986][T12095] ? save_stack+0x23/0x90 [ 308.645324][T12095] ? __kasan_slab_free+0x102/0x150 [ 308.650441][T12095] ? kasan_slab_free+0xe/0x10 [ 308.655165][T12095] ? mutex_trylock+0x2d0/0x2d0 [ 308.660026][T12095] ? refcount_dec_and_test_checked+0x1b/0x20 [ 308.665907][T12110] block nbd3: server does not support multiple connections per device. [ 308.666097][T12095] ? apparmor_capable+0x2ed/0x630 [ 308.679328][T12095] ? cap_capable+0x205/0x270 [ 308.680381][T12109] block nbd3: shutting down sockets [ 308.683922][T12095] nbd_start_device+0x17a/0xbb0 [ 308.683946][T12095] nbd_ioctl+0x6db/0xc44 [ 308.683962][T12095] ? find_held_lock+0x35/0x130 [ 308.683980][T12095] ? nbd_release+0x150/0x150 [ 308.683999][T12095] ? lock_downgrade+0x920/0x920 [ 308.712662][T12095] ? lockdep_hardirqs_on+0x421/0x5e0 [ 308.717955][T12095] ? nbd_release+0x150/0x150 [ 308.722554][T12095] blkdev_ioctl+0xedb/0x1c20 [ 308.727171][T12095] ? blkpg_ioctl+0xa90/0xa90 [ 308.731959][T12095] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 308.738027][T12095] ? __f_unlock_pos+0x19/0x20 [ 308.742732][T12095] block_ioctl+0xee/0x130 [ 308.747075][T12095] ? blkdev_fallocate+0x410/0x410 [ 308.752123][T12095] do_vfs_ioctl+0xdb6/0x13e0 [ 308.756728][T12095] ? compat_ioctl_preallocate+0x210/0x210 [ 308.762490][T12095] ? __fget+0x37f/0x550 [ 308.766659][T12095] ? ksys_dup3+0x3e0/0x3e0 [ 308.771082][T12095] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 308.777335][T12095] ? fput_many+0x12c/0x1a0 [ 308.781868][T12095] ? tomoyo_file_ioctl+0x23/0x30 [ 308.786822][T12095] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 308.788977][T12113] block nbd3: server does not support multiple connections per device. [ 308.793086][T12095] ? security_file_ioctl+0x8d/0xc0 [ 308.793111][T12095] ksys_ioctl+0xab/0xd0 [ 308.793127][T12095] __x64_sys_ioctl+0x73/0xb0 [ 308.793150][T12095] do_syscall_64+0xfa/0x760 [ 308.813979][T12112] block nbd3: shutting down sockets [ 308.815492][T12095] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 308.815508][T12095] RIP: 0033:0x459a59 05:00:23 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x0) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:24 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x0) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:24 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03) [ 308.836986][T12095] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 308.867873][T12095] RSP: 002b:00007f9a2875ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 308.876280][T12095] RAX: ffffffffffffffda RBX: 00007f9a2875ac90 RCX: 0000000000459a59 [ 308.876289][T12095] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 308.876295][T12095] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 308.876303][T12095] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a2875b6d4 05:00:24 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@getlink={0x20}, 0x20}}, 0x0) [ 308.876311][T12095] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 0000000000000009 [ 308.896016][T12095] block nbd2: Could not allocate knbd recv work queue. [ 308.912938][T12094] CPU: 1 PID: 12094 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 308.935240][T12094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 308.945302][T12094] Call Trace: [ 308.948606][T12094] dump_stack+0x172/0x1f0 [ 308.952948][T12094] should_fail.cold+0xa/0x15 [ 308.957542][T12094] ? do_syscall_64+0xfa/0x760 [ 308.962236][T12094] ? fault_create_debugfs_attr+0x180/0x180 [ 308.968070][T12094] ? ___might_sleep+0x163/0x2c0 [ 308.972939][T12094] __should_failslab+0x121/0x190 [ 308.977885][T12094] should_failslab+0x9/0x14 [ 308.982400][T12094] kmem_cache_alloc+0x2aa/0x710 [ 308.985010][T12118] block nbd3: shutting down sockets [ 308.987341][T12094] getname_flags+0xd6/0x5b0 [ 308.987365][T12094] user_path_at_empty+0x2f/0x50 [ 309.001899][T12094] do_mount+0x14e/0x1cf0 [ 309.006147][T12094] ? copy_mount_string+0x40/0x40 05:00:24 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03) [ 309.011100][T12094] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 309.017359][T12094] ? copy_mount_options+0x2e8/0x3f0 [ 309.022573][T12094] ksys_mount+0xdb/0x150 [ 309.026836][T12094] __x64_sys_mount+0xbe/0x150 [ 309.031609][T12094] do_syscall_64+0xfa/0x760 [ 309.036127][T12094] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 309.042041][T12094] RIP: 0033:0x459a59 [ 309.045955][T12094] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 309.065655][T12094] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 309.074167][T12094] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 309.083632][T12094] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 309.091616][T12094] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 309.099599][T12094] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 309.102029][T12121] block nbd3: shutting down sockets [ 309.107864][T12094] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 309.109997][T12092] block nbd2: shutting down sockets 05:00:26 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:26 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(0xffffffffffffffff, 0xab03) 05:00:26 executing program 2 (fault-call:7 fault-nth:5): r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:26 executing program 1 (fault-call:3 fault-nth:5): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:26 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8}, 0x37a) sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@getlink={0x20}, 0x20}}, 0x0) 05:00:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 311.533600][T12132] FAULT_INJECTION: forcing a failure. [ 311.533600][T12132] name failslab, interval 1, probability 0, space 0, times 0 [ 311.552816][T12131] block nbd3: shutting down sockets [ 311.592754][T12132] CPU: 0 PID: 12132 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 311.597997][T12138] FAULT_INJECTION: forcing a failure. [ 311.597997][T12138] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 311.603684][T12132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.628849][T12132] Call Trace: [ 311.632160][T12132] dump_stack+0x172/0x1f0 [ 311.636760][T12132] should_fail.cold+0xa/0x15 [ 311.641378][T12132] ? fault_create_debugfs_attr+0x180/0x180 [ 311.647628][T12132] ? ___might_sleep+0x163/0x2c0 [ 311.652831][T12132] __should_failslab+0x121/0x190 [ 311.657762][T12132] should_failslab+0x9/0x14 [ 311.662257][T12132] __kmalloc+0x2e0/0x770 [ 311.666499][T12132] ? apply_wqattrs_prepare+0xae/0x970 [ 311.671877][T12132] apply_wqattrs_prepare+0xae/0x970 [ 311.677067][T12132] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 311.683233][T12132] apply_workqueue_attrs_locked+0xcb/0x140 [ 311.689044][T12132] apply_workqueue_attrs+0x31/0x50 [ 311.694147][T12132] alloc_workqueue+0xab0/0xf10 [ 311.699080][T12132] ? workqueue_sysfs_register+0x3f0/0x3f0 [ 311.704803][T12132] ? save_stack+0x23/0x90 [ 311.709133][T12132] ? mutex_trylock+0x2d0/0x2d0 [ 311.713905][T12132] ? refcount_dec_and_test_checked+0x1b/0x20 [ 311.719964][T12132] ? apparmor_capable+0x2ed/0x630 [ 311.724977][T12132] ? cap_capable+0x205/0x270 [ 311.729564][T12132] nbd_start_device+0x17a/0xbb0 [ 311.734691][T12132] nbd_ioctl+0x6db/0xc44 [ 311.738940][T12132] ? find_held_lock+0x35/0x130 [ 311.743700][T12132] ? nbd_release+0x150/0x150 [ 311.748288][T12132] ? lock_downgrade+0x920/0x920 [ 311.753217][T12132] ? lockdep_hardirqs_on+0x421/0x5e0 [ 311.758497][T12132] ? nbd_release+0x150/0x150 [ 311.763083][T12132] blkdev_ioctl+0xedb/0x1c20 [ 311.768363][T12132] ? blkpg_ioctl+0xa90/0xa90 [ 311.772942][T12132] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 311.778763][T12132] ? __f_unlock_pos+0x19/0x20 [ 311.783460][T12132] block_ioctl+0xee/0x130 [ 311.787789][T12132] ? blkdev_fallocate+0x410/0x410 [ 311.792823][T12132] do_vfs_ioctl+0xdb6/0x13e0 [ 311.797939][T12132] ? compat_ioctl_preallocate+0x210/0x210 [ 311.804191][T12132] ? __fget+0x37f/0x550 [ 311.808343][T12132] ? ksys_dup3+0x3e0/0x3e0 [ 311.812765][T12132] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 311.819083][T12132] ? fput_many+0x12c/0x1a0 [ 311.823508][T12132] ? tomoyo_file_ioctl+0x23/0x30 [ 311.828631][T12132] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 311.834863][T12132] ? security_file_ioctl+0x8d/0xc0 [ 311.839969][T12132] ksys_ioctl+0xab/0xd0 [ 311.844117][T12132] __x64_sys_ioctl+0x73/0xb0 [ 311.848703][T12132] do_syscall_64+0xfa/0x760 [ 311.853199][T12132] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.859090][T12132] RIP: 0033:0x459a59 [ 311.862978][T12132] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 311.882582][T12132] RSP: 002b:00007f9a2875ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 311.890998][T12132] RAX: ffffffffffffffda RBX: 00007f9a2875ac90 RCX: 0000000000459a59 [ 311.898968][T12132] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 311.906947][T12132] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 311.914913][T12132] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a2875b6d4 [ 311.922872][T12132] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 0000000000000009 [ 311.930974][T12138] CPU: 1 PID: 12138 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 311.940025][T12138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 311.950260][T12138] Call Trace: [ 311.953580][T12138] dump_stack+0x172/0x1f0 [ 311.957928][T12138] should_fail.cold+0xa/0x15 [ 311.962522][T12138] ? fault_create_debugfs_attr+0x180/0x180 [ 311.968341][T12138] ? __kasan_check_read+0x11/0x20 [ 311.973375][T12138] ? __lock_acquire+0x16f2/0x4a00 [ 311.978414][T12138] ? stack_trace_consume_entry+0x190/0x190 [ 311.978438][T12138] should_fail_alloc_page+0x50/0x60 [ 311.989416][T12138] __alloc_pages_nodemask+0x1a1/0x910 05:00:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 311.994791][T12138] ? fs_reclaim_release+0xf/0x30 [ 311.994810][T12138] ? __alloc_pages_slowpath+0x2920/0x2920 [ 311.994826][T12138] ? fs_reclaim_release+0xf/0x30 [ 311.994845][T12138] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 311.994863][T12138] ? fault_create_debugfs_attr+0x180/0x180 [ 311.994881][T12138] cache_grow_begin+0x90/0xd00 [ 311.994897][T12138] ? trace_hardirqs_off+0x62/0x240 [ 311.994913][T12138] kmem_cache_alloc+0x64e/0x710 [ 311.994934][T12138] getname_flags+0xd6/0x5b0 05:00:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 311.994953][T12138] user_path_at_empty+0x2f/0x50 [ 312.046401][T12138] do_mount+0x14e/0x1cf0 [ 312.050672][T12138] ? copy_mount_string+0x40/0x40 [ 312.055634][T12138] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.061879][T12138] ? copy_mount_options+0x2e8/0x3f0 [ 312.067097][T12138] ksys_mount+0xdb/0x150 [ 312.071347][T12138] __x64_sys_mount+0xbe/0x150 [ 312.076030][T12138] do_syscall_64+0xfa/0x760 [ 312.080635][T12138] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.086536][T12138] RIP: 0033:0x459a59 [ 312.090438][T12138] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 312.110041][T12138] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 312.118450][T12138] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 312.118458][T12138] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 312.118465][T12138] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 312.118472][T12138] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 312.118479][T12138] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 312.184482][T12132] block nbd2: Could not allocate knbd recv work queue. 05:00:27 executing program 3 (fault-call:10 fault-nth:0): r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 312.202659][T12129] block nbd2: shutting down sockets 05:00:27 executing program 1 (fault-call:3 fault-nth:6): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 312.263630][T12160] FAULT_INJECTION: forcing a failure. [ 312.263630][T12160] name failslab, interval 1, probability 0, space 0, times 0 [ 312.306281][T12160] CPU: 0 PID: 12160 Comm: syz-executor.3 Not tainted 5.4.0-rc3-next-20191015 #0 [ 312.315347][T12160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.325410][T12160] Call Trace: [ 312.328722][T12160] dump_stack+0x172/0x1f0 [ 312.333075][T12160] should_fail.cold+0xa/0x15 [ 312.337682][T12160] ? fault_create_debugfs_attr+0x180/0x180 [ 312.343500][T12160] ? ___might_sleep+0x163/0x2c0 [ 312.348362][T12160] __should_failslab+0x121/0x190 [ 312.353323][T12160] should_failslab+0x9/0x14 [ 312.353338][T12160] __kmalloc+0x2e0/0x770 [ 312.353354][T12160] ? mark_held_locks+0xf0/0xf0 [ 312.353372][T12160] ? mark_lock+0xc2/0x1220 [ 312.362087][T12160] ? _parse_integer+0x190/0x190 [ 312.362106][T12160] ? tomoyo_realpath_from_path+0xcd/0x7b0 [ 312.371253][T12160] tomoyo_realpath_from_path+0xcd/0x7b0 [ 312.371267][T12160] ? tomoyo_path_number_perm+0x193/0x520 [ 312.371288][T12160] tomoyo_path_number_perm+0x1dd/0x520 [ 312.371305][T12160] ? tomoyo_path_number_perm+0x193/0x520 [ 312.381836][T12160] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 312.381855][T12160] ? __f_unlock_pos+0x19/0x20 [ 312.381899][T12160] ? __fget+0x37f/0x550 [ 312.418741][T12160] ? ksys_dup3+0x3e0/0x3e0 [ 312.423189][T12160] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 312.424325][T12163] FAULT_INJECTION: forcing a failure. [ 312.424325][T12163] name failslab, interval 1, probability 0, space 0, times 0 [ 312.429431][T12160] ? fput_many+0x12c/0x1a0 [ 312.429455][T12160] tomoyo_file_ioctl+0x23/0x30 [ 312.429471][T12160] security_file_ioctl+0x77/0xc0 [ 312.429488][T12160] ksys_ioctl+0x57/0xd0 [ 312.461143][T12160] __x64_sys_ioctl+0x73/0xb0 [ 312.465738][T12160] do_syscall_64+0xfa/0x760 [ 312.470246][T12160] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.476138][T12160] RIP: 0033:0x459a59 [ 312.480035][T12160] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 312.499633][T12160] RSP: 002b:00007f38fa9a4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 312.508041][T12160] RAX: ffffffffffffffda RBX: 00007f38fa9a4c90 RCX: 0000000000459a59 [ 312.516001][T12160] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 312.523963][T12160] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 312.531926][T12160] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38fa9a56d4 [ 312.539891][T12160] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 000000000000000a [ 312.548936][T12163] CPU: 1 PID: 12163 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 312.557970][T12163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 312.568029][T12163] Call Trace: [ 312.571342][T12163] dump_stack+0x172/0x1f0 [ 312.575689][T12163] should_fail.cold+0xa/0x15 [ 312.580292][T12163] ? fault_create_debugfs_attr+0x180/0x180 [ 312.586105][T12163] ? ___might_sleep+0x163/0x2c0 [ 312.590998][T12163] __should_failslab+0x121/0x190 [ 312.595943][T12163] should_failslab+0x9/0x14 [ 312.596774][T12160] ERROR: Out of memory at tomoyo_realpath_from_path. [ 312.600443][T12163] __kmalloc+0x2e0/0x770 [ 312.600463][T12163] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.600481][T12163] ? d_absolute_path+0x11b/0x170 [ 312.622546][T12163] ? __d_path+0x140/0x140 [ 312.626885][T12163] ? tomoyo_encode2.part.0+0xf5/0x400 [ 312.632264][T12163] tomoyo_encode2.part.0+0xf5/0x400 [ 312.637499][T12163] tomoyo_encode+0x2b/0x50 [ 312.641920][T12163] tomoyo_realpath_from_path+0x1d3/0x7b0 [ 312.647557][T12163] tomoyo_mount_acl+0x149/0x840 [ 312.652405][T12163] ? __kasan_check_read+0x11/0x20 [ 312.657442][T12163] ? mark_lock+0xc2/0x1220 [ 312.661873][T12163] ? lock_downgrade+0x920/0x920 [ 312.666739][T12163] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 312.672294][T12163] ? __kasan_check_read+0x11/0x20 [ 312.677343][T12163] ? debug_smp_processor_id+0x33/0x18a [ 312.682816][T12163] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 312.688994][T12163] ? lock_acquire+0x190/0x410 [ 312.693781][T12163] ? tomoyo_mount_permission+0x10a/0x400 [ 312.699422][T12163] tomoyo_mount_permission+0x16a/0x400 [ 312.704881][T12163] ? tomoyo_mount_permission+0x10a/0x400 [ 312.710508][T12163] ? tomoyo_mount_acl+0x840/0x840 [ 312.716835][T12163] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 312.723081][T12163] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 312.729325][T12163] ? strncpy_from_user+0x2b4/0x400 [ 312.734430][T12163] tomoyo_sb_mount+0x35/0x40 [ 312.739004][T12163] security_sb_mount+0x87/0xd0 [ 312.743761][T12163] do_mount+0x1d0/0x1cf0 [ 312.747998][T12163] ? copy_mount_string+0x40/0x40 [ 312.752917][T12163] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 312.759133][T12163] ? _copy_from_user+0x12c/0x1a0 [ 312.764067][T12163] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 312.770307][T12163] ? copy_mount_options+0x2e8/0x3f0 [ 312.775511][T12163] ksys_mount+0xdb/0x150 [ 312.779738][T12163] __x64_sys_mount+0xbe/0x150 [ 312.784413][T12163] do_syscall_64+0xfa/0x760 [ 312.788910][T12163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 312.794797][T12163] RIP: 0033:0x459a59 [ 312.798681][T12163] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 312.818615][T12163] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 312.827273][T12163] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 312.835228][T12163] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 312.843191][T12163] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 312.851155][T12163] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 312.859457][T12163] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 312.868229][T12163] ERROR: Out of memory at tomoyo_realpath_from_path. [ 312.898639][ T9110] block nbd3: Receive control failed (result -22) [ 312.907541][ T9110] block nbd3: Receive control failed (result -22) [ 312.917560][T12157] block nbd3: shutting down sockets 05:00:29 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:29 executing program 2 (fault-call:7 fault-nth:6): r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:00:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:29 executing program 1 (fault-call:3 fault-nth:7): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:29 executing program 3 (fault-call:10 fault-nth:1): r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 314.605912][T12176] FAULT_INJECTION: forcing a failure. [ 314.605912][T12176] name failslab, interval 1, probability 0, space 0, times 0 [ 314.622352][T12175] FAULT_INJECTION: forcing a failure. [ 314.622352][T12175] name failslab, interval 1, probability 0, space 0, times 0 [ 314.624997][T12174] FAULT_INJECTION: forcing a failure. [ 314.624997][T12174] name failslab, interval 1, probability 0, space 0, times 0 [ 314.655205][T12176] CPU: 1 PID: 12176 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 314.664265][T12176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.674324][T12176] Call Trace: [ 314.677627][T12176] dump_stack+0x172/0x1f0 [ 314.681974][T12176] should_fail.cold+0xa/0x15 [ 314.686582][T12176] ? fault_create_debugfs_attr+0x180/0x180 [ 314.692402][T12176] ? ___might_sleep+0x163/0x2c0 [ 314.697262][T12176] __should_failslab+0x121/0x190 [ 314.702199][T12176] should_failslab+0x9/0x14 [ 314.702213][T12176] __kmalloc+0x2e0/0x770 [ 314.702225][T12176] ? __kmalloc+0x608/0x770 [ 314.702246][T12176] ? tomoyo_realpath_from_path+0xcd/0x7b0 [ 314.721057][T12176] tomoyo_realpath_from_path+0xcd/0x7b0 [ 314.726592][T12176] tomoyo_mount_acl+0x149/0x840 [ 314.731440][T12176] ? __kasan_check_read+0x11/0x20 [ 314.736445][T12176] ? mark_lock+0xc2/0x1220 [ 314.740841][T12176] ? lock_downgrade+0x920/0x920 [ 314.745673][T12176] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 314.751199][T12176] ? __kasan_check_read+0x11/0x20 [ 314.756210][T12176] ? debug_smp_processor_id+0x33/0x18a [ 314.761665][T12176] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 314.767814][T12176] ? lock_acquire+0x190/0x410 [ 314.772565][T12176] ? tomoyo_mount_permission+0x10a/0x400 [ 314.778193][T12176] tomoyo_mount_permission+0x16a/0x400 [ 314.783630][T12176] ? tomoyo_mount_permission+0x10a/0x400 [ 314.789246][T12176] ? tomoyo_mount_acl+0x840/0x840 [ 314.794348][T12176] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 314.800588][T12176] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 314.806810][T12176] ? strncpy_from_user+0x2b4/0x400 [ 314.811903][T12176] tomoyo_sb_mount+0x35/0x40 [ 314.816481][T12176] security_sb_mount+0x87/0xd0 [ 314.821231][T12176] do_mount+0x1d0/0x1cf0 [ 314.825482][T12176] ? copy_mount_string+0x40/0x40 [ 314.831146][T12176] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 314.837367][T12176] ? copy_mount_options+0x2e8/0x3f0 [ 314.842551][T12176] ksys_mount+0xdb/0x150 [ 314.846782][T12176] __x64_sys_mount+0xbe/0x150 [ 314.851444][T12176] do_syscall_64+0xfa/0x760 [ 314.855932][T12176] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 314.861803][T12176] RIP: 0033:0x459a59 [ 314.865691][T12176] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 314.885452][T12176] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 314.893844][T12176] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 05:00:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 314.901797][T12176] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 314.909748][T12176] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 314.917701][T12176] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 314.925670][T12176] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 314.937079][T12184] ptrace attach of "/root/syz-executor.4"[12183] was attempted by "/root/syz-executor.4"[12184] [ 314.959901][T12174] CPU: 1 PID: 12174 Comm: syz-executor.2 Not tainted 5.4.0-rc3-next-20191015 #0 [ 314.969099][T12174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 314.979345][T12174] Call Trace: [ 314.982659][T12174] dump_stack+0x172/0x1f0 [ 314.987015][T12174] should_fail.cold+0xa/0x15 [ 314.991620][T12174] ? fault_create_debugfs_attr+0x180/0x180 [ 314.997715][T12174] ? ___might_sleep+0x163/0x2c0 [ 315.002667][T12174] __should_failslab+0x121/0x190 [ 315.007817][T12174] should_failslab+0x9/0x14 [ 315.012588][T12174] kmem_cache_alloc_trace+0x2d3/0x790 [ 315.017980][T12174] ? __kmalloc+0x608/0x770 [ 315.022426][T12174] alloc_workqueue_attrs+0x3d/0xc0 [ 315.027554][T12174] apply_wqattrs_prepare+0xb6/0x970 [ 315.032768][T12174] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 315.038969][T12174] apply_workqueue_attrs_locked+0xcb/0x140 [ 315.044791][T12174] apply_workqueue_attrs+0x31/0x50 [ 315.050087][T12174] alloc_workqueue+0xab0/0xf10 [ 315.054880][T12174] ? workqueue_sysfs_register+0x3f0/0x3f0 [ 315.060612][T12174] ? save_stack+0x23/0x90 [ 315.064959][T12174] ? mutex_trylock+0x2d0/0x2d0 [ 315.069750][T12174] ? refcount_dec_and_test_checked+0x1b/0x20 [ 315.075768][T12174] ? apparmor_capable+0x2ed/0x630 [ 315.080822][T12174] ? cap_capable+0x205/0x270 [ 315.085431][T12174] nbd_start_device+0x17a/0xbb0 [ 315.090317][T12174] nbd_ioctl+0x6db/0xc44 [ 315.094583][T12174] ? find_held_lock+0x35/0x130 [ 315.099371][T12174] ? nbd_release+0x150/0x150 [ 315.103985][T12174] ? lock_downgrade+0x920/0x920 05:00:30 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 315.108855][T12174] ? lockdep_hardirqs_on+0x421/0x5e0 [ 315.114176][T12174] ? nbd_release+0x150/0x150 [ 315.118791][T12174] blkdev_ioctl+0xedb/0x1c20 [ 315.123400][T12174] ? blkpg_ioctl+0xa90/0xa90 [ 315.128028][T12174] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 315.133855][T12174] ? __f_unlock_pos+0x19/0x20 [ 315.138571][T12174] block_ioctl+0xee/0x130 [ 315.142912][T12174] ? blkdev_fallocate+0x410/0x410 [ 315.148115][T12174] do_vfs_ioctl+0xdb6/0x13e0 [ 315.152740][T12174] ? compat_ioctl_preallocate+0x210/0x210 [ 315.158470][T12174] ? __fget+0x37f/0x550 [ 315.162640][T12174] ? ksys_dup3+0x3e0/0x3e0 [ 315.167061][T12174] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 315.173299][T12174] ? fput_many+0x12c/0x1a0 [ 315.177718][T12174] ? tomoyo_file_ioctl+0x23/0x30 [ 315.182656][T12174] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.188897][T12174] ? security_file_ioctl+0x8d/0xc0 [ 315.194013][T12174] ksys_ioctl+0xab/0xd0 [ 315.198193][T12174] __x64_sys_ioctl+0x73/0xb0 [ 315.202798][T12174] do_syscall_64+0xfa/0x760 05:00:30 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 315.207324][T12174] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.213215][T12174] RIP: 0033:0x459a59 [ 315.213229][T12174] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.213236][T12174] RSP: 002b:00007f9a2875ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.213249][T12174] RAX: ffffffffffffffda RBX: 00007f9a2875ac90 RCX: 0000000000459a59 [ 315.213256][T12174] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 315.213263][T12174] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.213271][T12174] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9a2875b6d4 [ 315.213278][T12174] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 0000000000000009 [ 315.242040][T12176] ERROR: Out of memory at tomoyo_realpath_from_path. [ 315.255136][T12175] CPU: 0 PID: 12175 Comm: syz-executor.3 Not tainted 5.4.0-rc3-next-20191015 #0 [ 315.301304][T12175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 315.311382][T12175] Call Trace: [ 315.314711][T12175] dump_stack+0x172/0x1f0 [ 315.319075][T12175] should_fail.cold+0xa/0x15 [ 315.323866][T12175] ? fault_create_debugfs_attr+0x180/0x180 [ 315.329706][T12175] ? ___might_sleep+0x163/0x2c0 [ 315.334592][T12175] __should_failslab+0x121/0x190 [ 315.339555][T12175] should_failslab+0x9/0x14 [ 315.344093][T12175] __kmalloc+0x2e0/0x770 [ 315.344116][T12175] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 315.344132][T12175] ? d_absolute_path+0x11b/0x170 [ 315.344146][T12175] ? __d_path+0x140/0x140 [ 315.344162][T12175] ? tomoyo_encode2.part.0+0xf5/0x400 [ 315.344177][T12175] tomoyo_encode2.part.0+0xf5/0x400 [ 315.344194][T12175] tomoyo_encode+0x2b/0x50 [ 315.344207][T12175] tomoyo_realpath_from_path+0x1d3/0x7b0 [ 315.344227][T12175] tomoyo_path_number_perm+0x1dd/0x520 [ 315.390064][T12175] ? tomoyo_path_number_perm+0x193/0x520 [ 315.396266][T12175] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 315.402102][T12175] ? __f_unlock_pos+0x19/0x20 [ 315.407875][T12175] ? __fget+0x37f/0x550 05:00:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:30 executing program 1 (fault-call:3 fault-nth:8): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 315.412061][T12175] ? ksys_dup3+0x3e0/0x3e0 [ 315.416641][T12175] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 315.422906][T12175] ? fput_many+0x12c/0x1a0 [ 315.427399][T12175] tomoyo_file_ioctl+0x23/0x30 [ 315.432197][T12175] security_file_ioctl+0x77/0xc0 [ 315.437159][T12175] ksys_ioctl+0x57/0xd0 [ 315.441308][T12175] __x64_sys_ioctl+0x73/0xb0 [ 315.445916][T12175] do_syscall_64+0xfa/0x760 [ 315.450465][T12175] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 315.456379][T12175] RIP: 0033:0x459a59 [ 315.460356][T12175] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 315.479988][T12175] RSP: 002b:00007f38fa9a4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 315.480006][T12175] RAX: ffffffffffffffda RBX: 00007f38fa9a4c90 RCX: 0000000000459a59 [ 315.480012][T12175] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 05:00:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 315.480019][T12175] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 315.480026][T12175] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38fa9a56d4 [ 315.480032][T12175] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 000000000000000a [ 315.495815][T12175] ERROR: Out of memory at tomoyo_realpath_from_path. [ 315.514480][T12174] block nbd2: Could not allocate knbd recv work queue. [ 315.545773][T12174] block nbd2: shutting down sockets [ 315.552276][T12175] block nbd3: Could not allocate knbd recv work queue. 05:00:30 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 315.575675][T12175] block nbd3: shutting down sockets 05:00:30 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 315.734600][ T9110] block nbd2: Receive control failed (result -22) [ 315.751922][T12211] block nbd2: shutting down sockets [ 315.773160][ T9110] block nbd3: Receive control failed (result -22) 05:00:31 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 315.780232][ T9110] block nbd3: Receive control failed (result -22) [ 315.789783][T12218] block nbd3: shutting down sockets [ 315.843367][T12222] FAULT_INJECTION: forcing a failure. [ 315.843367][T12222] name failslab, interval 1, probability 0, space 0, times 0 [ 315.873040][T12222] CPU: 1 PID: 12222 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 315.882124][T12222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 05:00:31 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x2) 05:00:31 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x2) [ 315.892209][T12222] Call Trace: [ 315.895537][T12222] dump_stack+0x172/0x1f0 [ 315.899921][T12222] should_fail.cold+0xa/0x15 [ 315.904560][T12222] ? fault_create_debugfs_attr+0x180/0x180 [ 315.910833][T12222] ? ___might_sleep+0x163/0x2c0 [ 315.915724][T12222] __should_failslab+0x121/0x190 [ 315.920670][T12222] should_failslab+0x9/0x14 [ 315.925193][T12222] __kmalloc+0x2e0/0x770 [ 315.929472][T12222] ? tomoyo_encode2.part.0+0x340/0x400 [ 315.934969][T12222] tomoyo_encode2.part.0+0x340/0x400 [ 315.940287][T12222] ? __get_fs_type+0x9a/0xd0 [ 315.944899][T12222] tomoyo_encode+0x2b/0x50 [ 315.944915][T12222] tomoyo_mount_acl+0x320/0x840 [ 315.944935][T12222] ? mark_lock+0xc2/0x1220 [ 315.944948][T12222] ? tomoyo_check_mount_acl+0x1b0/0x1b0 [ 315.944965][T12222] ? __kasan_check_read+0x11/0x20 [ 315.944984][T12222] ? debug_smp_processor_id+0x33/0x18a [ 315.945004][T12222] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 315.945036][T12222] ? lock_acquire+0x190/0x410 [ 315.964263][T12222] ? tomoyo_mount_permission+0x10a/0x400 [ 315.964284][T12222] tomoyo_mount_permission+0x16a/0x400 [ 315.964295][T12222] ? tomoyo_mount_permission+0x10a/0x400 [ 315.964308][T12222] ? tomoyo_mount_acl+0x840/0x840 [ 315.964327][T12222] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.964350][T12222] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 315.964364][T12222] ? strncpy_from_user+0x2b4/0x400 [ 315.964382][T12222] tomoyo_sb_mount+0x35/0x40 [ 316.029855][T12222] security_sb_mount+0x87/0xd0 [ 316.030772][T12228] block nbd3: shutting down sockets [ 316.034655][T12222] do_mount+0x1d0/0x1cf0 [ 316.034675][T12222] ? retint_kernel+0x2b/0x2b [ 316.034694][T12222] ? copy_mount_string+0x40/0x40 [ 316.034719][T12222] ? copy_mount_options+0x260/0x3f0 [ 316.034739][T12222] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 316.034751][T12222] ? copy_mount_options+0x2e8/0x3f0 [ 316.034768][T12222] ksys_mount+0xdb/0x150 [ 316.034783][T12222] __x64_sys_mount+0xbe/0x150 [ 316.034803][T12222] do_syscall_64+0xfa/0x760 [ 316.034820][T12222] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 316.034833][T12222] RIP: 0033:0x459a59 [ 316.034849][T12222] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 316.034856][T12222] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 316.034875][T12222] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 316.121398][T12227] block nbd2: shutting down sockets [ 316.123171][T12222] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 316.123181][T12222] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 316.123190][T12222] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 316.123199][T12222] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:00:33 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:33 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:33 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x10) 05:00:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:33 executing program 1 (fault-call:3 fault-nth:9): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:33 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x10) 05:00:33 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:33 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 318.327924][T12244] block nbd2: shutting down sockets [ 318.339481][T12248] FAULT_INJECTION: forcing a failure. [ 318.339481][T12248] name failslab, interval 1, probability 0, space 0, times 0 [ 318.366594][T12241] block nbd3: shutting down sockets 05:00:33 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x301) 05:00:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 318.410603][T12248] CPU: 1 PID: 12248 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 318.419707][T12248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 318.429788][T12248] Call Trace: [ 318.433115][T12248] dump_stack+0x172/0x1f0 [ 318.437497][T12248] should_fail.cold+0xa/0x15 [ 318.442127][T12248] ? fs_reclaim_release+0xf/0x30 [ 318.447116][T12248] ? fault_create_debugfs_attr+0x180/0x180 [ 318.452964][T12248] ? ___might_sleep+0x163/0x2c0 05:00:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2ac"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 318.457941][T12248] __should_failslab+0x121/0x190 [ 318.463118][T12248] should_failslab+0x9/0x14 [ 318.467646][T12248] kmem_cache_alloc_trace+0x2d3/0x790 [ 318.473763][T12248] ? lockdep_init_map+0x1be/0x6d0 [ 318.478831][T12248] legacy_init_fs_context+0x48/0xe0 [ 318.479768][T12259] block nbd2: shutting down sockets [ 318.484070][T12248] ? generic_parse_monolithic+0x200/0x200 [ 318.484084][T12248] alloc_fs_context+0x46e/0x780 [ 318.484106][T12248] fs_context_for_mount+0x25/0x30 [ 318.484122][T12248] do_mount+0x1267/0x1cf0 05:00:33 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x125d) [ 318.484141][T12248] ? copy_mount_string+0x40/0x40 [ 318.484162][T12248] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 318.484177][T12248] ? _copy_from_user+0x12c/0x1a0 [ 318.484194][T12248] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 318.484212][T12248] ? copy_mount_options+0x2e8/0x3f0 [ 318.537948][T12248] ksys_mount+0xdb/0x150 [ 318.542228][T12248] __x64_sys_mount+0xbe/0x150 [ 318.547135][T12248] do_syscall_64+0xfa/0x760 [ 318.551995][T12248] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 318.557912][T12248] RIP: 0033:0x459a59 [ 318.561829][T12248] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 318.581563][T12248] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 318.590969][T12248] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 318.598988][T12248] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:00:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2ac"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 318.603375][T12266] block nbd2: shutting down sockets [ 318.608062][T12248] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 318.608072][T12248] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 318.608078][T12248] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:00:36 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:36 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x301) 05:00:36 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x125e) 05:00:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2ac"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:36 executing program 1 (fault-call:3 fault-nth:10): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 321.393294][T12282] block nbd3: shutting down sockets [ 321.396962][T12285] FAULT_INJECTION: forcing a failure. [ 321.396962][T12285] name failslab, interval 1, probability 0, space 0, times 0 [ 321.419341][T12283] block nbd2: shutting down sockets [ 321.453135][T12285] CPU: 1 PID: 12285 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 321.462201][T12285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 321.472265][T12285] Call Trace: [ 321.475570][T12285] dump_stack+0x172/0x1f0 [ 321.479907][T12285] should_fail.cold+0xa/0x15 [ 321.484481][T12285] ? __lock_acquire+0x16f2/0x4a00 [ 321.492446][T12285] ? fault_create_debugfs_attr+0x180/0x180 [ 321.498255][T12285] ? ___might_sleep+0x163/0x2c0 [ 321.503095][T12285] __should_failslab+0x121/0x190 [ 321.508019][T12285] should_failslab+0x9/0x14 [ 321.512501][T12285] kmem_cache_alloc_trace+0x2d3/0x790 [ 321.517856][T12285] ? lock_downgrade+0x920/0x920 [ 321.522704][T12285] ? rwlock_bug.part.0+0x90/0x90 [ 321.527643][T12285] alloc_super+0x55/0x910 [ 321.531961][T12285] ? __kasan_check_read+0x11/0x20 [ 321.536985][T12285] sget+0x117/0x560 [ 321.540780][T12285] ? get_anon_bdev+0xc0/0xc0 [ 321.545356][T12285] ? ovl_show_options+0x550/0x550 [ 321.550363][T12285] mount_nodev+0x31/0x110 [ 321.554678][T12285] ovl_mount+0x2d/0x40 [ 321.558740][T12285] ? ovl_own_xattr_set+0x10/0x10 [ 321.563661][T12285] legacy_get_tree+0x108/0x220 [ 321.568409][T12285] vfs_get_tree+0x8e/0x300 [ 321.572806][T12285] do_mount+0x142e/0x1cf0 [ 321.577123][T12285] ? copy_mount_string+0x40/0x40 [ 321.582048][T12285] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 321.588268][T12285] ? _copy_from_user+0x12c/0x1a0 [ 321.593194][T12285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 321.599427][T12285] ? copy_mount_options+0x2e8/0x3f0 [ 321.604784][T12285] ksys_mount+0xdb/0x150 [ 321.609011][T12285] __x64_sys_mount+0xbe/0x150 [ 321.613674][T12285] do_syscall_64+0xfa/0x760 [ 321.618168][T12285] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 321.624039][T12285] RIP: 0033:0x459a59 [ 321.627916][T12285] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 05:00:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 321.647502][T12285] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 321.655898][T12285] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 321.663850][T12285] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 321.671887][T12285] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 321.679842][T12285] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 321.687799][T12285] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:00:37 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x125d) 05:00:37 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x125f) 05:00:37 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:37 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:37 executing program 1 (fault-call:3 fault-nth:11): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:37 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 321.908264][T12304] block nbd2: shutting down sockets [ 321.918899][T12310] block nbd3: shutting down sockets 05:00:37 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1260) 05:00:37 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x125e) 05:00:37 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$cont(0x7, r0, 0x0, 0x0) [ 322.057174][T12320] FAULT_INJECTION: forcing a failure. [ 322.057174][T12320] name failslab, interval 1, probability 0, space 0, times 0 [ 322.096851][T12320] CPU: 0 PID: 12320 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 322.105918][T12320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 322.115994][T12320] Call Trace: [ 322.119291][T12320] dump_stack+0x172/0x1f0 [ 322.123658][T12320] should_fail.cold+0xa/0x15 [ 322.128321][T12320] ? fault_create_debugfs_attr+0x180/0x180 [ 322.134172][T12320] ? ___might_sleep+0x163/0x2c0 [ 322.139063][T12320] __should_failslab+0x121/0x190 [ 322.144113][T12320] should_failslab+0x9/0x14 [ 322.148605][T12320] __kmalloc+0x2e0/0x770 [ 322.152843][T12320] ? lockdep_init_map+0x1be/0x6d0 [ 322.157964][T12320] ? prealloc_shrinker+0xa6/0x350 [ 322.162982][T12320] prealloc_shrinker+0xa6/0x350 [ 322.167834][T12320] alloc_super+0x77a/0x910 [ 322.172240][T12320] sget+0x117/0x560 [ 322.176038][T12320] ? get_anon_bdev+0xc0/0xc0 [ 322.180618][T12320] ? ovl_show_options+0x550/0x550 [ 322.185629][T12320] mount_nodev+0x31/0x110 [ 322.189939][T12320] ovl_mount+0x2d/0x40 [ 322.193993][T12320] ? ovl_own_xattr_set+0x10/0x10 [ 322.198921][T12320] legacy_get_tree+0x108/0x220 [ 322.203702][T12320] vfs_get_tree+0x8e/0x300 [ 322.208120][T12320] do_mount+0x142e/0x1cf0 [ 322.212438][T12320] ? copy_mount_string+0x40/0x40 [ 322.217443][T12320] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 322.223675][T12320] ? _copy_from_user+0x12c/0x1a0 [ 322.228621][T12320] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 322.234939][T12320] ? copy_mount_options+0x2e8/0x3f0 [ 322.240122][T12320] ksys_mount+0xdb/0x150 [ 322.244357][T12320] __x64_sys_mount+0xbe/0x150 [ 322.249226][T12320] do_syscall_64+0xfa/0x760 [ 322.253728][T12320] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 322.259604][T12320] RIP: 0033:0x459a59 [ 322.263492][T12320] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 322.283170][T12320] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 322.291574][T12320] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 322.299542][T12320] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:00:37 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 322.307587][T12320] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 322.315549][T12320] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 322.323526][T12320] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 322.356818][T12325] block nbd2: shutting down sockets 05:00:37 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:40 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:40 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x125f) 05:00:40 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1261) 05:00:40 executing program 1 (fault-call:3 fault-nth:12): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:40 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:40 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:40 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:40 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 324.853570][T12351] block nbd2: shutting down sockets [ 324.857355][T12347] block nbd3: shutting down sockets [ 324.867160][T12358] FAULT_INJECTION: forcing a failure. [ 324.867160][T12358] name failslab, interval 1, probability 0, space 0, times 0 [ 324.953141][T12358] CPU: 1 PID: 12358 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 324.962209][T12358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 324.972269][T12358] Call Trace: [ 324.975559][T12358] dump_stack+0x172/0x1f0 [ 324.979881][T12358] should_fail.cold+0xa/0x15 [ 324.984466][T12358] ? fault_create_debugfs_attr+0x180/0x180 [ 324.990280][T12358] ? ___might_sleep+0x163/0x2c0 [ 324.995129][T12358] __should_failslab+0x121/0x190 [ 325.000068][T12358] should_failslab+0x9/0x14 [ 325.004574][T12358] __kmalloc+0x2e0/0x770 [ 325.008807][T12358] ? lockdep_init_map+0x1be/0x6d0 [ 325.013823][T12358] ? prealloc_shrinker+0xa6/0x350 [ 325.018838][T12358] prealloc_shrinker+0xa6/0x350 [ 325.023698][T12358] alloc_super+0x77a/0x910 [ 325.028129][T12358] sget+0x117/0x560 [ 325.031920][T12358] ? get_anon_bdev+0xc0/0xc0 [ 325.036495][T12358] ? ovl_show_options+0x550/0x550 [ 325.041522][T12358] mount_nodev+0x31/0x110 [ 325.045834][T12358] ovl_mount+0x2d/0x40 [ 325.049883][T12358] ? ovl_own_xattr_set+0x10/0x10 [ 325.054800][T12358] legacy_get_tree+0x108/0x220 [ 325.059555][T12358] vfs_get_tree+0x8e/0x300 [ 325.063957][T12358] do_mount+0x142e/0x1cf0 [ 325.068273][T12358] ? copy_mount_string+0x40/0x40 [ 325.073197][T12358] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 325.079460][T12358] ? _copy_from_user+0x12c/0x1a0 [ 325.084393][T12358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.090621][T12358] ? copy_mount_options+0x2e8/0x3f0 [ 325.096247][T12358] ksys_mount+0xdb/0x150 [ 325.100480][T12358] __x64_sys_mount+0xbe/0x150 [ 325.105278][T12358] do_syscall_64+0xfa/0x760 [ 325.109793][T12358] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.115675][T12358] RIP: 0033:0x459a59 [ 325.119565][T12358] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 325.139762][T12358] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:00:40 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1262) 05:00:40 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1260) [ 325.148158][T12358] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 325.156112][T12358] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 325.164674][T12358] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 325.172628][T12358] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 325.181100][T12358] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 325.264834][T12370] block nbd2: shutting down sockets 05:00:40 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:40 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1263) [ 325.371836][T12377] block nbd3: shutting down sockets 05:00:40 executing program 1 (fault-call:3 fault-nth:13): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:40 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 325.431543][T12380] block nbd2: shutting down sockets 05:00:40 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:40 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1261) [ 325.619676][T12395] block nbd3: shutting down sockets [ 325.706112][T12401] FAULT_INJECTION: forcing a failure. [ 325.706112][T12401] name failslab, interval 1, probability 0, space 0, times 0 [ 325.719328][T12401] CPU: 1 PID: 12401 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 325.728533][T12401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 325.738709][T12401] Call Trace: [ 325.742014][T12401] dump_stack+0x172/0x1f0 [ 325.746347][T12401] should_fail.cold+0xa/0x15 [ 325.751102][T12401] ? fault_create_debugfs_attr+0x180/0x180 [ 325.756907][T12401] ? ___might_sleep+0x163/0x2c0 [ 325.761840][T12401] __should_failslab+0x121/0x190 [ 325.766774][T12401] should_failslab+0x9/0x14 [ 325.771283][T12401] __kmalloc+0x2e0/0x770 [ 325.775523][T12401] ? __list_lru_init+0xd1/0x710 [ 325.780364][T12401] __list_lru_init+0xd1/0x710 [ 325.785027][T12401] alloc_super+0x7cc/0x910 [ 325.789437][T12401] sget+0x117/0x560 [ 325.793239][T12401] ? get_anon_bdev+0xc0/0xc0 [ 325.797820][T12401] ? ovl_show_options+0x550/0x550 [ 325.802831][T12401] mount_nodev+0x31/0x110 [ 325.807160][T12401] ovl_mount+0x2d/0x40 [ 325.811220][T12401] ? ovl_own_xattr_set+0x10/0x10 [ 325.816158][T12401] legacy_get_tree+0x108/0x220 [ 325.820919][T12401] vfs_get_tree+0x8e/0x300 [ 325.825318][T12401] do_mount+0x142e/0x1cf0 [ 325.829644][T12401] ? copy_mount_string+0x40/0x40 [ 325.834585][T12401] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 325.840821][T12401] ? _copy_from_user+0x12c/0x1a0 [ 325.845745][T12401] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 325.852052][T12401] ? copy_mount_options+0x2e8/0x3f0 [ 325.857239][T12401] ksys_mount+0xdb/0x150 [ 325.861472][T12401] __x64_sys_mount+0xbe/0x150 [ 325.866147][T12401] do_syscall_64+0xfa/0x760 [ 325.870635][T12401] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 325.876514][T12401] RIP: 0033:0x459a59 [ 325.880412][T12401] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 325.900013][T12401] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 325.908424][T12401] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 325.916390][T12401] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 325.924384][T12401] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 325.932436][T12401] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 325.940402][T12401] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:00:43 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:43 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1264) 05:00:43 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1262) 05:00:43 executing program 1 (fault-call:3 fault-nth:14): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 327.856279][T12406] block nbd3: shutting down sockets [ 327.865782][T12409] FAULT_INJECTION: forcing a failure. [ 327.865782][T12409] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 327.879644][T12409] CPU: 0 PID: 12409 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 327.881024][T12408] block nbd2: shutting down sockets [ 327.889236][T12409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 327.889244][T12409] Call Trace: [ 327.889276][T12409] dump_stack+0x172/0x1f0 [ 327.889303][T12409] should_fail.cold+0xa/0x15 [ 327.889324][T12409] ? fault_create_debugfs_attr+0x180/0x180 [ 327.889343][T12409] ? __kasan_check_read+0x11/0x20 [ 327.889356][T12409] ? __lock_acquire+0x16f2/0x4a00 [ 327.889377][T12409] should_fail_alloc_page+0x50/0x60 [ 327.889390][T12409] __alloc_pages_nodemask+0x1a1/0x910 [ 327.889406][T12409] ? fs_reclaim_release+0xf/0x30 [ 327.889422][T12409] ? __alloc_pages_slowpath+0x2920/0x2920 [ 327.889438][T12409] ? fs_reclaim_release+0xf/0x30 [ 327.889455][T12409] ? __lock_acquire+0x16f2/0x4a00 [ 327.889472][T12409] ? fault_create_debugfs_attr+0x180/0x180 [ 327.889496][T12409] cache_grow_begin+0x90/0xd00 [ 327.917788][T12409] ? trace_hardirqs_off+0x62/0x240 [ 327.950478][T12409] kmem_cache_alloc_trace+0x6b3/0x790 [ 327.950506][T12409] alloc_super+0x55/0x910 [ 327.950520][T12409] ? __kasan_check_read+0x11/0x20 [ 327.950539][T12409] sget+0x117/0x560 [ 327.950551][T12409] ? get_anon_bdev+0xc0/0xc0 [ 327.950579][T12409] ? ovl_show_options+0x550/0x550 [ 327.994705][T12409] mount_nodev+0x31/0x110 [ 328.003563][T12409] ovl_mount+0x2d/0x40 [ 328.003576][T12409] ? ovl_own_xattr_set+0x10/0x10 [ 328.003591][T12409] legacy_get_tree+0x108/0x220 [ 328.003610][T12409] vfs_get_tree+0x8e/0x300 [ 328.036186][T12409] do_mount+0x142e/0x1cf0 [ 328.040544][T12409] ? copy_mount_string+0x40/0x40 [ 328.045673][T12409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 328.051972][T12409] ? copy_mount_options+0x2e8/0x3f0 [ 328.057202][T12409] ksys_mount+0xdb/0x150 [ 328.061693][T12409] __x64_sys_mount+0xbe/0x150 [ 328.063456][T12418] block nbd2: shutting down sockets [ 328.066829][T12409] do_syscall_64+0xfa/0x760 [ 328.066852][T12409] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 328.066864][T12409] RIP: 0033:0x459a59 [ 328.066908][T12409] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 05:00:43 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1265) 05:00:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc1000000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:43 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1267) 05:00:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc1000000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:43 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1263) [ 328.066921][T12409] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 328.114847][T12409] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 328.123234][T12409] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 328.123242][T12409] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 328.123250][T12409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 328.123257][T12409] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 328.187917][T12424] block nbd3: shutting down sockets [ 328.234640][T12426] block nbd2: shutting down sockets 05:00:43 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:43 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1264) [ 328.610365][T12437] block nbd3: shutting down sockets 05:00:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$dupfd(r2, 0x0, r1) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc1000000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:46 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1268) 05:00:46 executing program 1 (fault-call:3 fault-nth:15): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:46 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1265) 05:00:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 330.885516][T12449] block nbd3: shutting down sockets [ 330.916714][T12445] block nbd2: shutting down sockets [ 330.923141][T12455] FAULT_INJECTION: forcing a failure. 05:00:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:46 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1267) [ 330.923141][T12455] name failslab, interval 1, probability 0, space 0, times 0 05:00:46 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1269) [ 330.980697][T12455] CPU: 1 PID: 12455 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 330.990086][T12455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 330.990094][T12455] Call Trace: [ 330.990120][T12455] dump_stack+0x172/0x1f0 [ 330.990147][T12455] should_fail.cold+0xa/0x15 [ 330.990166][T12455] ? fault_create_debugfs_attr+0x180/0x180 [ 330.990189][T12455] ? ___might_sleep+0x163/0x2c0 [ 331.023427][T12455] __should_failslab+0x121/0x190 05:00:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 331.028566][T12455] should_failslab+0x9/0x14 [ 331.033082][T12455] __kmalloc+0x2e0/0x770 [ 331.033105][T12455] ? lockdep_init_map+0x1be/0x6d0 [ 331.033120][T12455] ? prealloc_shrinker+0xa6/0x350 [ 331.033137][T12455] prealloc_shrinker+0xa6/0x350 [ 331.033164][T12455] alloc_super+0x77a/0x910 [ 331.047861][T12455] sget+0x117/0x560 [ 331.047876][T12455] ? get_anon_bdev+0xc0/0xc0 [ 331.047895][T12455] ? ovl_show_options+0x550/0x550 [ 331.057163][T12455] mount_nodev+0x31/0x110 [ 331.057180][T12455] ovl_mount+0x2d/0x40 [ 331.057195][T12455] ? ovl_own_xattr_set+0x10/0x10 [ 331.057211][T12455] legacy_get_tree+0x108/0x220 [ 331.057232][T12455] vfs_get_tree+0x8e/0x300 [ 331.075175][T12455] do_mount+0x142e/0x1cf0 [ 331.098162][T12455] ? retint_kernel+0x2b/0x2b [ 331.098185][T12455] ? copy_mount_string+0x40/0x40 [ 331.098200][T12455] ? copy_mount_options+0x241/0x3f0 [ 331.098219][T12455] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 331.098239][T12455] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 331.131410][T12455] ? copy_mount_options+0x2e8/0x3f0 [ 331.136740][T12455] ksys_mount+0xdb/0x150 [ 331.141946][T12455] __x64_sys_mount+0xbe/0x150 [ 331.146924][T12455] do_syscall_64+0xfa/0x760 [ 331.151547][T12455] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.157730][T12455] RIP: 0033:0x459a59 05:00:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 331.163165][T12455] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.184998][T12455] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 331.193428][T12455] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 331.201505][T12455] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 331.209855][T12455] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 331.214994][T12471] block nbd3: shutting down sockets [ 331.218773][T12455] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 331.218782][T12455] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 331.240545][T12472] block nbd2: shutting down sockets 05:00:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:46 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1274) 05:00:46 executing program 1 (fault-call:3 fault-nth:16): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x1) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:00:46 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1268) [ 331.468458][T12485] block nbd2: shutting down sockets 05:00:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:46 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1276) [ 331.611419][T12501] FAULT_INJECTION: forcing a failure. [ 331.611419][T12501] name failslab, interval 1, probability 0, space 0, times 0 05:00:46 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) [ 331.660252][T12504] block nbd2: shutting down sockets [ 331.687488][T12502] block nbd3: shutting down sockets [ 331.731749][T12501] CPU: 1 PID: 12501 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 331.742137][T12501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 331.759115][T12501] Call Trace: [ 331.763332][T12501] dump_stack+0x172/0x1f0 [ 331.767791][T12501] should_fail.cold+0xa/0x15 [ 331.772627][T12501] ? fault_create_debugfs_attr+0x180/0x180 [ 331.778666][T12501] ? ___might_sleep+0x163/0x2c0 [ 331.783714][T12501] __should_failslab+0x121/0x190 [ 331.788845][T12501] should_failslab+0x9/0x14 [ 331.793451][T12501] __kmalloc+0x2e0/0x770 [ 331.798667][T12501] ? __list_lru_init+0xd1/0x710 [ 331.798685][T12501] __list_lru_init+0xd1/0x710 [ 331.798705][T12501] alloc_super+0x7cc/0x910 [ 331.813526][T12501] sget+0x117/0x560 [ 331.818226][T12501] ? get_anon_bdev+0xc0/0xc0 [ 331.823480][T12501] ? ovl_show_options+0x550/0x550 [ 331.828612][T12501] mount_nodev+0x31/0x110 [ 331.832963][T12501] ovl_mount+0x2d/0x40 [ 331.842414][T12501] ? ovl_own_xattr_set+0x10/0x10 [ 331.852618][T12501] legacy_get_tree+0x108/0x220 [ 331.857951][T12501] vfs_get_tree+0x8e/0x300 [ 331.862911][T12501] do_mount+0x142e/0x1cf0 [ 331.868224][T12501] ? copy_mount_string+0x40/0x40 [ 331.881319][T12501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 331.881335][T12501] ? copy_mount_options+0x2e8/0x3f0 [ 331.881354][T12501] ksys_mount+0xdb/0x150 [ 331.895111][T12501] __x64_sys_mount+0xbe/0x150 [ 331.895129][T12501] do_syscall_64+0xfa/0x760 [ 331.895149][T12501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 331.895160][T12501] RIP: 0033:0x459a59 [ 331.895181][T12501] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 331.946486][T12501] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 331.955121][T12501] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 331.963092][T12501] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 331.971061][T12501] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:00:47 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1269) 05:00:47 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = fcntl$dupfd(r1, 0x0, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:00:47 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 331.979033][T12501] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 331.986999][T12501] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 332.039993][T12521] block nbd3: shutting down sockets 05:00:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:49 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1277) 05:00:49 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:49 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1274) 05:00:49 executing program 1 (fault-call:3 fault-nth:17): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0xffffffffffffffff, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:49 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1276) 05:00:49 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 334.532606][T12537] block nbd3: shutting down sockets [ 334.544480][T12533] block nbd2: shutting down sockets [ 334.563190][T12542] FAULT_INJECTION: forcing a failure. [ 334.563190][T12542] name failslab, interval 1, probability 0, space 0, times 0 05:00:49 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1278) 05:00:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 334.623034][T12542] CPU: 1 PID: 12542 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 334.632099][T12542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 334.642160][T12542] Call Trace: [ 334.645466][T12542] dump_stack+0x172/0x1f0 [ 334.649820][T12542] should_fail.cold+0xa/0x15 [ 334.654435][T12542] ? fault_create_debugfs_attr+0x180/0x180 [ 334.660437][T12542] ? ___might_sleep+0x163/0x2c0 [ 334.665322][T12542] __should_failslab+0x121/0x190 [ 334.670288][T12542] should_failslab+0x9/0x14 [ 334.674803][T12542] kmem_cache_alloc_node_trace+0x274/0x750 [ 334.681749][T12542] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 334.687579][T12542] __kmalloc_node+0x3d/0x70 [ 334.692101][T12542] kvmalloc_node+0x68/0x100 [ 334.693599][T12549] block nbd3: shutting down sockets [ 334.696605][T12542] __list_lru_init+0x4d5/0x710 [ 334.696628][T12542] alloc_super+0x7cc/0x910 [ 334.696647][T12542] sget+0x117/0x560 [ 334.714796][T12542] ? get_anon_bdev+0xc0/0xc0 05:00:50 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:50 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1277) [ 334.719383][T12542] ? ovl_show_options+0x550/0x550 [ 334.724412][T12542] mount_nodev+0x31/0x110 [ 334.728747][T12542] ovl_mount+0x2d/0x40 [ 334.732823][T12542] ? ovl_own_xattr_set+0x10/0x10 [ 334.737767][T12542] legacy_get_tree+0x108/0x220 [ 334.742536][T12542] vfs_get_tree+0x8e/0x300 [ 334.746965][T12542] do_mount+0x142e/0x1cf0 [ 334.751313][T12542] ? copy_mount_string+0x40/0x40 [ 334.756613][T12542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 334.762860][T12542] ? copy_mount_options+0x2e8/0x3f0 [ 334.768074][T12542] ksys_mount+0xdb/0x150 [ 334.772330][T12542] __x64_sys_mount+0xbe/0x150 [ 334.777021][T12542] do_syscall_64+0xfa/0x760 [ 334.781531][T12542] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 334.787423][T12542] RIP: 0033:0x459a59 [ 334.791331][T12542] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 334.810938][T12542] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:00:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:50 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 334.819355][T12542] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 334.827329][T12542] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 334.835315][T12542] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 334.835991][T12558] block nbd3: shutting down sockets [ 334.843279][T12542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 334.843288][T12542] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:00:50 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 334.896169][T12550] block nbd2: shutting down sockets 05:00:50 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1278) [ 335.065728][T12574] ptrace attach of "/root/syz-executor.4"[12573] was attempted by "/root/syz-executor.4"[12574] [ 335.129631][T12578] block nbd3: shutting down sockets 05:00:50 executing program 1 (fault-call:3 fault-nth:18): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:50 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x1279) 05:00:50 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:50 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:50 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x1279) [ 335.275915][T12591] ptrace attach of "/root/syz-executor.4"[12590] was attempted by "/root/syz-executor.4"[12591] [ 335.303539][T12583] block nbd2: shutting down sockets [ 335.314957][T12586] block nbd3: shutting down sockets 05:00:50 executing program 4: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:50 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:50 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x127a) [ 335.397329][T12596] FAULT_INJECTION: forcing a failure. [ 335.397329][T12596] name failslab, interval 1, probability 0, space 0, times 0 [ 335.454602][T12596] CPU: 0 PID: 12596 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 335.463680][T12596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.474178][T12596] Call Trace: [ 335.477481][T12596] dump_stack+0x172/0x1f0 [ 335.477509][T12596] should_fail.cold+0xa/0x15 [ 335.486890][T12596] ? fault_create_debugfs_attr+0x180/0x180 [ 335.492718][T12596] ? ___might_sleep+0x163/0x2c0 [ 335.497581][T12596] __should_failslab+0x121/0x190 [ 335.503133][T12596] should_failslab+0x9/0x14 [ 335.507658][T12596] kmem_cache_alloc_trace+0x2d3/0x790 [ 335.513218][T12596] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 335.519046][T12596] __memcg_init_list_lru_node+0x8a/0x1e0 [ 335.524686][T12596] __list_lru_init+0x3fe/0x710 [ 335.529444][T12596] alloc_super+0x7cc/0x910 [ 335.533848][T12596] sget+0x117/0x560 [ 335.537641][T12596] ? get_anon_bdev+0xc0/0xc0 [ 335.542214][T12596] ? ovl_show_options+0x550/0x550 [ 335.547223][T12596] mount_nodev+0x31/0x110 [ 335.551536][T12596] ovl_mount+0x2d/0x40 [ 335.556193][T12596] ? ovl_own_xattr_set+0x10/0x10 [ 335.561114][T12596] legacy_get_tree+0x108/0x220 [ 335.565864][T12596] vfs_get_tree+0x8e/0x300 [ 335.570261][T12596] do_mount+0x142e/0x1cf0 [ 335.574577][T12596] ? copy_mount_string+0x40/0x40 [ 335.579506][T12596] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 335.585727][T12596] ? copy_mount_options+0x2e8/0x3f0 [ 335.590911][T12596] ksys_mount+0xdb/0x150 [ 335.595312][T12596] __x64_sys_mount+0xbe/0x150 [ 335.600075][T12596] do_syscall_64+0xfa/0x760 [ 335.605517][T12596] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 335.611392][T12596] RIP: 0033:0x459a59 [ 335.615270][T12596] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 335.635392][T12596] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 335.643781][T12596] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 335.651748][T12596] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 335.659702][T12596] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 335.667652][T12596] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 335.675611][T12596] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 335.704090][T12598] block nbd2: shutting down sockets [ 335.750362][T12611] ptrace attach of "/root/syz-executor.4"[12610] was attempted by "/root/syz-executor.4"[12611] 05:00:53 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:53 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x127a) 05:00:53 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x127b) 05:00:53 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:53 executing program 1 (fault-call:3 fault-nth:19): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 337.984985][T12621] block nbd3: shutting down sockets [ 337.985470][T12616] block nbd2: shutting down sockets [ 338.001195][T12624] FAULT_INJECTION: forcing a failure. [ 338.001195][T12624] name failslab, interval 1, probability 0, space 0, times 0 [ 338.043066][T12624] CPU: 0 PID: 12624 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 338.052150][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.062225][T12624] Call Trace: [ 338.065568][T12624] dump_stack+0x172/0x1f0 [ 338.069914][T12624] should_fail.cold+0xa/0x15 [ 338.074549][T12624] ? fault_create_debugfs_attr+0x180/0x180 [ 338.080534][T12624] ? ___might_sleep+0x163/0x2c0 [ 338.085536][T12624] __should_failslab+0x121/0x190 [ 338.090517][T12624] should_failslab+0x9/0x14 [ 338.095054][T12624] kmem_cache_alloc_trace+0x2d3/0x790 [ 338.101412][T12624] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 338.107701][T12624] __memcg_init_list_lru_node+0x8a/0x1e0 [ 338.113377][T12624] __list_lru_init+0x3fe/0x710 [ 338.118267][T12624] alloc_super+0x7cc/0x910 [ 338.122719][T12624] sget+0x117/0x560 [ 338.126564][T12624] ? get_anon_bdev+0xc0/0xc0 [ 338.131189][T12624] ? ovl_show_options+0x550/0x550 [ 338.136250][T12624] mount_nodev+0x31/0x110 [ 338.140604][T12624] ovl_mount+0x2d/0x40 [ 338.144736][T12624] ? ovl_own_xattr_set+0x10/0x10 [ 338.149709][T12624] legacy_get_tree+0x108/0x220 [ 338.154500][T12624] vfs_get_tree+0x8e/0x300 [ 338.158944][T12624] do_mount+0x142e/0x1cf0 [ 338.163298][T12624] ? copy_mount_string+0x40/0x40 [ 338.163324][T12624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.163336][T12624] ? copy_mount_options+0x2e8/0x3f0 [ 338.163353][T12624] ksys_mount+0xdb/0x150 [ 338.163371][T12624] __x64_sys_mount+0xbe/0x150 [ 338.188637][T12624] do_syscall_64+0xfa/0x760 [ 338.193180][T12624] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.199308][T12624] RIP: 0033:0x459a59 [ 338.203237][T12624] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 338.222866][T12624] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 338.231297][T12624] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 05:00:53 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x127c) 05:00:53 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:53 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x127b) 05:00:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(0x0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:00:53 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 338.239296][T12624] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 338.239306][T12624] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 338.239313][T12624] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 338.239320][T12624] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 338.319550][T12638] block nbd3: shutting down sockets 05:00:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) wait4(0x0, 0x0, 0x0, 0x0) [ 338.380017][T12642] block nbd2: shutting down sockets 05:00:53 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x127c) 05:00:53 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:53 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x127d) 05:00:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) wait4(0x0, 0x0, 0x0, 0x0) 05:00:53 executing program 1 (fault-call:3 fault-nth:20): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 338.610001][T12657] block nbd3: shutting down sockets [ 338.665091][T12659] block nbd2: shutting down sockets 05:00:54 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x127d) [ 338.738787][T12669] FAULT_INJECTION: forcing a failure. [ 338.738787][T12669] name failslab, interval 1, probability 0, space 0, times 0 [ 338.781637][T12669] CPU: 1 PID: 12669 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 338.790715][T12669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.801497][T12669] Call Trace: [ 338.805556][T12669] dump_stack+0x172/0x1f0 [ 338.809931][T12669] should_fail.cold+0xa/0x15 [ 338.814566][T12669] ? fault_create_debugfs_attr+0x180/0x180 [ 338.820420][T12669] ? ___might_sleep+0x163/0x2c0 [ 338.822626][T12675] block nbd3: shutting down sockets [ 338.825553][T12669] __should_failslab+0x121/0x190 [ 338.825576][T12669] should_failslab+0x9/0x14 [ 338.825591][T12669] kmem_cache_alloc_trace+0x2d3/0x790 [ 338.825606][T12669] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 338.825627][T12669] __memcg_init_list_lru_node+0x8a/0x1e0 [ 338.825643][T12669] __list_lru_init+0x3fe/0x710 [ 338.825663][T12669] alloc_super+0x7cc/0x910 [ 338.825681][T12669] sget+0x117/0x560 [ 338.870668][T12669] ? get_anon_bdev+0xc0/0xc0 [ 338.875401][T12669] ? ovl_show_options+0x550/0x550 [ 338.880455][T12669] mount_nodev+0x31/0x110 [ 338.884813][T12669] ovl_mount+0x2d/0x40 [ 338.889258][T12669] ? ovl_own_xattr_set+0x10/0x10 [ 338.894218][T12669] legacy_get_tree+0x108/0x220 [ 338.899003][T12669] vfs_get_tree+0x8e/0x300 [ 338.903440][T12669] do_mount+0x142e/0x1cf0 [ 338.907826][T12669] ? copy_mount_string+0x40/0x40 [ 338.912795][T12669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 338.919006][T12678] block nbd3: shutting down sockets [ 338.919052][T12669] ? copy_mount_options+0x2e8/0x3f0 [ 338.929665][T12669] ksys_mount+0xdb/0x150 [ 338.933936][T12669] __x64_sys_mount+0xbe/0x150 [ 338.938645][T12669] do_syscall_64+0xfa/0x760 [ 338.943273][T12669] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 338.949191][T12669] RIP: 0033:0x459a59 [ 338.953106][T12669] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 05:00:54 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x127e) 05:00:54 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x127f) 05:00:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x0) wait4(0x0, 0x0, 0x0, 0x0) 05:00:54 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x127e) [ 338.974812][T12669] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 338.983246][T12669] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 338.991392][T12669] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 338.999894][T12669] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 339.007966][T12669] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 339.016032][T12669] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 339.022228][T12680] block nbd3: shutting down sockets [ 339.139959][T12688] block nbd2: shutting down sockets 05:00:56 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:56 