0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 358.272836] FAULT_INJECTION: forcing a failure. [ 358.272836] name failslab, interval 1, probability 0, space 0, times 0 [ 358.273098] FAULT_INJECTION: forcing a failure. [ 358.273098] name failslab, interval 1, probability 0, space 0, times 0 [ 358.284329] CPU: 1 PID: 19300 Comm: syz-executor.3 Not tainted 4.14.149 #0 [ 358.302437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.312740] Call Trace: [ 358.315332] dump_stack+0x138/0x197 [ 358.318976] should_fail.cold+0x10f/0x159 [ 358.323133] should_failslab+0xdb/0x130 [ 358.327099] kmem_cache_alloc_node+0x287/0x780 [ 358.331676] ? __lock_acquire+0x5f7/0x4620 [ 358.335901] ? perf_iterate_sb+0xd0/0x8b0 [ 358.340049] copy_process.part.0+0x17d5/0x6a00 [ 358.344642] ? trace_hardirqs_on+0x10/0x10 [ 358.348867] ? save_trace+0x290/0x290 [ 358.352663] ? finish_task_switch+0x178/0x650 [ 358.357152] ? find_held_lock+0x35/0x130 [ 358.361220] ? __cleanup_sighand+0x50/0x50 [ 358.365446] ? _raw_spin_unlock_irq+0x28/0x90 [ 358.369936] _do_fork+0x19e/0xce0 [ 358.373393] ? finish_task_switch+0x14d/0x650 [ 358.377884] ? fork_idle+0x280/0x280 [ 358.381587] ? __schedule+0x7c0/0x1cd0 [ 358.385466] ? pci_mmcfg_check_reserved+0x150/0x150 [ 358.390474] SyS_clone+0x37/0x50 [ 358.393830] ? sys_vfork+0x30/0x30 [ 358.397364] do_syscall_64+0x1e8/0x640 [ 358.401244] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.406080] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 358.411259] RIP: 0033:0x459a59 [ 358.414525] RSP: 002b:00007eff0dff3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 358.422225] RAX: ffffffffffffffda RBX: 00007eff0dff3c90 RCX: 0000000000459a59 [ 358.430354] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 358.437613] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 358.444873] R10: 0000000000000000 R11: 0000000000000246 R12: 00007eff0dff46d4 [ 358.452132] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007 [ 358.459530] CPU: 0 PID: 19301 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 358.466563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.475921] Call Trace: [ 358.478521] dump_stack+0x138/0x197 [ 358.482183] should_fail.cold+0x10f/0x159 [ 358.486344] should_failslab+0xdb/0x130 [ 358.490334] kmem_cache_alloc_node+0x287/0x780 [ 358.494919] ? get_pid_task+0x98/0x140 [ 358.498820] copy_process.part.0+0x17d5/0x6a00 [ 358.503442] ? save_trace+0x290/0x290 [ 358.507261] ? proc_fail_nth_write+0x7d/0x180 [ 358.511768] ? proc_cwd_link+0x1b0/0x1b0 [ 358.516944] ? __f_unlock_pos+0x19/0x20 [ 358.520941] ? find_held_lock+0x35/0x130 [ 358.525635] ? __cleanup_sighand+0x50/0x50 [ 358.530312] ? lock_downgrade+0x740/0x740 [ 358.534564] _do_fork+0x19e/0xce0 [ 358.538050] ? fork_idle+0x280/0x280 [ 358.541769] ? fput+0xd4/0x150 [ 358.544970] ? SyS_write+0x15e/0x230 [ 358.548699] SyS_clone+0x37/0x50 [ 358.552068] ? sys_vfork+0x30/0x30 [ 358.555622] do_syscall_64+0x1e8/0x640 [ 358.559552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.564413] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 358.569603] RIP: 0033:0x459a59 [ 358.572790] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 358.580590] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 358.587895] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 358.595183] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 358.603420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 358.610700] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:45:51 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:51 executing program 3 (fault-call:14 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:51 executing program 4 (fault-call:14 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:51 executing program 2 (fault-call:17 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 359.142470] FAULT_INJECTION: forcing a failure. [ 359.142470] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 359.154350] CPU: 0 PID: 19343 Comm: syz-executor.3 Not tainted 4.14.149 #0 [ 359.160898] FAULT_INJECTION: forcing a failure. [ 359.160898] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 359.161368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.161373] Call Trace: [ 359.161393] dump_stack+0x138/0x197 [ 359.189319] should_fail.cold+0x10f/0x159 [ 359.193487] __alloc_pages_nodemask+0x1d6/0x7a0 [ 359.198168] ? fs_reclaim_acquire+0x20/0x20 [ 359.202498] ? __alloc_pages_slowpath+0x2930/0x2930 [ 359.207529] cache_grow_begin+0x80/0x400 [ 359.211602] kmem_cache_alloc_node+0x6a4/0x780 [ 359.216190] ? get_pid_task+0x98/0x140 [ 359.220089] copy_process.part.0+0x17d5/0x6a00 [ 359.224725] ? save_trace+0x290/0x290 [ 359.228535] ? proc_fail_nth_write+0x7d/0x180 [ 359.233036] ? proc_cwd_link+0x1b0/0x1b0 [ 359.237104] ? __f_unlock_pos+0x19/0x20 [ 359.241088] ? find_held_lock+0x35/0x130 [ 359.245175] ? __cleanup_sighand+0x50/0x50 [ 359.249412] ? lock_downgrade+0x740/0x740 [ 359.253570] _do_fork+0x19e/0xce0 [ 359.257030] ? fork_idle+0x280/0x280 [ 359.260749] ? fput+0xd4/0x150 [ 359.263942] ? SyS_write+0x15e/0x230 [ 359.267666] SyS_clone+0x37/0x50 [ 359.268206] FAULT_INJECTION: forcing a failure. [ 359.268206] name failslab, interval 1, probability 0, space 0, times 0 [ 359.271052] ? sys_vfork+0x30/0x30 [ 359.271067] do_syscall_64+0x1e8/0x640 [ 359.271075] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.271090] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 359.271098] RIP: 0033:0x459a59 [ 359.271103] RSP: 002b:00007eff0dff3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 359.271111] RAX: ffffffffffffffda RBX: 00007eff0dff3c90 RCX: 0000000000459a59 [ 359.271116] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 359.271121] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 359.271126] R10: 0000000000000000 R11: 0000000000000246 R12: 00007eff0dff46d4 [ 359.271137] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007 [ 359.346968] CPU: 1 PID: 19347 Comm: syz-executor.2 Not tainted 4.14.149 #0 [ 359.353999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.363372] Call Trace: [ 359.365979] dump_stack+0x138/0x197 [ 359.369647] should_fail.cold+0x10f/0x159 [ 359.374788] should_failslab+0xdb/0x130 [ 359.378774] kmem_cache_alloc_node+0x287/0x780 [ 359.383371] ? get_pid_task+0x98/0x140 [ 359.387276] copy_process.part.0+0x17d5/0x6a00 [ 359.393006] ? save_trace+0x290/0x290 [ 359.396815] ? proc_fail_nth_write+0x7d/0x180 [ 359.401389] ? proc_cwd_link+0x1b0/0x1b0 [ 359.405463] ? __f_unlock_pos+0x19/0x20 [ 359.409452] ? find_held_lock+0x35/0x130 [ 359.413536] ? __cleanup_sighand+0x50/0x50 [ 359.417782] ? lock_downgrade+0x740/0x740 [ 359.421946] _do_fork+0x19e/0xce0 [ 359.425414] ? fork_idle+0x280/0x280 [ 359.429140] ? fput+0xd4/0x150 [ 359.432343] ? SyS_write+0x15e/0x230 [ 359.436071] SyS_clone+0x37/0x50 [ 359.439443] ? sys_vfork+0x30/0x30 [ 359.442992] do_syscall_64+0x1e8/0x640 [ 359.446887] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.451744] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 359.456944] RIP: 0033:0x459a59 [ 359.460190] RSP: 002b:00007f87d9661c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 359.467910] RAX: ffffffffffffffda RBX: 00007f87d9661c90 RCX: 0000000000459a59 [ 359.475187] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 359.482469] RBP: 000000000075c1c0 R08: ffffffffffffffff R09: 0000000000000000 [ 359.489772] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f87d96626d4 [ 359.497053] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 359.504721] CPU: 0 PID: 19344 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 359.511766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.521215] Call Trace: [ 359.523814] dump_stack+0x138/0x197 [ 359.527544] should_fail.cold+0x10f/0x159 [ 359.531781] ? __might_sleep+0x93/0xb0 [ 359.535679] __alloc_pages_nodemask+0x1d6/0x7a0 [ 359.540909] ? __alloc_pages_slowpath+0x2930/0x2930 [ 359.546059] ? rcu_read_lock_sched_held+0x110/0x130 [ 359.551103] copy_process.part.0+0x26a/0x6a00 [ 359.555612] ? save_trace+0x290/0x290 [ 359.559416] ? proc_fail_nth_write+0x7d/0x180 [ 359.563924] ? proc_cwd_link+0x1b0/0x1b0 [ 359.567991] ? __f_unlock_pos+0x19/0x20 [ 359.571968] ? find_held_lock+0x35/0x130 [ 359.576043] ? __cleanup_sighand+0x50/0x50 [ 359.580281] ? lock_downgrade+0x740/0x740 [ 359.584436] _do_fork+0x19e/0xce0 [ 359.587897] ? fork_idle+0x280/0x280 [ 359.591621] ? fput+0xd4/0x150 [ 359.594813] ? SyS_write+0x15e/0x230 [ 359.598534] SyS_clone+0x37/0x50 [ 359.601903] ? sys_vfork+0x30/0x30 [ 359.605442] do_syscall_64+0x1e8/0x640 [ 359.609333] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.614220] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 359.619419] RIP: 0033:0x459a59 [ 359.622610] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 359.630329] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 359.637603] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 17:45:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 359.644878] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 359.652155] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 359.659525] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:45:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:52 executing program 3 (fault-call:14 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:52 executing program 4 (fault-call:14 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:52 executing program 2 (fault-call:17 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 360.018224] FAULT_INJECTION: forcing a failure. [ 360.018224] name failslab, interval 1, probability 0, space 0, times 0 [ 360.030960] CPU: 1 PID: 19378 Comm: syz-executor.3 Not tainted 4.14.149 #0 [ 360.038006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.047366] Call Trace: [ 360.049977] dump_stack+0x138/0x197 [ 360.050847] FAULT_INJECTION: forcing a failure. [ 360.050847] name failslab, interval 1, probability 0, space 0, times 0 [ 360.053706] should_fail.cold+0x10f/0x159 [ 360.069047] should_failslab+0xdb/0x130 [ 360.073031] kmem_cache_alloc+0x2d7/0x780 [ 360.078136] ? creds_are_invalid+0x48/0x110 [ 360.082464] ? __validate_process_creds+0x14c/0x200 [ 360.087481] prepare_creds+0x3e/0x380 [ 360.091275] copy_creds+0x7b/0x4f0 [ 360.094838] ? lockdep_init_map+0x9/0x10 [ 360.098895] copy_process.part.0+0x868/0x6a00 [ 360.103386] ? save_trace+0x290/0x290 [ 360.107180] ? proc_fail_nth_write+0x7d/0x180 [ 360.111675] ? proc_cwd_link+0x1b0/0x1b0 [ 360.115729] ? __f_unlock_pos+0x19/0x20 [ 360.119702] ? __cleanup_sighand+0x50/0x50 [ 360.124891] ? lock_downgrade+0x740/0x740 [ 360.129039] _do_fork+0x19e/0xce0 [ 360.132487] ? fork_idle+0x280/0x280 [ 360.136196] ? fput+0xd4/0x150 [ 360.139390] ? SyS_write+0x15e/0x230 [ 360.143098] SyS_clone+0x37/0x50 [ 360.146453] ? sys_vfork+0x30/0x30 [ 360.149989] do_syscall_64+0x1e8/0x640 [ 360.153869] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.159576] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 360.164753] RIP: 0033:0x459a59 [ 360.167931] RSP: 002b:00007eff0dff3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 360.175628] RAX: ffffffffffffffda RBX: 00007eff0dff3c90 RCX: 0000000000459a59 [ 360.182891] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 360.190149] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 360.197413] R10: 0000000000000000 R11: 0000000000000246 R12: 00007eff0dff46d4 [ 360.204672] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007 [ 360.211950] CPU: 0 PID: 19380 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 360.218975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.228338] Call Trace: [ 360.230936] dump_stack+0x138/0x197 [ 360.234575] should_fail.cold+0x10f/0x159 [ 360.238734] should_failslab+0xdb/0x130 [ 360.242713] kmem_cache_alloc+0x2d7/0x780 [ 360.246867] ? creds_are_invalid+0x48/0x110 [ 360.251196] ? __validate_process_creds+0x14c/0x200 [ 360.256221] prepare_creds+0x3e/0x380 [ 360.259595] FAULT_INJECTION: forcing a failure. [ 360.259595] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.260034] copy_creds+0x7b/0x4f0 [ 360.275351] ? lockdep_init_map+0x9/0x10 [ 360.279411] copy_process.part.0+0x868/0x6a00 [ 360.283915] ? save_trace+0x290/0x290 [ 360.287705] ? proc_fail_nth_write+0x7d/0x180 [ 360.292188] ? proc_cwd_link+0x1b0/0x1b0 [ 360.296239] ? __f_unlock_pos+0x19/0x20 [ 360.300222] ? __cleanup_sighand+0x50/0x50 [ 360.304446] ? lock_downgrade+0x740/0x740 [ 360.308587] _do_fork+0x19e/0xce0 [ 360.312034] ? fork_idle+0x280/0x280 [ 360.315737] ? fput+0xd4/0x150 [ 360.318921] ? SyS_write+0x15e/0x230 [ 360.322634] SyS_clone+0x37/0x50 [ 360.325993] ? sys_vfork+0x30/0x30 [ 360.329547] do_syscall_64+0x1e8/0x640 [ 360.333425] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.338260] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 360.343437] RIP: 0033:0x459a59 [ 360.346613] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 360.354313] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 360.361570] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 360.368847] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 360.376118] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 360.383392] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 360.390701] CPU: 1 PID: 19386 Comm: syz-executor.2 Not tainted 4.14.149 #0 [ 360.397740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.407099] Call Trace: [ 360.409696] dump_stack+0x138/0x197 [ 360.413337] should_fail.cold+0x10f/0x159 [ 360.417492] __alloc_pages_nodemask+0x1d6/0x7a0 [ 360.422162] ? fs_reclaim_acquire+0x20/0x20 [ 360.426491] ? __alloc_pages_slowpath+0x2930/0x2930 [ 360.431610] cache_grow_begin+0x80/0x400 [ 360.435689] kmem_cache_alloc_node+0x6a4/0x780 [ 360.441236] ? get_pid_task+0x98/0x140 [ 360.445233] copy_process.part.0+0x17d5/0x6a00 [ 360.449939] ? save_trace+0x290/0x290 [ 360.453749] ? proc_fail_nth_write+0x7d/0x180 [ 360.458252] ? proc_cwd_link+0x1b0/0x1b0 [ 360.462324] ? __f_unlock_pos+0x19/0x20 [ 360.466317] ? find_held_lock+0x35/0x130 [ 360.470402] ? __cleanup_sighand+0x50/0x50 [ 360.474647] ? lock_downgrade+0x740/0x740 [ 360.478814] _do_fork+0x19e/0xce0 [ 360.482275] ? fork_idle+0x280/0x280 [ 360.485995] ? fput+0xd4/0x150 [ 360.489191] ? SyS_write+0x15e/0x230 [ 360.492922] SyS_clone+0x37/0x50 [ 360.496297] ? sys_vfork+0x30/0x30 [ 360.499841] do_syscall_64+0x1e8/0x640 [ 360.503734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.508612] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 360.513810] RIP: 0033:0x459a59 17:45:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(0xffffffffffffffff, 0xae44, 0xf) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 360.517005] RSP: 002b:00007f87d9682c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 360.524724] RAX: ffffffffffffffda RBX: 00007f87d9682c90 RCX: 0000000000459a59 [ 360.532002] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 360.540235] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 360.547601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f87d96836d4 [ 360.554882] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:45:53 executing program 3 (fault-call:14 fault-nth:3): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) ioctl$EXT4_IOC_SETFLAGS(r4, 0x40086602, &(0x7f00000000c0)=0x400000) 17:45:53 executing program 4 (fault-call:14 fault-nth:3): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 360.963240] FAULT_INJECTION: forcing a failure. [ 360.963240] name failslab, interval 1, probability 0, space 0, times 0 [ 360.974704] CPU: 0 PID: 19420 Comm: syz-executor.3 Not tainted 4.14.149 #0 [ 360.981733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.991101] Call Trace: [ 360.993705] dump_stack+0x138/0x197 [ 360.997349] should_fail.cold+0x10f/0x159 [ 361.001513] should_failslab+0xdb/0x130 [ 361.005503] __kmalloc_track_caller+0x2ec/0x790 [ 361.010190] ? check_preemption_disabled+0x3c/0x250 [ 361.015217] ? prepare_creds+0x3e/0x380 [ 361.019213] ? selinux_cred_prepare+0x49/0xb0 [ 361.023723] kmemdup+0x27/0x60 [ 361.026922] selinux_cred_prepare+0x49/0xb0 [ 361.031251] security_prepare_creds+0x7d/0xb0 [ 361.035760] prepare_creds+0x2cf/0x380 [ 361.038906] FAULT_INJECTION: forcing a failure. [ 361.038906] name failslab, interval 1, probability 0, space 0, times 0 [ 361.039660] copy_creds+0x7b/0x4f0 [ 361.054388] ? lockdep_init_map+0x9/0x10 [ 361.058463] copy_process.part.0+0x868/0x6a00 [ 361.062960] ? save_trace+0x290/0x290 [ 361.066840] ? proc_fail_nth_write+0x7d/0x180 [ 361.071326] ? proc_cwd_link+0x1b0/0x1b0 [ 361.075468] ? __f_unlock_pos+0x19/0x20 [ 361.079440] ? __cleanup_sighand+0x50/0x50 [ 361.083688] ? lock_downgrade+0x740/0x740 [ 361.087860] _do_fork+0x19e/0xce0 [ 361.091317] ? fork_idle+0x280/0x280 [ 361.095030] ? fput+0xd4/0x150 [ 361.098225] ? SyS_write+0x15e/0x230 [ 361.102894] SyS_clone+0x37/0x50 [ 361.106268] ? sys_vfork+0x30/0x30 [ 361.109802] do_syscall_64+0x1e8/0x640 [ 361.113680] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.118519] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 361.123697] RIP: 0033:0x459a59 [ 361.126876] RSP: 002b:00007eff0dff3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 361.134577] RAX: ffffffffffffffda RBX: 00007eff0dff3c90 RCX: 0000000000459a59 [ 361.143842] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 361.151125] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 361.158395] R10: 0000000000000000 R11: 0000000000000246 R12: 00007eff0dff46d4 [ 361.166671] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007 [ 361.173965] CPU: 1 PID: 19427 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 361.180984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.190324] Call Trace: [ 361.192899] dump_stack+0x138/0x197 [ 361.196512] should_fail.cold+0x10f/0x159 [ 361.200646] should_failslab+0xdb/0x130 [ 361.204606] kmem_cache_alloc+0x2d7/0x780 [ 361.208737] ? creds_are_invalid+0x48/0x110 [ 361.213044] ? __validate_process_creds+0x14c/0x200 [ 361.218047] prepare_creds+0x3e/0x380 [ 361.221832] copy_creds+0x7b/0x4f0 [ 361.225353] ? lockdep_init_map+0x9/0x10 [ 361.229410] copy_process.part.0+0x868/0x6a00 [ 361.233907] ? save_trace+0x290/0x290 [ 361.237690] ? proc_fail_nth_write+0x7d/0x180 [ 361.242171] ? proc_cwd_link+0x1b0/0x1b0 [ 361.246216] ? __f_unlock_pos+0x19/0x20 [ 361.250185] ? __cleanup_sighand+0x50/0x50 [ 361.254403] ? lock_downgrade+0x740/0x740 [ 361.258535] _do_fork+0x19e/0xce0 [ 361.261973] ? fork_idle+0x280/0x280 [ 361.265686] ? fput+0xd4/0x150 [ 361.268897] ? SyS_write+0x15e/0x230 [ 361.272615] SyS_clone+0x37/0x50 [ 361.275963] ? sys_vfork+0x30/0x30 [ 361.279486] do_syscall_64+0x1e8/0x640 [ 361.283358] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.288186] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 361.293444] RIP: 0033:0x459a59 [ 361.296964] RSP: 002b:00007fef9a149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 361.304655] RAX: ffffffffffffffda RBX: 00007fef9a149c90 RCX: 0000000000459a59 [ 361.312689] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 361.319947] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 361.327285] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a14a6d4 [ 361.334541] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:45:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:54 executing program 4 (fault-call:14 fault-nth:4): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:54 executing program 3 (fault-call:14 fault-nth:4): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:54 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x3, 0x0, 0x0, 0xfffff2e8, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0xf3) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 361.927093] FAULT_INJECTION: forcing a failure. [ 361.927093] name failslab, interval 1, probability 0, space 0, times 0 [ 361.927202] FAULT_INJECTION: forcing a failure. [ 361.927202] name failslab, interval 1, probability 0, space 0, times 0 [ 361.938765] CPU: 0 PID: 19464 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 361.956775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.966118] Call Trace: [ 361.968706] dump_stack+0x138/0x197 [ 361.972337] should_fail.cold+0x10f/0x159 [ 361.976481] should_failslab+0xdb/0x130 [ 361.980448] __kmalloc_track_caller+0x2ec/0x790 [ 361.985109] ? check_preemption_disabled+0x3c/0x250 [ 361.990123] ? prepare_creds+0x3e/0x380 [ 361.994091] ? selinux_cred_prepare+0x49/0xb0 [ 361.998580] kmemdup+0x27/0x60 [ 362.001766] selinux_cred_prepare+0x49/0xb0 [ 362.006080] security_prepare_creds+0x7d/0xb0 [ 362.010571] prepare_creds+0x2cf/0x380 [ 362.014452] copy_creds+0x7b/0x4f0 [ 362.017986] ? lockdep_init_map+0x9/0x10 [ 362.022044] copy_process.part.0+0x868/0x6a00 [ 362.026537] ? save_trace+0x290/0x290 [ 362.030331] ? proc_fail_nth_write+0x7d/0x180 [ 362.034817] ? proc_cwd_link+0x1b0/0x1b0 [ 362.038869] ? __f_unlock_pos+0x19/0x20 [ 362.042841] ? __cleanup_sighand+0x50/0x50 [ 362.047069] ? lock_downgrade+0x740/0x740 [ 362.051216] _do_fork+0x19e/0xce0 [ 362.054668] ? fork_idle+0x280/0x280 [ 362.058384] ? fput+0xd4/0x150 [ 362.061586] ? SyS_write+0x15e/0x230 [ 362.065309] SyS_clone+0x37/0x50 [ 362.068673] ? sys_vfork+0x30/0x30 [ 362.072212] do_syscall_64+0x1e8/0x640 [ 362.076181] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.081022] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 362.086377] RIP: 0033:0x459a59 [ 362.089557] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 362.097267] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 362.104532] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 362.111792] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 362.119051] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 362.126309] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 362.133590] CPU: 1 PID: 19463 Comm: syz-executor.3 Not tainted 4.14.149 #0 [ 362.140617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.149975] Call Trace: [ 362.152574] dump_stack+0x138/0x197 [ 362.156208] should_fail.cold+0x10f/0x159 [ 362.160379] should_failslab+0xdb/0x130 [ 362.164357] kmem_cache_alloc+0x2d7/0x780 [ 362.168508] ? creds_are_invalid+0x48/0x110 [ 362.173006] ? selinux_is_enabled+0x9/0x50 [ 362.177246] ? creds_are_invalid+0x48/0x110 [ 362.181575] __delayacct_tsk_init+0x20/0x80 [ 362.185900] copy_process.part.0+0x1a6c/0x6a00 [ 362.190496] ? save_trace+0x290/0x290 [ 362.194298] ? proc_fail_nth_write+0x7d/0x180 [ 362.198805] ? proc_cwd_link+0x1b0/0x1b0 [ 362.202878] ? __f_unlock_pos+0x19/0x20 [ 362.206872] ? __cleanup_sighand+0x50/0x50 [ 362.211112] ? lock_downgrade+0x740/0x740 [ 362.216227] _do_fork+0x19e/0xce0 [ 362.219690] ? fork_idle+0x280/0x280 [ 362.223410] ? fput+0xd4/0x150 [ 362.226608] ? SyS_write+0x15e/0x230 [ 362.230330] SyS_clone+0x37/0x50 [ 362.233700] ? sys_vfork+0x30/0x30 [ 362.237243] do_syscall_64+0x1e8/0x640 [ 362.241134] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.245988] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 362.251190] RIP: 0033:0x459a59 [ 362.254378] RSP: 002b:00007eff0dff3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 362.262457] RAX: ffffffffffffffda RBX: 00007eff0dff3c90 RCX: 0000000000459a59 [ 362.269733] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 362.277015] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 362.284302] R10: 0000000000000000 R11: 0000000000000246 R12: 00007eff0dff46d4 [ 362.291581] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007 17:45:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:55 executing program 3 (fault-call:14 fault-nth:5): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:55 executing program 0 (fault-call:13 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:55 executing program 4 (fault-call:14 fault-nth:5): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000180)={0x0, @initdev, @multicast1}, &(0x7f00000001c0)=0xc) sendmsg$can_raw(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x1d, r4}, 0x10, &(0x7f0000000300)={&(0x7f00000002c0)=@can={{0x2, 0x1, 0x1, 0x1}, 0x8, 0x1, 0x0, 0x0, "1572cfb35a29fc59"}, 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000380)={0x0, @in={{0x2, 0x4e24, @empty}}, [0x7, 0xd18f, 0x74, 0xffffffffb0d38261, 0x5, 0x7, 0x4, 0xffff, 0xffffffffffffff94, 0x0, 0x7fff, 0xa03d, 0x9, 0x3, 0x1]}, &(0x7f00000000c0)=0x100) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r9 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r9, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r9, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r9, 0x84, 0x66, &(0x7f0000000040)={r10}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r8, 0x84, 0x70, &(0x7f0000000480)={r10, @in6={{0xa, 0x4e22, 0x0, @loopback, 0x200}}, [0xfffffffffffffc00, 0xe75, 0x7724, 0x200, 0x7, 0x343, 0x10000, 0x10000, 0x9b, 0x10000000, 0x7, 0x0, 0x5, 0x800, 0x1ff]}, &(0x7f0000000140)=0x100) getsockopt$inet_sctp6_SCTP_STATUS(r5, 0x84, 0xe, &(0x7f0000000580)={r7, 0xffff, 0x1, 0x6, 0x18b, 0x1ff, 0x8, 0x38, {r11, @in={{0x2, 0x4e21, @empty}}, 0x2d, 0x8001, 0x3, 0x2, 0x9}}, &(0x7f0000000640)=0xb0) ptrace(0x10, 0x0) [ 362.846371] FAULT_INJECTION: forcing a failure. [ 362.846371] name failslab, interval 1, probability 0, space 0, times 0 [ 362.857824] CPU: 1 PID: 19500 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 362.864874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.874221] Call Trace: [ 362.876816] dump_stack+0x138/0x197 [ 362.880432] should_fail.cold+0x10f/0x159 [ 362.884566] should_failslab+0xdb/0x130 [ 362.888543] kmem_cache_alloc_node+0x287/0x780 [ 362.893150] ? get_pid_task+0x98/0x140 [ 362.897027] copy_process.part.0+0x17d5/0x6a00 [ 362.901599] ? save_trace+0x290/0x290 [ 362.905382] ? proc_fail_nth_write+0x7d/0x180 [ 362.909867] ? proc_cwd_link+0x1b0/0x1b0 [ 362.913914] ? __f_unlock_pos+0x19/0x20 [ 362.917871] ? find_held_lock+0x35/0x130 [ 362.921928] ? __cleanup_sighand+0x50/0x50 [ 362.926146] ? lock_downgrade+0x740/0x740 [ 362.930281] _do_fork+0x19e/0xce0 [ 362.933722] ? fork_idle+0x280/0x280 [ 362.937422] ? fput+0xd4/0x150 [ 362.940600] ? SyS_write+0x15e/0x230 [ 362.944301] SyS_clone+0x37/0x50 [ 362.947653] ? sys_vfork+0x30/0x30 [ 362.951180] do_syscall_64+0x1e8/0x640 [ 362.955394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.960223] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 362.965396] RIP: 0033:0x459a59 [ 362.968567] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 362.976261] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 362.983524] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 