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:56 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0x2c) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r1 = dup(r0) sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0) 05:00:56 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x4c00) 05:00:56 executing program 1 (fault-call:3 fault-nth:21): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:56 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x127f) [ 341.399715][T12695] block nbd3: shutting down sockets [ 341.408150][T12698] block nbd2: shutting down sockets [ 341.433281][T12702] FAULT_INJECTION: forcing a failure. [ 341.433281][T12702] name failslab, interval 1, probability 0, space 0, times 0 05:00:56 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:56 executing program 0: syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1, &(0x7f00000000c0)=[{&(0x7f0000000040)="800000003804000019000300e60100006c000000000000000300000001000000004000000040000080000000000000006d5ebe5a0000ffff53ef", 0x3a, 0x400}], 0x0, 0x0) [ 341.459354][T12702] CPU: 0 PID: 12702 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 341.468452][T12702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.478531][T12702] Call Trace: [ 341.481863][T12702] dump_stack+0x172/0x1f0 [ 341.486750][T12702] should_fail.cold+0xa/0x15 [ 341.491376][T12702] ? fault_create_debugfs_attr+0x180/0x180 [ 341.497220][T12702] ? ___might_sleep+0x163/0x2c0 [ 341.502117][T12702] __should_failslab+0x121/0x190 [ 341.507080][T12702] should_failslab+0x9/0x14 [ 341.511603][T12702] kmem_cache_alloc_trace+0x2d3/0x790 [ 341.517018][T12702] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 341.522862][T12702] __memcg_init_list_lru_node+0x8a/0x1e0 [ 341.522882][T12702] __list_lru_init+0x3fe/0x710 [ 341.522901][T12702] alloc_super+0x7cc/0x910 [ 341.522918][T12702] sget+0x117/0x560 [ 341.522930][T12702] ? get_anon_bdev+0xc0/0xc0 [ 341.522948][T12702] ? ovl_show_options+0x550/0x550 [ 341.522961][T12702] mount_nodev+0x31/0x110 [ 341.522973][T12702] ovl_mount+0x2d/0x40 [ 341.522984][T12702] ? ovl_own_xattr_set+0x10/0x10 [ 341.522999][T12702] legacy_get_tree+0x108/0x220 [ 341.523013][T12702] vfs_get_tree+0x8e/0x300 [ 341.523028][T12702] do_mount+0x142e/0x1cf0 [ 341.523046][T12702] ? copy_mount_string+0x40/0x40 [ 341.523070][T12702] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 341.523082][T12702] ? copy_mount_options+0x2e8/0x3f0 [ 341.523098][T12702] ksys_mount+0xdb/0x150 [ 341.523114][T12702] __x64_sys_mount+0xbe/0x150 [ 341.523132][T12702] do_syscall_64+0xfa/0x760 [ 341.523151][T12702] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 341.523161][T12702] RIP: 0033:0x459a59 [ 341.523176][T12702] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 341.523182][T12702] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 341.523193][T12702] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 05:00:56 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:56 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x4c00) 05:00:56 executing program 1 (fault-call:3 fault-nth:22): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:56 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:56 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x4c01) [ 341.523200][T12702] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 341.523207][T12702] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 341.523214][T12702] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 341.523220][T12702] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:00:57 executing program 0: openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xa93f) io_setup(0x65ce, &(0x7f00000019c0)) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x0) [ 341.742291][T12718] block nbd2: shutting down sockets [ 341.775428][T12719] block nbd3: shutting down sockets 05:00:57 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x4c01) 05:00:57 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 341.838292][T12726] FAULT_INJECTION: forcing a failure. [ 341.838292][T12726] name failslab, interval 1, probability 0, space 0, times 0 05:00:57 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x5421) [ 341.889791][T12726] CPU: 0 PID: 12726 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 341.898892][T12726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.908976][T12726] Call Trace: [ 341.912305][T12726] dump_stack+0x172/0x1f0 [ 341.916673][T12726] should_fail.cold+0xa/0x15 [ 341.921287][T12726] ? fault_create_debugfs_attr+0x180/0x180 [ 341.927129][T12726] ? ___might_sleep+0x163/0x2c0 [ 341.932031][T12726] __should_failslab+0x121/0x190 [ 341.936967][T12726] should_failslab+0x9/0x14 [ 341.941487][T12726] kmem_cache_alloc_trace+0x2d3/0x790 [ 341.946868][T12726] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 341.952714][T12726] __memcg_init_list_lru_node+0x8a/0x1e0 [ 341.958408][T12726] __list_lru_init+0x3fe/0x710 [ 341.963181][T12726] alloc_super+0x7cc/0x910 [ 341.967587][T12726] sget+0x117/0x560 [ 341.971426][T12726] ? get_anon_bdev+0xc0/0xc0 [ 341.976042][T12726] ? ovl_show_options+0x550/0x550 [ 341.981066][T12726] mount_nodev+0x31/0x110 [ 341.985481][T12726] ovl_mount+0x2d/0x40 [ 341.989585][T12726] ? ovl_own_xattr_set+0x10/0x10 [ 341.994512][T12726] legacy_get_tree+0x108/0x220 [ 341.999304][T12726] vfs_get_tree+0x8e/0x300 [ 342.004451][T12726] do_mount+0x142e/0x1cf0 [ 342.008767][T12726] ? copy_mount_string+0x40/0x40 [ 342.013694][T12726] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.020001][T12726] ? copy_mount_options+0x2e8/0x3f0 [ 342.025183][T12726] ksys_mount+0xdb/0x150 [ 342.029411][T12726] __x64_sys_mount+0xbe/0x150 [ 342.034421][T12726] do_syscall_64+0xfa/0x760 [ 342.038908][T12726] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.045129][T12726] RIP: 0033:0x459a59 [ 342.049011][T12726] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.068594][T12726] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 342.076987][T12726] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 342.084948][T12726] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 342.092990][T12726] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 342.100947][T12726] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 342.109023][T12726] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 342.191128][T12737] block nbd3: shutting down sockets [ 342.211789][T12735] block nbd2: shutting down sockets 05:00:57 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) dup2(r2, r0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000100)=[@request_death={0x40046304}], 0x0, 0x0, 0x0}) 05:00:57 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x5450) 05:00:57 executing program 1 (fault-call:3 fault-nth:23): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:00:57 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5420) [ 342.344611][T12750] debugfs: File '12749' in directory 'proc' already present! [ 342.365114][T12750] binder: 12749:12750 unknown command 0 [ 342.371947][T12750] binder: 12749:12750 ioctl c0306201 200001c0 returned -22 05:00:57 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) dup2(r2, r0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000100)=[@request_death={0x40046304}], 0x0, 0x0, 0x0}) [ 342.439688][T12754] block nbd3: shutting down sockets [ 342.449755][T12753] block nbd2: shutting down sockets 05:00:57 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x5451) [ 342.524189][T12761] FAULT_INJECTION: forcing a failure. [ 342.524189][T12761] name failslab, interval 1, probability 0, space 0, times 0 [ 342.543887][T12762] debugfs: File '12760' in directory 'proc' already present! [ 342.552569][T12761] CPU: 0 PID: 12761 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 342.561602][T12761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 342.571664][T12761] Call Trace: [ 342.574974][T12761] dump_stack+0x172/0x1f0 [ 342.580893][T12761] should_fail.cold+0xa/0x15 [ 342.585510][T12761] ? fault_create_debugfs_attr+0x180/0x180 [ 342.590264][T12762] binder: 12760:12762 unknown command 0 [ 342.591325][T12761] ? ___might_sleep+0x163/0x2c0 [ 342.591354][T12761] __should_failslab+0x121/0x190 [ 342.600727][T12762] binder: 12760:12762 ioctl c0306201 200001c0 returned -22 [ 342.601743][T12761] should_failslab+0x9/0x14 [ 342.601760][T12761] kmem_cache_alloc_trace+0x2d3/0x790 [ 342.601780][T12761] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 342.629688][T12761] __memcg_init_list_lru_node+0x8a/0x1e0 [ 342.635335][T12761] __list_lru_init+0x3fe/0x710 [ 342.640538][T12761] alloc_super+0x7cc/0x910 [ 342.644947][T12761] sget+0x117/0x560 [ 342.644961][T12761] ? get_anon_bdev+0xc0/0xc0 [ 342.644980][T12761] ? ovl_show_options+0x550/0x550 [ 342.644993][T12761] mount_nodev+0x31/0x110 [ 342.645008][T12761] ovl_mount+0x2d/0x40 [ 342.645020][T12761] ? ovl_own_xattr_set+0x10/0x10 [ 342.645037][T12761] legacy_get_tree+0x108/0x220 [ 342.645053][T12761] vfs_get_tree+0x8e/0x300 [ 342.645068][T12761] do_mount+0x142e/0x1cf0 [ 342.645088][T12761] ? copy_mount_string+0x40/0x40 [ 342.645115][T12761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 342.645129][T12761] ? copy_mount_options+0x2e8/0x3f0 [ 342.645149][T12761] ksys_mount+0xdb/0x150 [ 342.645165][T12761] __x64_sys_mount+0xbe/0x150 [ 342.645185][T12761] do_syscall_64+0xfa/0x760 [ 342.662885][T12761] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 342.662898][T12761] RIP: 0033:0x459a59 [ 342.662919][T12761] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 342.662926][T12761] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 342.662940][T12761] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 342.662949][T12761] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 342.662957][T12761] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 342.662965][T12761] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 342.662972][T12761] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 342.709504][T12763] block nbd3: shutting down sockets 05:00:59 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:00:59 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5421) 05:00:59 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) dup2(r2, r0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000100)=[@request_death={0x40046304}], 0x0, 0x0, 0x0}) 05:00:59 executing program 1 (fault-call:3 fault-nth:24): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 344.740656][T12774] debugfs: File '12772' in directory 'proc' already present! [ 344.754330][T12776] FAULT_INJECTION: forcing a failure. [ 344.754330][T12776] name failslab, interval 1, probability 0, space 0, times 0 [ 344.762065][T12774] binder: 12772:12774 unknown command 0 [ 344.768506][T12771] block nbd2: shutting down sockets [ 344.783814][T12774] binder: 12772:12774 ioctl c0306201 200001c0 returned -22 [ 344.788815][T12776] CPU: 1 PID: 12776 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 344.800210][T12776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.810461][T12776] Call Trace: [ 344.813778][T12776] dump_stack+0x172/0x1f0 [ 344.818128][T12776] should_fail.cold+0xa/0x15 [ 344.822751][T12776] ? fault_create_debugfs_attr+0x180/0x180 [ 344.828750][T12776] ? ___might_sleep+0x163/0x2c0 [ 344.834715][T12776] __should_failslab+0x121/0x190 [ 344.839692][T12776] should_failslab+0x9/0x14 [ 344.844227][T12776] kmem_cache_alloc_node_trace+0x274/0x750 [ 344.850243][T12776] ? kmem_cache_alloc_trace+0x397/0x790 [ 344.855808][T12776] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 344.855825][T12776] __kmalloc_node+0x3d/0x70 [ 344.855843][T12776] kvmalloc_node+0x68/0x100 [ 344.855858][T12776] __list_lru_init+0x4d5/0x710 [ 344.855878][T12776] alloc_super+0x7cc/0x910 [ 344.855896][T12776] sget+0x117/0x560 [ 344.855909][T12776] ? get_anon_bdev+0xc0/0xc0 [ 344.855925][T12776] ? ovl_show_options+0x550/0x550 [ 344.855944][T12776] mount_nodev+0x31/0x110 [ 344.855959][T12776] ovl_mount+0x2d/0x40 [ 344.855973][T12776] ? ovl_own_xattr_set+0x10/0x10 [ 344.855990][T12776] legacy_get_tree+0x108/0x220 [ 344.856005][T12776] vfs_get_tree+0x8e/0x300 [ 344.856020][T12776] do_mount+0x142e/0x1cf0 [ 344.856039][T12776] ? copy_mount_string+0x40/0x40 [ 344.926032][T12776] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 344.932297][T12776] ? _copy_from_user+0x12c/0x1a0 [ 344.937270][T12776] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 344.943536][T12776] ? copy_mount_options+0x2e8/0x3f0 [ 344.948745][T12776] ksys_mount+0xdb/0x150 [ 344.953006][T12776] __x64_sys_mount+0xbe/0x150 [ 344.957693][T12776] do_syscall_64+0xfa/0x760 [ 344.962200][T12776] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 344.968241][T12776] RIP: 0033:0x459a59 [ 344.972153][T12776] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 05:01:00 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:00 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x5452) 05:01:00 executing program 0: r0 = syz_open_dev$binderN(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binderN(0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0x4, 0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="05630440"], 0x0, 0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) dup2(r2, r0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000000100)=[@request_death={0x40046304}], 0x0, 0x0, 0x0}) 05:01:00 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5422) [ 344.991890][T12776] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 345.000414][T12776] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 345.008393][T12776] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 345.008401][T12776] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 345.008408][T12776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 345.008415][T12776] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:00 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 345.047480][T12781] block nbd3: shutting down sockets [ 345.090120][T12786] debugfs: File '12782' in directory 'proc' already present! 05:01:00 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x5460) 05:01:00 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 345.141377][T12788] block nbd2: shutting down sockets [ 345.141471][T12786] binder: 12782:12786 unknown command 0 [ 345.167713][T12786] binder: 12782:12786 ioctl c0306201 200001c0 returned -22 05:01:00 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5450) 05:01:00 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x46802) io_setup(0x100000000000c333, &(0x7f0000000180)=0x0) r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r2, 0x0) getpeername$packet(r2, 0x0, 0x0) ftruncate(r0, 0x48280) r3 = open(&(0x7f00000004c0)='./bus\x00', 0x2, 0x0) write$P9_RATTACH(r3, &(0x7f0000000080)={0x14}, 0xfffffff4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x87fffff, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = dup(r2) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) mq_timedreceive(r4, &(0x7f0000000100)=""/17, 0x11, 0x8000, &(0x7f00000001c0)={r5, r6+30000000}) ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, &(0x7f0000000280)={0x38, &(0x7f0000000200)="ba6ae9df977212878e6cca7d5c11ea545cd1a80ab513e341230fb804b96b03454cb4a4f8b7d11af58e8692985bd6ba80987e2e12455dbdfd"}) openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) pipe(&(0x7f0000000040)) socket$inet_udp(0x2, 0x2, 0x0) close(0xffffffffffffffff) 05:01:00 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 345.288453][T12800] block nbd3: shutting down sockets 05:01:00 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x6364) [ 345.363294][T12804] block nbd2: shutting down sockets 05:01:00 executing program 1 (fault-call:3 fault-nth:25): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 345.469461][T12809] block nbd3: shutting down sockets [ 345.504812][ T26] audit: type=1804 audit(1571202060.776:36): pid=12817 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir213471793/syzkaller.HSuJ9B/173/bus" dev="sda1" ino=17171 res=1 [ 345.567524][ T26] audit: type=1804 audit(1571202060.816:37): pid=12811 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir213471793/syzkaller.HSuJ9B/173/bus" dev="sda1" ino=17171 res=1 [ 345.602387][T12820] FAULT_INJECTION: forcing a failure. [ 345.602387][T12820] name failslab, interval 1, probability 0, space 0, times 0 [ 345.621110][T12820] CPU: 0 PID: 12820 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 345.630355][T12820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.640418][T12820] Call Trace: [ 345.643814][T12820] dump_stack+0x172/0x1f0 [ 345.648206][T12820] should_fail.cold+0xa/0x15 [ 345.652817][T12820] ? fault_create_debugfs_attr+0x180/0x180 [ 345.658644][T12820] ? ___might_sleep+0x163/0x2c0 [ 345.663502][T12820] __should_failslab+0x121/0x190 [ 345.668443][T12820] should_failslab+0x9/0x14 [ 345.672956][T12820] kmem_cache_alloc_trace+0x2d3/0x790 [ 345.678345][T12820] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 345.684167][T12820] __memcg_init_list_lru_node+0x8a/0x1e0 [ 345.689804][T12820] __list_lru_init+0x3fe/0x710 [ 345.694556][T12820] alloc_super+0x7cc/0x910 [ 345.698967][T12820] sget+0x117/0x560 [ 345.702781][T12820] ? get_anon_bdev+0xc0/0xc0 [ 345.707456][T12820] ? ovl_show_options+0x550/0x550 [ 345.712475][T12820] mount_nodev+0x31/0x110 [ 345.716809][T12820] ovl_mount+0x2d/0x40 [ 345.720882][T12820] ? ovl_own_xattr_set+0x10/0x10 [ 345.725823][T12820] legacy_get_tree+0x108/0x220 [ 345.730596][T12820] vfs_get_tree+0x8e/0x300 [ 345.735029][T12820] do_mount+0x142e/0x1cf0 [ 345.737531][ T26] audit: type=1804 audit(1571202060.896:38): pid=12811 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir213471793/syzkaller.HSuJ9B/173/bus" dev="sda1" ino=17171 res=1 [ 345.739365][T12820] ? copy_mount_string+0x40/0x40 [ 345.739394][T12820] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.739411][T12820] ? copy_mount_options+0x2e8/0x3f0 [ 345.779991][T12820] ksys_mount+0xdb/0x150 [ 345.784250][T12820] __x64_sys_mount+0xbe/0x150 [ 345.788935][T12820] do_syscall_64+0xfa/0x760 [ 345.793447][T12820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.798175][T12811] syz-executor.0 (12811) used greatest stack depth: 22280 bytes left [ 345.799341][T12820] RIP: 0033:0x459a59 [ 345.799357][T12820] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.799365][T12820] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 345.799377][T12820] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 345.799385][T12820] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 345.799392][T12820] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 345.799399][T12820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 345.799406][T12820] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:03 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:03 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5451) 05:01:03 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x6611) 05:01:03 executing program 1 (fault-call:3 fault-nth:26): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:03 executing program 0: socket$inet6_tcp(0xa, 0x1, 0x0) r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x46802) io_setup(0x100000000000c333, &(0x7f0000000180)=0x0) r2 = open(&(0x7f0000000240)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0xb, 0x12, r2, 0x0) getpeername$packet(r2, 0x0, 0x0) ftruncate(r0, 0x48280) r3 = open(&(0x7f00000004c0)='./bus\x00', 0x2, 0x0) write$P9_RATTACH(r3, &(0x7f0000000080)={0x14}, 0xfffffff4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff, 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_submit(r1, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x87fffff, 0x400000000000, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x377140be6b5ef4c7}]) openat$random(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = dup(r2) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) mq_timedreceive(r4, &(0x7f0000000100)=""/17, 0x11, 0x8000, &(0x7f00000001c0)={r5, r6+30000000}) ioctl$DRM_IOCTL_SET_UNIQUE(0xffffffffffffffff, 0x40106410, &(0x7f0000000280)={0x38, &(0x7f0000000200)="ba6ae9df977212878e6cca7d5c11ea545cd1a80ab513e341230fb804b96b03454cb4a4f8b7d11af58e8692985bd6ba80987e2e12455dbdfd"}) openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x0, 0x0) pipe(&(0x7f0000000040)) socket$inet_udp(0x2, 0x2, 0x0) close(0xffffffffffffffff) [ 348.117918][T12828] block nbd3: shutting down sockets [ 348.127428][T12831] block nbd2: shutting down sockets [ 348.132642][T12834] FAULT_INJECTION: forcing a failure. [ 348.132642][T12834] name failslab, interval 1, probability 0, space 0, times 0 [ 348.132663][T12834] CPU: 0 PID: 12834 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 348.132672][T12834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.132679][T12834] Call Trace: [ 348.132700][T12834] dump_stack+0x172/0x1f0 [ 348.132725][T12834] should_fail.cold+0xa/0x15 [ 348.176542][T12834] ? fault_create_debugfs_attr+0x180/0x180 [ 348.182887][T12834] ? ___might_sleep+0x163/0x2c0 [ 348.187764][T12834] __should_failslab+0x121/0x190 [ 348.192732][T12834] should_failslab+0x9/0x14 [ 348.197239][T12834] kmem_cache_alloc_trace+0x2d3/0x790 [ 348.202621][T12834] __memcg_init_list_lru_node+0x8a/0x1e0 [ 348.208294][T12834] __list_lru_init+0x3fe/0x710 [ 348.213059][T12834] alloc_super+0x7cc/0x910 [ 348.217490][T12834] sget+0x117/0x560 [ 348.221300][T12834] ? get_anon_bdev+0xc0/0xc0 [ 348.225898][T12834] ? ovl_show_options+0x550/0x550 [ 348.230930][T12834] mount_nodev+0x31/0x110 [ 348.235269][T12834] ovl_mount+0x2d/0x40 [ 348.239348][T12834] ? ovl_own_xattr_set+0x10/0x10 [ 348.244305][T12834] legacy_get_tree+0x108/0x220 [ 348.249089][T12834] vfs_get_tree+0x8e/0x300 [ 348.253514][T12834] do_mount+0x142e/0x1cf0 [ 348.257863][T12834] ? copy_mount_string+0x40/0x40 [ 348.262824][T12834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.265911][ T26] audit: type=1804 audit(1571202063.396:39): pid=12833 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir213471793/syzkaller.HSuJ9B/174/bus" dev="sda1" ino=17223 res=1 [ 348.269067][T12834] ? copy_mount_options+0x2e8/0x3f0 [ 348.269093][T12834] ksys_mount+0xdb/0x150 [ 348.303398][T12834] __x64_sys_mount+0xbe/0x150 [ 348.308089][T12834] do_syscall_64+0xfa/0x760 [ 348.311936][ T26] audit: type=1804 audit(1571202063.396:40): pid=12833 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir213471793/syzkaller.HSuJ9B/174/bus" dev="sda1" ino=17223 res=1 [ 348.312602][T12834] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.343019][T12834] RIP: 0033:0x459a59 [ 348.346919][T12834] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.367134][T12834] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 348.375566][T12834] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 348.383550][T12834] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 348.383559][T12834] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 348.383567][T12834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 05:01:03 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5452) 05:01:03 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x7014) [ 348.383574][T12834] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:03 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:03 executing program 1 (fault-call:3 fault-nth:27): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 348.513251][T12841] block nbd3: shutting down sockets [ 348.528232][T12842] block nbd2: shutting down sockets 05:01:03 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5460) 05:01:03 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x8912) [ 348.612131][T12853] FAULT_INJECTION: forcing a failure. [ 348.612131][T12853] name failslab, interval 1, probability 0, space 0, times 0 [ 348.633165][T12853] CPU: 0 PID: 12853 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 348.646038][T12853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.656146][T12853] Call Trace: [ 348.659437][T12853] dump_stack+0x172/0x1f0 [ 348.663760][T12853] should_fail.cold+0xa/0x15 [ 348.663782][T12853] ? fault_create_debugfs_attr+0x180/0x180 [ 348.663801][T12853] ? ___might_sleep+0x163/0x2c0 [ 348.663821][T12853] __should_failslab+0x121/0x190 [ 348.684176][T12853] should_failslab+0x9/0x14 [ 348.690200][T12853] kmem_cache_alloc_trace+0x2d3/0x790 [ 348.696543][T12853] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 348.702341][T12853] __memcg_init_list_lru_node+0x8a/0x1e0 [ 348.707966][T12853] __list_lru_init+0x3fe/0x710 [ 348.712717][T12853] alloc_super+0x7cc/0x910 [ 348.717128][T12853] sget+0x117/0x560 [ 348.720917][T12853] ? get_anon_bdev+0xc0/0xc0 [ 348.725489][T12853] ? ovl_show_options+0x550/0x550 [ 348.730493][T12853] mount_nodev+0x31/0x110 [ 348.734805][T12853] ovl_mount+0x2d/0x40 [ 348.738852][T12853] ? ovl_own_xattr_set+0x10/0x10 [ 348.743773][T12853] legacy_get_tree+0x108/0x220 [ 348.748518][T12853] vfs_get_tree+0x8e/0x300 [ 348.753262][T12853] do_mount+0x142e/0x1cf0 [ 348.757576][T12853] ? copy_mount_string+0x40/0x40 [ 348.762501][T12853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 348.768721][T12853] ? copy_mount_options+0x2e8/0x3f0 [ 348.774000][T12853] ksys_mount+0xdb/0x150 [ 348.778230][T12853] __x64_sys_mount+0xbe/0x150 [ 348.782894][T12853] do_syscall_64+0xfa/0x760 [ 348.787667][T12853] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.793538][T12853] RIP: 0033:0x459a59 [ 348.797420][T12853] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.817005][T12853] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 348.825398][T12853] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 348.833354][T12853] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 348.841307][T12853] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 348.849259][T12853] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 348.857212][T12853] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:04 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x8933) [ 348.899510][T12857] block nbd2: shutting down sockets [ 348.901818][T12856] block nbd3: shutting down sockets [ 349.067032][T12864] block nbd3: shutting down sockets 05:01:06 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:06 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a<\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r0 = socket$inet(0x10, 0x0, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc)) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) 05:01:06 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x5606) 05:01:06 executing program 1 (fault-call:3 fault-nth:28): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:06 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x8981) [ 351.178545][T12869] block nbd2: shutting down sockets [ 351.192805][T12874] FAULT_INJECTION: forcing a failure. [ 351.192805][T12874] name failslab, interval 1, probability 0, space 0, times 0 [ 351.224953][T12872] block nbd3: shutting down sockets [ 351.260276][T12874] CPU: 1 PID: 12874 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 351.269473][T12874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.279527][T12874] Call Trace: [ 351.282831][T12874] dump_stack+0x172/0x1f0 [ 351.287163][T12874] should_fail.cold+0xa/0x15 [ 351.291742][T12874] ? fault_create_debugfs_attr+0x180/0x180 [ 351.297545][T12874] ? ___might_sleep+0x163/0x2c0 [ 351.302408][T12874] __should_failslab+0x121/0x190 [ 351.307366][T12874] should_failslab+0x9/0x14 [ 351.311872][T12874] kmem_cache_alloc_trace+0x2d3/0x790 [ 351.317275][T12874] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 351.323254][T12874] __memcg_init_list_lru_node+0x8a/0x1e0 [ 351.328883][T12874] __list_lru_init+0x3fe/0x710 [ 351.333674][T12874] alloc_super+0x7cc/0x910 [ 351.338086][T12874] sget+0x117/0x560 [ 351.341885][T12874] ? get_anon_bdev+0xc0/0xc0 [ 351.346466][T12874] ? ovl_show_options+0x550/0x550 [ 351.351909][T12874] mount_nodev+0x31/0x110 [ 351.356226][T12874] ovl_mount+0x2d/0x40 [ 351.360277][T12874] ? ovl_own_xattr_set+0x10/0x10 [ 351.365292][T12874] legacy_get_tree+0x108/0x220 [ 351.370051][T12874] vfs_get_tree+0x8e/0x300 [ 351.374453][T12874] do_mount+0x142e/0x1cf0 [ 351.378782][T12874] ? copy_mount_string+0x40/0x40 [ 351.383722][T12874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 351.389949][T12874] ? _copy_from_user+0x12c/0x1a0 [ 351.394886][T12874] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 351.401112][T12874] ? copy_mount_options+0x2e8/0x3f0 [ 351.406297][T12874] ksys_mount+0xdb/0x150 [ 351.410531][T12874] __x64_sys_mount+0xbe/0x150 [ 351.415580][T12874] do_syscall_64+0xfa/0x760 [ 351.420087][T12874] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.425968][T12874] RIP: 0033:0x459a59 [ 351.429853][T12874] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.449444][T12874] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:01:06 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x6364) [ 351.457845][T12874] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 351.466063][T12874] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 351.474020][T12874] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 351.482155][T12874] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 351.490200][T12874] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:06 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:06 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x89e0) 05:01:06 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0}, 0x0) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a<\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r0 = socket$inet(0x10, 0x0, 0xc) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f000095dffc)) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) [ 351.622772][T12886] block nbd2: shutting down sockets 05:01:06 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x8903) [ 351.719334][T12895] block nbd3: shutting down sockets 05:01:07 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x89f3) 05:01:07 executing program 1 (fault-call:3 fault-nth:29): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 351.820714][T12902] block nbd2: shutting down sockets [ 351.921634][T12909] block nbd3: shutting down sockets [ 352.041695][T12916] FAULT_INJECTION: forcing a failure. [ 352.041695][T12916] name failslab, interval 1, probability 0, space 0, times 0 [ 352.056260][T12916] CPU: 1 PID: 12916 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 352.065318][T12916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.075740][T12916] Call Trace: [ 352.079049][T12916] dump_stack+0x172/0x1f0 [ 352.083404][T12916] should_fail.cold+0xa/0x15 [ 352.088014][T12916] ? fault_create_debugfs_attr+0x180/0x180 [ 352.093842][T12916] ? ___might_sleep+0x163/0x2c0 [ 352.098707][T12916] __should_failslab+0x121/0x190 [ 352.103644][T12916] should_failslab+0x9/0x14 [ 352.108129][T12916] kmem_cache_alloc_trace+0x2d3/0x790 [ 352.113501][T12916] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 352.119314][T12916] __memcg_init_list_lru_node+0x8a/0x1e0 [ 352.124999][T12916] __list_lru_init+0x3fe/0x710 [ 352.129770][T12916] alloc_super+0x7cc/0x910 [ 352.134305][T12916] sget+0x117/0x560 [ 352.138119][T12916] ? get_anon_bdev+0xc0/0xc0 [ 352.142716][T12916] ? ovl_show_options+0x550/0x550 [ 352.147832][T12916] mount_nodev+0x31/0x110 [ 352.152147][T12916] ovl_mount+0x2d/0x40 [ 352.156211][T12916] ? ovl_own_xattr_set+0x10/0x10 [ 352.161145][T12916] legacy_get_tree+0x108/0x220 [ 352.165897][T12916] vfs_get_tree+0x8e/0x300 [ 352.170823][T12916] do_mount+0x142e/0x1cf0 [ 352.175249][T12916] ? copy_mount_string+0x40/0x40 [ 352.180201][T12916] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 352.186422][T12916] ? copy_mount_options+0x2e8/0x3f0 [ 352.191612][T12916] ksys_mount+0xdb/0x150 [ 352.195851][T12916] __x64_sys_mount+0xbe/0x150 [ 352.200536][T12916] do_syscall_64+0xfa/0x760 [ 352.205035][T12916] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.210906][T12916] RIP: 0033:0x459a59 [ 352.214792][T12916] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.234399][T12916] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 352.243164][T12916] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 352.251128][T12916] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 352.259083][T12916] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 352.267916][T12916] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 352.275874][T12916] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:09 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:09 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x890b) 05:01:09 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) 05:01:09 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab00) 05:01:09 executing program 1 (fault-call:3 fault-nth:30): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 354.275627][T12924] block nbd3: shutting down sockets [ 354.287685][T12923] FAULT_INJECTION: forcing a failure. [ 354.287685][T12923] name failslab, interval 1, probability 0, space 0, times 0 [ 354.306825][T12921] block nbd2: shutting down sockets 05:01:09 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) [ 354.363536][T12923] CPU: 0 PID: 12923 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 354.372622][T12923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.382688][T12923] Call Trace: [ 354.386011][T12923] dump_stack+0x172/0x1f0 [ 354.390450][T12923] should_fail.cold+0xa/0x15 [ 354.395060][T12923] ? fault_create_debugfs_attr+0x180/0x180 [ 354.400895][T12923] ? ___might_sleep+0x163/0x2c0 [ 354.405766][T12923] __should_failslab+0x121/0x190 [ 354.410713][T12923] should_failslab+0x9/0x14 [ 354.415218][T12923] kmem_cache_alloc_trace+0x2d3/0x790 [ 354.420602][T12923] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 354.426427][T12923] __memcg_init_list_lru_node+0x8a/0x1e0 [ 354.432080][T12923] __list_lru_init+0x3fe/0x710 [ 354.436871][T12923] alloc_super+0x7cc/0x910 [ 354.441306][T12923] sget+0x117/0x560 [ 354.445118][T12923] ? get_anon_bdev+0xc0/0xc0 [ 354.449805][T12923] ? ovl_show_options+0x550/0x550 [ 354.454835][T12923] mount_nodev+0x31/0x110 [ 354.459174][T12923] ovl_mount+0x2d/0x40 [ 354.463259][T12923] ? ovl_own_xattr_set+0x10/0x10 [ 354.468203][T12923] legacy_get_tree+0x108/0x220 [ 354.472976][T12923] vfs_get_tree+0x8e/0x300 [ 354.477400][T12923] do_mount+0x142e/0x1cf0 [ 354.481745][T12923] ? copy_mount_string+0x40/0x40 [ 354.486699][T12923] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.492942][T12923] ? copy_mount_options+0x2e8/0x3f0 [ 354.498327][T12923] ksys_mount+0xdb/0x150 [ 354.502585][T12923] __x64_sys_mount+0xbe/0x150 [ 354.507278][T12923] do_syscall_64+0xfa/0x760 [ 354.511890][T12923] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.518335][T12923] RIP: 0033:0x459a59 [ 354.522235][T12923] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.541847][T12923] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 354.550269][T12923] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 354.558255][T12923] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 354.566237][T12923] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 354.574383][T12923] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 354.582967][T12923] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:09 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:09 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) 05:01:09 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab01) 05:01:09 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x8912) 05:01:09 executing program 1 (fault-call:3 fault-nth:31): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 354.724355][T12950] block nbd2: shutting down sockets [ 354.739453][T12951] block nbd3: shutting down sockets 05:01:10 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) [ 354.838261][T12961] FAULT_INJECTION: forcing a failure. [ 354.838261][T12961] name failslab, interval 1, probability 0, space 0, times 0 [ 354.902986][T12961] CPU: 1 PID: 12961 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 354.912061][T12961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.922228][T12961] Call Trace: [ 354.925533][T12961] dump_stack+0x172/0x1f0 [ 354.929876][T12961] should_fail.cold+0xa/0x15 [ 354.934467][T12961] ? fault_create_debugfs_attr+0x180/0x180 [ 354.940271][T12961] ? ___might_sleep+0x163/0x2c0 [ 354.945245][T12961] __should_failslab+0x121/0x190 [ 354.950177][T12961] should_failslab+0x9/0x14 [ 354.954670][T12961] kmem_cache_alloc_trace+0x2d3/0x790 [ 354.960030][T12961] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 354.965825][T12961] __memcg_init_list_lru_node+0x8a/0x1e0 [ 354.971445][T12961] __list_lru_init+0x3fe/0x710 [ 354.976283][T12961] alloc_super+0x7cc/0x910 [ 354.980691][T12961] sget+0x117/0x560 [ 354.984485][T12961] ? get_anon_bdev+0xc0/0xc0 [ 354.989058][T12961] ? ovl_show_options+0x550/0x550 [ 354.994065][T12961] mount_nodev+0x31/0x110 [ 354.998377][T12961] ovl_mount+0x2d/0x40 [ 355.002426][T12961] ? ovl_own_xattr_set+0x10/0x10 [ 355.007354][T12961] legacy_get_tree+0x108/0x220 [ 355.012113][T12961] vfs_get_tree+0x8e/0x300 [ 355.016512][T12961] do_mount+0x142e/0x1cf0 [ 355.020828][T12961] ? copy_mount_string+0x40/0x40 [ 355.025750][T12961] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 355.031974][T12961] ? _copy_from_user+0x12c/0x1a0 [ 355.036897][T12961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 355.043119][T12961] ? copy_mount_options+0x2e8/0x3f0 [ 355.048315][T12961] ksys_mount+0xdb/0x150 [ 355.052545][T12961] __x64_sys_mount+0xbe/0x150 [ 355.057208][T12961] do_syscall_64+0xfa/0x760 [ 355.061782][T12961] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.068015][T12961] RIP: 0033:0x459a59 [ 355.071893][T12961] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 355.091498][T12961] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 355.100942][T12961] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 355.108894][T12961] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 355.116863][T12961] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 355.125347][T12961] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 355.133313][T12961] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:12 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:12 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x8933) 05:01:12 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:12 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab02) 05:01:12 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) 05:01:12 executing program 1 (fault-call:3 fault-nth:32): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 357.372149][T12974] block nbd2: shutting down sockets [ 357.406485][T12977] block nbd3: shutting down sockets [ 357.424432][T12975] FAULT_INJECTION: forcing a failure. [ 357.424432][T12975] name failslab, interval 1, probability 0, space 0, times 0 05:01:12 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab00) 05:01:12 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 357.460408][T12975] CPU: 0 PID: 12975 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 357.469646][T12975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.479710][T12975] Call Trace: [ 357.483017][T12975] dump_stack+0x172/0x1f0 [ 357.487370][T12975] should_fail.cold+0xa/0x15 [ 357.491974][T12975] ? fault_create_debugfs_attr+0x180/0x180 [ 357.497797][T12975] ? ___might_sleep+0x163/0x2c0 [ 357.502664][T12975] __should_failslab+0x121/0x190 05:01:12 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab04) [ 357.507615][T12975] should_failslab+0x9/0x14 [ 357.512906][T12975] kmem_cache_alloc_trace+0x2d3/0x790 [ 357.518981][T12975] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 357.524887][T12975] __memcg_init_list_lru_node+0x8a/0x1e0 [ 357.530534][T12975] __list_lru_init+0x3fe/0x710 [ 357.535325][T12975] alloc_super+0x7cc/0x910 [ 357.539759][T12975] sget+0x117/0x560 [ 357.543576][T12975] ? get_anon_bdev+0xc0/0xc0 [ 357.548176][T12975] ? ovl_show_options+0x550/0x550 [ 357.553209][T12975] mount_nodev+0x31/0x110 [ 357.557557][T12975] ovl_mount+0x2d/0x40 [ 357.561638][T12975] ? ovl_own_xattr_set+0x10/0x10 [ 357.566579][T12975] legacy_get_tree+0x108/0x220 [ 357.571357][T12975] vfs_get_tree+0x8e/0x300 [ 357.575769][T12975] do_mount+0x142e/0x1cf0 [ 357.575790][T12975] ? copy_mount_string+0x40/0x40 [ 357.575814][T12975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 357.575826][T12975] ? copy_mount_options+0x2e8/0x3f0 [ 357.575842][T12975] ksys_mount+0xdb/0x150 [ 357.575858][T12975] __x64_sys_mount+0xbe/0x150 [ 357.575876][T12975] do_syscall_64+0xfa/0x760 [ 357.575893][T12975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.575905][T12975] RIP: 0033:0x459a59 [ 357.575919][T12975] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.575927][T12975] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 357.575939][T12975] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 05:01:12 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:01:12 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab05) 05:01:12 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) [ 357.575946][T12975] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 357.575954][T12975] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 357.575962][T12975] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 357.575969][T12975] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 357.595821][T12996] block nbd3: shutting down sockets [ 357.707096][T12990] block nbd2: shutting down sockets [ 357.746205][T13000] block nbd3: shutting down sockets 05:01:15 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:15 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:01:15 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab01) 05:01:15 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab06) 05:01:15 executing program 1 (fault-call:3 fault-nth:33): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:15 executing program 0: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$key(0xf, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x24000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0xe8814}, 0x0) r0 = syz_open_dev$video(&(0x7f0000000140)='/dev/video#\x00', 0x77ff, 0x0) ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000100)={0x5}) fsetxattr$security_evm(r0, &(0x7f0000000740)='security.evm\x00', &(0x7f0000000780)=@sha1={0x1, "7580a5018f8f0658100b235199f43124eb7b671a"}, 0x15, 0x4) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, 0x0, &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\f\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) r1 = syz_open_dev$radio(&(0x7f0000000100)='/dev/radio#\x00', 0x2, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@dev}}, &(0x7f0000000300)=0xe8) r3 = getgid() write$P9_RSTATu(r1, &(0x7f00000006c0)={0x6b, 0x7d, 0x1, {{0x0, 0x54, 0x20, 0x6, {0x12, 0x0, 0x4}, 0xc280000, 0x4, 0x7ff, 0x9e3, 0x0, '', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00', 0xb, 'rpc_pipefs\x00'}, 0x2, '}*', r2, r3, 0xee00}}, 0x6b) r4 = socket$inet(0x10, 0x0, 0xc) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000d65000)={0x0, 0x0, 0x0}, 0x0) r5 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(0x0, &(0x7f00000003c0)) read(0xffffffffffffffff, &(0x7f0000000340)=""/128, 0x80) ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f00000004c0)={0x4, 0x0, @pic={0xff, 0x2, 0x6, 0x50, 0x8, 0xe0, 0x80, 0x1, 0x9, 0x1, 0xff, 0x3f, 0x1, 0x81, 0x3f}}) socket$inet_sctp(0x2, 0x0, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB], &(0x7f000095dffc)=0x4) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r5, 0x84, 0x6d, &(0x7f0000000440)={0x0, 0x39, "667b3b48c8917cbcaec90df6a0d0c824e085ea3c34c55208c1d125dce923b27de7462f2005fc4d96a46aa7c33e77cd302d074b6ee6eac12759"}, &(0x7f0000000280)=0x41) [ 360.467277][T13016] block nbd2: shutting down sockets [ 360.476362][T13021] FAULT_INJECTION: forcing a failure. [ 360.476362][T13021] name failslab, interval 1, probability 0, space 0, times 0 [ 360.503087][T13021] CPU: 1 PID: 13021 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 360.503931][T13017] block nbd3: shutting down sockets [ 360.512141][T13021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.512149][T13021] Call Trace: [ 360.512172][T13021] dump_stack+0x172/0x1f0 [ 360.512194][T13021] should_fail.cold+0xa/0x15 [ 360.512214][T13021] ? fault_create_debugfs_attr+0x180/0x180 [ 360.545449][T13021] ? ___might_sleep+0x163/0x2c0 [ 360.550332][T13021] __should_failslab+0x121/0x190 [ 360.555275][T13021] should_failslab+0x9/0x14 [ 360.559763][T13021] kmem_cache_alloc_trace+0x2d3/0x790 [ 360.565118][T13021] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 360.570912][T13021] __memcg_init_list_lru_node+0x8a/0x1e0 [ 360.576529][T13021] __list_lru_init+0x3fe/0x710 [ 360.581276][T13021] alloc_super+0x7cc/0x910 [ 360.585680][T13021] sget+0x117/0x560 [ 360.589485][T13021] ? get_anon_bdev+0xc0/0xc0 [ 360.594059][T13021] ? ovl_show_options+0x550/0x550 [ 360.599068][T13021] mount_nodev+0x31/0x110 [ 360.603988][T13021] ovl_mount+0x2d/0x40 [ 360.608037][T13021] ? ovl_own_xattr_set+0x10/0x10 [ 360.612956][T13021] legacy_get_tree+0x108/0x220 [ 360.617706][T13021] vfs_get_tree+0x8e/0x300 [ 360.622104][T13021] do_mount+0x142e/0x1cf0 [ 360.626422][T13021] ? copy_mount_string+0x40/0x40 [ 360.631350][T13021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.637576][T13021] ? copy_mount_options+0x2e8/0x3f0 [ 360.642759][T13021] ksys_mount+0xdb/0x150 [ 360.646998][T13021] __x64_sys_mount+0xbe/0x150 [ 360.651667][T13021] do_syscall_64+0xfa/0x760 [ 360.656156][T13021] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.662035][T13021] RIP: 0033:0x459a59 [ 360.665916][T13021] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.685511][T13021] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 360.693916][T13021] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 360.701879][T13021] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 360.709854][T13021] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:01:16 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) 05:01:16 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab02) [ 360.717831][T13021] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 360.725797][T13021] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:16 executing program 1 (fault-call:3 fault-nth:34): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:16 executing program 0: clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet6(0xa, 0x0, 0x0) clone(0x3102001ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000000c0)=0x100000001, 0x151) connect$inet6(r0, &(0x7f0000000080), 0x1c) r1 = dup2(r0, r0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000002580), 0x132058) setsockopt$inet_group_source_req(r1, 0x0, 0x0, 0x0, 0x0) 05:01:16 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab07) 05:01:16 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 360.914425][T13035] block nbd2: shutting down sockets [ 361.005270][T13043] block nbd3: shutting down sockets [ 361.135817][T13054] FAULT_INJECTION: forcing a failure. [ 361.135817][T13054] name failslab, interval 1, probability 0, space 0, times 0 [ 361.149346][T13054] CPU: 1 PID: 13054 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 361.158390][T13054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.168461][T13054] Call Trace: [ 361.171773][T13054] dump_stack+0x172/0x1f0 [ 361.176134][T13054] should_fail.cold+0xa/0x15 [ 361.180739][T13054] ? fault_create_debugfs_attr+0x180/0x180 [ 361.186563][T13054] ? ___might_sleep+0x163/0x2c0 [ 361.191430][T13054] __should_failslab+0x121/0x190 [ 361.196381][T13054] should_failslab+0x9/0x14 [ 361.200887][T13054] kmem_cache_alloc_trace+0x2d3/0x790 [ 361.206277][T13054] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 361.212097][T13054] __memcg_init_list_lru_node+0x8a/0x1e0 [ 361.217757][T13054] __list_lru_init+0x3fe/0x710 [ 361.222558][T13054] alloc_super+0x7cc/0x910 [ 361.226995][T13054] sget+0x117/0x560 [ 361.230816][T13054] ? get_anon_bdev+0xc0/0xc0 [ 361.235416][T13054] ? ovl_show_options+0x550/0x550 [ 361.240441][T13054] mount_nodev+0x31/0x110 [ 361.244787][T13054] ovl_mount+0x2d/0x40 [ 361.248858][T13054] ? ovl_own_xattr_set+0x10/0x10 [ 361.253802][T13054] legacy_get_tree+0x108/0x220 [ 361.258610][T13054] vfs_get_tree+0x8e/0x300 [ 361.263059][T13054] do_mount+0x142e/0x1cf0 [ 361.267400][T13054] ? copy_mount_string+0x40/0x40 [ 361.272370][T13054] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 361.278641][T13054] ? copy_mount_options+0x2e8/0x3f0 [ 361.283879][T13054] ksys_mount+0xdb/0x150 [ 361.288131][T13054] __x64_sys_mount+0xbe/0x150 [ 361.292827][T13054] do_syscall_64+0xfa/0x760 [ 361.297352][T13054] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.303253][T13054] RIP: 0033:0x459a59 [ 361.307151][T13054] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 361.326945][T13054] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 361.335380][T13054] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 361.343376][T13054] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 361.351370][T13054] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 361.359623][T13054] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 361.367617][T13054] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:18 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab08) 05:01:18 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab04) 05:01:18 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:18 executing program 0: socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$netlink(0x10, 0x3, 0x0) writev(r3, &(0x7f0000000000)=[{&(0x7f0000000100)="390000001300090468fe0704000000000040ff3f04000000450001070000001419001a0015000200070008000000005d14a4e91ee438000000", 0x39}], 0x1) 05:01:18 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:18 executing program 1 (fault-call:3 fault-nth:35): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 363.524117][T13069] block nbd3: NBD_DISCONNECT [ 363.543035][T13073] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 363.550299][T13069] block nbd3: Send disconnect failed -107 [ 363.569898][T13069] block nbd3: Send disconnect failed -107 [ 363.576677][T13073] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 363.578287][T13072] FAULT_INJECTION: forcing a failure. [ 363.578287][T13072] name failslab, interval 1, probability 0, space 0, times 0 [ 363.587839][T13067] block nbd3: Disconnected due to user request. [ 363.606809][T13075] block nbd2: shutting down sockets [ 363.614123][T13067] block nbd3: shutting down sockets 05:01:18 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 363.633666][T13076] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 363.651835][T13076] netlink: 9 bytes leftover after parsing attributes in process `syz-executor.0'. [ 363.664254][T13072] CPU: 1 PID: 13072 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 363.673338][T13072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.683409][T13072] Call Trace: [ 363.686735][T13072] dump_stack+0x172/0x1f0 [ 363.691107][T13072] should_fail.cold+0xa/0x15 [ 363.695748][T13072] ? fault_create_debugfs_attr+0x180/0x180 [ 363.701591][T13072] ? ___might_sleep+0x163/0x2c0 [ 363.706475][T13072] __should_failslab+0x121/0x190 [ 363.711447][T13072] should_failslab+0x9/0x14 [ 363.715975][T13072] kmem_cache_alloc_trace+0x2d3/0x790 [ 363.721369][T13072] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 363.727214][T13072] __memcg_init_list_lru_node+0x8a/0x1e0 [ 363.728913][T13080] block nbd3: shutting down sockets [ 363.732871][T13072] __list_lru_init+0x3fe/0x710 [ 363.732895][T13072] alloc_super+0x7cc/0x910 [ 363.732912][T13072] sget+0x117/0x560 [ 363.732925][T13072] ? get_anon_bdev+0xc0/0xc0 [ 363.732948][T13072] ? ovl_show_options+0x550/0x550 [ 363.760840][T13072] mount_nodev+0x31/0x110 [ 363.765463][T13072] ovl_mount+0x2d/0x40 [ 363.769558][T13072] ? ovl_own_xattr_set+0x10/0x10 [ 363.774539][T13072] legacy_get_tree+0x108/0x220 [ 363.779327][T13072] vfs_get_tree+0x8e/0x300 [ 363.783767][T13072] do_mount+0x142e/0x1cf0 [ 363.788210][T13072] ? copy_mount_string+0x40/0x40 [ 363.793178][T13072] ? copy_mount_options+0x266/0x3f0 [ 363.798405][T13072] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.804757][T13072] ? copy_mount_options+0x2e8/0x3f0 [ 363.809983][T13072] ksys_mount+0xdb/0x150 [ 363.814232][T13072] __x64_sys_mount+0xbe/0x150 [ 363.819157][T13072] do_syscall_64+0xfa/0x760 [ 363.823683][T13072] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.829587][T13072] RIP: 0033:0x459a59 [ 363.833499][T13072] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 363.853123][T13072] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 363.861553][T13072] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 363.869540][T13072] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:01:18 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab09) 05:01:19 executing program 0: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000040)=0x2000000000000074, 0x4) bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) sendto$inet(r0, &(0x7f0000000100)="bd384ce1f54f7c522811c090bbf4ef7b4926a15e53a1bbb46854e2666d3327c6ae8e714ad8116298b6e23a4b036512e680d8864f6e29ae93b95733e5d0164691a37189b857a07bae4ee2995204e470c4c5ae2742f1a98076174e9420fa41857fbd21c794423e7851022eb84c0059c29ec119542880d2e770e56b498dfc425e4fdc7abdf6be20499b8bb6eb267a31a66c683c0feb6ecc488f3a2dc72e6db795aad7b717787df3b8e32eba76dddafc94c432d52ad8d07cc2cd9e3831e868ed4781c75508b8b07196c7b2", 0xc9, 0x0, 0x0, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl(r1, 0x1000008912, &(0x7f0000000040)) sendmsg$nl_netfilter(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000640)=ANY=[@ANYBLOB='L'], 0x1}}, 0x200040d1) sendto$inet(r0, &(0x7f00000012c0)=' ', 0x1, 0x0, 0x0, 0x0) 05:01:19 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab0a) [ 363.877509][T13072] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 363.885469][T13072] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 363.893446][T13072] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:19 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab05) 05:01:19 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x400454ca) 05:01:19 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 363.975345][T13085] block nbd3: shutting down sockets 05:01:19 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:19 executing program 1 (fault-call:3 fault-nth:36): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 364.138065][T13093] block nbd3: shutting down sockets 05:01:19 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xa93f) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0xcffa808b513f9ded, 0x0, 0x0) io_setup(0x0, &(0x7f00000019c0)=0x0) io_submit(r4, 0x1, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000000), 0x10000}]) sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, 0x0, 0x8b711aea259fe50, 0x70bd2a, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x265e}, @IPVS_CMD_ATTR_DAEMON={0x20, 0x3, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'veth1_to_bond\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @broadcast}]}]}, 0x3c}}, 0x20090805) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10012, r0, 0x0) [ 364.207441][T13098] block nbd2: shutting down sockets 05:01:19 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x400454cb) 05:01:19 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:19 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab06) 05:01:19 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 364.317111][T13104] ptrace attach of "/root/syz-executor.5"[13103] was attempted by "/root/syz-executor.5"[13104] [ 364.332494][T13108] block nbd3: shutting down sockets [ 364.344689][T13112] FAULT_INJECTION: forcing a failure. [ 364.344689][T13112] name failslab, interval 1, probability 0, space 0, times 0 [ 364.458659][T13112] CPU: 0 PID: 13112 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 364.467729][T13112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.477795][T13112] Call Trace: [ 364.480320][T13121] ptrace attach of "/root/syz-executor.5"[13120] was attempted by "/root/syz-executor.5"[13121] [ 364.481104][T13112] dump_stack+0x172/0x1f0 [ 364.495856][T13112] should_fail.cold+0xa/0x15 [ 364.500466][T13112] ? fault_create_debugfs_attr+0x180/0x180 [ 364.506294][T13112] ? ___might_sleep+0x163/0x2c0 [ 364.511169][T13112] __should_failslab+0x121/0x190 [ 364.516124][T13112] should_failslab+0x9/0x14 [ 364.520629][T13112] kmem_cache_alloc_trace+0x2d3/0x790 [ 364.526011][T13112] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 364.531841][T13112] __memcg_init_list_lru_node+0x8a/0x1e0 [ 364.532632][T13118] block nbd2: shutting down sockets [ 364.538083][T13112] __list_lru_init+0x3fe/0x710 [ 364.538104][T13112] alloc_super+0x7cc/0x910 [ 364.538123][T13112] sget+0x117/0x560 [ 364.538137][T13112] ? get_anon_bdev+0xc0/0xc0 [ 364.538155][T13112] ? ovl_show_options+0x550/0x550 [ 364.538169][T13112] mount_nodev+0x31/0x110 [ 364.538185][T13112] ovl_mount+0x2d/0x40 [ 364.538199][T13112] ? ovl_own_xattr_set+0x10/0x10 [ 364.538215][T13112] legacy_get_tree+0x108/0x220 [ 364.538232][T13112] vfs_get_tree+0x8e/0x300 [ 364.584163][T13112] do_mount+0x142e/0x1cf0 [ 364.584180][T13112] ? retint_kernel+0x2b/0x2b [ 364.584197][T13112] ? copy_mount_string+0x40/0x40 [ 364.584214][T13112] ? copy_mount_options+0x252/0x3f0 05:01:19 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab07) 05:01:19 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x40049409) [ 364.584235][T13112] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 364.584253][T13112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.584270][T13112] ? copy_mount_options+0x2e8/0x3f0 [ 364.593082][T13112] ksys_mount+0xdb/0x150 [ 364.593099][T13112] __x64_sys_mount+0xbe/0x150 [ 364.593120][T13112] do_syscall_64+0xfa/0x760 [ 364.593138][T13112] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.593153][T13112] RIP: 0033:0x459a59 [ 364.630097][T13112] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.630106][T13112] RSP: 002b:00007ff6737b6c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 364.630124][T13112] RAX: ffffffffffffffda RBX: 00007ff6737b6c90 RCX: 0000000000459a59 [ 364.639281][T13112] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 364.639290][T13112] RBP: 000000000075bfc8 R08: 0000000020000100 R09: 0000000000000000 [ 364.639299][T13112] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737b76d4 05:01:20 executing program 5: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 364.639311][T13112] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 364.762824][T13133] ptrace attach of "/root/syz-executor.5"[13132] was attempted by "/root/syz-executor.5"[13133] [ 364.763283][T13126] block nbd2: shutting down sockets [ 364.780846][T13125] block nbd3: shutting down sockets 05:01:20 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x40081271) 05:01:20 executing program 1 (fault-call:3 fault-nth:37): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:20 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab08) [ 365.002441][T13139] block nbd3: shutting down sockets [ 365.084954][T13148] block nbd2: NBD_DISCONNECT [ 365.090208][T13144] FAULT_INJECTION: forcing a failure. [ 365.090208][T13144] name failslab, interval 1, probability 0, space 0, times 0 [ 365.094221][T13148] block nbd2: Send disconnect failed -107 [ 365.121868][T13144] CPU: 1 PID: 13144 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 365.130393][T13145] block nbd2: Disconnected due to user request. [ 365.130935][T13144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.130941][T13144] Call Trace: [ 365.130963][T13144] dump_stack+0x172/0x1f0 [ 365.130987][T13144] should_fail.cold+0xa/0x15 [ 365.138520][T13145] block nbd2: shutting down sockets [ 365.147318][T13144] ? fault_create_debugfs_attr+0x180/0x180 [ 365.147340][T13144] ? ___might_sleep+0x163/0x2c0 [ 365.147360][T13144] __should_failslab+0x121/0x190 [ 365.147380][T13144] should_failslab+0x9/0x14 [ 365.186181][T13144] kmem_cache_alloc_trace+0x2d3/0x790 [ 365.191569][T13144] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 365.197369][T13144] __memcg_init_list_lru_node+0x8a/0x1e0 [ 365.197385][T13144] __list_lru_init+0x3fe/0x710 [ 365.197404][T13144] alloc_super+0x7cc/0x910 [ 365.197423][T13144] sget+0x117/0x560 [ 365.216078][T13144] ? get_anon_bdev+0xc0/0xc0 [ 365.220680][T13144] ? ovl_show_options+0x550/0x550 [ 365.225714][T13144] mount_nodev+0x31/0x110 [ 365.230063][T13144] ovl_mount+0x2d/0x40 [ 365.234143][T13144] ? ovl_own_xattr_set+0x10/0x10 [ 365.239090][T13144] legacy_get_tree+0x108/0x220 [ 365.243870][T13144] vfs_get_tree+0x8e/0x300 [ 365.248403][T13144] do_mount+0x142e/0x1cf0 [ 365.252743][T13144] ? copy_mount_string+0x40/0x40 [ 365.257697][T13144] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 365.263928][T13144] ? copy_mount_options+0x2e8/0x3f0 [ 365.269115][T13144] ksys_mount+0xdb/0x150 [ 365.273342][T13144] __x64_sys_mount+0xbe/0x150 [ 365.278002][T13144] do_syscall_64+0xfa/0x760 [ 365.282492][T13144] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.288365][T13144] RIP: 0033:0x459a59 [ 365.292244][T13144] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.311834][T13144] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 365.320224][T13144] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 365.328265][T13144] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:01:20 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x133, 0x0, 0x0, 0xa93f) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0xcffa808b513f9ded, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0xffcb) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0) 05:01:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 365.336215][T13144] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 365.344167][T13144] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 365.352120][T13144] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:22 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:22 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x40101283) 05:01:22 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab09) 05:01:22 executing program 1 (fault-call:3 fault-nth:38): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:22 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:22 executing program 0: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab08) [ 367.438470][T13162] block nbd3: shutting down sockets [ 367.446267][T13167] block nbd2: shutting down sockets [ 367.474937][T13171] block nbd0: NBD_DISCONNECT [ 367.486313][T13172] FAULT_INJECTION: forcing a failure. [ 367.486313][T13172] name failslab, interval 1, probability 0, space 0, times 0 [ 367.504013][T13171] block nbd0: Send disconnect failed -107 [ 367.510304][T13171] block nbd0: Send disconnect failed -107 [ 367.518406][T13172] CPU: 1 PID: 13172 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 367.527501][T13172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.537584][T13172] Call Trace: [ 367.540891][T13172] dump_stack+0x172/0x1f0 [ 367.545241][T13172] should_fail.cold+0xa/0x15 [ 367.549850][T13172] ? fault_create_debugfs_attr+0x180/0x180 [ 367.555764][T13172] ? ___might_sleep+0x163/0x2c0 [ 367.560629][T13172] __should_failslab+0x121/0x190 [ 367.565581][T13172] should_failslab+0x9/0x14 [ 367.570095][T13172] kmem_cache_alloc_trace+0x2d3/0x790 [ 367.575472][T13172] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 367.581381][T13172] __memcg_init_list_lru_node+0x8a/0x1e0 [ 367.587025][T13172] __list_lru_init+0x3fe/0x710 [ 367.591803][T13172] alloc_super+0x7cc/0x910 [ 367.596236][T13172] sget+0x117/0x560 [ 367.600054][T13172] ? get_anon_bdev+0xc0/0xc0 [ 367.604656][T13172] ? ovl_show_options+0x550/0x550 [ 367.609689][T13172] mount_nodev+0x31/0x110 [ 367.611248][T13179] block nbd3: shutting down sockets [ 367.614022][T13172] ovl_mount+0x2d/0x40 [ 367.614037][T13172] ? ovl_own_xattr_set+0x10/0x10 [ 367.614052][T13172] legacy_get_tree+0x108/0x220 [ 367.614074][T13172] vfs_get_tree+0x8e/0x300 05:01:22 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x40106436) 05:01:22 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab0a) 05:01:22 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 367.614089][T13172] do_mount+0x142e/0x1cf0 [ 367.614109][T13172] ? copy_mount_string+0x40/0x40 [ 367.614137][T13172] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.652879][T13172] ? copy_mount_options+0x2e8/0x3f0 [ 367.658089][T13172] ksys_mount+0xdb/0x150 [ 367.662344][T13172] __x64_sys_mount+0xbe/0x150 [ 367.667034][T13172] do_syscall_64+0xfa/0x760 [ 367.671537][T13172] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.677414][T13172] RIP: 0033:0x459a59 05:01:22 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401070c9) [ 367.677428][T13172] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.677434][T13172] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 367.677446][T13172] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 367.677454][T13172] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 367.677461][T13172] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:01:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:23 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 367.677468][T13172] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 367.677475][T13172] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 367.722022][T13182] block nbd3: shutting down sockets [ 367.759181][T13165] block nbd0: Disconnected due to user request. [ 367.768914][T13178] block nbd2: shutting down sockets [ 367.772385][T13165] block nbd0: shutting down sockets 05:01:23 executing program 0 (fault-call:7 fault-nth:0): prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab10) 05:01:23 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401070ca) [ 367.929363][T13196] block nbd2: shutting down sockets 05:01:23 executing program 1 (fault-call:3 fault-nth:39): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x400454ca) [ 368.037306][T13197] block nbd3: shutting down sockets 05:01:23 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401070cd) 05:01:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 368.115305][T13206] block nbd2: shutting down sockets 05:01:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x40049409) [ 368.218697][T13213] block nbd3: shutting down sockets [ 368.247701][T13216] FAULT_INJECTION: forcing a failure. [ 368.247701][T13216] name failslab, interval 1, probability 0, space 0, times 0 [ 368.266923][T13216] CPU: 0 PID: 13216 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 368.275982][T13216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.286135][T13216] Call Trace: [ 368.289509][T13216] dump_stack+0x172/0x1f0 [ 368.293904][T13216] should_fail.cold+0xa/0x15 [ 368.298521][T13216] ? fault_create_debugfs_attr+0x180/0x180 [ 368.304355][T13216] ? ___might_sleep+0x163/0x2c0 [ 368.309222][T13216] __should_failslab+0x121/0x190 [ 368.314172][T13216] should_failslab+0x9/0x14 [ 368.317914][T13221] block nbd2: shutting down sockets [ 368.318689][T13216] kmem_cache_alloc_trace+0x2d3/0x790 [ 368.318708][T13216] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 368.318731][T13216] __memcg_init_list_lru_node+0x8a/0x1e0 [ 368.318749][T13216] __list_lru_init+0x3fe/0x710 05:01:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x40081271) [ 368.345986][T13216] alloc_super+0x7f7/0x910 [ 368.350424][T13216] sget+0x117/0x560 [ 368.354242][T13216] ? get_anon_bdev+0xc0/0xc0 [ 368.359106][T13216] ? ovl_show_options+0x550/0x550 [ 368.364144][T13216] mount_nodev+0x31/0x110 [ 368.368484][T13216] ovl_mount+0x2d/0x40 [ 368.372561][T13216] ? ovl_own_xattr_set+0x10/0x10 [ 368.377511][T13216] legacy_get_tree+0x108/0x220 [ 368.382293][T13216] vfs_get_tree+0x8e/0x300 [ 368.386726][T13216] do_mount+0x142e/0x1cf0 [ 368.391054][T13216] ? copy_mount_string+0x40/0x40 05:01:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x40101283) [ 368.396008][T13216] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 368.402259][T13216] ? _copy_from_user+0x12c/0x1a0 [ 368.405173][T13223] block nbd2: shutting down sockets [ 368.407211][T13216] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 368.407229][T13216] ? copy_mount_options+0x2e8/0x3f0 [ 368.407248][T13216] ksys_mount+0xdb/0x150 [ 368.407266][T13216] __x64_sys_mount+0xbe/0x150 [ 368.433532][T13216] do_syscall_64+0xfa/0x760 [ 368.438049][T13216] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.443952][T13216] RIP: 0033:0x459a59 [ 368.447851][T13216] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.467459][T13216] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 368.469244][T13226] block nbd2: shutting down sockets [ 368.475874][T13216] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 368.475883][T13216] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 368.475892][T13216] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 368.475900][T13216] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 368.475909][T13216] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:26 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c6", 0x51}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:26 executing program 1 (fault-call:3 fault-nth:40): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:26 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401870c8) 05:01:26 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x401070c9) [ 370.922481][T13236] block nbd3: shutting down sockets [ 370.928523][T13237] block nbd2: shutting down sockets [ 370.968375][T13241] FAULT_INJECTION: forcing a failure. [ 370.968375][T13241] name failslab, interval 1, probability 0, space 0, times 0 [ 370.993055][T13241] CPU: 1 PID: 13241 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 371.002136][T13241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.012194][T13241] Call Trace: [ 371.015483][T13241] dump_stack+0x172/0x1f0 [ 371.020539][T13241] should_fail.cold+0xa/0x15 [ 371.025116][T13241] ? fault_create_debugfs_attr+0x180/0x180 [ 371.030911][T13241] ? ___might_sleep+0x163/0x2c0 [ 371.035753][T13241] __should_failslab+0x121/0x190 [ 371.040676][T13241] should_failslab+0x9/0x14 [ 371.045247][T13241] kmem_cache_alloc_node_trace+0x274/0x750 [ 371.051227][T13241] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 371.057025][T13241] __kmalloc_node+0x3d/0x70 [ 371.061537][T13241] kvmalloc_node+0x68/0x100 [ 371.066162][T13241] __list_lru_init+0x4d5/0x710 [ 371.070928][T13241] alloc_super+0x7f7/0x910 [ 371.075340][T13241] sget+0x117/0x560 [ 371.079134][T13241] ? get_anon_bdev+0xc0/0xc0 [ 371.083707][T13241] ? ovl_show_options+0x550/0x550 [ 371.088717][T13241] mount_nodev+0x31/0x110 [ 371.093037][T13241] ovl_mount+0x2d/0x40 [ 371.097087][T13241] ? ovl_own_xattr_set+0x10/0x10 [ 371.102006][T13241] legacy_get_tree+0x108/0x220 [ 371.106767][T13241] vfs_get_tree+0x8e/0x300 [ 371.111178][T13241] do_mount+0x142e/0x1cf0 [ 371.115498][T13241] ? copy_mount_string+0x40/0x40 [ 371.120452][T13241] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.126683][T13241] ? copy_mount_options+0x2e8/0x3f0 [ 371.131872][T13241] ksys_mount+0xdb/0x150 [ 371.136111][T13241] __x64_sys_mount+0xbe/0x150 [ 371.141659][T13241] do_syscall_64+0xfa/0x760 [ 371.146150][T13241] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.152025][T13241] RIP: 0033:0x459a59 [ 371.155908][T13241] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.175493][T13241] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 371.184236][T13241] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 371.192186][T13241] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 371.200323][T13241] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 371.208281][T13241] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 05:01:26 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401870cb) [ 371.216241][T13241] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:26 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x401070ca) [ 371.350092][T13248] block nbd3: shutting down sockets 05:01:26 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401870cc) 05:01:26 executing program 1 (fault-call:3 fault-nth:41): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 371.390592][T13251] block nbd2: shutting down sockets 05:01:26 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x401070cd) [ 371.467995][T13257] block nbd3: shutting down sockets [ 371.544608][T13262] block nbd2: shutting down sockets [ 371.546793][T13263] FAULT_INJECTION: forcing a failure. [ 371.546793][T13263] name failslab, interval 1, probability 0, space 0, times 0 [ 371.567748][T13263] CPU: 0 PID: 13263 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 371.576797][T13263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.586852][T13263] Call Trace: [ 371.590142][T13263] dump_stack+0x172/0x1f0 [ 371.594469][T13263] should_fail.cold+0xa/0x15 [ 371.599082][T13263] ? fault_create_debugfs_attr+0x180/0x180 [ 371.605411][T13263] ? ___might_sleep+0x163/0x2c0 [ 371.610257][T13263] __should_failslab+0x121/0x190 [ 371.615241][T13263] should_failslab+0x9/0x14 [ 371.619730][T13263] kmem_cache_alloc_trace+0x2d3/0x790 [ 371.625084][T13263] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 371.630964][T13263] __memcg_init_list_lru_node+0x8a/0x1e0 [ 371.636586][T13263] __list_lru_init+0x3fe/0x710 [ 371.642552][T13263] alloc_super+0x7f7/0x910 [ 371.646964][T13263] sget+0x117/0x560 [ 371.650753][T13263] ? get_anon_bdev+0xc0/0xc0 [ 371.655782][T13263] ? ovl_show_options+0x550/0x550 [ 371.661836][T13263] mount_nodev+0x31/0x110 [ 371.666671][T13263] ovl_mount+0x2d/0x40 [ 371.670722][T13263] ? ovl_own_xattr_set+0x10/0x10 [ 371.675640][T13263] legacy_get_tree+0x108/0x220 [ 371.680389][T13263] vfs_get_tree+0x8e/0x300 [ 371.684807][T13263] do_mount+0x142e/0x1cf0 [ 371.689126][T13263] ? copy_mount_string+0x40/0x40 [ 371.694065][T13263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.700317][T13263] ? copy_mount_options+0x2e8/0x3f0 [ 371.705515][T13263] ksys_mount+0xdb/0x150 [ 371.709764][T13263] __x64_sys_mount+0xbe/0x150 [ 371.714441][T13263] do_syscall_64+0xfa/0x760 [ 371.718957][T13263] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.724829][T13263] RIP: 0033:0x459a59 [ 371.728706][T13263] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 371.748296][T13263] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 371.756696][T13263] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 371.764793][T13263] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 371.772754][T13263] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 371.780711][T13263] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 05:01:27 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x401c5820) [ 371.788673][T13263] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 371.834412][T13267] block nbd3: shutting down sockets 05:01:29 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c6", 0x51}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x1000000, 0x0) 05:01:29 executing program 1 (fault-call:3 fault-nth:42): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:29 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x401870c8) 05:01:29 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x4020940d) [ 374.018923][T13276] block nbd2: shutting down sockets [ 374.050167][T13277] block nbd3: shutting down sockets [ 374.060372][T13281] FAULT_INJECTION: forcing a failure. [ 374.060372][T13281] name failslab, interval 1, probability 0, space 0, times 0 [ 374.086008][T13281] CPU: 0 PID: 13281 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 374.095179][T13281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.105260][T13281] Call Trace: [ 374.108593][T13281] dump_stack+0x172/0x1f0 [ 374.112956][T13281] should_fail.cold+0xa/0x15 [ 374.117588][T13281] ? fault_create_debugfs_attr+0x180/0x180 [ 374.123428][T13281] ? ___might_sleep+0x163/0x2c0 [ 374.128313][T13281] __should_failslab+0x121/0x190 [ 374.133295][T13281] should_failslab+0x9/0x14 [ 374.138264][T13281] kmem_cache_alloc_trace+0x2d3/0x790 [ 374.143667][T13281] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 374.149502][T13281] __memcg_init_list_lru_node+0x8a/0x1e0 [ 374.155267][T13281] __list_lru_init+0x3fe/0x710 [ 374.160071][T13281] alloc_super+0x7f7/0x910 [ 374.164516][T13281] sget+0x117/0x560 [ 374.168346][T13281] ? get_anon_bdev+0xc0/0xc0 [ 374.172974][T13281] ? ovl_show_options+0x550/0x550 [ 374.178006][T13281] mount_nodev+0x31/0x110 [ 374.182373][T13281] ovl_mount+0x2d/0x40 [ 374.186450][T13281] ? ovl_own_xattr_set+0x10/0x10 [ 374.191399][T13281] legacy_get_tree+0x108/0x220 [ 374.196178][T13281] vfs_get_tree+0x8e/0x300 05:01:29 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x401870cb) [ 374.200611][T13281] do_mount+0x142e/0x1cf0 [ 374.204943][T13281] ? copy_mount_string+0x40/0x40 [ 374.204965][T13281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.204977][T13281] ? copy_mount_options+0x2e8/0x3f0 [ 374.204994][T13281] ksys_mount+0xdb/0x150 [ 374.205009][T13281] __x64_sys_mount+0xbe/0x150 [ 374.205027][T13281] do_syscall_64+0xfa/0x760 [ 374.205051][T13281] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.205064][T13281] RIP: 0033:0x459a59 [ 374.205080][T13281] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 374.205087][T13281] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 374.205099][T13281] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 374.205112][T13281] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 374.216271][T13281] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 374.216279][T13281] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 374.216286][T13281] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 374.285297][T13288] block nbd2: shutting down sockets 05:01:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x100000000000000, 0x0) 05:01:29 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x80041284) 05:01:29 executing program 1 (fault-call:3 fault-nth:43): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:29 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x401870cc) [ 374.461338][T13295] block nbd3: shutting down sockets [ 374.478376][T13298] FAULT_INJECTION: forcing a failure. [ 374.478376][T13298] name failslab, interval 1, probability 0, space 0, times 0 [ 374.489929][T13303] block nbd2: shutting down sockets [ 374.503066][T13298] CPU: 1 PID: 13298 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 374.512138][T13298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.522209][T13298] Call Trace: [ 374.525507][T13298] dump_stack+0x172/0x1f0 [ 374.529877][T13298] should_fail.cold+0xa/0x15 [ 374.534509][T13298] ? fault_create_debugfs_attr+0x180/0x180 [ 374.540365][T13298] ? ___might_sleep+0x163/0x2c0 [ 374.545915][T13298] __should_failslab+0x121/0x190 [ 374.550877][T13298] should_failslab+0x9/0x14 [ 374.555434][T13298] kmem_cache_alloc_trace+0x2d3/0x790 [ 374.560815][T13298] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 374.566645][T13298] __memcg_init_list_lru_node+0x8a/0x1e0 [ 374.572294][T13298] __list_lru_init+0x3fe/0x710 [ 374.577094][T13298] alloc_super+0x7f7/0x910 [ 374.581678][T13298] sget+0x117/0x560 [ 374.585487][T13298] ? get_anon_bdev+0xc0/0xc0 [ 374.590106][T13298] ? ovl_show_options+0x550/0x550 [ 374.595164][T13298] mount_nodev+0x31/0x110 [ 374.599529][T13298] ovl_mount+0x2d/0x40 [ 374.603757][T13298] ? ovl_own_xattr_set+0x10/0x10 [ 374.608721][T13298] legacy_get_tree+0x108/0x220 [ 374.613621][T13298] vfs_get_tree+0x8e/0x300 [ 374.618087][T13298] do_mount+0x142e/0x1cf0 [ 374.622663][T13298] ? copy_mount_string+0x40/0x40 [ 374.627620][T13298] ? copy_mount_options+0x270/0x3f0 [ 374.632850][T13298] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.639132][T13298] ? copy_mount_options+0x2e8/0x3f0 [ 374.644337][T13298] ksys_mount+0xdb/0x150 [ 374.648582][T13298] __x64_sys_mount+0xbe/0x150 [ 374.653285][T13298] do_syscall_64+0xfa/0x760 [ 374.657785][T13298] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.663690][T13298] RIP: 0033:0x459a59 [ 374.667579][T13298] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 374.687254][T13298] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 374.695654][T13298] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 374.703612][T13298] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:01:30 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x80041285) [ 374.711587][T13298] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 374.719566][T13298] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 374.727530][T13298] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 374.785304][T13309] block nbd3: shutting down sockets 05:01:32 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c6", 0x51}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:32 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x4020940d) 05:01:32 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x800454d2) 05:01:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0xffffffff00000000, 0x0) 05:01:32 executing program 1 (fault-call:3 fault-nth:44): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 376.938961][T13316] block nbd2: shutting down sockets [ 376.957693][T13321] FAULT_INJECTION: forcing a failure. [ 376.957693][T13321] name failslab, interval 1, probability 0, space 0, times 0 [ 376.973240][T13320] block nbd3: shutting down sockets 05:01:32 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x80081270) [ 377.005396][T13321] CPU: 1 PID: 13321 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 377.014465][T13321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.024530][T13321] Call Trace: [ 377.027845][T13321] dump_stack+0x172/0x1f0 [ 377.032197][T13321] should_fail.cold+0xa/0x15 [ 377.036802][T13321] ? fault_create_debugfs_attr+0x180/0x180 [ 377.042658][T13321] ? ___might_sleep+0x163/0x2c0 [ 377.047538][T13321] __should_failslab+0x121/0x190 [ 377.052493][T13321] should_failslab+0x9/0x14 [ 377.057005][T13321] kmem_cache_alloc_trace+0x2d3/0x790 [ 377.062382][T13321] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 377.062408][T13321] __memcg_init_list_lru_node+0x8a/0x1e0 [ 377.062430][T13321] __list_lru_init+0x3fe/0x710 [ 377.078615][T13321] alloc_super+0x7f7/0x910 [ 377.083046][T13321] sget+0x117/0x560 [ 377.086858][T13321] ? get_anon_bdev+0xc0/0xc0 [ 377.091459][T13321] ? ovl_show_options+0x550/0x550 [ 377.096519][T13321] mount_nodev+0x31/0x110 [ 377.100868][T13321] ovl_mount+0x2d/0x40 [ 377.104948][T13321] ? ovl_own_xattr_set+0x10/0x10 [ 377.109902][T13321] legacy_get_tree+0x108/0x220 [ 377.114809][T13321] vfs_get_tree+0x8e/0x300 [ 377.119248][T13321] do_mount+0x142e/0x1cf0 [ 377.123590][T13321] ? copy_mount_string+0x40/0x40 [ 377.126940][T13330] block nbd3: shutting down sockets [ 377.128890][T13321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.128909][T13321] ? copy_mount_options+0x2e8/0x3f0 [ 377.145513][T13321] ksys_mount+0xdb/0x150 [ 377.150027][T13321] __x64_sys_mount+0xbe/0x150 [ 377.154716][T13321] do_syscall_64+0xfa/0x760 [ 377.159232][T13321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.165125][T13321] RIP: 0033:0x459a59 [ 377.169023][T13321] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.188807][T13321] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 377.197324][T13321] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 377.205290][T13321] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 377.214209][T13321] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 377.222263][T13321] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 377.230221][T13321] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:32 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x80081272) 05:01:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) recvmmsg(r3, &(0x7f0000001b00)=[{{&(0x7f0000000000)=@nl=@proc, 0x80, &(0x7f0000000140)=[{&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f0000000100)=""/7, 0x7}], 0x2, &(0x7f00000012c0)=""/199, 0xc7}, 0x5}, {{&(0x7f00000013c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000000180)=[{&(0x7f0000001440)=""/135, 0x87}, {&(0x7f0000001500)=""/212, 0xd4}], 0x2, &(0x7f0000001600)=""/65, 0x41}, 0x7bfa}, {{&(0x7f0000001680)=@pppol2tp, 0x80, &(0x7f0000001a00)=[{&(0x7f0000001700)=""/154, 0x9a}, {&(0x7f00000017c0)=""/112, 0x70}, {&(0x7f0000001840)=""/178, 0xb2}, {&(0x7f0000001900)=""/22, 0x16}, {&(0x7f0000001940)=""/150, 0x96}], 0x5, &(0x7f0000001a80)=""/119, 0x77}, 0x81}], 0x3, 0x40, &(0x7f0000001bc0)) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000200)=ANY=[@ANYRESDEC=r5, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000002097bd637d624e40ce8b76313ede9ce364a5bf602f1980e98e4ac4e2cb8aef29cf4d0b4497e7f4d3642cab2c0a599716ee059243700d7d18"], 0x2) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) getpeername$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000000c0)=0x1c) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:32 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x80041284) 05:01:32 executing program 1 (fault-call:3 fault-nth:45): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 377.477681][T13338] FAULT_INJECTION: forcing a failure. [ 377.477681][T13338] name failslab, interval 1, probability 0, space 0, times 0 [ 377.504595][T13340] block nbd2: shutting down sockets [ 377.506074][T13338] CPU: 1 PID: 13338 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 377.518879][T13338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.524578][T13339] block nbd3: shutting down sockets [ 377.529044][T13338] Call Trace: [ 377.529072][T13338] dump_stack+0x172/0x1f0 [ 377.529095][T13338] should_fail.cold+0xa/0x15 [ 377.529118][T13338] ? fault_create_debugfs_attr+0x180/0x180 [ 377.552268][T13338] ? ___might_sleep+0x163/0x2c0 [ 377.557159][T13338] __should_failslab+0x121/0x190 [ 377.562092][T13338] should_failslab+0x9/0x14 [ 377.566601][T13338] kmem_cache_alloc_trace+0x2d3/0x790 [ 377.571985][T13338] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 377.577799][T13338] __memcg_init_list_lru_node+0x8a/0x1e0 [ 377.583418][T13338] __list_lru_init+0x3fe/0x710 [ 377.588171][T13338] alloc_super+0x7f7/0x910 [ 377.592571][T13338] sget+0x117/0x560 [ 377.596361][T13338] ? get_anon_bdev+0xc0/0xc0 [ 377.600935][T13338] ? ovl_show_options+0x550/0x550 [ 377.605951][T13338] mount_nodev+0x31/0x110 [ 377.610262][T13338] ovl_mount+0x2d/0x40 [ 377.614400][T13338] ? ovl_own_xattr_set+0x10/0x10 [ 377.619321][T13338] legacy_get_tree+0x108/0x220 [ 377.624067][T13338] vfs_get_tree+0x8e/0x300 [ 377.628468][T13338] do_mount+0x142e/0x1cf0 [ 377.632785][T13338] ? copy_mount_string+0x40/0x40 [ 377.637711][T13338] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.644901][T13338] ? copy_mount_options+0x2e8/0x3f0 [ 377.650085][T13338] ksys_mount+0xdb/0x150 [ 377.654312][T13338] __x64_sys_mount+0xbe/0x150 [ 377.658988][T13338] do_syscall_64+0xfa/0x760 [ 377.663497][T13338] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.669395][T13338] RIP: 0033:0x459a59 [ 377.673279][T13338] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.692978][T13338] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 377.701375][T13338] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 377.709327][T13338] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 377.717279][T13338] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:01:33 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x80041285) [ 377.725234][T13338] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 377.733274][T13338] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 377.865161][T13352] block nbd2: shutting down sockets 05:01:35 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef0", 0x7a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mkdir(&(0x7f0000000000)='./file0\x00', 0xf4) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f0000000200)=ANY=[@ANYPTR=&(0x7f0000000080)=ANY=[@ANYRES64=r3, @ANYRESDEC, @ANYPTR64], @ANYRES32=r0, @ANYRESHEX=r0, @ANYBLOB="223ad758f85c3a24e4a2dcb11ed5dbf5d2ae1e83d54daca620c11088cc9d88747d52b1a7aaa105f25408987292ac07417bef89cd7d63332141ab6c0fd423b4af9a803083000d192594a601def1994f8bf9c090b01d733df3e4b066343c9a6a85f19ddbd052fd33c609086a68af5cb419039a163a18ec148387876ddbc9e44b0868628f70f4167a4d5ad88cac10ee85fe1f0177fb49ea31cc333720a673c9655fec3dc6ed85ab", @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYPTR, @ANYPTR64, @ANYRESHEX=r1], @ANYRES64=r0], @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:35 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x80086301) 05:01:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:35 executing program 1 (fault-call:3 fault-nth:46): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:35 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x800454d2) [ 380.055845][T13359] block nbd2: shutting down sockets [ 380.070154][T13360] block nbd3: shutting down sockets [ 380.087343][T13365] FAULT_INJECTION: forcing a failure. [ 380.087343][T13365] name failslab, interval 1, probability 0, space 0, times 0 [ 380.132989][T13365] CPU: 0 PID: 13365 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 380.142059][T13365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.152103][T13365] Call Trace: [ 380.155394][T13365] dump_stack+0x172/0x1f0 [ 380.159805][T13365] should_fail.cold+0xa/0x15 [ 380.164388][T13365] ? fault_create_debugfs_attr+0x180/0x180 [ 380.170188][T13365] ? ___might_sleep+0x163/0x2c0 [ 380.175053][T13365] __should_failslab+0x121/0x190 [ 380.179977][T13365] should_failslab+0x9/0x14 [ 380.184464][T13365] kmem_cache_alloc_trace+0x2d3/0x790 [ 380.189820][T13365] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 380.195620][T13365] __memcg_init_list_lru_node+0x8a/0x1e0 [ 380.201242][T13365] __list_lru_init+0x3fe/0x710 [ 380.205990][T13365] alloc_super+0x7f7/0x910 [ 380.210395][T13365] sget+0x117/0x560 [ 380.214184][T13365] ? get_anon_bdev+0xc0/0xc0 [ 380.218759][T13365] ? ovl_show_options+0x550/0x550 [ 380.223763][T13365] mount_nodev+0x31/0x110 [ 380.228073][T13365] ovl_mount+0x2d/0x40 [ 380.232250][T13365] ? ovl_own_xattr_set+0x10/0x10 [ 380.237187][T13365] legacy_get_tree+0x108/0x220 [ 380.241948][T13365] vfs_get_tree+0x8e/0x300 [ 380.246358][T13365] do_mount+0x142e/0x1cf0 [ 380.250679][T13365] ? copy_mount_string+0x40/0x40 [ 380.255612][T13365] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.261835][T13365] ? copy_mount_options+0x2e8/0x3f0 [ 380.267029][T13365] ksys_mount+0xdb/0x150 [ 380.271268][T13365] __x64_sys_mount+0xbe/0x150 [ 380.275934][T13365] do_syscall_64+0xfa/0x760 [ 380.280437][T13365] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 380.286316][T13365] RIP: 0033:0x459a59 [ 380.290192][T13365] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 380.310559][T13365] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 380.318958][T13365] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 05:01:35 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x80045519) 05:01:35 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0x800c6613) [ 380.326916][T13365] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 380.334868][T13365] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 380.342834][T13365] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 380.350794][T13365] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be29c32000002b28f20c1a580000000089dae769001499a8d1b3a4952f36def66ee2acdd00757432dc1000"/68], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) ioctl$void(r0, 0xc0045878) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 380.441114][T13374] block nbd2: shutting down sockets 05:01:35 executing program 1 (fault-call:3 fault-nth:47): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:35 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x80081270) [ 380.489083][T13379] block nbd3: shutting down sockets 05:01:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) pause() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 380.676376][T13388] block nbd2: shutting down sockets [ 380.689126][T13393] FAULT_INJECTION: forcing a failure. [ 380.689126][T13393] name failslab, interval 1, probability 0, space 0, times 0 [ 380.724404][T13393] CPU: 0 PID: 13393 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 380.733821][T13393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.743879][T13393] Call Trace: [ 380.747188][T13393] dump_stack+0x172/0x1f0 [ 380.751528][T13393] should_fail.cold+0xa/0x15 [ 380.756116][T13393] ? fault_create_debugfs_attr+0x180/0x180 [ 380.756138][T13393] ? ___might_sleep+0x163/0x2c0 [ 380.756159][T13393] __should_failslab+0x121/0x190 [ 380.756179][T13393] should_failslab+0x9/0x14 [ 380.776229][T13393] kmem_cache_alloc_trace+0x2d3/0x790 [ 380.781615][T13393] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 380.788221][T13393] __memcg_init_list_lru_node+0x8a/0x1e0 [ 380.788238][T13393] __list_lru_init+0x3fe/0x710 [ 380.788268][T13393] alloc_super+0x7f7/0x910 [ 380.803184][T13393] sget+0x117/0x560 [ 380.807012][T13393] ? get_anon_bdev+0xc0/0xc0 [ 380.811617][T13393] ? ovl_show_options+0x550/0x550 [ 380.816665][T13393] mount_nodev+0x31/0x110 [ 380.821035][T13393] ovl_mount+0x2d/0x40 [ 380.825111][T13393] ? ovl_own_xattr_set+0x10/0x10 [ 380.830059][T13393] legacy_get_tree+0x108/0x220 [ 380.835024][T13393] vfs_get_tree+0x8e/0x300 [ 380.839630][T13393] do_mount+0x142e/0x1cf0 [ 380.844097][T13393] ? copy_mount_string+0x40/0x40 [ 380.849465][T13393] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.856046][T13393] ? copy_mount_options+0x2e8/0x3f0 [ 380.861320][T13393] ksys_mount+0xdb/0x150 [ 380.865672][T13393] __x64_sys_mount+0xbe/0x150 [ 380.870431][T13393] do_syscall_64+0xfa/0x760 [ 380.874921][T13393] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 380.880806][T13393] RIP: 0033:0x459a59 [ 380.884694][T13393] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 380.904365][T13393] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 380.912753][T13393] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 380.920796][T13393] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 380.929117][T13393] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 380.937615][T13393] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 380.947287][T13393] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:38 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef0", 0x7a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:38 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc0044306) 05:01:38 executing program 0: getpgid(0xffffffffffffffff) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000280)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc) getpid() r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f00000001c0)) r3 = getpid() sched_setscheduler(r3, 0x5, &(0x7f00000001c0)) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100000, &(0x7f0000000080)="0bcb9a1de24b2b9e93f1e30f8426a7fa0ac91c1384de33d4354202c617acd2cda5fbc6cc4cac1c", &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="f763f2f6f10e0ffa1ac41230eff75c952126157bd6057f56dceefe1c8debc6de4e5b58537682e5b3f778c4c85abf4bbf5b58e76620800e35f9b1ff828f473a0ec7c45df7f2b15fc9f4eb7eaca698795e78d0aad898976dba8a172bd35466710161dceea2557d9df4c156c831e454274ffccf27aa4e526d57e5a37fa01254e99b14d3333c8bd239c1c4cc925d5823ec10795ecb64f181151c5d2a0a4da6ba2e23f477990fb290e558d7e3721a48e44475b0d5e1e717a1f3ac972ac0feea") r4 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66e03acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r5, 0x0, 0x0) uname(&(0x7f0000000200)=""/78) tkill(r5, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:38 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x80081272) 05:01:38 executing program 1 (fault-call:3 fault-nth:48): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 383.102617][T13402] block nbd2: shutting down sockets [ 383.131468][T13399] block nbd3: shutting down sockets [ 383.148838][T13409] FAULT_INJECTION: forcing a failure. [ 383.148838][T13409] name failslab, interval 1, probability 0, space 0, times 0 [ 383.189401][T13409] CPU: 1 PID: 13409 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 383.198488][T13409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.208550][T13409] Call Trace: [ 383.212098][T13409] dump_stack+0x172/0x1f0 [ 383.217031][T13409] should_fail.cold+0xa/0x15 [ 383.221698][T13409] ? fault_create_debugfs_attr+0x180/0x180 [ 383.227495][T13409] ? ___might_sleep+0x163/0x2c0 [ 383.232420][T13409] __should_failslab+0x121/0x190 [ 383.237350][T13409] should_failslab+0x9/0x14 [ 383.241848][T13409] kmem_cache_alloc_trace+0x2d3/0x790 [ 383.247205][T13409] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 383.253629][T13409] __memcg_init_list_lru_node+0x8a/0x1e0 [ 383.261080][T13409] __list_lru_init+0x3fe/0x710 [ 383.265833][T13409] alloc_super+0x7f7/0x910 [ 383.270239][T13409] sget+0x117/0x560 [ 383.274032][T13409] ? get_anon_bdev+0xc0/0xc0 [ 383.278607][T13409] ? ovl_show_options+0x550/0x550 [ 383.283616][T13409] mount_nodev+0x31/0x110 [ 383.287927][T13409] ovl_mount+0x2d/0x40 [ 383.291979][T13409] ? ovl_own_xattr_set+0x10/0x10 [ 383.296901][T13409] legacy_get_tree+0x108/0x220 [ 383.301663][T13409] vfs_get_tree+0x8e/0x300 [ 383.306078][T13409] do_mount+0x142e/0x1cf0 [ 383.310495][T13409] ? copy_mount_string+0x40/0x40 [ 383.315522][T13409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.321943][T13409] ? copy_mount_options+0x2e8/0x3f0 [ 383.327926][T13409] ksys_mount+0xdb/0x150 [ 383.332258][T13409] __x64_sys_mount+0xbe/0x150 [ 383.337483][T13409] do_syscall_64+0xfa/0x760 [ 383.342008][T13409] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.348256][T13409] RIP: 0033:0x459a59 [ 383.352414][T13409] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.375523][T13409] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:01:38 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x80086301) 05:01:38 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc0045878) 05:01:38 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef0", 0x7a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 383.384635][T13409] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 383.392971][T13409] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 383.401035][T13409] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 383.409010][T13409] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 383.416973][T13409] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 383.498465][T13418] block nbd3: shutting down sockets [ 383.564169][T13422] block nbd2: shutting down sockets 05:01:38 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc0045878) 05:01:38 executing program 1 (fault-call:3 fault-nth:49): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 383.641141][T13429] block nbd3: shutting down sockets 05:01:38 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x8090ae81) 05:01:39 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc0101282) [ 383.761839][T13434] FAULT_INJECTION: forcing a failure. [ 383.761839][T13434] name failslab, interval 1, probability 0, space 0, times 0 [ 383.787199][T13435] block nbd2: shutting down sockets [ 383.803494][T13434] CPU: 1 PID: 13434 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 383.812658][T13434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.823510][T13434] Call Trace: [ 383.826831][T13434] dump_stack+0x172/0x1f0 [ 383.831180][T13434] should_fail.cold+0xa/0x15 [ 383.835802][T13434] ? fault_create_debugfs_attr+0x180/0x180 [ 383.841625][T13434] ? ___might_sleep+0x163/0x2c0 [ 383.843459][T13438] block nbd3: shutting down sockets [ 383.846580][T13434] __should_failslab+0x121/0x190 [ 383.856813][T13434] should_failslab+0x9/0x14 [ 383.861309][T13434] kmem_cache_alloc_trace+0x2d3/0x790 [ 383.868072][T13434] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 383.873887][T13434] __memcg_init_list_lru_node+0x8a/0x1e0 [ 383.879970][T13434] __list_lru_init+0x3fe/0x710 [ 383.886808][T13434] alloc_super+0x7f7/0x910 [ 383.892521][T13434] sget+0x117/0x560 [ 383.896331][T13434] ? get_anon_bdev+0xc0/0xc0 [ 383.901689][T13434] ? ovl_show_options+0x550/0x550 [ 383.906697][T13434] mount_nodev+0x31/0x110 [ 383.911881][T13434] ovl_mount+0x2d/0x40 [ 383.916199][T13434] ? ovl_own_xattr_set+0x10/0x10 [ 383.921121][T13434] legacy_get_tree+0x108/0x220 [ 383.925963][T13434] vfs_get_tree+0x8e/0x300 [ 383.930542][T13434] do_mount+0x142e/0x1cf0 [ 383.934972][T13434] ? copy_mount_string+0x40/0x40 [ 383.940069][T13434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.946323][T13434] ? copy_mount_options+0x2e8/0x3f0 [ 383.951520][T13434] ksys_mount+0xdb/0x150 [ 383.955760][T13434] __x64_sys_mount+0xbe/0x150 [ 383.960431][T13434] do_syscall_64+0xfa/0x760 [ 383.964925][T13434] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 383.970801][T13434] RIP: 0033:0x459a59 [ 383.974682][T13434] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 383.994475][T13434] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 384.002982][T13434] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 05:01:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0xdcf3ddeb6f63865b, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f00000000c0)=""/101) wait4(0x0, 0x0, 0x0, 0x0) 05:01:39 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0x81009431) [ 384.011037][T13434] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 384.019124][T13434] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 384.027079][T13434] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 384.035121][T13434] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:39 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc0189436) 05:01:39 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc0045878) [ 384.129342][T13444] block nbd2: shutting down sockets [ 384.168282][T13447] block nbd3: shutting down sockets [ 384.299645][T13452] block nbd2: shutting down sockets 05:01:41 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:41 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc020660b) 05:01:41 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000140)={0x1, 0x0, [{0x22000, 0xb3, &(0x7f0000000080)=""/179}]}) [ 386.120999][T13458] block nbd3: shutting down sockets 05:01:41 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc0045878) 05:01:41 executing program 1 (fault-call:3 fault-nth:50): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:41 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30", 0x8e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:41 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xc0481273) 05:01:41 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:41 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) r3 = fcntl$getown(r2, 0x9) tkill(r3, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 386.613079][T13472] block nbd3: shutting down sockets [ 386.630324][T13478] FAULT_INJECTION: forcing a failure. [ 386.630324][T13478] name failslab, interval 1, probability 0, space 0, times 0 [ 386.632079][T13474] block nbd2: shutting down sockets [ 386.665046][T13478] CPU: 1 PID: 13478 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 386.674205][T13478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.684526][T13478] Call Trace: [ 386.687914][T13478] dump_stack+0x172/0x1f0 [ 386.692540][T13478] should_fail.cold+0xa/0x15 [ 386.697150][T13478] ? fault_create_debugfs_attr+0x180/0x180 [ 386.703685][T13478] ? ___might_sleep+0x163/0x2c0 [ 386.708551][T13478] __should_failslab+0x121/0x190 [ 386.714192][T13478] should_failslab+0x9/0x14 [ 386.718853][T13478] kmem_cache_alloc_trace+0x2d3/0x790 [ 386.724240][T13478] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 386.730054][T13478] __memcg_init_list_lru_node+0x8a/0x1e0 [ 386.736600][T13478] __list_lru_init+0x3fe/0x710 [ 386.741487][T13478] alloc_super+0x7f7/0x910 [ 386.745921][T13478] sget+0x117/0x560 [ 386.749756][T13478] ? get_anon_bdev+0xc0/0xc0 [ 386.754542][T13478] ? ovl_show_options+0x550/0x550 [ 386.759946][T13478] mount_nodev+0x31/0x110 [ 386.764895][T13478] ovl_mount+0x2d/0x40 [ 386.768976][T13478] ? ovl_own_xattr_set+0x10/0x10 [ 386.773913][T13478] legacy_get_tree+0x108/0x220 [ 386.778722][T13478] vfs_get_tree+0x8e/0x300 [ 386.783181][T13478] do_mount+0x142e/0x1cf0 [ 386.787783][T13478] ? copy_mount_string+0x40/0x40 [ 386.792722][T13478] ? copy_mount_options+0x266/0x3f0 [ 386.797926][T13478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.804171][T13478] ? copy_mount_options+0x2e8/0x3f0 [ 386.809369][T13478] ksys_mount+0xdb/0x150 [ 386.813609][T13478] __x64_sys_mount+0xbe/0x150 [ 386.818288][T13478] do_syscall_64+0xfa/0x760 [ 386.822777][T13478] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.828671][T13478] RIP: 0033:0x459a59 [ 386.832575][T13478] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 386.852701][T13478] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:01:42 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc0101282) 05:01:42 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) sendto$ax25(r3, &(0x7f0000000100)="607bf2b0c653f407b43cf8aa311885809f09c27dc06067381fbb85f4038bb1e9610563ad6872b222c76194f2f60ada4646e9b022ab22868a8d5f26ad4b3cd0d99e0738bc3f87fc4105b853bdf5b51c6d180c", 0x52, 0x8004, &(0x7f0000000200)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @default, @default, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=@known='com.apple.system.Security\x00') socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = getpid() ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000280)={[], 0x9, 0x4, 0x9, 0x9, 0x7ff, r8}) [ 386.861111][T13478] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 386.869069][T13478] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 386.877039][T13478] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 386.884998][T13478] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 386.892982][T13478] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 386.991065][T13489] block nbd2: shutting down sockets 05:01:42 executing program 1 (fault-call:3 fault-nth:51): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x9, 0x42000) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000003c0)={0x3, &(0x7f0000000240)=[{0x2, 0x4, 0x4, 0x7}, {0x2, 0x5, 0x3, 0x3}, {0x4, 0x80, 0x20, 0x40}]}, 0x10) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) accept4$ax25(r6, &(0x7f0000000500)={{0x3, @netrom}, [@remote, @netrom, @rose, @bcast, @netrom, @rose, @remote, @null]}, &(0x7f0000000400)=0x48, 0x400) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r4, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r4, @in={{0x2, 0x4e20, @broadcast}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r4, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r4, &(0x7f00000000c0)=0x4) accept4$ax25(r2, &(0x7f0000000340)={{0x3, @null}, [@default, @netrom, @default, @rose, @rose, @default, @default, @default]}, &(0x7f00000001c0)=0x48, 0x80400) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f00000000c0)={r4, 0x5, 0x10, 0x0, 0x7}, &(0x7f0000000100)=0x18) wait4(0x0, 0x0, 0x0, 0x0) [ 387.012977][ T1530] block nbd3: Receive control failed (result -22) [ 387.020441][ T1530] block nbd3: Receive control failed (result -22) [ 387.030619][T13492] block nbd3: shutting down sockets 05:01:42 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc0189436) 05:01:42 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_mount_image$ceph(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)='./file0\x00', 0x5, 0x1, &(0x7f0000000180)=[{&(0x7f0000000200)="af99d6f908d56ecc7670d67198f6ac79f723372c907bb24ed321b3ab1fbb6c9b2bc8d0139a4bacfa9cf4979a2b36d9753b0b68442c9d3214a728045b445546b25f4bd4a03ddf75ff843eb5c218", 0x4d, 0x3}], 0x800, &(0x7f0000000280)=':vboxnet1self-,\x00') r5 = dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x5) ioctl$USBDEVFS_BULK(r5, 0xc0185502, &(0x7f00000000c0)={{0x3}, 0x81, 0x7f, 0x47, 0x1895, &(0x7f0000000000)="ed461b57ebf9391618b0ab52f2e16017a2a171091b625d03120a3dbb1e561663f740c74863b613b77999a0b18657d4c4bdeb3a23eff987b74552b37a826a9d9b0f04c7cc861338"}) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 387.158578][T13500] FAULT_INJECTION: forcing a failure. [ 387.158578][T13500] name failslab, interval 1, probability 0, space 0, times 0 [ 387.211454][T13502] block nbd2: shutting down sockets 05:01:42 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 387.243460][T13500] CPU: 1 PID: 13500 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 387.252610][T13500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.262670][T13500] Call Trace: [ 387.265969][T13500] dump_stack+0x172/0x1f0 [ 387.270305][T13500] should_fail.cold+0xa/0x15 [ 387.274911][T13500] ? fault_create_debugfs_attr+0x180/0x180 [ 387.280735][T13500] ? ___might_sleep+0x163/0x2c0 [ 387.285593][T13500] __should_failslab+0x121/0x190 [ 387.290539][T13500] should_failslab+0x9/0x14 [ 387.295056][T13500] kmem_cache_alloc_node_trace+0x274/0x750 [ 387.300862][T13500] ? kmem_cache_alloc_trace+0x397/0x790 [ 387.306402][T13500] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 387.306418][T13500] __kmalloc_node+0x3d/0x70 [ 387.306437][T13500] kvmalloc_node+0x68/0x100 [ 387.306453][T13500] __list_lru_init+0x4d5/0x710 [ 387.306473][T13500] alloc_super+0x7f7/0x910 [ 387.306492][T13500] sget+0x117/0x560 [ 387.306503][T13500] ? get_anon_bdev+0xc0/0xc0 [ 387.306526][T13500] ? ovl_show_options+0x550/0x550 [ 387.344016][T13500] mount_nodev+0x31/0x110 [ 387.348362][T13500] ovl_mount+0x2d/0x40 [ 387.352434][T13500] ? ovl_own_xattr_set+0x10/0x10 [ 387.357374][T13500] legacy_get_tree+0x108/0x220 [ 387.362324][T13500] vfs_get_tree+0x8e/0x300 [ 387.366747][T13500] do_mount+0x142e/0x1cf0 [ 387.371089][T13500] ? copy_mount_string+0x40/0x40 [ 387.376039][T13500] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.382281][T13500] ? copy_mount_options+0x2e8/0x3f0 [ 387.387488][T13500] ksys_mount+0xdb/0x150 05:01:42 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc020660b) [ 387.391740][T13500] __x64_sys_mount+0xbe/0x150 [ 387.396425][T13500] do_syscall_64+0xfa/0x760 [ 387.400945][T13500] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 387.406849][T13500] RIP: 0033:0x459a59 [ 387.410759][T13500] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 387.430375][T13500] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 387.431104][T13517] ptrace attach of "/root/syz-executor.0"[13515] was attempted by "/root/syz-executor.0"[13517] [ 387.438788][T13500] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 387.438796][T13500] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 387.438803][T13500] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 387.438812][T13500] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 387.438821][T13500] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 387.527044][T13513] ceph: device name is missing path (no : separator in /dev/loop3) [ 387.578576][T13518] block nbd2: shutting down sockets 05:01:44 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30", 0x8e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:44 executing program 1 (fault-call:3 fault-nth:52): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:44 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f00000001c0)) sched_getaffinity(r2, 0x8, &(0x7f0000000080)) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252ec24552eec4dab7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) r3 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x4, 0xc5aa0881f6e9b765) write$UHID_GET_REPORT_REPLY(r3, &(0x7f0000000240)={0xa, 0x0, 0x30}, 0xa) ptrace$setopts(0x4206, r1, 0x0, 0x0) r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x7) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x5266a1, 0x0) write$P9_RRENAMEAT(r5, &(0x7f0000000180)={0x7, 0x4b, 0x1}, 0x7) bind$ax25(r4, &(0x7f0000000000)={{0x3, @null, 0x6}, [@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @default]}, 0x48) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:44 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc038563b) 05:01:44 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SIOCX25SCALLUSERDATA(0xffffffffffffffff, 0x89e5, &(0x7f00000000c0)={0x30, "cddf45104bb8e6b0c8a9eb7d10869046bd8e18a8c9a4f7fc321f2f2ea66dd029f23a35d581f5960566ac0b2c8056b3d77aa78f28537d9e4f5282df1290e6f8c39b0709c69109902cf755a1afad65d6b0d221e4b95791cd23e19b661cab9b25f00f732fa5f610ef272181f0c81b50863f6a11d1759b71225355239c9fdcffcb29"}) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) renameat2(r5, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, 0xffffffffffffffff, 0x2) 05:01:44 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 389.708358][ T1530] block nbd3: Receive control failed (result -22) [ 389.708364][ T9110] block nbd3: Receive control failed (result -22) [ 389.733805][T13530] block nbd2: shutting down sockets [ 389.740377][T13541] FAULT_INJECTION: forcing a failure. [ 389.740377][T13541] name failslab, interval 1, probability 0, space 0, times 0 [ 389.773306][T13541] CPU: 1 PID: 13541 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 389.782364][T13541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.792422][T13541] Call Trace: [ 389.795736][T13541] dump_stack+0x172/0x1f0 [ 389.800029][T13528] block nbd3: shutting down sockets [ 389.800082][T13541] should_fail.cold+0xa/0x15 [ 389.809895][T13541] ? fault_create_debugfs_attr+0x180/0x180 [ 389.815792][T13541] ? ___might_sleep+0x163/0x2c0 [ 389.820675][T13541] __should_failslab+0x121/0x190 [ 389.825728][T13541] should_failslab+0x9/0x14 [ 389.830243][T13541] kmem_cache_alloc_trace+0x2d3/0x790 [ 389.847179][T13541] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 389.853031][T13541] __memcg_init_list_lru_node+0x8a/0x1e0 [ 389.858659][T13541] __list_lru_init+0x3fe/0x710 [ 389.863422][T13541] alloc_super+0x7f7/0x910 [ 389.867848][T13541] sget+0x117/0x560 [ 389.871659][T13541] ? get_anon_bdev+0xc0/0xc0 [ 389.876336][T13541] ? ovl_show_options+0x550/0x550 [ 389.881393][T13541] mount_nodev+0x31/0x110 [ 389.885708][T13541] ovl_mount+0x2d/0x40 [ 389.889929][T13541] ? ovl_own_xattr_set+0x10/0x10 [ 389.894857][T13541] legacy_get_tree+0x108/0x220 [ 389.899727][T13541] vfs_get_tree+0x8e/0x300 [ 389.904142][T13541] do_mount+0x142e/0x1cf0 [ 389.908475][T13541] ? retint_kernel+0x2b/0x2b [ 389.913073][T13541] ? copy_mount_string+0x40/0x40 [ 389.918035][T13541] ? __sanitizer_cov_trace_const_cmp4+0x5/0x20 [ 389.926039][T13541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.935069][T13541] ? copy_mount_options+0x2e8/0x3f0 [ 389.941249][T13541] ksys_mount+0xdb/0x150 [ 389.945859][T13541] __x64_sys_mount+0xbe/0x150 [ 389.950543][T13541] do_syscall_64+0xfa/0x760 [ 389.955062][T13541] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.961044][T13541] RIP: 0033:0x459a59 [ 389.964938][T13541] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 389.986997][T13541] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 389.995486][T13541] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 390.003449][T13541] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 390.015170][T13541] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:01:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:45 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc0405665) 05:01:45 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$DRM_IOCTL_GET_MAGIC(r9, 0x80046402, &(0x7f0000000100)) splice(r4, &(0x7f0000000000), r7, &(0x7f0000000040), 0x9, 0x2) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) setsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f00000000c0)={0x20, 0x9, 0x2, 0x80, 0x3, 0x1, 0x5, 0xf7, 0x9, 0x8, 0x80}, 0xb) ioctl$NBD_DO_IT(r2, 0xab03) [ 390.023138][T13541] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 390.032661][T13541] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = getpgid(0xffffffffffffffff) ptrace$getsig(0x4202, r1, 0x0, &(0x7f0000000080)) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:45 executing program 1 (fault-call:3 fault-nth:53): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 390.167602][T13552] block nbd2: shutting down sockets [ 390.180708][ T1530] block nbd3: Receive control failed (result -22) [ 390.180715][ T9110] block nbd3: Receive control failed (result -22) [ 390.251727][T13547] block nbd3: shutting down sockets 05:01:45 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc04064a0) [ 390.287307][T13560] FAULT_INJECTION: forcing a failure. [ 390.287307][T13560] name failslab, interval 1, probability 0, space 0, times 0 [ 390.322069][T13560] CPU: 1 PID: 13560 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 390.331225][T13560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.341309][T13560] Call Trace: [ 390.341344][T13560] dump_stack+0x172/0x1f0 [ 390.341369][T13560] should_fail.cold+0xa/0x15 [ 390.341389][T13560] ? fault_create_debugfs_attr+0x180/0x180 [ 390.341414][T13560] ? ___might_sleep+0x163/0x2c0 [ 390.341432][T13560] __should_failslab+0x121/0x190 [ 390.341450][T13560] should_failslab+0x9/0x14 [ 390.341468][T13560] kmem_cache_alloc_trace+0x2d3/0x790 [ 390.379746][T13560] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 390.385593][T13560] __memcg_init_list_lru_node+0x8a/0x1e0 [ 390.391265][T13560] __list_lru_init+0x3fe/0x710 [ 390.396065][T13560] alloc_super+0x7f7/0x910 [ 390.400510][T13560] sget+0x117/0x560 [ 390.404338][T13560] ? get_anon_bdev+0xc0/0xc0 [ 390.408949][T13560] ? ovl_show_options+0x550/0x550 [ 390.414022][T13560] mount_nodev+0x31/0x110 [ 390.418371][T13560] ovl_mount+0x2d/0x40 [ 390.422461][T13560] ? ovl_own_xattr_set+0x10/0x10 [ 390.424948][T13563] block nbd2: shutting down sockets [ 390.427418][T13560] legacy_get_tree+0x108/0x220 [ 390.427442][T13560] vfs_get_tree+0x8e/0x300 [ 390.427461][T13560] do_mount+0x142e/0x1cf0 [ 390.446161][T13560] ? copy_mount_string+0x40/0x40 [ 390.451133][T13560] ? copy_mount_options+0x258/0x3f0 [ 390.456364][T13560] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.462625][T13560] ? copy_mount_options+0x2e8/0x3f0 [ 390.467844][T13560] ksys_mount+0xdb/0x150 [ 390.472109][T13560] __x64_sys_mount+0xbe/0x150 [ 390.476826][T13560] do_syscall_64+0xfa/0x760 [ 390.481341][T13560] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 390.487223][T13560] RIP: 0033:0x459a59 [ 390.487239][T13560] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 390.487245][T13560] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 390.487257][T13560] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 390.487265][T13560] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 390.487272][T13560] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 390.487280][T13560] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 390.487287][T13560] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:47 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30", 0x8e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:47 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xc0481273) 05:01:47 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$RTC_WKALM_RD(r7, 0x80287010, &(0x7f0000000000)) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:47 executing program 1 (fault-call:3 fault-nth:54): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:47 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f00000001c0)) prctl$PR_SET_PTRACER(0x59616d61, r1) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYBLOB="6d047cb8660ebe21be390000000000000080002b9abb2a2f9fd2399e04451565100ffa8201000200000069001499a8d1b3a4952f47c8f003d8aca10e98cb70f29fcc5fdd00a49d5c8c3d08002200000000970000000000000000"], 0x2) r4 = getpid() sched_setscheduler(r4, 0x6, &(0x7f00000001c0)) prctl$PR_SET_PTRACER(0x59616d61, r3) sched_getparam(r4, &(0x7f0000000080)) ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x5) ioctl$VIDIOC_SUBDEV_S_CROP(r2, 0xc038563c, &(0x7f00000000c0)={0x1, 0x0, {0x4, 0x9, 0xf0d, 0x20000000}}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_SET_UNIQUE(r6, 0x40106410, &(0x7f0000000180)={0x4d, &(0x7f0000000000)="074054003bbfdb090b01c84eb3c7135696a7e02f70d4ffdcdc587b5cb9476c1a17c004ac5a28325210d05ce774f6a799026964683d35ec3e9b99c665bf380c3646d6d3b108b8af70fbd12d3dd1"}) wait4(0x0, 0x0, 0x0, 0x0) 05:01:47 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 392.783614][ T1530] block nbd3: Receive control failed (result -22) [ 392.788009][T13573] block nbd2: shutting down sockets [ 392.791319][ T1530] block nbd3: Receive control failed (result -22) [ 392.804572][T13574] block nbd3: shutting down sockets [ 392.829609][T13581] FAULT_INJECTION: forcing a failure. [ 392.829609][T13581] name failslab, interval 1, probability 0, space 0, times 0 [ 392.859865][T13581] CPU: 0 PID: 13581 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 392.868934][T13581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.878998][T13581] Call Trace: [ 392.882316][T13581] dump_stack+0x172/0x1f0 [ 392.886673][T13581] should_fail.cold+0xa/0x15 [ 392.891286][T13581] ? fault_create_debugfs_attr+0x180/0x180 [ 392.897135][T13581] ? ___might_sleep+0x163/0x2c0 [ 392.902014][T13581] __should_failslab+0x121/0x190 [ 392.906979][T13581] should_failslab+0x9/0x14 [ 392.911496][T13581] kmem_cache_alloc_trace+0x2d3/0x790 [ 392.912706][T13591] ptrace attach of "/root/syz-executor.4"[13590] was attempted by "/root/syz-executor.4"[13591] [ 392.916876][T13581] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 392.916899][T13581] __memcg_init_list_lru_node+0x8a/0x1e0 [ 392.916918][T13581] __list_lru_init+0x3fe/0x710 [ 392.943659][T13581] alloc_super+0x7f7/0x910 [ 392.948069][T13581] sget+0x117/0x560 [ 392.951863][T13581] ? get_anon_bdev+0xc0/0xc0 [ 392.956440][T13581] ? ovl_show_options+0x550/0x550 [ 392.961449][T13581] mount_nodev+0x31/0x110 [ 392.965771][T13581] ovl_mount+0x2d/0x40 [ 392.969821][T13581] ? ovl_own_xattr_set+0x10/0x10 [ 392.974741][T13581] legacy_get_tree+0x108/0x220 [ 392.979489][T13581] vfs_get_tree+0x8e/0x300 [ 392.983889][T13581] do_mount+0x142e/0x1cf0 [ 392.988290][T13581] ? copy_mount_string+0x40/0x40 [ 392.993653][T13581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.999875][T13581] ? _copy_from_user+0x12c/0x1a0 [ 393.004800][T13581] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.011023][T13581] ? copy_mount_options+0x2e8/0x3f0 [ 393.016836][T13581] ksys_mount+0xdb/0x150 [ 393.021065][T13581] __x64_sys_mount+0xbe/0x150 [ 393.025733][T13581] do_syscall_64+0xfa/0x760 [ 393.030227][T13581] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.036108][T13581] RIP: 0033:0x459a59 [ 393.039998][T13581] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 393.059769][T13581] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 393.068342][T13581] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 393.076297][T13581] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:01:48 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=ANY=[], 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:48 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) ioctl$BLKROSET(0xffffffffffffffff, 0x125d, &(0x7f0000000000)=0xffffffffffffffaf) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:48 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:48 executing program 3: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x10000, 0x0) recvfrom$x25(r0, &(0x7f00000000c0)=""/134, 0x86, 0x40002020, &(0x7f0000000040)={0x9, @remote={[], 0x1}}, 0x12) r1 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0xb41) r4 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) socket$unix(0x1, 0x5, 0x0) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r3, 0xab03) [ 393.084253][T13581] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 393.092206][T13581] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 393.100180][T13581] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:48 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0", 0x98}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 393.219149][ T9110] block nbd3: Receive control failed (result -22) [ 393.219156][ T1530] block nbd3: Receive control failed (result -22) [ 393.233111][ T1530] block nbd2: Receive control failed (result -22) [ 393.233957][T13593] block nbd3: shutting down sockets 05:01:48 executing program 1 (fault-call:3 fault-nth:55): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 393.270885][T13594] block nbd2: shutting down sockets 05:01:48 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd6399e0400c33f00003b0000000089dae769001499a8d1b3a4952f36def66e080022757432dc060000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x40, 0x8) pread64(r2, &(0x7f0000000280)=""/4096, 0x1000, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(fcrypt)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000412ff8)="3665a1ab415b7ac7", 0x8) r4 = accept(r3, 0x0, 0x0) sendmsg$SEG6_CMD_SET_TUNSRC(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="6b1d9c2a7f40", @ANYRES16=0x0, @ANYBLOB="00000000000000000000030000001400010080a7ec467d96060cd9e601f464d59430"], 0xfffffd33}}, 0x8000051) recvmsg(r4, &(0x7f000000b680)={0x0, 0x231, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x5}, {&(0x7f000000b500)=""/153, 0x7fffeffb}], 0x2}, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:48 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$DRM_IOCTL_GET_MAGIC(r5, 0x80046402, &(0x7f0000000000)=0xfffffff7) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r5, 0xab0a, 0x184f) ioctl$NBD_DO_IT(r2, 0xab03) [ 393.432266][T13612] FAULT_INJECTION: forcing a failure. [ 393.432266][T13612] name failslab, interval 1, probability 0, space 0, times 0 05:01:48 executing program 2: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000001940)=ANY=[@ANYBLOB="66643d0fef41843ce28cc89e947f1dec37aeb464c4463331c7f53aeeab3c72565a6a46cefd4957175797bc93a267db9322be652f63d5f911d739ae37c9b343c5496d4d6d54e8439f52af95e7ab017bf576b6f7915d1535422b059bbb375d1893e836376681df468e5b196b12ed0d377af62f304a4bb8a742c900f78bf08f48f80e507cb3c29ede84124bc865213a6d84886bee81bda2ced8a12e54da5f824320569e537978b8845e2c6f08982b1975e089e227a1ccdbf5ac55278645c514939467a8755dd953c052bb699561a58f4e6899055a197ceec1719d193489318ac63b9e30a9", @ANYRESHEX=r2, @ANYBLOB="2c726f6f746d6f64653d3030b03030303030303030303030300f7a6402bf2d22df2112cdc20717d88430", @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r2, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r2, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r2, &(0x7f0000003000), 0x1150) r3 = socket$inet(0x2, 0x0, 0x0) bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r3, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r3, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r4, @ANYBLOB=',group_id=', @ANYRESDEC=r5, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) chown(&(0x7f0000000040)='./file0\x00', r1, r5) r6 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x79eecc29a4b28944) r7 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r6, 0xab00, r7) r8 = syz_open_dev$ndb(0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r9, 0x40345410, &(0x7f0000000100)={{0x1}}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r9, 0x40505412, &(0x7f0000000180)={0x0, 0x200000022e}) syz_open_procfs(0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) ioctl$NBD_DO_IT(r8, 0xab03) [ 393.496594][T13612] CPU: 0 PID: 13612 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 393.505664][T13612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.515730][T13612] Call Trace: [ 393.519043][T13612] dump_stack+0x172/0x1f0 [ 393.523400][T13612] should_fail.cold+0xa/0x15 [ 393.528013][T13612] ? fault_create_debugfs_attr+0x180/0x180 [ 393.533839][T13612] ? ___might_sleep+0x163/0x2c0 [ 393.536416][T13617] block nbd3: server does not support multiple connections per device. [ 393.538703][T13612] __should_failslab+0x121/0x190 [ 393.538727][T13612] should_failslab+0x9/0x14 [ 393.547729][T13615] block nbd3: shutting down sockets [ 393.551875][T13612] kmem_cache_alloc_trace+0x2d3/0x790 [ 393.551892][T13612] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 393.551915][T13612] __memcg_init_list_lru_node+0x8a/0x1e0 [ 393.551946][T13612] __list_lru_init+0x3fe/0x710 [ 393.551966][T13612] alloc_super+0x7f7/0x910 [ 393.551985][T13612] sget+0x117/0x560 05:01:48 executing program 3: r0 = syz_open_dev$ndb(&(0x7f00000000c0)='\x1a\x00q\x00', 0x0, 0x410100) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r3, 0x84, 0x16, &(0x7f0000000000)={0x5, [0x401, 0x5, 0x47, 0x3f, 0x1]}, 0xe) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 393.566041][T13617] block nbd3: server does not support multiple connections per device. [ 393.567022][T13612] ? get_anon_bdev+0xc0/0xc0 [ 393.567042][T13612] ? ovl_show_options+0x550/0x550 [ 393.567059][T13612] mount_nodev+0x31/0x110 [ 393.567072][T13612] ovl_mount+0x2d/0x40 [ 393.567088][T13612] ? ovl_own_xattr_set+0x10/0x10 [ 393.573431][T13617] block nbd3: shutting down sockets [ 393.578509][T13612] legacy_get_tree+0x108/0x220 [ 393.578530][T13612] vfs_get_tree+0x8e/0x300 [ 393.578547][T13612] do_mount+0x142e/0x1cf0 [ 393.578568][T13612] ? copy_mount_string+0x40/0x40 [ 393.578592][T13612] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.578609][T13612] ? copy_mount_options+0x2e8/0x3f0 [ 393.652991][T13612] ksys_mount+0xdb/0x150 [ 393.653016][T13612] __x64_sys_mount+0xbe/0x150 [ 393.662435][T13612] do_syscall_64+0xfa/0x760 [ 393.671651][T13612] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.677558][T13612] RIP: 0033:0x459a59 [ 393.681463][T13612] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 393.701077][T13612] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 393.709508][T13612] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 393.718362][T13612] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 393.726345][T13612] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 393.734328][T13612] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 393.742308][T13612] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:49 executing program 1 (fault-call:3 fault-nth:56): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:49 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) r7 = socket$vsock_stream(0x28, 0x1, 0x0) dup2(r6, r7) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 393.793766][T13619] cgroup: fork rejected by pids controller in /syz0 05:01:49 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x40) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 393.995483][T13738] FAULT_INJECTION: forcing a failure. [ 393.995483][T13738] name failslab, interval 1, probability 0, space 0, times 0 [ 394.008980][T13738] CPU: 0 PID: 13738 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 394.018026][T13738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.019534][ T1530] block nbd3: Receive control failed (result -22) [ 394.028103][T13738] Call Trace: [ 394.028131][T13738] dump_stack+0x172/0x1f0 [ 394.028156][T13738] should_fail.cold+0xa/0x15 [ 394.028177][T13738] ? fault_create_debugfs_attr+0x180/0x180 [ 394.028196][T13738] ? ___might_sleep+0x163/0x2c0 [ 394.028212][T13738] __should_failslab+0x121/0x190 [ 394.028228][T13738] should_failslab+0x9/0x14 [ 394.028240][T13738] kmem_cache_alloc_trace+0x2d3/0x790 [ 394.028264][T13738] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 394.078312][T13738] __memcg_init_list_lru_node+0x8a/0x1e0 [ 394.083933][T13738] __list_lru_init+0x3fe/0x710 [ 394.088682][T13738] alloc_super+0x7f7/0x910 [ 394.093086][T13738] sget+0x117/0x560 [ 394.096880][T13738] ? get_anon_bdev+0xc0/0xc0 [ 394.101453][T13738] ? ovl_show_options+0x550/0x550 [ 394.106461][T13738] mount_nodev+0x31/0x110 [ 394.110774][T13738] ovl_mount+0x2d/0x40 [ 394.115352][T13738] ? ovl_own_xattr_set+0x10/0x10 [ 394.120302][T13738] legacy_get_tree+0x108/0x220 [ 394.125059][T13738] vfs_get_tree+0x8e/0x300 [ 394.129466][T13738] do_mount+0x142e/0x1cf0 [ 394.133791][T13738] ? copy_mount_string+0x40/0x40 [ 394.138720][T13738] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.144943][T13738] ? _copy_from_user+0x12c/0x1a0 [ 394.149891][T13738] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.156117][T13738] ? copy_mount_options+0x2e8/0x3f0 [ 394.161302][T13738] ksys_mount+0xdb/0x150 [ 394.165538][T13738] __x64_sys_mount+0xbe/0x150 [ 394.170292][T13738] do_syscall_64+0xfa/0x760 [ 394.174780][T13738] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 394.181257][T13738] RIP: 0033:0x459a59 [ 394.185135][T13738] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 394.204719][T13738] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 394.213112][T13738] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 394.221065][T13738] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 394.229026][T13738] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 394.237417][T13738] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 394.245374][T13738] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 394.255893][ T1530] block nbd3: Receive control failed (result -22) [ 394.274764][T13739] block nbd3: shutting down sockets 05:01:49 executing program 1 (fault-call:3 fault-nth:57): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 394.354094][ T1530] block nbd2: Receive control failed (result -22) [ 394.362168][T13744] block nbd2: shutting down sockets [ 394.508025][T13750] FAULT_INJECTION: forcing a failure. [ 394.508025][T13750] name failslab, interval 1, probability 0, space 0, times 0 [ 394.520825][T13750] CPU: 1 PID: 13750 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 394.529850][T13750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.540434][T13750] Call Trace: [ 394.543738][T13750] dump_stack+0x172/0x1f0 [ 394.548085][T13750] should_fail.cold+0xa/0x15 [ 394.552702][T13750] ? fault_create_debugfs_attr+0x180/0x180 [ 394.558520][T13750] ? ___might_sleep+0x163/0x2c0 [ 394.563390][T13750] __should_failslab+0x121/0x190 [ 394.568324][T13750] should_failslab+0x9/0x14 [ 394.572808][T13750] kmem_cache_alloc_trace+0x2d3/0x790 [ 394.578174][T13750] __memcg_init_list_lru_node+0x8a/0x1e0 [ 394.583805][T13750] __list_lru_init+0x3fe/0x710 [ 394.588569][T13750] alloc_super+0x7f7/0x910 [ 394.592980][T13750] sget+0x117/0x560 [ 394.596784][T13750] ? get_anon_bdev+0xc0/0xc0 [ 394.601357][T13750] ? ovl_show_options+0x550/0x550 [ 394.606376][T13750] mount_nodev+0x31/0x110 [ 394.610703][T13750] ovl_mount+0x2d/0x40 [ 394.614753][T13750] ? ovl_own_xattr_set+0x10/0x10 [ 394.619760][T13750] legacy_get_tree+0x108/0x220 [ 394.624529][T13750] vfs_get_tree+0x8e/0x300 [ 394.628955][T13750] do_mount+0x142e/0x1cf0 [ 394.633281][T13750] ? copy_mount_string+0x40/0x40 [ 394.638215][T13750] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.644705][T13750] ? copy_mount_options+0x2e8/0x3f0 [ 394.649897][T13750] ksys_mount+0xdb/0x150 [ 394.654136][T13750] __x64_sys_mount+0xbe/0x150 [ 394.659067][T13750] do_syscall_64+0xfa/0x760 [ 394.663568][T13750] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 394.669462][T13750] RIP: 0033:0x459a59 [ 394.673355][T13750] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 394.693485][T13750] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 394.701925][T13750] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 394.709992][T13750] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 394.717954][T13750] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 394.726300][T13750] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 394.734279][T13750] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:51 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:51 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x48, r7, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x48}}, 0x0) sendmsg$IPVS_CMD_NEW_SERVICE(r5, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1008004}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)={0xc8, r7, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x8dbf}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x10000}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x14}, @IPVS_SVC_ATTR_AF={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xd6}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x20000801}, 0x4004840) [ 396.190917][ T9110] block nbd3: Receive control failed (result -22) [ 396.190923][ T1530] block nbd3: Receive control failed (result -22) [ 396.208419][T13755] netlink: 'syz-executor.3': attribute type 1 has an invalid length. [ 396.219300][T13754] block nbd3: shutting down sockets 05:01:51 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0", 0x98}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:51 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x84080) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SIOCAX25GETINFOOLD(r5, 0x89e9, &(0x7f0000000000)) mmap$xdp(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x4020814, r1, 0x80000000) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r6 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') r11 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x6f8372b2e4af6335, 0x0) ioctl$NBD_SET_BLKSIZE(r11, 0xab01, 0xff) sendmsg$IPVS_CMD_NEW_SERVICE(r9, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x48, r10, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x48}}, 0x0) sendmsg$IPVS_CMD_GET_DAEMON(r8, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1400300}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)=ANY=[@ANYBLOB="84000000", @ANYRESHEX=0x0, @ANYBLOB="000229bd7000fedbdf250b0000000c00020008000400ffffdfff5c00020008000b0002000000080008007b04ca73898e7d2f88faffffff14000100fe880000000000000000000000000001140001007f00000100000000000000000000000008000e004e220000080002004e23000008000400874d0000080009000100000008000600040000003ce84ba1e3ddbd920696d8c3e5f40bf80ca1265c2c8fac222bc1cc44b769ffcd250f492749fde08a3fba9e03dda9756d3eb0a101297d148a106bc7e17b6ce04bb5ead88224dd08ba417a18d697509dfa35642c75ea5ab97670cbd0bce53adfb234410a53b33eee84ef941716cc79e11d2ba849e8745a9c7b4047387d93dee0ebe68deb654ef7f2bd9d461901538f23d28718c233fcd5610b9598a9"], 0x3}, 0x1, 0x0, 0x0, 0x4000000}, 0x40000) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_DO_IT(r6, 0xab03) [ 396.363327][T13761] block nbd2: shutting down sockets 05:01:51 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c6", 0x51}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:51 executing program 1 (fault-call:3 fault-nth:58): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:51 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$KVM_SET_DEVICE_ATTR(r5, 0x4018aee1, &(0x7f0000000040)={0x0, 0x100, 0x8}) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:51 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000001440)='/dev/nbd#\x00', 0x0, 0xb1000) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer2\x00', 0x0, 0x0) setsockopt$bt_hci_HCI_FILTER(r3, 0x0, 0x2, &(0x7f0000000180)={0x7, 0x1, 0x8, 0x8}, 0x10) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x4400, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000001200)='/dev/vga_arbiter\x00', 0x4ae0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000001340)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000001300)={0xffffffffffffffff}, 0x17, 0x8}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r6, &(0x7f0000001380)={0xb, 0x10, 0xfa00, {&(0x7f0000001240), r9}}, 0x18) r10 = dup(r5) read$FUSE(r10, &(0x7f0000000200), 0x1000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$sock_SIOCSIFBR(r12, 0x8941, &(0x7f0000000040)=@get={0x1, &(0x7f00000000c0)=""/103, 0x2}) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:51 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) stat(&(0x7f00000037c0)='./file0\x00', &(0x7f0000003800)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$exfat(&(0x7f00000000c0)='exfat\x00', &(0x7f0000000100)='./file0\x00', 0x3, 0xa, &(0x7f00000036c0)=[{&(0x7f0000000140)="2bd1eabcaa9a599690c61fd36e707bdeabf76fee9bdfe5979dc0e6dfc60abc678ee3594e06777139f40fe30dc379161c84436008e3a03de68fe8841d074a7d3a3ed9479f1d159dd3786ce9f8645acd9a4847e8d8d3cc30c377c85cb00bb6e1b741155f181562470e7d7b908470bcc942972d5836f525dc7b8ba39850cbe2b0393afef87eed69be671df412646a8870db9f0ef4b83aa57acde9eb840116de22e99fb0c59ce7b85e927f904f8832e3b80b70999ea50d432018aaaddb72e2cc0d74ecd333b6950674be83df5f3f1a07b8fd85d4c669fc373ac4f0a03a4661252b1b3e86f9801100f01cf484", 0xea, 