362.990780] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 362.998035] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 363.005286] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 363.015408] FAULT_INJECTION: forcing a failure. [ 363.015408] name failslab, interval 1, probability 0, space 0, times 0 [ 363.015610] FAULT_INJECTION: forcing a failure. [ 363.015610] name failslab, interval 1, probability 0, space 0, times 0 [ 363.026948] CPU: 0 PID: 19504 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 363.044937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.054285] Call Trace: [ 363.056872] dump_stack+0x138/0x197 [ 363.060495] should_fail.cold+0x10f/0x159 [ 363.064638] should_failslab+0xdb/0x130 [ 363.068607] kmem_cache_alloc+0x2d7/0x780 [ 363.072753] ? lockdep_init_map+0x9/0x10 [ 363.076807] ? debug_mutex_init+0x2d/0x5a [ 363.080952] dup_fd+0x85/0xa40 [ 363.084140] ? refcount_inc_not_zero+0x88/0xe0 [ 363.088716] ? refcount_inc+0x1f/0x40 [ 363.092513] copy_process.part.0+0x1b5a/0x6a00 [ 363.097096] ? save_trace+0x290/0x290 [ 363.100888] ? proc_fail_nth_write+0x7d/0x180 [ 363.105389] ? proc_cwd_link+0x1b0/0x1b0 [ 363.109452] ? __cleanup_sighand+0x50/0x50 [ 363.113679] ? lock_downgrade+0x740/0x740 [ 363.117832] _do_fork+0x19e/0xce0 [ 363.121281] ? fork_idle+0x280/0x280 [ 363.125011] ? fput+0xd4/0x150 [ 363.128200] ? SyS_write+0x15e/0x230 [ 363.131931] SyS_clone+0x37/0x50 [ 363.135292] ? sys_vfork+0x30/0x30 [ 363.138828] do_syscall_64+0x1e8/0x640 [ 363.142732] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.147575] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 363.152773] RIP: 0033:0x459a59 [ 363.155951] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 363.163744] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 363.171091] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 363.178360] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 363.185621] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 363.192884] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 363.200161] CPU: 1 PID: 19503 Comm: syz-executor.3 Not tainted 4.14.149 #0 [ 363.207189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.216548] Call Trace: [ 363.219156] dump_stack+0x138/0x197 [ 363.222804] should_fail.cold+0x10f/0x159 [ 363.226995] should_failslab+0xdb/0x130 [ 363.230995] kmem_cache_alloc+0x2d7/0x780 [ 363.235153] ? creds_are_invalid+0x48/0x110 [ 363.239739] ? selinux_is_enabled+0x9/0x50 [ 363.244002] ? creds_are_invalid+0x48/0x110 [ 363.248333] __delayacct_tsk_init+0x20/0x80 [ 363.253534] copy_process.part.0+0x1a6c/0x6a00 [ 363.258130] ? save_trace+0x290/0x290 [ 363.261936] ? proc_fail_nth_write+0x7d/0x180 [ 363.266447] ? proc_cwd_link+0x1b0/0x1b0 [ 363.270511] ? __f_unlock_pos+0x19/0x20 [ 363.274504] ? __cleanup_sighand+0x50/0x50 [ 363.278745] ? lock_downgrade+0x740/0x740 [ 363.282920] _do_fork+0x19e/0xce0 [ 363.286383] ? fork_idle+0x280/0x280 [ 363.290137] ? fput+0xd4/0x150 [ 363.293333] ? SyS_write+0x15e/0x230 [ 363.297081] SyS_clone+0x37/0x50 [ 363.300454] ? sys_vfork+0x30/0x30 [ 363.304006] do_syscall_64+0x1e8/0x640 [ 363.307896] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.312752] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 363.317940] RIP: 0033:0x459a59 [ 363.321128] RSP: 002b:00007eff0dff3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 363.329106] RAX: ffffffffffffffda RBX: 00007eff0dff3c90 RCX: 0000000000459a59 [ 363.336383] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 363.343662] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 363.350937] R10: 0000000000000000 R11: 0000000000000246 R12: 00007eff0dff46d4 [ 363.358734] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000007 17:45:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0xdb60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x0, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:56 executing program 0 (fault-call:13 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:56 executing program 4 (fault-call:14 fault-nth:6): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 363.723043] FAULT_INJECTION: forcing a failure. [ 363.723043] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 363.734903] CPU: 1 PID: 19542 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 363.738052] FAULT_INJECTION: forcing a failure. [ 363.738052] name failslab, interval 1, probability 0, space 0, times 0 [ 363.741941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.741946] Call Trace: [ 363.741965] dump_stack+0x138/0x197 [ 363.741983] should_fail.cold+0x10f/0x159 [ 363.741999] __alloc_pages_nodemask+0x1d6/0x7a0 [ 363.742010] ? fs_reclaim_acquire+0x20/0x20 [ 363.742021] ? __alloc_pages_slowpath+0x2930/0x2930 [ 363.742039] cache_grow_begin+0x80/0x400 [ 363.790922] kmem_cache_alloc_node+0x6a4/0x780 [ 363.795496] ? get_pid_task+0x98/0x140 [ 363.799380] copy_process.part.0+0x17d5/0x6a00 [ 363.803963] ? save_trace+0x290/0x290 [ 363.807757] ? proc_fail_nth_write+0x7d/0x180 [ 363.812245] ? proc_cwd_link+0x1b0/0x1b0 [ 363.816299] ? __f_unlock_pos+0x19/0x20 [ 363.820265] ? find_held_lock+0x35/0x130 [ 363.824328] ? __cleanup_sighand+0x50/0x50 [ 363.828571] ? lock_downgrade+0x740/0x740 [ 363.832714] _do_fork+0x19e/0xce0 [ 363.836162] ? fork_idle+0x280/0x280 [ 363.839872] ? fput+0xd4/0x150 [ 363.843074] ? SyS_write+0x15e/0x230 [ 363.847305] SyS_clone+0x37/0x50 [ 363.850674] ? sys_vfork+0x30/0x30 [ 363.854214] do_syscall_64+0x1e8/0x640 [ 363.858089] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.862930] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 363.868110] RIP: 0033:0x459a59 [ 363.872001] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 363.879714] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 363.886974] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 363.894249] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 363.901511] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 363.908784] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 363.916062] CPU: 0 PID: 19543 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 363.923090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.933320] Call Trace: [ 363.935937] dump_stack+0x138/0x197 [ 363.939582] should_fail.cold+0x10f/0x159 [ 363.943741] should_failslab+0xdb/0x130 [ 363.947732] kmem_cache_alloc+0x2d7/0x780 [ 363.951884] ? lockdep_init_map+0x9/0x10 [ 363.955949] ? debug_mutex_init+0x2d/0x5a [ 363.960105] dup_fd+0x85/0xa40 [ 363.963297] ? refcount_inc_not_zero+0x88/0xe0 [ 363.967882] ? refcount_inc+0x1f/0x40 [ 363.971691] copy_process.part.0+0x1b5a/0x6a00 [ 363.976282] ? save_trace+0x290/0x290 [ 363.980082] ? proc_fail_nth_write+0x7d/0x180 [ 363.984580] ? proc_cwd_link+0x1b0/0x1b0 [ 363.988654] ? __cleanup_sighand+0x50/0x50 [ 363.992893] ? lock_downgrade+0x740/0x740 [ 363.997049] _do_fork+0x19e/0xce0 [ 364.000510] ? fork_idle+0x280/0x280 [ 364.004227] ? fput+0xd4/0x150 [ 364.007424] ? SyS_write+0x15e/0x230 [ 364.011146] SyS_clone+0x37/0x50 [ 364.014510] ? sys_vfork+0x30/0x30 [ 364.018052] do_syscall_64+0x1e8/0x640 [ 364.021936] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.026786] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 364.032412] RIP: 0033:0x459a59 [ 364.035603] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 364.043350] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 364.050756] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 364.058036] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 364.065312] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 17:45:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x8, 0x2) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000140)=""/116) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x8000, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x11, r0) [ 364.072590] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:45:57 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x0, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x400000000000) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:57 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:57 executing program 4 (fault-call:14 fault-nth:7): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:57 executing program 0 (fault-call:13 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 364.710670] FAULT_INJECTION: forcing a failure. [ 364.710670] name failslab, interval 1, probability 0, space 0, times 0 [ 364.722242] CPU: 1 PID: 19576 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 364.729281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.738635] Call Trace: [ 364.741224] dump_stack+0x138/0x197 [ 364.744865] should_fail.cold+0x10f/0x159 [ 364.749197] should_failslab+0xdb/0x130 [ 364.753173] kmem_cache_alloc_node_trace+0x280/0x770 [ 364.759137] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 364.764860] __kmalloc_node+0x3d/0x80 [ 364.768652] kvmalloc_node+0x4e/0xe0 [ 364.772354] alloc_fdtable+0xcf/0x280 [ 364.776145] dup_fd+0x693/0xa40 [ 364.779454] copy_process.part.0+0x1b5a/0x6a00 [ 364.784036] ? save_trace+0x290/0x290 [ 364.787832] ? proc_fail_nth_write+0x7d/0x180 [ 364.792319] ? proc_cwd_link+0x1b0/0x1b0 [ 364.796489] ? __cleanup_sighand+0x50/0x50 [ 364.800723] ? lock_downgrade+0x740/0x740 [ 364.804970] _do_fork+0x19e/0xce0 [ 364.808436] ? fork_idle+0x280/0x280 [ 364.812151] ? fput+0xd4/0x150 [ 364.815337] ? SyS_write+0x15e/0x230 [ 364.819052] SyS_clone+0x37/0x50 [ 364.822415] ? sys_vfork+0x30/0x30 [ 364.825953] do_syscall_64+0x1e8/0x640 [ 364.829848] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.834705] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 364.839950] RIP: 0033:0x459a59 [ 364.843144] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 364.850862] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 364.858127] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 364.865388] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 364.872668] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 364.879931] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 364.889350] FAULT_INJECTION: forcing a failure. [ 364.889350] name failslab, interval 1, probability 0, space 0, times 0 [ 364.900974] CPU: 0 PID: 19579 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 364.908021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.917579] Call Trace: [ 364.920179] dump_stack+0x138/0x197 [ 364.923820] should_fail.cold+0x10f/0x159 [ 364.929536] should_failslab+0xdb/0x130 [ 364.933503] kmem_cache_alloc+0x2d7/0x780 [ 364.937652] ? creds_are_invalid+0x48/0x110 [ 364.942064] ? __validate_process_creds+0x14c/0x200 [ 364.947089] prepare_creds+0x3e/0x380 [ 364.951164] copy_creds+0x7b/0x4f0 [ 364.954708] ? lockdep_init_map+0x9/0x10 [ 364.958764] copy_process.part.0+0x868/0x6a00 [ 364.963279] ? save_trace+0x290/0x290 [ 364.967184] ? proc_fail_nth_write+0x7d/0x180 [ 364.971739] ? proc_cwd_link+0x1b0/0x1b0 [ 364.975801] ? __f_unlock_pos+0x19/0x20 [ 364.979768] ? __cleanup_sighand+0x50/0x50 [ 364.984007] ? lock_downgrade+0x740/0x740 [ 364.988152] _do_fork+0x19e/0xce0 [ 364.991605] ? fork_idle+0x280/0x280 [ 364.995325] ? fput+0xd4/0x150 [ 364.998510] ? SyS_write+0x15e/0x230 [ 365.002220] SyS_clone+0x37/0x50 [ 365.005581] ? sys_vfork+0x30/0x30 [ 365.009134] do_syscall_64+0x1e8/0x640 [ 365.013022] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.017855] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 365.023040] RIP: 0033:0x459a59 [ 365.026220] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 365.033924] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 365.041195] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 365.048479] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 365.055746] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 365.063108] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:45:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = semget(0x3, 0x1, 0x8) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000180)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f00000005c0)=0xc) setresuid(0x0, r2, 0x0) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xfffffffffffffff7) r5 = syz_open_dev$admmidi(&(0x7f0000000600)='/dev/admmidi#\x00', 0x7, 0x210102) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000640)={{{@in6=@initdev, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@dev}}, &(0x7f0000000240)=0x26) r7 = timerfd_create(0x1, 0x800) fstat(r7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r8, 0x0, 0x0) semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000500)={{0x0, r2, r3, r6, r8, 0x10, 0x9}, 0x8, 0x1, 0x1}) getpid() r9 = getpid() sched_setattr(r9, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r10 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r10, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r12, 0x407, 0x0) write(r12, &(0x7f0000000340), 0x41395527) vmsplice(r11, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) r13 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x0, 0x0) r14 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r14, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r14, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000140)={0xffffffffffffffff}, 0x13f}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r13, &(0x7f00000002c0)={0x16, 0x98, 0xfa00, {&(0x7f0000000100), 0x1, r15, 0x0, 0x1, @ib={0x1b, 0x5, 0xfffffeda, {"61cb1d6839ce5cb2dd404f77249ceeaf"}, 0x764a168e, 0x200}}}, 0xa0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x4, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:57 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x0, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$TIOCGPGRP(r3, 0x540f, &(0x7f0000000000)=0x0) capset(&(0x7f00000000c0)={0x20080522, r4}, &(0x7f0000000100)={0x0, 0x80, 0x81, 0x1, 0x2, 0x14b}) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = openat$cgroup_ro(r2, &(0x7f0000000140)='cgroup.events\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_STOP(r5, 0x54a1) 17:45:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:58 executing program 4 (fault-call:14 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:58 executing program 0 (fault-call:13 fault-nth:3): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 365.610275] FAULT_INJECTION: forcing a failure. [ 365.610275] name failslab, interval 1, probability 0, space 0, times 0 [ 365.621728] CPU: 0 PID: 19617 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 365.628761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.638121] Call Trace: [ 365.640721] dump_stack+0x138/0x197 [ 365.644339] should_fail.cold+0x10f/0x159 [ 365.649085] should_failslab+0xdb/0x130 [ 365.653064] kmem_cache_alloc_node_trace+0x280/0x770 [ 365.658155] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 365.663596] __kmalloc_node+0x3d/0x80 [ 365.667381] kvmalloc_node+0x4e/0xe0 [ 365.671081] alloc_fdtable+0xcf/0x280 [ 365.674871] dup_fd+0x693/0xa40 [ 365.678139] copy_process.part.0+0x1b5a/0x6a00 [ 365.682712] ? save_trace+0x290/0x290 [ 365.686495] ? proc_fail_nth_write+0x7d/0x180 [ 365.690972] ? proc_cwd_link+0x1b0/0x1b0 [ 365.695031] ? __cleanup_sighand+0x50/0x50 [ 365.699248] ? lock_downgrade+0x740/0x740 [ 365.703470] _do_fork+0x19e/0xce0 [ 365.707788] ? fork_idle+0x280/0x280 [ 365.711489] ? fput+0xd4/0x150 [ 365.714664] ? SyS_write+0x15e/0x230 [ 365.718362] SyS_clone+0x37/0x50 [ 365.721712] ? sys_vfork+0x30/0x30 [ 365.725238] do_syscall_64+0x1e8/0x640 [ 365.729106] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.733952] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 365.739122] RIP: 0033:0x459a59 [ 365.742294] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 365.750069] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 365.757338] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 365.764621] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 365.772153] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 365.779408] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 365.789231] FAULT_INJECTION: forcing a failure. [ 365.789231] name failslab, interval 1, probability 0, space 0, times 0 [ 365.803998] CPU: 1 PID: 19618 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 365.811037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.821440] Call Trace: [ 365.824042] dump_stack+0x138/0x197 [ 365.827687] should_fail.cold+0x10f/0x159 [ 365.831849] should_failslab+0xdb/0x130 [ 365.835836] kmem_cache_alloc+0x2d7/0x780 [ 365.839991] ? creds_are_invalid+0x48/0x110 [ 365.844321] ? __validate_process_creds+0x14c/0x200 [ 365.849343] prepare_creds+0x3e/0x380 [ 365.853143] copy_creds+0x7b/0x4f0 [ 365.856686] ? lockdep_init_map+0x9/0x10 [ 365.860783] copy_process.part.0+0x868/0x6a00 [ 365.865294] ? save_trace+0x290/0x290 [ 365.869105] ? proc_fail_nth_write+0x7d/0x180 [ 365.873608] ? proc_cwd_link+0x1b0/0x1b0 [ 365.877674] ? __f_unlock_pos+0x19/0x20 [ 365.881666] ? __cleanup_sighand+0x50/0x50 [ 365.885905] ? lock_downgrade+0x740/0x740 [ 365.890066] _do_fork+0x19e/0xce0 [ 365.893531] ? fork_idle+0x280/0x280 [ 365.897249] ? fput+0xd4/0x150 [ 365.900443] ? SyS_write+0x15e/0x230 [ 365.904165] SyS_clone+0x37/0x50 [ 365.907541] ? sys_vfork+0x30/0x30 [ 365.911093] do_syscall_64+0x1e8/0x640 [ 365.914984] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.919846] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 365.925037] RIP: 0033:0x459a59 [ 365.929191] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 365.937005] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 365.944290] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 365.951665] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 365.959206] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 365.966487] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:45:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x5, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:58 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x0, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getpeername$packet(r3, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000240)=0x14) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x2) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = accept4$inet6(r4, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f00000000c0)=0x1c, 0x81400) setsockopt$inet6_icmp_ICMP_FILTER(r5, 0x1, 0x1, &(0x7f0000000100)={0xed7e}, 0x20c) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:59 executing program 4 (fault-call:14 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:59 executing program 0 (fault-call:13 fault-nth:4): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 366.542353] FAULT_INJECTION: forcing a failure. [ 366.542353] name failslab, interval 1, probability 0, space 0, times 0 [ 366.556055] CPU: 0 PID: 19655 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 366.563094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.572441] Call Trace: [ 366.575036] dump_stack+0x138/0x197 [ 366.578659] should_fail.cold+0x10f/0x159 [ 366.582810] should_failslab+0xdb/0x130 [ 366.586771] kmem_cache_alloc+0x2d7/0x780 [ 366.590920] ? creds_are_invalid+0x48/0x110 [ 366.595225] ? selinux_is_enabled+0x9/0x50 [ 366.599529] ? creds_are_invalid+0x48/0x110 [ 366.603995] __delayacct_tsk_init+0x20/0x80 [ 366.608503] copy_process.part.0+0x1a6c/0x6a00 [ 366.613111] ? trace_hardirqs_on+0x10/0x10 [ 366.617346] ? lock_downgrade+0x740/0x740 [ 366.621484] ? save_trace+0x290/0x290 [ 366.625286] ? finish_task_switch+0x178/0x650 [ 366.629766] ? find_held_lock+0x35/0x130 [ 366.634192] ? finish_task_switch+0x178/0x650 [ 366.638688] ? __cleanup_sighand+0x50/0x50 [ 366.642905] ? trace_hardirqs_on_caller+0x400/0x590 [ 366.647917] ? _raw_spin_unlock_irq+0x5e/0x90 [ 366.652499] _do_fork+0x19e/0xce0 [ 366.655937] ? fork_idle+0x280/0x280 [ 366.659634] ? pci_mmcfg_check_reserved+0x150/0x150 [ 366.664632] ? schedule+0x8b/0x1c0 [ 366.668160] SyS_clone+0x37/0x50 [ 366.671684] ? sys_vfork+0x30/0x30 [ 366.675208] do_syscall_64+0x1e8/0x640 [ 366.679078] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.683905] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 366.689075] RIP: 0033:0x459a59 [ 366.692246] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 366.700028] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 366.707282] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 366.714536] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 366.721799] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 366.729050] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 366.743174] FAULT_INJECTION: forcing a failure. [ 366.743174] name failslab, interval 1, probability 0, space 0, times 0 [ 366.756781] CPU: 0 PID: 19662 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 366.763861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.774011] Call Trace: [ 366.776621] dump_stack+0x138/0x197 [ 366.780285] should_fail.cold+0x10f/0x159 [ 366.784644] should_failslab+0xdb/0x130 [ 366.788727] kmem_cache_alloc+0x2d7/0x780 [ 366.792994] copy_fs_struct+0x43/0x2d0 [ 366.796898] copy_process.part.0+0x3924/0x6a00 [ 366.801505] ? save_trace+0x290/0x290 [ 366.805321] ? proc_fail_nth_write+0x7d/0x180 [ 366.809833] ? proc_cwd_link+0x1b0/0x1b0 [ 366.813931] ? __cleanup_sighand+0x50/0x50 [ 366.818301] ? lock_downgrade+0x740/0x740 [ 366.822461] _do_fork+0x19e/0xce0 [ 366.825930] ? fork_idle+0x280/0x280 [ 366.829674] ? fput+0xd4/0x150 [ 366.832877] ? SyS_write+0x15e/0x230 [ 366.836599] SyS_clone+0x37/0x50 [ 366.839964] ? sys_vfork+0x30/0x30 [ 366.843511] do_syscall_64+0x1e8/0x640 [ 366.847406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.852274] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 366.857503] RIP: 0033:0x459a59 [ 366.860709] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 366.868688] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 366.877095] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 366.884372] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 366.891659] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 366.898939] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:45:59 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x0, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x1, 0x0, 0x3}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x10f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x80000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f00000000c0), 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x5, r4, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000000)=0x4) r5 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x3, 0x20400) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000180)=0x8) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:45:59 executing program 0 (fault-call:13 fault-nth:5): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:59 executing program 4 (fault-call:14 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:45:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r9, 0x0) fstat(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) sendmsg$unix(r5, &(0x7f0000000380)={&(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000140)="9a172709ce2b04f981432105e041aa3b0254a40c8d8f97b817da0e61978d5929c719fed15fd5d0911ced114dcbfb3acbf9dc96be83e016203232037d73fbc11710151aeff8f9590bbab917a1cb30af7ba6ed2ffaf436ffa36f2fd33898787b162b059255de396d6f1a3df36409c2d66f4a16e8f09603ca2805b8dbe7d76ca614cf370607d039db94f05a9ba4", 0x8c}], 0x1, &(0x7f0000000340)=[@rights={{0x18, 0x1, 0x1, [r6, r7]}}, @cred={{0x1c, 0x1, 0x2, {r0, r9, r10}}}], 0x38, 0x10004008}, 0x20000080) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 367.469474] FAULT_INJECTION: forcing a failure. [ 367.469474] name failslab, interval 1, probability 0, space 0, times 0 [ 367.481009] CPU: 0 PID: 19699 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 367.488057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.497591] Call Trace: [ 367.500201] dump_stack+0x138/0x197 [ 367.503849] should_fail.cold+0x10f/0x159 [ 367.508010] should_failslab+0xdb/0x130 [ 367.512361] kmem_cache_alloc+0x2d7/0x780 [ 367.516538] ? _raw_spin_unlock+0x2d/0x50 [ 367.520703] copy_process.part.0+0x3987/0x6a00 [ 367.525299] ? save_trace+0x290/0x290 [ 367.529108] ? proc_fail_nth_write+0x7d/0x180 [ 367.533622] ? proc_cwd_link+0x1b0/0x1b0 [ 367.537699] ? __cleanup_sighand+0x50/0x50 [ 367.541940] ? lock_downgrade+0x740/0x740 [ 367.546190] _do_fork+0x19e/0xce0 [ 367.549831] ? fork_idle+0x280/0x280 [ 367.553554] ? fput+0xd4/0x150 [ 367.556753] ? SyS_write+0x15e/0x230 [ 367.560477] SyS_clone+0x37/0x50 [ 367.563857] ? sys_vfork+0x30/0x30 [ 367.567439] do_syscall_64+0x1e8/0x640 [ 367.571860] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.576720] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 367.582004] RIP: 0033:0x459a59 [ 367.585194] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 367.592913] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 367.602018] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 367.609731] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 367.617020] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 367.624305] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 367.638182] FAULT_INJECTION: forcing a failure. [ 367.638182] name failslab, interval 1, probability 0, space 0, times 0 [ 367.649728] CPU: 1 PID: 19702 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 367.656756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.666132] Call Trace: [ 367.668772] dump_stack+0x138/0x197 [ 367.673120] should_fail.cold+0x10f/0x159 [ 367.677296] should_failslab+0xdb/0x130 [ 367.681308] kmem_cache_alloc+0x2d7/0x780 [ 367.685463] ? copy_creds+0x117/0x4f0 [ 367.689264] ? selinux_is_enabled+0x9/0x50 [ 367.693500] ? creds_are_invalid+0x48/0x110 [ 367.697828] __delayacct_tsk_init+0x20/0x80 [ 367.702153] copy_process.part.0+0x1a6c/0x6a00 [ 367.706748] ? save_trace+0x290/0x290 [ 367.710552] ? proc_fail_nth_write+0x7d/0x180 [ 367.715159] ? proc_cwd_link+0x1b0/0x1b0 [ 367.719222] ? __f_unlock_pos+0x19/0x20 [ 367.723203] ? __cleanup_sighand+0x50/0x50 [ 367.727439] ? lock_downgrade+0x740/0x740 [ 367.731680] _do_fork+0x19e/0xce0 [ 367.735148] ? fork_idle+0x280/0x280 [ 367.738866] ? fput+0xd4/0x150 [ 367.742060] ? SyS_write+0x15e/0x230 [ 367.745778] SyS_clone+0x37/0x50 [ 367.749146] ? sys_vfork+0x30/0x30 [ 367.752697] do_syscall_64+0x1e8/0x640 [ 