0x8000}, {&(0x7f0000000240)="a49d630df5f94167a3a45858badf876330c63c9d8fd56220515489078b30de447066a1b06a6d29f12ed1b4574491fb8719b7323ead3b2e786a8a4a6744887f4353e2289c03b69da0f35acaba6a1dc0033b12eea1063542b098739ef25e69afae467cfa6e182f31b356137c1ad247a26f1a2be49c8daaecbf04490d1f461f7e4a4b56b1fb0d733cb49cbbb7939df49fe608a6f1f70ab95c11c3c1ed77ffa04d88b4f13851bab594179d5244b8a68a0b6eac724ff070cd9f6b50604a06cfbbfa909517040c5b28d27c1dd61453bc557dba60d8335d83769019576e11be0b646443d29aa23a3a668d38a7673489c33e4e3cb392b9ff96a90063ce1711c3e6ffa6dcfca984c0042e88ef22ea0e43cc236186e7f02c8132d7b54cb4441888e933fa54185f72a3709ca64a04ed8b37599e6b8e6009d07f01be23903080adf43de0397fd5d5abeb1adfd83664fbfccd023def45faf9537f1cde590a2279ac46f47c5cb9ed46f1fd3e5c658757f306881d2f546c58e0d590fedf4e0422c68e5bc6c9b6910af9107b394e91cc850e0675ae2978cd51c2c8eaef1d57497716d2d318e154a8caa9e3d886f33d79190e3f28b5d9e8eda6c98f0bca279e8d7cf71fdf00ed72e44278a2136838294f7606410247e51b12a5f75f1389d6b857edda9f57eae9aeb3af85b4afe8270fe0e43a1e4af9095ce3313c5809572f79f1a230d81028d1320777590d86e8812e017aac39fa6296c542c4b5081740947d112206a31ab365c107942b10442cdfb3282f80518d75bc66b0e91fd330264ffbe5650ca589bd2e65d58a9844956fa2f86af255acc932c3d9b990d6c5c7df9ebd6e11d9f45800257393e35d0648785d46fcaf7bd166257ce08d7f29e480d3a17cb6dce0fb91b9fb73c5d2fa9140fd28d07dd6d61ed2edc251cf493c38beb768c6fb56cf754afd2d6cccaf7a5fcba18dbd4aa442d03cf1d8e48fbab94aea0dc9a3d5edb7009d9164882f69a038a83bfbdbf4a0f812f126a35d8d0f261530bd54f72e9883268721c630676956f26c87c68a5512a46d3d4b8ad0b65aa17dbf694538d3a2d2b11eeb469210d5698e13beec471744e6e87f9a3440df79c74a7d5487ec7e61c5b308b65d265a5ac9c1633f12119be737595f6f311f21dfc78994bbbcf80a96403f5df1da00394b8c590e97b488a24d999569c70c6a19684497da3e6f06c681031892c8d9a0d6631597c9f5688edf59201dc07b62ac5b830fdf39202daafa40c803bb9a20d0f8ecf2cc541c79ec81a3671854302489d4cea37993fe20b900fd83cb5bb2264127a4f428529e909e2bf6529c7888ec7366c502f97baafa97e0c35088c5b94e91d1d6acb689467350fbc9f3401dcce6d0e00f3f3037878900fdbb2e54d9bbdc34688720a14f7e4e207d3c9ff8d5b09a93822a3141e28ade10026be578851e9f329a5f3e7903b2a7bf52e1e1fa66f8d33438da6475583a5d79c30f63c6e96c0d1882571cdab2b67ed76285a2c7faeed16fcc51b9dc4b3af869fe75878e43491ee5cfa7947771bbcb9ddd45b58b39674dbd3175a396b13d11a62ad225a9be3bf913e17275ca805b6d718073bafe7b298e1c648b6b2cd75e737ab1e5fc3ad0263d69408794530b19d355d97a9155797701d1ba18bf23f3a4185f518d49f0d58395fa146c1239e935f78aab56aa4cfe1f8ce0d2fe6abb07f15cfeb005ebab9d9efc8056c4cb4b72d9f0f7475b95b7ae4199db11fbba2c892ac3292cdcc484f9193faba3dba17f2e5f5807d7d4da01419b0cac7da5bfde59b7454a774cb2eaf6021d6642fc89fde26f4828b4443c216a5e032fed53aa2886cc557dac09e27e8ccb80029dd9120cb05316521abb2154ec8cca9a27a96d4d9807adac70e6ab2ae9c11e38d92244266411c54d7ca3e3c5dacd19d43f712553e0b7f49e3fb0f6d47680f95e939a03b6559d8528eb11bba444f37bd88da8bcf31f0848ebd24626c3b4d850e9762d4ccf6cea6f0e61e83f5caa01465e480810280ec812deec1abaee4653783a1c4672cebaa82cbbacea23b3b7e1edae625803ed77593bbe0caf6f3d15d8bf6243e89534b170803c57d022ac26ff4a570466a3056c9f84ea370f5f5052cf1292c703c80f49031645cd94f419b41ea2137a4754347e4f1958045aa036b468dc345171cd127de9557140c9e92b72e376832c45f604a8dd0728ec05cc01dbb8efd406990a336ef91d5146a04aff4a739c6112dd094a943a54130e4910fa0fc9c13221474abccce6282ae90fdf80db8454a0620b6426b04221c8b9611c68e47900b4347dea28058776468020aa5dcc4ab43239f7105bf1b31648374ed7a411510bfe30aa826fa99ddfab70750d21b186481c3a2f0a970a64546d84e97782a6c8e71606dc8082e4d965ef23a1a6f3569411a9afc0dc230ccc4f578ed293e2eeb1f5cf20d8238448e4cabc31c6adeb66a4f424edaf146d9224ea3121540af3d363688bdf99b9af1e3ff55d65c964d9c853a0ccaa8727bcb3626267d21784c99c4a18b7808d803e6a75dac5afafa79f554048af32bb2dd504d9e705762c7586c96e64cd48f89068de98d44e8481bd7b43749301d0c0c6935e32234a2d0b2444198a1e403cb45c38aaec412be8e94a51951c753fd7e126a37311319f779bf9d683f8eb979dec084795f86bd60cf58386c7e7a9ee07dfa571f55b042250629e37294c4d510b4c04c0af0705300459a3c431dbec33a79df71a7757494f911c9ff7e2d0be213f7f556ea9d0b2d11167ae5150bf9d26872b2f6039d978a59f1a751c734ff2a444b37731c091f43a684976d7d56a8a8278dccb428c91d09d02588961c4b68d6a523a7f815801334c1960b0b5f519c2b193efc1c877301ee17820b8aa2c408dbd131c55e164e01d0f52f6ca3cab8af87b10847af898a533e6741fecbd7715a38b97c8efdf4584153ed698d89b8514c66833ebfdfc0862830c5de3d20f4a55075a0598cf0f977577f1de2225d962bc9e998791e8da87c3454686891fffba7250c6b1a5f4a38dc983716960c76cbafa7b17dc93f0b1249d2158dcd9f65e3eb7bbaf881112146b12ac4bc29b62e9aac5ae602f159698fb031b147a1454b38df20e0e7bf25ac3019f82325e719d7a7b3770212ca3a506b1cb986b332dd093cb5174d1a3725435e8af20f8c54a77426728822c9c540e68e4d7d92c8940ed8829e168bb2dfa4c75df6b3c4112107a3be80cd2c89a5cd289e6ad6fb83591e3577ddc30c98d1372a6a2dd2042831e130e3e3ee93d7def3f62aeb437abe1e6d9b9eea05918543308c3dc626165ac220a53626b39913bac3581032fb53793e18bacffee9fa601ed9b1b3cfec0e8d5c1bc9b62eb22b1e22c548371fadd4a0963ebc2237b731e2607cf52506188f4f52d28744002228282de7af87c74cff99edee790da1ec7c40f6dfcce49f9eba5d9995439d3d1b88c704ea571468e5dda57e7df7b74c905ea148b4e40843c2e04fdc466eacf0331e6efa196ced5323ff9ce5847207366ce0d0d35ea3bfe1ca1a460b7b3977a753f7cb049e34990edd2715a6482a08eb57a8e78a115bd70ea08de852c041f6415140f592515c3cc29bbce5db2075d0ba62e1247f0cb7b5a987e801fe4e334171a02b8f5bd74ab801a82c05cf93b875e31e32df0f42100f3a2efa0f458bdae237823d2f520769454adff64be3684cf09efd68bcbba2d8e83377bcf98439681c6c29f3396c3b5124c5be038088d6be9dbf0a835ce380eb9648f092f40d49f974c1cf783a3a0ff67f88348fd14e2eb9f89e38eb94a72bdbf7d92b3a592777a6da4a187fbb00c6a0531cc054889aca99f8fda2cbd243f5e3de6bd803bfc7cc1423712628c7bfd66d503c982b48d1cc4205c20cae38be345239758a4a95a95c4011bef7daaa1fee70fd820757e7e5716f24e3624c88ec35e4e5c3d39950cbc4e2d663d16a9a40f3910c18bff82f2d9df921272238f02b3e917634f5b1a3ffa2d82947cc85bb5edf67c47f304b2aef077ae858beca62a49f25d5ba112480bd43ba3afe05d7f82fe5d06d7cdce78e0e2e0e78f8b3450cc4295550090ee127438716cdbdcb770e89e44133bf2f0b0607b9b145df68b2d47086a58f06c9d63561c9baa28c52d26250e9abc6d9b3aeb151a8d8d37a6354bb6ab64dcca5ae8f41f1f354d0bc374c96580f3c1ef32c946871e237a5b444788e84b28a703f1b5db0946470c8ab18c0fea79c3d037c307899ee83ee5bdaa3188934b50b6378cbe78e2b59104227fa34cc106dcc2976752438841269f20e2b38c189ecd3009c4c54f18d291e9c407c294173334a5ddb917907ceb38c2f66b272b34f24fbe4def90fc4759c3af96445913319882be4aa2492a72871ba0e9628ad691a029f599e89865696287f124c5079df00e93834b2e126dac8d74ca582a6ed62097bccdf1dfab54a5e50244fca49b8d75e205627ebb5e4cc47c957d130aeeff60b31a9eacba730f9544b0b22e5fae81ebbcb4eb72722cfa5c92a4f9dc0bf31e1a460e8e5e5d3c2f43d3c9b1065a782b6b2c40b889cabfa62aa3ee3e3de14f4083930f77f96a02618a1d9fe93cfb78dd4c9e5e7402e429bd68753023fc33e75b47f832275f41f2485d3e7f8b01b52ed42993b3493a7f89d35ace551be7b138eebe7fc659544a0de4ba02aecb41a7dd639982a3fefd0e0c4ffbc17220c4f1c5e6d475711b635df5130c3e2d6fd458f8a2299bc85388d0a41d190b7920cf6027e4f777bb1a17ef4ca3bf3788368f660d2bd578af01150e6716bc7f54d627488d95604f5cefc084c31e29fbbada076ed312e55aa87d59f0619e2d847814b620339e415efa68b1dad59e46f2ff29f9db66a4ed572f6191b06c21000df3353d1b06d9cbde19108c85ba37ce983554da398b761d774de55b2dd51d1223ba593d3aaa456d0182404978dd34df9c0fca1bf55137dfc8a74a69e91b62dd2531fce0c829bfe6b7f64ee1a04780da042058e92a590c69e2b4a0c39a2c0862eacbb6323601e5808d6f7ea32374a8f2901b60de5c7a9e6eb241b58c1e919403dd7d0a0f8930c6aec129a7efb2ea169543cdfcd25100af5f9846a8df6ae694fc4b23eb1a05e18cee795200df474886d3ab0f9c9f73ade9ebd43952816a32d4e5e5d7a81943f325caa2a9b8c5db5d7fe94e6918ddeadda4c995f43aa9d814400a61bdb0462e9a07053418f56de9eda8f7f1340e580f346536c41d450bfb0448256292e88c83b2f744164dc94a2915d68388fe17fb44b8f6e75e61643e9ef267c542628e7e4910ab0dd9453ec507817a021467b7fdd8c82028736301fba8c4a2b0741922d40af4b2ebf9665304dcf9b0a78dd7605c8f49147b9aa268c00d9aa4127ffefc63dd487453787013fdffc96fdb2b9cd211ab626d12c046f84962ca9f4ce0cf59412e9dfe327d2a3a1f8e7f1bb2a2c7b90688677c640c352c8b196f528bc567ca2fb9ac48a792c0a5ead1b344d27bd624a148da0b1fa1c38d80691aa35428c6f74dd8616c68b12d8e9d8f4eecd794b11850f7a68ca86ea1a6c7d22a59415b6e2e09a2d0b21a3ab157979feb217e38d192093ed1c3a3cd88a0c5110607b37012046e7ff42bdcf1de3535589fc47fae99224f99af8770f41862d7b140d255d75e266088da1946444e21e901bd1c627f1d69fd515cf506b6579e2f26a5afff7b281ed831760a7f23dc15dcd1460b94af9e13fe3aaee1091a5af80471fef9bd9ac3147b626814f295aa2eee7b45683d48d3d936ee5366eba05dcb41d21ddc939684d90cbbf1cf6e", 0x1000, 0x1}, {&(0x7f0000001240)="3c5baaea4e92667cc6d9c893243af15d40e39fa8822f474d345a5b16cdd3994a57ab1e50f588c5162a5c32834016da162f9e31095ba22d5a988e1f66b0f4110c337088a553c877cf1eaa66baac2e2352ca549ec1a280bd554dd2169158b1e8bf9c0f57407f0a52304b60e390c27e33e76ca123eb98ebcabf3df5cd68e70e98d9b2c30db2771b68e0ff1644609f672d84aa5657b26542bf792a19adde3e34302920bff03c113e2da3af", 0xa9, 0x5}, {&(0x7f0000001300)="7e1f3064989759612a1eacc4871ccf9ca03389802e0c96adce9c69e811e0196b6d27982a96b032f3f856e3a4221a478182bcb1be593459507354fae8cde0e20aab9fd65222469a614031df23d3c24d20f0fb4d82b2d5dc1a42d296fc3835c8471e557e7ff5434551752d2ccd701eeb98ea1744fb37cb44c3e8d7c31b246778acc956a7812d3efc188e9a702f830a86b541cb7042b4bd0f3f1adf8668c97b935eec02c9c9d3f1c6a94d48e586482c4ad6f4920ea54909fd216283ffa2aac804748503d987fa2b52", 0xc7, 0x8000}, {&(0x7f0000001400)="6343c6c53472", 0x6, 0x2}, {&(0x7f0000001440)="02b2ed0178ba5a8ad888d1912da4e2efee5404195b6fa7aa0ccf67e7cbbf74b0688d71848fedfadfe1f147de60921697e51ebfff4fb23aa26a5afc2fb2bf72d68e24830db238f8002337729eacd29e40b0a499190749e7c44637a2e710b9bb5562ec9d59e1e31146334e9f95c176e3ea8afd458ac909d3a37f3ba01797d00e4a78714c9b181a25b329e05b3d1ee872ce7e405cf7bd697dbaa4254f6bd025313f6e17a932ad2cc05ea0e037599306b1976ad0b6f49c2fde7081a4e8b9ec66b102a0e6194bc6a47dfea58d7ed41b6ff78f60", 0xd1, 0x401}, {&(0x7f0000001540)="8c8216dc09c139898ab9933a90d59157317cbd9acc7644125c1fa353ce10bf427c56f58f46e43c8cf2a4944c226861cc8f7881673342e30ee65d8a1d0d2202a8a67bf8e7501113401f59b71c122767621d3afe5c182699282a80dcd06c0531123ca7c2f05495cbcd8b61233b4a", 0x6d, 0x4}, {&(0x7f00000015c0)="a7816e68d6461a65af1469033788e30d71066d344ef070baaf2a83bf62bc94eef7f0868c0d5c4a1df45074d7fdda14b970e02b517b64bb2da26afde066bfc45c572b191512802499483149d6aef8a606f953e8eaae8490e7002dec971da54f74484b86f09a66e46b85f4b7f1538c537cd39279757b55caef52240be2e41a990f39744fc1d61599485652dbbfcf506a18a72c57a843253816e25ba28ae3b9afe44d27add274a2fd8e725c1a5440083fd9bf33eef0dcb2c725810c0dd8d017c62512506bf2cebd14d700df77a1e76ffee931aed641fae82754f0fee8abf6ef607f307d5be934b2685d651b2489c4a139a007e02a0dad2d5a64ca98572bd547ad8f53ca58d130ce27e86fbc1d578b97754aeba9335b6a4f0075ef889c3a95652dc6fc605b724daa601864bcf9eba72d7c099f5f7ef8119d4a45fcd641bbb55e6c2b5156ffeb51cb17f6d00cc4fa0f187f3632e6509c23c5b91d9a6b69bc755bca4547a9f78104b5ce77ac46658f7f2d5f0acaab3824497b4af6b2b8435786150236665e8fbe00445f9d92d160abfa7ceaa859b2e59c5cef2fbefb7f3236fdee39dde6266db49f008fb5d08680f1f6b3dfe023bb3f560521cebded133c51add30ff1702903a5e579e2a59602b0f592bc7e7827b336853e946291d6a66cf67602def67991d3a6fb91d53fb02a6c752e0ccc6a406a06e5a3c8edf932f6735605813b06164cf3872c518129748adbd481cad7f4748f564b75c51a4950d189accf0cfea98dcfb719b9f46c0e98f23043b58e4c7ed710a07bcc05c6723fcb1e1726a68a942f3888a879ee6eb74a2ee97d63774fc0c01c248a4d7406611c3e365bec0c3327b7a04e26e33e2a6831036fa14559683c4cb4de4671756f7ea22f06c74c141c56fa5138468193983f46268f40319acf721792b00b23bb7202088fb2c66bbed842d472c8f81d818877f04556e12fa4f53230ce101b382fe88fe3bd1e9d964528282caaabd9bde98d54b2a40490dd014fe284e99f7ffbaf6834caa1e595102bcbb7ec77740c9ad7ddb8e4b1653c47e11b8523d03a17cc34a8b89a52b44f2fddf01992ed3c7a88a1575f554c4bb35f455afb39053ccf39f47603358163abec48efe944df8224088a9d1b29c873701ccef62f576310b202e0485d0c819d2733160d7dfb32f9d52d35632c8d6355e3b8604691745a4536d6d4523950a159bec51107a28a19ee5459745d761d3995c2f362571fd0eafcb875e3b31af1cd3e0406721f659ca7272cf0d18dd33a9c1baef5c81dbcb6784949e3cbd8951587e2459e9dc520c9167e01d63ab1420ecc89c2deeaf50a28240febbdd69e23e35a01cb3df9e93cdc285014d107a795d6494d9dcbf650f2d364cef55507e03f0df5fb8ba5e037b64114a89fc45a4dfb062a4de011fad4246ad214d1fbc996d93817e8632b80be02ab9085d9175bea793f1b43aa030fbe14d5d144419c575e4473929ef9866e37ca253daa22491b9a0d06e677f6676ac0179d7a64c0b96a1c73c196bee973fac56fc12a090b44d720f98779f6cb34ff804ee702189c9d1a2e952301ba5b64f4665cdd68e1728757fdc7c32b76da889c067b32e164641a74beae47a6e665cef20be4ee8804b5ace2f14b0c2211f49253f0f6753c22f431b743cc9f59b341547f5c4df43e21c337518223c3fe0546bdee5d863deda1cb76dd9bce80452876cf1211acab774bf229e83fd02752fb4724a63635f1ba6ec18941854ac4dd1199b2e84c4b430baa4f89ed4626669d362c2574534e48f11fcc5b365c558ab8f0b89fe93ca89732ca31528441861e8ef8170721b3efd1bcacbe0900ebcd365db9daf02b37ebbe81ab012b29ab11e978227cfad651bbb4c4bda5d2b15064aeeb7c87223322ac8e1287fe979623002527d306ca8e80e940fc42d540ec90bb4c3cc926a92519123b237ca03df57a84e26eb419a0bfefa0611a381b67fe5a324827d6622378864a5bb4056deeb88fe877bb160233c5226348fe3b0696f53ffecdaa49440aa0d0ec296f12502994e3d130f43c6ca19a11d1a83975f7978a8ad2c41cbdca58c490e89f2c42fa40d353b90716071cd82731e297a82fc0d6dd02309d655702b9430bd2dd19e65f931614c0e6e08b0661cfa403c38d558d1a61835cad49e2d5caea951c65c7f2f6070c796b22147bcfa294f465cca71e8807f1a825e1205a3611f15e8f1721d07ec5b195c11684fb85d0401e0b4f8c7600090b69b807e403c75c328c92cf5d6381ff1fac578efbcc8d82f6588c7ea3e383c82e6f5c170d8bfe8689902c7ac5d559312a65cfd68fe7cd356839efe4806519f79c39ee1680683a87d78a14de0b3d8137010b6119c01d3ecce38f23c5bf74bfd80b2b517e35a489fcf935e48e510a7fdeb7eec777c3757e438beeb8ee410bb06b572a06d2ea4fa16007f7ef3989acfc4e94514efd3bf745665e40c3ca04905d6ffe819b60ee7bd60ee40c206b9b5edca3c7290f53ae59ea56aa3a810f000d1816d7e3b4199a21e086be1d9942e5508cdf9c84465bb28f9fc32771d20a079268d3a3dbf9b04b8b4ae1b440a0dc1899487146c1cf77dd677edc47274f4986e35abf4afb5a9e271dad6d1d8b6217fadcffee5032d0553d11293bb081d583ef29beb85c75370f7eb36b77be9eefbf49d436080ab58eeb1024921f397861e82684df5a1cf79c2d8f6ad7f86d53f77090819142a3ae226638fc6211d8933fd99bb10f338865b94d95483f71ee8f1e364dbe0c55fc0b5179513c6f187de276e0d0274a6c6e723a0441ea1fa35d9e2adb6ae249a5e5db0c748704f06050a7580a72a513fba9c79976d39d1abdeda89b77d0717f15fee6f85677f0af9c3047541ea6a1f4d1e3c6f6b99cf3648a269663f0215136adf9a913a85607c37b9890c5d2b7dce8176a6f4963187de764541010fe4c02d23c275ce20fb76764711396d7480bd9702574775f34cfdf21c2e819046930e67770d40ae23a2a2e7f7d12204fef6c88f66171ade0193813db14d1cde79c76e630cb31c7984b8b4d56ff6b236b97ddd2db27b02f96af454635837dc99083b9a44990f0dd0e2028153b171779a384e6908b9dac5bb50769ff59959d6b639c3d1db12fdfdff4b51923ca35c97b0ec119d0873ac558235e0450c2f8a8a95c3cb62a5874d13e48caeb0e2088dc4c82aa4184dae6dfd3f18cddc28bc8eb65856447f3dc14060be15a93116afe4d116e5bec8f4a8a4150652efb01eda8d114d5a6292680acc0aa3eba2f1a37ef79de84a5fcd2bc8ed7ff7cfef8f767cb7287c94f7eb42b7c68b86c855b5ee446a417da158fa971d1bec3bdd08b8e76487d330173a6e87c374f83ca0e8eb935cbfd6a28057648fc4e5388247c5c0ab43e9aab633440f96793e6b80893a8d8d60385a3d7ee2edebad4a72b78e3d7d52f0a3f0bff8331254322e980a77316c4237cabcd1216661364948c4b7c363ed68258a379919d60e67fdbcf7cb1f319933b091672ee52c6fcd50da416ef7268849a88d4b93a579650d992f053433483976ffc710a9283c09584756c6e6bd835c2078ddcd4bc122cd2c67e95023a2a8940d3645b2a3e21155726647ac05876a2d383598e6b47bb1af9e4469692cab66b6a196a8b47f5a5cd7492ef1efaaf7fa44ebe948da3baef884677a269e4740302e858b873cb923cf492afd544022e4022751cd1ef408eaa870ebe70b8b61934c13b2aa690d152a7159bb95ffe463c6601f2445c62605a4a56adf6f6f767317a8320854cce5f7e1a112811d1032f1c2110903c2b1496a223f0011ae1308a3b304a3b4742a117540b5ca14bb79949b5765338870c96b03643fddd83389f6e86a664be539579f268fe255747f188af95ea06f5a70cd6fe0f6538f7c807d53d627ac0bf8305ac4050182971778ac18603887ab81bedc5018e4b28092675537a8f94ed70da1e077f58a3a3b77073da4b0aa42ae2d571d0bfc67b3ec68606436e7571996c094cd49c2c618ca234aa9fb9f0cf062d63c214e784abd026e9642d67c59a8ec4d79ae0104dfc73622d57765b7151c58eb1431df82fda2fd0a6b6e0255cc2528d7369e35d9c7b39d19900c11de51535aee4fcbb66777bcd95487a0a3c006b8138e2bd3be706571c133bcef674652972ebebf7d498aefdce3ca4798a70b57780f4d7e142efab32cd62d3d8a4ee5bc6bec084c475a28afbf3d9d99a3a6357433089048476bfb5ad8cf92cd7c0c3ebe3b118fcee41dd27a9f88deb2ea991423ec2ddf92cb0adec3d43f2cb6f324e203a4fefc9c311acc4813d6d94610a68fa194d9e35c6bbd818f55f8c9db3c1cfb0cd6b70c97e98981db98923923fef8b3e233765ecece3bf118d7714d42b1d32e1def533f5dd050ff4c2b1653424fde2ed7466762ad4cda76a4440549b55d2993ffa5d9552b36e9d2379cf3ae1c25ab086fa9199f30c6d5c1a453156352176389cfe95d5e601d42a19b7741e182f928bd4517f4e196f44b10b45ef60846674b9bba5ba3fcd7061f5d68e9d94b5a5b26b776812caa35ec367d4a38f7e12e97bb9b0d7ed9cc6c622d19932408cd28b8fbe221c01e9671496c74a9f97ad38d7e177ca593575e566e5d10a0c5b82f0243ef13e6f033665cb4ebff738d1095fef5dc6b252cfff090dc253d1dd3f5ed4fcf96e7e6b7596326ada66b7212289242daabfdf4d52d4aacc76f21b15d3e3c43c214776158cbf06427101964311d1141aee85754519de72c2eaf2244a843f1ca96880aca29d7939a11e56271e3429f0f6aa006b682c8164efd65bf3924e67caeed0612e2d6a38b45a33c741c7313fadbb0d6454b0dc670ac3cb34d7590bb75c788feca9366a9e22ba9e018ca55aa8c8b7e8835adb7ee2112d57c85cdb6bd8c4b1cd3a54496a92daad80aff24af1caec2b0123bc3df6c30ec157f24104733634f20ed77c03646105a924be4dd304da8c93a975d357cae6e5237a0e431834df274313e1e34c911833214eeb28261f9651e698a41ab15bee2e3a63fdbcc6757682ea5f123d3247a6e04bfc6e859f40123779ea54343d2bf95ba80d6561abfafb245e91020310d75658208b2ca0a80fffba84000d2a272e88ae471f98aa8ed0fdffbdab31c33823120b2370d730673d4fae4ff888bafc92673c4b4ee2d7658bc98bfb5fa51ab80762481fc8ef50521eeb1a8bbe812f999e33b64cf25181cbeac37e9d464c888c16c853ee82ddc24f6de0e279ab71cb9f6a5f7c28ca93c43e0b8ecdc69ad6f7c152a9b7ded4c20c9d30072e974b0d34b1dfbc45494ba329c185d28d46dc871e4ed6ead07c1d7138725aa957aa2baad612d84b63dad43d76c1f21d091f1f7ec653a6e45529d486543378b9459cfdce879d8c5f889416257ac6bbd53c0351100c2d7cff4df1a138a04c44875ffda30fea2bcf0e6c021d96a0c62c129ec6380c703626930ef26f5704f95933d205d65c5b3985bcbd3ef19638fb2bff24f9753f7d2e5d9354fc0617d17b972fec5d835e8492372c20cd7642b470c6124ca8bd76f32f93c4d216b10503faeeb0f735bb3ef36d8db12fbe11e4042335e3283cd33496bb59a476274d8994939cfede6d22bc92a16a888b3de1a728468f8a8a4af958136918a3019a7ef1b1f967fc8478c7063f2443b6998d39c7545a04fbf5fef87a3b9fea931679118c6b5a00338d9aaa3037fab5e1ad9bb1f5ca442ab722e697d4e040b0fb0601dc61e3d06abad4f2a27a594536b711acf13162c00b3c6b13d75118f12f670c0843086f6b91a7013d270e4d03f08ac0a4e4e23d", 0x1000, 0x4d1}, {&(0x7f00000025c0)="d5b890c16a6aa5a0b8a6483c0c643b1c0bb78801b36f39d88176e5e7b9a8ed51b8dd0b291abc58927ce5bc9e90f0d81c8ccdb8f9c3de47f11a1a4b70c191cc3817781d3bfce2f482fd8b36fcf2b31f29ef6cdf7c13b1fef5130e8837be4fcac3e5d2bbeab18c1423f067294afe5bc44407eb96c0f81764919cbc8a9ee6f4b5b475acfc14110e66963ed982d3b455a5d054ee4f7d56573dc2f3f7e31de2be46878bd5617c8a1973461f87b47f2813d9d2a0e009ca9357551d7fd0d4e633bc4dc309cf3079734438240c31cd5863734aa02d23d095a19fee5f38816fc89a3baceeee96e66efece93c73ad3b6200b03f8ae75b058ac6ccaf43e1eedddc5455d24edc007de151d5598bdd923a518ab32eb9aefb08dce382c5cc2aad8c6c6035f0b1f72348c0f55e6e7f21e1e73b46e57354cd94df430a4e0782ece7f37cdabbd6cd7697e6ff09a1023cf5117bd5b5bec60daa51a96b3dcc30e0721c4c4436c28d9b337e1dc37800c0a31c818e5e493f7d5878123c45123adb81347e9dd68c72cb9589803f2ad9274af947dfa40e823792ce2d443233ec982d578e2e696f8c6e3e869a36ba055815046edb928b222114f4cf8b64ae74681ad4f566f5c5be816e36d7d49c82e925e27f453fcecf39078d527d64f47b0d7a2bad4c2ae572b266bcc8ceea2c8a1c2479a07eae4b0487507be7f62877bcfadc359d28fbd38cc305caaed8bc5eec2e417c7ca28cbb9980efd4013069b5cb8d3e0617f4fe0c0bb7af9ece3e7a0f18ceeb1099717979c7a40204896c3311e26bd7115f2245d32f5c5cd5f879c59e290fda00f721f2f0ca7451baeaef7980e63512daf929c49bfedde6eab79359335dc001e8264c6ae6901d0a8a845e56ac0e28fa6b9e58ca8aeff9e8d80498d658d4ddf0e7c3f34f904876e599f49452651fdb68cd966c9aec96a0179efb2445bf17f1f20be04d20419e288ace60dd7d682e7b3077f4659fc42607072db1331ca713599d395d03fbe99a65943db287469df8926aac3b89010868bd9852e899d834b5cc2e60850129c312adf7b109de1ddf145f719845dfae2c8ce2a344d460b38e9f85ac737a0f21671b8f544357d8e6cceb9553b6de549f8a09fcccb4a041cd5ccd52c1819868c81ad181eee448d100a71872d8ea068cf980664157ccc378459178d258b04dd2cf8145300c8c50dfc4cb18efdc8954e900d0dd2eca3409c6efe762380a7c66d6cbfefd899105a4668e52003142d7b440e9e74300430b3c8b819f6cf38768eac03aa1c636df5c2cd22db5abdf1c086aa0eb431d1322cc577b3c4954198c6afa9b7e16c25c6eedaca575ef1a55be32ec52697c85c4fb1869944b9b2b968bf12b10e72e127f368476394558fc359468ba917299c016d86fc33c1785c8d1c9a5958368a506fae53b2115ee0a68a2544bb8133f8322af1c3647a404c7d47c6486072172394ebdf7a8046fc55202f7a07178e0f4e7159ced9b1b3c6579a61177c30c0e136ec3118a1f221536386a478e6ecdc34e4acd484ea7a332fd8ac33cec8968b4d7fe07c6cd4fb2fbf0029c5517e5e939b64c444afabb551d3eb0f95a6c492bd1a49a61bcf2db64638cab74904e127154d2d7b69d185f341e65a720fb51dc492dbaa19b5514dc677f9d740b4404e68b20a369fe131cd7c5f26046b585d0132a6da1a5b77ece1dabd0fc127e76f47594bf276ce4b9471670f5d8d3af2c4dd47f57490989905f8f76b04049c426022a49e5abd717fb574b1d5c821a36ed1d586bfa31cb10a5a0dcf425a12761219f600220700f552e99d05f66c5060c6abe4498e864cdbbbd6d7d03c51c334304e468eb96e5983045dba8db2116e8bba0310d8574ca8f4cb9da901261ca5e0c10bdb35c0d068c1c6b7472b90a59fc0498a8136fe78660f8c5095885b10211ea34d5226906d164d0bb0ba1a0667a9f9838d881e50aa0c1dba89e42844bea1a464d113a9dcb5bae972e61a31d21c04a0e3611d67b397fb4699571612034c58e19f9e5586942ae20e2f311d854ad01164653f452b94aa1e89a0a9f7db79acd7936920f34fc2b4e7ed471a2c7e48bc85e4a78f35b4c60be14e675befb7d0f47e914f203f225594e8c09cc9b8c0af84fbd4d4b8eecea8487620df757841d3b022df952e57809473d4ede43620848206f0540ed9c99fb8037425bc40c3675d545ef6bca9daa96f254fa92b6c5c7115f5037d9df060f89c2b4f81776da51d2208a031e4018ebaf081e9aa61519addc29e7833fd5b64336b4b21d76f19695889714b2ae68d460369f7ab90014fb410c8a88d68e5ebadc43db401012c853100165c88d9738ba5162e9e1c66eb933b97ee9b5803bce101d48a12a2eb0214d93c8536a2a819c94ef99c9843cfcb84d24941dcf88baf6834e0d4130b5e7b032c4d444bfad7b5e49dd9c6f96f63384b5f49ae65bb6d3a2db2b0690c5a03bc75d072b61373cfe988b64b02f3864b20ed4e319e2b668d466de4d1feffae9d11ea8f2fb986c5af152220a1d8dee75852acf1d767d81c7a3d9661fe5bafce4bd9c610de93432dd8c3563214912ed2bfb92ea8d2c5ea8f51ba99f0d01dffbee9ae2363c775199245ddbf94fe535a9dcf36eb1e7ae644ab0f02ba874d5d0c32f3056f20dc38d4148b4cf35c873a6b4173c00d1e5fc4dad111d5cad7d58ab6d36666d920f1618cddbeb72c7967339737065fe713e31185e742dc8463fc63d793e704959461b4947c1a0e9716c2a5f2d468a2494069e125f6eb339a004c7202a7d020600c2d5963fa9cd9028ec54eea61170f351d33b4ee447e643e03ee84d31629ec1d74a4074f0a1f3f4ed78f6624f6cde9d6a6a38ebbb4573106f069e2fd3a20a23600527df60d062c9cf479fce00edece2f6fda00cbeb2bee5a4eb44bf767880149876b833f6c859a30e624b2439c16660644599a1928d567f90bf820737d3a1aa9e579c7437bdf71fabc456506c05ab267e3124c70ee66fdcc8e3c47ca7b7c44ae2cf22b0823413e5a3b1bc031f9172a26f3a3e3292823641592148baf90feb484757bb423d08dbbb07347fad95ffed2c34a35e764097aae172416938318af73040535ecb1b6cb436a3e547d4c82f5399e7357002dc7797673cb810ec6ca44810ca1cadb2c4fdc797a9d6a441d93a81fd571d5d6e7cbdf8886c7cb794fec8e9d4035348f3dc7b8090a55328da03a02bc28b5623f5f52c601412362a2080ff8e2c3122cda3164cd217f008d0226cc05a5747f422e7582bd6f607cc88c083f89e1fb7cb425fba2a0108c3414aebb5aa0d3619235d03eada7b34de150310c46598b3679fb6c0de8115d1d450deca7bf9d2769da84a42ed0c24c56ccba4413a3d24542979d99121f03891e6d671a2e22cd29368593ca478361d79f5896cb8f7dd3dd3a0487e61101ec7a972a24435d6e4a2c5c573a6643748b27ab809147b9c20e22368bbf4f79aae73a4316777130524e9a927feb7a98c1b886cab89b60b0408764597bac2c15b8146dd2fa06ed503a8b51a06b66a4ac3e25a6514f27201783fa813fc6d262b3a6820b02edfa63b1564b75b02446b9777fa43c6d06b80920883e98518969f7bc79615e1704c8557670b241222df451d01d986721cb728fa9f7ec66b2a2d9a529125bbffe26cab2ee1f4ebefe2f31a26a7907df137bb8e8c5e447bd47059985da5eecf58add477427da302f32d908b7216519184e87280a27c761d428bb577bb135fd5e40cfc99a53f17201b41d9868843d0e5ed7d3b95e82b62416b1a109d337cc1e91bec40ad967a6e3d922949fa00ee669e685904a98c19888f311d51e7de223e586e3f0e597071375750548d7303de0a8b4c8805d42ecad97fdc684aaf49dd90013c1e679cd5ac76aae57fc5ed554381d2affe785b57e4eee0fc61c1f8a753af9d51a994a01801656bdcc75ad376c2d559a3018807d7b60c94f7be610f86f43c20f7bc184058b15c1dd0ca88996bf36f0d42a99128f1fbaf1bee3ec0821a0ad9712058c1090235217c2d78878c170099ae187ca9f1a9e7cbc8ff333bf6e6a2283113445085923c7a16f72aa45f9d8a0602e18ec7f50841fbcf3425eb3391bee869819db894fd72c6dd6536aeacdfd6fa45ddb095cd1dadcd36e7e6942930b254d9b92ec8174b8228a85a9e7714780de7f6c720ef51720c0311a531d01ac892044862c937cf2575fc0f2cd967a4c4ea46f3c529e35f93bda59b70ca3e2e9504069c7222f9b8c64b9d7ce835a4ff178feb09f6b57b2094b2da5a5b3dfe370d741b2b454242be324c87a4b66018263fe0161a455ace003c48e388c488cc427e1536898b0a889b1d0cafa5bcf6660a8b928c98dc71622344513791b58b8d49f4fd3a3c2ce308762c9aa0c922a4a91b55fc554e8622dad27131dd45688a9ea2c67f3159ccf812d5170eaf26db33aec36ee0e5ff117ed4f28e26260f2f8dca202733aff7832e141f5c03761df2036af8457b356a8648c6b3346c4931f792d0f13df592ea283a6bc4af1289bd29eb00bad0d120461164bd54659ffdfd28b426c4ba66cd40a49ba831cf150f063f45bd52212a339920e549da4b9b933e8ad25112c814b03b00b1b3989ebaedb0dd4a40c66275e9e409adb8d1d4388d0886f8c2d86be96906f6475311aaf2e07c739527ff256402838449fbcec7cadbc8c20857e6486e48745953b44e81739043dd520bc01078a0830180dea765f68c7c1e0795bfe81ba3b8a7441e47cfbb0c2d118b78e29d76dfda3aa54e605b0b8bad2ae4ad406ef599b6f82ac2f2d3d69dba1cc36e1565abc8d46b550ffa8b13a3a6e54c4325c79b01edab39cf2db3da33f6c9a82726138630e2911457061b0b2f645cb28585032eec65c34741c8e865d866aa7f2ee7f1d7a3bb56c23c05bc7aeb78e055d1f76cf902338a71ea5f80efb6e527cd03c45ec069becf6c80b083cae4333c2a794f010983c536d98a375d02790875298f30f9b26a9deb967ed1365be1d5a761738178b75f9312d1c504640cd0d796fe1d4ad653e02037e598c51dbe0485ae53aff09129ac754cbc191144b3c9f8a229bd1cd09f620dae3cb3480c270f111e1b70a0c4270512a60b4994e2f36364b1c2f6bd3fc325aa6e1264a2faaa15575b0fb27666b8a2152c8d6380ace2b0321d430add20750fef11b62b0f4bc75f6242d905dc3aac2553dee3f02cf72ac9609d5b46cec84423ee6f1d5d038efb7bf98256f21c235dc26dd5a99a83a0cbc44208f5cddb71687d72889e19c30ab5bb40f14921e557332160a3799743145ba1b6bc9f2940d852f823b25f646875a6eed672e1fd2af7fec7ecdce38becb409e8d646a712ceca46640a0dfd8ccea39644709b461abd268cac82d8475b2de3b0090bb0b82c4452990d70f7c0262aa46209f98bcdc2d7a1a39484cbd02757ea1cb443cb5ba5c11ac4c2cd6a969654bcd7f254cb034c753180ca62cf51c54202e9e7ec6b5ed1d326be0b1eb05eed1dcd7ffbea6d749b5296a8da2be1c1341f95db1688ec830ee7da693c366f284c2b4b78bb724a6529534b78f96942c604bc72ec0b3cb44ea91654db2f26e4bd9b561373a6d768230b2eea6c0ccb327d551cce8b189d750b398f92f3280d032409f58f2c68ff36a6363cd11b1f759d5b90fd99a86fc8045f5e878120078cc5b3642266b7f286f2ffb4e0dbea30935d718d2842b9ada88eaa1800b138e1690133e9a6e7e36e3598cc2c25fda6bc37515fc675247c0ceeffba3e1c94ca380355045d17a8df38f96192af994d64dc97e2e21fa71a5b5721c69f8211a81", 0x1000, 0x7fff}, {&(0x7f00000035c0)="ff06e44aab6daae89f9a6e4ddf36735d0677e4a343627ac2eb6094e32fbadf4cf9f5deee04a9a76511de08563411aae4782d87acf71a676d902017a9641cdaa60c4ec9c73901186ee88f2784980ef15615d9bf78209e2bd869795f61e00e381fd194824ff7d3d69fdc5222e428e5986e8589a5ee04af210067aed97104fb6d3e2739d3771a0484518548a76a4a6d83f6e7632318366b1e0fa213bc85adcb4f90ab2a10a3b8923b673e670b5e06b5d20189fd249ce8d350fd89fa0aa851c13cea3200f70b64b5e7396b7029bb79a62bc35673b66a7ad8e7b2944c56b12c12aefccfe3811af8", 0xe5}], 0x20402, &(0x7f0000003900)={[{@discard='discard'}], [{@euid_eq={'euid', 0x3d, 0xee01}}, {@fsmagic={'fsmagic', 0x3d, 0x5b}}, {@smackfshat={'smackfshat', 0x3d, 'cpusetkeyringtrustedwlan0,'}}, {@uid_lt={'uid<', r1}}]}) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() uselib(&(0x7f0000000080)='./file0\x00') setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 396.620456][ T9110] block nbd3: Receive control failed (result -22) [ 396.626218][T13777] FAULT_INJECTION: forcing a failure. [ 396.626218][T13777] name failslab, interval 1, probability 0, space 0, times 0 [ 396.628473][ T9110] block nbd3: Receive control failed (result -22) [ 396.648095][T13771] block nbd3: shutting down sockets [ 396.691080][T13777] CPU: 1 PID: 13777 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 396.700165][T13777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.710251][T13777] Call Trace: [ 396.713713][T13777] dump_stack+0x172/0x1f0 [ 396.718096][T13777] should_fail.cold+0xa/0x15 [ 396.722734][T13777] ? fault_create_debugfs_attr+0x180/0x180 [ 396.728598][T13777] ? ___might_sleep+0x163/0x2c0 [ 396.733647][T13777] __should_failslab+0x121/0x190 [ 396.738656][T13777] should_failslab+0x9/0x14 [ 396.743184][T13777] kmem_cache_alloc_trace+0x2d3/0x790 [ 396.748591][T13777] __memcg_init_list_lru_node+0x8a/0x1e0 [ 396.754280][T13777] __list_lru_init+0x3fe/0x710 [ 396.755938][T13784] block nbd3: shutting down sockets [ 396.759151][T13777] alloc_super+0x7f7/0x910 [ 396.759173][T13777] sget+0x117/0x560 [ 396.759189][T13777] ? get_anon_bdev+0xc0/0xc0 [ 396.759211][T13777] ? ovl_show_options+0x550/0x550 [ 396.782250][T13777] mount_nodev+0x31/0x110 [ 396.786622][T13777] ovl_mount+0x2d/0x40 [ 396.790808][T13777] ? ovl_own_xattr_set+0x10/0x10 [ 396.795781][T13777] legacy_get_tree+0x108/0x220 [ 396.800580][T13777] vfs_get_tree+0x8e/0x300 [ 396.805161][T13777] do_mount+0x142e/0x1cf0 [ 396.809533][T13777] ? copy_mount_string+0x40/0x40 [ 396.815063][T13777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.821331][T13777] ? copy_mount_options+0x2e8/0x3f0 [ 396.826966][T13777] ksys_mount+0xdb/0x150 [ 396.831242][T13777] __x64_sys_mount+0xbe/0x150 [ 396.835949][T13777] do_syscall_64+0xfa/0x760 05:01:51 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x406, 0xffffffffffffffff) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) r4 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$PPPIOCSMRU(r8, 0x40047452, &(0x7f0000000000)=0x8) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1ffffffff) 05:01:52 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000007c0)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x14, r7, 0x5, 0x0, 0x0, {0x11}}, 0x14}}, 0x0) sendmsg$TIPC_NL_NODE_GET(r3, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000040)={&(0x7f0000000800)={0x140, r7, 0x6ab397b061b62c26, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0xa0, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_NAME={0x0, 0x1, @l2={'ib', 0x3a, 'ip_vti0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in6={0xa, 0x4e23, 0xff, @remote, 0x6}}, {0x14, 0x2, @in={0x2, 0x4e20, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'erspan0\x00'}}, @TIPC_NLA_BEARER_NAME={0xfe0b, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x100}, @TIPC_NLA_BEARER_PROP={0x0, 0x2, [@TIPC_NLA_PROP_MTU={0x0, 0x4, 0x400}, @TIPC_NLA_PROP_TOL={0x0, 0x2, 0xfffffffc}, @TIPC_NLA_PROP_TOL={0x0, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x0, 0x1, 0x3}, @TIPC_NLA_PROP_TOL={0x0, 0x2, 0xfffffffc}, @TIPC_NLA_PROP_PRIO={0x0, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x0, 0x2, 0x100}, @TIPC_NLA_PROP_TOL={0x0, 0x2, 0x4}, @TIPC_NLA_PROP_WIN={0x0, 0x3, 0x5}]}]}, @TIPC_NLA_LINK={0x8c, 0x4, [@TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xc0000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_LINK_NAME={0x0, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 396.840490][T13777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 396.846522][T13777] RIP: 0033:0x459a59 [ 396.850434][T13777] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 396.866404][ T9110] block nbd3: Receive control failed (result -22) [ 396.870243][T13777] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 396.870259][T13777] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 396.870266][T13777] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 396.870273][T13777] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 396.870279][T13777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 396.870285][T13777] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 396.908006][ T9110] block nbd3: Receive control failed (result -22) [ 396.941272][T13786] block nbd3: shutting down sockets 05:01:52 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) write$P9_RRENAME(r0, &(0x7f0000000000)={0x7, 0x15, 0x2}, 0x7) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$sock_inet_SIOCRTMSG(r8, 0x890d, &(0x7f0000000100)={0x0, {0x2, 0x4e21, @local}, {0x2, 0x4e23, @empty}, {0x2, 0x4e21, @broadcast}, 0x4, 0x0, 0x0, 0x0, 0x2, &(0x7f00000000c0)='veth1_to_bond\x00', 0x100000001, 0x7fffffff, 0x2}) r9 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x80000002) r10 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, r10) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) pipe2(&(0x7f0000000040), 0x182000) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:52 executing program 1 (fault-call:3 fault-nth:59): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r4 = getpid() sched_setscheduler(r4, 0x5, &(0x7f00000001c0)) r5 = getpgrp(r4) fcntl$setownex(r3, 0xf, &(0x7f0000000240)={0x3, r5}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x48, r7, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x48}}, 0x0) sendmsg$IPVS_CMD_DEL_DEST(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd8, r7, 0x100, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x58, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x1e}}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x6}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x3}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e23}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local}, @IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0x1f}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x39, 0x8}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x15}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x87}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x1}, 0x20000041) r8 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r8, 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) [ 397.075198][ T1530] block nbd3: Receive control failed (result -22) [ 397.075205][ T9110] block nbd3: Receive control failed (result -22) [ 397.089874][T13794] block nbd3: shutting down sockets [ 397.123203][T13798] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 397.208945][T13802] FAULT_INJECTION: forcing a failure. [ 397.208945][T13802] name failslab, interval 1, probability 0, space 0, times 0 [ 397.227257][T13802] CPU: 0 PID: 13802 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 397.236757][T13802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.246826][T13802] Call Trace: [ 397.250116][T13802] dump_stack+0x172/0x1f0 [ 397.254439][T13802] should_fail.cold+0xa/0x15 [ 397.259027][T13802] ? fault_create_debugfs_attr+0x180/0x180 [ 397.264823][T13802] ? ___might_sleep+0x163/0x2c0 [ 397.269662][T13802] __should_failslab+0x121/0x190 [ 397.274594][T13802] should_failslab+0x9/0x14 [ 397.279077][T13802] kmem_cache_alloc+0x2aa/0x710 [ 397.283916][T13802] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.290148][T13802] ? __validate_process_creds+0x22d/0x380 [ 397.295851][T13802] prepare_creds+0x3e/0x430 [ 397.300343][T13802] ovl_fill_super+0x103/0x4029 [ 397.305111][T13802] ? register_shrinker_prepared+0x116/0x190 [ 397.310992][T13802] ? idr_replace+0x108/0x180 [ 397.315564][T13802] ? ovl_show_options+0x550/0x550 [ 397.320569][T13802] ? __kasan_check_write+0x14/0x20 [ 397.325666][T13802] ? register_shrinker_prepared+0x116/0x190 [ 397.331542][T13802] ? sget+0x12b/0x560 [ 397.335508][T13802] ? get_anon_bdev+0xc0/0xc0 [ 397.340078][T13802] ? ovl_show_options+0x550/0x550 [ 397.345086][T13802] mount_nodev+0x66/0x110 [ 397.349399][T13802] ovl_mount+0x2d/0x40 [ 397.353449][T13802] ? ovl_own_xattr_set+0x10/0x10 [ 397.358371][T13802] legacy_get_tree+0x108/0x220 [ 397.363120][T13802] vfs_get_tree+0x8e/0x300 [ 397.367545][T13802] do_mount+0x142e/0x1cf0 [ 397.371996][T13802] ? copy_mount_string+0x40/0x40 [ 397.376950][T13802] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.383194][T13802] ? _copy_from_user+0x12c/0x1a0 [ 397.388205][T13802] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.394432][T13802] ? copy_mount_options+0x2e8/0x3f0 [ 397.399614][T13802] ksys_mount+0xdb/0x150 [ 397.403844][T13802] __x64_sys_mount+0xbe/0x150 [ 397.408508][T13802] do_syscall_64+0xfa/0x760 [ 397.413001][T13802] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 397.419329][T13802] RIP: 0033:0x459a59 [ 397.423213][T13802] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 397.442811][T13802] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 397.452084][T13802] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 397.460048][T13802] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 397.468002][T13802] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 397.475957][T13802] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 397.483910][T13802] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 397.537173][T13798] netlink: 'syz-executor.0': attribute type 1 has an invalid length. 05:01:54 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0", 0x98}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:54 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r6 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x3, 0x210801) ioctl$NBD_SET_FLAGS(r6, 0xab0a, 0x2000000000000000) ioctl$NBD_DO_IT(r2, 0xab03) [ 399.382109][T13816] block nbd3: shutting down sockets 05:01:54 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c6", 0x51}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:54 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000000)={0x4, 0x7}) openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='io.stat\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0xffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:54 executing program 1 (fault-call:3 fault-nth:60): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b0660afc2b9abb2a2f9fd2399e0400c33f00002b0009000000000000001499a8d1372d197db3a4952f36def66ee26a9032fbcd67213be300199e4bacdd00a49d5c8c3df3af2a2c88e8a7da45d4637f54bcde7f297b3d492b0f1262008da13f9e92622d90fdd0ee02d7ffbf847c182c574a35cb082da81d275d736bfbe64ed6402ef24a79297d8a30ace1a52f7ef9833f4ff534c1973e147200"/171], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:54 executing program 3: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x10400, 0x0) ftruncate(r0, 0x400) syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) socket(0x1, 0x1, 0x0) r1 = syz_open_dev$ndb(0x0, 0x0, 0x0) r2 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) ioctl$NBD_SET_FLAGS(r1, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r1, 0xab03) 05:01:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) write$FUSE_POLL(r1, &(0x7f0000000200)={0x18, 0x0, 0x2, {0xfffffffa}}, 0x18) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ioperm(0xfffffffffffffffd, 0x4, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000000180)={0x1}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$IMSETDEVNAME(r3, 0x80184947, &(0x7f0000000140)={0x0, 'syz1\x00'}) openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 399.597149][ T1530] block nbd2: Receive control failed (result -22) [ 399.607902][T13827] FAULT_INJECTION: forcing a failure. [ 399.607902][T13827] name failslab, interval 1, probability 0, space 0, times 0 [ 399.613870][T13820] block nbd2: shutting down sockets [ 399.631554][T13827] CPU: 0 PID: 13827 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 399.640626][T13827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.650689][T13827] Call Trace: [ 399.653992][T13827] dump_stack+0x172/0x1f0 [ 399.658329][T13827] should_fail.cold+0xa/0x15 [ 399.662927][T13827] ? fault_create_debugfs_attr+0x180/0x180 [ 399.668749][T13827] ? ___might_sleep+0x163/0x2c0 [ 399.673610][T13827] __should_failslab+0x121/0x190 [ 399.678556][T13827] should_failslab+0x9/0x14 [ 399.683065][T13827] kmem_cache_alloc+0x2aa/0x710 [ 399.687925][T13827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.694169][T13827] ? __validate_process_creds+0x22d/0x380 [ 399.699898][T13827] prepare_creds+0x3e/0x430 [ 399.704405][T13827] ovl_fill_super+0x103/0x4029 [ 399.709180][T13827] ? register_shrinker_prepared+0x116/0x190 [ 399.715090][T13827] ? idr_replace+0x108/0x180 [ 399.719695][T13827] ? ovl_show_options+0x550/0x550 [ 399.724737][T13827] ? __kasan_check_write+0x14/0x20 [ 399.729859][T13827] ? register_shrinker_prepared+0x116/0x190 [ 399.736367][T13827] ? sget+0x12b/0x560 [ 399.736380][T13827] ? get_anon_bdev+0xc0/0xc0 05:01:55 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) r4 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r5, 0x0) r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r6, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r6, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r6, &(0x7f0000003000), 0x1150) r7 = socket$inet(0x2, 0x0, 0x0) bind$inet(r7, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r7, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r7, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r8, @ANYBLOB=',group_id=', @ANYRESDEC=r9, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) getgroups(0x6, &(0x7f0000000000)=[0xee01, r9, 0x0, 0xee01, 0xee01, 0xffffffffffffffff]) write$P9_RGETATTR(0xffffffffffffffff, &(0x7f00000000c0)={0xa0, 0x19, 0x1, {0x80, {0x10, 0x0, 0x4}, 0x94, r5, r10, 0x7f, 0x0, 0x2, 0x2b4, 0x800, 0x7, 0x5, 0xfffffffffffffffe, 0x3, 0x3, 0x9, 0x3f, 0x7, 0x4, 0xcb}}, 0xa0) [ 399.736396][T13827] ? ovl_show_options+0x550/0x550 [ 399.736410][T13827] mount_nodev+0x66/0x110 [ 399.736426][T13827] ovl_mount+0x2d/0x40 [ 399.758921][T13827] ? ovl_own_xattr_set+0x10/0x10 [ 399.758939][T13827] legacy_get_tree+0x108/0x220 [ 399.758959][T13827] vfs_get_tree+0x8e/0x300 05:01:55 executing program 1 (fault-call:3 fault-nth:61): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 399.758977][T13827] do_mount+0x142e/0x1cf0 [ 399.758998][T13827] ? copy_mount_string+0x40/0x40 05:01:55 executing program 3: r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(0x0, &(0x7f0000000480)={'\xaa\x00\x01', 0x0}, 0x0, 0x0, r0) keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f0000000000)={r0, 0xb8, 0xc3}, &(0x7f00000000c0)={'enc=', 'oaep', ' hash=', {'md4\x00'}}, &(0x7f0000000200)="eace5c77dbf1143beed7b06712004a9e278041c7c0d06adf43b2609ca45919218c5f8c1f2519768447f6fd103bde8bbec94ad0ce43af7b11ebee1ad2ab396d275a8fd219cc6a109ae39eb5167213904ada59e8ec7affa10ce836aac145881d5535a1f4b925ac37f0712f73c2f32fb7fd3fd5b603ff8d0ab5df13f1670563652e5fcf5df1dcce6b685e33f31b3bf1d6ac180763aba59f96d7efa7de6e46de230c329825bd9eeb4c3e30fb1a842821548caadb15c9f318b4df", &(0x7f00000002c0)="90a9a3c39af7521af01069c9aa120db9fb38c5b5c9f987ac68a74a19ad48b5f5d1aae426267a4252a206718b75f28291e562e805ea22ee28336f20e137beeaa5808b4493afec7df9cd8ed7069a03fdc50054e8c63befe6db2cead67dac09e0fb9c01f6a13ba3dd61586694ccdad7af42fbdf8cfcf699f1cf038f767597953460b6fd45b168e808d7dc819ffae35b06b862962d7b2fb07dabe9f735418cafafd40b749714fb7184562d7e8a96dd2f4345b6b510f522e4ad8b912e94720777e4392417fc") r1 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) r4 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r3, 0xab03) [ 399.759018][T13827] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.759033][T13827] ? _copy_from_user+0x12c/0x1a0 [ 399.759053][T13827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.759067][T13827] ? copy_mount_options+0x2e8/0x3f0 [ 399.759087][T13827] ksys_mount+0xdb/0x150 [ 399.759104][T13827] __x64_sys_mount+0xbe/0x150 [ 399.759173][T13827] do_syscall_64+0xfa/0x760 [ 399.759194][T13827] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.759205][T13827] RIP: 0033:0x459a59 05:01:55 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='\xf0\x01\x00\x00\x00\x00\t\x00\x14\x00', 0x0, 0x0) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200000, 0x0) ioctl$EVIOCGBITKEY(r1, 0x80404521, &(0x7f00000000c0)=""/243) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r3, 0xab03) [ 399.759221][T13827] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.759228][T13827] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 399.759243][T13827] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 399.759251][T13827] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 399.759259][T13827] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 399.759267][T13827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 399.759276][T13827] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 399.821145][ T1530] block nbd3: Receive control failed (result -22) [ 399.837296][T13821] block nbd3: shutting down sockets [ 399.868033][ T1530] block nbd2: Receive control failed (result -22) [ 399.969582][T13845] FAULT_INJECTION: forcing a failure. [ 399.969582][T13845] name failslab, interval 1, probability 0, space 0, times 0 [ 399.969609][T13845] CPU: 1 PID: 13845 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 399.969619][T13845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.969625][T13845] Call Trace: [ 399.969648][T13845] dump_stack+0x172/0x1f0 [ 399.969673][T13845] should_fail.cold+0xa/0x15 [ 399.969694][T13845] ? fault_create_debugfs_attr+0x180/0x180 [ 399.969718][T13845] ? ___might_sleep+0x163/0x2c0 [ 399.969740][T13845] __should_failslab+0x121/0x190 [ 399.969758][T13845] should_failslab+0x9/0x14 [ 399.969772][T13845] kmem_cache_alloc_trace+0x2d3/0x790 [ 399.969788][T13845] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 399.969810][T13845] __memcg_init_list_lru_node+0x8a/0x1e0 [ 399.969830][T13845] __list_lru_init+0x3fe/0x710 [ 399.969851][T13845] alloc_super+0x7f7/0x910 [ 399.969872][T13845] sget+0x117/0x560 [ 399.969886][T13845] ? get_anon_bdev+0xc0/0xc0 [ 399.969904][T13845] ? ovl_show_options+0x550/0x550 [ 399.969919][T13845] mount_nodev+0x31/0x110 [ 399.969934][T13845] ovl_mount+0x2d/0x40 [ 399.969949][T13845] ? ovl_own_xattr_set+0x10/0x10 [ 399.969964][T13845] legacy_get_tree+0x108/0x220 [ 399.969982][T13845] vfs_get_tree+0x8e/0x300 [ 399.969999][T13845] do_mount+0x142e/0x1cf0 [ 399.970020][T13845] ? copy_mount_string+0x40/0x40 [ 399.970034][T13845] ? copy_mount_options+0x241/0x3f0 [ 399.970058][T13845] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.970073][T13845] ? copy_mount_options+0x2e8/0x3f0 [ 399.970093][T13845] ksys_mount+0xdb/0x150 [ 399.970111][T13845] __x64_sys_mount+0xbe/0x150 [ 399.970131][T13845] do_syscall_64+0xfa/0x760 [ 399.970150][T13845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.970161][T13845] RIP: 0033:0x459a59 [ 399.970177][T13845] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 399.970185][T13845] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 399.970199][T13845] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 399.970212][T13845] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 399.970221][T13845] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 399.970230][T13845] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 399.970239][T13845] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 399.979261][T13836] block nbd2: shutting down sockets [ 400.436599][ T1530] block nbd3: Receive control failed (result -22) [ 400.436605][ T9110] block nbd3: Receive control failed (result -22) [ 400.453500][T13849] block nbd3: shutting down sockets 05:01:57 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90", 0x9d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:57 executing program 1 (fault-call:3 fault-nth:62): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 402.406856][T13867] FAULT_INJECTION: forcing a failure. [ 402.406856][T13867] name failslab, interval 1, probability 0, space 0, times 0 [ 402.428827][T13867] CPU: 1 PID: 13867 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 402.437904][T13867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.447995][T13867] Call Trace: [ 402.451498][T13867] dump_stack+0x172/0x1f0 [ 402.455829][T13867] should_fail.cold+0xa/0x15 [ 402.460464][T13867] ? fault_create_debugfs_attr+0x180/0x180 [ 402.466295][T13867] ? ___might_sleep+0x163/0x2c0 [ 402.471155][T13867] __should_failslab+0x121/0x190 [ 402.476182][T13867] should_failslab+0x9/0x14 [ 402.480673][T13867] kmem_cache_alloc_trace+0x2d3/0x790 [ 402.486038][T13867] ovl_fill_super+0xed/0x4029 [ 402.490819][T13867] ? register_shrinker_prepared+0x116/0x190 [ 402.496746][T13867] ? idr_replace+0x108/0x180 [ 402.501334][T13867] ? ovl_show_options+0x550/0x550 [ 402.506348][T13867] ? __kasan_check_write+0x14/0x20 [ 402.511464][T13867] ? register_shrinker_prepared+0x116/0x190 [ 402.517499][T13867] ? sget+0x12b/0x560 [ 402.521484][T13867] ? get_anon_bdev+0xc0/0xc0 [ 402.526083][T13867] ? ovl_show_options+0x550/0x550 [ 402.531575][T13867] mount_nodev+0x66/0x110 [ 402.535925][T13867] ovl_mount+0x2d/0x40 [ 402.539999][T13867] ? ovl_own_xattr_set+0x10/0x10 [ 402.544944][T13867] legacy_get_tree+0x108/0x220 [ 402.549751][T13867] vfs_get_tree+0x8e/0x300 [ 402.554196][T13867] do_mount+0x142e/0x1cf0 [ 402.558529][T13867] ? copy_mount_string+0x40/0x40 [ 402.563475][T13867] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.569701][T13867] ? copy_mount_options+0x2e8/0x3f0 [ 402.575030][T13867] ksys_mount+0xdb/0x150 [ 402.579281][T13867] __x64_sys_mount+0xbe/0x150 [ 402.584765][T13867] do_syscall_64+0xfa/0x760 [ 402.590092][T13867] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.596015][T13867] RIP: 0033:0x459a59 [ 402.599913][T13867] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 402.619510][T13867] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 402.628048][T13867] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 402.638030][T13867] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 402.646013][T13867] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:01:57 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c6", 0x51}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:57 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SIOCNRDECOBS(r1, 0x89e2) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) accept$alg(r3, 0x0, 0x0) r6 = dup(r5) ioctl$NBD_CLEAR_QUE(r6, 0xab05) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2) ioctl$NBD_DO_IT(r4, 0xab03) 05:01:57 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) prctl$PR_CAPBSET_READ(0x17, 0x3) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socket(0x2, 0x0, 0x8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:01:57 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90", 0x9d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 402.654088][T13867] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 402.662071][T13867] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:01:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_SIGNAL_MASK(r4, 0x4004ae8b, &(0x7f0000000080)={0xa8, "bd9a8adf0c29ec3af19fecc1ce79412f6b4830b98066079823aae910e2d9f023a2281c1d8f19316bcd32113979c3a0a79280b2850a526b8413867fc8190faa17396ba917f7e775dcfa79f9bf77f2756c797c6518f08d03ab7a26f29480e50dd6c1b487f827b2ce883caad0b45d9b3f7a3cb86b3e290ef35a511bdadefd58b8c4cc26db97e307c7e39cbae5faa93f02fffbc9220e7456326c3aed1bb2d0494473163bc23b780f4ac9"}) r5 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) lseek(r5, 0x0, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$SG_NEXT_CMD_LEN(r8, 0x2283, &(0x7f0000001200)=0x28) r9 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) read$FUSE(r9, &(0x7f0000000200), 0x1000) getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r9, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000180)=0x4) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) r10 = getpid() sched_setscheduler(r10, 0x5, &(0x7f00000001c0)) tkill(r10, 0x32) wait4(0x0, 0x0, 0x0, 0x0) 05:01:58 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90", 0x9d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:01:58 executing program 1 (fault-call:3 fault-nth:63): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:58 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f00000000c0)={0x0, 0x2, 0x3}) prctl$PR_SET_UNALIGN(0x6, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000040)={0xfff, 0x2, 0x401, 0x1, 0x6}) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 402.796743][T13885] block nbd3: Device being setup by another task [ 402.928100][ T1530] block nbd3: Receive control failed (result -22) [ 402.954579][T13875] block nbd3: shutting down sockets [ 403.030931][T13885] block nbd3: Device being setup by another task [ 403.038315][ T1530] block nbd2: Receive control failed (result -22) [ 403.042264][T13901] FAULT_INJECTION: forcing a failure. [ 403.042264][T13901] name failslab, interval 1, probability 0, space 0, times 0 [ 403.059831][T13895] block nbd2: shutting down sockets [ 403.083912][T13901] CPU: 1 PID: 13901 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 403.093600][T13901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.103661][T13901] Call Trace: [ 403.106950][T13901] dump_stack+0x172/0x1f0 [ 403.111274][T13901] should_fail.cold+0xa/0x15 [ 403.115855][T13901] ? fault_create_debugfs_attr+0x180/0x180 [ 403.121654][T13901] ? ___might_sleep+0x163/0x2c0 [ 403.126502][T13901] __should_failslab+0x121/0x190 [ 403.131425][T13901] should_failslab+0x9/0x14 [ 403.135910][T13901] kmem_cache_alloc+0x2aa/0x710 [ 403.140764][T13901] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.146985][T13901] ? __validate_process_creds+0x22d/0x380 [ 403.152686][T13901] prepare_creds+0x3e/0x430 [ 403.157176][T13901] ovl_fill_super+0x103/0x4029 [ 403.161927][T13901] ? register_shrinker_prepared+0x116/0x190 [ 403.167811][T13901] ? idr_replace+0x108/0x180 [ 403.172385][T13901] ? ovl_show_options+0x550/0x550 [ 403.177397][T13901] ? __kasan_check_write+0x14/0x20 [ 403.182532][T13901] ? register_shrinker_prepared+0x116/0x190 [ 403.188432][T13901] ? sget+0x12b/0x560 [ 403.192393][T13901] ? get_anon_bdev+0xc0/0xc0 [ 403.196965][T13901] ? ovl_show_options+0x550/0x550 [ 403.201970][T13901] mount_nodev+0x66/0x110 [ 403.206284][T13901] ovl_mount+0x2d/0x40 [ 403.210335][T13901] ? ovl_own_xattr_set+0x10/0x10 [ 403.215265][T13901] legacy_get_tree+0x108/0x220 [ 403.220012][T13901] vfs_get_tree+0x8e/0x300 [ 403.224414][T13901] do_mount+0x142e/0x1cf0 [ 403.228727][T13901] ? copy_mount_string+0x40/0x40 [ 403.233656][T13901] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.239879][T13901] ? copy_mount_options+0x2e8/0x3f0 [ 403.245077][T13901] ksys_mount+0xdb/0x150 [ 403.249302][T13901] __x64_sys_mount+0xbe/0x150 [ 403.253966][T13901] do_syscall_64+0xfa/0x760 [ 403.259413][T13901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.265291][T13901] RIP: 0033:0x459a59 [ 403.269187][T13901] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 403.288782][T13901] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 403.297174][T13901] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 403.305127][T13901] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 403.313780][T13901] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 403.321732][T13901] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 05:01:58 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x8, 0x103000) ioctl$BINDER_SET_MAX_THREADS(r4, 0x40046205, &(0x7f0000000040)=0x6) r5 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 403.329683][T13901] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 403.342697][T13906] block nbd3: shutting down sockets 05:01:58 executing program 1 (fault-call:3 fault-nth:64): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:01:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:01:58 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$TIOCMIWAIT(r7, 0x545c, 0x0) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 403.445615][ T1530] block nbd2: Receive control failed (result -22) [ 403.464125][T13910] block nbd2: shutting down sockets [ 403.586584][T13921] FAULT_INJECTION: forcing a failure. [ 403.586584][T13921] name failslab, interval 1, probability 0, space 0, times 0 [ 403.602107][T13921] CPU: 0 PID: 13921 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 403.611163][T13921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.621252][T13921] Call Trace: [ 403.624813][T13921] dump_stack+0x172/0x1f0 [ 403.629244][T13921] should_fail.cold+0xa/0x15 [ 403.633850][T13921] ? fault_create_debugfs_attr+0x180/0x180 [ 403.639679][T13921] ? ___might_sleep+0x163/0x2c0 [ 403.644540][T13921] __should_failslab+0x121/0x190 [ 403.649487][T13921] should_failslab+0x9/0x14 [ 403.653999][T13921] __kmalloc+0x2e0/0x770 [ 403.658249][T13921] ? refcount_inc_not_zero_checked+0x144/0x200 [ 403.664405][T13921] ? refcount_dec_and_mutex_lock+0x90/0x90 [ 403.670320][T13921] ? security_prepare_creds+0x11d/0x190 [ 403.675851][T13921] security_prepare_creds+0x11d/0x190 [ 403.681240][T13921] prepare_creds+0x32a/0x430 [ 403.685911][T13921] ovl_fill_super+0x103/0x4029 [ 403.690763][T13921] ? register_shrinker_prepared+0x116/0x190 [ 403.697448][T13921] ? idr_replace+0x108/0x180 [ 403.702027][T13921] ? ovl_show_options+0x550/0x550 [ 403.707037][T13921] ? __kasan_check_write+0x14/0x20 [ 403.712138][T13921] ? register_shrinker_prepared+0x116/0x190 [ 403.718118][T13921] ? sget+0x12b/0x560 [ 403.722082][T13921] ? get_anon_bdev+0xc0/0xc0 [ 403.726652][T13921] ? ovl_show_options+0x550/0x550 [ 403.731670][T13921] mount_nodev+0x66/0x110 [ 403.735984][T13921] ovl_mount+0x2d/0x40 [ 403.740043][T13921] ? ovl_own_xattr_set+0x10/0x10 [ 403.744984][T13921] legacy_get_tree+0x108/0x220 [ 403.750250][T13921] vfs_get_tree+0x8e/0x300 [ 403.754648][T13921] do_mount+0x142e/0x1cf0 [ 403.759047][T13921] ? copy_mount_string+0x40/0x40 [ 403.763987][T13921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.770222][T13921] ? copy_mount_options+0x2e8/0x3f0 [ 403.775465][T13921] ksys_mount+0xdb/0x150 [ 403.779704][T13921] __x64_sys_mount+0xbe/0x150 [ 403.784415][T13921] do_syscall_64+0xfa/0x760 [ 403.788927][T13921] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.795300][T13921] RIP: 0033:0x459a59 [ 403.799187][T13921] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 403.818787][T13921] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 403.827198][T13921] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 403.835164][T13921] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 403.843118][T13921] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 403.851070][T13921] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 403.859108][T13921] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 403.914566][ T1530] block nbd3: Receive control failed (result -22) [ 403.914572][ T9110] block nbd3: Receive control failed (result -22) [ 403.938097][T13918] block nbd3: shutting down sockets 05:02:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef0", 0x7a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:01 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$VIDIOC_QUERYSTD(r6, 0x8008563f, &(0x7f0000000000)) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_CLEAR_SOCK(r8, 0xab04) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) fsconfig$FSCONFIG_SET_FLAG(r10, 0x0, &(0x7f0000000040)='nolazytime\x00', 0x0, 0x0) 05:02:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0xfff, 0x108400) ioctl$RTC_WIE_ON(r1, 0x700f) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:01 executing program 1 (fault-call:3 fault-nth:65): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:01 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = add_key$user(&(0x7f0000000180)='user\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000000240), 0x0, 0xfffffffffffffffd) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, &(0x7f0000000280)='syzkaller\x00', &(0x7f00000002c0)=@builtin='builtin_trusted\x00') ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x9) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$apparmor_current(r8, &(0x7f0000000300)=@hat={'changehat ', 0x2, 0x5e, ['userwlan0mime_typecpuset+\x00', '/dev/nbd#\x00', 'syzkaller\x00', '\x00', 'syzkaller\x00', '\'.]\x00', '^self\x00', ':,(vmnet1\'[\x00', 'cpuset\x00']}, 0x73) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) ioctl$sock_SIOCGPGRP(r11, 0x8904, &(0x7f0000000040)) r12 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r12, 0xc080661a, &(0x7f00000000c0)={{0x2, 0x0, @descriptor="0120e7b3cde903ea"}}) ioctl$USBDEVFS_CLEAR_HALT(r8, 0x80045515, &(0x7f0000000000)={0xc, 0x1}) syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x108182) [ 405.773539][T13935] block nbd3: server does not support multiple connections per device. [ 405.794145][ T9110] block nbd2: Receive control failed (result -22) [ 405.803175][T13931] block nbd2: shutting down sockets [ 405.822314][T13938] FAULT_INJECTION: forcing a failure. [ 405.822314][T13938] name failslab, interval 1, probability 0, space 0, times 0 [ 405.832607][T13935] block nbd3: shutting down sockets [ 405.855486][T13938] CPU: 0 PID: 13938 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 405.864588][T13938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.874661][T13938] Call Trace: [ 405.877978][T13938] dump_stack+0x172/0x1f0 [ 405.882345][T13938] should_fail.cold+0xa/0x15 [ 405.886974][T13938] ? fault_create_debugfs_attr+0x180/0x180 [ 405.892787][T13938] ? ___might_sleep+0x163/0x2c0 [ 405.897671][T13938] __should_failslab+0x121/0x190 [ 405.902744][T13938] should_failslab+0x9/0x14 [ 405.907280][T13938] __kmalloc_track_caller+0x2dc/0x760 [ 405.913829][T13938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.920419][T13938] ? security_prepare_creds+0xf5/0x190 [ 405.925919][T13938] ? ovl_fill_super+0x262/0x4029 [ 405.930886][T13938] kstrdup+0x3a/0x70 [ 405.934921][T13938] ovl_fill_super+0x262/0x4029 [ 405.939715][T13938] ? register_shrinker_prepared+0x116/0x190 [ 405.945659][T13938] ? idr_replace+0x108/0x180 [ 405.950286][T13938] ? ovl_show_options+0x550/0x550 [ 405.955318][T13938] ? __kasan_check_write+0x14/0x20 [ 405.960456][T13938] ? register_shrinker_prepared+0x116/0x190 [ 405.966380][T13938] ? sget+0x12b/0x560 [ 405.972290][T13938] ? get_anon_bdev+0xc0/0xc0 [ 405.976922][T13938] ? ovl_show_options+0x550/0x550 [ 405.981948][T13938] mount_nodev+0x66/0x110 [ 405.986287][T13938] ovl_mount+0x2d/0x40 [ 405.990437][T13938] ? ovl_own_xattr_set+0x10/0x10 [ 405.995445][T13938] legacy_get_tree+0x108/0x220 [ 406.000206][T13938] vfs_get_tree+0x8e/0x300 [ 406.004612][T13938] do_mount+0x142e/0x1cf0 [ 406.008978][T13938] ? copy_mount_string+0x40/0x40 [ 406.013980][T13938] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.020259][T13938] ? copy_mount_options+0x2e8/0x3f0 [ 406.025468][T13938] ksys_mount+0xdb/0x150 [ 406.029750][T13938] __x64_sys_mount+0xbe/0x150 [ 406.034530][T13938] do_syscall_64+0xfa/0x760 [ 406.039033][T13938] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.044913][T13938] RIP: 0033:0x459a59 [ 406.048796][T13938] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 406.068388][T13938] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 406.076786][T13938] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 406.084752][T13938] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 406.092718][T13938] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 406.101141][T13938] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 406.109114][T13938] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:01 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b25", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:01 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) fdatasync(r2) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r3, 0xab03) 05:02:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef0", 0x7a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() ptrace$cont(0x20, r1, 0x2ebfcf31, 0x81) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000000c0)=ANY=[@ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRESDEC, @ANYRES32=0x0], @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:01 executing program 1 (fault-call:3 fault-nth:66): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 406.244222][ T9110] block nbd2: Receive control failed (result -22) [ 406.263962][T13948] block nbd2: shutting down sockets 05:02:01 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r11, @in6={{0xa, 0x4e23, 0x8000, @mcast2, 0x3}}, 0x6, 0x2}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r11, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r11, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r10, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r11, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_STATUS(r9, 0x84, 0xe, &(0x7f00000000c0)={r11, 0x0, 0x0, 0x1, 0x3ff, 0x3, 0x1, 0xff, {0x0, @in6={{0xa, 0x4e20, 0x1, @loopback, 0xffffffff}}, 0x5, 0x3ff, 0x3, 0x0, 0x9}}, &(0x7f0000000040)=0xb0) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r7, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r12, 0x48b9, 0x714e}, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r14 = dup(r13) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200) r17 = accept4$ax25(r16, 0x0, &(0x7f0000000000), 0x0) r18 = dup(r17) ioctl$PERF_EVENT_IOC_ENABLE(r18, 0x8912, 0x400200) openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x80000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r20 = dup(r19) ioctl$PERF_EVENT_IOC_ENABLE(r20, 0x8912, 0x400200) openat$vsock(0xffffffffffffff9c, &(0x7f0000000340)='/dev/vsock\x00', 0x8080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r22 = dup(r21) ioctl$PERF_EVENT_IOC_ENABLE(r22, 0x8912, 0x400200) r23 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/btrfs-control\x00', 0x0, 0x0) ioctl$NBD_SET_SOCK(r22, 0xab00, r23) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:01 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x4, 0x92239a126406ff3) getsockopt$TIPC_DEST_DROPPABLE(r3, 0x10f, 0x81, &(0x7f0000000040), &(0x7f00000000c0)=0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$NBD_DO_IT(r2, 0xab03) r5 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VHOST_SET_VRING_CALL(r5, 0x4008af21, &(0x7f0000000140)={0x0, r7}) 05:02:01 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b25", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 406.459909][T13968] FAULT_INJECTION: forcing a failure. [ 406.459909][T13968] name failslab, interval 1, probability 0, space 0, times 0 [ 406.490027][T13968] CPU: 1 PID: 13968 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 406.499132][T13968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.502127][ T9110] block nbd2: Receive control failed (result -22) [ 406.510165][T13968] Call Trace: [ 406.510206][T13968] dump_stack+0x172/0x1f0 [ 406.510232][T13968] should_fail.cold+0xa/0x15 [ 406.510251][T13968] ? fault_create_debugfs_attr+0x180/0x180 [ 406.510273][T13968] ? ___might_sleep+0x163/0x2c0 [ 406.510302][T13968] __should_failslab+0x121/0x190 [ 406.520312][T13968] should_failslab+0x9/0x14 [ 406.520326][T13968] __kmalloc_track_caller+0x2dc/0x760 [ 406.520349][T13968] ? ovl_fill_super+0xc34/0x4029 [ 406.529247][T13968] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 406.529265][T13968] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 406.529278][T13968] ? match_strdup+0x57/0x80 [ 406.529300][T13968] kmemdup_nul+0x31/0xa0 [ 406.540638][T13970] block nbd2: shutting down sockets [ 406.544880][T13968] match_strdup+0x57/0x80 [ 406.544899][T13968] ovl_fill_super+0xc3c/0x4029 [ 406.544916][T13968] ? register_shrinker_prepared+0x116/0x190 [ 406.544943][T13968] ? ovl_show_options+0x550/0x550 [ 406.605175][T13968] ? __kasan_check_write+0x14/0x20 05:02:01 executing program 0: r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f00000001c0)) getpgid(0xffffffffffffffff) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f00000001c0)) r2 = getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VIDIOC_DBG_G_REGISTER(r4, 0xc0385650, &(0x7f0000000000)={{0x1, @name="ea0d43b13184bf8f36bd35390c70c1d073d96a0f28f14960262eab473827bf68"}, 0x8, 0x6, 0x1}) prctl$PR_SET_PTRACER(0x59616d61, r2) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000000)=ANY=[], 0x0) ptrace$setopts(0x4206, r6, 0x0, 0x0) tkill(r6, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r8, 0xc0bc5351, &(0x7f0000000080)={0x5, 0x3, 'client0\x00', 0x2, "d781256f7f7fc962", "8f3be05b184a9874a62957500db4a1fa17aa31986001e8573eccc8d0a5ce5e38", 0x80000000, 0x7}) wait4(0x0, 0x0, 0x0, 0x0) [ 406.610353][T13968] ? register_shrinker_prepared+0x116/0x190 [ 406.616283][T13968] ? sget+0x12b/0x560 [ 406.620282][T13968] ? get_anon_bdev+0xc0/0xc0 [ 406.624886][T13968] ? ovl_show_options+0x550/0x550 [ 406.629919][T13968] mount_nodev+0x66/0x110 [ 406.634295][T13968] ovl_mount+0x2d/0x40 [ 406.638408][T13968] ? ovl_own_xattr_set+0x10/0x10 [ 406.643365][T13968] legacy_get_tree+0x108/0x220 [ 406.648264][T13968] vfs_get_tree+0x8e/0x300 [ 406.652714][T13968] do_mount+0x142e/0x1cf0 [ 406.657085][T13968] ? copy_mount_string+0x40/0x40 [ 406.662051][T13968] ? retint_kernel+0x2b/0x2b [ 406.666689][T13968] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.672957][T13968] ? copy_mount_options+0x2e8/0x3f0 [ 406.678185][T13968] ksys_mount+0xdb/0x150 [ 406.682457][T13968] __x64_sys_mount+0xbe/0x150 [ 406.687168][T13968] do_syscall_64+0xfa/0x760 [ 406.691700][T13968] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.697746][T13968] RIP: 0033:0x459a59 05:02:02 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) sched_getparam(r1, &(0x7f0000000080)) [ 406.701669][T13968] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 406.721290][T13968] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 406.729724][T13968] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 406.738233][T13968] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 406.746328][T13968] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:02:02 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) r2 = request_key(&(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000140)='ppp1-(proc\x00', 0xffffffffffffffff) keyctl$clear(0x7, r2) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = getpid() sched_setscheduler(r8, 0x5, &(0x7f00000001c0)) r9 = syz_open_procfs(r8, &(0x7f0000000000)='stack\x00') io_uring_register$IORING_REGISTER_EVENTFD(r7, 0x4, &(0x7f0000000040)=r9, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r3, 0xab03) 05:02:02 executing program 1 (fault-call:3 fault-nth:67): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 406.754419][T13968] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 406.754428][T13968] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 406.836327][ T9110] block nbd2: Receive control failed (result -22) [ 406.845532][T13983] block nbd2: shutting down sockets [ 406.870676][ T9110] block nbd3: Receive control failed (result -22) 05:02:02 executing program 2: syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) socket(0x4, 0x800, 0x1f) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) r4 = syz_open_dev$adsp(&(0x7f0000000140)='/dev/adsp#\x00', 0x8001, 0x109400) ioctl$NBD_SET_SOCK(r4, 0xab00, r3) r5 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x8000, 0x0) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r8, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}) ioctl$NBD_DO_IT(r5, 0xab03) [ 406.906687][T13975] block nbd3: shutting down sockets [ 406.996979][T13993] FAULT_INJECTION: forcing a failure. [ 406.996979][T13993] name failslab, interval 1, probability 0, space 0, times 0 [ 407.028449][T13993] CPU: 1 PID: 13993 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 407.037533][T13993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.047606][T13993] Call Trace: [ 407.050930][T13993] dump_stack+0x172/0x1f0 [ 407.055293][T13993] should_fail.cold+0xa/0x15 [ 407.059892][T13993] ? fault_create_debugfs_attr+0x180/0x180 [ 407.065692][T13993] ? ___might_sleep+0x163/0x2c0 [ 407.070574][T13993] __should_failslab+0x121/0x190 [ 407.075509][T13993] should_failslab+0x9/0x14 [ 407.079997][T13993] __kmalloc_track_caller+0x2dc/0x760 [ 407.085354][T13993] ? ovl_fill_super+0xb3b/0x4029 [ 407.090280][T13993] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 407.095807][T13993] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 407.101770][T13993] ? match_strdup+0x57/0x80 [ 407.106286][T13993] kmemdup_nul+0x31/0xa0 [ 407.110521][T13993] match_strdup+0x57/0x80 [ 407.114844][T13993] ovl_fill_super+0xb43/0x4029 [ 407.119604][T13993] ? register_shrinker_prepared+0x116/0x190 [ 407.125494][T13993] ? ovl_show_options+0x550/0x550 [ 407.130504][T13993] ? __kasan_check_write+0x14/0x20 [ 407.135606][T13993] ? register_shrinker_prepared+0x116/0x190 [ 407.141484][T13993] ? sget+0x12b/0x560 [ 407.145447][T13993] ? get_anon_bdev+0xc0/0xc0 [ 407.150022][T13993] ? ovl_show_options+0x550/0x550 [ 407.155029][T13993] mount_nodev+0x66/0x110 [ 407.159341][T13993] ovl_mount+0x2d/0x40 [ 407.163411][T13993] ? ovl_own_xattr_set+0x10/0x10 [ 407.168329][T13993] legacy_get_tree+0x108/0x220 [ 407.173088][T13993] vfs_get_tree+0x8e/0x300 [ 407.177489][T13993] do_mount+0x142e/0x1cf0 [ 407.181806][T13993] ? copy_mount_string+0x40/0x40 [ 407.186735][T13993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.192957][T13993] ? copy_mount_options+0x2e8/0x3f0 [ 407.198140][T13993] ksys_mount+0xdb/0x150 [ 407.202369][T13993] __x64_sys_mount+0xbe/0x150 [ 407.207741][T13993] do_syscall_64+0xfa/0x760 [ 407.212232][T13993] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.218107][T13993] RIP: 0033:0x459a59 [ 407.221988][T13993] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 05:02:02 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = dup(0xffffffffffffffff) r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x345100, 0x0) connect$pptp(r7, &(0x7f0000000040)={0x18, 0x2, {0x0, @remote}}, 0x1e) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 407.241574][T13993] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 407.249967][T13993] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 407.257933][T13993] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 407.265888][T13993] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 407.273852][T13993] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 407.282955][T13993] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 407.462144][ T9110] block nbd3: Receive control failed (result -22) [ 407.470242][ T9110] block nbd3: Receive control failed (result -22) [ 407.484089][T14002] block nbd3: shutting down sockets 05:02:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef0", 0x7a}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:04 executing program 2: syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r0 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getuid() mount$9p_unix(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='9p\x00', 0x4, &(0x7f0000000700)={'trans=unix,', {[{@afid={'afid', 0x3d, 0x81}}, {@cache_none='cache=none'}, {@privport='privport'}, {@access_user='access=user'}, {@access_user='access=user'}, {@posixacl='posixacl'}, {@version_L='version=9p2000.L'}, {@access_user='access=user'}, {@version_u='version=9p2000.u'}, {@loose='loose'}], [{@euid_eq={'euid', 0x3d, r2}}, {@dont_hash='dont_hash'}, {@fsuuid={'fsuuid', 0x3d, {[0x34, 0x38, 0x37, 0x38, 0x32, 0x33, 0x35, 0x61], 0x2d, [0x31, 0x39, 0x35, 0x35], 0x2d, [0x64, 0x31, 0x34, 0x66], 0x2d, [0xa0f5be4711c195dd, 0xc4, 0x63], 0x2d, [0x5b, 0x37, 0x32, 0x948708f5bb4974, 0x2, 0x31, 0x35, 0x61]}}}]}}) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, r0) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000200)={'filter\x00', 0x7, 0x4, 0x480, 0x258, 0x0, 0x258, 0x398, 0x398, 0x398, 0x4, &(0x7f0000000000), {[{{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @local, @rand_addr=0x3f, 0x4}}}, {{@uncond, 0xf0, 0x118}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x4, 0x7, 0x1}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @remote, @multicast1, 0xf, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x4d0) ioctl$NBD_DO_IT(r4, 0xab03) 05:02:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$UHID_GET_REPORT_REPLY(r3, &(0x7f0000000080)={0xa, 0x8, 0xdf, 0x1}, 0xa) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:04 executing program 1 (fault-call:3 fault-nth:68): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:04 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$SCSI_IOCTL_GET_IDLUN(r6, 0x5382, &(0x7f0000000000)) r7 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 409.355930][T14014] FAULT_INJECTION: forcing a failure. [ 409.355930][T14014] name failslab, interval 1, probability 0, space 0, times 0 [ 409.359218][T14017] 9pnet: p9_fd_create_unix (14017): problem connecting socket: ./file0: -2 [ 409.374016][T14014] CPU: 1 PID: 14014 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 409.386612][T14014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.396682][T14014] Call Trace: [ 409.400012][T14014] dump_stack+0x172/0x1f0 [ 409.404385][T14014] should_fail.cold+0xa/0x15 [ 409.408997][T14014] ? fault_create_debugfs_attr+0x180/0x180 [ 409.414817][T14014] ? ___might_sleep+0x163/0x2c0 [ 409.419858][T14014] __should_failslab+0x121/0x190 [ 409.424814][T14014] should_failslab+0x9/0x14 [ 409.429349][T14014] __kmalloc_track_caller+0x2dc/0x760 [ 409.433200][ T9110] block nbd3: Receive control failed (result -22) [ 409.434724][T14014] ? ovl_fill_super+0xbc5/0x4029 [ 409.434748][T14014] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 409.444268][ T9110] block nbd3: Receive control failed (result -22) [ 409.446183][T14014] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 409.446199][T14014] ? match_strdup+0x57/0x80 [ 409.446221][T14014] kmemdup_nul+0x31/0xa0 [ 409.458247][T14014] match_strdup+0x57/0x80 [ 409.458262][T14014] ovl_fill_super+0xbcd/0x4029 [ 409.458278][T14014] ? register_shrinker_prepared+0x116/0x190 [ 409.458306][T14014] ? ovl_show_options+0x550/0x550 [ 409.458323][T14014] ? __kasan_check_write+0x14/0x20 [ 409.458341][T14014] ? register_shrinker_prepared+0x116/0x190 [ 409.458358][T14014] ? sget+0x12b/0x560 [ 409.458377][T14014] ? get_anon_bdev+0xc0/0xc0 [ 409.494931][T14014] ? ovl_show_options+0x550/0x550 [ 409.494951][T14014] mount_nodev+0x66/0x110 [ 409.494964][T14014] ovl_mount+0x2d/0x40 [ 409.494976][T14014] ? ovl_own_xattr_set+0x10/0x10 [ 409.494991][T14014] legacy_get_tree+0x108/0x220 [ 409.495008][T14014] vfs_get_tree+0x8e/0x300 [ 409.495023][T14014] do_mount+0x142e/0x1cf0 [ 409.495044][T14014] ? copy_mount_string+0x40/0x40 [ 409.495068][T14014] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.517817][T14010] block nbd3: shutting down sockets [ 409.520704][T14014] ? copy_mount_options+0x2e8/0x3f0 [ 409.520725][T14014] ksys_mount+0xdb/0x150 [ 409.520742][T14014] __x64_sys_mount+0xbe/0x150 [ 409.520762][T14014] do_syscall_64+0xfa/0x760 [ 409.564310][T14014] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 409.564321][T14014] RIP: 0033:0x459a59 [ 409.564336][T14014] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 409.564343][T14014] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 409.564355][T14014] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 409.564362][T14014] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 409.564375][T14014] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 409.614009][T14014] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 05:02:04 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b25", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) pipe(&(0x7f0000000080)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000000c0)={0xfb0e, 0x4, 0x5, 0xffffffff, 0x0}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000140)={r3, 0x4, 0x5, 0x4}, &(0x7f0000000180)=0x10) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:04 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000200)=ANY=[@ANYBLOB="6e617400000000000000000020000000000000000000000000000000000000001b00000005000000f80400001001000020020000180300000000000010010000280400002804000028040000280400002804000005000000", @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB='\x00'/80], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800100100000000000000000000000000000000000000000000000048004e45544d4150000000000000000000000000000000000000000000000000264e9559ac141415000000000000000000000000ac1414bb0000000000000000000000004e2207000000000000000000000000000000000000000000000000000000000000000001f7ac9c97ffffff00ffffffff00000000ffffff00000000ffff000000000000ff65727370616e300000000000000000007465716c300000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000005e00330405000000000000000000000000000000c8001001000000000000000000000000000000000000000000000000480049444c4554494d45520000000000000000000000000000000000000000001900000073797a30000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f80000000000000000000000000000000000000000000000000030005345540000000000000000000000000000000000000000000000000000020008000100801b810100000005000000fe800000000000000000000000000021fe8000000000000000000000000000bb7fffffffff000000ffffff00ff000000000000ff000000ffffffff000000000076657468315f746f5f626f6e6400000076657468305f746f5f62726964676500000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000006700e70244000000000000000000000000000000c80010010000000000000000000000000000000000000000000000004800524544495245435400000000000000000000000000000000000000000000ee6f85ebe0000002000000000000000000000000ff01000000000000000000000000000100664e230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x558) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) r5 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) r8 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000880)) ioctl$NBD_SET_SOCK(r7, 0xab00, r8) ioctl$USBDEVFS_DISCSIGNAL(r1, 0x8010550e, &(0x7f0000000180)={0x6b, &(0x7f00000000c0)="adee3a9735c37f6583580c14567fdb9a96550278c129df8743804b9dbc2a8a0f5aee5a1c373315500ac6ed172a73118c4137bf05dabe851c703c4f450cb211d1f90701e49e20c2d589b7fc255c30e94fb5dbe846c1e00f98a35044e7d57ca63e503958696ed7f2f84a10c5dc2d894790946f6e950e660a96047386da744ecb2887385777efc7a939b09299131fba003fd03131a88ea5a95390"}) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r4, 0xab00, r5) ioctl$NBD_SET_FLAGS(r4, 0xab0a, 0x1ffffffff) openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000780)='/dev/dlm-monitor\x00', 0x80841, 0x0) ioctl$NBD_DO_IT(r4, 0xab03) getrusage(0x1, &(0x7f00000007c0)) 05:02:04 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000040)='(d\x01\x00\x01\x00\x00\x00\xd8\x8e', 0x0, 0x422080) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:04 executing program 1 (fault-call:3 fault-nth:69): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 409.614018][T14014] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:05 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) mbind(&(0x7f0000ff1000/0xe000)=nil, 0xe000, 0x1, &(0x7f0000000000)=0x7, 0x7ff, 0x3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) times(&(0x7f00000000c0)) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:05 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, &(0x7f0000000200)={0x3, {{0x2, 0x4e23, @loopback}}, 0x2, 0x8, [{{0x2, 0x4e21, @local}}, {{0x2, 0x4e21, @rand_addr=0x9}}, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2b}}}, {{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xe}}}, {{0x2, 0x4e21, @remote}}, {{0x2, 0x4e22, @local}}, {{0x2, 0x4e24, @rand_addr=0x7}}, {{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, 0x490) [ 409.923377][T14045] FAULT_INJECTION: forcing a failure. [ 409.923377][T14045] name failslab, interval 1, probability 0, space 0, times 0 [ 409.937186][ T1530] block nbd3: Receive control failed (result -22) [ 409.937192][ T9110] block nbd3: Receive control failed (result -22) [ 409.952170][T14044] block nbd3: shutting down sockets [ 409.991490][T14045] CPU: 0 PID: 14045 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 410.000566][T14045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.010707][T14045] Call Trace: [ 410.014171][T14045] dump_stack+0x172/0x1f0 [ 410.018536][T14045] should_fail.cold+0xa/0x15 [ 410.023116][T14045] ? fault_create_debugfs_attr+0x180/0x180 [ 410.028926][T14045] ? ___might_sleep+0x163/0x2c0 [ 410.033855][T14045] __should_failslab+0x121/0x190 [ 410.038781][T14045] should_failslab+0x9/0x14 [ 410.043471][T14045] __kmalloc_track_caller+0x2dc/0x760 [ 410.048827][T14045] ? __kmalloc_track_caller+0x5f8/0x760 [ 410.054366][T14045] ? ovl_fill_super+0xbc5/0x4029 [ 410.059286][T14045] ? ovl_mount_dir+0x2a/0x1d0 [ 410.063949][T14045] kstrdup+0x3a/0x70 [ 410.067828][T14045] ovl_mount_dir+0x2a/0x1d0 [ 410.072322][T14045] ovl_fill_super+0x9e3/0x4029 [ 410.077107][T14045] ? register_shrinker_prepared+0x116/0x190 [ 410.083022][T14045] ? ovl_show_options+0x550/0x550 [ 410.088044][T14045] ? __kasan_check_write+0x14/0x20 [ 410.093152][T14045] ? register_shrinker_prepared+0x116/0x190 [ 410.099038][T14045] ? sget+0x12b/0x560 [ 410.103006][T14045] ? get_anon_bdev+0xc0/0xc0 [ 410.107582][T14045] ? ovl_show_options+0x550/0x550 [ 410.112624][T14045] mount_nodev+0x66/0x110 [ 410.117123][T14045] ovl_mount+0x2d/0x40 [ 410.121317][T14045] ? ovl_own_xattr_set+0x10/0x10 [ 410.126257][T14045] legacy_get_tree+0x108/0x220 [ 410.131028][T14045] vfs_get_tree+0x8e/0x300 [ 410.135453][T14045] do_mount+0x142e/0x1cf0 [ 410.139781][T14045] ? copy_mount_string+0x40/0x40 [ 410.144802][T14045] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.151127][T14045] ? copy_mount_options+0x2e8/0x3f0 [ 410.156330][T14045] ksys_mount+0xdb/0x150 [ 410.160560][T14045] __x64_sys_mount+0xbe/0x150 [ 410.165225][T14045] do_syscall_64+0xfa/0x760 [ 410.169728][T14045] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.178654][T14045] RIP: 0033:0x459a59 [ 410.182533][T14045] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 410.202119][T14045] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 410.210514][T14045] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 410.218489][T14045] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 410.227357][T14045] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 410.235323][T14045] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 410.244065][T14045] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 410.279927][ T1530] block nbd2: Receive control failed (result -22) [ 410.289361][T14051] block nbd2: shutting down sockets 05:02:07 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30", 0x8e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:07 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$DRM_IOCTL_GET_UNIQUE(r6, 0xc0106401, &(0x7f0000000000)={0x1000, &(0x7f0000000200)=""/4096}) r7 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_SET_FILTER(r9, 0x40082406, &(0x7f0000000040)='/dev/nbd#\x00') ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) setsockopt$inet_sctp_SCTP_NODELAY(r6, 0x84, 0x3, &(0x7f00000000c0)=0x1, 0x4) 05:02:07 executing program 1 (fault-call:3 fault-nth:70): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:07 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) signalfd(r3, &(0x7f0000000000)={0x8}, 0x8) ioctl$NBD_DO_IT(r2, 0xab03) [ 412.403828][ T1530] block nbd3: Receive control failed (result -22) [ 412.407808][T14064] FAULT_INJECTION: forcing a failure. [ 412.407808][T14064] name failslab, interval 1, probability 0, space 0, times 0 [ 412.411899][ T1530] block nbd3: Receive control failed (result -22) [ 412.432169][T14064] CPU: 1 PID: 14064 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 412.441306][T14064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.451937][T14064] Call Trace: [ 412.455892][T14064] dump_stack+0x172/0x1f0 [ 412.460317][T14064] should_fail.cold+0xa/0x15 [ 412.465531][T14064] ? fault_create_debugfs_attr+0x180/0x180 [ 412.473073][T14064] ? ___might_sleep+0x163/0x2c0 [ 412.478577][T14064] __should_failslab+0x121/0x190 [ 412.484661][T14064] should_failslab+0x9/0x14 [ 412.490882][T14064] kmem_cache_alloc+0x2aa/0x710 [ 412.496255][T14064] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 412.502213][T14064] getname_kernel+0x53/0x370 [ 412.506818][T14064] kern_path+0x20/0x40 [ 412.510921][T14064] ovl_mount_dir_noesc+0x6c/0x180 [ 412.516108][T14064] ovl_mount_dir+0x10a/0x1d0 [ 412.520686][T14064] ovl_fill_super+0x9e3/0x4029 [ 412.525437][T14064] ? register_shrinker_prepared+0x116/0x190 [ 412.531325][T14064] ? ovl_show_options+0x550/0x550 [ 412.536338][T14064] ? __kasan_check_write+0x14/0x20 [ 412.541454][T14064] ? register_shrinker_prepared+0x116/0x190 [ 412.547509][T14064] ? sget+0x12b/0x560 [ 412.551685][T14064] ? get_anon_bdev+0xc0/0xc0 [ 412.556287][T14064] ? ovl_show_options+0x550/0x550 [ 412.561322][T14064] mount_nodev+0x66/0x110 [ 412.565672][T14064] ovl_mount+0x2d/0x40 [ 412.569752][T14064] ? ovl_own_xattr_set+0x10/0x10 [ 412.574776][T14064] legacy_get_tree+0x108/0x220 [ 412.579532][T14064] vfs_get_tree+0x8e/0x300 [ 412.584454][T14064] do_mount+0x142e/0x1cf0 [ 412.588771][T14064] ? copy_mount_string+0x40/0x40 [ 412.593710][T14064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.599933][T14064] ? copy_mount_options+0x2e8/0x3f0 [ 412.605120][T14064] ksys_mount+0xdb/0x150 [ 412.610141][T14064] __x64_sys_mount+0xbe/0x150 [ 412.614811][T14064] do_syscall_64+0xfa/0x760 [ 412.619315][T14064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.625188][T14064] RIP: 0033:0x459a59 [ 412.629081][T14064] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 412.649467][T14064] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 412.657887][T14064] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 412.665853][T14064] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 412.673806][T14064] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 412.681762][T14064] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 412.689741][T14064] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 412.700271][T14058] block nbd3: shutting down sockets 05:02:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=ANY=[@ANYRESDEC, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 412.708990][ T1530] block nbd2: Receive control failed (result -22) [ 412.716512][T14064] overlayfs: failed to resolve './file0': -12 05:02:08 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504", 0xa1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 412.753287][T14060] block nbd2: shutting down sockets 05:02:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000000)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3b) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$inet_tcp_int(r4, 0x6, 0x19, &(0x7f0000000000), &(0x7f0000000040)=0x4) wait4(0x0, 0x0, 0x0, 0x0) 05:02:08 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_GET_REGS(r4, 0x8090ae81, &(0x7f0000000100)) syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x3, 0x38102) r5 = dup(r1) ioctl$RTC_WIE_OFF(0xffffffffffffffff, 0x7010) r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2002, 0x0) ioctl$VIDIOC_S_SELECTION(r6, 0xc040565f, &(0x7f00000000c0)={0x3, 0x100, 0x839459c31dd2ee75, {0x6, 0x2336, 0x401, 0x40}}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000080)=ANY=[@ANYRESDEC=r7, @ANYRES64=0x0], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:08 executing program 1 (fault-call:3 fault-nth:71): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:08 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:08 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x4000, 0x0) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f00000000c0)=0x3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f0000000200)={0xe, @vbi={0x3, 0x5, 0x3, 0x31303453, [0xce, 0xd919], [0x4, 0x2], 0x1}}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) write$cgroup_subtree(r5, &(0x7f0000000000)={[{0x2b, 'io'}, {0x2d, 'pids'}]}, 0xa) [ 413.139960][T14090] block nbd2: shutting down sockets [ 413.209525][T14097] FAULT_INJECTION: forcing a failure. [ 413.209525][T14097] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 413.223040][T14097] CPU: 1 PID: 14097 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 413.232525][T14097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.242683][T14097] Call Trace: [ 413.246015][T14097] dump_stack+0x172/0x1f0 [ 413.250464][T14097] should_fail.cold+0xa/0x15 [ 413.255078][T14097] ? fault_create_debugfs_attr+0x180/0x180 [ 413.260917][T14097] ? __kasan_check_read+0x11/0x20 [ 413.266230][T14097] ? __lock_acquire+0x16f2/0x4a00 [ 413.272141][T14097] ? ovl_mount+0x2d/0x40 [ 413.276956][T14097] should_fail_alloc_page+0x50/0x60 [ 413.282258][T14097] __alloc_pages_nodemask+0x1a1/0x910 [ 413.288210][T14097] ? fs_reclaim_release+0xf/0x30 [ 413.293595][T14097] ? __alloc_pages_slowpath+0x2920/0x2920 [ 413.299589][T14097] ? fs_reclaim_release+0xf/0x30 [ 413.305538][T14097] ? fault_create_debugfs_attr+0x180/0x180 [ 413.312345][T14097] cache_grow_begin+0x90/0xd00 [ 413.318024][T14097] ? trace_hardirqs_off+0x62/0x240 [ 413.325076][T14097] kmem_cache_alloc+0x64e/0x710 [ 413.332724][T14097] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 413.332749][T14097] getname_kernel+0x53/0x370 [ 413.332767][T14097] kern_path+0x20/0x40 [ 413.332785][T14097] ovl_mount_dir_noesc+0x6c/0x180 [ 413.343532][T14097] ovl_mount_dir+0x10a/0x1d0 [ 413.343550][T14097] ovl_fill_super+0x9e3/0x4029 [ 413.343567][T14097] ? register_shrinker_prepared+0x116/0x190 [ 413.343593][T14097] ? ovl_show_options+0x550/0x550 [ 413.343614][T14097] ? __kasan_check_write+0x14/0x20 [ 413.354553][ T1530] block nbd2: Receive control failed (result -22) [ 413.359013][T14097] ? register_shrinker_prepared+0x116/0x190 [ 413.359035][T14097] ? sget+0x12b/0x560 [ 413.359047][T14097] ? get_anon_bdev+0xc0/0xc0 [ 413.359066][T14097] ? ovl_show_options+0x550/0x550 [ 413.370555][T14097] mount_nodev+0x66/0x110 [ 413.370574][T14097] ovl_mount+0x2d/0x40 [ 413.370586][T14097] ? ovl_own_xattr_set+0x10/0x10 [ 413.370609][T14097] legacy_get_tree+0x108/0x220 [ 413.399102][T14097] vfs_get_tree+0x8e/0x300 [ 413.399122][T14097] do_mount+0x142e/0x1cf0 [ 413.413641][T14097] ? copy_mount_string+0x40/0x40 [ 413.413671][T14097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.413683][T14097] ? copy_mount_options+0x2e8/0x3f0 [ 413.413702][T14097] ksys_mount+0xdb/0x150 [ 413.413719][T14097] __x64_sys_mount+0xbe/0x150 [ 413.413739][T14097] do_syscall_64+0xfa/0x760 [ 413.413761][T14097] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 413.413778][T14097] RIP: 0033:0x459a59 [ 413.477670][T14097] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 413.479161][T14098] block nbd2: shutting down sockets [ 413.497462][T14097] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 413.497476][T14097] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 413.497483][T14097] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 413.497491][T14097] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 413.497503][T14097] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 413.497511][T14097] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 413.511511][T14097] overlayfs: conflicting lowerdir path 05:02:10 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30", 0x8e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:10 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x400, 0x0) ioctl$PPPIOCCONNECT(r3, 0x4004743a, &(0x7f0000000040)=0x4) r4 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket(0x200000000000011, 0x3, 0x0) setsockopt$packet_int(r9, 0x107, 0x14, &(0x7f0000000180)=0x3, 0x4) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000040)={'vxcan1\x00', 0x0}) bind$packet(r9, &(0x7f0000000000)={0x11, 0x0, r10, 0x1, 0x0, 0x6, @random="65ed59501ed8"}, 0x14) sendmmsg(r9, &(0x7f0000000d00), 0x400004e, 0x0) r11 = syz_genetlink_get_family_id$nbd(&(0x7f0000000200)='nbd\x00') sendmsg$NBD_CMD_RECONFIGURE(r9, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x74, r11, 0x7f2f57ba7131d55a, 0x70bd25, 0x25dfdbff, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x10019272d9f43245}, @NBD_ATTR_SOCKETS={0xc, 0x7, [{0x8}]}, @NBD_ATTR_SIZE_BYTES={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x3}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x74}, 0x1, 0x0, 0x0, 0x24000020}, 0xc010) r12 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x400000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r14 = dup(r13) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r18 = dup(r17) ioctl$PERF_EVENT_IOC_ENABLE(r18, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r20 = dup(r19) ioctl$PERF_EVENT_IOC_ENABLE(r20, 0x8912, 0x400200) sendmsg$NBD_CMD_STATUS(r8, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r11, @ANYBLOB="200b2dbd7000fcdbdf25050000000c00080000800000000000000c000800e3d80000000000004c00070008000100", @ANYRES32=r12, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="08000100", @ANYRES32=r16, @ANYBLOB="08000100", @ANYRES32=r18, @ANYBLOB="080001ac2ddd49ec40e9738fb3cafa250554a742b6dc9d7bc3bd4ec1ef00a04db33f1006839da4c508f8d1ddee742c6af20c05955fbf8201ed73864b5c11cdebf378bff4e108222db121050e3c0000000000000000", @ANYRES32, @ANYBLOB="08000100", @ANYRES32=r20, @ANYBLOB="08000100", @ANYRES32=r1, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100000000000c0002000300000000000000"], 0x8c}, 0x1, 0x0, 0x0, 0x20000000}, 0x810) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r22 = dup(r21) ioctl$PERF_EVENT_IOC_ENABLE(r22, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:10 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="d52ca636816d047c0075f8b8660afc21b06100000047e225000000009abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a6952f36def66ee2acdd00a49d5c8c3d080022757432dc10"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:10 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000000)=0x1, 0x4) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:10 executing program 1 (fault-call:3 fault-nth:72): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 415.465185][T14113] FAULT_INJECTION: forcing a failure. [ 415.465185][T14113] name failslab, interval 1, probability 0, space 0, times 0 [ 415.478853][ T1530] block nbd2: Receive control failed (result -22) [ 415.500172][T14110] block nbd2: shutting down sockets [ 415.519490][ T1530] block nbd3: Receive control failed (result -22) [ 415.526586][ T9110] block nbd3: Receive control failed (result -22) [ 415.537763][T14112] block nbd3: shutting down sockets [ 415.545324][T14113] CPU: 0 PID: 14113 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 415.554644][T14113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.564794][T14113] Call Trace: [ 415.568096][T14113] dump_stack+0x172/0x1f0 [ 415.572463][T14113] should_fail.cold+0xa/0x15 [ 415.577076][T14113] ? fault_create_debugfs_attr+0x180/0x180 [ 415.582908][T14113] ? ___might_sleep+0x163/0x2c0 [ 415.587784][T14113] __should_failslab+0x121/0x190 [ 415.592734][T14113] ? ovl_destroy_inode+0x120/0x120 [ 415.597837][T14113] should_failslab+0x9/0x14 [ 415.602324][T14113] kmem_cache_alloc+0x2aa/0x710 [ 415.607161][T14113] ? _raw_spin_unlock+0x28/0x40 [ 415.612002][T14113] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 415.618227][T14113] ? ilookup5_nowait+0xaa/0xc0 [ 415.622977][T14113] ? ovl_destroy_inode+0x120/0x120 [ 415.628070][T14113] ? ovl_get_redirect_xattr.cold+0x1a/0x1a [ 415.633859][T14113] ovl_alloc_inode+0x1c/0x190 [ 415.638532][T14113] alloc_inode+0x68/0x1e0 [ 415.642855][T14113] iget5_locked+0x63/0xe0 [ 415.647166][T14113] ? ovl_inode_test+0x50/0x50 [ 415.651837][T14113] ovl_get_trap_inode+0xb5/0x1f0 [ 415.656761][T14113] ovl_setup_trap+0x29/0xc0 [ 415.661767][T14113] ovl_fill_super+0xdfb/0x4029 [ 415.666525][T14113] ? register_shrinker_prepared+0x116/0x190 [ 415.672408][T14113] ? ovl_show_options+0x550/0x550 [ 415.677415][T14113] ? __kasan_check_write+0x14/0x20 [ 415.682517][T14113] ? register_shrinker_prepared+0x116/0x190 [ 415.688393][T14113] ? sget+0x12b/0x560 [ 415.692362][T14113] ? get_anon_bdev+0xc0/0xc0 [ 415.696956][T14113] ? ovl_show_options+0x550/0x550 [ 415.701988][T14113] mount_nodev+0x66/0x110 [ 415.706316][T14113] ovl_mount+0x2d/0x40 [ 415.710378][T14113] ? ovl_own_xattr_set+0x10/0x10 [ 415.715309][T14113] legacy_get_tree+0x108/0x220 [ 415.720059][T14113] vfs_get_tree+0x8e/0x300 [ 415.724468][T14113] do_mount+0x142e/0x1cf0 [ 415.728784][T14113] ? __this_cpu_preempt_check+0x35/0x190 [ 415.735359][T14113] ? copy_mount_string+0x40/0x40 [ 415.740291][T14113] ? copy_mount_options+0x238/0x3f0 [ 415.745475][T14113] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.751697][T14113] ? copy_mount_options+0x2e8/0x3f0 [ 415.756886][T14113] ksys_mount+0xdb/0x150 [ 415.761113][T14113] __x64_sys_mount+0xbe/0x150 [ 415.765781][T14113] do_syscall_64+0xfa/0x760 [ 415.770281][T14113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 415.776157][T14113] RIP: 0033:0x459a59 [ 415.780038][T14113] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 415.799622][T14113] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 415.808100][T14113] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 415.816053][T14113] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 415.824004][T14113] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 415.831972][T14113] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 415.839925][T14113] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:11 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504", 0xa1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000140)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900400047e2252eb7882b9abb2a2f9f00c3030000000000000089dad069001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc10000000009741d18a312b8c90b512ef640f49af6667043761da737911a5d6233e3ddb922eb7f208347d3f975cf873a5e138a6bf682605e10b2090d9177678cddf485586b8c66d6af8d196aefb7ce53bd20fa7f3c621267b63e93022d03ed20728ab35c37ae70e0fbc285b8a76d28a22eed38c6b95d56c9f87ebf573de4caaae866bc7ec7eb26a0d019f32930cf16be1cde8d758e57186cb5017ede5e4af480f7fff2f63e1da0a0349b8fd26646704b8124b89f586c639027166cfe141c20881c9e4914f10d4f05cb6c8474f0f26821f9d4ca50378cd52"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:11 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x7, 0x1000) ioctl$VIDIOC_S_AUDIO(r5, 0x40345622, &(0x7f0000000040)={0x9, "74e431f1104c32550f7c936d39f3d302e774b3cb5bc06bf4d252a5036a62d8df", 0x0, 0x1}) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:11 executing program 1 (fault-call:3 fault-nth:73): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:11 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) socket$rxrpc(0x21, 0x2, 0xa) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:11 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESOCT], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) r7 = getpid() sched_setscheduler(r7, 0x5, &(0x7f00000001c0)) wait4(r7, 0x0, 0x0, 0x0) [ 416.072267][T14136] FAULT_INJECTION: forcing a failure. [ 416.072267][T14136] name failslab, interval 1, probability 0, space 0, times 0 [ 416.098862][ T1530] block nbd3: Receive control failed (result -22) [ 416.104889][T14129] block nbd2: shutting down sockets [ 416.105691][ T9110] block nbd3: Receive control failed (result -22) 05:02:11 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$cgroup_ro(r3, &(0x7f00000000c0)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000100)={0x2, 0x70, 0x1, 0x0, 0x1, 0x3f, 0x0, 0x1007f1e, 0xb3c86, 0x4, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x19}, 0x2004a, 0x3, 0x80, 0x9, 0x7ff, 0x7fffffff, 0x5}) ioctl$TUNSETVNETHDRSZ(r4, 0x400454d8, &(0x7f0000000040)) r5 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$NBD_DO_IT(r5, 0xab03) [ 416.124845][T14134] block nbd3: shutting down sockets [ 416.141579][T14136] CPU: 1 PID: 14136 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 416.150655][T14136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.160703][T14136] Call Trace: [ 416.163995][T14136] dump_stack+0x172/0x1f0 [ 416.168317][T14136] should_fail.cold+0xa/0x15 [ 416.172908][T14136] ? fault_create_debugfs_attr+0x180/0x180 [ 416.178706][T14136] ? ___might_sleep+0x163/0x2c0 [ 416.183545][T14136] __should_failslab+0x121/0x190 [ 416.188495][T14136] should_failslab+0x9/0x14 [ 416.192980][T14136] kmem_cache_alloc+0x2aa/0x710 [ 416.197814][T14136] ? wake_bit_function+0x170/0x170 [ 416.202915][T14136] alloc_vfsmnt+0x28/0x680 [ 416.207314][T14136] clone_mnt+0x71/0xfd0 [ 416.211625][T14136] ? unlock_new_inode+0xfa/0x140 [ 416.216552][T14136] clone_private_mount+0xba/0x100 [ 416.221560][T14136] ovl_fill_super+0xe1d/0x4029 [ 416.226304][T14136] ? register_shrinker_prepared+0x116/0x190 [ 416.232449][T14136] ? ovl_show_options+0x550/0x550 [ 416.237460][T14136] ? __kasan_check_write+0x14/0x20 [ 416.242554][T14136] ? register_shrinker_prepared+0x116/0x190 [ 416.248432][T14136] ? sget+0x12b/0x560 [ 416.252393][T14136] ? get_anon_bdev+0xc0/0xc0 [ 416.256965][T14136] ? ovl_show_options+0x550/0x550 [ 416.261975][T14136] mount_nodev+0x66/0x110 [ 416.266290][T14136] ovl_mount+0x2d/0x40 [ 416.270338][T14136] ? ovl_own_xattr_set+0x10/0x10 [ 416.275432][T14136] legacy_get_tree+0x108/0x220 [ 416.280180][T14136] vfs_get_tree+0x8e/0x300 [ 416.284582][T14136] do_mount+0x142e/0x1cf0 [ 416.288898][T14136] ? copy_mount_string+0x40/0x40 [ 416.293823][T14136] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.300047][T14136] ? copy_mount_options+0x2e8/0x3f0 [ 416.305228][T14136] ksys_mount+0xdb/0x150 [ 416.309454][T14136] __x64_sys_mount+0xbe/0x150 [ 416.314117][T14136] do_syscall_64+0xfa/0x760 [ 416.318607][T14136] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 416.324481][T14136] RIP: 0033:0x459a59 [ 416.328384][T14136] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 416.347968][T14136] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 416.356372][T14136] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 416.364327][T14136] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 416.372280][T14136] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 416.380230][T14136] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 416.388182][T14136] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 416.411907][T14136] overlayfs: failed to clone upperpath [ 416.532238][T14147] block nbd2: shutting down sockets 05:02:13 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30", 0x8e}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:13 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x100000) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:13 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = shmget$private(0x0, 0x1000, 0x54001800, &(0x7f0000fff000/0x1000)=nil) shmat(r2, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffffff) r3 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r4, 0x0) r5 = getgid() getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}}}, &(0x7f00000001c0)=0xe8) r7 = getgid() shmctl$IPC_SET(r2, 0x1, &(0x7f0000000200)={{0x6, r4, r5, r6, r7, 0x44, 0xbe03}, 0x0, 0xcc, 0x4, 0x8001, 0x0, 0x0, 0xfffa}) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) r8 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/btrfs-control\x00', 0x1f57c2, 0x0) ioctl$DRM_IOCTL_GET_STATS(r8, 0x80f86406, &(0x7f00000002c0)=""/172) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000080)=[@timestamp, @window={0x3, 0x2}, @mss={0x2, 0x2}, @timestamp], 0x4) 05:02:13 executing program 1 (fault-call:3 fault-nth:74): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:13 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000040)={0x0, r3, 0x3f, 0x1f, 0x0, 0x100}) r5 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 418.516318][ T26] audit: type=1800 audit(1571202133.786:41): pid=14162 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 [ 418.517685][T14161] FAULT_INJECTION: forcing a failure. [ 418.517685][T14161] name failslab, interval 1, probability 0, space 0, times 0 [ 418.549834][ T9110] block nbd3: Receive control failed (result -22) [ 418.556800][ T1530] block nbd3: Receive control failed (result -22) [ 418.564939][ T9110] block nbd2: Receive control failed (result -22) [ 418.572993][T14161] CPU: 0 PID: 14161 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 418.582031][T14161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.592095][T14161] Call Trace: [ 418.592125][T14161] dump_stack+0x172/0x1f0 [ 418.592148][T14161] should_fail.cold+0xa/0x15 [ 418.592168][T14161] ? fault_create_debugfs_attr+0x180/0x180 [ 418.592187][T14161] ? ___might_sleep+0x163/0x2c0 [ 418.592209][T14161] __should_failslab+0x121/0x190 [ 418.619956][T14161] should_failslab+0x9/0x14 [ 418.624448][T14161] kmem_cache_alloc+0x2aa/0x710 [ 418.629289][T14161] ? wake_bit_function+0x170/0x170 [ 418.634389][T14161] alloc_vfsmnt+0x28/0x680 [ 418.638788][T14161] clone_mnt+0x71/0xfd0 [ 418.642930][T14161] ? unlock_new_inode+0xfa/0x140 [ 418.647855][T14161] clone_private_mount+0xba/0x100 [ 418.652865][T14161] ovl_fill_super+0xe1d/0x4029 [ 418.657610][T14161] ? register_shrinker_prepared+0x116/0x190 [ 418.663498][T14161] ? ovl_show_options+0x550/0x550 [ 418.668507][T14161] ? __kasan_check_write+0x14/0x20 [ 418.673605][T14161] ? register_shrinker_prepared+0x116/0x190 [ 418.680005][T14161] ? sget+0x12b/0x560 [ 418.683973][T14161] ? get_anon_bdev+0xc0/0xc0 [ 418.688548][T14161] ? ovl_show_options+0x550/0x550 [ 418.693568][T14161] mount_nodev+0x66/0x110 [ 418.697968][T14161] ovl_mount+0x2d/0x40 [ 418.702020][T14161] ? ovl_own_xattr_set+0x10/0x10 [ 418.706962][T14161] legacy_get_tree+0x108/0x220 [ 418.711710][T14161] vfs_get_tree+0x8e/0x300 [ 418.716979][T14161] do_mount+0x142e/0x1cf0 [ 418.721296][T14161] ? copy_mount_string+0x40/0x40 [ 418.726222][T14161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.732463][T14161] ? copy_mount_options+0x2e8/0x3f0 [ 418.737820][T14161] ksys_mount+0xdb/0x150 [ 418.742046][T14161] __x64_sys_mount+0xbe/0x150 [ 418.746729][T14161] do_syscall_64+0xfa/0x760 [ 418.751220][T14161] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 418.757096][T14161] RIP: 0033:0x459a59 [ 418.761061][T14161] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 418.780644][T14161] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 418.789034][T14161] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 418.796988][T14161] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 418.804943][T14161] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 418.812896][T14161] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 418.820848][T14161] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 418.829754][T14161] overlayfs: failed to clone upperpath [ 418.834806][T14154] block nbd3: shutting down sockets [ 418.841089][T14157] block nbd2: shutting down sockets 05:02:14 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504", 0xa1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:14 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e29fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2ac2224b2ea3791beb37cfa415dfd8a9eee329d5c8c3d080022757432dc10"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:14 executing program 1 (fault-call:3 fault-nth:75): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:14 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_RAWMIDI_IOCTL_DRAIN(r3, 0x40045731, &(0x7f0000000000)=0x10000) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_DO_IT(r4, 0xab03) 05:02:14 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r5) ioctl$FS_IOC_GETVERSION(r5, 0x80087601, &(0x7f0000000000)) r6 = socket(0x1, 0x1, 0x0) ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, &(0x7f00000000c0)={0x5, 0x2, @start={0x3f, 0x1}}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r6) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) r11 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/btrfs-control\x00', 0x100000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r11, 0x40a85323, &(0x7f0000000200)={{0xf3, 0x1}, 'port1\x00', 0x10, 0x1a, 0x800, 0x3f, 0x1200000, 0x20, 0xbd, 0x0, 0x8, 0x9}) openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/btrfs-control\x00', 0x4040, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$USBDEVFS_REAPURB(r10, 0x4008550c, &(0x7f0000000140)) ioctl$TCSETA(r8, 0x5406, &(0x7f0000000040)={0x1, 0x5b, 0x1c00, 0x9, 0xc, 0x75, 0x9, 0x1, 0x3b800e30, 0x2}) 05:02:14 executing program 0: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_MP_STATE(r1, 0x4004ae99, &(0x7f0000000000)=0x5) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f0000000100)={'netdevsim0\x00', {0x2, 0x4e23, @local}}) r3 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21beacf4eb29a1f11a5fb7882b9abb2a2f9fd2399e0400973cfffff6f4c009373b7312e1d84046b75836fe002b0000000089dae769001499a8d1b3a4952336def66ee2acdd00a49d5c8c3d080022757432dc1000000000970768d0a94fe00d06a1104c5ba0a647728cafeef3dc85c72a80576f1ef9d58b77e9c361850cc282262776a59df1c12142ce3ac4e41e44c94ede6ebe1fec2d7af3333e90f450a4843ce744a803bd007e5a33aeee2fc186c2d46041a2487ec309a39c1ec7b44a3adc6349ef8f44fcb964a524a4093178dda2df4b3e502713274e38094c5e5324e51eac80de9db723e5ef1ed48d1fe3e552e37ff95af2f2bc2fbbbaa6ce64e7f1e32141248c241396f5a3e43436873297d95ad73a00fc63c7bb4138e430a2ac8534b7881ffb70df927cb447b25ed50d8464e76a6e0c9957d782dd74d163c41d55243020312f"], 0x2) ptrace$setopts(0x4206, r3, 0x0, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x10000, 0x0) ioctl$USBDEVFS_DISCSIGNAL(r4, 0x8010550e, &(0x7f0000000200)={0xfffffffc, &(0x7f0000000140)="e781ba4ed115aa3dd4ff544ab80d6555f8a056b005f8922beccd6958ee72295418f2216add1057038873e76ffb763a9de7a2c1c16afaf8447f4a209b4e34bb4815eaebaaeb82f7dab908"}) tkill(r3, 0x5) wait4(0x0, 0x0, 0x0, 0x0) r5 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x6, 0x4000) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r9, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r9, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r9, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r8, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r9, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r7, 0x84, 0x6, &(0x7f0000000440)={r9, @in6={{0xa, 0x4e23, 0x9, @mcast1, 0xfffff800}}}, &(0x7f0000000240)=0x84) ioctl$KVM_S390_UCAS_UNMAP(r5, 0x4018ae51, &(0x7f00000000c0)={0x5, 0x323, 0x8}) [ 419.097832][T14178] FAULT_INJECTION: forcing a failure. [ 419.097832][T14178] name failslab, interval 1, probability 0, space 0, times 0 [ 419.127149][ T9110] block nbd3: Receive control failed (result -22) [ 419.133981][ T1530] block nbd3: Receive control failed (result -22) [ 419.149663][T14173] block nbd3: shutting down sockets [ 419.157100][T14175] block nbd2: shutting down sockets [ 419.171644][T14178] CPU: 0 PID: 14178 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 419.180695][T14178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.191449][T14178] Call Trace: [ 419.194763][T14178] dump_stack+0x172/0x1f0 [ 419.199117][T14178] should_fail.cold+0xa/0x15 [ 419.203719][T14178] ? fault_create_debugfs_attr+0x180/0x180 [ 419.203745][T14178] ? ___might_sleep+0x163/0x2c0 [ 419.214396][T14178] __should_failslab+0x121/0x190 [ 419.219346][T14178] should_failslab+0x9/0x14 [ 419.223848][T14178] __kmalloc_track_caller+0x2dc/0x760 [ 419.229238][T14178] ? lock_downgrade+0x920/0x920 [ 419.234103][T14178] ? rwlock_bug.part.0+0x90/0x90 [ 419.239113][T14178] ? ovl_mount_dir+0x2a/0x1d0 [ 419.239132][T14178] kstrdup+0x3a/0x70 [ 419.239145][T14178] ovl_mount_dir+0x2a/0x1d0 [ 419.239162][T14178] ovl_fill_super+0xf4a/0x4029 [ 419.239177][T14178] ? register_shrinker_prepared+0x116/0x190 [ 419.239201][T14178] ? ovl_show_options+0x550/0x550 [ 419.239218][T14178] ? __kasan_check_write+0x14/0x20 [ 419.239236][T14178] ? register_shrinker_prepared+0x116/0x190 [ 419.239253][T14178] ? sget+0x12b/0x560 [ 419.239267][T14178] ? get_anon_bdev+0xc0/0xc0 [ 419.239281][T14178] ? ovl_show_options+0x550/0x550 [ 419.239296][T14178] mount_nodev+0x66/0x110 [ 419.239310][T14178] ovl_mount+0x2d/0x40 [ 419.239322][T14178] ? ovl_own_xattr_set+0x10/0x10 [ 419.239337][T14178] legacy_get_tree+0x108/0x220 [ 419.239354][T14178] vfs_get_tree+0x8e/0x300 [ 419.239371][T14178] do_mount+0x142e/0x1cf0 [ 419.239385][T14178] ? retint_kernel+0x2b/0x2b [ 419.239404][T14178] ? copy_mount_string+0x40/0x40 [ 419.239418][T14178] ? copy_mount_options+0x270/0x3f0 [ 419.239439][T14178] ? __sanitizer_cov_trace_pc+0x14/0x50 05:02:14 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) write$nbd(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="67446698000000000300020004000000ca9b3cd6fbdab1afad10f0d8d8e2c9d92c5beb9abd1cfa599097fb93390bc92e60887e84"], 0x35) r2 = syz_open_dev$ndb(0x0, 0x0, 0x800) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x6, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 419.268152][T14178] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 419.292872][T14178] ? copy_mount_options+0x2e8/0x3f0 [ 419.292891][T14178] ksys_mount+0xdb/0x150 [ 419.292909][T14178] __x64_sys_mount+0xbe/0x150 [ 419.306268][T14178] do_syscall_64+0xfa/0x760 [ 419.306294][T14178] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 419.379982][T14178] RIP: 0033:0x459a59 [ 419.384065][T14178] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 419.403786][T14178] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 419.412300][T14178] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 419.420293][T14178] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 419.428277][T14178] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 419.436259][T14178] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 419.444242][T14178] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 419.512426][ T9110] block nbd3: Receive control failed (result -22) [ 419.520041][ T9110] block nbd3: Receive control failed (result -22) [ 419.532746][T14194] block nbd3: shutting down sockets [ 419.575613][T14195] block nbd3: Could not allocate knbd recv work queue. [ 419.608227][T14195] block nbd3: shutting down sockets 05:02:16 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0", 0x98}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:16 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r3, 0x800442d2, &(0x7f0000000140)={0x6, &(0x7f0000000080)=[{0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @local}]}) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c000b75f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f008b2b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc1000000000"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) openat$vsock(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vsock\x00', 0x424800, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x48, r7, 0x101, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x48}}, 0x0) sendmsg$IPVS_CMD_SET_CONFIG(r5, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x2c, r7, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xffffffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xe6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10}, 0x7872afb5bcfd7c36) connect$pptp(r5, &(0x7f0000000180)={0x18, 0x2, {0x2, @multicast2}}, 0x1e) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:16 executing program 1 (fault-call:3 fault-nth:76): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:16 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=0x0) sched_setattr(r4, &(0x7f0000000040)={0x30, 0x6, 0x1, 0x7, 0x17bc, 0x4, 0xf000000000000000, 0x9}, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r3, 0x89e4) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r5 = syz_open_dev$ndb(0x0, 0x0, 0x0) r6 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r5, 0xab00, r6) ioctl$NBD_SET_FLAGS(r5, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r5, 0xab03) 05:02:16 executing program 2: r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0xf34f7473927e27e6, 0x0) getsockopt$TIPC_SOCK_RECVQ_DEPTH(r0, 0x10f, 0x84, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r1 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x410000, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000001700)={0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r9) getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000001740)={0x0, 0x0}, &(0x7f0000001780)=0xc) fstat(0xffffffffffffffff, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r12 = getpid() sched_setscheduler(r12, 0x5, &(0x7f00000001c0)) r13 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r13, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r14, 0x0) r15 = getgid() r16 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r16, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r16, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r16, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r16, &(0x7f0000003000), 0x1150) r17 = socket$inet(0x2, 0x0, 0x0) bind$inet(r17, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r17, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r17, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r17, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r16, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r18, @ANYBLOB=',group_id=', @ANYRESDEC=r19, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) getgroups(0x4, &(0x7f0000001c00)=[0xee00, r19, 0x0, 0xffffffffffffffff]) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r22 = dup(r21) ioctl$PERF_EVENT_IOC_ENABLE(r22, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r23) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r24) r25 = syz_open_dev$adsp(&(0x7f0000001c40)='/dev/adsp#\x00', 0x7b, 0xdf34345d67f21a95) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r26) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r28 = dup(r27) ioctl$PERF_EVENT_IOC_ENABLE(r28, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r29) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r31 = dup(r30) ioctl$PERF_EVENT_IOC_ENABLE(r31, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r32) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r33) r34 = getpid() sched_setscheduler(r34, 0x5, &(0x7f00000001c0)) r35 = geteuid() r36 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r36, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r36, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r36, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r36, &(0x7f0000003000), 0x1150) r37 = socket$inet(0x2, 0x0, 0x0) bind$inet(r37, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r37, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r37, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r37, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r36, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r38, @ANYBLOB=',group_id=', @ANYRESDEC=r39, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) r40 = getpid() sched_setscheduler(r40, 0x5, &(0x7f00000001c0)) r41 = getpgid(r40) r42 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r42, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r43, 0x0) getresgid(&(0x7f0000001c80), &(0x7f0000001cc0), &(0x7f0000001d00)=0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r45) r46 = syz_open_dev$vbi(&(0x7f0000001d40)='/dev/vbi#\x00', 0x0, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r48 = dup(r47) ioctl$PERF_EVENT_IOC_ENABLE(r48, 0x8912, 0x400200) r49 = fcntl$getown(0xffffffffffffffff, 0x9) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000022c0)={{{@in6=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@initdev}, 0x0, @in6=@local}}, &(0x7f00000023c0)=0xe8) r51 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r51, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r51, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r51, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r51, &(0x7f0000003000), 0x1150) r52 = socket$inet(0x2, 0x0, 0x0) bind$inet(r52, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r52, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r52, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r52, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r51, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r53, @ANYBLOB=',group_id=', @ANYRESDEC=r54, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) r55 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r56 = socket$nl_crypto(0x10, 0x3, 0x15) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r58 = dup(r57) ioctl$PERF_EVENT_IOC_ENABLE(r58, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r60 = dup(r59) ioctl$PERF_EVENT_IOC_ENABLE(r60, 0x8912, 0x400200) r61 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x40000) clone3(&(0x7f0000002880)={0x800000, &(0x7f0000002680), &(0x7f00000026c0)=0x0, &(0x7f0000002700), 0x8, 0x0, &(0x7f0000002740)=""/165, 0xa5, &(0x7f0000002800)=""/74}, 0x40) r63 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r63, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r64, 0x0) r65 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r65, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r65, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r65, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r65, &(0x7f0000003000), 0x1150) r66 = socket$inet(0x2, 0x0, 0x0) bind$inet(r66, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r66, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r66, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r66, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r65, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r67, @ANYBLOB=',group_id=', @ANYRESDEC=r68, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) r69 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000980)=ANY=[@ANYBLOB="b702000003400000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d6bb7030000000000006a0a00fe000000808500000026000000b70000000000000095000000000000006eace264330a0cbf6e08d472ca3cb9c3fe2e8a1dfd9dbcbb79d68e19c175b61a266a284a7fcd49ab4a305bbea8c1e07ccf518f886c53a1b9cc77998fd8125976bbf8bdfd00c68e87e2db2a037814122b5da1512081fd8357dc9876799b3bead00ed0e5f8554f9f5b34d3239dcd753aae6ef237b219488b43d269dbb5b6f5b75bd349523c9994ecfdc8d354afd088f814084fb348312816bba27809997a98436c27cd52290d79086001a232a3c1acba7fae7d2552f1c2dec89d623df1ae52f50a038f122e2ea5bc58be1620db037a743f3d30f3da3f1acd40642bb004ee632822aec716aae4e46fa00f30234c84c420cf7913ca0e238ca85cdf5fefd89d332c4c648a47273ca7fe02e9da249cce4ad2d94ce4527d88948d1584cc46b5e521c3aa5f274d3a9b97aa98532f94b5dae2e54f874f7543c16bfcb66bc85da14cd8796e3be4c174b789a0fd6c5fa9f9376ec4df390d3ad0ac03c442f51387377f3d8495cd3a7d"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000180)={r69, 0xc0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000001c0)={r70}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000002900)={0x0, r6, 0x0, 0x1, &(0x7f00000028c0)='\x00', r70}, 0x30) r72 = getuid() getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000002940)={0x0, 0x0, 0x0}, &(0x7f0000002980)=0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r75 = dup(r74) ioctl$PERF_EVENT_IOC_ENABLE(r75, 0x8912, 0x400200) r76 = fcntl$getown(0xffffffffffffffff, 0x9) r77 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r77, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r78, 0x0) r79 = getgid() getresuid(&(0x7f0000003bc0)=0x0, &(0x7f0000003c00), &(0x7f0000003c40)) r81 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f00000017c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r81, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r81, &(0x7f0000000540), 0x1000) write$FUSE_INTERRUPT(r81, &(0x7f0000000000)={0x10, 0x0, 0x1}, 0x10) read$FUSE(r81, &(0x7f0000003000), 0x1150) r82 = socket$inet(0x2, 0x0, 0x0) bind$inet(r82, &(0x7f0000000040)={0x2, 0x4e23, @broadcast}, 0x10) sendto$inet(r82, 0x0, 0x10b, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) sendto$inet(r82, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r82, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @local}}}, &(0x7f00000003c0)=0xe8) lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuseblk(&(0x7f0000000180)='/dev/loop0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)='fuseblk\x00', 0x100800, &(0x7f00000015c0)=ANY=[@ANYBLOB="66643da00adf1276129fb475843917", @ANYRESHEX=r81, @ANYBLOB=',rootmode=00000000000000000140000,user', @ANYRESDEC=r83, @ANYBLOB=',group_id=', @ANYRESDEC=r84, @ANYBLOB=',blksize=0x0000000000000200,mask=^MAY_EXEC']) r85 = syz_open_dev$radio(&(0x7f0000003c80)='/dev/radio#\x00', 0x3, 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r86) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r87) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r89 = dup(r88) ioctl$PERF_EVENT_IOC_ENABLE(r89, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r90) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r92 = dup(r91) ioctl$PERF_EVENT_IOC_ENABLE(r92, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r94 = dup(r93) ioctl$PERF_EVENT_IOC_ENABLE(r94, 0x8912, 0x400200) r95 = fsmount(r94, 0x0, 0x1a) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r96) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r98 = dup(r97) ioctl$PERF_EVENT_IOC_ENABLE(r98, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r100 = dup(r99) ioctl$PERF_EVENT_IOC_ENABLE(r100, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r101) r102 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000003cc0)='/proc/capi/capi20\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r104 = dup(r103) ioctl$PERF_EVENT_IOC_ENABLE(r104, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r105) r106 = getpid() sched_setscheduler(r106, 0x5, &(0x7f00000001c0)) fstat(r7, &(0x7f0000004fc0)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000005040)='./file0\x00', &(0x7f0000005080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005140)=[{&(0x7f0000000200)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000000280)="f72f2c98cb950a47dafe85b4042b712bda6d3b6760bd041808351b354beb301145c0d4385499d34988ca7236d6ccaa268a1f425d3522ae077ef53b0c192a0e7b320d7736192a1bd967c6edd13de55125f97f2372e18724fb48f48f0aef4c61250ccc51d65df5dea221d8a67b2673b3336df9b4dd7c57d669c7ea6b4e983830b3747f4ae15273f22b239143fb5116319f146aadf872213e9c4fbc7796b9c2b318a31f64162fd6c196389e78c8b53ce8411823a1fc95", 0xb5}, {&(0x7f0000000340)="1a9e39f3647b8c4b0f29e13607f579aad617bd81f217c494359f355bdf3a55fbb79f7f61a1b6515ad5b7061a14c9dc1667f80cf14fd21a999fa04a24f44c0f0ed95e2b391a7fbe3e70b86ad3b6d027b302a6b06a0140eed7f262cd37edf2cc02a8c82da75e924fdc2a474fb2d888903e168a4367509b3e2a3bb05033b70f38f72ff0d32e558c82d6e81e8b0c1ae63d8c3ea39029bdd0c7b4cf7a888ebaf0b5cd3f5cab43b5a58e188e00624118e13d156747500b453bc7b23cac7e0ac023fe12c0e1c6190190ca012dd84d4bd8c2797233cef16dfc6767d05dced42d0014073a074d733974bb009f7c7644f709e2c73c19ebef8a41a1c8", 0xf7}, {&(0x7f0000000140)}, {&(0x7f0000000440)="45b6f862f554ae31ce13907e8d11e5815e98adff9f13e30cc440d375863fe386c0c9c47912c93ec862d9ab279a70545b1d63441f911c5991716ebaafacb5308ae1f9333f0a5b541b8e48dff30484dc98e4c1cba35683620b1cf4c2bb4aab950c6ba9e1cb1da84c5567e70d1d6a8996267fe06967261b95ed079e068adffd3b77dfebb2a989d9e889cf", 0x89}, {&(0x7f0000000500)="08e59717d8d19816495b1d262e507b2ae01d30738aea06d2626c255ae985bee4fc125424c43890cbc410af", 0x2b}, {&(0x7f0000000540)="6986c968c3fe1cfa454b827c9cf6754c0c7210e5d3a3936d87dc32179ce5acb654206f36826e87c9f8686edb0b970ae399ded405ee581cee6e01f41fb01ec6e0f91fa0e8257f2ede1031a9f5dfd7a2c6d4077ad7d3b767e8d8d109717a22e501808a336a8e3c57c85f976bedac1b3d78b452bf68925779ebed55bc0e1a55fa02ee15d593e37699b9b2009628d51b458a12d913c2e5064c7832d1b8d2119003d0600394001aab6edcdc69dd49e8de976704eb9d80b38b86157ff8889f9b641afc1dac53c568d17b7b9708e787bd4c3e6274be90fa120553f553abb67b28baa4697254752dd9e326e7aaf74182769ce46dc03495b4d3009a3eedad82cc6e6549c07721b2340046f0c6e058f86c6f42bd03fcb1d57c404b8e5a11d08ee9cc3734a088bdc2449ce2dc8b9c78b0616c2968839f72ab7c5069ab14079bf89899db5fbfb2136663bfde0eea2dcbac37d456adde6efa81e10007bd44465782b43b1a9e550281868498f6b679a9b99822720bece62f59d77e4351b6c9fc2e89d8e913820dd58327ed69a75eb4f33bc9f582d555997f645acd9dc53dd6d39ef0216976e480b3124fd54c2abd45da27256703dfa4944eee15798278441cdb7b7cc056ac1e6bdd8b2b810773554a8f92c1c668fd3ec524b71ca8218534c09a292540192fbbf9112073c184f3ff86355d060a96b702835c76d951c6bea5f18b017ba48d9291a6290ae02bc13ea97b090b55cf22d54d56dee2ab495a7f275a2e07748e5a76e1c48ddbae11f3203741049ba976739c0ae9cb90a3595b75b475a1e5d3cd889b79e4ae8090dbefdb53b2e66a081ef282601da3af26ba8883169eb5f2dc5ba6fb281765386245e01d02028fc8d31eabb167abc713665a282c633e56dbd034071ec141079f8f5aecca1aaf316a0a9470f4f71cecaa8815458595ccb5e75a791448b64fb9204d7f4dcba44e087c94cff80c3cb9882dea228db3139517e498a089e9e1251e8159a3b6d941a4b4476929dc9325d3bd9df3bdd8805f42a04ca0db1c62002ddbf94bff1ebb3fe7c13151fa5c5eb9cdd325e359c8d16c3257ee2f179b9a886386f077f3fd349a815b684b638225fa9592c68b94b74854297492aaf0343cd26a0232a8141ad6fabf63168e32da98d855821ed6c01746168aecba16d23018067c3d40be7c3d825d5f6ce268496a6c083918433564dc8a19415f683676833b43d73f55e32701784af7f7ae5e4b9d64fe24c83bb5a3906f7813d31db2a056e051ef688a58033d04b700b6063d3d5e70a261b4b21be0c397de224b2903a36fcfb4aa30520e47f4536fc298611f2fd0c127244a3b024e870a0feaa58a31cfea97613f3a0eb28219432dbc4faf060bab76cf107ef6ff9cf46da23dd33d20533d5fa1fa57e58a5c643634527e6a4122b171fc809135c6e8c55c921285b252bb7140de6ce022fb2f848516475a7d5533f63f2ed6519b6af96b425176fdd829a110a190d820bd4892070c93e4bb365812ee7202f6221fdac99a4e9795e88857a8619591ea76f6df5ab417cd4be7f2c5ac8a339b63f31692843ae274e860e786f6dcfc133143f86ff6a28606224cb438584cd19121b9ea9e3ea628d379fe6c3db8c27e298c00774da8c4c8b07cae7c94253d61c91c800be3b378f17a59e589d4c5d9d75450e1448e0bbb1749c58c5348f525d0ed5859560d96cb0af225b474bdc62af8d88c5dac80e26b890c9fb378a9dc8052422953a069dbae7c81849820e40e296cb8d6b00d50ec670f1cd4a8ddd29048347b8da5dffbcfe2f903ea3ad8e3566b67c1b5a0dfb513b46aaa9a8e19814bc7adf9679aca4588e3971b2d2bf21ddf1cd7654c57aa3f21d3ade705bd6601053535754e75147a2013674f33305b117475ef9fdeef6d1ff984d93658c63a83b3061a636510594fa72c214a253a170a6047129622536b0990b9d564cf51ab4b091bd792a6f8cf8d263ef7af7ab4f6a46c951e3b945362feb914a1e7368f8d9e17519bd4acaad63865efda539c37c54fc53e43dd065d3e882136d550e63b4ed33f32e2106d9317a96b95d458a82dc3cacc3168a82dad3d7e0e0f1601ead413c05a2a291da1c812501151e39ddfbd6519ffbcd241abb3aba4a6e0657c378bd55e427eccce6d89ccee1484463267fdab804260fcdeabe0b327ef2351bb9b4b5907b418938c0bf1a22d3d1ec4555025bfe96ce228ed34754d4d5ecc10546adc32fdc856ece8e3435747348e75eaba43ddb93e64d630cc34ff70de5748bacd9d727ec3e6726f3114b655e55616ebbb0a18f5f4f4e58744870b89d42d4269a4a2904b00a075e8e7bebe6575d20a4b61a87a4d5babacafb36340619533d1dc6bb00d0992df98145db42e2b9808ab36cfbfe635ffade3854aa28a31ed7cbc263a8ffc72daf8daa6d11df0c2c303aabeb0cec244b03c46145465030d4bf19bf6a55d661b169dc28a62174c7b2437e28fff5611cb82d954b51d1815bb14d902604c5c518b566085efc2b7965f1c975abe62c1609b3719d21cb0b118d7a92ccd0bbfbb46a1a5124e543802ee4af2fa16777010081f32adf11fe9b8718599c62b6308c9ce9c6abe245141d5de28fbda4e94ec8bc04027350fc399f19344af44ab499397156e0172e064d5ab2fce52d85b32f5a681c8ea2aa8281010caca094f01b179d58c63bca2ee4c220fcd946c6c49709496bf7067d805c24092fedf3823b91008c7a980829020fb24c7de6175fc83050cc7c2827f817f7604cbd428af713e04fd0a429a3b1a104895a4f2325d0ec6e16052995db9ec8efcfa3c27807b98687a0f5c19cc6087ceed0c23f3294c43a116ab9c01d3b034d857ddc4160690c61e191f8df5281d1dae0060f3507aaaef2c9e9711ac16c99a3e8c4c0040b795f2e740fab0959fce192a3fb0c75a836c7d857639828512d20eba7b027580fd5908fb004b83d0634a5bca92e8fc0982d67d640b206ee2ce583c00d005ec79850861578620c2e903bef3037c4d65dfa8c8f57613473e1858cefe518b4489d31ef2a494f67e4ead36e17db6b419b23e07e8cda451d639bef846e59023c1705c2b607dc0b34dc69488c654c1e90598d9326ead0d7454e681e7e558c0ec302337bdb9bdb750a37f468569f1f1b08bbb20b97ec65dfa0f15ff368f20a254d0a02ec75f9f776a83f19d9afd2fd576bbb8a19d5386e4c9228aa974770d3681504d85885c1d1f0cc7b9a694b24849360c0cefaf0e3bfdeed806c2f4d600a2f8a3ea243df76615672d9483860ea34110aa3dc303bb40b0980fbdf445dc152d7fa5b3d4a67408742ad39f9d9baf95981d924ff1a5343c98fb575d4f523c9e11e7aafdb71e5cd8ddb06772fa392fde2bc2879b4c961c6320b947805d201c9110b32e653d88d5960135cf8ddfbe6a1c528a8e33d3c518081c0406866edfe3d29da06d8b37d7ce1431ad1aa5d628b66b37d1f8a0985706ae11ac3f0e07bcbed6175bda99dd89761af7a00b6a54835ac5bc96985ff28a9514f0acf6254730b0111a01c155852a087f77d7cf9b79bcd97e6cc4649d349a33a8100c014361057303f11608ba98dac00d97ed91cb0a2b0598085b492faffb84e0232cd4893b251632bf4e01e0349f214c40faf81aa0fd0fe648389d961c814cbe4876b9c7f13d739da03c4cd1bd3f9c23babff4298a54ccaa023aa398dc20ea161e20c7d5734ed088ec76e1a955816b5355b7894c866c6fea9f72dbfb78620d887775c11488c4d46e6b78c3c753e18804a41b69dd202c3a47d1c07a89e9a9065b0d3ab8549fb2cc259854000e302dce14096788d6eab93bae64859d760d0e54321f521cfd742e65b73b3cbe7125a1b95d34326e2811c5b0c15264c0b942a57eed2d3fdf23c22381ac51011f6b7ee52f290a6efba45b29ad66c633b4ff5d6ef8add04d118e94c0a169a12e34c0c89517f35c5dd396cc285935ecf6afe2ec0687ce81ebd312b3f084c585387f81ec68b93c30c6ab1a0fa41707e34a092299b2657e474f10f750301eb13b18d9cb5d7c21c428cc675762ef6c49135cf4ee6f11c581eddc499e9e0261032c53872920393e0a22e5d96d6925971abef883d15863bd69412dbd4b415c6d12e3425c00386fc823f0a509459b9768157e15b586cb0f21389cb3d85e22fc4267c677734f305db27b86e0da56f04f4765422ba3f1b36569671060c5d82926574d960f83549569e732e287c41636a40d9179c2d80a084204d9167cb2cc492d57c07580cafd42173c7f23fcccbfe12d40d336df34f33196ed4b2e11f569843ffb4a0733beebd72b83295bebf3e7b74b2bd93a99cfcd18ce43299f9b6bda528afe7190c6908c6b63207f6f8d5627960eb5405c1e98720b827ca9e927ebf34ac0b63109a4a08f4ca232dc5517eb8ab329ae8b769fb50e66902432d02a0fc85cd5f25d601c168dc8301e5d6e7ea854c9a39a6a5f75823724a5196136f76f159280575668bfd8b77079b0fd643a475e495043b64a81d87982852d1199aa6dfa820f350951cbe773c56833dcf891dc63b3efa744a2691050701a74d09c4db64da4c1d734db24d4f8721fb8be1e99ac4b459811f7bf720afbb7a3f25fa7a49b4ddb0a1278093c8a2cec9046a9f48059d2f983752880f009b3a7497249badb516c71ae52d82836ed652000abf7b3b6e8df22c0ee5fd0a4aaccfa2c5ea27b77e867161d026615f80bf56fd12b785b0dc47ca0024c50d65180d232ea514ebe4fb1184b17bb07427b8916573aab8718e4cc471cf7267d65bda4fdfe4550032a66a5804a55934fb9ab607ea37e83818fa3c0dcf0b60ade540fff039450fea04841915c444d6920a3def76f9fdde24a27e1117fbaaa873aa172e2726ad6f7f74d7432988f68027ece244d35f5a34956dd0101cfeaee58486546b956848be920b9422f7b6515f2d4982a93318aae2497b676ba1f733bdb952d5ef52d5c2f89f9ecdce4eea7b2abf5391c72436a80c6e304b0ea37e44320918dbfc2553c0ec9e35ccddf7bcf3beb3ba0f340391159c5f82a943141bbb8139503cc28a1ca8967bb57788e11067a0d856f53f93f36e25e4029408e1e0c23ae7c28ee02133774ab42f40eda0daaf7c2c1d1a04fc3ea6f6a744b8b0e93458bebf1e6766ebbac4586d9980d4e508717422eb024a97c29816eabee1d4d5dcc752ecde98979784ce7a8221dfb7e1366ef279ba5e49c6a67b4d06e2e9e69276afa8ec53e3b5002f11b87cb7213d45b3f70db91df41012e149cb24d0e38ffe6c23df3791e8432b3c61ad51980edc95da4dc4cb8657bd38286a3e8579f6196f91e007f524a1a61b7d6a30f5b8e268b4c9fca914455051666a60c2ced34333a2e3eea68f6771295f4c89891608d71ab6c46194c715c753288bd70eac1743930926b767f8da5b044b054852a6246e0e1d60292edefb9d8c59ac18248855504c4d3aa1871cdf7794eb0e3284105e5c58d6a291e9bb8b8b31beea47e1d9fc34ee1d3901f2043b2db54f60d5cb824509cf8804198641428d4db8ebb583c399080ed7111757712d25bf0a3a88723ea23d685637acedc44c5f57ee94a785f0430e1781e15b23ffdec25b6cf55b8038ebddfb7b43f2601d141c851a73d9da29faf3e5bf15366ee414e843f007364a0ddb3b3b9493b558dad257e03d632499c65bd41c9ba13afbba0c8647f67d38543319830bddb4788202230418a0095b9ee373c9fa545f6270533b63778803c9e03796266ccc9964169371ac4488b9811ee6e618e40955b9f62b2b816cbb714a690a303a4b595a75d4a17b738e1", 0x1000}, {&(0x7f0000001540)}, {&(0x7f0000001580)="00005411de281a4eaf0521ca4a7c34623af26c86550dabe969bcb930a90b45b5cffc71ad49b029777b0857fc6d617a6ca3c9b00e7c5bc037f2146650d255e2b882deb339552e68e05075a518231393b21e92f3eb1efae665cc9b268506c84d2ab2f59187284a0433c808b65df5bb54120bee2216d874119e3be9a13ebf2d4e1acb73fd402a18e747af83feecc3763badfe8fe20896949f65f7006981e2108efb011185bf6a2276369ff650bdda6cb9603c5430a93b4a608565cfe61ca3f372d0025728d6d64e5e5e80437b1c1c84604b11fbe5b6d2b8e575", 0xd8}], 0x8, &(0x7f0000001840)=[@cred={{0x1c, 0x1, 0x2, {r8, r10, r11}}}], 0x20, 0x60000001}, {&(0x7f0000001880)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001b80)=[{&(0x7f0000001900)="e2af5a4fd106a0a1f9e5efa62c238850e84df2a650b7d54326b1b37b33fb5d4a59f6cc23b7c7d80b52b6ed114186a6ae4632b111e1e38fca39", 0x39}, {&(0x7f0000001940)="e237882dffcba3e777a7c477b0482eb094ddebad3301e78fca8e1fcda29f26132816ecd9ae670b50", 0x28}, {&(0x7f0000001980)="5739ad9b442fcecc2ce00a2d83c8fa945ab5e792dfe1fe29d4ab39ad826e31355bb0b9ff10947984741cdbc74026edcec430d88af3c41a27d9d4240b5f9a4122f293b25a109432617be105735ee9c39e2fd78a10ec226941402f15c2c3baee148c7ea06c67d14576070c6b3218e4ddc548ad734a42dc75ff29d92b0e87b3bd3aac3b23305525bce9e22d01645f719ea3a827b5e454b83227abcdd302d8a9dc9985a564bc57f00adadb401eba150d8d6f655a27a9d4f84126d53099f4a95e727e6ddf0b244157ab9634c34b040fd23ac9a967f1dc9ff0349cf8399253", 0xdc}, {&(0x7f0000001a80)="a501e6af122a74ccd15ffa05dbe4c48776408f69265680b6be04b9599ab1d29cfc6dd7cff15fbbb8b68279c25253cd717736c4da77f1be2a393e0f40f5cd1de476d05d106740727d95af43bc7e2e26ede8c2c9c6d34fcb35edba7607a173b413b0ee0a658a8eeb5ca09e8822531f447204301066602ba19846978a08977b20ce953d5048478245d1b8262c10f5208854729b0e4ec70b5f9e8531baca52f46352eb8023b52baf6d347015d3f7", 0xac}, {&(0x7f0000001b40)="47dcecc860fbe6ace3b2eb9a636715e2cb3d9200744376", 0x17}], 0x5, &(0x7f0000001d80)=[@cred={{0x1c, 0x1, 0x2, {r12, r14, r15}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, r20}}}, @rights={{0x30, 0x1, 0x1, [r1, r5, r22, r1, r23, r5, r5, r1]}}, @rights={{0x34, 0x1, 0x1, [r24, r25, r26, r28, r29, r7, r31, r32, r33]}}, @cred={{0x1c, 0x1, 0x2, {r34, r35, r39}}}, @cred={{0x1c, 0x1, 0x2, {r41, r43, r44}}}, @rights={{0x20, 0x1, 0x1, [r45, r46, r48, r7]}}], 0x120, 0x80}, {&(0x7f0000001ec0)=@abs={0x3, 0x0, 0x4e22}, 0x6e, &(0x7f0000002240)=[{&(0x7f0000001f40)="788381c0eef6afa7cca8c0fefac9bbff694268824bf9f3ac697437dfa6a666a73fc8aa6f2568939f04e087494cc5b688bb437e16aa1a43b906ad1b127bb136355d69992e32", 0x45}, {&(0x7f0000001fc0)="b5b028fe7685a9d37a4baf6a516f783c04e210881b2b96174125b0b49e212774322ac6c6f8077a4cfa00ddb8b874804d700d7c1faec34ccbd9143144d31464f77a2fb4625f2d612c4e6a5598744ab4d0a4dd1382dcf05c3d51516bd9dbd4cae034cb15", 0x63}, {&(0x7f0000002040)="9a711b9c4b3901f96a567b705920cf63e5954f0ad8ff2a722cc09638d64450158ffb9a49a34f47e0ab35ce8e9b45d3c3926a1711269b8304d898b30eb99eed263a8e065a6ba879709c8d70b2be739a2db698b4c46b665f0e8afbc547f469c9b74008767a6a4fbc454a476f187b9c999b6eff8ff0f607f47c49", 0x79}, {&(0x7f00000020c0)="448490e1250222a2f3ca5ee4c3012f7fdf1fb5b6a2b9311cea5a10731787f9862a8fb258c3ae143f0776b5c0d65b51cbc8c40417ed761ce9899b9a2f884b6935d587c4689df65fea7aa8835424b30a116ce3e6ca6b1566c568807356e87f31d723b9c7", 0x63}, {&(0x7f0000002140)="f8c3510027187c1610f7af8d5df00a483ac7fed1eab1b6dc02e09e73a373a5449890f6e251929017b5d470bfb78470b014b072195f56be181f710d1c97f4c92e191624cf89b2070425d71695ed15a510fa4be84496ace4459b3f96ab51dc085c05344a33ae8c72063c39a0f024272cad773a4c73e1f982d5a25920f2dd37eb1702daebe81e59ba3889d8a8dab3490681c18b1eca37965186b2ce14d7ecbac32e3c6742691ee24d0ec32c1f86d1277358ec4f1d1389e96b37e220ef714e5feae13a7e33813d4889292dbe3b7713ee9e3c", 0xd0}], 0x5, &(0x7f0000002400)=[@cred={{0x1c, 0x1, 0x2, {r49, r50, r54}}}, @rights={{0x2c, 0x1, 0x1, [r55, r4, r56, r58, r7, r60, r61]}}], 0x50, 0x4041}, {&(0x7f0000002480)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000002640)=[{&(0x7f0000002500)="b274c77927c800416242a3117a16686c0471509896aee3423e5d2a405b235c041729acb416a1556971df1a00216a66aed6ad4dae113c684f33c122a1ba35eb9cde8d66a410", 0x45}, {&(0x7f0000002580)="db6de9cb6e243ab973ad390dd003177689f6b5d4f54bab8423c44f8d3356450e50a4d9e80e331bf3f3402a538392cd677a7476db0469b12843820caf56ffd968aaaafd7d8d53f1103fc3abbfc364f158b3589501b856eaef94475a27487b9892cef78bc9203ef3fb130a4dfb5d0c51857874033f9e3aa255be27b1fc43c8b0df7f26454c3ed0356296ce514ecfe97a4d05ebedb79eb2254aeff0ce5b8ec68e51659f9b8ea4003041e89939227c1a52861b", 0xb1}], 0x2, &(0x7f00000029c0)=[@cred={{0x1c, 0x1, 0x2, {r62, r64, r68}}}, @cred={{0x1c, 0x1, 0x2, {r71, r72, r73}}}, @rights={{0x20, 0x1, 0x1, [r0, r4, r75, r3]}}], 0x60, 0x8040080}, {&(0x7f0000002a40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003b80)=[{&(0x7f0000002ac0)="652cef697aa374b11049b688549cacdbc6684055214d8f1f6ba85fb27fddc5e0b860ed105a2a6813ec94de8f034428d8277e4068737ffe8f30d89bc99b582d9637662949502e39abcc39ef8dd0b3", 