367.756581] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.761437] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 367.766629] RIP: 0033:0x459a59 [ 367.769829] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 367.777543] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 367.784840] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 367.792136] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 367.799415] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 367.806705] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58) r4 = accept$alg(r3, 0x0, 0x0) sendmmsg(r4, &(0x7f0000007840)=[{{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000700)='L', 0x1}, {&(0x7f0000000780)="bd70df6d011aa07a4bdbd3d49bdfc2d4b9e0e14a30f13c7a5c4206f048d2cca27dffdb2728bb00b5707a59992cbd0068fac3641e6b5184", 0x37}], 0x2}}], 0x1, 0x0) rmdir(0x0) socket$inet_smc(0x2b, 0x1, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:00 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x0, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:00 executing program 0 (fault-call:13 fault-nth:6): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:00 executing program 4 (fault-call:14 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:00 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) bind$x25(r3, &(0x7f00000000c0)={0x9, @null=' \x00'}, 0x12) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 368.426465] FAULT_INJECTION: forcing a failure. [ 368.426465] name failslab, interval 1, probability 0, space 0, times 0 [ 368.438821] CPU: 1 PID: 19739 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 368.445866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.455232] Call Trace: [ 368.457830] dump_stack+0x138/0x197 [ 368.461595] should_fail.cold+0x10f/0x159 [ 368.465765] should_failslab+0xdb/0x130 [ 368.469742] kmem_cache_alloc_trace+0x2e9/0x790 [ 368.474498] ? lock_downgrade+0x740/0x740 [ 368.478635] alloc_fdtable+0x7f/0x280 [ 368.482510] dup_fd+0x693/0xa40 [ 368.485788] copy_process.part.0+0x1b5a/0x6a00 [ 368.490446] ? save_trace+0x290/0x290 [ 368.494254] ? proc_fail_nth_write+0x7d/0x180 [ 368.498732] ? proc_cwd_link+0x1b0/0x1b0 [ 368.502871] ? __cleanup_sighand+0x50/0x50 [ 368.507090] ? lock_downgrade+0x740/0x740 [ 368.511243] _do_fork+0x19e/0xce0 [ 368.514680] ? fork_idle+0x280/0x280 [ 368.518382] ? fput+0xd4/0x150 [ 368.521559] ? SyS_write+0x15e/0x230 [ 368.525269] SyS_clone+0x37/0x50 [ 368.528620] ? sys_vfork+0x30/0x30 [ 368.532664] do_syscall_64+0x1e8/0x640 [ 368.536562] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.541484] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 368.546656] RIP: 0033:0x459a59 [ 368.549828] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 368.557530] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 368.564807] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 368.572064] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 368.579413] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 368.586673] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 368.598569] FAULT_INJECTION: forcing a failure. [ 368.598569] name failslab, interval 1, probability 0, space 0, times 0 [ 368.610840] CPU: 0 PID: 19743 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 368.617883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.627253] Call Trace: [ 368.629855] dump_stack+0x138/0x197 [ 368.633489] should_fail.cold+0x10f/0x159 [ 368.637635] should_failslab+0xdb/0x130 [ 368.641595] kmem_cache_alloc+0x2d7/0x780 [ 368.645746] ? _raw_spin_unlock+0x2d/0x50 [ 368.650058] copy_process.part.0+0x3987/0x6a00 [ 368.654715] ? save_trace+0x290/0x290 [ 368.658500] ? proc_fail_nth_write+0x7d/0x180 [ 368.662980] ? proc_cwd_link+0x1b0/0x1b0 [ 368.667031] ? __cleanup_sighand+0x50/0x50 [ 368.671248] ? lock_downgrade+0x740/0x740 [ 368.675382] _do_fork+0x19e/0xce0 [ 368.678827] ? fork_idle+0x280/0x280 [ 368.682550] ? fput+0xd4/0x150 [ 368.685724] ? SyS_write+0x15e/0x230 [ 368.689433] SyS_clone+0x37/0x50 [ 368.692780] ? sys_vfork+0x30/0x30 [ 368.696305] do_syscall_64+0x1e8/0x640 [ 368.700177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.705095] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 368.710278] RIP: 0033:0x459a59 [ 368.713446] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 368.721143] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 368.728395] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 368.736425] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 368.743681] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 368.750932] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:46:01 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:01 executing program 4 (fault-call:14 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:01 executing program 0 (fault-call:13 fault-nth:7): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fstat(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setuid(r4) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 369.325980] FAULT_INJECTION: forcing a failure. [ 369.325980] name failslab, interval 1, probability 0, space 0, times 0 [ 369.337344] CPU: 1 PID: 19773 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 369.344369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.353824] Call Trace: [ 369.356518] dump_stack+0x138/0x197 [ 369.360191] should_fail.cold+0x10f/0x159 [ 369.364354] should_failslab+0xdb/0x130 [ 369.368343] kmem_cache_alloc+0x2d7/0x780 [ 369.372501] ? selinux_capable+0x36/0x40 [ 369.376669] create_new_namespaces+0x34/0x720 [ 369.381167] ? ns_capable_common+0x12c/0x160 [ 369.385587] copy_namespaces+0x284/0x310 [ 369.389671] copy_process.part.0+0x2603/0x6a00 [ 369.394271] ? proc_fail_nth_write+0x7d/0x180 [ 369.398780] ? proc_cwd_link+0x1b0/0x1b0 [ 369.403033] ? __cleanup_sighand+0x50/0x50 [ 369.407270] ? lock_downgrade+0x740/0x740 [ 369.411438] _do_fork+0x19e/0xce0 [ 369.414989] ? fork_idle+0x280/0x280 [ 369.420190] ? fput+0xd4/0x150 [ 369.423386] ? SyS_write+0x15e/0x230 [ 369.427199] SyS_clone+0x37/0x50 [ 369.430565] ? sys_vfork+0x30/0x30 [ 369.434112] do_syscall_64+0x1e8/0x640 [ 369.438003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.442867] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 369.448060] RIP: 0033:0x459a59 [ 369.451255] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 369.458972] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 369.466423] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 369.473702] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 369.480990] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 369.488270] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 369.501476] FAULT_INJECTION: forcing a failure. [ 369.501476] name failslab, interval 1, probability 0, space 0, times 0 [ 369.513029] CPU: 0 PID: 19779 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 369.520066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.529448] Call Trace: [ 369.532066] dump_stack+0x138/0x197 [ 369.535709] should_fail.cold+0x10f/0x159 [ 369.539866] should_failslab+0xdb/0x130 [ 369.543853] kmem_cache_alloc_node_trace+0x280/0x770 [ 369.549148] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 369.554610] __kmalloc_node+0x3d/0x80 [ 369.558414] kvmalloc_node+0x4e/0xe0 [ 369.562133] alloc_fdtable+0xcf/0x280 [ 369.565937] dup_fd+0x693/0xa40 [ 369.569249] copy_process.part.0+0x1b5a/0x6a00 [ 369.573842] ? save_trace+0x290/0x290 [ 369.577638] ? proc_fail_nth_write+0x7d/0x180 [ 369.582158] ? proc_cwd_link+0x1b0/0x1b0 [ 369.586230] ? __cleanup_sighand+0x50/0x50 [ 369.590463] ? lock_downgrade+0x740/0x740 [ 369.594616] _do_fork+0x19e/0xce0 [ 369.598071] ? fork_idle+0x280/0x280 [ 369.601805] ? fput+0xd4/0x150 [ 369.605014] ? SyS_write+0x15e/0x230 [ 369.608946] SyS_clone+0x37/0x50 [ 369.612322] ? sys_vfork+0x30/0x30 [ 369.615871] do_syscall_64+0x1e8/0x640 [ 369.619764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.624748] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 369.629945] RIP: 0033:0x459a59 [ 369.633148] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 369.640863] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 369.648144] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 369.655423] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 369.662704] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 369.669979] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() socket$inet6(0xa, 0x2, 0x0) r1 = accept4$packet(r0, 0x0, &(0x7f0000000140), 0x0) recvmmsg(r1, &(0x7f0000008880), 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x0, 0x0) ioctl$sock_bt_hci(r3, 0x800448d4, &(0x7f0000000100)="d5c6f145b4f81ad0ba3754d0172a34a14a10b9d3f69ce3bbdfb0") sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x103400, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$SG_GET_COMMAND_Q(0xffffffffffffffff, 0x2270, &(0x7f0000000000)) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:02 executing program 4 (fault-call:14 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:02 executing program 0 (fault-call:13 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r6, 0x0) r7 = getegid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={r4, r6, r7}, 0xc) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) r8 = add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={'syz', 0x0}, &(0x7f00000002c0)="cdc8e9e6fb5dc5f7be0107fe31bc7aa21ecaec7a86b88a392dbeb0e689ee678467e4ede6389f4796580a7cf2c27b5a895b8afb15e4d36cfa8818631afff2a7b016b9cb5791ce08b69187dd608fd0f74077ab56474b9417a7fcc9b0029571f541fc4e4b3cc654fcc57e1a5748fa46d0d87fe3d1d10cc3a66ac251e5016c09e56aeb22fe323f88c5f1177eb4", 0x8b, 0x0) keyctl$revoke(0x3, r8) [ 370.301094] FAULT_INJECTION: forcing a failure. [ 370.301094] name failslab, interval 1, probability 0, space 0, times 0 [ 370.315136] CPU: 1 PID: 19816 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 370.316028] FAULT_INJECTION: forcing a failure. [ 370.316028] name failslab, interval 1, probability 0, space 0, times 0 [ 370.322209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.322214] Call Trace: [ 370.322233] dump_stack+0x138/0x197 [ 370.322250] should_fail.cold+0x10f/0x159 [ 370.322266] should_failslab+0xdb/0x130 [ 370.322279] kmem_cache_alloc+0x2d7/0x780 [ 370.322290] ? selinux_capable+0x36/0x40 [ 370.322303] create_new_namespaces+0x34/0x720 [ 370.322312] ? ns_capable_common+0x12c/0x160 [ 370.322324] copy_namespaces+0x284/0x310 [ 370.322335] copy_process.part.0+0x2603/0x6a00 [ 370.322351] ? proc_fail_nth_write+0x7d/0x180 [ 370.322360] ? proc_cwd_link+0x1b0/0x1b0 [ 370.322378] ? __cleanup_sighand+0x50/0x50 [ 370.322387] ? lock_downgrade+0x740/0x740 [ 370.322402] _do_fork+0x19e/0xce0 [ 370.322422] ? fork_idle+0x280/0x280 [ 370.322438] ? fput+0xd4/0x150 [ 370.322447] ? SyS_write+0x15e/0x230 [ 370.322460] SyS_clone+0x37/0x50 [ 370.322469] ? sys_vfork+0x30/0x30 [ 370.322480] do_syscall_64+0x1e8/0x640 [ 370.322495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.430255] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 370.435526] RIP: 0033:0x459a59 [ 370.438709] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 370.447016] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 370.454304] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 370.461599] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 370.469036] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 370.476296] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 370.483573] CPU: 0 PID: 19818 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 370.490783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.500147] Call Trace: [ 370.502767] dump_stack+0x138/0x197 [ 370.506415] should_fail.cold+0x10f/0x159 [ 370.510613] should_failslab+0xdb/0x130 [ 370.514603] kmem_cache_alloc_node_trace+0x280/0x770 [ 370.519736] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 370.525191] __kmalloc_node+0x3d/0x80 [ 370.528998] kvmalloc_node+0x4e/0xe0 [ 370.532707] alloc_fdtable+0xcf/0x280 [ 370.536506] dup_fd+0x693/0xa40 [ 370.539779] copy_process.part.0+0x1b5a/0x6a00 [ 370.544355] ? save_trace+0x290/0x290 [ 370.548150] ? proc_fail_nth_write+0x7d/0x180 [ 370.552651] ? proc_cwd_link+0x1b0/0x1b0 [ 370.556714] ? __cleanup_sighand+0x50/0x50 [ 370.560945] ? lock_downgrade+0x740/0x740 [ 370.565096] _do_fork+0x19e/0xce0 [ 370.568544] ? fork_idle+0x280/0x280 [ 370.572519] ? fput+0xd4/0x150 [ 370.575713] ? SyS_write+0x15e/0x230 [ 370.579434] SyS_clone+0x37/0x50 [ 370.582799] ? sys_vfork+0x30/0x30 [ 370.586336] do_syscall_64+0x1e8/0x640 [ 370.593177] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.598034] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 370.603218] RIP: 0033:0x459a59 [ 370.606406] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 370.614128] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 370.621401] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 370.628683] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 370.636050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 370.643328] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:03 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) openat$md(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/md0\x00', 0x408000, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000140)={0x60000001, 