0x4e}, {&(0x7f0000002b40)="40d8bde895b80bde29b52cefb05971f39d24d2a96a49dc49978aae003284b0d54f3a2f438e3e99c17f3083841c314de7915ec3e312c209c7958ef1bc6080975d004957f9fb93e9060f578af45bfbe69581013a8a899dfe82e0c3d3ae9e901d9daaecbe8956bd067d9bfc4137d459215d63999a6b6ffb3cd8b68de1d9942775ce3dc5b3236980de133a07da73c5f01b93d885b4582ebdf88f00e3468667de4895f34836cf53f5f0942cf534efe5309ce950d965a8bf571044e9943e0b43b97ca0fa1d8bd7fdb8f99f6d07d84c91892373d87d89cfb28b26198585536991d401a6199a07928f54127cb6854f8eb4d48c362b4f31fb3795a3217d48022cc53a66af14251723af6a7e3159dd4bded730b43335052b029f76e15a7560d93030e7a9c7233c46db7166514d1ecab98277b88927977188b8cdfefc5fbf9ee2e091fae3dc63e6f4bef8089a737637e8d71b5c9f3ab8a538617fdc0d1255322c4aad9a2c8794247ba8e14d80f2b705f36579ec01dd136d093e2f81f60d242bdd266261b836ff7ed4f19a20975308b0e023e9d799be61d18c3154ee7d97333ecb251ca1231ff58ae920a9be582cd677eb33eb46db87e2cf7c8cb4ae5b342e4c274688e0ddce76db01a94ac0a6158f1cfda5df7ad501fd53fc8dabde1074ec499bf130214db5458dfabc77abd577b3c14f6bb80a559c2aa98fd6de017e561c99006bcb3289fb87a73ec6d2b3b4fdd66c3db648149f929f7d9fbb97607ac8e8e131e88bb2f61d738b267991bee28ab927e0b6f6119f0ab5349770448553e62baecdfeaa50e0076700e408b75c2fd4fa893a3b0e27324a06ac3623f7a4d5d36303089c9602f2df12758ece198bba36c78222dca41f8ecaab66cee5f1be97187d660526e929c2501743b1977cc943753da8aff957af494995c261e7b4a3e82ce1fa6d40a480359a08b8cb87c43ef58cefbd3326200337a4202f1572bea84039f0a9268ac408e48673a159d349bb2cf7316f83fc9faa3d4167104770a587985da270f692cd554913c6b177660e8af14a7cc7bd60e24cb5263af9e6297a703ad65bf947b64a00a048e46178e3cbce95ab4c5088e59c681cd9d4ed4ffe1ee2f89e9214778170c5b599b02a559c7490ffe8cfc12dc372ae26cf9afd5ad904b8d8680f0d91718bf7b7b9a5bcc726c556020a6b7a3c81d336860b5798fc1b9d5a7dac1dfcb5ff7574d7476f1ed0e58d76d52eb0aee2dfcc4a3528e53e782e45fae53096a1b252c44ee7b206f142404c420bb5e236e87dde73515ac29ffc7e96792802131f8941f43b8cad3089815af04f175e64cad2889d43bbed40411a4a64d1504bbf1b08e1c14d8acbc99bd8f7c03f9af83ee40fa077c5e6f8f37ddf895440c851220e96e55d57e13dbf3c02e1913cdba10d8394df6a6713aae553e2cb558b21248947ecd902066baab0241a8fe7d39d104d462c32fd2688821861ed2d912603c3f7739611c67a3692b5d5969abec4f787bb90ba57fb45c6b3edacb8007a8405ec316ab25de4bf636c5d94b9d184d92f8b295e78497be093e2623593a52844ad1ea36be608b45c310eb2955ecece515753195ab2fe14140776c50fd96745073ebe0fe2976d91c367a9b40cb70aec27859f577757a86464599ce69e6286c69f283664af3592cdbe7ab85aa6a7b3dac54d238b4d5a97692786925967ac78fec5227a626c67688b9023cd62ce0f33d51f0718cde1f8ac01501736329881c9b55757185e440af8c93916fd3ba5155b5298b506f9d207ed94a7a176002123b7857968bd9b7ac338609f011c63b0daa70a4a1811e2bc6d0ddc39aa8bdac697d838270d8dba74d1f13be1acfb24723436e8be1d34337b6f36bc04bb9ea3fd463b2257229af7b12288ac45598d646412c68a6cce81b3eecb95a999e59e6643bd3441bfaf8b847115c34a1b297843db185e73bdeff96f2c518371d03605fb02937cb0c6f0ea6890db22c3c9aeb7a01aab4df745ef0e7f3ca5091cb89201a70ee5bbc2c59094ace8e8e3a01b1dff59adc428ddc9a994b0a03108c954cad15057c2450d58716a1f414dd00c406ef5b12a4c3aeed4f3d329454b33b2c1b9080cdafc542ebb4f9eb97f34bdfae8021e2874d9cd0cc10d394e46c2e96b1b94d89c3723abd47b9ac9258313fb292054d1ff817c13069dd8cc876d03617c1b8c415d7efb3f785a95d82cea9e2f5a67057427b2be5717d2204b72c91448b721d99f7903fb8976b1104043c961cd8e9d417adaa6dfd877fdf82f1d8c918cefc0ef3ee047306752ac9057c89fc8ce9b144496c280d3a407ded0fdd2b1a413e9d29e42d93008aa857681e76d063e17fda863ecdb919d5241a84eab7a22e8d7688a7d9b63581b26d1fd322179329a8ac87f24ef9661e06995f250b9f3253264c334fd8034ec53ec6c8be84dff97a9e564fa627d67af25919765ab8bc5d23f62e413b633058a9192422d9302b6c0b3ddf6196b6d14c3e5e97cb35aa716102898215385e8bd8afb9f6c35f771e984d990a7e6d3ef7f44ebfe71229e2617801a7c23afb3ae38acf97bd829183b38efd58ef19fe9ef106cb2d15e807262b925979f7f729d370da87c74af6feb7e907cc2de82cd1f15458e5f4d212cb70a124ab7f6742f13419cfd5e6552e0ba93aae1c5f12cf1dc53eebbee3bb16bbe731436ada50846a01f5c59590bcc146c8a72a3a3dff495cec2b40d67f169a2abb563dd3dfa1bb84606e922cdbfa96342465d9cab951cc117e100751fa692a07ee51045c74323ad1e8a3254952228457dd52b09e87d7fedac415b4d4bc7aa5c85587a501a1ab69b005d7ffb2cd658874f131ba1f5022c93ca574eb0d889d8313c123f5bc9cf95891b127bf97fa7ae0c480790fef4c9b43f52de9681b3d86816c9a8121b8ca2e472b823464189f957e28dbe68655126bc91a564d885e6e850cbfc41808423884faaa7f5ca0cc1e18cad1f2be2ede291888291c5abe6768835bda839c552662ef917a6bb4d683a34c8bcf6dd8d2546e017c80113c2181165022aad4201ad42410cb83239d1eafa66954743ea5eb365080c0ebbc8d21bb170deec60de5486eb5a01ce3547c6af97dda279e3ee7fc5aacb975d3321adc8fa45bca1935fd2ee299a550cfff72831dd725223f84685d81463586844e00b05f99d01f8424f87cf1cd2501e2f857164f8d03e2c44f25eb86817c21987dcef1d4d6d7ea633c93604795d8ca92f2eaf69d6a9860b53b545d9e5924fba79b2735c631599ffc63b2cc262b8fdb2c087cae96e1f635164c840bb01f19d47ef20d36bd2215e026e5391a7c8353a73c5aaef69182815e3ceb202346119a2bb18bcb9aff63e94e755353c0b8504e50d6a4e50a686e3bd2d2e92be9ee20d15cc0625003867ab5667e30e5ea7a2698fcb763ac0bc93e98e1a66e631d63c34e1f5a842a684bb59e707aafd10f553e57aaa45c8714e8f60dfc96bf15b17656e2820e37ad525fcb80a5a84f53936bb1ffbab9fcf1f0b2e4c2576353e4098df568b3260eeb3166c8fdd11960c7d337d1ca9f987a13a6411c5b26d83b5f22aaf10681ee1e393d8556273e9e1a7d09cb284cf091f70febddcf7d1c0ec9066e299961fa48b30a4cf0f684a04f063fb0c1d09406d45ab06087e8c5a16d4f1441540e2a5a9f31cd515b1197ce8a9de195ad6b78c9ea56f1bff412aa8ae1689f486aaf5c905ca145ac7f2f15a52f50e0ecc03f6a3bdcd94b63956a44bddefe53330d43a4438eb01d0037feef987d641ad4a41c780cef04c668a31be8ee4254b73afce5efb342f4ec0a7a4e3b58b5ce76a545f8cde88eb724f6865480706338ceaf387db670c6ff1aee7d7c41d88033043c1465e85cedc30e31059c5750037111b8017d3e8fdbf62e730703077d2b936eb83daec0fbe6c32d9ae7d02d621fcf4c0e33b8a2b64c259bcebd4efb2134cd83bde84b1df9e66a7932ab6f8dc56d8606c7b674ae1032acd39f90298986520be7e907ceea21f9cb3628141628b424b763c0f707671844d50b1ffa67f859d665bc160e89001d52f6480cee6ef45c0db0796817299d0137a948c686dc0d0db784d8d6ee4369ff8337a7d317179fcae073be8f45e53b11c7040f01a4eefa311181ba896e8d1ec05c0b6eb3f23e33f5d5016fdae3cde0e70eec3b839ab90c1fc37b6f23ce509d1c0de1fb8d9d0bac6843e5e1bcb6e0147f745a42145a7fa305c3b709870f86de8d25bc09835ca95f24c1bc1cf26cf5b2b8bf3dd684bbbb02c580e95b9bde9a69e5e387f1e7b19ff4bddb8ea0d28b7bbe2b70113b69407640a811e0ce913c8b634702d33a74b4bb4b81d04a8efa14dacd1c2193bcc90e3c052604b1196289a63f681d24ad86745270fcea361575ee60821030e4fcace111f73224fc8a9b92c1970f92587b4c3c558ed09525885707150afe2b9c23dd63059d92668aca3490642a3f0847951695f3f80bc6cde2f270404db2a28d8498d99bb7ded11024805fd9fc0f6c876496fa6a90678035d31e8798e7bdf2195cc9c589fcce83c6a71d366c97cb3df09c3fa63543ed8852c3d9d31ae0e9cd439e6abca2a0cbc924c2b1fc111bf148bfbde77e9f2d71f416fa06caa3ca5d4d42cc31724c41cc88dc80c11ee50291cd85a679a0a499452a48244871ce5dbceadf826c35ecf8aa7c4223f6cb49644cd29507b1bdd0f6a3d0d080071ee30c2a462dc1b7f10693dbb4e486a3600d27aaef2fc4b255558c18a716691adfb8261b5e3b97a4998bdfac8048fe4314bf5c78d35e7fd48d1e8406f160fabe444577e3252e27389b2776b3ae18e37092150ef15894cedf3ce0dafb187d4270b94e845cebdbe725401f8a4a07beb6eac16a72377de8a5a8af025fdc8644d12b87c6f240e467a76efef2c466cd3c4bd19797a63aa44a164b28b9e60a7f0d2ece36d36dcf7486c7230ba3430b626139a21d4d0a64216526a5724c7d914f77b408a72732e2f557b152c678d04ef3be906893e9641658bbf6be7fb63226cdf8a7748effdc018e09194122acb45cb0896bf2991eea5b9ed66d1f67e2553c806e0edae6dfb8d89724a9622150e6ba6aea679f8ded7031d64fa11e61403b6587d1e6f3a922c5e6e8b5b4807d682b1d01f2a247b5499e1993402349348e39ab3b311b79bed2dacc8a0eb7c05acdb695e7c0023749a78c8ab66fa2dbf3e6a9570e3d12f84b6f312085156dcd1b4216dfac21dfdc26f8a6917189526b77b11c64802d24a54b537aa31c6a9596baa63484d910e073ed2ec684996fa3d3b48dd3599c559342f6a285c1c6d8178950b64c5c854941cf225102661709ad5d26f3bf19c95563b9e25affbcf1b5fdf0413a2b5ea1740813e293269f6a59eeabcd56d06074c6cd27f18ba7663fb585cc487c74c5ed6505ede116cb09f21a38cf76769a4cbf74634f1d79f8a7af3d3119c218ae2e61531ffafc02c10188550c28015ec2ead164f13233483acd74a281235ab30cb4321892f5d8abc4837c9f3f552506ad4555364b241602f678f915ac59362d28a5fd5f37d6b3132fbd5181c075a14171977677c7112a45d1d2a8782793e287b26e3b84d08305631a105049d7c322a76abdf6154cbf845d13f4dd192debe7476dacbd7e60495497cc5e019c4f12a53ead35f5d3cf24b96501ebb2c0984efb2b4171728fc63567f593ee6685b7547a2bb164c9d7ba0b0da6bdee320e2eed7ca14dc6c87040251454926d95a75eacf2a116a193829f8fdad4d40af701c8ed9e81cdad9cc0a854bf97b65ba05600ae763e76f3d31c234cc14ee63f90c94", 0x1000}, {&(0x7f0000003b40)="9720cadf916708c27ee2a0cd5d2b3664fa9fda6156bb7122ee5c65939a7d290d19dc69961cd851ba76e93796", 0x2c}], 0x3, &(0x7f0000003d00)=[@cred={{0x1c, 0x1, 0x2, {r76, r78, r79}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r80, r84}}}, @rights={{0x24, 0x1, 0x1, [r85, r86, r1, r87, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r89]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r90]}}, @rights={{0x38, 0x1, 0x1, [r92, r95, r96, r98, r100, r101, r102, r3, r104, r105]}}], 0xd8, 0x40004020}, {&(0x7f0000003e00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000004f80)=[{&(0x7f0000003e80)="a777f486ee93fd7e2a59e854aef48b576ad22bc906e3bff8cc22ee95884e642b332a92e2175cc1895624e72cb59cd376077a28a273befce9d44cb3675a7e06e384f77fa2a73f5cb6529def85f135862a1050f347fa6671e40d601de89833de7e4c416d47abf781fb6408283bce24bfa138e2aa512cef415adb15f3405c1763053bc1b4dc35157fd5a29f4882acdf233a01e2c9d4a37d094ab9ba081bbd358470d4c5e1db85a652aa95943eb443d92ed6a1d8bc99f82598a1c9064eb23fc4ae119c8a2e8bc4365d86892e94faa42459f796c0d97f5e13ef16a99a5733de6024504ed6253042f8e5c068b1809a98e3c67fae8ff830a144baa943e6560dd7155e1f588ea69c5cfd454e479e13bc0464b4fff0089b4b15c456452a109c0792404ab1d3b86c9b0d080e65cc19f6a7911163e270bc5c767b2f756532b13c70263ff8dd4814262562d3f074495fb97fa0e53f93c13ec81a1a67dc2e28db0c82e9c38e79c87d1a25fb845297cedb11dc5526d18ab25bf5407708f228cad93adc9f0a159d1551827aaacbbfe41fce6b6e764b6911aab94a60332116cb4e78fbdd456f60edb9553e04d10880056d8f4b75a4628fef20224f787ef5f50d7413ee084521ac4e824612804200e7b581359923810a025951b0b5d48124b3d3c9becad32053ac8d67d6a005cd8734b8c05013d077522a36fb1170cbfbe9c383888e8eeb0ab914ce589c04e5a22d09d082b13c4fab6612cfcf26a5b5260133b8608fd43a652e8a77ddca3f22c7b424d5bbbbc4273719d4bcb658aa91d76d0c53bfdb46e6ec6bdad20056503f6a026a3cba96143ec06d5df81bddb8f27b7f5c6c77a3c639472e25e70ab6c5b6ad18e50788102fbb77741af94bf3472108ba7d1eb9bd70992ab95104b5443d0d9d3891494db206f07873801c173df4f539a7b49331d235c5ed7c2eee092a5cf1a08fd869693efeed12cb99713dac9c396a43ed8d658b77e4a883e0dc318d6afa7000f059159c4ebc2c04c2e5312c973e6f845ac3cb7475f53ae50f3d1a068debe901f95673114177b2448eae7030aa4482d7d2ee73c86bd005fcc2fefbdcedf6714d945818c743d1c5398fb6a61535fc0a3bced2d6d1647c135a78ae5afeb169eb8487bce7f589795fbf262038b6499d36b6cace7012eea3875b692393dc88ec8abc2e75043f75dfc9b3eb8862f986f28325abad2311a3ec541e8db686c27a15efc0cea30a8b60cb9dfc2e16f0a602da7a045d0f172418c2fbc126eeb1b88f552a17204938af6502ab8e9bc2c012bbb83c139dc4fa8a222d2f7150c8313e6356c9291bfdf2ea52d6ab2d10f02dd14476587cbe014476c1e7b0a14461ef58d297bebddbbc687767cc0b7a0e923726cee1026329bb335079eec742a2d737b3a7420a2e687a9237e3eb41a4f6baf76566c00d00cd48cf6eee86e612314703ae357c4c02dc407dbe3d103295ebe3214a556ceb665b086c07d088f3718711fdb99578fcf2f14f076ff4e58615b3c95f0fd3328e9f57517ab2c8aacc0b4c8ef6d8bb17256b6f8a1e83e366f5b292643403a783d64d40b703932b8098de81442466de291f8df52e5f60604f5366ee5ddc2b78a01622792e32dfc6c5fa27740be02fc9c98e9fd919cbdc4b4fdbcf7ddd475c4a67c3376bdf257e96516d85619c18115225bba74f585a0fc8e39a8d6a6ca6ea30ded6259693a1b9239905d0141aa7f287f28f3e8446127431385bcb9b9055367adb523cdc9479d91092865d7fc3d775336c1a94ac766d3940f261485fba152ba9e1e9bfc2994cc7fdd0686f9300e554570750e5693686cd5c015180846ff3a0e8a0c0399041cbf5a3e69313721d718b45c56cdcc071a5bac3fd8db557b93e95f805fc57b5bcc47d652eca9653ced0edfbbc3488f5cb62bc297aee5ababcbfa11c3eeef859e2528a53e862b8b08e4021f919d16ba6597f4664f0b9279528595a63e865ee5fccffc4dc74a9cb15485c8d9563259ede6024bc5825842047acc22acdff80596d4a2cb980d3ab44f210b9cf49d423f1ac701f9b5d6005590dc3959f03d64b67557369fefb1c012843f12f21ff209ea4c9a01e0184c09633e605c1a9cd02f6ec4d9b6b2a362cf982b94c48e48ba4f272851444dedbbb21221f40d6932e7080b758a60090667064b21090f87882720b04bdb4849e9ea8fd7860c0d129caaf840fe7aead47b40ca296e173c7c538a75d9bf5f8b933c2ae60a1a6a943406d47299597f3c21fa98b3f308d8e6ce5d7023464d147f3a768a7d3c1514a3437ae08bd01d0c53a5042108d1fa2bd6bf41d6941ca38d7a1909a867e4e9cd1d9968de5802d7412604fcf5862413892e2efd360db563d663cf3aa63895d9474582fc023027cef5912ec662531d1af3e857e41f36aefe38ccd0f1f76853ea826146153202164a9b0034a1bf53e879d322a73c923634195b5d3ca4d4e83f0861f1da7c2164218d3fc80e4c77ee80a3fc7358a735ba1d0061978b77a11fb776001a9924b4edb5d51ab93db30494082be385128b9ea17cf10b3b5c87301fdce1fb77b29565898a1975e6ea738a378129307b3591c5aed0855fa22de8010d83d2637a942a08ae339306fd2cac6480bdf657e1f77ad87dbd50b052c03110bd39feaa2b916c7c0c1f6fe1e0ff077d11766c2369e8b3efeee2638579296529490118e955e5494dda3d20c04cc44762e9af06b0d5d1e5cf9c1409e1acd244c5d0eb9fa7727daf4cfb8901301e4a22275fadc2b656253ecf4abf84852153c675480eb8d6edfa2bd30ebc3d1361621f8822f36cce9470d7a258bc8bd28f7683ad41dd3aff78d8d5c2f11c20d9579b03ef6199839e2adb30be7b52178f7b9d8094c9f30b602f10289f3b40f1a32d2f98a2655ee8819d0f3676f4088cd7147f03b36a24e4553d855fe04516c437ab2b1e5752941bf4ed97b49f5fd6242b660f268ced75f1854b1805b12473ba4c125580a7993928a6f1c34e693fd694e754ead85e76a2b1f3b114ee82d3f347c0c96927375bde42fe31b3b89d2c57eab83bdae9875497727935f693bc20ed5d5e59e47a3f52b7184565b96fbf17899cbc6378ef3d6cf419aaf4dca65858f5934603976af8c8e9b47675dfedd283489d807a94c49f5374b27609c105ca9f57cbe82a2584cf47422a9f862fd0bfefb239a72c6b1a877d0cb08a580d5f2fb52ffda1e78c7c09d15566691e660ee37854f2949882314c853ae0d92126dd70e64a57a8be41ffd3a1d4e6e3c8033f5f3e3989be842f26f1064fe149c7a241388d4e938d1bb62e679bd40806fc7a1796145e7211744ff006866b061dcf69b918c0dd15fc29b287150d817264ddf24dcfde34d541c78a06a06f0f39334016783c2f14f15e1507ff7c66929647163ca38fffd4fe732d409947144dc9bab0d719422735ddd192af5511188dd7fdaed7cc329ca64d0f8c31e577b3351a92e98fc20df2ba8089d90fdd7ffb635bfba26fa52415a9b5e60634a82822b793e017d24bf9e1f33a8e8f7211d605cf981c6ebda0f4ad02ed35118f5ecdc0603b7074cf7daaed1082767b73cdf42673bd865c3dccfb43bf119a843c424ce5610cd8d6cdb2fa6c899510debab980fa57f136fe6ff618307acf790c74b747d26abbc4ede3d63e0b7b5ceb1093a749e4631e85caaf54a9e5192122f39f637044d6c370dfd23d18b24527c9bc783f61a019f920e90018347ad86c8189aa47510808f1917506817900cfd80271503c6c0f5780c642768d7c34bbfc05cd28bb59915af7c3cc762ce896c40c999e4ba7fbdb3032b742657669184b6133e0c93c42970a032305b488e0a646e25f551ce98ea0dbdc1c5637f8f1e49791e574b16e5412ad670d0080f279176d7a7f4f3d7c03f665b5c593d07f6851dcbb66596909667d7838de130269d1d20a6137298bbea184e8b59139d48e953489cce5ff6aa13af8402eb263029615e0d6f51531ff251b36a9e772b8c49046330a1a0fa5a34a1d05acce0af7f42a957ffc52e9ae8143fe99fcfa31f4bea3c5f0452279563b2b245694fd669329df09c9e2cb08af6f9934d5ab3fe1e6deb5a57db4d9c05bfdc4b4ac90f31a57b6710e7ec2811ac3798df925fefcb994a455bfb29a7e6c21a85132bbf0a1587883af1abad83907bbfb80572da961f43de41c414718e570e99e422e56d14e02210b8e37462e378ae677ee39d4097ed115437457258b98b9d95bbd589dda0f2c22de642806d5f5a6ed642dd4f6a8e48d49b400f25e05d097cfe8749041c02066acbd1296ae2fbe5e05be8a21e45565e7a5df34f6781f09ed790ef361d69f7b9f20fbe2814fc50395e5dcda9c9e443bc1221836bbcf96cd0b59da1747c2ca89ff54f4be82496d889981b7895fdc9dc93cb8a8f8c7a85d216468fd5f046ec57d6f01626980d672cb9dfd242f5198142b49a4501512c8eb8d4f34f1bc8e95d28416bfa9d9222f02c5b87b157ebf1cadc7e18a5ddea1793e3b8d9f7ac15053d1b3daad7ae2612b0f759f0fd8e235a5da867bf7dd3d9433dbfb3c971f6bd52df12a41c67afcce867ee2a1f9190ff24850023702393ff91fa2bfb1353dc8f642d59ae3d796cc85270d8e1a1a05c7bca02ea04192b04a98d402dbb2cf98cdcf2ffe7ca0f376aca7c65aaf7ed367e45fc0848772cc13263ae20f639f1741f1113bf7786b9c3ecfeb4d6a6e5efa629da44db2abc1c719edc718d1aa88474430fd49f5414c4214914e194a160c38c5ee1dbd78902dcfc46d005ef4d3d2029b2df6d8156bdc3f227acac219945af027aed3fd1466a7339ff79e1a9358baf89e5f1791c6c69e5c4a7605e9bdf0bf3e6a0ce3288d553cdb4ff01c2c39027b5bc522846beaa8cfe5a4f34e9ddc27da0ed3795b4d4e13b8894130d2a64d78dbca2afd48da93311995c6e70786fee4aaac305441806de311208c106a73603f4e9fbdddac833b7a69ed8347bebba0cd833ab336fee53f9f3f983d567f1f9569bfb26b4883ad517728d541db05610d0a87ae5fefeb6881e2ba950fb7e3b0abcb891d25963b311e96a87e4a5a6c69299a5a17058bd52aaad88dbf1095e576e62447aab7bb2b8e4cdedea02b31f49d1e8887ec751927a62e729af05306ef53f9e1d5f4bd662fdddddf3ceae26b0b301d42e9808cbd125c3e0d01ab7428f2d9cbf70d59f399756368a38793261137632e394e97d33aed6bcd87e8a682f645acb6c95a9955b1dfadb28caa3199c23989b4d29432d5250f1225176178ee7c9babcf4080d75de7d820babd151af2d2075571eb75fff98c955d05ece569bad9afe3043e29ac58beea14047492baf9be4f6d4918ba541e7cea5a5b2cf4c7cc24c0ecf72e6cfe0c039ac0a91a3caa8aae817e95346998a4a0fe5e23cd6f0602d60ee16c49a1a71a251dec92c3b92581de4e62a35db4a21d17de8b434598e1be337a1f18eacf87dffbceaac59ea0147b95bce2f4f03e5d72646b4a3e9e719eeac415f778c14820aa34491622df7601acfacd3a0368b53dd90d26b46540ab40011d4d1a93bc6a2b81ade909c4a999307b6f766d482af17ff797d7381f3a7aa180fd3a190da67092c8d074e2ad19d9fd47d11f8fb2c2f22077636f483de05c7e9e9a212e5d96d52f50dbfd147df15683f3a93ea5401a30b87621d4fc8761f0b50280ecaaae2ce4044f111e5c1394392fefb0c36dd3c37c83b94bd77779415fe2ab05da887fb4648f7692d8d4f31b12a9bb1ac2ad04d13d40776750e8e451a37deb6d44def760fe9495ed7b819f4d5335ed0a5cfdd616e5d1fb5bb58bcfa3f43", 0x1000}, {&(0x7f0000004e80)="1ae91e1ed728fc9ab0a05bd231c296cff1adc9c2582cecee10e39f536ed7aeaa5525cb4b2a9a5f611bcc15773b369f0351302007fa810959cdb08dd7485b990bb79058c75eac4144e354b0dcee5aa7d7666b4edc36fa756c893e24258b9d650d66c819fd5a92b23262406fddaa5e3759a48919582f5bbe076a365481a2d042735096198b7bf86a7414d277acb3ed9a9da3e71371761dc73283b118faccabce6830aac5d743441fb954da01ef516c649f40ad3fcc4c74f3c7cebe3fc4acc26255d7a273e5cc", 0xc5}], 0x2, &(0x7f0000005100)=[@cred={{0x1c, 0x1, 0x2, {r106, r107, r108}}}], 0x20}], 0x6, 0x40) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r110 = dup(r109) ioctl$PERF_EVENT_IOC_ENABLE(r110, 0x8912, 0x400200) setsockopt$inet_tcp_TCP_CONGESTION(r110, 0x6, 0xd, &(0x7f0000000180)='highspeed\x00', 0xffffffffffffff66) ioctl$NBD_DO_IT(r3, 0xab03) [ 421.564581][T14206] netlink: 'syz-executor.0': attribute type 1 has an invalid length. [ 421.585242][T14214] FAULT_INJECTION: forcing a failure. [ 421.585242][T14214] name failslab, interval 1, probability 0, space 0, times 0 [ 421.600512][T14214] CPU: 0 PID: 14214 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 421.609566][T14214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.615784][T14208] block nbd3: shutting down sockets [ 421.619619][T14214] Call Trace: [ 421.619646][T14214] dump_stack+0x172/0x1f0 [ 421.619669][T14214] should_fail.cold+0xa/0x15 [ 421.619689][T14214] ? fault_create_debugfs_attr+0x180/0x180 [ 421.643205][T14214] ? ___might_sleep+0x163/0x2c0 [ 421.648105][T14214] __should_failslab+0x121/0x190 [ 421.653082][T14214] should_failslab+0x9/0x14 [ 421.657607][T14214] kmem_cache_alloc+0x2aa/0x710 05:02:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000000c0)={{0x1, 0x4, 0x101, 0x2bf}, 'syz0\x00', 0x2e}) ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431) [ 421.662468][T14214] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 421.668291][T14214] getname_kernel+0x53/0x370 [ 421.672888][T14214] kern_path+0x20/0x40 [ 421.676963][T14214] ovl_mount_dir_noesc+0x6c/0x180 [ 421.681991][T14214] ovl_mount_dir+0x10a/0x1d0 [ 421.686924][T14214] ovl_fill_super+0xf4a/0x4029 [ 421.686940][T14214] ? register_shrinker_prepared+0x116/0x190 [ 421.686966][T14214] ? ovl_show_options+0x550/0x550 [ 421.686983][T14214] ? __kasan_check_write+0x14/0x20 [ 421.687005][T14214] ? register_shrinker_prepared+0x116/0x190 [ 421.687023][T14214] ? sget+0x12b/0x560 [ 421.687039][T14214] ? get_anon_bdev+0xc0/0xc0 [ 421.728351][T14214] ? ovl_show_options+0x550/0x550 [ 421.733419][T14214] mount_nodev+0x66/0x110 [ 421.737753][T14214] ovl_mount+0x2d/0x40 [ 421.741848][T14214] ? ovl_own_xattr_set+0x10/0x10 [ 421.747315][T14214] legacy_get_tree+0x108/0x220 [ 421.752089][T14214] vfs_get_tree+0x8e/0x300 [ 421.756514][T14214] do_mount+0x142e/0x1cf0 [ 421.760860][T14214] ? copy_mount_string+0x40/0x40 [ 421.766946][T14214] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 421.773485][T14214] ? copy_mount_options+0x2e8/0x3f0 [ 421.778891][T14214] ksys_mount+0xdb/0x150 [ 421.783142][T14214] __x64_sys_mount+0xbe/0x150 [ 421.788779][T14214] do_syscall_64+0xfa/0x760 [ 421.794500][T14214] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 421.801498][T14214] RIP: 0033:0x459a59 [ 421.805653][T14214] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 421.827271][T14214] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 421.835946][T14214] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 421.849401][T14214] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 421.857546][T14214] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 05:02:17 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 421.865515][T14214] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 421.875936][T14214] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 421.895305][T14214] overlayfs: failed to resolve './file1': -12 [ 421.978039][ T9110] block nbd3: Receive control failed (result -22) [ 421.985934][ T9110] block nbd3: Receive control failed (result -22) [ 421.987343][T14201] block nbd2: shutting down sockets [ 422.004837][T14224] block nbd3: shutting down sockets 05:02:17 executing program 1 (fault-call:3 fault-nth:77): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:17 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x4010, r1, 0x0) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) r5 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r8) ioctl$FS_IOC_ENABLE_VERITY(r8, 0x40806685, &(0x7f0000000200)={0x1, 0x2, 0x1000, 0xbe, &(0x7f00000000c0)="08bf87b94d933e81ba3abdbce4f57dee2b290426f8ffcbddfc9a987a3eba580f0826b26df4c989e50f1a1b4e7c81b2e9c68b21c36746182c4301f4550f60e2bc8129e0883f027dead6aa01c3e0818a23315a6505ce11ed1e8021c95e35a8de0110c1d1825cb7620b86e8426f01e9b021b548acae28557cc7fa536bb4165a97b1a763a08e1bb2922df2d15d732c3daadaea697db0dd6bdfdb756c6864edf60d4fe5f9a8e4301b47c88fd06230412302873640a0a5e858d95fb0281f362013", 0x1b, 0x0, &(0x7f0000000000)="4dff760c89c9b90f92a9a5a18a3ca27226708d12d3f2d7ec3a1cf1"}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r14 = dup(r13) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r16 = dup(r15) ioctl$PERF_EVENT_IOC_ENABLE(r16, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r16, 0xab00, r5) ioctl$NBD_SET_FLAGS(r4, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r4, 0xab03) 05:02:17 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='\x00\xbf\x01\x80\xb0\x00\x19d0\x00', 0x0, 0x121000) r1 = socket(0x5, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f0000000180)={0x5}) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) ioctl$VIDIOC_G_JPEGCOMP(r4, 0x808c563d, &(0x7f00000000c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$inet6_udp_encap(r6, 0x11, 0x64, &(0x7f0000000040)=0x5, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_DO_IT(r3, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$SIOCRSGL2CALL(r6, 0x89e5, &(0x7f0000001480)=@default) r13 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x254800, 0x0) r14 = clone3(&(0x7f00000013c0)={0x4000, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300), 0x23, 0x0, &(0x7f0000000340)=""/93, 0x5d, &(0x7f00000003c0)=""/4096}, 0x40) ioctl$TIOCSPGRP(r13, 0x5410, &(0x7f0000001400)=r14) r15 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r16, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r16, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r16, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r15, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r16, &(0x7f00000000c0)=0x4) setsockopt$inet_sctp6_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000200)={r16, 0x4}, 0x8) [ 422.200425][T14236] FAULT_INJECTION: forcing a failure. [ 422.200425][T14236] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 422.213888][T14236] CPU: 0 PID: 14236 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 422.223442][T14236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.233516][T14236] Call Trace: [ 422.236846][T14236] dump_stack+0x172/0x1f0 [ 422.241379][T14236] should_fail.cold+0xa/0x15 05:02:17 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$KVM_IRQ_LINE_STATUS(r6, 0xc008ae67, &(0x7f0000000000)={0x4e6b, 0x101}) ioctl$NBD_DO_IT(r2, 0xab03) [ 422.246096][T14236] ? fault_create_debugfs_attr+0x180/0x180 [ 422.251918][T14236] ? __kasan_check_read+0x11/0x20 [ 422.256953][T14236] ? __lock_acquire+0x16f2/0x4a00 [ 422.262013][T14236] ? ovl_mount+0x2d/0x40 [ 422.266268][T14236] should_fail_alloc_page+0x50/0x60 [ 422.271487][T14236] __alloc_pages_nodemask+0x1a1/0x910 [ 422.276868][T14236] ? fs_reclaim_release+0xf/0x30 [ 422.281941][T14236] ? __alloc_pages_slowpath+0x2920/0x2920 [ 422.288218][T14236] ? fs_reclaim_release+0xf/0x30 [ 422.293176][T14236] ? fault_create_debugfs_attr+0x180/0x180 [ 422.299016][T14236] cache_grow_begin+0x90/0xd00 [ 422.304227][T14236] ? trace_hardirqs_off+0x62/0x240 [ 422.309738][T14236] kmem_cache_alloc+0x64e/0x710 [ 422.314603][T14236] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 422.320416][T14236] getname_kernel+0x53/0x370 [ 422.325047][T14236] kern_path+0x20/0x40 [ 422.329136][T14236] ovl_mount_dir_noesc+0x6c/0x180 [ 422.334172][T14236] ovl_mount_dir+0x10a/0x1d0 [ 422.338760][T14236] ovl_fill_super+0xf4a/0x4029 [ 422.346057][T14236] ? register_shrinker_prepared+0x116/0x190 [ 422.351970][T14236] ? ovl_show_options+0x550/0x550 [ 422.357016][T14236] ? __kasan_check_write+0x14/0x20 [ 422.362143][T14236] ? register_shrinker_prepared+0x116/0x190 [ 422.368049][T14236] ? sget+0x12b/0x560 [ 422.372039][T14236] ? get_anon_bdev+0xc0/0xc0 [ 422.376641][T14236] ? ovl_show_options+0x550/0x550 [ 422.383014][T14236] mount_nodev+0x66/0x110 [ 422.389049][T14236] ovl_mount+0x2d/0x40 [ 422.393813][T14236] ? ovl_own_xattr_set+0x10/0x10 [ 422.399193][T14236] legacy_get_tree+0x108/0x220 [ 422.403876][ T9110] block nbd2: Receive control failed (result -22) [ 422.404126][T14236] vfs_get_tree+0x8e/0x300 [ 422.404145][T14236] do_mount+0x142e/0x1cf0 [ 422.404164][T14236] ? copy_mount_string+0x40/0x40 [ 422.404191][T14236] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 422.415388][T14236] ? copy_mount_options+0x2e8/0x3f0 [ 422.415415][T14236] ksys_mount+0xdb/0x150 [ 422.415434][T14236] __x64_sys_mount+0xbe/0x150 [ 422.415453][T14236] do_syscall_64+0xfa/0x760 [ 422.415472][T14236] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 422.415483][T14236] RIP: 0033:0x459a59 [ 422.415496][T14236] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 422.415509][T14236] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 422.425366][T14236] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 422.425375][T14236] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 422.425383][T14236] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 422.425391][T14236] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 422.425399][T14236] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 422.501939][T14241] block nbd2: shutting down sockets 05:02:19 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0", 0x98}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:19 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_ENUMAUDIO(r3, 0xc0345641, &(0x7f0000000000)={0x58c, "e6f97dd73f6087771fe59c63caabe633f10c039671a7a4650bfc579e86554f3b", 0x0, 0x1}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) r5 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r4, 0xab00, r5) ioctl$NBD_SET_FLAGS(r4, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r4, 0xab03) 05:02:19 executing program 1 (fault-call:3 fault-nth:78): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:19 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = socket$inet_sctp(0x2, 0x5, 0x84) accept4(r2, &(0x7f0000000000)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f00000000c0)=0x80, 0x80000) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r3, 0xab03) 05:02:19 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 424.603572][ T9110] block nbd2: Receive control failed (result -22) [ 424.613770][T14253] FAULT_INJECTION: forcing a failure. [ 424.613770][T14253] name failslab, interval 1, probability 0, space 0, times 0 [ 424.620359][T14252] block nbd2: shutting down sockets [ 424.633220][T14253] CPU: 0 PID: 14253 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 424.642278][T14253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.652356][T14253] Call Trace: [ 424.655639][T14253] dump_stack+0x172/0x1f0 [ 424.659961][T14253] should_fail.cold+0xa/0x15 [ 424.664544][T14253] ? fault_create_debugfs_attr+0x180/0x180 [ 424.670340][T14253] ? ___might_sleep+0x163/0x2c0 [ 424.675188][T14253] __should_failslab+0x121/0x190 [ 424.680457][T14253] should_failslab+0x9/0x14 [ 424.684948][T14253] __kmalloc+0x2e0/0x770 [ 424.689180][T14253] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 424.695667][T14253] ? ext4_find_extent+0x76e/0x9d0 [ 424.700678][T14253] ext4_find_extent+0x76e/0x9d0 [ 424.705614][T14253] ? ext4_map_blocks+0xda8/0x17e0 [ 424.710622][T14253] ext4_ext_map_blocks+0x1dc/0x3ac0 [ 424.715808][T14253] ? ext4_ext_release+0x10/0x10 [ 424.720642][T14253] ? lock_acquire+0x190/0x410 [ 424.725322][T14253] ? ext4_map_blocks+0x4b3/0x17e0 [ 424.730334][T14253] ? __kasan_check_write+0x14/0x20 [ 424.735444][T14253] ? down_write+0xdf/0x150 [ 424.739845][T14253] ? down_write_killable+0x170/0x170 [ 424.745202][T14253] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 424.751509][T14253] ? ext4_es_lookup_extent+0x426/0xd40 [ 424.756958][T14253] ext4_map_blocks+0x52b/0x17e0 [ 424.762251][T14253] ? ext4_issue_zeroout+0x190/0x190 [ 424.767452][T14253] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 424.773419][T14253] ? __kasan_check_write+0x14/0x20 [ 424.778517][T14253] ext4_getblk+0xc4/0x570 [ 424.782846][T14253] ? ext4_iomap_begin+0x1000/0x1000 [ 424.788037][T14253] ext4_bread+0x8f/0x390 [ 424.796104][T14253] ? ext4_getblk+0x570/0x570 [ 424.800676][T14253] ? lockdep_init_map+0x1be/0x6d0 [ 424.805688][T14253] ext4_append+0x155/0x370 [ 424.810180][T14253] ext4_mkdir+0x632/0xe20 [ 424.814499][T14253] ? ext4_init_dot_dotdot+0x520/0x520 [ 424.819854][T14253] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 424.826076][T14253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.832300][T14253] ? security_inode_permission+0xcb/0x100 [ 424.854501][T14253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.860726][T14253] ? security_inode_mkdir+0xe4/0x120 [ 424.866001][T14253] vfs_mkdir+0x42e/0x670 [ 424.870232][T14253] ovl_create_real+0x287/0x420 [ 424.874997][T14253] ovl_workdir_create+0x350/0x530 [ 424.880010][T14253] ? ovl_setup_trap+0xc0/0xc0 [ 424.884673][T14253] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 424.889948][T14253] ? __mnt_want_write+0x1f1/0x2f0 [ 424.894959][T14253] ovl_fill_super+0x110f/0x4029 [ 424.899794][T14253] ? register_shrinker_prepared+0x116/0x190 [ 424.905690][T14253] ? ovl_show_options+0x550/0x550 [ 424.910712][T14253] ? __kasan_check_write+0x14/0x20 [ 424.915898][T14253] ? register_shrinker_prepared+0x116/0x190 [ 424.921804][T14253] ? sget+0x12b/0x560 [ 424.925768][T14253] ? get_anon_bdev+0xc0/0xc0 [ 424.930463][T14253] ? ovl_show_options+0x550/0x550 [ 424.935577][T14253] mount_nodev+0x66/0x110 [ 424.939992][T14253] ovl_mount+0x2d/0x40 [ 424.944054][T14253] ? ovl_own_xattr_set+0x10/0x10 [ 424.948994][T14253] legacy_get_tree+0x108/0x220 [ 424.953925][T14253] vfs_get_tree+0x8e/0x300 [ 424.958332][T14253] do_mount+0x142e/0x1cf0 [ 424.962650][T14253] ? copy_mount_string+0x40/0x40 [ 424.967577][T14253] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 424.974591][T14253] ? _copy_from_user+0x12c/0x1a0 [ 424.979525][T14253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 424.985761][T14253] ? copy_mount_options+0x2e8/0x3f0 [ 424.991033][T14253] ksys_mount+0xdb/0x150 [ 424.995268][T14253] __x64_sys_mount+0xbe/0x150 [ 424.999931][T14253] do_syscall_64+0xfa/0x760 [ 425.004422][T14253] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.010297][T14253] RIP: 0033:0x459a59 [ 425.014194][T14253] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 425.034399][T14253] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 425.042791][T14253] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 425.050747][T14253] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 425.058700][T14253] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 425.066687][T14253] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 425.075179][T14253] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:20 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$UI_ABS_SETUP(r4, 0x401c5504, &(0x7f0000000000)={0x1, {0x1, 0x58, 0x7, 0x3, 0x9, 0x7}}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:20 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000001240)='\x00\x00\x00\x00\x00\x00\x00\x00 \x00', 0x0, 0x280600) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x6) setsockopt(r2, 0x22c7, 0xff, &(0x7f0000001280)="257248e52b345238f9fe80e5e4b52f20e92c21d3088708a724fae110a6e5b98db470d9b8db98af84da579546bfc06d9bbb61b1a0ae65d3cc7a51452f4e3fc19bc669ce4bb9c83b8238414a8b04e94145b7a4ce4953506b01484ea1babb95cbee87407179c6f3409bc0d39cfa839c6698ebf797a5fb97d5c4d58d0814775f5f971b5b06b0852e16a590b8f5c8b35d21d558628fba8b41c2afe8b753ec2bd1e2de6a83c5dc3e8aacdc62437a695ad05315eb74c3849d9901111ac0229dc22cb9ac0df2b1488bd2451d81606822f87c28903a8bf63acfcfa202c3eb53a4c34404cfef7f3521997d44b79df518825c342c5f199c22b4", 0xf4) r3 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r3) syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x103000) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) r5 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r4, 0xab00, r5) ioctl$NBD_SET_FLAGS(r4, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r4, 0xab03) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000200)=""/4096, &(0x7f0000000040)=0x1000) ioctl$BLKDISCARD(0xffffffffffffffff, 0x1277, &(0x7f0000000080)=0x1) prctl$PR_SET_DUMPABLE(0x4, 0x7017b7bac9a711a5) 05:02:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f0000000180)={@mcast1}, &(0x7f00000001c0)=0x14) r3 = shmget$private(0x0, 0x1000, 0x54001800, &(0x7f0000fff000/0x1000)=nil) shmat(r3, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffffff) shmat(r3, &(0x7f0000ffa000/0x3000)=nil, 0x6000) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer\x00', 0x20000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000003c0)={0x44, 0x0, &(0x7f00000002c0)=[@release, @decrefs, @register_looper, @release={0x40046306, 0x3}, @acquire_done={0x40106309, 0x1}, @acquire_done={0x40106309, 0x1}], 0x5f, 0x0, &(0x7f0000000340)="cd52ef7db18e27fdd123e785e902c02106e1ab93c81ae2c7d1fdadea56a606bb560503821303e5ec31950b87dd61705f9a7555eabf7543bc3ca4ffdc84947a936e6cbc7ad306b60e2fae4fb15893253ef1ae9a58b87910e11652ab8ff38b73"}) setsockopt$RDS_GET_MR(r4, 0x114, 0x2, &(0x7f0000000280)={{&(0x7f0000000000)=""/110, 0x6e}, &(0x7f0000000240), 0x44}, 0x20) setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000240)=ANY=[], 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) r11 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x8000, 0x0) ioctl$TIOCGETD(r11, 0x5424, &(0x7f0000000140)) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x4e545b156fe0deec, 0x0) r12 = syz_open_dev$adsp(&(0x7f0000000400)='/dev/adsp#\x00', 0xfffffffffffffffa, 0x418000) ioctl$VIDIOC_ENUM_FREQ_BANDS(r12, 0xc0405665, &(0x7f00000000c0)={0x5f, 0xa, 0x7, 0x400, 0x8, 0x8000, 0x14}) [ 425.117796][T14250] block nbd3: shutting down sockets [ 425.121864][T14253] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only [ 425.143844][T14253] overlayfs: conflicting lowerdir path 05:02:20 executing program 1 (fault-call:3 fault-nth:79): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 425.238989][ T26] audit: type=1800 audit(1571202140.506:42): pid=14269 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 [ 425.271408][ T9110] block nbd2: Receive control failed (result -22) [ 425.299741][T14272] block nbd2: shutting down sockets 05:02:20 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x4000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f80c660afc21be2900d90047e2252eb7882b9abb2a2f9fd2399e0400c33f00002f0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000000c442caffa5e3255c1176ccad80e24e44784079eaab79f1a3ddf4a7a6bd22cd464f71ae4032c595a9d91707b84ec3dacc68efc88f9b32c00564be6c9cc17adef321cf088dbb91b49cf3b73c5ef79fded43aecb5fcee73dcdcb9f2e96571ff565475cb1c383d45c465b5edee2ac24d16c8a6ca936da8ea937ba724098b43b149"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x2) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e21, 0x0, @remote, 0x2}}, 0x0, 0x401, 0x0, "24ca78313e58bc31c2e0bfb28a3a9620bcbb951fc82ed1f75d82b71f1504451eea329220ec8529930f31b7bae0ce8a78a655c0eae642efa39bc88feacd6274e3810d36ab28604fbffe168f6feb8fcc59"}, 0xd8) wait4(0x0, 0x0, 0x0, 0x0) [ 425.353252][ T9110] block nbd3: Receive control failed (result -22) [ 425.370656][T14266] block nbd3: shutting down sockets 05:02:20 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r6, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r6, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) set_tid_address(&(0x7f0000000240)) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r6, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r5, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r6, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x5, 0x0, 0x4, 0x9, 0x7, 0x4, 0x0, 0x1, r6}, &(0x7f0000000040)=0x20) ioctl$NBD_DO_IT(r2, 0xab03) r7 = syz_open_dev$vbi(&(0x7f0000000340)='/dev/vbi#\x00', 0x2, 0x2) ioctl$VIDIOC_S_EDID(r7, 0xc0285629, &(0x7f00000003c0)={0x0, 0x101, 0x40, [], &(0x7f0000000380)=0x40}) [ 425.473301][T14282] FAULT_INJECTION: forcing a failure. [ 425.473301][T14282] name failslab, interval 1, probability 0, space 0, times 0 05:02:20 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) r7 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0xfffffffffffffedb) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r8, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) r9 = getpid() sched_setscheduler(r9, 0x5, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) r13 = syz_open_dev$vcsa(&(0x7f0000000400)='/dev/vcsa#\x00', 0x6, 0x8001) ioctl$SCSI_IOCTL_GET_PCI(r13, 0x5387, &(0x7f0000000500)) ioctl$EVIOCGPROP(r12, 0x80404509, &(0x7f0000000380)=""/113) dup(r10) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000240)={0x0}, &(0x7f0000000340)=0xffffffffffffffe9) kcmp(r9, r14, 0x8, r4, r7) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r8, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r8, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r7, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r8, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f00000000c0)={r8, 0x5, 0x81, 0x0, 0x3f, 0x4, 0x1, 0x6, {0x0, @in6={{0xa, 0x4e24, 0x1ff, @dev={0xfe, 0x80, [], 0xb}, 0x4}}, 0x2, 0xffff, 0x7, 0x7, 0x3f}}, &(0x7f0000000000)=0xb0) setsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000040)=@sack_info={r15, 0xffffff01, 0x2}, 0xc) ioctl$NBD_DO_IT(r2, 0xab03) [ 425.520373][ T9110] block nbd2: Receive control failed (result -22) [ 425.551182][T14282] CPU: 0 PID: 14282 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 425.560251][T14282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.566864][T14285] block nbd2: shutting down sockets [ 425.570392][T14282] Call Trace: [ 425.578965][T14282] dump_stack+0x172/0x1f0 [ 425.583476][T14282] should_fail.cold+0xa/0x15 [ 425.588097][T14282] ? fault_create_debugfs_attr+0x180/0x180 [ 425.593910][T14282] ? ___might_sleep+0x163/0x2c0 [ 425.598858][T14282] __should_failslab+0x121/0x190 [ 425.603840][T14282] should_failslab+0x9/0x14 [ 425.608349][T14282] __kmalloc+0x2e0/0x770 [ 425.612608][T14282] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 425.618776][T14282] ? ext4_find_extent+0x76e/0x9d0 [ 425.618794][T14282] ext4_find_extent+0x76e/0x9d0 [ 425.628648][T14282] ? ext4_map_blocks+0xda8/0x17e0 [ 425.633673][T14282] ext4_ext_map_blocks+0x1dc/0x3ac0 [ 425.633699][T14282] ? ext4_ext_release+0x10/0x10 [ 425.633716][T14282] ? lock_acquire+0x190/0x410 [ 425.633731][T14282] ? ext4_map_blocks+0x4b3/0x17e0 [ 425.633756][T14282] ? __kasan_check_write+0x14/0x20 [ 425.658480][T14291] block nbd3: shutting down sockets [ 425.658881][T14282] ? down_write+0xdf/0x150 [ 425.668461][T14282] ? down_write_killable+0x170/0x170 [ 425.673762][T14282] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 425.680009][T14282] ? ext4_es_lookup_extent+0x426/0xd40 [ 425.685511][T14282] ext4_map_blocks+0x52b/0x17e0 [ 425.690640][T14282] ? ext4_issue_zeroout+0x190/0x190 [ 425.695852][T14282] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 425.701831][T14282] ? __kasan_check_write+0x14/0x20 [ 425.707299][T14282] ext4_getblk+0xc4/0x570 [ 425.707317][T14282] ? ext4_iomap_begin+0x1000/0x1000 [ 425.707342][T14282] ext4_bread+0x8f/0x390 [ 425.722047][T14282] ? ext4_getblk+0x570/0x570 [ 425.726652][T14282] ? lockdep_init_map+0x1be/0x6d0 [ 425.731697][T14282] ext4_append+0x155/0x370 [ 425.736137][T14282] ext4_mkdir+0x632/0xe20 [ 425.740521][T14282] ? ext4_init_dot_dotdot+0x520/0x520 [ 425.745922][T14282] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 425.752167][T14282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.758580][T14282] ? security_inode_permission+0xcb/0x100 [ 425.758597][T14282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.758609][T14282] ? security_inode_mkdir+0xe4/0x120 [ 425.758627][T14282] vfs_mkdir+0x42e/0x670 [ 425.758654][T14282] ovl_create_real+0x287/0x420 [ 425.784983][T14282] ovl_workdir_create+0x350/0x530 [ 425.790027][T14282] ? ovl_setup_trap+0xc0/0xc0 [ 425.794816][T14282] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 425.800221][T14282] ? __mnt_want_write+0x1f1/0x2f0 [ 425.805280][T14282] ovl_fill_super+0x110f/0x4029 [ 425.810143][T14282] ? register_shrinker_prepared+0x116/0x190 [ 425.816042][T14282] ? ovl_show_options+0x550/0x550 [ 425.821139][T14282] ? __kasan_check_write+0x14/0x20 [ 425.826680][T14282] ? register_shrinker_prepared+0x116/0x190 [ 425.832559][T14282] ? sget+0x12b/0x560 [ 425.836537][T14282] ? get_anon_bdev+0xc0/0xc0 [ 425.841635][T14282] ? ovl_show_options+0x550/0x550 [ 425.846643][T14282] mount_nodev+0x66/0x110 [ 425.850956][T14282] ovl_mount+0x2d/0x40 [ 425.855082][T14282] ? ovl_own_xattr_set+0x10/0x10 [ 425.860005][T14282] legacy_get_tree+0x108/0x220 [ 425.864768][T14282] vfs_get_tree+0x8e/0x300 [ 425.869181][T14282] do_mount+0x142e/0x1cf0 [ 425.873559][T14282] ? copy_mount_string+0x40/0x40 [ 425.878565][T14282] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 425.884796][T14282] ? _copy_from_user+0x12c/0x1a0 [ 425.889735][T14282] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 425.895963][T14282] ? copy_mount_options+0x2e8/0x3f0 [ 425.901158][T14282] ksys_mount+0xdb/0x150 [ 425.905392][T14282] __x64_sys_mount+0xbe/0x150 [ 425.910078][T14282] do_syscall_64+0xfa/0x760 [ 425.914593][T14282] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 425.920474][T14282] RIP: 0033:0x459a59 [ 425.924361][T14282] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 425.944072][T14282] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 425.952768][T14282] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 425.960740][T14282] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 425.968695][T14282] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 425.976646][T14282] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 425.984608][T14282] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 426.002244][T14282] overlayfs: failed to create directory ./file1\/work (errno: 12); mounting read-only 05:02:22 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0", 0x98}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x402c5828, 0x0) ioprio_get$uid(0x3, 0x0) write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x7ff}}, 0x18) syz_mount_image$vfat(&(0x7f0000000080)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xfffffffffffff577, 0x0, &(0x7f0000000140), 0x10, 0x0) ioctl$BLKREPORTZONE(0xffffffffffffffff, 0xc0101282, 0x0) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) socket$inet6(0xa, 0x40000000000001, 0x0) ioctl$sock_TIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0) ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f0000000000)={0x1, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0}) open(0x0, 0x40c2, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0) lstat(0x0, &(0x7f00000009c0)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f00000001c0)) ptrace$setsig(0x4203, r2, 0x0, &(0x7f00000001c0)={0x2b, 0x800, 0x7ff}) write(0xffffffffffffffff, &(0x7f0000000600), 0x0) r3 = memfd_create(&(0x7f0000000240)='.^\x00', 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24000000) ioctl$LOOP_CLR_FD(0xffffffffffffffff, 0x4c01) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r3) mount(0x0, &(0x7f0000000500)='./file0\x00', &(0x7f0000000400)='ramfs\x00\x9b\x95\x84\x10D\xfb\x9b\x81R#\x10O\xd3\xb4\xe8\xa3\x1f\x00\r\xf6\xd9\xbbt\x95f\x9e\x02\x06\xf946\\{(\xc8\xa7s\xd2>\x81\x88l\x0e\xc5%\x99\x00\x02\x9d\x85\xfc\xa9\\\x99:\xe4\x9c\xf9z>w\xe7\xa9\xa8=\xe9o\x9f\xfbKE\xd7\x9a\x1b\xf8\x86@\x8e\xe6\x9em\x89\xab\x19\xea1\x8e\xa1\xb5\xd7\xc6\xc62\x05\xc7\xe5\xd2m\xeczV\x1d\x84\xcd\xc0\xdf', 0x0, 0x0) wait4(0x0, 0x0, 0x0, 0x0) 05:02:22 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$KVM_SET_IRQCHIP(r7, 0x8208ae63, &(0x7f00000000c0)={0x2, 0x0, @pic={0x1f, 0x9, 0x37, 0x9, 0x8, 0x7, 0x0, 0xff, 0x0, 0x81, 0x1, 0x2d, 0x80, 0x9b, 0x1, 0x3f}}) r8 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r8) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$sock_inet_tcp_SIOCOUTQNSD(r12, 0x894b, &(0x7f0000000000)) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:22 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x200, 0x0) ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f0000000040)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VIDIOC_S_FBUF(r7, 0x4030560b, &(0x7f0000000140)={0x20, 0x1, &(0x7f00000000c0)="29e26ab9c45d6f189ff9c9fa38c54d915f6a9e8b2fd2018d2c8a0d83dbd8a8736b18a4aa04aa4bdfc710d55ef96960cf69ec21ed125c8db6ee85a139076f181a10cbba442b3879e38e2b88cf4468fb941bbdbfec1185a74faea6dfd2d1737ef6de4a1113d8d3e074c726", {0x7ff, 0x7, 0x34363248, 0x2d34e3e31e4c25f3, 0xb43, 0xf8, 0x4, 0x20}}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:22 executing program 1 (fault-call:3 fault-nth:80): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:22 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 427.690035][ T9110] block nbd2: Receive control failed (result -22) [ 427.699267][T14298] block nbd2: shutting down sockets [ 427.754711][T14306] FAULT_INJECTION: forcing a failure. [ 427.754711][T14306] name failslab, interval 1, probability 0, space 0, times 0 [ 427.799688][ T9110] block nbd3: Receive control failed (result -22) [ 427.813127][ T9110] block nbd3: Receive control failed (result -22) [ 427.825432][T14300] block nbd3: shutting down sockets [ 427.831649][T14306] CPU: 0 PID: 14306 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 427.840718][T14306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.850793][T14306] Call Trace: [ 427.854113][T14306] dump_stack+0x172/0x1f0 [ 427.859057][T14306] should_fail.cold+0xa/0x15 [ 427.863692][T14306] ? fault_create_debugfs_attr+0x180/0x180 [ 427.863713][T14306] ? ___might_sleep+0x163/0x2c0 [ 427.863732][T14306] __should_failslab+0x121/0x190 [ 427.863748][T14306] should_failslab+0x9/0x14 [ 427.863759][T14306] __kmalloc+0x2e0/0x770 [ 427.863780][T14306] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 427.863791][T14306] ? ext4_find_extent+0x76e/0x9d0 [ 427.863806][T14306] ext4_find_extent+0x76e/0x9d0 [ 427.863823][T14306] ? ___might_sleep+0x163/0x2c0 [ 427.863840][T14306] ext4_ext_map_blocks+0x1dc/0x3ac0 [ 427.863857][T14306] ? mark_held_locks+0xf0/0xf0 [ 427.863880][T14306] ? ext4_ext_release+0x10/0x10 [ 427.925113][T14306] ? __kasan_check_write+0x14/0x20 [ 427.930248][T14306] ? down_read+0x109/0x430 [ 427.934688][T14306] ? down_read_killable+0x490/0x490 [ 427.939911][T14306] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 427.946337][T14306] ? ext4_es_lookup_extent+0x426/0xd40 [ 427.951820][T14306] ext4_map_blocks+0xdc7/0x17e0 [ 427.956840][T14306] ? ext4_issue_zeroout+0x190/0x190 [ 427.962080][T14306] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 427.968099][T14306] ? __kasan_check_write+0x14/0x20 [ 427.973755][T14306] ext4_getblk+0xc4/0x570 [ 427.973773][T14306] ? ext4_iomap_begin+0x1000/0x1000 [ 427.973796][T14306] ext4_bread+0x8f/0x390 [ 427.973810][T14306] ? ext4_getblk+0x570/0x570 [ 427.973830][T14306] ? lockdep_init_map+0x1be/0x6d0 [ 427.973861][T14306] ext4_append+0x155/0x370 [ 427.983427][T14306] ext4_mkdir+0x632/0xe20 [ 427.983450][T14306] ? ext4_init_dot_dotdot+0x520/0x520 [ 427.983470][T14306] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 427.983484][T14306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.983500][T14306] ? security_inode_permission+0xcb/0x100 [ 427.983517][T14306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 427.983535][T14306] ? security_inode_mkdir+0xe4/0x120 [ 428.041968][T14306] vfs_mkdir+0x42e/0x670 [ 428.046242][T14306] ovl_create_real+0x287/0x420 [ 428.051046][T14306] ovl_workdir_create+0x350/0x530 [ 428.056113][T14306] ? ovl_setup_trap+0xc0/0xc0 [ 428.060805][T14306] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 428.066114][T14306] ? __mnt_want_write+0x1f1/0x2f0 [ 428.071158][T14306] ovl_fill_super+0x110f/0x4029 [ 428.076021][T14306] ? register_shrinker_prepared+0x116/0x190 [ 428.081939][T14306] ? ovl_show_options+0x550/0x550 [ 428.086978][T14306] ? __kasan_check_write+0x14/0x20 [ 428.092116][T14306] ? register_shrinker_prepared+0x116/0x190 [ 428.098142][T14306] ? sget+0x12b/0x560 [ 428.102127][T14306] ? get_anon_bdev+0xc0/0xc0 [ 428.107258][T14306] ? ovl_show_options+0x550/0x550 [ 428.112296][T14306] mount_nodev+0x66/0x110 [ 428.116638][T14306] ovl_mount+0x2d/0x40 [ 428.120721][T14306] ? ovl_own_xattr_set+0x10/0x10 [ 428.125666][T14306] legacy_get_tree+0x108/0x220 [ 428.130450][T14306] vfs_get_tree+0x8e/0x300 [ 428.135222][T14306] do_mount+0x142e/0x1cf0 [ 428.139580][T14306] ? copy_mount_string+0x40/0x40 [ 428.144531][T14306] ? copy_mount_options+0x263/0x3f0 [ 428.149745][T14306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.156006][T14306] ? copy_mount_options+0x2e8/0x3f0 [ 428.162100][T14306] ksys_mount+0xdb/0x150 [ 428.166349][T14306] __x64_sys_mount+0xbe/0x150 [ 428.171031][T14306] do_syscall_64+0xfa/0x760 [ 428.175546][T14306] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.181432][T14306] RIP: 0033:0x459a59 [ 428.185329][T14306] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 428.204936][T14306] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 428.213359][T14306] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 428.221350][T14306] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 428.229321][T14306] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 428.237306][T14306] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 05:02:23 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f00000000c0)={@in6={{0xa, 0x4e24, 0x8, @loopback, 0x1}}, 0x0, 0x1cd3, 0x0, "8aecd0cf2b226a7934a264b676f72102263e850764d17ddd4f2ad5855a76b5f7c3eb5c1a0c6130003dd03cd924eb17230a4ddf77df7235f2cf3df4daffbf9203e8e8a2dc9252a8e81867a046cff13627"}, 0xd8) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socket$key(0xf, 0x3, 0x2) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={0xffffffffffffffff}, 0x2c, 0xc991229c7aa54cfb}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r5, &(0x7f00000000c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000200), r8}}, 0x18) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$NBD_DO_IT(r2, 0xab03) [ 428.245288][T14306] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 428.300780][ T9110] block nbd2: Receive control failed (result -22) [ 428.309218][T14322] block nbd2: shutting down sockets 05:02:23 executing program 1 (fault-call:3 fault-nth:81): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 428.356750][ T9110] block nbd3: Receive control failed (result -22) [ 428.356757][ T1530] block nbd3: Receive control failed (result -22) 05:02:23 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x3, 0x0, 0x1) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0) getsockopt$inet6_int(r5, 0x29, 0xa, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x20000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getpeername$inet(r7, &(0x7f0000000000)={0x2, 0x0, @initdev}, &(0x7f0000000040)=0x10) [ 428.413104][T14323] block nbd3: shutting down sockets [ 428.463121][T14326] block nbd3: Device being setup by another task [ 428.565417][T14337] FAULT_INJECTION: forcing a failure. [ 428.565417][T14337] name failslab, interval 1, probability 0, space 0, times 0 [ 428.579108][T14337] CPU: 0 PID: 14337 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 428.588149][T14337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 428.598210][T14337] Call Trace: [ 428.601515][T14337] dump_stack+0x172/0x1f0 [ 428.605862][T14337] should_fail.cold+0xa/0x15 [ 428.610463][T14337] ? fault_create_debugfs_attr+0x180/0x180 [ 428.616283][T14337] __should_failslab+0x121/0x190 [ 428.621225][T14337] should_failslab+0x9/0x14 [ 428.625728][T14337] kmem_cache_alloc+0x47/0x710 [ 428.630496][T14337] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 428.636216][T14337] ? ext4_es_can_be_merged+0x1a3/0x2a0 [ 428.641677][T14337] ? do_raw_write_lock+0x124/0x290 [ 428.646816][T14337] __es_insert_extent+0x2cc/0xf20 [ 428.651850][T14337] ext4_es_insert_extent+0x2d2/0xa70 [ 428.657146][T14337] ? ext4_es_scan_clu+0xe0/0xe0 [ 428.662439][T14337] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 428.668690][T14337] ? ext4_es_lookup_extent+0x426/0xd40 [ 428.674162][T14337] ext4_map_blocks+0x7ed/0x17e0 [ 428.679024][T14337] ? ext4_issue_zeroout+0x190/0x190 [ 428.684234][T14337] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 428.690237][T14337] ? __kasan_check_write+0x14/0x20 [ 428.695373][T14337] ext4_getblk+0xc4/0x570 [ 428.699989][T14337] ? ext4_iomap_begin+0x1000/0x1000 [ 428.705209][T14337] ext4_bread+0x8f/0x390 [ 428.709458][T14337] ? ext4_getblk+0x570/0x570 [ 428.714057][T14337] ? lockdep_init_map+0x1be/0x6d0 [ 428.719098][T14337] ext4_append+0x155/0x370 [ 428.726664][T14337] ext4_mkdir+0x632/0xe20 [ 428.731019][T14337] ? ext4_init_dot_dotdot+0x520/0x520 [ 428.736397][T14337] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 428.736477][T14337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.736493][T14337] ? security_inode_permission+0xcb/0x100 [ 428.736513][T14337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.754802][T14337] ? security_inode_mkdir+0xe4/0x120 [ 428.754825][T14337] vfs_mkdir+0x42e/0x670 [ 428.754850][T14337] ovl_create_real+0x287/0x420 [ 428.754867][T14337] ovl_workdir_create+0x350/0x530 [ 428.754886][T14337] ? ovl_setup_trap+0xc0/0xc0 [ 428.754902][T14337] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 428.754922][T14337] ? __mnt_want_write+0x1f1/0x2f0 [ 428.754941][T14337] ovl_fill_super+0x110f/0x4029 [ 428.800395][T14337] ? register_shrinker_prepared+0x116/0x190 [ 428.806473][T14337] ? ovl_show_options+0x550/0x550 [ 428.811519][T14337] ? __kasan_check_write+0x14/0x20 05:02:24 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 428.816650][T14337] ? register_shrinker_prepared+0x116/0x190 [ 428.822562][T14337] ? sget+0x12b/0x560 [ 428.826552][T14337] ? get_anon_bdev+0xc0/0xc0 [ 428.831165][T14337] ? ovl_show_options+0x550/0x550 [ 428.836327][T14337] mount_nodev+0x66/0x110 [ 428.840678][T14337] ovl_mount+0x2d/0x40 [ 428.844756][T14337] ? ovl_own_xattr_set+0x10/0x10 [ 428.849693][T14337] legacy_get_tree+0x108/0x220 [ 428.854972][T14337] vfs_get_tree+0x8e/0x300 [ 428.859608][T14337] do_mount+0x142e/0x1cf0 05:02:24 executing program 1 (fault-call:3 fault-nth:82): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 428.860454][ T9110] block nbd2: Receive control failed (result -22) [ 428.863948][T14337] ? copy_mount_string+0x40/0x40 [ 428.863969][T14337] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 428.863985][T14337] ? _copy_from_user+0x12c/0x1a0 [ 428.864005][T14337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 428.864020][T14337] ? copy_mount_options+0x2e8/0x3f0 [ 428.864044][T14337] ksys_mount+0xdb/0x150 [ 428.864059][T14337] __x64_sys_mount+0xbe/0x150 [ 428.864076][T14337] do_syscall_64+0xfa/0x760 [ 428.864095][T14337] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 428.864106][T14337] RIP: 0033:0x459a59 [ 428.864122][T14337] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 428.864130][T14337] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 428.864150][T14337] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 428.864158][T14337] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 428.864166][T14337] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 428.864174][T14337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 428.864181][T14337] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 428.878623][T14337] overlayfs: conflicting lowerdir path [ 429.005011][T14339] block nbd2: shutting down sockets [ 429.029165][ T9110] block nbd3: Receive control failed (result -22) [ 429.043535][T14333] block nbd3: shutting down sockets [ 429.052389][T14344] FAULT_INJECTION: forcing a failure. [ 429.052389][T14344] name failslab, interval 1, probability 0, space 0, times 0 [ 429.065180][T14344] CPU: 0 PID: 14344 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 429.074814][T14344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.084877][T14344] Call Trace: [ 429.088185][T14344] dump_stack+0x172/0x1f0 [ 429.092533][T14344] should_fail.cold+0xa/0x15 [ 429.097173][T14344] ? fault_create_debugfs_attr+0x180/0x180 [ 429.103039][T14344] __should_failslab+0x121/0x190 [ 429.108083][T14344] should_failslab+0x9/0x14 [ 429.112730][T14344] kmem_cache_alloc+0x47/0x710 [ 429.117526][T14344] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 429.123546][T14344] ? ext4_es_can_be_merged+0x1a3/0x2a0 [ 429.129056][T14344] ? do_raw_write_lock+0x124/0x290 [ 429.134702][T14344] __es_insert_extent+0x2cc/0xf20 [ 429.139759][T14344] ext4_es_insert_extent+0x2d2/0xa70 [ 429.145585][T14344] ? ext4_es_scan_clu+0xe0/0xe0 [ 429.150625][T14344] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 429.156887][T14344] ? ext4_es_lookup_extent+0x426/0xd40 [ 429.162349][T14344] ext4_map_blocks+0x7ed/0x17e0 [ 429.167220][T14344] ? ext4_issue_zeroout+0x190/0x190 [ 429.172433][T14344] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 429.178411][T14344] ? __kasan_check_write+0x14/0x20 [ 429.183518][T14344] ext4_getblk+0xc4/0x570 [ 429.187856][T14344] ? ext4_iomap_begin+0x1000/0x1000 [ 429.193079][T14344] ext4_bread+0x8f/0x390 [ 429.197322][T14344] ? ext4_getblk+0x570/0x570 [ 429.197337][T14344] ? lockdep_init_map+0x1be/0x6d0 [ 429.197363][T14344] ext4_append+0x155/0x370 [ 429.206944][T14344] ext4_mkdir+0x632/0xe20 [ 429.215670][T14344] ? ext4_init_dot_dotdot+0x520/0x520 [ 429.221152][T14344] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 429.227404][T14344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.233745][T14344] ? security_inode_permission+0xcb/0x100 [ 429.239484][T14344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.245738][T14344] ? security_inode_mkdir+0xe4/0x120 [ 429.251049][T14344] vfs_mkdir+0x42e/0x670 [ 429.255312][T14344] ovl_create_real+0x287/0x420 [ 429.260090][T14344] ovl_workdir_create+0x350/0x530 [ 429.265136][T14344] ? ovl_setup_trap+0xc0/0xc0 [ 429.269827][T14344] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 429.275144][T14344] ? __mnt_want_write+0x1f1/0x2f0 [ 429.280187][T14344] ovl_fill_super+0x110f/0x4029 [ 429.285044][T14344] ? register_shrinker_prepared+0x116/0x190 [ 429.290942][T14344] ? ovl_show_options+0x550/0x550 [ 429.295949][T14344] ? __kasan_check_write+0x14/0x20 [ 429.301183][T14344] ? register_shrinker_prepared+0x116/0x190 [ 429.307094][T14344] ? sget+0x12b/0x560 [ 429.311130][T14344] ? get_anon_bdev+0xc0/0xc0 [ 429.315765][T14344] ? ovl_show_options+0x550/0x550 [ 429.320775][T14344] mount_nodev+0x66/0x110 [ 429.325112][T14344] ovl_mount+0x2d/0x40 [ 429.329177][T14344] ? ovl_own_xattr_set+0x10/0x10 [ 429.334111][T14344] legacy_get_tree+0x108/0x220 [ 429.338877][T14344] vfs_get_tree+0x8e/0x300 [ 429.343288][T14344] do_mount+0x142e/0x1cf0 [ 429.347612][T14344] ? copy_mount_string+0x40/0x40 [ 429.352549][T14344] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 429.358774][T14344] ? _copy_from_user+0x12c/0x1a0 [ 429.363711][T14344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 429.369949][T14344] ? copy_mount_options+0x2e8/0x3f0 [ 429.375137][T14344] ksys_mount+0xdb/0x150 [ 429.379376][T14344] __x64_sys_mount+0xbe/0x150 [ 429.384060][T14344] do_syscall_64+0xfa/0x760 [ 429.388572][T14344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 429.394550][T14344] RIP: 0033:0x459a59 [ 429.398437][T14344] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 429.418031][T14344] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 429.426448][T14344] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 429.434858][T14344] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 429.445011][T14344] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 429.452988][T14344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 429.460963][T14344] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90", 0x9d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:26 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) tkill(0x0, 0x36) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x210140, 0x0) ioctl$UI_DEV_DESTROY(r2, 0x5502) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2ff989da5d0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x7, 0x40000) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:26 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000040)={'bcsf0\x00', {0x2, 0x4e20, @local}}) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r7, 0x894b, &(0x7f0000000000)) ioctl$NBD_DO_IT(r3, 0xab03) 05:02:26 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fallocate(r0, 0x10, 0x0, 0x3000000000000) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:26 executing program 1 (fault-call:3 fault-nth:83): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:26 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 430.860961][ T9110] block nbd2: Receive control failed (result -22) [ 430.865067][T14361] FAULT_INJECTION: forcing a failure. [ 430.865067][T14361] name failslab, interval 1, probability 0, space 0, times 0 [ 430.880448][T14361] CPU: 0 PID: 14361 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 430.889480][T14361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.899541][T14361] Call Trace: [ 430.902848][T14361] dump_stack+0x172/0x1f0 [ 430.907340][T14361] should_fail.cold+0xa/0x15 [ 430.911952][T14361] ? fault_create_debugfs_attr+0x180/0x180 [ 430.917776][T14361] __should_failslab+0x121/0x190 [ 430.922731][T14361] should_failslab+0x9/0x14 [ 430.927240][T14361] kmem_cache_alloc+0x47/0x710 [ 430.932021][T14361] ? __kasan_check_write+0x14/0x20 [ 430.937146][T14361] ? do_raw_write_lock+0x124/0x290 [ 430.942279][T14361] __es_insert_extent+0x2cc/0xf20 [ 430.947336][T14361] ext4_es_insert_extent+0x2d2/0xa70 [ 430.952726][T14361] ? ext4_es_scan_clu+0xe0/0xe0 [ 430.957595][T14361] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 430.963596][T14361] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 430.969850][T14361] ? ext4_es_find_extent_range+0x131/0x660 [ 430.975690][T14361] ext4_ext_put_gap_in_cache+0xfe/0x150 [ 430.981249][T14361] ? ext4_rereserve_cluster+0x240/0x240 [ 430.985390][T14355] block nbd2: shutting down sockets [ 430.986806][T14361] ? ext4_find_extent+0x76e/0x9d0 [ 430.997004][T14361] ? ext4_find_extent+0x6a6/0x9d0 [ 431.002044][T14361] ext4_ext_map_blocks+0x1930/0x3ac0 [ 431.007351][T14361] ? ext4_ext_release+0x10/0x10 [ 431.012213][T14361] ? __kasan_check_write+0x14/0x20 [ 431.017322][T14361] ? down_read+0x109/0x430 [ 431.021734][T14361] ? down_read_killable+0x490/0x490 [ 431.027095][T14361] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.033320][T14361] ? ext4_es_lookup_extent+0x426/0xd40 [ 431.038779][T14361] ext4_map_blocks+0xdc7/0x17e0 [ 431.043626][T14361] ? ext4_issue_zeroout+0x190/0x190 [ 431.048834][T14361] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 431.054806][T14361] ? __kasan_check_write+0x14/0x20 [ 431.059901][T14361] ext4_getblk+0xc4/0x570 [ 431.064215][T14361] ? ext4_iomap_begin+0x1000/0x1000 [ 431.069406][T14361] ext4_bread+0x8f/0x390 [ 431.073638][T14361] ? ext4_getblk+0x570/0x570 [ 431.078212][T14361] ? lockdep_init_map+0x1be/0x6d0 [ 431.083226][T14361] ext4_append+0x155/0x370 [ 431.087632][T14361] ext4_mkdir+0x632/0xe20 [ 431.091951][T14361] ? ext4_init_dot_dotdot+0x520/0x520 [ 431.097306][T14361] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.103528][T14361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.109769][T14361] ? security_inode_permission+0xcb/0x100 [ 431.115493][T14361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.121725][T14361] ? security_inode_mkdir+0xe4/0x120 [ 431.127008][T14361] vfs_mkdir+0x42e/0x670 [ 431.131249][T14361] ovl_create_real+0x287/0x420 [ 431.136001][T14361] ovl_workdir_create+0x350/0x530 [ 431.141015][T14361] ? ovl_setup_trap+0xc0/0xc0 [ 431.145676][T14361] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 431.150950][T14361] ? __mnt_want_write+0x1f1/0x2f0 [ 431.155978][T14361] ovl_fill_super+0x110f/0x4029 [ 431.161001][T14361] ? register_shrinker_prepared+0x116/0x190 [ 431.166885][T14361] ? ovl_show_options+0x550/0x550 [ 431.171901][T14361] ? __kasan_check_write+0x14/0x20 [ 431.177032][T14361] ? register_shrinker_prepared+0x116/0x190 [ 431.182909][T14361] ? sget+0x12b/0x560 [ 431.186886][T14361] ? get_anon_bdev+0xc0/0xc0 [ 431.191493][T14361] ? ovl_show_options+0x550/0x550 [ 431.196502][T14361] mount_nodev+0x66/0x110 [ 431.200813][T14361] ovl_mount+0x2d/0x40 [ 431.204861][T14361] ? ovl_own_xattr_set+0x10/0x10 [ 431.209788][T14361] legacy_get_tree+0x108/0x220 [ 431.214536][T14361] vfs_get_tree+0x8e/0x300 [ 431.218938][T14361] do_mount+0x142e/0x1cf0 [ 431.223258][T14361] ? retint_kernel+0x2b/0x2b [ 431.227834][T14361] ? copy_mount_string+0x40/0x40 [ 431.232755][T14361] ? copy_mount_options+0x252/0x3f0 [ 431.237939][T14361] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 431.243472][T14361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.249970][T14361] ? copy_mount_options+0x2e8/0x3f0 [ 431.255155][T14361] ksys_mount+0xdb/0x150 [ 431.259382][T14361] __x64_sys_mount+0xbe/0x150 [ 431.264050][T14361] do_syscall_64+0xfa/0x760 [ 431.268538][T14361] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 431.274411][T14361] RIP: 0033:0x459a59 [ 431.278291][T14361] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 431.297877][T14361] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:02:26 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) clock_gettime(0x1, &(0x7f00000000c0)) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) r3 = accept4$x25(r1, 0x0, &(0x7f0000000040), 0x1c0800) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r6, 0x10e, 0x1, &(0x7f0000000000)=0x1d, 0x4) [ 431.306270][T14361] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 431.314224][T14361] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 431.322175][T14361] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 431.330128][T14361] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 431.338077][T14361] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 431.351179][T14361] overlayfs: conflicting lowerdir path 05:02:26 executing program 1 (fault-call:3 fault-nth:84): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 431.423412][ T9110] block nbd2: Receive control failed (result -22) [ 431.432415][T14369] block nbd2: shutting down sockets [ 431.447994][ T9110] block nbd3: Receive control failed (result -22) [ 431.457654][ T9110] block nbd3: Receive control failed (result -22) [ 431.468350][T14356] block nbd3: shutting down sockets 05:02:26 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$sock_bt_hci(r6, 0x0, &(0x7f0000000000)="29455ad3258d6a8b2cb2f49aaf5bcdb0483ace3ef5df4c15afe19b726d86106840f9cd3ed4db36602c2ccd9e1a27f33b98c367d5fc2c6967c14a6f7556913b5cf22227be5b4da321e5d4f73d2f1c028524c97098ec80e7e56179c57cf9dbb3f796271f4c35e9c89647af47d3eb8712885b6f142fc02500ebf39f0b0731377f") 05:02:26 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) setsockopt$bt_hci_HCI_DATA_DIR(r7, 0x0, 0x1, &(0x7f0000000000)=0x7b, 0x4) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 431.610247][ T9110] block nbd2: Receive control failed (result -22) [ 431.620546][T14467] block nbd2: shutting down sockets [ 431.620845][T14441] FAULT_INJECTION: forcing a failure. [ 431.620845][T14441] name failslab, interval 1, probability 0, space 0, times 0 [ 431.638726][T14441] CPU: 1 PID: 14441 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 431.648701][T14441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.658760][T14441] Call Trace: [ 431.662062][T14441] dump_stack+0x172/0x1f0 [ 431.666411][T14441] should_fail.cold+0xa/0x15 [ 431.671017][T14441] ? fault_create_debugfs_attr+0x180/0x180 [ 431.676841][T14441] __should_failslab+0x121/0x190 [ 431.681788][T14441] should_failslab+0x9/0x14 [ 431.686310][T14441] kmem_cache_alloc+0x47/0x710 [ 431.691185][T14441] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 431.696915][T14441] ? ext4_es_can_be_merged+0x1a3/0x2a0 [ 431.702382][T14441] ? do_raw_write_lock+0x124/0x290 [ 431.707672][T14441] __es_insert_extent+0x2cc/0xf20 [ 431.712689][T14441] ext4_es_insert_extent+0x2d2/0xa70 [ 431.718150][T14441] ? ext4_es_scan_clu+0xe0/0xe0 [ 431.723000][T14441] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.729483][T14441] ? ext4_es_lookup_extent+0x426/0xd40 [ 431.734931][T14441] ext4_map_blocks+0x7ed/0x17e0 [ 431.739772][T14441] ? ext4_issue_zeroout+0x190/0x190 [ 431.744963][T14441] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 431.751994][T14441] ? __kasan_check_write+0x14/0x20 [ 431.757091][T14441] ext4_getblk+0xc4/0x570 [ 431.761406][T14441] ? ext4_iomap_begin+0x1000/0x1000 [ 431.766595][T14441] ext4_bread+0x8f/0x390 [ 431.770820][T14441] ? ext4_getblk+0x570/0x570 [ 431.775402][T14441] ? lockdep_init_map+0x1be/0x6d0 [ 431.780592][T14441] ext4_append+0x155/0x370 [ 431.784994][T14441] ext4_mkdir+0x632/0xe20 [ 431.789317][T14441] ? ext4_init_dot_dotdot+0x520/0x520 [ 431.794847][T14441] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.801072][T14441] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.807298][T14441] ? security_inode_permission+0xcb/0x100 [ 431.813006][T14441] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.835460][T14441] ? security_inode_mkdir+0xe4/0x120 [ 431.840732][T14441] vfs_mkdir+0x42e/0x670 [ 431.844965][T14441] ovl_create_real+0x287/0x420 [ 431.849736][T14441] ovl_workdir_create+0x350/0x530 [ 431.854834][T14441] ? ovl_setup_trap+0xc0/0xc0 [ 431.859495][T14441] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 431.864769][T14441] ? __mnt_want_write+0x1f1/0x2f0 [ 431.869781][T14441] ovl_fill_super+0x110f/0x4029 [ 431.874615][T14441] ? register_shrinker_prepared+0x116/0x190 [ 431.880500][T14441] ? ovl_show_options+0x550/0x550 [ 431.886293][T14441] ? __kasan_check_write+0x14/0x20 [ 431.891566][T14441] ? register_shrinker_prepared+0x116/0x190 [ 431.897447][T14441] ? sget+0x12b/0x560 [ 431.901411][T14441] ? get_anon_bdev+0xc0/0xc0 [ 431.905983][T14441] ? ovl_show_options+0x550/0x550 [ 431.910990][T14441] mount_nodev+0x66/0x110 [ 431.915826][T14441] ovl_mount+0x2d/0x40 [ 431.920011][T14441] ? ovl_own_xattr_set+0x10/0x10 [ 431.925823][T14441] legacy_get_tree+0x108/0x220 [ 431.930586][T14441] vfs_get_tree+0x8e/0x300 [ 431.934991][T14441] do_mount+0x142e/0x1cf0 [ 431.939310][T14441] ? copy_mount_string+0x40/0x40 [ 431.944343][T14441] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.950587][T14441] ? copy_mount_options+0x2e8/0x3f0 [ 431.955787][T14441] ksys_mount+0xdb/0x150 [ 431.960029][T14441] __x64_sys_mount+0xbe/0x150 [ 431.964783][T14441] do_syscall_64+0xfa/0x760 [ 431.969292][T14441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 431.975167][T14441] RIP: 0033:0x459a59 [ 431.979048][T14441] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 432.000059][T14441] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:02:27 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x400) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 432.008709][T14441] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 432.017188][T14441] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 432.025609][T14441] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 432.034182][T14441] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 432.042702][T14441] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:27 executing program 1 (fault-call:3 fault-nth:85): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 432.080495][ T1530] block nbd3: Receive control failed (result -22) [ 432.080501][ T9110] block nbd3: Receive control failed (result -22) [ 432.097794][T14481] block nbd3: shutting down sockets [ 432.207667][T14491] FAULT_INJECTION: forcing a failure. [ 432.207667][T14491] name failslab, interval 1, probability 0, space 0, times 0 [ 432.220746][T14491] CPU: 1 PID: 14491 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 432.229875][T14491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.239943][T14491] Call Trace: [ 432.243261][T14491] dump_stack+0x172/0x1f0 [ 432.247620][T14491] should_fail.cold+0xa/0x15 [ 432.252242][T14491] ? fault_create_debugfs_attr+0x180/0x180 [ 432.258085][T14491] __should_failslab+0x121/0x190 [ 432.263043][T14491] should_failslab+0x9/0x14 [ 432.267591][T14491] kmem_cache_alloc+0x47/0x710 [ 432.272367][T14491] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 432.278258][T14491] ? ext4_es_can_be_merged+0x1a3/0x2a0 [ 432.283831][T14491] ? do_raw_write_lock+0x124/0x290 [ 432.289027][T14491] __es_insert_extent+0x2cc/0xf20 [ 432.294200][T14491] ext4_es_insert_extent+0x2d2/0xa70 [ 432.299480][T14491] ? ext4_es_scan_clu+0xe0/0xe0 [ 432.304370][T14491] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 432.310592][T14491] ? ext4_es_lookup_extent+0x426/0xd40 [ 432.316310][T14491] ext4_map_blocks+0x7ed/0x17e0 [ 432.321507][T14491] ? ext4_issue_zeroout+0x190/0x190 [ 432.327421][T14491] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 432.333416][T14491] ? __kasan_check_write+0x14/0x20 [ 432.338530][T14491] ext4_getblk+0xc4/0x570 [ 432.343228][T14491] ? ext4_iomap_begin+0x1000/0x1000 [ 432.349593][T14491] ext4_bread+0x8f/0x390 [ 432.353843][T14491] ? ext4_getblk+0x570/0x570 [ 432.358429][T14491] ? lockdep_init_map+0x1be/0x6d0 [ 432.363504][T14491] ext4_append+0x155/0x370 [ 432.368011][T14491] ext4_mkdir+0x632/0xe20 [ 432.372328][T14491] ? ext4_init_dot_dotdot+0x520/0x520 [ 432.377772][T14491] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 432.384099][T14491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.390434][T14491] ? security_inode_permission+0xcb/0x100 [ 432.396247][T14491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.402588][T14491] ? security_inode_mkdir+0xe4/0x120 [ 432.409339][T14491] vfs_mkdir+0x42e/0x670 [ 432.413958][T14491] ovl_create_real+0x287/0x420 [ 432.418820][T14491] ovl_workdir_create+0x350/0x530 [ 432.423834][T14491] ? ovl_setup_trap+0xc0/0xc0 [ 432.428505][T14491] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 432.433804][T14491] ? __mnt_want_write+0x1f1/0x2f0 [ 432.438918][T14491] ovl_fill_super+0x110f/0x4029 [ 432.443883][T14491] ? register_shrinker_prepared+0x116/0x190 [ 432.449988][T14491] ? ovl_show_options+0x550/0x550 [ 432.457416][T14491] ? __kasan_check_write+0x14/0x20 [ 432.462527][T14491] ? register_shrinker_prepared+0x116/0x190 [ 432.468509][T14491] ? sget+0x12b/0x560 [ 432.472477][T14491] ? get_anon_bdev+0xc0/0xc0 [ 432.477052][T14491] ? ovl_show_options+0x550/0x550 [ 432.482069][T14491] mount_nodev+0x66/0x110 [ 432.486385][T14491] ovl_mount+0x2d/0x40 [ 432.490443][T14491] ? ovl_own_xattr_set+0x10/0x10 [ 432.495363][T14491] legacy_get_tree+0x108/0x220 [ 432.500115][T14491] vfs_get_tree+0x8e/0x300 [ 432.504526][T14491] do_mount+0x142e/0x1cf0 [ 432.508870][T14491] ? copy_mount_string+0x40/0x40 [ 432.513806][T14491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.520082][T14491] ? copy_mount_options+0x2e8/0x3f0 [ 432.525303][T14491] ksys_mount+0xdb/0x150 [ 432.529537][T14491] __x64_sys_mount+0xbe/0x150 [ 432.534301][T14491] do_syscall_64+0xfa/0x760 [ 432.538792][T14491] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 432.544668][T14491] RIP: 0033:0x459a59 [ 432.548543][T14491] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 432.568131][T14491] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 432.576548][T14491] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 432.584509][T14491] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 432.592918][T14491] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 432.600882][T14491] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 432.608847][T14491] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90", 0x9d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x40000, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000000c0)) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd239866400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a4c7a38e60505764e621d26e42ed9d5c8c3d"], 0x2) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x5) fcntl$dupfd(r0, 0x0, r0) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100), &(0x7f0000000140)=0x4) wait4(0x0, 0x0, 0x0, 0x0) 05:02:29 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x10100, 0x0) mknodat(r4, &(0x7f0000000040)='./file0\x00', 0x2, 0xc1) r5 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:29 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$UI_SET_SWBIT(r0, 0x4004556d, 0xd) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCMSET(r3, 0x5418, &(0x7f00000000c0)=0x8) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x20000, 0x80) r5 = getpid() sched_setscheduler(r5, 0x5, &(0x7f00000001c0)) getpgrp(r5) r6 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r4, 0xab00, r6) ioctl$NBD_SET_FLAGS(r4, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r4, 0xab03) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r9) ioctl$sock_inet_SIOCSIFDSTADDR(r9, 0x8918, &(0x7f0000000040)={'veth0_to_team\x00', {0x2, 0x4e22, @multicast1}}) r10 = syz_open_pts(0xffffffffffffffff, 0x111000) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x50, r10, 0x0) 05:02:29 executing program 1 (fault-call:3 fault-nth:86): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90", 0x9d}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:29 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 433.986891][T14509] FAULT_INJECTION: forcing a failure. [ 433.986891][T14509] name failslab, interval 1, probability 0, space 0, times 0 [ 433.999724][T14509] CPU: 1 PID: 14509 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 434.008754][T14509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.018822][T14509] Call Trace: [ 434.022139][T14509] dump_stack+0x172/0x1f0 [ 434.026500][T14509] should_fail.cold+0xa/0x15 [ 434.031378][T14509] ? fault_create_debugfs_attr+0x180/0x180 [ 434.037208][T14509] __should_failslab+0x121/0x190 [ 434.040999][T14505] block nbd3: shutting down sockets [ 434.042160][T14509] should_failslab+0x9/0x14 [ 434.042177][T14509] kmem_cache_alloc+0x47/0x710 [ 434.042199][T14509] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 434.062328][T14509] ? ext4_es_can_be_merged+0x1a3/0x2a0 [ 434.067798][T14509] ? do_raw_write_lock+0x124/0x290 [ 434.072917][T14509] __es_insert_extent+0x2cc/0xf20 [ 434.072939][T14509] ext4_es_insert_extent+0x2d2/0xa70 [ 434.072957][T14509] ? ext4_es_scan_clu+0xe0/0xe0 [ 434.083248][T14509] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 434.083260][T14509] ? ext4_es_lookup_extent+0x426/0xd40 [ 434.083282][T14509] ext4_map_blocks+0x7ed/0x17e0 [ 434.083307][T14509] ? ext4_issue_zeroout+0x190/0x190 [ 434.110676][T14509] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 434.116672][T14509] ? __kasan_check_write+0x14/0x20 [ 434.121799][T14509] ext4_getblk+0xc4/0x570 [ 434.126141][T14509] ? ext4_iomap_begin+0x1000/0x1000 [ 434.134669][T14509] ext4_bread+0x8f/0x390 [ 434.138927][T14509] ? ext4_getblk+0x570/0x570 [ 434.143613][T14509] ? lockdep_init_map+0x1be/0x6d0 [ 434.148657][T14509] ext4_append+0x155/0x370 [ 434.153097][T14509] ext4_mkdir+0x632/0xe20 [ 434.157443][T14509] ? ext4_init_dot_dotdot+0x520/0x520 [ 434.162824][T14509] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 434.167936][ T1530] block nbd2: Receive control failed (result -22) [ 434.169077][T14509] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.169102][T14509] ? security_inode_permission+0xcb/0x100 [ 434.169118][T14509] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.169137][T14509] ? security_inode_mkdir+0xe4/0x120 [ 434.181892][T14509] vfs_mkdir+0x42e/0x670 [ 434.181917][T14509] ovl_create_real+0x287/0x420 [ 434.181936][T14509] ovl_workdir_create+0x350/0x530 [ 434.181962][T14509] ? ovl_setup_trap+0xc0/0xc0 [ 434.199354][T14509] ? rcu_read_lock_bh_held+0xb0/0xb0 [ 434.199378][T14509] ? __mnt_want_write+0x1f1/0x2f0 [ 434.199404][T14509] ovl_fill_super+0x110f/0x4029 [ 434.208662][T14509] ? register_shrinker_prepared+0x116/0x190 [ 434.218349][T14509] ? ovl_show_options+0x550/0x550 [ 434.218370][T14509] ? __kasan_check_write+0x14/0x20 [ 434.249509][T14509] ? register_shrinker_prepared+0x116/0x190 [ 434.255765][T14509] ? sget+0x12b/0x560 [ 434.259756][T14509] ? get_anon_bdev+0xc0/0xc0 [ 434.264881][T14509] ? ovl_show_options+0x550/0x550 [ 434.269929][T14509] mount_nodev+0x66/0x110 [ 434.274268][T14509] ovl_mount+0x2d/0x40 [ 434.278344][T14509] ? ovl_own_xattr_set+0x10/0x10 [ 434.285688][T14509] legacy_get_tree+0x108/0x220 [ 434.290564][T14509] vfs_get_tree+0x8e/0x300 [ 434.294992][T14509] do_mount+0x142e/0x1cf0 [ 434.299341][T14509] ? copy_mount_string+0x40/0x40 [ 434.304303][T14509] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.310566][T14509] ? copy_mount_options+0x2e8/0x3f0 [ 434.312748][T14499] block nbd2: shutting down sockets [ 434.315774][T14509] ksys_mount+0xdb/0x150 [ 434.315799][T14509] __x64_sys_mount+0xbe/0x150 [ 434.315824][T14509] do_syscall_64+0xfa/0x760 [ 434.335074][T14509] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 434.341056][T14509] RIP: 0033:0x459a59 [ 434.345003][T14509] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 434.364623][T14509] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 434.373035][T14509] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 434.373044][T14509] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:02:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r4) ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x2, 0x1, 0x5}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3, @ANYPTR], 0x2) r5 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xd3, 0x1c3000) setsockopt$inet6_icmp_ICMP_FILTER(r5, 0x1, 0x1, &(0x7f0000000080)={0x200}, 0x4) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:29 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x941, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) ioctl$EXT4_IOC_MIGRATE(r4, 0x6609) ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f00000000c0)={0x84, 0x1000, 0x10001, "cdb4372b09adad5eb97d5da827ac249ec1bfa6e5226261c0c8007a2f064d424be39ee8ad775bca3fbec873e25c8525a4e7d9c3f83aa96d87953fa760eeaa7f7838446e386cce5e486233709e970bf8326bedef8a04e2820235aaf3cd1ca4f0d893c2d4015182c05f756119062580facb9c2fce9a182951eb6b2b11150e7201944b4f8392"}) 05:02:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b25", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:29 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$FUSE_NOTIFY_POLL(r6, &(0x7f0000000000)={0x18, 0x1, 0x0, {0x8ff1}}, 0x18) ioctl$NBD_DO_IT(r2, 0xab03) [ 434.373052][T14509] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 434.373060][T14509] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 434.373073][T14509] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 434.421302][ T1530] block nbd3: Receive control failed (result -22) [ 434.428937][ T1530] block nbd3: Receive control failed (result -22) 05:02:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x1000, 0x180) ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f00000000c0)={0xff, 0xff, 0x2, 0x3f, 0x0, 0x3c27}) [ 434.429521][T14509] overlayfs: conflicting lowerdir path [ 434.441791][ T1530] block nbd2: Receive control failed (result -22) [ 434.456544][T14521] block nbd3: shutting down sockets [ 434.456616][T14525] block nbd2: shutting down sockets 05:02:29 executing program 1 (fault-call:3 fault-nth:87): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:29 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f00000001c0)) r3 = getpgid(r2) r4 = syz_open_procfs(r3, &(0x7f0000000200)='net/raw\x00') r5 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x19844695a0d0299f, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$RTC_IRQP_READ(r4, 0x8008700b, &(0x7f0000000000)) ioctl$NBD_DO_IT(r5, 0xab03) ioctl$BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0) 05:02:29 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0xd, 0x800, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, &(0x7f0000000000)={0x29, 0x11, 0x16, 0x9, 0x7, 0x7, 0x6, 0x5b, 0xffffffffffffffff}) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) bind$unix(r4, &(0x7f00000000c0)=@file={0x26a2bfb6969b9e7f, './file0\x00'}, 0x6e) [ 434.689759][ T1530] block nbd2: Receive control failed (result -22) [ 434.698317][T14539] block nbd2: shutting down sockets [ 434.756337][T14552] FAULT_INJECTION: forcing a failure. [ 434.756337][T14552] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 434.770002][T14552] CPU: 0 PID: 14552 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 434.770027][T14552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.770040][T14552] Call Trace: [ 434.789142][T14552] dump_stack+0x172/0x1f0 [ 434.789165][T14552] should_fail.cold+0xa/0x15 [ 434.789185][T14552] ? fault_create_debugfs_attr+0x180/0x180 [ 434.807214][T14552] ? rcu_read_unlock+0x16/0x60 [ 434.811962][T14552] ? find_held_lock+0x35/0x130 [ 434.816730][T14552] should_fail_alloc_page+0x50/0x60 [ 434.821921][T14552] __alloc_pages_nodemask+0x1a1/0x910 [ 434.827274][T14552] ? lock_downgrade+0x920/0x920 [ 434.832107][T14552] ? __alloc_pages_slowpath+0x2920/0x2920 [ 434.837810][T14552] ? rcu_read_unlock+0x2e/0x60 [ 434.842559][T14552] cache_grow_begin+0x90/0xd00 [ 434.847306][T14552] ? trace_hardirqs_off+0x62/0x240 [ 434.852487][T14552] kmem_cache_alloc+0x64e/0x710 [ 434.857317][T14552] ? _raw_spin_unlock+0x28/0x40 [ 434.862165][T14552] ? ovl_destroy_inode+0x120/0x120 [ 434.867259][T14552] ? ovl_get_redirect_xattr.cold+0x1a/0x1a [ 434.873045][T14552] ovl_alloc_inode+0x1c/0x190 [ 434.877715][T14552] alloc_inode+0x68/0x1e0 [ 434.882028][T14552] iget5_locked+0x63/0xe0 [ 434.886337][T14552] ? ovl_inode_test+0x50/0x50 [ 434.890997][T14552] ovl_get_trap_inode+0xb5/0x1f0 [ 434.895916][T14552] ovl_setup_trap+0x29/0xc0 [ 434.900403][T14552] ovl_fill_super+0x115d/0x4029 [ 434.905258][T14552] ? register_shrinker_prepared+0x116/0x190 [ 434.911166][T14552] ? ovl_show_options+0x550/0x550 [ 434.916186][T14552] ? __kasan_check_write+0x14/0x20 [ 434.921313][T14552] ? register_shrinker_prepared+0x116/0x190 [ 434.927217][T14552] ? sget+0x12b/0x560 [ 434.931195][T14552] ? get_anon_bdev+0xc0/0xc0 [ 434.935777][T14552] ? ovl_show_options+0x550/0x550 [ 434.940940][T14552] mount_nodev+0x66/0x110 [ 434.945270][T14552] ovl_mount+0x2d/0x40 [ 434.949609][T14552] ? ovl_own_xattr_set+0x10/0x10 [ 434.954539][T14552] legacy_get_tree+0x108/0x220 [ 434.959292][T14552] vfs_get_tree+0x8e/0x300 [ 434.963695][T14552] do_mount+0x142e/0x1cf0 [ 434.968009][T14552] ? copy_mount_string+0x40/0x40 [ 434.972930][T14552] ? copy_mount_options+0x270/0x3f0 [ 434.978117][T14552] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 434.984341][T14552] ? copy_mount_options+0x2e8/0x3f0 [ 434.989532][T14552] ksys_mount+0xdb/0x150 [ 434.993760][T14552] __x64_sys_mount+0xbe/0x150 [ 434.998423][T14552] do_syscall_64+0xfa/0x760 [ 435.002918][T14552] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.008793][T14552] RIP: 0033:0x459a59 [ 435.012672][T14552] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.032255][T14552] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 435.040648][T14552] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 435.048623][T14552] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 435.056601][T14552] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 435.064559][T14552] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 435.072687][T14552] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 435.081839][ T1530] block nbd2: Receive control failed (result -22) [ 435.084205][T14544] block nbd2: shutting down sockets [ 435.092083][T14552] overlayfs: conflicting lowerdir path 05:02:30 executing program 1 (fault-call:3 fault-nth:88): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:30 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040)=0x5, 0x4) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r3 = socket(0x1, 0xa, 0x10) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) sendmsg$nl_generic(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xb5f75d34d737d3bf}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x208, 0x26, 0x206, 0x70bd2c, 0x25dfdbff, {0x6}, [@nested={0xc8, 0x2e, [@typed={0x14, 0x82, @ipv6=@empty}, @generic="ab492fba1295454ad58aba9019b7714e174a1b166f0c6de369a8c4fe20986513848daa907142e0421a63b9d28face0a4086f07d286278b6c4eb765c166798b4a91bd3ac449e64056f107b9384ad28aee086adad506b9d54bed3f2e35d1ea95806064363e833c40809cb788b2fd9451f073dc14b9e3e7624a626ba752c6c61994526337d696f78866480a34de7f896d18743197cdc7f6d7f31cecc798195e9a8814ded2eeef0ca214165b61798d7f65db"]}, @typed={0x8, 0x29, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="4197601424b8fcbad24dfbcf4b2c7b69a22b2eddb54ac9404b4209110eda2be549292f8fd7b5436f68c90e32de30fdbd181b4b591525d0ffe809b0b60eb8e018018fff72e1de2d6d581f4bdead1b0fb14604b392ed16026b6ef47110a146b69fa6d836bf67067d74b7eba9d0f3c9d08adc8f2f3b959cedab7b98c0e7fee63b872d45d868d7ca35eb1a66be3f122af5e19f83787ccdaa4899cf534fb5ef246767366a11378ae4c03b1fc178b9f0a2bdd733", @generic="a52516eee0", @generic="c8fe8744aa4ff1e99cb487826c2a6f258d2177861df35b5d64d4ab77c9b6267fce92daeb5a5a789893f56f16bc42c50d6b81c1f684edcab8a26a080d8a2a1d1f8c00e0fe00b4ce49c954046e003fe7cdaa8d716ccf4ed203e0c868a7802e1ff648b935c85b349c17c5e21bf694"]}, 0x208}, 0x1, 0x0, 0x0, 0x20000000}, 0x71150820e3087d1d) r4 = syz_open_dev$ndb(0x0, 0x0, 0x8080) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_DO_IT(r4, 0xab03) 05:02:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 435.144274][ T1530] block nbd3: Receive control failed (result -22) [ 435.163198][T14540] block nbd3: shutting down sockets [ 435.214172][T14558] FAULT_INJECTION: forcing a failure. [ 435.214172][T14558] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 435.227602][T14558] CPU: 1 PID: 14558 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 435.236617][T14558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 435.236624][T14558] Call Trace: [ 435.236647][T14558] dump_stack+0x172/0x1f0 [ 435.236669][T14558] should_fail.cold+0xa/0x15 [ 435.259874][T14558] ? fault_create_debugfs_attr+0x180/0x180 [ 435.265699][T14558] ? rcu_read_unlock+0x16/0x60 [ 435.270473][T14558] ? find_held_lock+0x35/0x130 [ 435.276206][T14558] should_fail_alloc_page+0x50/0x60 [ 435.281414][T14558] __alloc_pages_nodemask+0x1a1/0x910 [ 435.286782][T14558] ? lock_downgrade+0x920/0x920 [ 435.291638][T14558] ? __alloc_pages_slowpath+0x2920/0x2920 [ 435.297369][T14558] ? rcu_read_unlock+0x2e/0x60 [ 435.297387][T14558] cache_grow_begin+0x90/0xd00 [ 435.297406][T14558] ? trace_hardirqs_off+0x62/0x240 [ 435.313921][T14558] kmem_cache_alloc+0x64e/0x710 [ 435.318779][T14558] ? _raw_spin_unlock+0x28/0x40 [ 435.323635][T14558] ? ovl_destroy_inode+0x120/0x120 [ 435.323651][T14558] ? ovl_get_redirect_xattr.cold+0x1a/0x1a [ 435.323663][T14558] ovl_alloc_inode+0x1c/0x190 [ 435.323679][T14558] alloc_inode+0x68/0x1e0 [ 435.323697][T14558] iget5_locked+0x63/0xe0 [ 435.339258][T14558] ? ovl_inode_test+0x50/0x50 [ 435.339278][T14558] ovl_get_trap_inode+0xb5/0x1f0 [ 435.339295][T14558] ovl_setup_trap+0x29/0xc0 [ 435.362020][T14558] ovl_fill_super+0x115d/0x4029 [ 435.366975][T14558] ? register_shrinker_prepared+0x116/0x190 [ 435.372900][T14558] ? ovl_show_options+0x550/0x550 [ 435.377936][T14558] ? __kasan_check_write+0x14/0x20 [ 435.383067][T14558] ? register_shrinker_prepared+0x116/0x190 [ 435.388970][T14558] ? sget+0x12b/0x560 [ 435.392968][T14558] ? get_anon_bdev+0xc0/0xc0 [ 435.397586][T14558] ? ovl_show_options+0x550/0x550 [ 435.402620][T14558] mount_nodev+0x66/0x110 [ 435.406962][T14558] ovl_mount+0x2d/0x40 [ 435.411044][T14558] ? ovl_own_xattr_set+0x10/0x10 [ 435.415989][T14558] legacy_get_tree+0x108/0x220 [ 435.420766][T14558] vfs_get_tree+0x8e/0x300 [ 435.425195][T14558] do_mount+0x142e/0x1cf0 [ 435.429548][T14558] ? copy_mount_string+0x40/0x40 [ 435.434506][T14558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 435.441187][T14558] ? copy_mount_options+0x2e8/0x3f0 [ 435.446440][T14558] ksys_mount+0xdb/0x150 [ 435.450699][T14558] __x64_sys_mount+0xbe/0x150 [ 435.455388][T14558] do_syscall_64+0xfa/0x760 [ 435.459907][T14558] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 435.465794][T14558] RIP: 0033:0x459a59 [ 435.469669][T14558] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 435.491116][T14558] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 435.499529][T14558] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 435.507486][T14558] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 435.515538][T14558] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 435.523589][T14558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 435.532770][T14558] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:32 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:32 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r6 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x40, 0x40000) ioctl$RTC_IRQP_SET(r6, 0x4008700c, 0x116) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$9p(r3, &(0x7f00000000c0)="83c75cda0e9da08c384e123a542e81193fd140a12e43479a0cca7b7f65874490a8652028312b2c01021951013839718e1ecbb31d04ed9aee87eb3ebe5fdcb3ab6c86f2bc3042e5f40c4e45627c832b455ba88162800ee1f6f45bb92395b94fc1586c6a6d5dfe956c7d551d4b217babd5feec6193321f43", 0x77) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$PPPIOCSNPMODE(r5, 0x4008744b, &(0x7f0000000080)={0x80fb}) ptrace$setopts(0x4206, r1, 0x0, 0x1) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 437.007372][T14571] block nbd3: shutting down sockets 05:02:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b25", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:32 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) fcntl$dupfd(r5, 0x406, r3) r6 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) ioctl$KVM_GET_ONE_REG(0xffffffffffffffff, 0x4010aeab, &(0x7f0000000000)={0x4, 0x2}) 05:02:32 executing program 1 (fault-call:3 fault-nth:89): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:32 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/conntrack\x00', 0x2, 0x0) ioctl$TUNSETNOCSUM(r4, 0x400454c8, 0x1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:32 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089da2f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYRES32=r0], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x108041, 0x0) [ 437.336566][T14587] FAULT_INJECTION: forcing a failure. [ 437.336566][T14587] name failslab, interval 1, probability 0, space 0, times 0 [ 437.379748][T14587] CPU: 0 PID: 14587 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 437.388824][T14587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 437.398891][T14587] Call Trace: [ 437.402200][T14587] dump_stack+0x172/0x1f0 [ 437.403588][ T1530] block nbd2: Receive control failed (result -22) [ 437.406541][T14587] should_fail.cold+0xa/0x15 [ 437.406565][T14587] ? fault_create_debugfs_attr+0x180/0x180 [ 437.417680][T14587] ? ___might_sleep+0x163/0x2c0 [ 437.428327][T14587] __should_failslab+0x121/0x190 [ 437.433258][T14587] should_failslab+0x9/0x14 [ 437.437746][T14587] kmem_cache_alloc+0x2aa/0x710 [ 437.442579][T14587] ? kmem_cache_alloc+0x364/0x710 [ 437.447587][T14587] ? inode_insert5+0x270/0x460 [ 437.452337][T14587] security_file_alloc+0x39/0x170 [ 437.457346][T14587] __alloc_file+0xde/0x340 [ 437.462269][T14587] alloc_empty_file+0x72/0x170 [ 437.467016][T14587] dentry_open+0x70/0x1d0 [ 437.471329][T14587] ovl_path_open+0x56/0x70 [ 437.475735][T14587] ovl_check_d_type_supported+0x98/0x230 [ 437.481348][T14587] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 437.486788][T14587] ? ovl_dir_fsync+0x3c0/0x3c0 [ 437.491539][T14587] ? ovl_get_trap_inode+0x174/0x1f0 [ 437.496808][T14587] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 437.503028][T14587] ? ovl_setup_trap+0x6c/0xc0 [ 437.507690][T14587] ovl_fill_super+0x1181/0x4029 [ 437.512522][T14587] ? register_shrinker_prepared+0x116/0x190 [ 437.518415][T14587] ? ovl_show_options+0x550/0x550 [ 437.523426][T14587] ? __kasan_check_write+0x14/0x20 [ 437.528524][T14587] ? register_shrinker_prepared+0x116/0x190 [ 437.534398][T14587] ? sget+0x12b/0x560 [ 437.538361][T14587] ? get_anon_bdev+0xc0/0xc0 [ 437.542935][T14587] ? ovl_show_options+0x550/0x550 [ 437.547940][T14587] mount_nodev+0x66/0x110 [ 437.552260][T14587] ovl_mount+0x2d/0x40 [ 437.556323][T14587] ? ovl_own_xattr_set+0x10/0x10 [ 437.561242][T14587] legacy_get_tree+0x108/0x220 [ 437.566085][T14587] vfs_get_tree+0x8e/0x300 [ 437.570483][T14587] do_mount+0x142e/0x1cf0 [ 437.574799][T14587] ? copy_mount_string+0x40/0x40 [ 437.579726][T14587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 437.585946][T14587] ? copy_mount_options+0x2e8/0x3f0 [ 437.591309][T14587] ksys_mount+0xdb/0x150 [ 437.595536][T14587] __x64_sys_mount+0xbe/0x150 [ 437.600199][T14587] do_syscall_64+0xfa/0x760 [ 437.604692][T14587] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 437.610576][T14587] RIP: 0033:0x459a59 [ 437.614457][T14587] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 437.634041][T14587] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 437.642520][T14587] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 437.650471][T14587] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 437.658423][T14587] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 437.666901][T14587] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 437.675225][T14587] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6de27b0075f8b8660afc21be2900000047e2252eb7882bffbb2a2f9fd2399e0400c33f00002b000000f8d89c5d15001499a8d1b3a4952f36def66ee2acdd00a49d5c8c00"/81], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 437.713604][T14590] block nbd2: shutting down sockets 05:02:33 executing program 1 (fault-call:3 fault-nth:90): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 437.748639][ T1530] block nbd3: Receive control failed (result -22) [ 437.769317][ T1530] block nbd3: Receive control failed (result -22) [ 437.791895][T14591] block nbd3: shutting down sockets 05:02:33 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/d\x91\xcd/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$nl_route(0x10, 0x3, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) r10 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="000000080000000091a3941fe299e0d3742c84b28fb17180a21676556896948942286dc018840742947001fa2c5731695e5de58996c75bb7499a9854629abb8fa5a6292dda5d1a90c3cb4979aab18995c1ad336c16d3b7588c46ed3388e5432b738e23a51d5e5b03945f7b62c055dab6439b672b388056340a0acb9cf990214931cfbb11c47b4c1f932575daff17853f89463eb391316e1d092d84ce40e3b7d2b87e5abed0a0e5ca5914"], 0x48}}, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x507, 0x0, 0x0, {0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfb={{0x8, 0x1, 'sfb\x00'}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400}}}}]}, 0x58}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="440000002c00010700"/20, @ANYRES32=r11, @ANYBLOB="000400000000000003000b0008000100753332001800020014000500000000000000d3d1012a838b5b48dd72bf4764ccfc0a942c0cfc6d2495e3cf72b06acc357829dcdc5c5801ee1c8f0ff18a"], 0x44}}, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'syzkaller0\x00', r11}) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:33 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000580)='/dev/vsock\x00', 0x800, 0x0) write$FUSE_NOTIFY_DELETE(r2, &(0x7f00000005c0)={0x35, 0x6, 0x0, {0x2, 0x5, 0xc, 0x0, '/dev/audio#\x00'}}, 0x35) r3 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3c, 0x0) ioctl$ION_IOC_HEAP_QUERY(r3, 0xc0184908, &(0x7f00000000c0)={0x34, 0x0, &(0x7f0000000040)}) syz_open_dev$amidi(&(0x7f0000000500)='/dev/amidi#\x00', 0x6bc, 0x800) r4 = syz_open_dev$sndpcmc(&(0x7f0000000340)='/dev/snd/pcmC#D#c\x00', 0xffffffffffffffee, 0x2100) ioctl$UI_BEGIN_FF_UPLOAD(r4, 0xc06855c8, &(0x7f00000003c0)={0x6, 0x0, {0x53, 0xf5c, 0x1, {0x4, 0x9a72}, {0x4, 0x9}, @rumble={0x7fff, 0x5}}, {0x56, 0x5, 0x401, {0x6, 0x9}, {0x800, 0x2}, @period={0x5c, 0x3f, 0x8a, 0x8, 0xe7, {0xcfb, 0x101, 0x3, 0x2}, 0x2, &(0x7f0000000380)=[0x8a, 0x4]}}}) r5 = syz_open_dev$ndb(0x0, 0x0, 0x0) ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000100)={0xe7, &(0x7f0000000200)=""/231}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) r8 = syz_open_dev$usbfs(&(0x7f0000000180)='/dev/bus/usb/00#/00#\x00', 0x71, 0x81) ioctl$USBDEVFS_CONTROL(r8, 0xc0185500, &(0x7f0000000080)={0x23, 0x3, 0x12, 0x5, 0x0, 0x0, 0x0}) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r9, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r9, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) r10 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000540)='/dev/snapshot\x00', 0x40000, 0x0) ioctl$ASHMEM_GET_SIZE(r10, 0x7704, 0x0) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r9, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r7, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r9, &(0x7f00000000c0)=0x4) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000140)={r9, 0x3, 0x30}, 0xc) r11 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) ioctl$NBD_DO_IT(r5, 0xab03) 05:02:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000000c0)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e72bbf8b01be51fd70400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee28a00000000000000080022757432dc100000000097"], 0x2) keyctl$join(0x1, &(0x7f0000000080)={'syz', 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 437.964925][T14613] FAULT_INJECTION: forcing a failure. [ 437.964925][T14613] name failslab, interval 1, probability 0, space 0, times 0 [ 438.043020][T14613] CPU: 1 PID: 14613 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 438.043407][T14616] block nbd2: shutting down sockets [ 438.052089][T14613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 438.052115][T14613] Call Trace: [ 438.052141][T14613] dump_stack+0x172/0x1f0 [ 438.052171][T14613] should_fail.cold+0xa/0x15 [ 438.079604][T14613] ? fault_create_debugfs_attr+0x180/0x180 [ 438.085439][T14613] ? ___might_sleep+0x163/0x2c0 [ 438.090299][T14613] __should_failslab+0x121/0x190 [ 438.095245][T14613] should_failslab+0x9/0x14 [ 438.099743][T14613] kmem_cache_alloc_trace+0x2d3/0x790 [ 438.105108][T14613] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 438.111352][T14613] ext4_readdir+0x21e1/0x3520 [ 438.116021][T14613] ? mark_held_locks+0xf0/0xf0 [ 438.120786][T14613] ? __ext4_check_dir_entry+0x350/0x350 [ 438.126329][T14613] ? __kasan_check_write+0x14/0x20 [ 438.131434][T14613] ? down_read_killable+0x10c/0x490 [ 438.136619][T14613] ? rwsem_down_read_slowpath+0xfa0/0xfa0 [ 438.142345][T14613] ? security_file_permission+0x8f/0x380 [ 438.148414][T14613] iterate_dir+0x47f/0x5e0 [ 438.152846][T14613] ovl_check_d_type_supported+0x121/0x230 [ 438.158560][T14613] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 438.164008][T14613] ? ovl_dir_fsync+0x3c0/0x3c0 [ 438.168758][T14613] ? ovl_get_trap_inode+0x174/0x1f0 [ 438.174044][T14613] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 438.180611][T14613] ? ovl_setup_trap+0x6c/0xc0 [ 438.185272][T14613] ovl_fill_super+0x1181/0x4029 [ 438.190116][T14613] ? register_shrinker_prepared+0x116/0x190 [ 438.196009][T14613] ? ovl_show_options+0x550/0x550 [ 438.201610][T14613] ? __kasan_check_write+0x14/0x20 [ 438.206710][T14613] ? register_shrinker_prepared+0x116/0x190 [ 438.212610][T14613] ? sget+0x12b/0x560 [ 438.216760][T14613] ? get_anon_bdev+0xc0/0xc0 [ 438.221342][T14613] ? ovl_show_options+0x550/0x550 [ 438.226439][T14613] mount_nodev+0x66/0x110 [ 438.230758][T14613] ovl_mount+0x2d/0x40 [ 438.234808][T14613] ? ovl_own_xattr_set+0x10/0x10 [ 438.239748][T14613] legacy_get_tree+0x108/0x220 [ 438.244532][T14613] vfs_get_tree+0x8e/0x300 [ 438.248941][T14613] do_mount+0x142e/0x1cf0 [ 438.253257][T14613] ? copy_mount_string+0x40/0x40 [ 438.258304][T14613] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 438.264535][T14613] ? copy_mount_options+0x2e8/0x3f0 [ 438.269730][T14613] ksys_mount+0xdb/0x150 [ 438.273961][T14613] __x64_sys_mount+0xbe/0x150 [ 438.278622][T14613] do_syscall_64+0xfa/0x760 [ 438.283113][T14613] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 438.289002][T14613] RIP: 0033:0x459a59 [ 438.292879][T14613] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 438.312992][T14613] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 438.321386][T14613] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 438.329350][T14613] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 438.337304][T14613] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 438.345254][T14613] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 438.353208][T14613] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b25", 0xa0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:35 executing program 2: syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r0 = socket(0x1, 0x1, 0x0) r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x40000, 0x0) ioctl$NBD_SET_SOCK(r1, 0xab00, r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) bind$rose(r0, &(0x7f00000002c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x0, [@null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x40) r3 = syz_open_dev$media(&(0x7f00000000c0)='/dev/media#\x00', 0xfc0000000000000, 0x84280) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000100)=[@window={0x3, 0xbe9, 0x40}, @mss={0x2, 0x8}, @sack_perm, @window={0x3, 0xb9fe, 0x8}], 0x4) r4 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r4, 0x800442d4, &(0x7f0000000040)=0xcfc) r5 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) r8 = accept(0xffffffffffffffff, &(0x7f0000000140)=@xdp, &(0x7f0000000200)=0x80) getsockopt$ARPT_SO_GET_REVISION_TARGET(r8, 0x0, 0x63, &(0x7f0000000240)={'NETMAP\x00'}, &(0x7f0000000280)=0x1e) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$NBD_DO_IT(r5, 0xab03) 05:02:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6000) io_setup(0x2, &(0x7f00000004c0)=0x0) io_submit(r3, 0x1, &(0x7f0000000440)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000140)="73844ae89d", 0x5}]) r4 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video0\x00', 0x2, 0x0) r5 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x2, 0x202000) io_cancel(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x8000, r4, &(0x7f00000000c0)="bc890dbd6facc5b293fe8cac99eb4bd8ce25258289c1b215472d560e104528b1fc5650e61714e65a6fc7079ccf5a4e9addcddfd585c5bf7db96569", 0x3b, 0x1, 0x0, 0x0, r5}, &(0x7f0000000180)) 05:02:35 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$BLKTRACESTOP(r7, 0x1275, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_PRI(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="0300000000c16c000000010000000000000007410000004c001800000f006272000000000000000000a934c5000000000000000000000000000000000000000000005c000000000000000000000000000000000000000000000000000000000000000095c26aebc1a9f69de9ca49c28e5761e41a7e79331c16cade6637331f59707f8cbc204dddc59ab72c2c2a03869312225f366c7f5bc30195245d94c63b2669a55469a774626cbd113f8210d93336b52f9b85bff312c2b30c9312796358dff1c63bd7243e37eefc189b68a01ca99e60aabc268f9261e368ffaa72edbd00077c9d8ee074"], 0x68}}, 0x0) sendmsg$TIPC_CMD_SET_NODE_ADDR(r9, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, r11, 0x400, 0x70bd28, 0x25dfdbfe, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x5}}, ["", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x400c404}, 0x4800) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:35 executing program 1 (fault-call:3 fault-nth:91): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:35 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:35 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:35 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x1) ioctl$NBD_SET_SOCK(r0, 0xab00, 0xffffffffffffffff) r1 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) fanotify_init(0x6, 0x1000) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$NBD_DO_IT(r1, 0xab03) [ 440.456471][T14641] FAULT_INJECTION: forcing a failure. [ 440.456471][T14641] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 440.469988][T14641] CPU: 1 PID: 14641 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 440.479017][T14641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 440.489084][T14641] Call Trace: [ 440.492377][T14641] dump_stack+0x172/0x1f0 [ 440.496728][T14641] should_fail.cold+0xa/0x15 [ 440.501344][T14641] ? fault_create_debugfs_attr+0x180/0x180 [ 440.507138][T14641] ? find_held_lock+0x35/0x130 [ 440.507173][T14641] ? is_bpf_text_address+0xac/0x160 [ 440.507195][T14641] should_fail_alloc_page+0x50/0x60 [ 440.507209][T14641] __alloc_pages_nodemask+0x1a1/0x910 [ 440.507227][T14641] ? __alloc_pages_slowpath+0x2920/0x2920 [ 440.507239][T14641] ? __kasan_check_read+0x11/0x20 [ 440.507259][T14641] ? fault_create_debugfs_attr+0x180/0x180 [ 440.507275][T14641] cache_grow_begin+0x90/0xd00 [ 440.507291][T14641] ? trace_hardirqs_off+0x62/0x240 [ 440.507308][T14641] __kmalloc+0x6b2/0x770 [ 440.507335][T14641] ? tomoyo_realpath_from_path+0xcd/0x7b0 [ 440.538571][T14641] tomoyo_realpath_from_path+0xcd/0x7b0 [ 440.554311][T14641] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 440.576016][T14641] tomoyo_check_open_permission+0x2a3/0x3e0 [ 440.581929][T14641] ? tomoyo_path_number_perm+0x520/0x520 [ 440.587569][T14641] ? ovl_fill_super+0x1181/0x4029 [ 440.587703][ T1530] block nbd3: Receive control failed (result -22) [ 440.593382][T14641] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.593400][T14641] ? rcu_read_unlock+0x16/0x60 [ 440.593433][T14641] ? lock_downgrade+0x920/0x920 [ 440.593444][T14641] ? rwlock_bug.part.0+0x90/0x90 [ 440.593467][T14641] tomoyo_file_open+0x106/0x150 [ 440.593484][T14641] security_file_open+0x71/0x300 [ 440.593502][T14641] do_dentry_open+0x37a/0x1380 [ 440.593527][T14641] ? chown_common+0x5c0/0x5c0 [ 440.600952][ T1530] block nbd3: Receive control failed (result -22) [ 440.606102][T14641] dentry_open+0x132/0x1d0 [ 440.606124][T14641] ovl_path_open+0x56/0x70 [ 440.606142][T14641] ovl_check_d_type_supported+0x98/0x230 [ 440.606156][T14641] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 440.606169][T14641] ? ovl_dir_fsync+0x3c0/0x3c0 [ 440.606192][T14641] ? ovl_get_trap_inode+0x174/0x1f0 [ 440.606210][T14641] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 440.606222][T14641] ? ovl_setup_trap+0x6c/0xc0 [ 440.606244][T14641] ovl_fill_super+0x1181/0x4029 [ 440.615843][T14641] ? register_shrinker_prepared+0x116/0x190 [ 440.615875][T14641] ? ovl_show_options+0x550/0x550 05:02:36 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504", 0xa1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 440.615894][T14641] ? __kasan_check_write+0x14/0x20 [ 440.615916][T14641] ? register_shrinker_prepared+0x116/0x190 [ 440.615934][T14641] ? sget+0x12b/0x560 [ 440.615946][T14641] ? get_anon_bdev+0xc0/0xc0 [ 440.615961][T14641] ? ovl_show_options+0x550/0x550 [ 440.615980][T14641] mount_nodev+0x66/0x110 [ 440.625743][T14641] ovl_mount+0x2d/0x40 [ 440.625759][T14641] ? ovl_own_xattr_set+0x10/0x10 [ 440.625776][T14641] legacy_get_tree+0x108/0x220 [ 440.625797][T14641] vfs_get_tree+0x8e/0x300 [ 440.625816][T14641] do_mount+0x142e/0x1cf0 05:02:36 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) [ 440.685447][T14639] block nbd3: shutting down sockets [ 440.687518][T14641] ? copy_mount_string+0x40/0x40 [ 440.703827][T14658] ptrace attach of "/root/syz-executor.4"[14657] was attempted by "/root/syz-executor.4"[14658] [ 440.708430][T14641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 440.708446][T14641] ? copy_mount_options+0x2e8/0x3f0 [ 440.708464][T14641] ksys_mount+0xdb/0x150 [ 440.790907][T14641] __x64_sys_mount+0xbe/0x150 [ 440.795603][T14641] do_syscall_64+0xfa/0x760 [ 440.800134][T14641] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 440.806031][T14641] RIP: 0033:0x459a59 [ 440.809926][T14641] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 440.829521][T14641] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 440.829533][T14641] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 440.829541][T14641] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:02:36 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000000)={0x81, 0x800, 0x800, 0x2219, 0xa, 0x81, 0x81, 0xff, 0x5, 0xa3}) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$sock_inet_SIOCGIFDSTADDR(r6, 0x8917, &(0x7f00000000c0)={'veth0_to_team\x00', {0x2, 0x4e22, @loopback}}) r7 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$sock_inet_SIOCSIFBRDADDR(r8, 0x891a, &(0x7f0000000040)={'syzkaller1\x00', {0x2, 0x4e22, @local}}) ioctl$NBD_SET_SOCK(r4, 0xab00, r7) ioctl$NBD_SET_FLAGS(r4, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r4, 0xab03) [ 440.829548][T14641] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 440.829555][T14641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 440.829563][T14641] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 440.860098][T14641] overlayfs: conflicting lowerdir path 05:02:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:36 executing program 1 (fault-call:3 fault-nth:92): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=ANY=[@ANYRES64=r3, @ANYRESOCT=r4, @ANYRES64=r1, @ANYRESOCT=r1, @ANYRES64, @ANYRESHEX=0x0, @ANYRES16=0x0, @ANYPTR64, @ANYBLOB="f10d917a08e10d5912e9684dc23b0884bcbb4cd9e3ed49a31e74ed573921c4e484fb993ef8041fa17089f014043ae724b9bafda2e2a00a82aa583052a045a2e8a35e249626ecd4ce908f259d08122d7c47d0117baeac", @ANYRES64=0x0], 0xa) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) ioctl$KVM_PPC_ALLOCATE_HTAB(r5, 0xc004aea7, &(0x7f0000000000)=0xffff0000) wait4(0x0, 0x0, 0x0, 0x0) [ 440.996815][ T1530] block nbd2: Receive control failed (result -22) [ 441.018996][T14667] block nbd3: shutting down sockets [ 441.023891][T14668] block nbd2: shutting down sockets 05:02:36 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$cgroup_int(r6, &(0x7f0000000000), 0x12) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r8, 0xab00, r1) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 441.094544][ T1530] block nbd2: Receive control failed (result -22) [ 441.110239][T14668] block nbd2: shutting down sockets 05:02:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 441.172302][T14679] FAULT_INJECTION: forcing a failure. [ 441.172302][T14679] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 441.185554][T14679] CPU: 1 PID: 14679 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 441.194579][T14679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 441.204634][T14679] Call Trace: [ 441.204660][T14679] dump_stack+0x172/0x1f0 [ 441.204684][T14679] should_fail.cold+0xa/0x15 [ 441.204710][T14679] ? fault_create_debugfs_attr+0x180/0x180 [ 441.204727][T14679] ? find_held_lock+0x35/0x130 [ 441.204743][T14679] ? is_bpf_text_address+0xac/0x160 [ 441.204765][T14679] should_fail_alloc_page+0x50/0x60 [ 441.222726][T14679] __alloc_pages_nodemask+0x1a1/0x910 [ 441.244342][T14679] ? __alloc_pages_slowpath+0x2920/0x2920 [ 441.250072][T14679] ? __kasan_check_read+0x11/0x20 [ 441.255117][T14679] ? fault_create_debugfs_attr+0x180/0x180 [ 441.260937][T14679] cache_grow_begin+0x90/0xd00 [ 441.265714][T14679] ? trace_hardirqs_off+0x62/0x240 05:02:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 441.270833][T14679] __kmalloc+0x6b2/0x770 [ 441.275095][T14679] ? tomoyo_realpath_from_path+0xcd/0x7b0 [ 441.280832][T14679] tomoyo_realpath_from_path+0xcd/0x7b0 [ 441.286388][T14679] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 441.292643][T14679] tomoyo_check_open_permission+0x2a3/0x3e0 [ 441.298541][T14679] ? tomoyo_path_number_perm+0x520/0x520 [ 441.304189][T14679] ? ovl_fill_super+0x1181/0x4029 [ 441.309231][T14679] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 441.315305][T14679] ? rcu_read_unlock+0x16/0x60 [ 441.320184][T14679] ? lock_downgrade+0x920/0x920 [ 441.325046][T14679] ? rwlock_bug.part.0+0x90/0x90 [ 441.330000][T14679] tomoyo_file_open+0x106/0x150 [ 441.334858][T14679] security_file_open+0x71/0x300 [ 441.339808][T14679] do_dentry_open+0x37a/0x1380 [ 441.344589][T14679] ? chown_common+0x5c0/0x5c0 [ 441.349279][T14679] dentry_open+0x132/0x1d0 [ 441.353990][T14679] ovl_path_open+0x56/0x70 [ 441.358676][T14679] ovl_check_d_type_supported+0x98/0x230 [ 441.364408][T14679] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 05:02:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 441.369879][T14679] ? ovl_dir_fsync+0x3c0/0x3c0 [ 441.374670][T14679] ? ovl_get_trap_inode+0x174/0x1f0 [ 441.379889][T14679] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 441.386135][T14679] ? ovl_setup_trap+0x6c/0xc0 [ 441.390823][T14679] ovl_fill_super+0x1181/0x4029 [ 441.395682][T14679] ? register_shrinker_prepared+0x116/0x190 [ 441.401600][T14679] ? ovl_show_options+0x550/0x550 [ 441.406643][T14679] ? __kasan_check_write+0x14/0x20 [ 441.411772][T14679] ? register_shrinker_prepared+0x116/0x190 [ 441.417672][T14679] ? sget+0x12b/0x560 [ 441.421751][T14679] ? get_anon_bdev+0xc0/0xc0 [ 441.426360][T14679] ? ovl_show_options+0x550/0x550 [ 441.431391][T14679] mount_nodev+0x66/0x110 [ 441.435735][T14679] ovl_mount+0x2d/0x40 [ 441.439812][T14679] ? ovl_own_xattr_set+0x10/0x10 [ 441.444760][T14679] legacy_get_tree+0x108/0x220 [ 441.449536][T14679] vfs_get_tree+0x8e/0x300 [ 441.453964][T14679] do_mount+0x142e/0x1cf0 [ 441.458306][T14679] ? copy_mount_string+0x40/0x40 [ 441.463279][T14679] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 05:02:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 441.469531][T14679] ? copy_mount_options+0x2e8/0x3f0 [ 441.474748][T14679] ksys_mount+0xdb/0x150 [ 441.479005][T14679] __x64_sys_mount+0xbe/0x150 [ 441.483696][T14679] do_syscall_64+0xfa/0x760 [ 441.488196][T14679] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 441.494091][T14679] RIP: 0033:0x459a59 [ 441.497995][T14679] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 05:02:36 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 441.518039][T14679] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 441.526461][T14679] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 441.534447][T14679] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 441.542431][T14679] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 441.550407][T14679] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 441.558399][T14679] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 441.612389][T14679] overlayfs: conflicting lowerdir path [ 441.628150][ T1530] block nbd3: Receive control failed (result -22) [ 441.648992][T14683] block nbd3: shutting down sockets 05:02:39 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$TIOCSTI(r9, 0x5412, 0x9b) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) getsockopt$bt_sco_SCO_OPTIONS(r11, 0x11, 0x1, &(0x7f00000003c0)=""/176, &(0x7f0000000140)=0xb0) ioctl$TIOCGSID(r7, 0x5429, &(0x7f0000000040)=0x0) sendmsg$nl_netfilter(r5, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="84010000121d000426bd7000fcdbdf250000000618017e00080074007b000000ad8bc3b6d50ecc54dfeb37c12f6a4c257be1d5c3b49a9ed93e99128b535cc5e2e154e96457a3789c11b1d357ea97704fabe8e4c651b08776d1357b455bf14cb65cb21af315322845e5c78cd5c2c708004600", @ANYRES32=r12, @ANYBLOB="abd597c98f45814252e408a5c0e02cd2755eb25cc83d672a2395058d648c8881c57258bfb18f973f7025e6383de3695545babd0a95b0a6ff74cbabde4e2f8a75ad9f4f4caab60e3717cfa708243d3721d53810f7777b1e2b9b450de38e5d446597d61ceb73b531074a42ca82afedfff705689a925e78d120f17b17a84bde68bec9d9fb83046e8288396b2c2c9a133189f0c0f5111856a73045e33d6506563aca83f4205d7b3015ddda1beb2ad5ec885d4a32d4d701037ba9a6ed3f7d3f403e08a038dbb0a0cba8b7e78ad5cc16d114a7e644b2455b16fe0400890010004100273ddee4485bf7128440c900f0f966b879ddbe1b363ae61b9390257916513d66cbc97b5fc2755000"/276], 0x184}, 0x1, 0x0, 0x0, 0x5022}, 0x4804) 05:02:39 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504", 0xa1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000140)=ANY=[@ANYPTR64, @ANYRES64=r4, @ANYRES64, @ANYRESDEC=r6, @ANYPTR, @ANYRESDEC], 0x6) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:39 executing program 1 (fault-call:3 fault-nth:93): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:39 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$UI_SET_MSCBIT(r5, 0x40045568, 0x19) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:39 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 443.867369][T14721] FAULT_INJECTION: forcing a failure. [ 443.867369][T14721] name failslab, interval 1, probability 0, space 0, times 0 [ 443.891019][T14721] CPU: 1 PID: 14721 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 443.900096][T14721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 443.910169][T14721] Call Trace: [ 443.913469][T14721] dump_stack+0x172/0x1f0 [ 443.917881][T14721] should_fail.cold+0xa/0x15 [ 443.922460][T14721] ? fault_create_debugfs_attr+0x180/0x180 [ 443.928259][T14721] ? ___might_sleep+0x163/0x2c0 [ 443.933619][T14721] __should_failslab+0x121/0x190 [ 443.938561][T14721] should_failslab+0x9/0x14 [ 443.943054][T14721] kmem_cache_alloc_trace+0x2d3/0x790 [ 443.948630][T14721] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 443.954887][T14721] ext4_readdir+0x21e1/0x3520 [ 443.959656][T14721] ? mark_held_locks+0xf0/0xf0 [ 443.964452][T14721] ? __ext4_check_dir_entry+0x350/0x350 [ 443.969999][T14721] ? __kasan_check_write+0x14/0x20 [ 443.975104][T14721] ? down_read_killable+0x10c/0x490 [ 443.980724][T14721] ? rwsem_down_read_slowpath+0xfa0/0xfa0 [ 443.986434][T14721] ? security_file_permission+0x8f/0x380 [ 443.992057][T14721] iterate_dir+0x47f/0x5e0 [ 443.996466][T14721] ovl_check_d_type_supported+0x121/0x230 [ 444.002270][T14721] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 444.007721][T14721] ? ovl_dir_fsync+0x3c0/0x3c0 [ 444.012478][T14721] ? ovl_get_trap_inode+0x174/0x1f0 [ 444.017691][T14721] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 444.023954][T14721] ? ovl_setup_trap+0x6c/0xc0 [ 444.028628][T14721] ovl_fill_super+0x1181/0x4029 [ 444.033563][T14721] ? register_shrinker_prepared+0x116/0x190 [ 444.039458][T14721] ? ovl_show_options+0x550/0x550 [ 444.044468][T14721] ? __kasan_check_write+0x14/0x20 [ 444.050525][T14721] ? register_shrinker_prepared+0x116/0x190 [ 444.056412][T14721] ? sget+0x12b/0x560 [ 444.060378][T14721] ? get_anon_bdev+0xc0/0xc0 [ 444.064954][T14721] ? ovl_show_options+0x550/0x550 [ 444.069962][T14721] mount_nodev+0x66/0x110 [ 444.074278][T14721] ovl_mount+0x2d/0x40 [ 444.078331][T14721] ? ovl_own_xattr_set+0x10/0x10 [ 444.083253][T14721] legacy_get_tree+0x108/0x220 [ 444.088003][T14721] vfs_get_tree+0x8e/0x300 [ 444.092924][T14721] do_mount+0x142e/0x1cf0 [ 444.097242][T14721] ? copy_mount_string+0x40/0x40 [ 444.102170][T14721] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 444.108397][T14721] ? copy_mount_options+0x2e8/0x3f0 [ 444.113589][T14721] ksys_mount+0xdb/0x150 [ 444.117999][T14721] __x64_sys_mount+0xbe/0x150 [ 444.122675][T14721] do_syscall_64+0xfa/0x760 [ 444.127167][T14721] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 444.133043][T14721] RIP: 0033:0x459a59 [ 444.136927][T14721] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 444.157120][T14721] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 05:02:39 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 444.165515][T14721] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 444.173466][T14721] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 444.181428][T14721] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 444.189379][T14721] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 444.197353][T14721] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 444.207450][ T1530] block nbd2: Receive control failed (result -22) 05:02:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000200)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097cfa4e06a92d3b9e9b9289fc0d29baf6591450273455aa5eecdc026ec33e9365e46720ae8451e9401a10715b863a3c8699472b2bce7998b2619f279b79c9a0772676b507bdbeaf0e54bbd552adf521e29ef657617129a6bdf611748203212e0eb6e59036481b2d30993a221cfbe6426c1aff7ca87310789ff4c8e61cdf747e09b36e5dd1db66cc459f68e50dede50"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sync_file_range(r3, 0x175, 0x7f, 0x1) r4 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x5bd, 0x100) ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r4) wait4(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) [ 444.224763][T14714] block nbd2: shutting down sockets sendmmsg$alg(r6, &(0x7f0000004100)=[{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000000c0)="bf2037760b2dc2cfee9c9d8b186d5f6f392baaea6ac3ea8c85badece3bf75bd511b6c0055b8362b05ba91ad01555bc0b13889fe5a3d2a66888820c8271fc28d498f6addf83b4ac2c8398e638b12a15635cda63abba3d141fc2f73adce850549e8bc4d4c5353ee9ecf0305250ecf0ae1b18add481543a4770b2d5e0ce5713af3f9d5709acceadcd4f218526d08dba2565c191f0", 0x93}, {&(0x7f0000000300)="efba8b8aa4a1825a5b9d7e5aa88965e0939463e2d8657545d2714dc2d32859562117f28b25453ea5285b6302ac4b7a6a1cf96ed7116ccfd02479d52b59d613c213721c5454196f2090dee74beb6c81cae8a7e50ad240b693553d5b5f6fc8aee35be6247c0dcc9ca10d416485b1598c5076ca7bbc15c9d1baa5a7d36268c6480f6cda38a3ee4b5396b8b2d4022b8ed21c551ba72ac0a7261cae1707b8177f7e8842daa08172a25783e8835e196edf12", 0xaf}, {&(0x7f00000003c0)="108dc80b8dba98e102c44e94401fe40ecc8ee5d47484e9e22041b52596b4875cff4873a4f6bca5e26db6498edeac2d3239182d63b96fa202ae088156120582ea3e3a8fd7ba538175b2bd4cf4b40de912cb14d140edb92fe1c5676b758331852fc07ef933123b8af8757b53872561fc01bf4f2a9930a6e60e42ad218842a5dbc868766b4c0c05ff42fd194239a25134dd6e1b9b47ce56e8427075f1d58ae404dbf77a3a040bc630668d17a6397d1c146728ee1fd2e2c0ff61a740699c6fbc4a85b6233fadce73bb8acb4fa900cca739742c5ec787aacb50072811bec5e83cddca82eee411c89d01fc01e9bacf7cfb2a27e13c8b5b8ed7346065", 0xf9}, {&(0x7f00000004c0)="b69fe2e01809431ed898d54b6da0859552e9111921b8c5203a584d57023a3b59c202efd3aa691afd42d3f3230dcb2c1fe980400d17dd16af9c5192b6992ebba511405d89db54e943b9767bb58b4dee2528b86e0a6d4abc01d3e3281a6b5f9cd0a9613a6dabb14c826a021c8cbc291226b298514827fb5be18467da16bc4a4188c60e4eec31119f178adfc2ffbb162f76c38a168d9e4944c360bb449d9907c611e670a0566294", 0xa6}, {&(0x7f0000000000)="f4", 0x1}, {&(0x7f0000000580)="618f6c857a9f8f659c1cbc5f6663aec136a00c1911b0774a01539518b4314c237b68c3f391d43d10dc687e52f6cf1e8c779b236be8a0a74c3eca9758cf44253282e8d188fcaef91ed7075332597be947ed553c9a64a30f31b47d41efe3148fc0d5c2728a1285065d26d6dfbfe5da3ad11ffa11e5c8b38cd6368197dbe0ff20b96a0184692edc287798b56d94fa85c8253959fe3c3e9ce837d7853dcb4a69996fb1ad3a2d541bfe0b4ef640c6a1f9dacef92d00050db17e9835564abb6bc52bdebaf4ddef8d6f06fb9085c10754e53dcd714ea8", 0xd3}, {&(0x7f0000000680)="50909a9f529e294947cd06d81f35f34087055f7559862ce171083d6c417c457454c72d20ff16e230f75be6fc7b1ed0836c6a33d4d9e331d581113fd7139e0aa95f0e5ecf2ef8e95ed82a14bdc56e15126fc7749a843bfec373fa4504aa68ce593cb37c2975835238cd38ceb03d75a0c60fc3e88599ee4111b59a245772b68dd7a67358dc121962c00900ee26d358aecccbfd51865f02ee44bcd02a71312ed5973c299dd4a4537b6fa5897a1fc6b91f3de0eb9dbe2c622be82832782feac046f85f165baa7e0a95f787b2e009d6fa66657e24c233141400aacf93325764da103434084e6ccfd89bec677a548e80ea1727d3365d55", 0xf4}, {&(0x7f0000000040)="c3c7651a14b6e0df61", 0x9}, {&(0x7f0000000180)="8ec795fb77f209fa9138291b470b2ea74a3ba430e0e3", 0x16}], 0x9, &(0x7f0000000840)=[@assoc={0x18, 0x117, 0x4, 0x7}, @assoc={0x18, 0x117, 0x4, 0xa2}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}], 0x60, 0x4008080}, {0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f00000008c0)="ffbe92aa23658aabef52d05b69405395d3001a226b9c84d4bc024481678b2563fefe7f8a29bbc7347f5cf786f83f8930c8f0d2d4ffdf97ad15f628a3af11878daaebe4172a90dced561c3c428f153b797d10813fa1fa40e5082616cc51e69e14333b683738ed65c20212a818921b269b2399fb1d249e8aaf5ac7891fb63517fba7501baa1b4ab8e66f4017371dafddd7867f3e75071ca33a9d759732a10422f829906ba455a4e2766016925bde2e2cb5b3d5be86756674489ea3fd0ab8f53072a1297d31679e7ee5bd07d8b3258323c21bc39d2c62f9cd76c5047f", 0xdb}, {&(0x7f00000009c0)="16860dc94f9423c3d93e7c91886ad32f69d0c8dcb166ebf669a2ab68e717f6cee95fa86adb564bd5a6324d5f39bfa378bd93c03d8c04f9cc40c49f40e36bfbbcde7ddf1bcd21fb8bd277154407a4f6c01251446f06bdf76b370ca9d42424a7f7566b61bf4bb9d07bfe683082615c7888f4b9632bfc23ee3d2fe796b62b9b12be0e25d7563b95fd676855f878ed8a67d5229dd8a735ae3be356331c3fc62442079e78d4f0d2cace62132a75698a72a44f23580d5ceb3f018e0145bd15b46f1330c93f978f802c9bdb7551076972e8b90107113de560951687d3b70e9c402f2f8382a72558", 0xe4}, {&(0x7f0000000ac0)="3c1f94867e8e9bc9e5585c5ac95cf661515ec4dd1d1d345ea38eb9b9a2757d3539f333dc44294216c8f91631dd5d82ec889de973b099d7d7a20804bd2f5705f56ce180ca7f9f456d8771f3236fd0f56b02b6869467ce4f4e6a0db80ab346869532f55c0cab6e8ab637600e5ec39156cce5ec64f53120f647258f1434b12efc208c64225c8b73a9539bdb9568fd174370755857a55f9f1813b764f477f5d6208879e81f3a67", 0xa5}, {&(0x7f0000000b80)="6654e125f279a732813b25583df954168d38209c57325f690318d59013c5be63cb386768a7c5d2aa651029219e0c39832cdccd43f17315d0de7b5862f95844854fa9465018ce2127dcc17d781d36c4ce57163a4da51d99827b4ad6c9b6b5d34b551ea541217584d730eb795b109d44d0e0e1ffac757377411937ce05f5543be33b7a1438f8177d9ad87490a97376cb4739c022a79c82b227cffefd00050b78060358bbda7bb5cc6b6ab57f23c889573b9ef9121ca0a13793e9e7738d6d1af4d3712d287ca8dfa97f63a8bb608c8e226fccbd6ed8ae58b519a62468", 0xdb}, {&(0x7f0000000c80)="f325b0f658f0e5181af3892f108a44a36a783dfa83ff4354621917a8a5b6df1e4391d14a253203fad0ecc93e885f1dd30d51bae334fcf213743304f950695fe1f01528de7d90a21429caa110c2a9b4386cb6b9379926b460964da8cd40ab82fb85c278e540f940156252ffc5110e8d956a039374819d8caecc899031b9f666a89e99f0f5eee28253587dd9af661590daf7dae9cef39614eb43e6ea", 0x9b}, {&(0x7f0000000d40)="e6824294f338ee5b97b57505425ff4e4b965686bad7a12a3b825b3590f2a7bfa1c5c2fcc4e4bfd070832983afa860c9a41353bfb88aa7d1339b45b098bfe3bfeb264523d93fa54dc79960388f2aec590aba17897612ae7cbf22514e2729785ff89cfa5ea68e3ee4b3630453db79097198f5573962db5b48747eb0d86d509fa8f298a10f1e9301df3cf39bf65d09d3d0d852f6cad9f8a55d8788a9002e2254a33cda88944b1c942f88e48e05a1f69ee818a552916a43c132fbe9f34b52fc46c4e1d5d8b08924ea0963ef8d10ba50073a04b9b0e3c266c5c36cf619edb3a1e00791f22", 0xe2}], 0x6, &(0x7f0000000ec0)=[@assoc={0x18, 0x117, 0x4, 0x3}], 0x18, 0x40000}, {0x0, 0x0, &(0x7f0000001040)=[{&(0x7f0000000f00)="d211914514e2bd5c95ae4079db4f3dc31250369a5ce696a9f6147c00ef20066e70c17ce0cfac8554819ac1", 0x2b}, {&(0x7f0000000f40)="eab714f4cb2b72da4d8f1a8da39930e02a87e28998a324a1b51484d050c2501480901a2eeb9f89be8b8bf4045a4c9cf734321e93a6ca50f1d71dc0c0b3bae5e685b3127662dfe36fc0ed560340f9765416dfab8a8a8bcde958143cb5909d25075b76eee890303d1456773b542dc21981c5aeebfc4dbe9507cca84c432aaa277902dedbc806fdb82209f3ab9e86d7c2f01755011fa2f0504361867e885f6c1d7d7bd90cfd2df847d993bde53f4eb1f187d5c903154ee4eba011e8b44bb653be8e2de0874c9e6030a04e6719c37d1d4c2c732bb48c718b878a66e548141fe9d8e0d0e70950a1345a3dad5f6c5758f4b24806f6fbac77eafaf2333f7737c0ff", 0xfe}], 0x2, &(0x7f0000001080), 0x0, 0x20000000}, {0x0, 0x0, &(0x7f0000001200)=[{&(0x7f00000011c0)="940d3aa31a0cc971f47858f2c509a78aba8d28934bca73c400f94c2c0f17", 0x1e}], 0x1, &(0x7f0000001240)=[@op={0x18}, @op={0x18}], 0x30, 0x4000031}, {0x0, 0x0, &(0x7f0000001580)=[{&(0x7f00000012c0)="500a29b82db5507f0accbabcd15424da6ba27668e3ba5c80cb2a1465bc468509c47c38c179abbdcda7b2c8f71c0702911ff0c28a3acd9abcf4a1e8fa01b065bb47df9e25ea535225b09b80b5840a179470d9dd3af3b44ece143bb83bdd2c734496e7d54335ee630faea3b427bbdb03725215c639664dd81c728a96fd280753ae937f2e56f4b4b225f63e969ac8ea38558a10182a6cfb26fd213859f6e41f2de564509032f19fd53db335a25494e8039cce4371bdaa14460c95f9160a36d107ad3380a2131a61edd34b63524c4354a1ada4a5e3f0ea8a340b5e8c28896c8731fcb85029cb5a2fe7b7e0c4acfd", 0xec}, {&(0x7f00000013c0)="d559de433354013f920acea8e8d4bd502ad80d96532de70b69ce1092ce628409ebdb8e8aefaf4832052477eb070d048249f587a70d30b3d22e7e2880ba8721712e9b57399ee5cc47061d798528fa01286f8eead55aa71c43120fd4c854b95a59a5940e3436b5a9aa64fa86e720c6e912da2869fdab3f703f7f6c25e220165d6563af6f086bc44e0579b19e65453b646bc4f6c7f81c99cf14b7ecebc59876e70174b7b29dd85cd639a47d31", 0xab}, {&(0x7f0000001480)="9454157aa2fbd8cd9d898bf36cfe2f67091424696424f81778ee0cd35d74a44a090d201c2e1700b187381fb10b4c545acf17a2f0e8636e11f3a0d8ab57fe5dfe4c3f52952fc377fd242d4f1728fe1c01c57af60560dbe35982c332815388adf603c8baecd9dbf80d083f43f7ccfe83f4d578e6d2faf3b8c9c8726fbfa671681b5e6df1d9997a900a27fd70a906e2f50d742b7c99817df933140f8d99ac6501e78b10347a518cad198cf03311bd5fd81a1714367b1472467fba0313d5feaa23f29746a9b0bdc662ec0529b430b442b975eac47e7c9ed1", 0xd6}], 0x3, &(0x7f00000015c0)=[@iv={0xc0, 0x117, 0x2, 0xaa, "818a9f679b662adfe7308116811cad2c7995824c3ef68bb5b95133e9348b0959d4e6c749dba3495455d7872caffcea40fee645ccee29c5ee58dcef8d1c6c9dc7aca8dc5bda4eab0b3fa85ae77b879cb08884307f4e7b5f36e2687d4e8aa3aba94808745cae7dab221e3f5722c418961641f1c74837a2c963ad5a307324224e87711ee33c2faadf479692cc832ebf766724a71c96faa097fd5e97860c5314d43c0dd63555fb83ab66740d"}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0x1018, 0x117, 0x2, 0x1000, "1a3f325cfdd18f4e7d3e70e3ccc34dd7281acbf05146a91c9d92616912bd85e1af581ffa02baa633956b42ec4311689f2d8a23d22468cd0da7fc8222383aad75aa1e0b4e2b1cbc50bdf733b90524ac029339ca6e322b3b11c1d8ca02811986154e5d873926b1a28f8375ae84758b13f94f2c469bdd2228a021a3813757898b8d31d614f670271fad2edfc9512eeb041c5fcc9bd9c2a9ccbe39c13efd1a13aa6ca8ecf4393b15cdc094eb1372272eff014c62428f976fe17f5c5e22345dc0f79c2e5c6896c8d604c85b9d4c1d6b5e8627cefcb015bb85a085ec515314436b8faa45713b93d3dcc8f226a31bbcc5155f480d4573c6e0886230056c9e7394c9e21f01b98e4715d16ff100fb0fa1415b348789478e4984fbee9113f7357643a8a7a659ec4d4c43daf4a020664d4e42eeb593e9ee9b16c6013e9a090e5114e636c93168a0f9e37995d0e96b15ee5bbbb2cab89ca88eb4540e11c9c4e873cd3b821ddf16a3c6641b972d239dd10d44540ec79fa23e9199f78589bda797ab2999e7d192b4533f1c9a88451b37684d31f51deb77925b8b45aab3e19497f35d45f000cc6ab84fd7465a4d49335aa0eb1ee44b95c1eec59921b3d0971aff8a76c92b7961e835d86b9b647e362b5b00a776893448234c2a46a894af1bd1b685623b76484d13443a9a77c26361fc603afc5e53ecc67626cc0eeb1b580c4841a203519f2e92add2b0f11d0fe9fdbfde8217c192d42105e41950a5880698b729a3c5734e9b8ba8acab9616baa3de2bc0bed77c0cd6742ad51962b470ebf78b9bc1fd4bacd974c2e7fec3d8249c3693968dbab788f444e2e7045eccf56c498ca6772885184517e5f7ce058c86e45c8e0834cc4091885a46fae19318abc4b4cab6fe3a1f02daef76f7c23993549eb91f28e983ee3a0187ff1dd82663846795ed17ba8a866ca29295969ea9b76167039e8ccbac636a9c0260a382be0a71955f0a0c24a26d386b60e31f75ffc0d256601a8fad0feb543f72b1147c7449bd8c1e58cedc37fe0015c279fa6021b7d0b45c4ab17fd791277a64ade0df145d218f219bbe9e381672fe586f631a064900e818a03354142a809e30df101440888df0695a1d01b77481897050624cb0187b8dcef45475c031d1d4c35aa45cc1519b5b28cb7c13d21be89c81ba9c11ac359139de1d2fb67dc3600c2281085ac5a36187cd3cff34014e816b14459c764b739d655d4988b61869e04dcda12c86188a88747570863eab10e8382fb432472ed7f29f65d531034d7d0eb76dd96493d800949238c32d79fd6a250433f09f16bb9ff85550000306154638375b2f3d2552fec57331c7870099e8e6877c180369e6d9a29eb8fddb1969f77cff0a0321b00ff6465c1307b13bd6a8d226d2270454980fd103a855c01c0e2d1ceb8c55d586a5cc6ab148f43e0fc5c791f3e41cfdb8266eab6ac27b3baabd1d6107bf4634fd3bba1a9702172ba91d40a3e28665b87cb0a407c41cc45ac47840a9c9adbc7ba9f545c8975e8579b7b036791fe807953fd483b4fd58890678722507af12a786aafcc78e9d821fbf32081df1f3baf432f978d48c5e47acbe17f59322a371f85fed1bd479361c86ed4e2966056cf57a4dc39cd32d679f352e5dbab7e75d6305cd95fb9fc2e92a01962f4efa57827a55d8276bfd9ccb26ce50e831865e6ae71bf4fde2b10b42e2f7782c8b2e8c501c52fd43b1d8e2220239fc54402a7140cd76fa9782929e56696efc15396bd16b7502c55b446394007c3cf1352911aa5a25efff2bb81d7666f1bf0f4ba27ad0af8123f37e3d06336d50d4c0ea722f649354879ebbc297040a74cfa0dd17f588c2ebdfbc33bd0e107ab292c53a94727f16939be22dc56d31251ceba192c378556b43a81d9c60c5f924e20f055048d8b0deccc8e7a99df513d69916283e8fe5235f1e75c28df4fdb0a63eb574d45d88bc21d2ca09738205c5f5b965ae758b771d93f3d34410069762472a71fcad7ffb3bc8c69ad70f14382e56321b490078a3546817ff1679cb8cd8a00759b814f2ae06790482af9dcbcd856a0826035136b2f172af849140708017698c6bae90966c7b5af249d816cd394d57938877a8642963a0f400bd286e7531042b9a72499347233f45da959e5bd9f6cdc3aab6eea04f15dd4ac405bbcab172c767f5c52591dbb22bdebf48467d037a6435d8d55ad358b7e1ac57f185956436bc0750e80ad593f492c50d90cb2a046b248264cd9be36798513e98ef7a3c9771d97bdd07afc0df64e2c0182ec269cb774219201fca18dacc95fac9800d174860d552d4c1e55bf1ede3a65272fd470e95b2be695f9115016b43878b47b91789c9e1ba132a27b63541cb506e7c3955ce2fc0cda428ade4f91a23d05bd9ab93c93587df3994bc268052660f9ea91341592a5ac0c78cc031e4a1c06e377b2772572bcc17c63df9e55955626b0f71ad15eab634f079b9d7f79bd870d43f0c74e9faa0ec8dc1e632604b87c6a6c295b9c7315f5c05c1cac043eaca9d941d02019cf8a51d9c1392e774ffb9fdf93fc2e86dd5f354bfdf2151531e2cce7edc02fa1f5f267c9e322d158444998557a6ef741833bb9f2b03662175a6ff69958b68d42fbf04e761739af7ac8ec2bd413dc3a897b3fd63998b29aa2a908ee505b4976cc99d39c817d90b91fa7d6d201d998543a41c53d5a5f2b2d8dae3b3d8c26286300c5888474483a3f4049518fede69b80d2749aee6cc5ba6ed9f0ca184736e0bddff4ff311d0d2f5718595d8e7ebb70577a1a69fcf9e077724a149df70dcd12b9e10f1ff6910349ce949ee06748b78aafd2d374de431c53cc97002ed4936af1f77457731e0a5ec2639d332649f0bab4e20ac1850d308d7c25fd5b4b49ec5bc3b6046a0d266b6bdd5bc6f4964ce1f44bbcdcf2162ad43a065c99a667269818a803368843e7fbf6d6fb7bdcf781e1756f2cf336cb7b90516da923fe8e58d8515cf5de94937e63a9d4df96998e645432b2ac3ae258cc79117623a46c26b0c8246f98d59097a64585fb0ba85dcbb6da44efa146f43026ea1ec34deeab15e1a780e1f1aa7dbd85b258efc876cce7679e5522eb034777d0bac121f875b9ce65697cee4f4a499232ac3d40b66cd04ef629da23074a877920c32ef9c0d4b512ad2b16cc41dbf017cf1a35fecd3158f2d86c34fcf73aca5a3bed26fc6b1ebb4318e00d231c287f61807f85becf3ffb2ce3eb8b2e975457438ff85cd990b33ed5534fbe556e1eae29f300c9d94e8df281ac33d6fd07cba70fb922e437d07a1100ad2069a6b2d25faee7a7481994a23f0c9dd78f338951d1eb82ef87945675396404c5e24cbdbcad459447aeb493bddc6ae8b501bce978f48a63da8045e90e433357a63452dc6bb534229db24fed739ffc0644c452f66634c5e394379b004d8b2ab3a49a648197395c0a0a1ce02b8228336b6c16782374d637b045e8baf722e6c380b054d275d6f385fde7f4609cb151e5928935b767ba7a1fcbcb5ec7e36f75ce9f516340efa12e13fa9e63e81978ab971476c36af693912d721e45538c7b7c967efe9497fdbcc35ede8417663ca4603b310f8b8df590c36dce5639f498c00a03641acc390e9c5388609d17a3e1fa10bd541ec005cf88789b13e3784c13632bf99f794690de06db9da0cc7ca2dc7f5a785954ab098986472df203fb14a0a4d1039ff8d986a7d0d4fff5e1b1fb21899b7364bf7ad4578f41aa8621b3c4b1fef926574488b7c153761af5dfa7ec1cdda480255be1f13fce81d0185c940ed993dab6942efcc7897eba1cb1ea7b3316ed350d0c3903c767c862a4ec5b77c6041a10711bccb90c56c81854ab6a2ac84190a14b27c362f10d582fc00f1f5e1804f8e812adc6e8de8d0852206541b66a70412b2c98d4311497e3e1450e1961a1c6b49e9d3ea568c505745126dfcafe1dda4952d424c4217f9b453494099fa61fdbf662d594adfdcad84f22f60a0b96e051690ef02d4e3dd3838605745b8f96e878a70cbdd86aeb11d1bfa037b559d2458d7c55f465c4664ddb9861178ac7b8d7c187c273685677c73208f7d79d87c2ca449bc1b4ef1b1760eb0f2454e852bb52ae505efec31304e8f2f5b944bb400b0252b470a55a3e31808368633f4dea0788662dee41a08ef2a4c38f6d7977506638b10890689e235286295b6a4d0c497ec1b8405139d2fe75c184050e06fc9b100b73e084f9361d89a2754b528c2f2ba013c684c408e15c263f6cb29c525db15f4b9ba4f4fe677219df44b1ce45c4acecc6b80b6beed12348c2bbc13feb4f2af98d33fee809f9451d9c39ebac016cc875f540b11ce39489a697569ecb327bfdf042d12ddc055eda555585525efeb158d38a5fc727ae41908f2d74a19a0012bf67a051243e2134abc5e1b562ed12560aad5eb0fa02c4f2fa6c640a9ef73faba23df58c31c2f372e3e47d67f566b63dd77c5b8a5eaf35cfab5425fd3e9784f1fff6ad4cbf0da31d8328c4717b90dd28239c1e657ebe001ea0cf0f976f0603fbba8cd3f7c0a647965b888c3b1aad6f7d726516dd821c206167aa0a56fe4b602ebe34a04b43b3b5f95dc2dd40c5bf9428b06fc1fa7d06dc3dbed54af5eb56485bd717cce16b14e954c34d55fdee92a4bef1c028df666b991d5439935dfede80203feff3a3fd187817d4eaa08b1e762c36b6f10da7447003c6a24164645240476b9780c785f1fc34a6f77ab3ef865eda41da16053bb94089dc47b8e25dd772c43077c343cb8af3c07282a5170165e6a81974513e64efb16cc6ad60db560689ccdd442877a813de27991479f7b94f22f0cf51b219fbff0757a160bebcbc8aeb60c1d4b7ddc4994edc740d7ee7ac02a2e31488d87f44597ce60df8a50a8411a356270a79199abb6313c484ee9aa7f88680dbb4925e5bba341e9e1e22ba8522f24af7403cb9b2af46fb4b78c895097b5323b2ea10e2f0aa4286d8fe46b5c2fa0a6ae423b2c2866b12610a7f4f58b3692aa422535f7dfadfbcc568577810d56b681a05252a71316fdef9bc6fea52feb84beac9aef19843f536eb669da66ea5991572c746b264fe2c4da6115054c6afb6de6f731bab575c5a0aed80cd36d7668bd8bc8ba115a1aa30a7a7fbe626fda42c1d47712d3e7b5f3769c4e3cb4550e8415135c31301953d5cf9aab1e449aab70207f69553397938c4f762a14fabc09684719efecf948347d7f46631f6c6340f1b89acc9955f07a4fc37906d032af3994602b5a28c293993828ab181d3da5a7d61240960d4592a139d80561e20f8e9299f28222319aa2e801ebda6f2729b8aaffbe92012739bc70851e516a6afaec5c3a1004523a9975da20e4d501a01b2b82163c7329e70421831346b3101d97ed6c7b96d165ebf27574ea1174310f0e3a32b82dae58c6a3c08034d903051666a31513a187aa8fe5f4cec07bb2039396ae734652d4e233718bce1f5087b64e69b5ab205ff2a369ad89cc261335fb0de1334c6092087ae4bd9f51805c9c4fc358974fc82ac4d775120e26867af81a9de7bd07f6e6d87fcb410b8d9ad50b05d0348adfcf759739e262acf6b24f99e6a2bf39b56f55ec37904c4d04c8861c0adeae9240b81efba149ce92a82a8bcba23122a2c698fee2c39f3ba9e2954ef516ef2af3051073e014d895c014de1c5197a9828a2284c9ff773e523a61d97765f17a13f48159b6caaf4da416060572e591425874ac8768414cdfc18ebb71ee45b48bf0c36c9d4b9fe3d0799dcd3a4483fb5e06426cf4e4a48caf10d831172bfb56133ab7"}, @assoc={0x18, 0x117, 0x4, 0xdac9}, @iv={0xa8, 0x117, 0x2, 0x8e, "bb919fb73bca46dcb54b9d14fe72e8e841e8fff3de14ec00161e5f99f17f45612faa44f4eb3dcaa217d9618d36c7f36abb728eef8903e1325bcd8cd0b64e6ff7624e698882d386d65fc78e964e79f53161f404d116984d134debf290ee517536210a1c9f854cb66dc8f397d871966028a6b91035a172fa1da649eb66f00f4206db6c4e88d4028c950e753083851f"}], 0x11c8, 0x40000}, {0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f00000027c0)="13f3b88f7eb130fa135a89d5632590dc364870284c6354476691658cf2699eb8eb718687b8e11fdb855ddd54e639f38263053e1f65ca7e78b6c4f291090db2c2690f735bc6e31d0762f130979a7fdde1ac29631ad6a540a6660bec", 0x5b}, {&(0x7f0000002840)="7706d52751f9da1cf19a227fcce5b64af4de035c1903c408c50ef8b57efbf14bce98174fc17735e347e9895d1382091b8716e71b3fe3ac3832567ec697b170820e308d0a4ed577483c2479c9acc1a7b7b13af9ff8d0d049052740ec9f17e9b", 0x5f}, {&(0x7f00000028c0)="6644bc5c56c92bf9c4f8a37818686d3046be76c0b03ed92b858ac0c7bfe53e5ad6767c64ff85cc5b3687ec5d96347b75", 0x30}, {&(0x7f0000002900)="3ce74dab92c934039d51ffc7640a20835609ff17e177ef138e270db32b2755ff462953bd36ca48e568a5d9bcc9be99f466da9bfd3be925ca1bfb4756d64937be8a4f3efd29b933ef1e0c043595cc3197e749f19521aad867b82a08ef7662a5b855f115d934f68de435a80d5ff2ba41e978f8f3f7d74fe9950f1ea45eef452761b2d25181e21536744d3e6c15a42ba872200836ee5751512a2a82598d1b78d8dd7ce92428fc7579207f1f54ba6ae661b90c1df1bc2eb4850904a554269adf9ee27feca2439238b48039238493d3978c3e7881a91e0e06ad802d49e201107c0459bacf3fb26ce1c4eb", 0xe8}, {&(0x7f0000001280)="68734942e6ccccdaded7139b62844ea6", 0x10}, {&(0x7f0000002a40)="f6a008d6ca7fab04898756343703b32bf2ef87cec47776607767d6438f349f8b57450ee033bc8671d7d6262c99b6d1d0ff3179d67cc12a277521011619e6ed98", 0x40}, {&(0x7f0000002a80)="41e6e76bb45c4785bc567166fd3bc4a3f5fa5b6c8df665fc1f349eaf999245d99607bcc4219999430bfcb51c0610cb9e7731098e93d563036a1b343607210fec8f8063485b38ea963b2a6936db4d3a5d69b5768879bd5d4960cbaf1a93f12c0640f38a5a8632ef79a969c7d8ea87afa41b43e33338351cf62aeb34a460072c8beea511bbfefd3667934a7b90b25e972339a11fe4631c5bfbc23098bc9cde3d6612049a37841862972fb190028047b717c384a97278177a185f3d7c8e9d17283bc9f446f49d131a509f8e8905a0724c1ecf6d7bf02d13b91560820c7afb68", 0xde}, {&(0x7f0000002b80)="7a861e2d11b261d6d09c392fddcc53d7d2b158abcc083c6be8f50d9bfbf8f67179f4d99294a668c08dda972b71ca0f6901aea751f2b71dfb39ba70ebc997fa2be157f1a1096b6860087086fc45240f0e9a", 