0x3, 0x11}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$UFFDIO_ZEROPAGE(r2, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x3}) rmdir(0x0) perf_event_open(&(0x7f00000000c0)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:03 executing program 4 (fault-call:14 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = socket$pptp(0x18, 0x1, 0x2) recvmmsg(r1, &(0x7f0000008880), 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket$inet_udplite(0x2, 0x2, 0x88) ptrace(0x10, 0x0) 17:46:03 executing program 0 (fault-call:13 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 371.221353] FAULT_INJECTION: forcing a failure. [ 371.221353] name failslab, interval 1, probability 0, space 0, times 0 [ 371.233041] CPU: 1 PID: 19851 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 371.240074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.246278] FAULT_INJECTION: forcing a failure. [ 371.246278] name failslab, interval 1, probability 0, space 0, times 0 [ 371.249455] Call Trace: [ 371.263511] dump_stack+0x138/0x197 [ 371.267157] should_fail.cold+0x10f/0x159 [ 371.271320] should_failslab+0xdb/0x130 [ 371.275298] kmem_cache_alloc_trace+0x2e9/0x790 [ 371.279969] ? retire_userns_sysctls+0x90/0x90 [ 371.284664] alloc_mnt_ns+0xde/0x450 [ 371.288378] copy_mnt_ns+0x95/0x8c0 [ 371.292000] ? kmem_cache_alloc+0x611/0x780 [ 371.296318] ? selinux_capable+0x36/0x40 [ 371.300550] create_new_namespaces+0xc9/0x720 [ 371.305037] ? ns_capable_common+0x12c/0x160 [ 371.309441] copy_namespaces+0x284/0x310 [ 371.313495] copy_process.part.0+0x2603/0x6a00 [ 371.318080] ? proc_fail_nth_write+0x7d/0x180 [ 371.322564] ? proc_cwd_link+0x1b0/0x1b0 [ 371.326803] ? __cleanup_sighand+0x50/0x50 [ 371.331117] ? lock_downgrade+0x740/0x740 [ 371.335258] _do_fork+0x19e/0xce0 [ 371.338703] ? fork_idle+0x280/0x280 [ 371.342418] ? fput+0xd4/0x150 [ 371.345604] ? SyS_write+0x15e/0x230 [ 371.349309] SyS_clone+0x37/0x50 [ 371.352665] ? sys_vfork+0x30/0x30 [ 371.356213] do_syscall_64+0x1e8/0x640 [ 371.360091] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.364939] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 371.371084] RIP: 0033:0x459a59 [ 371.374261] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 371.382483] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 371.389747] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 371.398222] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 371.405484] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 371.412744] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 371.420033] CPU: 0 PID: 19854 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 371.427058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.436408] Call Trace: [ 371.438990] dump_stack+0x138/0x197 [ 371.442608] should_fail.cold+0x10f/0x159 [ 371.446778] should_failslab+0xdb/0x130 [ 371.450927] kmem_cache_alloc_node_trace+0x280/0x770 [ 371.456048] ? kasan_unpoison_shadow+0x35/0x50 [ 371.460629] __kmalloc_node+0x3d/0x80 [ 371.464452] kvmalloc_node+0x4e/0xe0 [ 371.468162] alloc_fdtable+0x13b/0x280 [ 371.472044] dup_fd+0x693/0xa40 [ 371.475321] copy_process.part.0+0x1b5a/0x6a00 [ 371.479897] ? save_trace+0x290/0x290 [ 371.483684] ? proc_fail_nth_write+0x7d/0x180 [ 371.488161] ? proc_cwd_link+0x1b0/0x1b0 [ 371.492214] ? __cleanup_sighand+0x50/0x50 [ 371.496435] ? lock_downgrade+0x740/0x740 [ 371.500574] _do_fork+0x19e/0xce0 [ 371.504013] ? fork_idle+0x280/0x280 [ 371.507712] ? fput+0xd4/0x150 [ 371.510890] ? SyS_write+0x15e/0x230 [ 371.514588] SyS_clone+0x37/0x50 [ 371.517937] ? sys_vfork+0x30/0x30 [ 371.521474] do_syscall_64+0x1e8/0x640 [ 371.525423] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.530285] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 371.535465] RIP: 0033:0x459a59 [ 371.538641] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 371.546352] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 371.553710] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 371.560965] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 371.568229] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 371.575482] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:04 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) perf_event_open(&(0x7f000001d000)={0x7, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:04 executing program 0 (fault-call:13 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:04 executing program 4 (fault-call:14 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$SG_GET_LOW_DMA(r4, 0x227a, &(0x7f00000000c0)) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$IP_VS_SO_SET_DELDEST(r5, 0x0, 0x488, &(0x7f0000000100)={{0x87, @broadcast, 0x4e24, 0x0, 'ovf\x00', 0x20, 0x7, 0x42}, {@empty, 0x4e21, 0x10000, 0xef7, 0x4, 0xffffff66}}, 0x44) [ 372.156292] FAULT_INJECTION: forcing a failure. [ 372.156292] name failslab, interval 1, probability 0, space 0, times 0 [ 372.168207] CPU: 1 PID: 19894 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 372.172265] FAULT_INJECTION: forcing a failure. [ 372.172265] name failslab, interval 1, probability 0, space 0, times 0 [ 372.175239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.196116] Call Trace: [ 372.198710] dump_stack+0x138/0x197 [ 372.202342] should_fail.cold+0x10f/0x159 [ 372.206572] should_failslab+0xdb/0x130 [ 372.210539] kmem_cache_alloc+0x2d7/0x780 [ 372.214697] ? lock_downgrade+0x740/0x740 [ 372.218841] alloc_vfsmnt+0x28/0x7d0 [ 372.222552] clone_mnt+0x70/0xee0 [ 372.225998] ? is_subdir+0x222/0x389 [ 372.229721] copy_tree+0x33b/0x8a0 [ 372.233266] copy_mnt_ns+0x11c/0x8c0 [ 372.236989] ? kmem_cache_alloc+0x611/0x780 [ 372.241323] ? selinux_capable+0x36/0x40 [ 372.245403] create_new_namespaces+0xc9/0x720 [ 372.249907] ? ns_capable_common+0x12c/0x160 [ 372.254933] copy_namespaces+0x284/0x310 [ 372.259002] copy_process.part.0+0x2603/0x6a00 [ 372.263598] ? proc_fail_nth_write+0x7d/0x180 [ 372.268100] ? proc_cwd_link+0x1b0/0x1b0 [ 372.272173] ? __cleanup_sighand+0x50/0x50 [ 372.276416] ? lock_downgrade+0x740/0x740 [ 372.280573] _do_fork+0x19e/0xce0 [ 372.284042] ? fork_idle+0x280/0x280 [ 372.287759] ? fput+0xd4/0x150 [ 372.290950] ? SyS_write+0x15e/0x230 [ 372.294670] SyS_clone+0x37/0x50 [ 372.298035] ? sys_vfork+0x30/0x30 [ 372.301575] do_syscall_64+0x1e8/0x640 [ 372.305466] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.310323] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 372.315508] RIP: 0033:0x459a59 [ 372.318691] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 372.326432] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 372.333811] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 372.341073] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 372.348342] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 372.355641] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 372.365434] CPU: 0 PID: 19896 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 372.374326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.383814] Call Trace: [ 372.386414] dump_stack+0x138/0x197 [ 372.390493] should_fail.cold+0x10f/0x159 [ 372.394739] should_failslab+0xdb/0x130 [ 372.398820] kmem_cache_alloc+0x2d7/0x780 [ 372.403008] ? _raw_spin_unlock+0x2d/0x50 [ 372.407179] copy_process.part.0+0x3987/0x6a00 [ 372.411962] ? save_trace+0x290/0x290 [ 372.415777] ? proc_fail_nth_write+0x7d/0x180 [ 372.420546] ? proc_cwd_link+0x1b0/0x1b0 [ 372.424629] ? __cleanup_sighand+0x50/0x50 [ 372.428882] ? lock_downgrade+0x740/0x740 [ 372.433049] _do_fork+0x19e/0xce0 [ 372.436539] ? fork_idle+0x280/0x280 [ 372.440267] ? fput+0xd4/0x150 [ 372.443474] ? SyS_write+0x15e/0x230 [ 372.447216] SyS_clone+0x37/0x50 [ 372.450593] ? sys_vfork+0x30/0x30 [ 372.454161] do_syscall_64+0x1e8/0x640 [ 372.458060] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.462917] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 372.468284] RIP: 0033:0x459a59 [ 372.471475] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 372.479188] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 372.486461] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 372.493742] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 372.501026] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 372.508391] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:05 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x3f, 0x931e4421562e09a9) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x3, 0x0, 0x1, 0x401, 0x2}, 0x0, 0xe7ffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:05 executing program 0 (fault-call:13 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:05 executing program 4 (fault-call:14 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 373.090252] FAULT_INJECTION: forcing a failure. [ 373.090252] name failslab, interval 1, probability 0, space 0, times 0 [ 373.101687] CPU: 0 PID: 19936 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 373.102421] FAULT_INJECTION: forcing a failure. [ 373.102421] name failslab, interval 1, probability 0, space 0, times 0 [ 373.108730] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.108735] Call Trace: [ 373.108755] dump_stack+0x138/0x197 [ 373.108775] should_fail.cold+0x10f/0x159 [ 373.139919] should_failslab+0xdb/0x130 [ 373.143890] __kmalloc_track_caller+0x2ec/0x790 [ 373.148565] ? kstrdup_const+0x48/0x60 [ 373.152720] kstrdup+0x3a/0x70 [ 373.155924] kstrdup_const+0x48/0x60 [ 373.160029] alloc_vfsmnt+0xe5/0x7d0 [ 373.165072] clone_mnt+0x70/0xee0 [ 373.168556] ? is_subdir+0x222/0x389 [ 373.172277] copy_tree+0x33b/0x8a0 [ 373.175817] copy_mnt_ns+0x11c/0x8c0 [ 373.179524] ? kmem_cache_alloc+0x611/0x780 [ 373.183860] ? selinux_capable+0x36/0x40 [ 373.187917] create_new_namespaces+0xc9/0x720 [ 373.192576] ? ns_capable_common+0x12c/0x160 [ 373.196979] copy_namespaces+0x284/0x310 [ 373.201122] copy_process.part.0+0x2603/0x6a00 [ 373.205716] ? proc_fail_nth_write+0x7d/0x180 [ 373.210202] ? proc_cwd_link+0x1b0/0x1b0 [ 373.214382] ? __cleanup_sighand+0x50/0x50 [ 373.218787] ? lock_downgrade+0x740/0x740 [ 373.223028] _do_fork+0x19e/0xce0 [ 373.226478] ? fork_idle+0x280/0x280 [ 373.230186] ? fput+0xd4/0x150 [ 373.233373] ? SyS_write+0x15e/0x230 [ 373.237097] SyS_clone+0x37/0x50 [ 373.240455] ? sys_vfork+0x30/0x30 [ 373.243991] do_syscall_64+0x1e8/0x640 [ 373.247870] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.252729] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 373.257921] RIP: 0033:0x459a59 [ 373.261109] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 373.268816] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 373.276090] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 373.283624] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 373.290882] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 373.298144] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 373.305432] CPU: 1 PID: 19937 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 373.312463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.322066] Call Trace: [ 373.324926] dump_stack+0x138/0x197 [ 373.328558] should_fail.cold+0x10f/0x159 [ 373.332692] should_failslab+0xdb/0x130 [ 373.336652] kmem_cache_alloc+0x2d7/0x780 [ 373.340794] ? _raw_spin_unlock+0x2d/0x50 [ 373.344927] copy_process.part.0+0x3987/0x6a00 [ 373.349494] ? save_trace+0x290/0x290 [ 373.353277] ? proc_fail_nth_write+0x7d/0x180 [ 373.357754] ? proc_cwd_link+0x1b0/0x1b0 [ 373.361809] ? __cleanup_sighand+0x50/0x50 [ 373.366460] ? lock_downgrade+0x740/0x740 [ 373.370594] _do_fork+0x19e/0xce0 [ 373.374042] ? fork_idle+0x280/0x280 [ 373.377738] ? fput+0xd4/0x150 [ 373.380918] ? SyS_write+0x15e/0x230 [ 373.384615] SyS_clone+0x37/0x50 [ 373.387961] ? sys_vfork+0x30/0x30 [ 373.391487] do_syscall_64+0x1e8/0x640 [ 373.395356] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.400186] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 373.405369] RIP: 0033:0x459a59 [ 373.408548] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 373.416248] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 373.423500] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 373.431097] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 373.438371] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 373.445648] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:06 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000000), 0x40000000000040f, 0x40, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:06 executing program 4 (fault-call:14 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:06 executing program 0 (fault-call:13 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x20004881) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r4, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x267, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) fcntl$setpipe(r8, 0x407, 0x4e) write(r7, &(0x7f0000000340), 0x41395527) vmsplice(r6, &(0x7f00000001c0), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r9, 0x0) ioctl$KVM_IRQ_LINE(r9, 0x4008ae61, &(0x7f0000000100)={0x9, 0xcc}) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$ashmem(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ashmem\x00', 0x400000, 0x0) ptrace(0x10, 0x0) [ 374.007649] FAULT_INJECTION: forcing a failure. [ 374.007649] name failslab, interval 1, probability 0, space 0, times 0 [ 374.019127] CPU: 1 PID: 19972 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 374.026155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.035524] Call Trace: [ 374.038126] dump_stack+0x138/0x197 [ 374.041778] should_fail.cold+0x10f/0x159 [ 374.045985] should_failslab+0xdb/0x130 [ 374.049984] kmem_cache_alloc+0x2d7/0x780 [ 374.054146] ? selinux_capable+0x36/0x40 [ 374.058486] create_new_namespaces+0x34/0x720 [ 374.063093] ? ns_capable_common+0x12c/0x160 [ 374.067691] copy_namespaces+0x284/0x310 [ 374.071773] copy_process.part.0+0x2603/0x6a00 [ 374.076375] ? proc_fail_nth_write+0x7d/0x180 [ 374.080897] ? proc_cwd_link+0x1b0/0x1b0 [ 374.084978] ? __cleanup_sighand+0x50/0x50 [ 374.089295] ? lock_downgrade+0x740/0x740 [ 374.093478] _do_fork+0x19e/0xce0 [ 374.097057] ? fork_idle+0x280/0x280 [ 374.100786] ? fput+0xd4/0x150 [ 374.104009] ? SyS_write+0x15e/0x230 [ 374.107751] SyS_clone+0x37/0x50 [ 374.111226] ? sys_vfork+0x30/0x30 [ 374.114804] do_syscall_64+0x1e8/0x640 [ 374.118710] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.123572] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 374.128872] RIP: 0033:0x459a59 [ 374.132351] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 374.141721] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 374.149363] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 374.156647] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 374.164105] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 374.171388] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 374.180626] FAULT_INJECTION: forcing a failure. [ 374.180626] name failslab, interval 1, probability 0, space 0, times 0 [ 374.192271] CPU: 0 PID: 19976 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 374.199298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.208751] Call Trace: [ 374.211361] dump_stack+0x138/0x197 [ 374.215018] should_fail.cold+0x10f/0x159 [ 374.219189] should_failslab+0xdb/0x130 [ 374.223187] kmem_cache_alloc+0x2d7/0x780 [ 374.227356] ? lock_downgrade+0x740/0x740 [ 374.231514] alloc_vfsmnt+0x28/0x7d0 [ 374.235236] clone_mnt+0x70/0xee0 [ 374.238693] ? is_subdir+0x222/0x389 [ 374.242418] copy_tree+0x33b/0x8a0 [ 374.245974] copy_mnt_ns+0x11c/0x8c0 [ 374.249692] ? kmem_cache_alloc+0x611/0x780 [ 374.254025] ? selinux_capable+0x36/0x40 [ 374.258109] create_new_namespaces+0xc9/0x720 [ 374.262873] ? ns_capable_common+0x12c/0x160 [ 374.267291] copy_namespaces+0x284/0x310 [ 374.272236] copy_process.part.0+0x2603/0x6a00 [ 374.276848] ? proc_fail_nth_write+0x7d/0x180 [ 374.281346] ? proc_cwd_link+0x1b0/0x1b0 [ 374.285427] ? __cleanup_sighand+0x50/0x50 [ 374.289668] ? lock_downgrade+0x740/0x740 [ 374.293828] _do_fork+0x19e/0xce0 [ 374.297287] ? fork_idle+0x280/0x280 [ 374.301967] ? fput+0xd4/0x150 [ 374.305165] ? SyS_write+0x15e/0x230 [ 374.308891] SyS_clone+0x37/0x50 [ 374.312347] ? sys_vfork+0x30/0x30 [ 374.315893] do_syscall_64+0x1e8/0x640 [ 374.319783] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.324638] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 374.329833] RIP: 0033:0x459a59 [ 374.333023] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 374.340736] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 374.348013] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 374.355299] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 374.362577] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 374.369853] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:46:07 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0xffffffffffffffff, 0x0) 17:46:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = dup(0xffffffffffffffff) mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0) bind$x25(r4, &(0x7f0000000100)={0x9, @null=' \x00'}, 0x12) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f0000000040)={r6}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000240)={r6, 0x6}, &(0x7f00000002c0)=0x8) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x141400) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r9 = socket$key(0xf, 0x3, 0x2) ioctl$sock_SIOCOUTQ(r9, 0x5411, &(0x7f0000000300)) bind$nfc_llcp(r8, &(0x7f0000000140)={0x27, 0x1, 0x2, 0x3, 0x1, 0x0, "13b711a70cb17843b3896b9629e317a4031581de6cee41c6e0633c1fbc28ce754fb09be440150de520697616d1425e93c3088ffe4f2b1ab9947dd8b1c46e59", 0x1a}, 0x60) ioctl$int_in(r7, 0x5421, &(0x7f00000000c0)) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xfffffffffffffe67}}, 0x0) socketpair$unix(0x1, 0x80000000000003, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100021000000000000600000000000800120000ffff00000000000000000006000000000000000000800000000000e00000010000000000000000000035000000000000000000ee000003ed94c700030006000000000002000004000000bb000000000000000603000500000000000200423b000001000012b478407f86042bc09013709359b935ab9e5a390a25896ab301c5c94282c8be48dd14c1045f92d53fc3b5b0fae0c52c8903761aac908f10a830543070619fc3e79340774814cb020985f009bdea836e16a6d4b6c7d12dd4e8dd8f3873eab60527d974702a97a56ecd4bed513468a2ded8d345a0c5bf78b83376cc68c8bcac6448d25567a407df9fa87a1d460f10db175b91f568f0f35f31e16354cc044c0553a8ea6b4539efd2052595c01b44e88a359735c249db6cf97c351ae00d531e68cccc4dca4cd0451834e1671ea093f45502f5f19265addf57aeb05315ff6f972e40affcc5e01bff18c33a4319f9408bc9e81fd0ca9afc1feaf05ed49a"], 0x80}}, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmmsg(r2, &(0x7f0000000180), 0x40000000000015f, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:07 executing program 4 (fault-call:14 fault-nth:18): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:07 executing program 0 (fault-call:13 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 374.970143] FAULT_INJECTION: forcing a failure. [ 374.970143] name failslab, interval 1, probability 0, space 0, times 0 [ 374.981549] CPU: 1 PID: 20013 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 374.988604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.997967] Call Trace: [ 375.000573] dump_stack+0x138/0x197 [ 375.004217] should_fail.cold+0x10f/0x159 [ 375.008381] should_failslab+0xdb/0x130 [ 375.012367] __kmalloc_track_caller+0x2ec/0x790 [ 375.017050] ? kstrdup_const+0x48/0x60 [ 375.020945] kstrdup+0x3a/0x70 [ 375.024146] kstrdup_const+0x48/0x60 [ 375.027868] alloc_vfsmnt+0xe5/0x7d0 [ 375.031591] clone_mnt+0x70/0xee0 [ 375.035048] ? lock_downgrade+0x740/0x740 [ 375.039207] copy_tree+0x33b/0x8a0 [ 375.042761] copy_mnt_ns+0x11c/0x8c0 [ 375.046499] ? kmem_cache_alloc+0x611/0x780 [ 375.050830] ? selinux_capable+0x36/0x40 [ 375.054901] create_new_namespaces+0xc9/0x720 [ 375.059418] ? ns_capable_common+0x12c/0x160 [ 375.063844] copy_namespaces+0x284/0x310 [ 375.067925] copy_process.part.0+0x2603/0x6a00 [ 375.072523] ? proc_fail_nth_write+0x7d/0x180 [ 375.077027] ? proc_cwd_link+0x1b0/0x1b0 [ 375.081109] ? __cleanup_sighand+0x50/0x50 [ 375.085356] ? lock_downgrade+0x740/0x740 [ 375.089520] _do_fork+0x19e/0xce0 [ 375.092987] ? fork_idle+0x280/0x280 [ 375.096710] ? fput+0xd4/0x150 [ 375.099907] ? SyS_write+0x15e/0x230 [ 375.103642] SyS_clone+0x37/0x50 [ 375.107013] ? sys_vfork+0x30/0x30 [ 375.110562] do_syscall_64+0x1e8/0x640 [ 375.114456] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.119310] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 375.124510] RIP: 0033:0x459a59 [ 375.127702] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 375.136370] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 375.143645] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 375.150920] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 375.158193] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 375.165470] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 375.188949] FAULT_INJECTION: forcing a failure. [ 375.188949] name failslab, interval 1, probability 0, space 0, times 0 [ 375.200669] CPU: 1 PID: 20019 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 375.207706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.217068] Call Trace: [ 375.219759] dump_stack+0x138/0x197 [ 375.223405] should_fail.cold+0x10f/0x159 [ 375.227840] should_failslab+0xdb/0x130 [ 375.231838] kmem_cache_alloc+0x2d7/0x780 [ 375.236004] ? selinux_capable+0x36/0x40 [ 375.240174] create_new_namespaces+0x34/0x720 [ 375.244678] ? ns_capable_common+0x12c/0x160 [ 375.249101] copy_namespaces+0x284/0x310 [ 375.253178] copy_process.part.0+0x2603/0x6a00 [ 375.258657] ? retint_kernel+0x2d/0x2d [ 375.262572] ? __cleanup_sighand+0x50/0x50 [ 375.266824] ? lock_downgrade+0x740/0x740 [ 375.271020] _do_fork+0x19e/0xce0 [ 375.274518] ? fork_idle+0x280/0x280 [ 375.278853] ? fput+0xd4/0x150 [ 375.282057] ? SyS_write+0x15e/0x230 [ 375.285870] SyS_clone+0x37/0x50 [ 375.289240] ? sys_vfork+0x30/0x30 [ 375.292787] do_syscall_64+0x1e8/0x640 [ 375.296679] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.301573] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 375.306769] RIP: 0033:0x459a59 [ 375.309956] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 375.317673] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 375.324951] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 375.332840] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 375.340228] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 375.347510] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0xffffffffffffffff, 0x0) 17:46:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000180)={0x20, 0x2, 0x9, 0x100000000, 0x7}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r5, 0x0) ioctl$VIDIOC_G_EXT_CTRLS(r5, 0xc0205647, &(0x7f0000000140)={0x9e0000, 0xfff, 0xfffffff7, [], &(0x7f0000000100)={0x9c0906, 0x8001, [], @string=&(0x7f00000000c0)=0x7}}) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000000)=0xe1) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:08 executing program 0 (fault-call:13 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:08 executing program 4 (fault-call:14 fault-nth:19): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:08 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r5, 0x0) renameat2(r4, &(0x7f0000000100)='./file0\x00', r5, &(0x7f0000000140)='./file0\x00', 0x7) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 375.844464] FAULT_INJECTION: forcing a failure. [ 375.844464] name failslab, interval 1, probability 0, space 0, times 0 [ 375.855860] CPU: 1 PID: 20048 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 375.862886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.872230] Call Trace: [ 375.874814] dump_stack+0x138/0x197 [ 375.878429] should_fail.cold+0x10f/0x159 [ 375.882566] should_failslab+0xdb/0x130 [ 375.886829] kmem_cache_alloc+0x2d7/0x780 [ 375.890978] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 375.896085] alloc_vfsmnt+0x28/0x7d0 [ 375.899963] clone_mnt+0x70/0xee0 [ 375.903401] copy_tree+0xd0/0x8a0 [ 375.906860] copy_mnt_ns+0x11c/0x8c0 [ 375.910555] ? kmem_cache_alloc+0x611/0x780 [ 375.914874] ? selinux_capable+0x36/0x40 [ 375.918938] create_new_namespaces+0xc9/0x720 [ 375.923418] ? ns_capable_common+0x12c/0x160 [ 375.927810] copy_namespaces+0x284/0x310 [ 375.931856] copy_process.part.0+0x2603/0x6a00 [ 375.936429] ? proc_fail_nth_write+0x7d/0x180 [ 375.940910] ? proc_cwd_link+0x1b0/0x1b0 [ 375.944967] ? __cleanup_sighand+0x50/0x50 [ 375.949191] ? lock_downgrade+0x740/0x740 [ 375.953339] _do_fork+0x19e/0xce0 [ 375.956779] ? fork_idle+0x280/0x280 [ 375.960481] ? fput+0xd4/0x150 [ 375.963657] ? SyS_write+0x15e/0x230 [ 375.967356] SyS_clone+0x37/0x50 [ 375.970703] ? sys_vfork+0x30/0x30 [ 375.974230] do_syscall_64+0x1e8/0x640 [ 375.978971] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.983842] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 375.989027] RIP: 0033:0x459a59 [ 375.992211] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 375.999911] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 376.007180] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 376.014432] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 376.021686] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 376.028941] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 376.037729] FAULT_INJECTION: forcing a failure. [ 376.037729] name failslab, interval 1, probability 0, space 0, times 0 [ 376.049254] CPU: 1 PID: 20049 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 376.056292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.065651] Call Trace: [ 376.068241] dump_stack+0x138/0x197 [ 376.071863] should_fail.cold+0x10f/0x159 [ 376.076004] should_failslab+0xdb/0x130 [ 376.079963] kmem_cache_alloc+0x2d7/0x780 [ 376.084095] ? find_held_lock+0x35/0x130 [ 376.088139] ? copy_tree+0x4a2/0x8a0 [ 376.091837] alloc_vfsmnt+0x28/0x7d0 [ 376.095534] clone_mnt+0x70/0xee0 [ 376.098973] ? lock_downgrade+0x740/0x740 [ 376.103109] copy_tree+0x33b/0x8a0 [ 376.106635] copy_mnt_ns+0x11c/0x8c0 [ 376.110332] ? kmem_cache_alloc+0x611/0x780 [ 376.114641] ? selinux_capable+0x36/0x40 [ 376.118694] create_new_namespaces+0xc9/0x720 [ 376.123176] ? ns_capable_common+0x12c/0x160 [ 376.127757] copy_namespaces+0x284/0x310 [ 376.131808] copy_process.part.0+0x2603/0x6a00 [ 376.136378] ? proc_fail_nth_write+0x7d/0x180 [ 