0x51}, {&(0x7f0000002c00)="e8fda4648f53bf1c1ef2438d8bbf319b47018a5969625e89c557d93474e808221801a82f2f9144d1d889248233d071d0cf93a6811f56fe58911be63a2f11975ebbc7bbaa405010c980a85a7d83fb0d3b27ac7f9ce34126b9393b2219d2dbb9c95ef0f0a87dc27483a936e70dcfb03d89c20ca02323e36a0e1dc1539c8651d9a399bc8e40a1d199396f9e0868eeaf2ccb0633f3f13cb965b3c6139db5ea746549587e01b1589ba7f65da101a4d872214453ae99b44202f91d3ffb4f1dd2b4aaa3c1e449", 0xc3}], 0x9, &(0x7f0000002dc0)=[@iv={0x68, 0x117, 0x2, 0x4d, "ebd20058fffa3aacdc8540c5a3c54c4d68d9ba5dfb80ddfb18f50e18f51b8dcb7aa0d9e9acb331d948eb55ffede662da5166bfa258b86908e0aff794a7fbdd41530542ca2016e5990f2a3d1a61"}, @op={0x18}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18}], 0xb0, 0x4}, {0x0, 0x0, &(0x7f0000002f40)=[{&(0x7f0000002e80)="699dbeffa0958e80967c7e1edda05e6735cbb2da1fcef0909e6bb1eef6f43330f8fed2b85f5c5721941e208b87118fe39f2b169ad1194947c925caa37c1b37f2b3f42b1b12b39ec2bd069f9c83572afbe60b6c6cd23d775c3b24014627e0d80b931266f707", 0x65}, {&(0x7f0000002f00)="e814ba4c4b21e761e8fc5edf26e0196ddf520143c7a672637fbf124c2de94d05", 0x20}], 0x2, &(0x7f0000002f80)=[@iv={0x1018, 0x117, 0x2, 0x1000, "d53da04f70ca4cff9ed75ba50d54b80938c2055814fb7e16c9659a64af57a9ca7812b5c43bc2bc5440dc758932ce00519994f84bb883971d968ddaea490e55d9dac6eaeea96e627ae94f7944a2e045c185c91b69b67f93ced6d8a9942ad7f423cce2eed67b133328fc1fb6430942b427487b4e2509a57fd6826cc8230d9a6ec3318f1d8799f8ba1181571890a76076cf4167d39e2cba4aa5cb35b5ad794b9404b71b2e9c62610b1f787513d7abac4bb8add6e4298480fd2fa30e9fa25a3f8b853e4ff35c245bac5685774be288d36df428f98e8d8c8bc2d0960877225e3158be3f93d34fbda74818433cc943913e48595d0f0e679941214c9a52a8026bd41e816fd1536f688f0fa16cf63b768ea95301479749407294adb70ebc98ae4193a691add17f9398b5cc174f3903a3cd9d07d5967e45a9b6787c220707ef133e1d42669bf213fafd111f3e14f32edb8e2280761e2e7584a3ec715b97284ac9617495ef6447ae6557cac8b1b023c47c9582d6ef5d78bf731740b6f8744a8890fe663e340543944333219a9a644ee668fdf64721f40ad809dc98e5a1735ba87e4f49b82e384a478295c06246830c88baf0436caae9512b59da7dc22fddc60ddc97fa6232606a1efccec4d6f72db7b23863771f28eaa7edb15bc4f03ad71bf3c9006673cb5c5ec54167ac5ab2613574281055258bee3892a5071d03a03ad75beace184fd73cfc3b24026a5b6a93637873a5e7ef557322c67f8b7a43ad632afdda1211017dfc2ea3b6ac44d2241349e09af468747e9c41e4e68ba02f8838384dbeef19bfee377e7ba388dc59958fe659f05606c3b5ca1ab125472afa6c44a374097d52e056b4be7de54ef0eb0f32f2cd571d1a7ecdb26aa0c260d6e192164a8874d33e4c4f01133dfb35d494f6d4e9d3bb5effb8d8c9fe8e4cc7cb3f31283e38307752d021e8dff982773e13cff0eda04b5f950a3ef854b3fe02288e381f2ca1b291e466388dd728a66c0da6bf4e930a161f4b21aaaeae8f27a14d9a5963f5dabfd3d23a51b8082e86a916d57292efac9a297635b53230fcf1fcb25225e716e2ed73a459dca71dd5f507133c7c164daf07961ad1fcad2025bfa5ff9afe793306d3b2306c2da5667eeada37d1c825ae0c85ad7f062a768abb30426f15692d8a6b3fcb4d27b3126f90a18dd4b973c5017bdffc37721cfe45e615e5a928f4e838e8c5c5758732861e8a1ab556cb67637f1903b3d15327eefefeef79fba7f9cbcba10febc3ab2b9f32fe38782ded31cb1aed5511da14e2ce47bcf474b2f79bfec4fd12d8a06653cadcf88b5de60a54255719c752f7c8ee4f5d639d6ee899aaf73bb602bff4856f85a6ba0bc8cbd93f5ce3a9363568d3c4b14c4b3fe622061a09d624087d5d8027ed42f2c3493ce8ffa7495dd8b61af32f5b91110b1f8fb749ce3b6efce3e2a56eff7ab391b25ef8d63170d0d231e04f422ed276af73ca421943232a4601f84c3267cc1df4837bf7c7b52b6c694ad25957d59218daafca72a9e418780dec214b63883bcc23dd9c22779ea1b27c94f0d815eca51598be9074f34a20ec4af84c0eaf18396ae97f4014bc5761ab8dacb5cbfa554d9d1595f8042f91605a2c14b54f4f5592b4ab344c20bb43ac6595785f42486c83188ad9a8b5256a19d8dd6ed0c94b6149eb45d0cd47878158b553189c56306d7c013fb658534ef799609719324e7daccd43b28d59f8cc9dc592d31c3dc137da25691be1aa5df089e4577d7582b7d4d8ef4881137b19da04dc918207353649257b8fb98f896e103de07ad52a873cdc0e55138849325ea8366e86cd91ee219dc3b379b5ba41971702d32262b79819dd1a5678e2bc198a90ad4d3a499123a3fbe0f7f4bf421ed55abc90eb3f3b8523125f0319c2f1853d049891b3a28422d67e93852dc9d52fc10a8e818f2621edcd7f33c19a1dabfb0d8a41fa278264c948bccf3ef90fe9193e8def5e345ebe19e27061d437774d67c129de9ee608ac1bdfc6da11c2f61b4ab54d45afec31e39f1354b7fd24a55e921b7a27e6f8d514e1ecc891485ed0eef8c230bf6a1d7ac99fcfdd4ef896b79682bfb7ce119d14696c5a3d7babbcbdad3553c4983ed57e97c7696069d85ee148cfdb290a773a69578964861c95e3bc330a16179f02ef6a236e8800261e07eda099de936857a7ccccf3758b3a72f28171e3dd55e3ed7046c2165ea7437dbf42819480f3fbac0958ca8a5dca2a66965f05c2349367d156b7a7114a903ed3ba3dfb2a1e7ca41a69a25a2fb47fa3700e3951a9ce0b3f068d96852991d6f84717df28ce06f37a5f53c0077130fc52aa700ee8ed1451ae6b40287bb1fcb088ed327c8be0e1f4b85cc77e311871b8037aafe642bf10a64256abd32af77e6801a734a0933dc253eff82c8021bcb5fff9cd95e336d386669b1330f12123900501fb31de1002b519916bf7ca2f949a242aeb0d2cb09ab15017293db1c9b8bcb0cf2f57f109cef09770fed44eddda0fd6e48163388afef44643e354a93a21d5c6cf07dab38a7b91986f545507067a9ef67c285dbd45f3e8d62dc9eec1ff1b7022597d2480db69b07b1b76c18c84834e38cdac99a1ecde840ad753297eda825f35b972e7a9da1e9d3970f9545eecdd5b6f0ccd8c4ac7693b5b5d1eef9329960cc3d4b7f9586cb0510579c6d41f85a6c7548971fdd120bfe608c69dc10a58204e4b52ca8c2d27727dc29ee8b5d14b1faddda77cac749b603b9e85a49c0303542ad1bc1d3ca06b7fc3a837f5f930f5007512ed2f700ad0544750d47e1f4d6eef3be9c094eb40de435ec760c29695ba6adf6043fa0b1bf84f8fa578c5cab6e41205fbf961625a9372c48feffe31e9cda97e96c19226723cbe1c36475c2fb8edf02fc7d30826c1cba6791b2c3cb8698a27e9660e2ed7c9ac4cab51028dcf1ea6d657edee13dff43f04aab7e7cadd572e5959ecce153ad2b52f2d48baf0f45953ede4b8112b8ee270c8088f8211bc81083f087bca9d2e1bb4f0363c3b5f6378cc75dd818d14ba2ce3a5fda3b305ebbc879f224635c7396a3c490635f3e90c9636e34d0ad248b37e66a1b2e1b5d0f58c95b5ea78b1e82a92ef5c06e593f49f5ce296afebb062baa89fb9dde0b8ee46f633b8d4cd42cb578e493a8a03afc58c7e5986d76d5a040e98d9d648c1af283f26be9feb8d9330a2d32df2940c33a1eb1247b71a684d767796fcd94348013f44fbce55ca0975a848a519a31806e69bd15ce04c11803df633b9affe120b2e73dd5174a3f0299568eb5d95510c152f5d2dd98d1b2ceb62400de8cc61663dbdfa57ffb341fb81d8fc408f8ef155c2e1257ca710ea09291b250744a0a6c79e478e3ed23363c3c839746418e1640e4b72d6baf6a2dd05d883a551b8964689a69191666af26a6c5aa9ebd2ff20cc7b2a6da1c6ebd8f8c27bc45a4714d4ecc521acb475901a841c1ab76be9a05debab8935de4ecf0ef4eba4ea999204b08d9677dee8538c3a3e06bbb93cac8212db153affa882708d407ba8853b23c33e9b4003c984e4112421db60df57d62f58bfdf0e5e713398470ceb3e581f5dca46abb533f5e8723731f494c2e5faea13f73777c9ed9d434850f8268727b249b324dd4c50fbdfcbc65c565fffafae01030ef74ee78a4ec04c41af8cb0bd80a8caa0f3186dd7c5f2e8446d7b6fe56d5b05375c06de0387b03c11b83cf4e23b57d301538144c0130e49508e81cbbc42984303bcdc0efb76462cc3622b97d160352fbe5a803a882a40451d8c4414075b6efe0442988b3361b00d404a575a6e88df1204ca8463f44af9f54431e49091ff2cfc4401357f12a10dc97eff3c2d46464e5a68657a2d9bf15f570e1770b64219b447f5e7cad1d641611f0118bf94d0746990270f7fc83fea640a0faf86b16fbea65f0d44d133edd51a1af5722bada993d53cd00aa194de53fdc84e32859d2782b24d274d904828944555cde0df44259fa28acdd41830b83494770024c669527e4092eeaee0fc15875e254d33c4b904be46dad956b8fe10ca757feb2d3d1fe16054d6bd35004b0ec2d7399f5fd6c9e55d0458df7ba4081e47827e91dcc2b29c2be071761a5968df926fef96620ebfc1effc484216c80b81d8c7bad0b38bc0ffbdbdcb80cb70af97b504ce604a77a75414433a5f6a7f55858b60634e3bcb3057ae186e03598d658870f209e04e5a00b69943cda30ba07c0e5173402d42c776a1aa5e2fbe76b1ec0456e8023414f0f35b93d14a8e7e8d5c633dac548a6d72687fa274895da339ec6a06d53d03d12b4b0bb6d27b4cd2657de76366359f118ce319923332287c94d6722d230cbd39d67036ba8762dabdc46e317b217f93d39c9980d222b565e20f17d83aa422b77ccc4ba575427e2e2eb2aa80fa9982462894a310dbed9e9ab865176f4462bc8cd76b963f3f2b9b817269f53481f9082d3321bbc4d070fb8f574492a66190d277b863e964e5df054ec36a5448ab59cb45f561be6dc2f20a3f91fd53594124086a5c634940a7875ebf993947758a9d483bdcba5d15b0197a96664883dd36c7721c8b2fae6cae8219c2859e4e7897b94298611a16434edc47897f1a9bf2547e37a358d999d7d7d91d8a3fb13a17459c068e7928f74eca91d68d270ac1bd134bed9ee2c8e1f15fb47854e1072e3764fb1a6ee761bd4a38b3177c8252781ff52de434dc3ed32967ec9c98a2aa30c8d28432242df01989ea027c4aa58f9bb0929b239752676c0dea634ac4e4ab4e013d45b4d13e2d3c0a4bd550c2ff62a07f9a158ef472d63d37e518bea93b4d446b6d0cb1ee11749319f18c52e812bb928a79d7c7e90d77475b665b3ed0a888fcc63bd991f63e21b568a578cdb32fbf80dca6d0a6ff09ae657cb49dcc61f88f0e1dcec11036a87c45a9957d4594bfe4470a4cc33da711a6a0ba1908f9f63b6f67cb5fb5594ede3eccd94d1ff9331bed7ee0e7874fa4a720db053f961f5d518b9b73ba0f4eea2e18d85694a25ae9faef49ef1b13fd5005207d0b9105f1410d7c904d1d779a2869121f9009ceb7d2e1468f9e296edc69c9e818568e0556231dfe60c993365a27fc52e07e8896ab134a8eaf86b0d4b94714204cac5a3591fbd701f2d85de725900abbe70e8173c0edfed01655d77a4885fd8939f3dcc62223287d4a03e6cfb4a08155efd06b18403a3d12c0718f79caeac581aa4ea0546710ad81ec0dacf96a9b86a6f8197d1cc020dfbf60376b5d900dc38ac62baa23a7fc66d93f7a752917cf94adbf4169533784c610ff52808b4de8a13fbb84d530ffb7feb519c90455f170c9cd6a702b1598503ace16c95b322c12b2c8a3b2b8526ebc9e70352939b3cc4506658e9ef84ad6b05ba4e4dd98c37aaa4e775980def361f3224164d38d644fd90a62362e250c9c588a9059c6158f932658187fce1222903c7030be27586b063d83df2b6632d58ed63db8f1b547cad9b300952ab758a620ebc484a6f423b76333700c6e173e31c3b80599be06244a850759ecac47c3f9c7a2f52c077a51f1e92fe7bad471a6f443a475a09d3f30cb0491df557f57bd07b1e2e46eda92f6c19ef7dbde0b95511d9e0c9f48327fa9cf90bd03f3b3e27cc7e0a4cc2ec09e7c1f2fce3aff941201fbe6a75e0659da90041e89a5d1e4a45927fc73d20b7b6d5f31795e5c3558ad1027191172904093a0cb3fffe81028d1cb69e640d8379451a2ec296b336830482b86069e7b1e4cdcfae0b3d6f36ce1423bc4abcf4069c2b39ea9f923279321effe238821d86a4bb097ca0c6180ab1d"}, @assoc={0x18, 0x117, 0x4, 0x6}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x5}, @iv={0xc0, 0x117, 0x2, 0xa8, "10ad5e5ee56afd5232e061d92cacc596b407ccd9ebbe59b28f1ada0e74c20820086854ed18001c2f72d03496e7dc7dbe73ee1a797cb5167acca9e884ca31e92d5ab217ff106276fd1760a2d56a30758bf200e4bfd308ed691afb7194f58b67af08b217278b65cbe218760e92218f66cf609b79ea0135563db5df75e2849819c4a42c5873f271d9231e0f25a90a40aa45a4a0df95a250bd99623a85927c0ae6291c3ee00784f90178"}, @assoc={0x18, 0x117, 0x4, 0x4}], 0x1150, 0x800}], 0x7, 0x4004440) 05:02:39 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$TIOCSBRK(r7, 0x5427) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockname$packet(r5, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0xa) personality(0x400000b) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r8) getsockopt(r8, 0x6, 0x5, &(0x7f0000000200)=""/4096, &(0x7f00000000c0)=0x1000) r9 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) ioctl$NBD_DO_IT(r9, 0xab03) [ 444.289315][ T1530] block nbd3: Receive control failed (result -22) [ 444.289322][ T9110] block nbd3: Receive control failed (result -22) [ 444.322041][T14716] block nbd3: shutting down sockets 05:02:39 executing program 1 (fault-call:3 fault-nth:94): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a0089dae769001499a8d1b3a4952f36def66ee2ac3da6debab7eca881913a07d8aa1e5cc7dd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) r2 = getpid() sched_setscheduler(r2, 0x5, &(0x7f00000001c0)) wait4(r2, 0x0, 0x20000000, 0x0) 05:02:39 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r0, 0xab00, r2) socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, 0xffffffffffffffff) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) r4 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VIDIOC_QUERYMENU(r7, 0xc02c5625, &(0x7f00000000c0)={0x6, 0x1, @value=0x7e000000000000}) dup(r5) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r8) r9 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x2400, 0x0) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r3, 0xab00, r4) ioctl$NBD_SET_FLAGS(r3, 0xab0a, 0x1ffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r12 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r12, 0x8912, 0x400200) ioctl$VIDIOC_QUERY_DV_TIMINGS(r12, 0x80845663, &(0x7f0000000100)={0x0, @reserved}) write$FUSE_IOCTL(r10, &(0x7f0000000000)={0x20, 0x0, 0x1, {0x2, 0x4, 0xfffffffe, 0x3ff}}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r13) r14 = dup(r11) ioctl$PERF_EVENT_IOC_ENABLE(r14, 0x8912, 0x400200) openat$cgroup_procs(r14, &(0x7f0000000200)='tasks\x00', 0x2, 0x0) ioctl$NBD_DO_IT(r3, 0xab03) 05:02:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x20, 0x110000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000007c0)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x14, r4, 0x5, 0x0, 0x0, {0x11}}, 0x14}}, 0x0) sendmsg$TIPC_NL_LINK_GET(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xe4, r4, 0x100, 0x70bd27, 0x25dfdbff, {}, [@TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}]}, @TIPC_NLA_MEDIA={0x64, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4648}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ae}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_LINK={0x38, 0x4, [@TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x29000000}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_BEARER={0x10, 0x1, [@TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}]}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x10008000}, 0x40000) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 444.541988][T14743] block nbd2: shutting down sockets [ 444.630607][T14746] block nbd3: shutting down sockets [ 444.639101][T14753] FAULT_INJECTION: forcing a failure. [ 444.639101][T14753] name failslab, interval 1, probability 0, space 0, times 0 [ 444.671386][T14753] CPU: 0 PID: 14753 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 444.680450][T14753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 444.690515][T14753] Call Trace: [ 444.693825][T14753] dump_stack+0x172/0x1f0 [ 444.698170][T14753] should_fail.cold+0xa/0x15 [ 444.702768][T14753] ? fault_create_debugfs_attr+0x180/0x180 [ 444.708584][T14753] ? ___might_sleep+0x163/0x2c0 [ 444.713446][T14753] __should_failslab+0x121/0x190 [ 444.718386][T14753] should_failslab+0x9/0x14 [ 444.722898][T14753] __kmalloc+0x2e0/0x770 [ 444.727145][T14753] ? ext4fs_dirhash+0x17e/0x2e0 [ 444.731996][T14753] ? ext4_htree_store_dirent+0x8a/0x650 [ 444.737550][T14753] ext4_htree_store_dirent+0x8a/0x650 [ 444.742934][T14753] htree_dirblock_to_tree+0x4e5/0x8f0 [ 444.748319][T14753] ? dx_probe+0x1120/0x1120 [ 444.752826][T14753] ? do_syscall_64+0xfa/0x760 [ 444.757512][T14753] ? __lock_acquire+0x16f2/0x4a00 [ 444.762545][T14753] ? __kasan_check_read+0x11/0x20 [ 444.767572][T14753] ? __lock_acquire+0x8a0/0x4a00 [ 444.772521][T14753] ext4_htree_fill_tree+0x26c/0xa80 [ 444.777722][T14753] ? __kasan_check_read+0x11/0x20 [ 444.782756][T14753] ? do_split+0x1f20/0x1f20 [ 444.787266][T14753] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 444.793425][T14753] ? ext4_readdir+0x21e1/0x3520 [ 444.798280][T14753] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 444.804259][T14753] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 444.810077][T14753] ? kmem_cache_alloc_trace+0x397/0x790 [ 444.815637][T14753] ext4_readdir+0x1bd3/0x3520 [ 444.820316][T14753] ? mark_held_locks+0xf0/0xf0 [ 444.825118][T14753] ? __ext4_check_dir_entry+0x350/0x350 [ 444.830680][T14753] ? __kasan_check_write+0x14/0x20 [ 444.835801][T14753] ? down_read_killable+0x10c/0x490 [ 444.841012][T14753] ? rwsem_down_read_slowpath+0xfa0/0xfa0 [ 444.846739][T14753] ? security_file_permission+0x8f/0x380 [ 444.852382][T14753] iterate_dir+0x47f/0x5e0 [ 444.856808][T14753] ovl_check_d_type_supported+0x121/0x230 [ 444.862536][T14753] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 444.867999][T14753] ? ovl_dir_fsync+0x3c0/0x3c0 [ 444.868020][T14753] ? ovl_get_trap_inode+0x174/0x1f0 [ 444.868040][T14753] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 444.868053][T14753] ? ovl_setup_trap+0x6c/0xc0 [ 444.868067][T14753] ovl_fill_super+0x1181/0x4029 [ 444.868086][T14753] ? register_shrinker_prepared+0x116/0x190 [ 444.868111][T14753] ? ovl_show_options+0x550/0x550 [ 444.868130][T14753] ? __kasan_check_write+0x14/0x20 [ 444.910447][T14753] ? register_shrinker_prepared+0x116/0x190 [ 444.917376][T14753] ? sget+0x12b/0x560 [ 444.921343][T14753] ? get_anon_bdev+0xc0/0xc0 [ 444.925914][T14753] ? ovl_show_options+0x550/0x550 [ 444.930921][T14753] mount_nodev+0x66/0x110 [ 444.935233][T14753] ovl_mount+0x2d/0x40 [ 444.939283][T14753] ? ovl_own_xattr_set+0x10/0x10 [ 444.944204][T14753] legacy_get_tree+0x108/0x220 [ 444.948960][T14753] vfs_get_tree+0x8e/0x300 [ 444.953358][T14753] do_mount+0x142e/0x1cf0 [ 444.957671][T14753] ? copy_mount_string+0x40/0x40 [ 444.962594][T14753] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 444.968827][T14753] ? copy_mount_options+0x2e8/0x3f0 [ 444.974012][T14753] ksys_mount+0xdb/0x150 [ 444.978242][T14753] __x64_sys_mount+0xbe/0x150 [ 444.982905][T14753] do_syscall_64+0xfa/0x760 [ 444.987841][T14753] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 444.993885][T14753] RIP: 0033:0x459a59 [ 444.997762][T14753] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 445.017353][T14753] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 445.026353][T14753] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 445.034306][T14753] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 445.042255][T14753] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 445.050293][T14753] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 445.058245][T14753] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:42 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504", 0xa1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:42 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000007c0)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)={0x14, r3, 0x5, 0x0, 0x0, {0x11}}, 0x14}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x6040}, 0xc, &(0x7f0000000040)={&(0x7f0000000200)={0x1c8, r3, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x74, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x11e9, @dev={0xfe, 0x80, [], 0x26}, 0x660}}, {0x14, 0x2, @in={0x2, 0x4e23, @loopback}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'teql0\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_LINK={0x24, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}]}, @TIPC_NLA_BEARER={0x50, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x0, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x1}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @rand_addr="660d6685f6511e0d8959acd3ed277ec7", 0x1}}}}]}, @TIPC_NLA_NET={0x38, 0x7, [@TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x8}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1ff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_BEARER={0x94, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7f}, @TIPC_NLA_BEARER_NAME={0xc, 0x1, @l2={'ib', 0x3a, 'gre0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7ad}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff00000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x636c}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x8, @loopback, 0x1ff}}, {0x14, 0x2, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}}}}]}]}, 0x1c8}}, 0x40) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_DO_IT(r4, 0xab03) 05:02:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getrusage(0x0, &(0x7f0000000180)) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000280)=ANY=[@ANYRESHEX, @ANYRES64, @ANYRES64], 0x3) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x200, 0x0) read$rfkill(r3, &(0x7f00000000c0), 0x8) r4 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$SCSI_IOCTL_PROBE_HOST(r6, 0x5385, &(0x7f0000000400)=ANY=[@ANYBLOB="f300000000000000000000000000000089ad84eaaf3747bd0000000000000000000000000000000000000000000000000000000000000e0000000000000000001b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018def2e3335d7b700224a79e499599c8a4370915496c3a48c704aa4ada25d669ed3e8133"]) ioctl$sock_inet_SIOCSIFADDR(r4, 0x8916, &(0x7f0000000140)={'ip_vti0\x00', {0x2, 0x4e21, @multicast1}}) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) ioctl$DRM_IOCTL_INFO_BUFS(r3, 0xc0106418, &(0x7f0000000100)={0x7ff, 0x6, 0x6, 0x1f0e, 0x3, 0x202}) wait4(0x0, 0x0, 0x0, 0x0) 05:02:42 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socket(0x1, 0x1, 0x0) ioctl$IOC_PR_CLEAR(r0, 0x401070cd, &(0x7f0000000040)={0x7}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r4) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) pipe2$9p(&(0x7f0000000100), 0x80000) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$VIDIOC_G_OUTPUT(r6, 0x8004562e, &(0x7f00000000c0)) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:42 executing program 1 (fault-call:3 fault-nth:95): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 446.939362][ T1530] block nbd2: Receive control failed (result -22) [ 446.939778][ T9110] block nbd3: Receive control failed (result -22) [ 446.975862][T14865] block nbd2: shutting down sockets [ 446.989868][T14878] FAULT_INJECTION: forcing a failure. [ 446.989868][T14878] name failslab, interval 1, probability 0, space 0, times 0 [ 447.009041][T14878] CPU: 1 PID: 14878 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 447.018127][T14878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.028203][T14878] Call Trace: [ 447.031522][T14878] dump_stack+0x172/0x1f0 [ 447.035878][T14878] should_fail.cold+0xa/0x15 [ 447.040492][T14878] ? fault_create_debugfs_attr+0x180/0x180 [ 447.046321][T14878] ? ___might_sleep+0x163/0x2c0 [ 447.051189][T14878] __should_failslab+0x121/0x190 [ 447.057235][T14878] should_failslab+0x9/0x14 [ 447.061733][T14878] __kmalloc+0x2e0/0x770 [ 447.065989][T14878] ? ext4fs_dirhash+0x17e/0x2e0 [ 447.070859][T14878] ? ext4_htree_store_dirent+0x8a/0x650 [ 447.076435][T14878] ext4_htree_store_dirent+0x8a/0x650 [ 447.081831][T14878] htree_dirblock_to_tree+0x4e5/0x8f0 [ 447.087234][T14878] ? dx_probe+0x1120/0x1120 [ 447.091774][T14878] ? do_syscall_64+0xfa/0x760 [ 447.096481][T14878] ? __lock_acquire+0x16f2/0x4a00 [ 447.101525][T14878] ? __kasan_check_read+0x11/0x20 [ 447.106560][T14878] ? __lock_acquire+0x8a0/0x4a00 [ 447.111534][T14878] ext4_htree_fill_tree+0x26c/0xa80 [ 447.116738][T14878] ? __kasan_check_read+0x11/0x20 [ 447.121762][T14878] ? do_split+0x1f20/0x1f20 [ 447.126272][T14878] ? rcu_lockdep_current_cpu_online+0xe3/0x130 [ 447.132417][T14878] ? ext4_readdir+0x21e1/0x3520 [ 447.137302][T14878] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 447.143272][T14878] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 447.149082][T14878] ? kmem_cache_alloc_trace+0x397/0x790 [ 447.154632][T14878] ext4_readdir+0x1bd3/0x3520 [ 447.159299][T14878] ? mark_held_locks+0xf0/0xf0 [ 447.164066][T14878] ? __ext4_check_dir_entry+0x350/0x350 [ 447.169629][T14878] ? __kasan_check_write+0x14/0x20 [ 447.175001][T14878] ? down_read_killable+0x10c/0x490 [ 447.180187][T14878] ? rwsem_down_read_slowpath+0xfa0/0xfa0 [ 447.185900][T14878] ? security_file_permission+0x8f/0x380 [ 447.191543][T14878] iterate_dir+0x47f/0x5e0 [ 447.195983][T14878] ovl_check_d_type_supported+0x121/0x230 [ 447.201697][T14878] ? ovl_cleanup_whiteouts+0x2a0/0x2a0 [ 447.207152][T14878] ? ovl_dir_fsync+0x3c0/0x3c0 [ 447.211935][T14878] ? ovl_get_trap_inode+0x174/0x1f0 [ 447.217141][T14878] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 447.223377][T14878] ? ovl_setup_trap+0x6c/0xc0 [ 447.228048][T14878] ovl_fill_super+0x1181/0x4029 [ 447.232900][T14878] ? register_shrinker_prepared+0x116/0x190 [ 447.238894][T14878] ? ovl_show_options+0x550/0x550 [ 447.243963][T14878] ? __kasan_check_write+0x14/0x20 [ 447.249067][T14878] ? register_shrinker_prepared+0x116/0x190 [ 447.254949][T14878] ? sget+0x12b/0x560 [ 447.259362][T14878] ? get_anon_bdev+0xc0/0xc0 [ 447.264290][T14878] ? ovl_show_options+0x550/0x550 [ 447.269301][T14878] mount_nodev+0x66/0x110 [ 447.273620][T14878] ovl_mount+0x2d/0x40 [ 447.277796][T14878] ? ovl_own_xattr_set+0x10/0x10 [ 447.282998][T14878] legacy_get_tree+0x108/0x220 [ 447.287760][T14878] vfs_get_tree+0x8e/0x300 [ 447.292167][T14878] do_mount+0x142e/0x1cf0 [ 447.296496][T14878] ? copy_mount_string+0x40/0x40 [ 447.301443][T14878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 447.307699][T14878] ? copy_mount_options+0x2e8/0x3f0 [ 447.313070][T14878] ksys_mount+0xdb/0x150 [ 447.317430][T14878] __x64_sys_mount+0xbe/0x150 [ 447.322107][T14878] do_syscall_64+0xfa/0x760 [ 447.326620][T14878] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 447.332519][T14878] RIP: 0033:0x459a59 [ 447.336409][T14878] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 447.356720][T14878] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 447.365123][T14878] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 447.373090][T14878] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 447.381136][T14878] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 447.389113][T14878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 447.397089][T14878] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 05:02:42 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:42 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) setxattr$security_evm(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.evm\x00', &(0x7f0000000100)=@v1={0x2, "ec882a47d3572312a92899fb04c76d00"}, 0x11, 0x1) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000200)={0x1, 0x1000, "0b057b4f6811eec056a5b260c78a73bd8a7372ffc4d01043d8d632e32cb1c2cd27fa6d664234d2c01e31969be654bff00d95b5cceb03485b107f5ddf56180864ec72d3adad5cb913d8d1b38e699d2e2d449753f662fad3423f56cfb837ef47f50eda1cc9c3a7229446d7bb2fa88a088df02efd7187d9f83e2287f3e480ce2b01de999cf6a745181356a5e138202fa820d4004d34ef84679980467c9f60f0e04decc5eba88f07b57dc1c7068d7ba7199abe66ee034040346a1de68e940c7eb82912f7605a6286cd30c3677084141d13169b64a8a1c542516afbaa53ec6639e6b812bf95039380a083b53b413a5e00f4a9a6c46af4c2baf7cdd911b87d2966b19ae04ad714618c9b1a6936a12470b5218ed48eb9037f43c4a5790ce6e424c2d03b8341dd149f537693daeed985e6afa79e15f43c93d20d496dba42e4fc359c31c67fb8b54c7749e2521e433d510fa67187ab0bf51114bbc33f092af0c118c24a011a6c151a622810b6777b9826c7dc8d97b748a64e7cab7ee3c9ee7524719cac1f0f29f1939194a3e266a10c22b081bfef6dbaff498b7c6b6a3d390180dcebc969357e8c40449d8c59a3dab644982079201dc53550c84d101f82e214bd67e3cc403453e10d89cf27309cf4f34258bb079d5811829d49fab126988be07c650ae032fb2445730604411d500a976f5e0ce0822d09a3fd14e5b2515824f3df98dd92e282e7e300274814e57c6cf2301a76935a4c0cbd946ffe2e7da68148cbc232eaf7afc9db1514a6c3f8a0899088237a9e0c56ae89b16cc36620bc74eade4d542e4752f54e545f69ae591e6c99cb123ab50c833c7895f1f2a3e78166c397a3e26a7d8c265b5e23027c19e4bc8bb74b8c7fd4758d6cd9eb726ce88da95fc5d78aaab59224afe9834e6b9c1560895c78318dbab4c4f6dd97d9efb461c381623ab8e6ac614067ada6448f443cf0c76a1e0a190d008975ef3b18e0ccb07392ed34e01687fa398ef9f8eae257f73d11bd487070bc6e31c569e7810e4ab890d8741083bde537f50829e3620e08cc7ac401ac0e2bb432485935f76e9ec163ccaaf8603f5acd4719b23305ca6374185fb16f87b277514970eb23415bb232cc0b01ffaed3a0a551ad67201b3c2ff1e417065ce8d549855c586aa1576510bfa2f475f6c20932b1ccecb11d310c471b5bfdae48de41fed50cbde9100e5637876bd7eac231c3d496575a51d9218d0d0d1d228a334dc5713f0b462adaa1e7a8f525cba1b0791cc7031653a10c2d620647d7662e45747f29bfa9cfb781f7cdbc26def95cbef8aaf80d726a106e27792c0df89f159009ac4092b757527b696984996f2cb1df2d690c347a16a4d7184bce574748995acac277cdd0a1880ba476cdac456c618359f48f7fe660c556fd8b6474ebc4b289f5d0732a9f363f93a54fcd4b42cefaa0ed75786133bf889dd284c8429b1a114319da5f77927d6a7a8015e9e5572d1c185253f2aba52b7e74f3688c4f27c04d5abab670f8b6d34ab11acd63c77dc5936c67c80844aaa2cb71a6998360ca3a64d403a38c60ba6feac503e45e9f404fdd4725712480bcefbd1059233cb4f45d070439c41d21a314efc0d84f0ab48e66ed4d6637bd2009e75b3e8165e0497fb554c42a18281db19f040ed09382c2bbc1457c9aa3c67bb4f72316eba527da9378c46ef9aeb67b4aeaff0261ca61ad74bb36b972742accb913b5757ee5826856fae4fd6bad3e81c1e6f08f4a84345b00a60d71e474770af27f8a0b591012e20ccec9dab5e7ae4443dd3e5c2fec40c5386c27ed41dc7cd56b06e4e5d83594093c093819ab068379eaa8aec3b6b35078b62e0746232f615ab021766264626ce02269eb6588c20f61dd6a9565f602b345df00345dde779ba7edbefc2e1428d5304141c6407a937d3b8c03d7c2e0445ae72d7432c5135d70d4796ca2ef90665976fef1be64f99dc36ef0a713fe6c0c5509bff65cb6d7d96a6fce0b340bfc0741eecb95c3d622afbd19787488b3a49124833df4ac16ce5dc9f40962bc361a17afdec06a0924be9879d3389e08316d222d92b17d3bf532ce450ed69bc4218f6ed77fcfffef847fe3b33512e3ed575d26daa734f7ab5d1933b054d563f31df150cc0bc22fec81f00e3421d9aa0182d81537f1dc698dc185adf421ae544b65d65bfa38654efc3099816e342dbd824d4f5cce0335eee86582b73afd8f8f7fc70f840a98c05088d1099afd32fb392c1bd8320eb24d84ed445a1842f6c2a3c092f05a779f0991892a2e52a23ade2c52a27de17417fe3ce2b3b5f3f5b1fa14a1a947a987f6013fb84b9f73d40351e3e722057a4bb0a41b0910b7eb49689a6f1c0767f95b7dc90c51176c48d1204219bd4fd85fcfbfb35f012b9e2af367bb43e62e4c28f2eebda2c9b0ba5abd8364f428bf1a78b7ef2d9eb12f95e31935c3f6af6254aad722f0b98174ba50efe922c65b9c71992266e5bd4c55bc3c03bc1d6e226ebc3d6f5a5d88bcd576425061f3d971c3b1741387cd08ab8625b789e918fcc0ec27fff0ca69a0d886703c293e0cae56ac3037096ef49b086fa4c44e2847e3330032d1c525fe19eb5413c039fbe47f1fca4b44e00b3fcec16d4680a5f0b18644862ceb141b81165fa22b095c86d30000f07f3120af0b317fcb06aa270d41c2122ad711eab02137558dba386ce059a8d8575c97213d250985db7b00cd8524c8464b85725b6e1a908092d3c74c26d32fd413091b3e3b7dfd6a2f8f08f0bfdf3f47d277ae8f11017a9f7cbf1c657f6a9206c673a70f1f63f067dd0d2a2f37f006e3b82673efb5e0ec03abcc59510addd6f41c6eaab396194d6f594d24bfbef557d157a4b288eefba9936e0479557c31a521c700e0c0ad4f099e8b323f375ac4b0108cda6052d4f2d72c6a1f9e8bc288212e2e0f5592a148a4960a55b64affd9d1cfe61b08b7d86de320875258f9610b353a90270d79f91ca9770587c3140e5fd79d111a174fa33a2b50b27b7aa17f9ab3081d9c64ddf1840ed8e550202a0bda1f65d64c7a6985fe0862194d75de55cbc40f6187a615209f0a9cd845f435fb6fd96fe8db672fe28daddb8e767932c9be51e41f7d9324a8f307d4daab15bd0ec994c1c56d80ba48cd062898813143ceec32e2c5b3ecc58d4ee32d546fb4cd5f940b3c4d6ffa9e115e1b3c0650e22e801bd729e832712494d1eafcba9615c1eb79fade5c16c9277ca36a64dca11f4502d8b3a6a9b674723b4efcd43299f7e011bf17d46ef0f2cf7e4f18b959e6f0c39b4eec702a05914f8072a306c24d38d44eb9378383d8e677825bc919515b45a06dc6346d40803d6e9d96ba38dcc3561417cf2ea4f6ce9667d681d87fee47d82508e7d09b4e852e9f1cabe6b2756a0564ba7b5ba0301c8c2f46915c954921795e37b931cb960e55e95d21067706dd9b9d2638ffc541334ccb133a8b5eaf987ef01a7b8ea3bb2cbc726fb14e1b210f1b69e45003d7110b92aea5bf53aa00e4089b910fc98441f68e30c57a4cd12e43a93f8490fe5cb9d69e9de7c4a471e88ddb9427086d6299e59137c31ae4f7b7071e6853496123ae5b8ee03e24527dd082e33c951b4d0de7775504a47a0d9af3e491df25421f851e57468573b5ed79934eff764ba4c5dd4816ff11336eb6f5c7841528b3a132a5969df547306c754ed31b9e42b225ad54f12d8c7d91cfca2267751b0395c4988c12f3082c6a4629283d5519d245bdf1f6a4d68f43b6e02063b22d7e32e9b8f75d76aed70292f4d850d214f5c7ecdbaa89af86ae2e77eb2867eaff6c7938088918e79ec52e5740418dc95ed7fca95b728fec4eac46e7bdb290e673ad8c50f2189fbed37c60ad9a0101969cb19a039759207375e88333b49838fa210e1376b075a0d1bc60132ecedc651ea421fe0b48a060e460ecbe3cf1617cb7ddc3d7030178553e011474c471f5726d313ae727a42e81a0427f36d446f92d28e53ff20629dd137b68319dd1aba2a61b25275fcb5725e5390a1dd4d356e342e8481c5f0b57e0134d42b410704faabc46aab296438bca1bd808c289191b6930e5e9dd8abcac030a6abb550820fb33a7c486bb1edc486b41438665447a671b5bc234352b925c9260e696a60d93ce9a7949a3f11981d628226208fe577536fa9a9d0be84480235f2d6296fe318940047ac32fa0d93f6d76c998240d63c411791e512073eeccd8ff685d83b583c8c03ca0d8be98b574208d6724ec73990c944d766c9b006b165f37893dffa42f158f49e15a737f46cda87c0baf27a5be353545e342ba4248360a0de293302b00f9c750111535cedd5292a43481fb748425138c1682899a1e372a7b3f8c33f124f627f0fa113081d101d0ae1e0a0999f7171d7dd1e9c564acf0cab4dfbbd7a7049977c8cccfc3dc436778ba7af8df7a782b544662c4641206dfa5ae797666e900ae6b9839b3c92572a50abaea81bfbffa832e95278c5566e061fcce8999890bd8fa68e0afaac1ab81cf583ada76e5a8d97b49c461fd5ecba5bbb37cbfc0574f2fc4eb84ceb53c4e9b692e77505aee138f0054636befde33359ed7f988bda05177a9ee39b6736af2b9abbecea43fedc66c63e924efce56f1816e6c7d0416fcef058de4e51f8b6163ec47c0e8e710ec2e1b1a3ef734e1c6edb84e56c063a97456fcff76c20f4119b7eca3a89afa31407713bdab583685c2c21ecf6b316308fe5c221e261522b333249eb6904befb575b624d88e5feb1b2044f88176707fda6a1dc7c5f4839b750bc36ff5912b983fa896e4f6faf47fa9929be044e0cdf97b0d533fe920c7b493fe4c39aa0e274fbbf59dbd46a898c01ff2bc2c9b831d3553b35d91a525d5b14cb4b5323786e10794b75edf2fdeaac8f7c720b6d8b06b871c2af6182826060a0bb0f50f3085ce54c782e1694a2d1c6ab792c70a476c39e20bb0f7338a34fc27f2aafd0f7e09193c0e22e4cbdec54afceba99584163d1eb43be5fa5a3bfd626e92bf707358978ee00c1454643b887e832a73a5e410a6ed4b7d0e1db75c1fb8ba6381a02c25c5205888b6d81a0d7894142fb50784c4a310f87de7c33fd4fa4b30f41d78363e5dd3564f7b9768b66c9d81beb39f3bfdee1a89ee59a4ccb4226fb95f9b6611a0fe821fa7802952fc0bd7c556b853fa7a0373bec96ba88fac460c09b47770ee72e9154ff4f09179527537493d2e1d8364264db382ac1a93e437a2a9f1a1c4bdfc49a1283fecab75af23f6be76b161a6fdec659dde3cbcf757f7aa7a8cd30b882f922a636796a2216d6f88ca6e1eb6d4b4dfff44bbb0828fd4e266cf33dd046d140257bba1cbaa7a62205b887d598b5e0b4d93b3c61afbde33bf74f4bd972a65dc5017959ae3bf76a3ff5f60cd5d642b26d4564f375c43184fc05634c0780f0f1288f7483a919d1d0bc08ba89897b73e041e4dddf8d92e8209472f087f226fb342924750e544532728f8e91986e69fe6a3bc61e9533e81244c9c8c29e321a0e7fbe6d62b751c75bf0aab5650804c53b56860622c94fd7c28c9bf1b19de0da4f7a214fda4ff407e653a047c91cb76954059a44d1d4d5012b0a06898ea7d62ccd414b015022939d1f3214422beca359946346dc97c935cb4706932be6cca392156382884a5457420b2f24b76530d27b35069fc8ba671bbd58c4235231bc8ba5861e2db2eba3a596dc9386da386c2f009a0f03238aa6eff5d50a037d1a73c338bc2e5ec54276a24fa2bbcde886bbcde4e031548d834bf91fce79caa0a6b11c26c94b1f5291ed118c58e466c2b0ec68783567b"}) 05:02:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) sched_getattr(r1, &(0x7f0000000080)={0x30}, 0x30, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:42 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:42 executing program 1 (fault-call:3 fault-nth:96): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:42 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 447.514235][ T1530] block nbd2: Receive control failed (result -22) [ 447.538044][T14885] block nbd2: shutting down sockets 05:02:42 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x4, 0x80000) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000040)=""/6) r2 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(0xffffffffffffffff, 0xab00, 0xffffffffffffffff) ioctl$NBD_SET_SOCK(r0, 0xab00, r2) r3 = syz_open_dev$ndb(0x0, 0x0, 0x0) r4 = eventfd(0x8000) ioctl$FS_IOC_GETFSLABEL(r4, 0x81009431, &(0x7f00000000c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r7) inotify_init1(0x80400) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) socket$bt_rfcomm(0x1f, 0x3db2fbe8f65de52d, 0x3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r13 = dup(r12) ioctl$PERF_EVENT_IOC_ENABLE(r13, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r15 = dup(r14) ioctl$PERF_EVENT_IOC_ENABLE(r15, 0x8912, 0x400200) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r17 = dup(r16) ioctl$PERF_EVENT_IOC_ENABLE(r17, 0x8912, 0x400200) r18 = syz_open_dev$vcsa(&(0x7f0000001780)='/dev/vcsa#\x00', 0x3, 0x108100) r19 = ioctl$KVM_CREATE_VM(r14, 0xae01, 0x0) io_submit(0x0, 0x2, &(0x7f0000001800)=[&(0x7f0000001680)={0x0, 0x0, 0x0, 0x12, 0x401, r18, &(0x7f0000001840)="234ba4e49df0d029f544316c8cb023ded8aad51b", 0x14, 0x7, 0x0, 0x2, r17}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x3, 0x2, r19, &(0x7f00000016c0)="45f6f0f991f42a5fe559437b057b40335b6e7664d2fba1d61afc9d51cd11730ce30c4501fea3caa236597b50d4b20844d1fb3cc77b43a2dbe0cb7e3b11964bc59a016f7d1a76b9a64772e218e4a96fbbfdc2b46c441837f35827865eef162cd6ce275045abf340663f4a44c5e0cc341c1c9eb5b920833f84a5161708e622e7468fdd559c15b77a3810", 0x89, 0x6, 0x0, 0x3, r18}]) ioctl$NBD_DO_IT(r3, 0xab03) [ 447.709423][ T9110] block nbd3: Receive control failed (result -32) [ 447.718431][T14872] block nbd3: shutting down sockets 05:02:43 executing program 3: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) r4 = socket(0x10, 0x2, 0x7) ioctl$NBD_SET_SOCK(r2, 0xab00, r4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_SET_FLAGS(r2, 0xab0a, 0x1ffffffff) ioctl$NBD_DO_IT(r2, 0xab03) [ 447.797486][T14905] FAULT_INJECTION: forcing a failure. [ 447.797486][T14905] name failslab, interval 1, probability 0, space 0, times 0 [ 447.824854][T14904] block nbd2: shutting down sockets 05:02:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000080)=ANY=[@ANYBLOB="e5b4e83da39ca4a6edf8e63584d5a6d5bffdce43dcad50f4988b7d4826bd61e445a540254206bcbe6decedd12382799b394853c2032a477124d752e987d0367935b785ad508c999f67679d3d82ad6f4bc0cbfd686feefa2573f88633a918aa7f018bcd5eb6f1f25eddffb5d257423a9095c44d61c18096c341e75948f2d66bdefc497fe96c850143900c10061dc62fdcf4156560cacba422504374fa1993c44ca386b0952341527aa7fb8608c64cce9020413b7dd236fa9b163e9049e5918c04dbf62f6fc7df5e0ea6aeeb7c530fdca8dca31dbe1e785a5cf69322d91d2ca4be9e89f1a390cc60a5e06db9ecf51d1a1445fce52c85587c5fadc7e4d96b0113fc92afb072694bd50a6f53b7d62a01138cb4cb2e8352d66477f9527e9d43f268be82415ba55d5b2357ae430f64d577766829a8ce24f9925e49cb128f5f4ef7ed2fc739599579cc5096ef9373a5ffd6088634e176b913dade4b66d9648988a3e6e004742dbc49d2a0647d87da10adff28d7eaef25518d07d6c294112ed5e772e4d32d799d892658323926437d2a349b9d0767dca9571f2af2b784a613a28a5780f36856cf5b3f3ef64b7f12de9fcb7900f12e96f9a4c42ec2977b6f36ec0902f6e5693f770ca23d1e29e2467a3a49675c0aa69a9515626678edd3ba76035b45f30f0657131fe2c516a4f18f5bc7102641ee2bd8d2b8a73a173bcbb7d6a62b76514239450db7526eb2d30b70de9461213236fda0f9dee810f5355018b8f78eea43a38cc37b8ada8df2eb267891b8f1f38e29e80e8610476eaafb9da1abbf59bff5b8ca51046f32b83cb5c567f3f8ba60f8648a0fe2f3562ef706bc92fc0cde3bf9ee3a1c1f1a55b881cb434c0fe95e2f78a6ded2b70a6999c638f0fbd001ce0ee46d7d2a1567574ac543af81e35157600d1d1c813ba0b36dc95610792d04fa6b15d2bfec89f9e3b9ca5a1f22e39650faa341bf66bf3e4939636a44064587b776f8027dfbf4af95b78c9f9730428d2e44928baab6a0398c390060113c8e6c11b54659532583019b64aa09fae3c094ca8a22e7256bb8deea87e867e7658a755ad473e474dc6ef5fafab4bf3651bf9df3fa07718474c2e0ee4d09c9129bbac325ed260e2c2c0fc1be471e9be43c950b076b931f46a981990234e9e87e4851aee596b12cb2d9b116dda7148b68568ea0dc73d43bb4b07e8ac7ae17ea7daa415ff9ce5d8a143b824b3f2b3967597468260df2c7aeb968a072f0ba307b1ec1ea53dbc7edfbe7397715668df0757cff5fa57844770d164c4f0ef9b59390553ee032494590d5577616b56d0304b8e9831e2cdb03f14ab435a69dd4c204303383ab6c3937daa7b5ec220811ea9de0f11f17f387df4de2f2a24d82b66b7a20b1c6062aff1218c0054840c691be7227a38e66c208aebcad35fd7da32c8d1b2faf0d864bec4a7e8b3ef4c7f71ce1d3687ac60455ee5bc6a27b6d803223bd92302f6c3dc9a0e9e071b0fc80651d0c76ec0f8cd6042b82f7cca8c14272273635f1555b40f051fa7a99775ac9645f19d9da78da0f61d52785dd0484925951f4e3df423efdb9172db60d80c267d0f87a82235b5b3ea2802c045a2b0e196a5c34618a7f116cf7115195547134f37affe3a556f3af7adb4669f0d6096d49bf8411888d1627beb8656efd425f1abb81c7366b59f848379b9242a91be53a696ce46409c14be690fd68d4f12c67d34ffb55568e477d436d0a9bb2ddb9796cf78ba2d7238edcc220e5016b4dcb0d0709a4cc7bae29a295185d8b0d30344140e9f4345b1582a0d193612d1d817c9abff6615cf6e73a5293a4d6458f8b3df1fd331031804b176fc04ebccbe75d439e701d15eab05d2a6071fa6c0e32758a2751350d9f1e6d87289df8e7b971db4bf22cc3ddd6d2402fd516f00a7b74e2a0052f38b4eb4780c14003506a36490cf9b9737a8d5306b31a3102dcf1b41e9e3a8243a3551e014394be151e6390a73a31873acfd7b27ad046c6141d7462a471dcfef3cef5afe8cc249f455d5f72f896a3b0bb832667989cf0e4a4c89a2c39a9b2f2dda4832fde20e80339a73069f0ccbe566785a8981dcc6335b30d9eef3083aa95074640b585d1ac09679648d189adc4f2f1825d18924d9f8d3b67992a787863185c15035a600c046883c761a21be387ab58f556f73814ff06bffe6e641f6735b1405dcb2361271bbefe00dd0d2037402a130644facf613d3686b3d59b19c94fe6ebf2d38165d10ff0669cfa7f26f27bd26718c7cc114510168f600195761f11496fcff06bf102f03d5b61dc54faff2194cc275595beb0fb8845583ec5fdeb876739a69e4be636e2866fcc7cdb948f4f3603a8c16294ee522095194ae68874e2f3c9acf70ee76c25a106056f6fdd3ee837c7572d0f88c345ffafa73386f7d59b274214d41b4a78df2ee25edfc7e3462a745aae9dfeb2017b4441db285d6e4af7cc6fd2e2dcfaa74c75a2aa1fef8584f4de888145245bdcc55b8443dcb2c25fb7313cb0076fa02063c74cf4cc0727bbd87ed4dedc39c6b9044c9f1e5aa34c36c9c214c5d9bb01f95fe596bc6643554bce09013bb221b1a9a45e2b089b90ead9b1ad229fa81c1e5d3dff576bb440e9e5d756ef90be4f2f8f73a408c42708b05a34bbbb5b4c22e194e5e2a9f18e1e17f2b9d13fd12ce7522c5483e131a76ce038f01fc8dc58d5e1d61fbbd6012425224189f7844f904ea810975481dbdaae501fb7a06c1048dfcf1c16f0197cd3bcc2d3660fb7a683ca4f16413c911081e3527d4318707c4274904904484f19dd7c92f18f0ea2d067dace64a9e20bd313fe661dc96d18afcd9f4146c09163a56cd097a0d1329b47845dac406d6093160dc3606283e7ac7e302df1807b0ab9e3b6d548650f72b56317a00b91050890e62105b1d9adb623570ebb5aaebd3ef4d0884a700a8c3048bd5ef787652f12f334ac96c600e0d64f42f138f35db20cf574da253eaecca23080b83b69bdea7867f0952db94cfd346cf3ea1f5c33f7f66b6a6743eb38068cb111538537e09aa5e01755ad864ca4fa2e0bf58d0e6eea5283bf3ec8a3206204250cd728361e0ca56eac9d3eef712775e958d0f51fb700fdf07b5b00a1ccf21fb834dc5925e032a6511a1249dbd31cd6dea71174cc3f549d9e6e657be373120f3fc51101258bd149a18ededa681a59c9b4411b4d11b0eb18ae87aea88eb554cc16d912618d946755abad8bf4447a939bdf93566bc9d2e274660286ea0249994b3fda8db9f1377f2ab1ec6aadaae38d5286897e6218ebc0e8676fae044cdb4e0765c056c0bdd5f3fe1a1d2df79568d7fc032a9a589ed3dbd1bd1224311bbbde685795674d14b8b93650d1269c85f5df095337ef585ccc85366d33f8bde992cbd112492cb0d860809715c60eb47ab4fa1b528bcc557f96c63161465babf85556a635e02da636b3cd155b1f5028a254ce85a3ce29f585731e641123ec8723c7c81705a8a80084935c09c218830b5bd687ad7b0557beed0bc2db97df39293c95a45ca70a8f64a120c336ce45da46b3d492daec989af3d74447a84bc5b3001bf211dd18458fc45ea8056cf48936ffc74556c1dc5eb9e17ea38581d27e694dc8ab894b41625da5820b0f7485e7e6d867456109c7814f1e03f580cf438f69fd9e3af22f23ee644dc7c2cdcbbb7a6d1422154967b7325f97077d6756a486edc597669b7344878747990b346ee8cad684949ea38be688c358ce90c3721a06a66f029568946d6bd7faea61d5161d8e39aa979649ee292104875f969e75679d107ebf07e542d8b08254baaea9b9660edd21abd92ba5e827192004e9c0c28935458ed76ef7fe055b0992b370eb8554a751a6d320fb340aefc704347c89c8732a5c6f43616338bfce8a8e9e88b0a2f3ed8cbf76e18fd2689c989dd38b7347f50d0e7e6616d9b7e7c4c0d012e4eab554e803a3724367fb36e93baf7c5fa6f6e84f89d8cbb9640ff5b9b7dec2b14ad69be4c84521e48167f253d729e5d6a8ade3eb63ca4b7955a1ced98374a9d53e215d226ad217f703a6703f3c75feb2da7c526a22fbc977e15f40c994ec2c6ed31203307a323f2b027a069bf2501a7c809b716eb4d8cd2deae2657441b4904eba755f85b351538fe8ee1eebcef0e6aa4a3c85cb928685e69eaeaf7fe1c15d5294b8929595a5e79604e86c73092027958066cc8a40f8dd8a42833a50752dd9be201093b0d1ca83b6784b36f4b4655e39a759b94d643a389ef20e7d37a0a065b4139e8e81ded6243e7cb5c38c240a2465ba12e94f988514cc87c5b39543cf51a0a0ce664535b0d2359b7c8510ba45433048fbd9416f276a3b5a6ca3dfe9bf42d868680f6c5be5ae5367e0144c77a5e9848de2b5d50d05dac641297282b8784aa80c77f3bd31169fdd54423968cc5bb8f07d8ae7112385c429d51ceb00049b1e031fcf058969ea412038bebefaab1390b1efa5906d7e42ddc87643dc6340745c29f0058257461c1e2e37b164b49244a9101dfe04c982528c45bf0bdd833995b2b37505b6f3e0b59bcf4d55e10e17e83fc4a9393f805a2c0c82094870f3baa32c5c046931a20ed4978016290bfda943be9c303a173a1fd360eb4be5b70eef9ec7344fc4e7f2f7fcd1818d1b2f82beff3604297b3c9e009dde0980556645e0dfb8ce1f2120c671435f407270ecccb548b811622a03acd40d1fca34a0d88fa26db52fb69da32be74347656f645c6be31d3ccca0db936bdb9e47118b26ae9fdb162e9a2780cf429483e66999aac60b1f8c03bdef0284013c982d78953b06fa39de3fa3a6d273ebb495c92b240c0526b080fac4f9081e8f6135a3a62f2e7776d86dc4db888b8959b2a0275e306997b38d254b05d7d4f0e622929673d0058be7293c1ae8317a206e9b9a4a8fec304b1af937488d30c870d8efa92c7d2f8d1f76fb435713d6ac6ab9b299580efc0fe36244d41facf775d7e67adc0181637c9d4db23992791290c0cb8c736348da6ad185fed5481170d5907a787de26f303c9a10441b52cbbdbc11d144e734e2f2edc86f6608753934ebab60bf4ecea1c3acc062fa8e07d922f6dad57757c397156a958cf501a75d886fea086520e23a74ed9cfc0b49d1506b2e5c7142ffddc4c64fb3d3a9007be9ac11d067c8a9506e2e4d3f0ada712ca48c5648bab10ecdc8f41b4bc03f7d0f889f8013e3121fd12398c7ebeee6f358622d087479740f880b86447bef1cc2f151bd3d60975e8c666987a3eb502bd7ce577cca9122fdc170eab6096e5742e12d9773198b44f460c420acd8304fb5173a675c3551dac230ca653ced87ca898cf546b86719e8fc9062ce52d97324d7a1fe10b27acd1e02990b3933c73130925c49af771659431d18b92254b8ee0a1bb089be1726c97030144c2fc5124bb2f983dffb05fc3d6bfe50693d2a62e18213926479a2658eba3456cfe4caceaa69a6b82b38143931faa9d7430f7dcd78852abc35f7217062e10437a27055a36f5afc424dfbcba8cd5c0f20095d192c9593b262ce9b0accd841ab27eac2de1b19f55293828fcf90021cc7d1d90169ccabee2ef5acc62642abfa265a854188f433cf0b23bff93dc0744f18bc21143235e356064b5c19d28c80f41b45f5ff134eaf0bdd2f95bd5a01ccceba2a390525bd03a8368285d369e60440d9bd8be82cb1ffe1cfafdc34707ac4b30f66d6f993b46360384d687dd142c0cc8823ef9338ea8c014a23a6d5e4a360efb0980cdb3fbeae5a6cac457b2a9885f5de67a8a5529fd2e742633eb98688ffb81a5c927bbd", @ANYBLOB="6d047c0075f8b8660afc21be29000000060000000000000000002f9fd2399e0400c33f00002b0000000089dae76920000000000000002f36def66ee2acff16d21c5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 447.843621][T14905] CPU: 1 PID: 14905 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 447.852697][T14905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 447.862768][T14905] Call Trace: [ 447.866088][T14905] dump_stack+0x172/0x1f0 [ 447.870464][T14905] should_fail.cold+0xa/0x15 [ 447.875090][T14905] ? fault_create_debugfs_attr+0x180/0x180 [ 447.880923][T14905] ? ___might_sleep+0x163/0x2c0 [ 447.885909][T14905] __should_failslab+0x121/0x190 [ 447.891143][T14905] should_failslab+0x9/0x14 [ 447.895649][T14905] kmem_cache_alloc+0x2aa/0x710 [ 447.895667][T14905] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 447.895680][T14905] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 447.895698][T14905] ? __kasan_kmalloc.constprop.0+0xcf/0xe0 [ 447.895718][T14905] getname_kernel+0x53/0x370 [ 447.895733][T14905] kern_path+0x20/0x40 [ 447.895748][T14905] ovl_mount_dir_noesc+0x6c/0x180 [ 447.895762][T14905] ovl_fill_super+0x1b04/0x4029 [ 447.895779][T14905] ? register_shrinker_prepared+0x116/0x190 [ 447.895807][T14905] ? ovl_show_options+0x550/0x550 [ 447.895821][T14905] ? __kasan_check_write+0x14/0x20 [ 447.895839][T14905] ? register_shrinker_prepared+0x116/0x190 [ 447.895859][T14905] ? sget+0x12b/0x560 [ 447.963035][T14905] ? get_anon_bdev+0xc0/0xc0 [ 447.967661][T14905] ? ovl_show_options+0x550/0x550 [ 447.972717][T14905] mount_nodev+0x66/0x110 [ 447.977167][T14905] ovl_mount+0x2d/0x40 [ 447.981389][T14905] ? ovl_own_xattr_set+0x10/0x10 [ 447.986362][T14905] legacy_get_tree+0x108/0x220 [ 447.991168][T14905] vfs_get_tree+0x8e/0x300 [ 447.995624][T14905] do_mount+0x142e/0x1cf0 [ 447.999988][T14905] ? copy_mount_string+0x40/0x40 [ 448.004960][T14905] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 448.011225][T14905] ? _copy_from_user+0x12c/0x1a0 [ 448.016208][T14905] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 448.022735][T14905] ? copy_mount_options+0x2e8/0x3f0 [ 448.028199][T14905] ksys_mount+0xdb/0x150 [ 448.032459][T14905] __x64_sys_mount+0xbe/0x150 [ 448.037475][T14905] do_syscall_64+0xfa/0x760 [ 448.037497][T14905] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 448.037509][T14905] RIP: 0033:0x459a59 [ 448.037524][T14905] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 448.037531][T14905] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 448.037543][T14905] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 448.037551][T14905] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a 05:02:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$TIPC_NODE_RECVQ_DEPTH(r3, 0x10f, 0x83, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 05:02:43 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r0, 0xab00, r1) r2 = syz_open_dev$ndb(0x0, 0x0, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x40) ioctl$PIO_SCRNMAP(r3, 0x4b41, &(0x7f00000000c0)="6cc3f1db8ebd869961587b843cc44e9b645877e1b047b7900d6143047024025b6c091d82a309ba912eee416dc63522fe18495d5314af92f8442b446354318ebc648ba9314e2480f3467afe7df812e4d3e5dd88b430cc86961b4e328c3aa9d4c2f4d5d6d9042ea33884d1c5fa99e7e8c5804c1d5c851265cc2059230542e97c292ba0c009610e6e30924acd58559d52c8d54ca79201b11f563184a8d31240a5194c89b48f84b99254a4487f15ba0eded4c659d68778915a1f") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$NBD_DO_IT(r2, 0xab03) 05:02:43 executing program 1 (fault-call:3 fault-nth:97): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 448.037559][T14905] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 448.037565][T14905] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 448.037572][T14905] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 448.038371][ T9110] block nbd3: Receive control failed (result -22) [ 448.054554][T14905] overlayfs: failed to resolve './file0': -12 [ 448.072589][ T9110] block nbd3: Receive control failed (result -22) [ 448.274983][ T9110] block nbd2: Receive control failed (result -22) [ 448.280710][T14924] FAULT_INJECTION: forcing a failure. [ 448.280710][T14924] name failslab, interval 1, probability 0, space 0, times 0 [ 448.300683][T14924] CPU: 0 PID: 14924 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 448.309751][T14924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 448.319805][T14924] Call Trace: [ 448.323081][T14924] dump_stack+0x172/0x1f0 [ 448.327918][T14924] should_fail.cold+0xa/0x15 [ 448.332491][T14924] ? fault_create_debugfs_attr+0x180/0x180 [ 448.338287][T14924] __should_failslab+0x121/0x190 [ 448.343221][T14924] should_failslab+0x9/0x14 [ 448.347710][T14924] kmem_cache_alloc+0x2aa/0x710 [ 448.352556][T14924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 448.358784][T14924] ? privileged_wrt_inode_uidgid+0x68/0xd0 [ 448.364574][T14924] __d_alloc+0x2e/0x8c0 [ 448.368713][T14924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 448.374944][T14924] d_alloc+0x4d/0x280 [ 448.378909][T14924] ? inode_permission+0xb4/0x520 [ 448.383852][T14924] vfs_tmpfile+0xd0/0x2b0 [ 448.389301][T14924] ? ovl_setup_trap+0x6c/0xc0 [ 448.393960][T14924] ovl_fill_super+0x11de/0x4029 [ 448.398797][T14924] ? register_shrinker_prepared+0x116/0x190 [ 448.404681][T14924] ? ovl_show_options+0x550/0x550 [ 448.409686][T14924] ? __kasan_check_write+0x14/0x20 [ 448.414785][T14924] ? register_shrinker_prepared+0x116/0x190 [ 448.420659][T14924] ? sget+0x12b/0x560 [ 448.424620][T14924] ? get_anon_bdev+0xc0/0xc0 [ 448.429193][T14924] ? ovl_show_options+0x550/0x550 [ 448.434207][T14924] mount_nodev+0x66/0x110 [ 448.438521][T14924] ovl_mount+0x2d/0x40 [ 448.442574][T14924] ? ovl_own_xattr_set+0x10/0x10 [ 448.447496][T14924] legacy_get_tree+0x108/0x220 [ 448.452244][T14924] vfs_get_tree+0x8e/0x300 [ 448.456645][T14924] do_mount+0x142e/0x1cf0 [ 448.461481][T14924] ? copy_mount_string+0x40/0x40 [ 448.466409][T14924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 448.472627][T14924] ? copy_mount_options+0x2e8/0x3f0 [ 448.477809][T14924] ksys_mount+0xdb/0x150 [ 448.482043][T14924] __x64_sys_mount+0xbe/0x150 [ 448.486705][T14924] do_syscall_64+0xfa/0x760 [ 448.491196][T14924] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 448.497068][T14924] RIP: 0033:0x459a59 [ 448.500944][T14924] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 448.520975][T14924] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 448.529379][T14924] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 448.537333][T14924] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 448.545284][T14924] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 448.553239][T14924] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 448.561206][T14924] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 448.585126][T14919] block nbd2: shutting down sockets [ 448.595354][T14924] overlayfs: upper fs does not support tmpfile. [ 448.812209][T14911] block nbd3: shutting down sockets 05:02:45 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffe04}, {0x0}, {0x0, 0x35}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa5}], 0x1000000000000249, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f00000000c0)={0x4000000, 0x200, 0x1b}) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) 05:02:45 executing program 1 (fault-call:3 fault-nth:98): mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mkdir(&(0x7f00000009c0)='./file1\x00', 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 05:02:45 executing program 2: r0 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r1 = socket(0x1, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f00000000c0)={r5, @in6={{0xa, 0x4e23, 0x3f, @empty}}, 0x6, 0x401}, &(0x7f0000000180)=0x90) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={r5, @in6={{0xa, 0x4e23, 0x0, @ipv4={[], [], @multicast1}}}, 0x0, 0x8}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000440)={r5, @in={{0x2, 0x0, @local}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r5, &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000040)={r5, 0x5, 0x8e9, 0x2}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={r6, @in={{0x2, 0x4e23, @local}}, 0x21d0, 0x1, 0x7, 0x70, 0x2}, &(0x7f0000000200)=0x98) ioctl$NBD_SET_SOCK(r0, 0xab00, r3) r7 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r11 = dup(r10) ioctl$PERF_EVENT_IOC_ENABLE(r11, 0x8912, 0x400200) setsockopt$inet6_mtu(r11, 0x29, 0x17, &(0x7f0000000000)=0x4, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(r9, 0x8912, 0x400200) ioctl$NBD_DO_IT(r7, 0xab03) [ 450.629884][T14940] FAULT_INJECTION: forcing a failure. [ 450.629884][T14940] name failslab, interval 1, probability 0, space 0, times 0 [ 450.633321][T14937] block nbd2: shutting down sockets [ 450.675843][T14940] CPU: 0 PID: 14940 Comm: syz-executor.1 Not tainted 5.4.0-rc3-next-20191015 #0 [ 450.685137][T14940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 450.695234][T14940] Call Trace: [ 450.695266][T14940] dump_stack+0x172/0x1f0 [ 450.695289][T14940] should_fail.cold+0xa/0x15 [ 450.695312][T14940] ? fault_create_debugfs_attr+0x180/0x180 [ 450.707529][T14940] ? ___might_sleep+0x163/0x2c0 [ 450.707551][T14940] __should_failslab+0x121/0x190 [ 450.707571][T14940] should_failslab+0x9/0x14 [ 450.727667][T14940] kmem_cache_alloc+0x2aa/0x710 [ 450.732543][T14940] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 450.738806][T14940] ? privileged_wrt_inode_uidgid+0x68/0xd0 [ 450.744666][T14940] __d_alloc+0x2e/0x8c0 [ 450.748846][T14940] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 450.755113][T14940] d_alloc+0x4d/0x280 [ 450.759115][T14940] ? inode_permission+0xb4/0x520 [ 450.764084][T14940] vfs_tmpfile+0xd0/0x2b0 [ 450.768430][T14940] ? ovl_setup_trap+0x6c/0xc0 05:02:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {&(0x7f0000000200)="a4ab12f728db4b2bad0b3a47dce7d4f2c87fe118f1783de356bf6ab4d612ffff163f70cc88c691881eb4ec622b7646efbc299395e60de0b52a84f81dddecb7ad3afd6de195460f163f447d4a8f516bd4c63cc628bf859d13632532dd71fea8cc5615b50dbf61e4e568443ff05ce3a70d0495cbc33186ae930ef00c2fe7ffbf250a9ab1af4585ba70d2f7a697de30ae3b5fcf045e7185bbd0f579b06c90934b2504a3", 0xa2}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x18) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 05:02:46 executing program 2: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r0) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000440)={'team0\x00', 0x0}) setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000480)={r1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) r2 = syz_open_dev$ndb(&(0x7f0000000080)='/dev/nbd#\x00', 0x0, 0x0) r3 = socket(0x1, 0x1, 0x0) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) r4 = syz_open_dev$ndb(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$NBD_DO_IT(r4, 0xab03) [ 450.773125][T14940] ovl_fill_super+0x11de/0x4029 [ 450.777994][T14940] ? register_shrinker_prepared+0x116/0x190 [ 450.783949][T14940] ? ovl_show_options+0x550/0x550 [ 450.789021][T14940] ? __kasan_check_write+0x14/0x20 [ 450.794163][T14940] ? register_shrinker_prepared+0x116/0x190 [ 450.800090][T14940] ? sget+0x12b/0x560 [ 450.804080][T14940] ? get_anon_bdev+0xc0/0xc0 [ 450.808684][T14940] ? ovl_show_options+0x550/0x550 [ 450.814013][T14940] mount_nodev+0x66/0x110 [ 450.818355][T14940] ovl_mount+0x2d/0x40 [ 450.822416][T14940] ? ovl_own_xattr_set+0x10/0x10 [ 450.827348][T14940] legacy_get_tree+0x108/0x220 [ 450.832112][T14940] vfs_get_tree+0x8e/0x300 [ 450.836524][T14940] do_mount+0x142e/0x1cf0 [ 450.841000][T14940] ? copy_mount_string+0x40/0x40 [ 450.845953][T14940] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 450.852711][T14940] ? copy_mount_options+0x2e8/0x3f0 [ 450.857906][T14940] ksys_mount+0xdb/0x150 [ 450.862151][T14940] __x64_sys_mount+0xbe/0x150 [ 450.866835][T14940] do_syscall_64+0xfa/0x760 [ 450.871357][T14940] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 450.877250][T14940] RIP: 0033:0x459a59 [ 450.881132][T14940] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 450.900836][T14940] RSP: 002b:00007ff6737d7c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 450.909365][T14940] RAX: ffffffffffffffda RBX: 00007ff6737d7c90 RCX: 0000000000459a59 [ 450.917341][T14940] RDX: 00000000200000c0 RSI: 0000000020000000 RDI: 000000000040000a [ 450.925315][T14940] RBP: 000000000075bf20 R08: 0000000020000100 R09: 0000000000000000 [ 450.933273][T14940] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff6737d86d4 [ 450.941333][T14940] R13: 00000000004c62c7 R14: 00000000004db480 R15: 0000000000000003 [ 450.963291][T14940] overlayfs: upper fs does not support tmpfile. 05:02:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="6d047c0075f8b8660afc21be2900000047e2252eb7882b9abb2a2f9fd2399e0400c33f00002b0000000089dae769001499a8d1b3a4952f36def66ee2acdd00a49d5c8c3d080022757432dc100000000097"], 0x2) link(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') ptrace$setopts(0x4206, r1, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) connect$rxrpc(r3, &(0x7f0000000100)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e23, @loopback}}, 0x24) tkill(r1, 0x5) wait4(0x0, 0x0, 0x0, 0x0) [ 450.979840][ T9110] block nbd2: Receive control failed (result -22) [ 450.989772][T14947] block nbd2: shutting down sockets [ 608.163416][ T1073] INFO: task syz-executor.3:14911 can't die for more than 143 seconds. [ 608.171905][ T1073] syz-executor.3 D28016 14911 8832 0x00004004 [ 608.178516][ T1073] Call Trace: [ 608.181859][ T1073] __schedule+0x94a/0x1e70 [ 608.186524][ T1073] ? __sched_text_start+0x8/0x8 [ 608.191382][ T1073] ? __kasan_check_read+0x11/0x20 [ 608.196591][ T1073] ? __lock_acquire+0x16f2/0x4a00 [ 608.201793][ T1073] schedule+0xd9/0x260 [ 608.205993][ T1073] schedule_timeout+0x717/0xc50 [ 608.210864][ T1073] ? find_held_lock+0x35/0x130 [ 608.215728][ T1073] ? usleep_range+0x170/0x170 [ 608.220420][ T1073] ? lock_downgrade+0x920/0x920 [ 608.225346][ T1073] ? _raw_spin_unlock_irq+0x23/0x80 [ 608.230668][ T1073] ? wait_for_completion+0x294/0x440 [ 608.236040][ T1073] ? _raw_spin_unlock_irq+0x23/0x80 [ 608.241260][ T1073] ? lockdep_hardirqs_on+0x421/0x5e0 [ 608.246616][ T1073] ? trace_hardirqs_on+0x67/0x240 [ 608.251648][ T1073] ? __kasan_check_read+0x11/0x20 [ 608.256760][ T1073] wait_for_completion+0x29c/0x440 [ 608.261920][ T1073] ? wait_for_completion_interruptible+0x470/0x470 [ 608.268506][ T1073] ? wake_up_q+0xf0/0xf0 [ 608.272771][ T1073] ? flush_workqueue_prep_pwqs+0x352/0x590 [ 608.278689][ T1073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 608.285049][ T1073] flush_workqueue+0x40a/0x14c0 [ 608.289981][ T1073] ? __dev_printk+0x202/0x20e [ 608.294753][ T1073] ? _dev_warn+0xd7/0x109 [ 608.299098][ T1073] ? pwq_unbound_release_workfn+0x2f0/0x2f0 [ 608.305061][ T1073] ? sock_shutdown+0x83/0x200 [ 608.309772][ T1073] nbd_ioctl+0xb2e/0xc44 [ 608.314093][ T1073] ? nbd_ioctl+0xb2e/0xc44 [ 608.318509][ T1073] ? nbd_release+0x150/0x150 [ 608.323249][ T1073] ? finish_wait+0x260/0x260 [ 608.327836][ T1073] ? nbd_release+0x150/0x150 [ 608.332431][ T1073] blkdev_ioctl+0xedb/0x1c20 [ 608.337061][ T1073] ? blkpg_ioctl+0xa90/0xa90 [ 608.341651][ T1073] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 608.347535][ T1073] block_ioctl+0xee/0x130 [ 608.351857][ T1073] ? blkdev_fallocate+0x410/0x410 [ 608.356922][ T1073] do_vfs_ioctl+0xdb6/0x13e0 [ 608.361523][ T1073] ? compat_ioctl_preallocate+0x210/0x210 [ 608.367293][ T1073] ? __fget+0x37f/0x550 [ 608.371446][ T1073] ? ksys_dup3+0x3e0/0x3e0 [ 608.375902][ T1073] ? nsecs_to_jiffies+0x30/0x30 [ 608.380753][ T1073] ? tomoyo_file_ioctl+0x23/0x30 [ 608.385750][ T1073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 608.391987][ T1073] ? security_file_ioctl+0x8d/0xc0 [ 608.397133][ T1073] ksys_ioctl+0xab/0xd0 [ 608.401285][ T1073] __x64_sys_ioctl+0x73/0xb0 [ 608.406005][ T1073] do_syscall_64+0xfa/0x760 [ 608.410533][ T1073] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 608.416466][ T1073] RIP: 0033:0x459a59 [ 608.420358][ T1073] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <90> 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 608.440009][ T1073] RSP: 002b:00007f38fa9a4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 608.448474][ T1073] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000459a59 [ 608.456488][ T1073] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 608.464528][ T1073] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 608.473428][ T1073] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38fa9a56d4 [ 608.481402][ T1073] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 00000000ffffffff [ 608.489445][ T1073] INFO: task syz-executor.3:14911 blocked for more than 143 seconds. [ 608.497537][ T1073] Not tainted 5.4.0-rc3-next-20191015 #0 [ 608.503722][ T1073] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 608.512379][ T1073] syz-executor.3 D28016 14911 8832 0x00004004 [ 608.518757][ T1073] Call Trace: [ 608.522045][ T1073] __schedule+0x94a/0x1e70 [ 608.526501][ T1073] ? __sched_text_start+0x8/0x8 [ 608.531350][ T1073] ? __kasan_check_read+0x11/0x20 [ 608.536427][ T1073] ? __lock_acquire+0x16f2/0x4a00 [ 608.541468][ T1073] schedule+0xd9/0x260 [ 608.545591][ T1073] schedule_timeout+0x717/0xc50 [ 608.550436][ T1073] ? find_held_lock+0x35/0x130 [ 608.555263][ T1073] ? usleep_range+0x170/0x170 [ 608.559938][ T1073] ? lock_downgrade+0x920/0x920 [ 608.564845][ T1073] ? _raw_spin_unlock_irq+0x23/0x80 [ 608.570040][ T1073] ? wait_for_completion+0x294/0x440 [ 608.575376][ T1073] ? _raw_spin_unlock_irq+0x23/0x80 [ 608.580686][ T1073] ? lockdep_hardirqs_on+0x421/0x5e0 [ 608.586027][ T1073] ? trace_hardirqs_on+0x67/0x240 [ 608.591057][ T1073] ? __kasan_check_read+0x11/0x20 [ 608.596135][ T1073] wait_for_completion+0x29c/0x440 [ 608.601248][ T1073] ? wait_for_completion_interruptible+0x470/0x470 [ 608.607957][ T1073] ? wake_up_q+0xf0/0xf0 [ 608.612217][ T1073] ? flush_workqueue_prep_pwqs+0x352/0x590 [ 608.618065][ T1073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 608.624380][ T1073] flush_workqueue+0x40a/0x14c0 [ 608.629223][ T1073] ? __dev_printk+0x202/0x20e [ 608.633952][ T1073] ? _dev_warn+0xd7/0x109 [ 608.638279][ T1073] ? pwq_unbound_release_workfn+0x2f0/0x2f0 [ 608.644237][ T1073] ? sock_shutdown+0x83/0x200 [ 608.648912][ T1073] nbd_ioctl+0xb2e/0xc44 [ 608.653204][ T1073] ? nbd_ioctl+0xb2e/0xc44 [ 608.657629][ T1073] ? nbd_release+0x150/0x150 [ 608.662198][ T1073] ? finish_wait+0x260/0x260 [ 608.666851][ T1073] ? nbd_release+0x150/0x150 [ 608.671439][ T1073] blkdev_ioctl+0xedb/0x1c20 [ 608.676067][ T1073] ? blkpg_ioctl+0xa90/0xa90 [ 608.680678][ T1073] ? tomoyo_execute_permission+0x4a0/0x4a0 [ 608.686562][ T1073] block_ioctl+0xee/0x130 [ 608.690903][ T1073] ? blkdev_fallocate+0x410/0x410 [ 608.695973][ T1073] do_vfs_ioctl+0xdb6/0x13e0 [ 608.700574][ T1073] ? compat_ioctl_preallocate+0x210/0x210 [ 608.706354][ T1073] ? __fget+0x37f/0x550 [ 608.710506][ T1073] ? ksys_dup3+0x3e0/0x3e0 [ 608.714954][ T1073] ? nsecs_to_jiffies+0x30/0x30 [ 608.719805][ T1073] ? tomoyo_file_ioctl+0x23/0x30 [ 608.724942][ T1073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 608.731187][ T1073] ? security_file_ioctl+0x8d/0xc0 [ 608.736362][ T1073] ksys_ioctl+0xab/0xd0 [ 608.740512][ T1073] __x64_sys_ioctl+0x73/0xb0 [ 608.745141][ T1073] do_syscall_64+0xfa/0x760 [ 608.749664][ T1073] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 608.755592][ T1073] RIP: 0033:0x459a59 [ 608.759500][ T1073] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <90> 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 608.779163][ T1073] RSP: 002b:00007f38fa9a4c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 608.787641][ T1073] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000459a59 [ 608.795670][ T1073] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000005 [ 608.803689][ T1073] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 608.811664][ T1073] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f38fa9a56d4 [ 608.819677][ T1073] R13: 00000000004c33ab R14: 00000000004d70e8 R15: 00000000ffffffff [ 608.827689][ T1073] [ 608.827689][ T1073] Showing all locks held in the system: [ 608.835457][ T1073] 3 locks held by kworker/u4:0/7: [ 608.840472][ T1073] #0: ffff8880ae834d58 (&rq->lock){-.-.}, at: newidle_balance+0xa28/0xe80 [ 608.849122][ T1073] #1: ffffffff88fab680 (rcu_read_lock){....}, at: __update_idle_core+0x45/0x3f0 [ 608.858361][ T1073] #2: ffff8880ae824c58 (&base->lock){-.-.}, at: lock_timer_base+0x56/0x1b0 [ 608.867098][ T1073] 1 lock held by khungtaskd/1073: [ 608.872140][ T1073] #0: ffffffff88fab680 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279 [ 608.881546][ T1073] 2 locks held by kworker/u5:0/1530: [ 608.886865][ T1073] #0: ffff8880a731f928 ((wq_completion)knbd3-recv){+.+.}, at: process_one_work+0x88b/0x1740 [ 608.897398][ T1073] #1: ffff8880a60e7dc0 ((work_completion)(&args->work)){+.+.}, at: process_one_work+0x8c1/0x1740 [ 608.908116][ T1073] 1 lock held by rsyslogd/8694: [ 608.913450][ T1073] 2 locks held by getty/8784: [ 608.918135][ T1073] #0: ffff8880a8d94090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 608.927732][ T1073] #1: ffffc90005f312e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 608.937407][ T1073] 2 locks held by getty/8785: [ 608.942076][ T1073] #0: ffff888090140090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 608.951074][ T1073] #1: ffffc90005f2d2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 608.960672][ T1073] 2 locks held by getty/8786: [ 608.965395][ T1073] #0: ffff88809c00f090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 608.974406][ T1073] #1: ffffc90005f392e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 608.984018][ T1073] 2 locks held by getty/8787: [ 608.988683][ T1073] #0: ffff8880995d8090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 608.998020][ T1073] #1: ffffc90005f352e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 609.007654][ T1073] 2 locks held by getty/8788: [ 609.012305][ T1073] #0: ffff8880a1844090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 609.021283][ T1073] #1: ffffc90005f292e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 609.030983][ T1073] 2 locks held by getty/8789: [ 609.035716][ T1073] #0: ffff8880a7442090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 609.045180][ T1073] #1: ffffc90005f092e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 609.054813][ T1073] 2 locks held by getty/8790: [ 609.059516][ T1073] #0: ffff88809af19090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 609.069341][ T1073] #1: ffffc90005f012e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 [ 609.078993][ T1073] 2 locks held by syz-fuzzer/8812: [ 609.084898][ T1073] #0: ffff8880ae834d58 (&rq->lock){-.-.}, at: __schedule+0x266/0x1e70 [ 609.093215][ T1073] #1: ffffffff88fab680 (rcu_read_lock){....}, at: update_curr+0x2ea/0x8d0 [ 609.102106][ T1073] [ 609.104472][ T1073] ============================================= [ 609.104472][ T1073] [ 609.112928][ T1073] NMI backtrace for cpu 1 [ 609.117373][ T1073] CPU: 1 PID: 1073 Comm: khungtaskd Not tainted 5.4.0-rc3-next-20191015 #0 [ 609.125962][ T1073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.136121][ T1073] Call Trace: [ 609.140399][ T1073] dump_stack+0x172/0x1f0 [ 609.144716][ T1073] nmi_cpu_backtrace.cold+0x70/0xb2 [ 609.149897][ T1073] ? vprintk_func+0x86/0x189 [ 609.154475][ T1073] ? lapic_can_unplug_cpu.cold+0x3a/0x3a [ 609.160445][ T1073] nmi_trigger_cpumask_backtrace+0x23b/0x28b [ 609.166502][ T1073] arch_trigger_cpumask_backtrace+0x14/0x20 [ 609.172373][ T1073] watchdog+0xc8f/0x1350 [ 609.176603][ T1073] kthread+0x361/0x430 [ 609.180674][ T1073] ? reset_hung_task_detector+0x30/0x30 [ 609.186389][ T1073] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 609.193303][ T1073] ret_from_fork+0x24/0x30 [ 609.197801][ T1073] Sending NMI from CPU 1 to CPUs 0: [ 609.203554][ C0] NMI backtrace for cpu 0 [ 609.203560][ C0] CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.4.0-rc3-next-20191015 #0 [ 609.203565][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.203569][ C0] Workqueue: bat_events batadv_mcast_mla_update [ 609.203575][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x50 [ 609.203585][ C0] Code: 3c 09 41 bc f4 ff ff ff e8 2d 8c e9 ff 48 c7 05 5e c8 3c 09 00 00 00 00 e9 77 e9 ff ff 90 90 90 90 90 90 90 90 90 55 48 89 e5 <65> 48 8b 04 25 80 fe 01 00 65 8b 15 e4 b3 8e 7e 81 e2 00 01 1f 00 [ 609.203589][ C0] RSP: 0018:ffff8880a9887a38 EFLAGS: 00000096 [ 609.203595][ C0] RAX: 000000010000781a RBX: 1ffff11015310f54 RCX: 0000000000000000 [ 609.203600][ C0] RDX: 1ffff1100c805a91 RSI: ffff88806402d478 RDI: ffff8880ae824c40 [ 609.203604][ C0] RBP: ffff8880a9887a38 R08: ffff8880a98761c0 R09: fffffbfff1591c56 [ 609.203609][ C0] R10: fffffbfff1591c55 R11: ffffffff8ac8e2ab R12: ffff8880ae824c40 [ 609.203613][ C0] R13: ffff88806402d478 R14: ffff88806402d498 R15: ffff8880a9887b00 [ 609.203618][ C0] FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 609.203622][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 609.203627][ C0] CR2: ffffffffff600400 CR3: 00000000a863e000 CR4: 00000000001406f0 [ 609.203631][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 609.203635][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 609.203638][ C0] Call Trace: [ 609.203641][ C0] __internal_add_timer+0x17/0x90 [ 609.203644][ C0] add_timer+0x3fc/0x930 [ 609.203647][ C0] ? mod_timer_pending+0xca0/0xca0 [ 609.203651][ C0] ? mark_held_locks+0xa4/0xf0 [ 609.203654][ C0] __queue_delayed_work+0x1af/0x270 [ 609.203657][ C0] queue_delayed_work_on+0x1a7/0x210 [ 609.203661][ C0] batadv_mcast_mla_update+0x1969/0x3060 [ 609.203664][ C0] ? batadv_mcast_get_bridge+0x210/0x210 [ 609.203668][ C0] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 609.203672][ C0] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 609.203675][ C0] ? trace_hardirqs_on+0x67/0x240 [ 609.203678][ C0] process_one_work+0x9af/0x1740 [ 609.203681][ C0] ? pwq_dec_nr_in_flight+0x320/0x320 [ 609.203684][ C0] ? lock_acquire+0x190/0x410 [ 609.203688][ C0] worker_thread+0x98/0xe40 [ 609.203690][ C0] kthread+0x361/0x430 [ 609.203694][ C0] ? process_one_work+0x1740/0x1740 [ 609.203698][ C0] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 609.203701][ C0] ret_from_fork+0x24/0x30 [ 609.204142][ T1073] Kernel panic - not syncing: hung_task: blocked tasks [ 609.455940][ T1073] CPU: 1 PID: 1073 Comm: khungtaskd Not tainted 5.4.0-rc3-next-20191015 #0 [ 609.464705][ T1073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 609.474758][ T1073] Call Trace: [ 609.478052][ T1073] dump_stack+0x172/0x1f0 [ 609.482393][ T1073] panic+0x2e3/0x75c [ 609.486529][ T1073] ? add_taint.cold+0x16/0x16 [ 609.491191][ T1073] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 609.496898][ T1073] ? printk_safe_flush+0xf2/0x140 [ 609.501905][ T1073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 609.508128][ T1073] ? nmi_trigger_cpumask_backtrace+0x224/0x28b [ 609.514256][ T1073] ? nmi_trigger_cpumask_backtrace+0x21b/0x28b [ 609.520386][ T1073] watchdog+0xca0/0x1350 [ 609.524613][ T1073] kthread+0x361/0x430 [ 609.528663][ T1073] ? reset_hung_task_detector+0x30/0x30 [ 609.534187][ T1073] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 609.541278][ T1073] ret_from_fork+0x24/0x30 [ 609.547514][ T1073] Kernel Offset: disabled [ 609.551976][ T1073] Rebooting in 86400 seconds..