376.140854] ? proc_cwd_link+0x1b0/0x1b0 [ 376.144905] ? __cleanup_sighand+0x50/0x50 [ 376.149120] ? lock_downgrade+0x740/0x740 [ 376.153256] _do_fork+0x19e/0xce0 [ 376.156699] ? fork_idle+0x280/0x280 [ 376.160400] ? fput+0xd4/0x150 [ 376.163575] ? SyS_write+0x15e/0x230 [ 376.167274] SyS_clone+0x37/0x50 [ 376.170700] ? sys_vfork+0x30/0x30 [ 376.174223] do_syscall_64+0x1e8/0x640 [ 376.178094] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.183878] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 376.189164] RIP: 0033:0x459a59 [ 376.192336] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 376.200039] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 376.207291] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 376.214558] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 376.221809] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 376.229060] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:46:09 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0xffffffffffffffff, 0x0) 17:46:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETOWNER(r0, 0x400454cc, r1) getpid() r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:09 executing program 0 (fault-call:13 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:09 executing program 4 (fault-call:14 fault-nth:20): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="00727f59b2e6d08300000080000007"], 0x48}}, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='veth1\x00', 0x10) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 376.794531] FAULT_INJECTION: forcing a failure. [ 376.794531] name failslab, interval 1, probability 0, space 0, times 0 [ 376.806004] CPU: 0 PID: 20084 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 376.813032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.822399] Call Trace: [ 376.825013] dump_stack+0x138/0x197 [ 376.828661] should_fail.cold+0x10f/0x159 [ 376.832825] should_failslab+0xdb/0x130 [ 376.836815] kmem_cache_alloc+0x2d7/0x780 [ 376.840974] ? find_held_lock+0x35/0x130 [ 376.845045] ? copy_tree+0x4a2/0x8a0 [ 376.848769] alloc_vfsmnt+0x28/0x7d0 [ 376.852491] clone_mnt+0x70/0xee0 [ 376.855951] ? lock_downgrade+0x740/0x740 [ 376.861069] copy_tree+0x33b/0x8a0 [ 376.864622] copy_mnt_ns+0x11c/0x8c0 [ 376.868342] ? kmem_cache_alloc+0x611/0x780 [ 376.872686] ? selinux_capable+0x36/0x40 [ 376.876764] create_new_namespaces+0xc9/0x720 [ 376.881267] ? ns_capable_common+0x12c/0x160 [ 376.885688] copy_namespaces+0x284/0x310 [ 376.889852] copy_process.part.0+0x2603/0x6a00 [ 376.894452] ? proc_fail_nth_write+0x7d/0x180 [ 376.899050] ? proc_cwd_link+0x1b0/0x1b0 [ 376.905583] ? __cleanup_sighand+0x50/0x50 [ 376.909832] ? lock_downgrade+0x740/0x740 [ 376.914000] _do_fork+0x19e/0xce0 [ 376.917470] ? fork_idle+0x280/0x280 [ 376.921200] ? fput+0xd4/0x150 [ 376.924460] ? SyS_write+0x15e/0x230 [ 376.928182] SyS_clone+0x37/0x50 [ 376.931550] ? sys_vfork+0x30/0x30 [ 376.935098] do_syscall_64+0x1e8/0x640 [ 376.938993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.943849] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 376.949038] RIP: 0033:0x459a59 [ 376.952223] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 376.959932] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 376.967206] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 376.974490] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 376.982633] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 376.989909] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 376.997836] FAULT_INJECTION: forcing a failure. [ 376.997836] name failslab, interval 1, probability 0, space 0, times 0 [ 377.009464] CPU: 1 PID: 20085 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 377.016497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.025866] Call Trace: [ 377.025890] dump_stack+0x138/0x197 [ 377.025913] should_fail.cold+0x10f/0x159 [ 377.036258] should_failslab+0xdb/0x130 [ 377.040244] kmem_cache_alloc+0x2d7/0x780 [ 377.044401] ? lock_downgrade+0x740/0x740 [ 377.048555] alloc_vfsmnt+0x28/0x7d0 [ 377.052266] clone_mnt+0x70/0xee0 [ 377.052277] ? is_subdir+0x222/0x389 [ 377.052289] copy_tree+0x33b/0x8a0 [ 377.052304] copy_mnt_ns+0x11c/0x8c0 [ 377.052315] ? kmem_cache_alloc+0x611/0x780 [ 377.052328] ? selinux_capable+0x36/0x40 [ 377.052351] create_new_namespaces+0xc9/0x720 [ 377.071033] ? ns_capable_common+0x12c/0x160 [ 377.071047] copy_namespaces+0x284/0x310 [ 377.071060] copy_process.part.0+0x2603/0x6a00 [ 377.071081] ? proc_fail_nth_write+0x7d/0x180 [ 377.071088] ? proc_cwd_link+0x1b0/0x1b0 [ 377.071107] ? __cleanup_sighand+0x50/0x50 [ 377.084049] ? lock_downgrade+0x740/0x740 [ 377.084067] _do_fork+0x19e/0xce0 [ 377.097158] ? fork_idle+0x280/0x280 [ 377.097176] ? fput+0xd4/0x150 [ 377.119893] ? SyS_write+0x15e/0x230 [ 377.123617] SyS_clone+0x37/0x50 [ 377.126981] ? sys_vfork+0x30/0x30 [ 377.130537] do_syscall_64+0x1e8/0x640 [ 377.135051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.139920] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 377.145157] RIP: 0033:0x459a59 [ 377.148438] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 377.156233] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 377.156239] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 377.156246] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 377.156252] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 377.156258] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_QUERYCTRL(r2, 0xc0445624, &(0x7f00000000c0)={0x14000000, 0x101, "f2ffa0f8463f36dd78ee5c1cdb5c281f007bdf55c1993007e3f26b01f1358bcf", 0x400, 0x1, 0x7fff, 0x20}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='pids.events\x00', 0x0, 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r5, 0x0) renameat2(r4, &(0x7f0000000100)='./file0\x00', r5, &(0x7f0000000140)='./file0\x00', 0x7) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:10 executing program 4 (fault-call:14 fault-nth:21): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:10 executing program 0 (fault-call:13 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x8020200, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 377.788014] FAULT_INJECTION: forcing a failure. [ 377.788014] name failslab, interval 1, probability 0, space 0, times 0 [ 377.799325] CPU: 1 PID: 20125 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 377.806346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.815704] Call Trace: [ 377.818302] dump_stack+0x138/0x197 [ 377.821920] should_fail.cold+0x10f/0x159 [ 377.826060] should_failslab+0xdb/0x130 [ 377.830024] kmem_cache_alloc+0x2d7/0x780 [ 377.834165] ? find_held_lock+0x35/0x130 [ 377.838213] ? copy_tree+0x4a2/0x8a0 [ 377.841927] alloc_vfsmnt+0x28/0x7d0 [ 377.845624] clone_mnt+0x70/0xee0 [ 377.849059] ? lock_downgrade+0x740/0x740 [ 377.853194] copy_tree+0x33b/0x8a0 [ 377.856725] copy_mnt_ns+0x11c/0x8c0 [ 377.860421] ? kmem_cache_alloc+0x611/0x780 [ 377.864742] ? selinux_capable+0x36/0x40 [ 377.868798] create_new_namespaces+0xc9/0x720 [ 377.873280] ? ns_capable_common+0x12c/0x160 [ 377.877671] copy_namespaces+0x284/0x310 [ 377.881721] copy_process.part.0+0x2603/0x6a00 [ 377.886293] ? proc_fail_nth_write+0x7d/0x180 [ 377.890773] ? proc_cwd_link+0x1b0/0x1b0 [ 377.894825] ? __cleanup_sighand+0x50/0x50 [ 377.899042] ? lock_downgrade+0x740/0x740 [ 377.903201] _do_fork+0x19e/0xce0 [ 377.906672] ? fork_idle+0x280/0x280 [ 377.910400] ? fput+0xd4/0x150 [ 377.913605] ? SyS_write+0x15e/0x230 [ 377.917355] SyS_clone+0x37/0x50 [ 377.920732] ? sys_vfork+0x30/0x30 [ 377.924289] do_syscall_64+0x1e8/0x640 [ 377.928194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.933060] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 377.938255] RIP: 0033:0x459a59 [ 377.941446] RSP: 002b:00007fef9a149c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 377.949164] RAX: ffffffffffffffda RBX: 00007fef9a149c90 RCX: 0000000000459a59 [ 377.956441] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 377.963806] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 377.971123] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a14a6d4 [ 377.978421] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 378.225517] FAULT_INJECTION: forcing a failure. [ 378.225517] name failslab, interval 1, probability 0, space 0, times 0 [ 378.237367] CPU: 1 PID: 20135 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 378.244411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.253759] Call Trace: [ 378.257384] dump_stack+0x138/0x197 [ 378.261006] should_fail.cold+0x10f/0x159 [ 378.265150] should_failslab+0xdb/0x130 [ 378.269108] kmem_cache_alloc+0x2d7/0x780 [ 378.273242] ? lock_downgrade+0x740/0x740 [ 378.277382] alloc_vfsmnt+0x28/0x7d0 [ 378.281255] clone_mnt+0x70/0xee0 [ 378.284697] ? is_subdir+0x222/0x389 [ 378.288396] copy_tree+0x33b/0x8a0 [ 378.291925] copy_mnt_ns+0x11c/0x8c0 [ 378.295621] ? kmem_cache_alloc+0x611/0x780 [ 378.299924] ? selinux_capable+0x36/0x40 [ 378.303983] create_new_namespaces+0xc9/0x720 [ 378.308459] ? ns_capable_common+0x12c/0x160 [ 378.312854] copy_namespaces+0x284/0x310 [ 378.316985] copy_process.part.0+0x2603/0x6a00 [ 378.321558] ? proc_fail_nth_write+0x7d/0x180 [ 378.326035] ? proc_cwd_link+0x1b0/0x1b0 [ 378.330100] ? __cleanup_sighand+0x50/0x50 [ 378.334317] ? lock_downgrade+0x740/0x740 [ 378.338462] _do_fork+0x19e/0xce0 [ 378.341898] ? fork_idle+0x280/0x280 [ 378.345606] ? fput+0xd4/0x150 [ 378.348779] ? SyS_write+0x15e/0x230 [ 378.352479] SyS_clone+0x37/0x50 [ 378.355826] ? sys_vfork+0x30/0x30 [ 378.359349] do_syscall_64+0x1e8/0x640 [ 378.363217] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.368071] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 378.373257] RIP: 0033:0x459a59 [ 378.377218] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 378.384913] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 378.392177] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 378.399428] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 378.406715] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 378.414229] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) splice(r2, &(0x7f0000000000), r1, &(0x7f00000000c0)=0x2, 0x6, 0x8) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:11 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="00727f59b2e6d08300000080000007"], 0x48}}, 0x0) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='veth1\x00', 0x10) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:11 executing program 4 (fault-call:14 fault-nth:22): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:11 executing program 0 (fault-call:13 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:11 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) ioctl$PIO_UNIMAPCLR(0xffffffffffffffff, 0x4b68, &(0x7f00000000c0)={0x1, 0x59, 0x9}) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x81) socket$inet6_tcp(0xa, 0x1, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 378.722399] FAULT_INJECTION: forcing a failure. [ 378.722399] name failslab, interval 1, probability 0, space 0, times 0 [ 378.733887] CPU: 0 PID: 20162 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 378.741047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.750412] Call Trace: [ 378.753019] dump_stack+0x138/0x197 [ 378.756675] should_fail.cold+0x10f/0x159 [ 378.760837] should_failslab+0xdb/0x130 [ 378.764834] __kmalloc_track_caller+0x2ec/0x790 [ 378.769622] ? kstrdup_const+0x48/0x60 [ 378.773577] kstrdup+0x3a/0x70 [ 378.776792] kstrdup_const+0x48/0x60 [ 378.780527] alloc_vfsmnt+0xe5/0x7d0 [ 378.784259] clone_mnt+0x70/0xee0 [ 378.787718] ? lock_downgrade+0x740/0x740 [ 378.791881] copy_tree+0x33b/0x8a0 [ 378.795433] copy_mnt_ns+0x11c/0x8c0 [ 378.799151] ? kmem_cache_alloc+0x611/0x780 [ 378.803479] ? selinux_capable+0x36/0x40 [ 378.807574] create_new_namespaces+0xc9/0x720 [ 378.812078] ? ns_capable_common+0x12c/0x160 [ 378.816495] copy_namespaces+0x284/0x310 [ 378.820574] copy_process.part.0+0x2603/0x6a00 [ 378.826043] ? proc_fail_nth_write+0x7d/0x180 [ 378.830546] ? proc_cwd_link+0x1b0/0x1b0 [ 378.834624] ? __cleanup_sighand+0x50/0x50 [ 378.838867] ? lock_downgrade+0x740/0x740 [ 378.843027] _do_fork+0x19e/0xce0 [ 378.846489] ? fork_idle+0x280/0x280 [ 378.850192] ? fput+0xd4/0x150 [ 378.853380] ? SyS_write+0x15e/0x230 [ 378.857079] SyS_clone+0x37/0x50 [ 378.860444] ? sys_vfork+0x30/0x30 [ 378.863982] do_syscall_64+0x1e8/0x640 [ 378.867862] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.872690] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 378.878034] RIP: 0033:0x459a59 [ 378.881218] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 378.888908] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 378.896160] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 378.903414] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 378.910679] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 378.917941] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 379.116014] FAULT_INJECTION: forcing a failure. [ 379.116014] name failslab, interval 1, probability 0, space 0, times 0 [ 379.127432] CPU: 0 PID: 20173 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 379.134447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.143794] Call Trace: [ 379.146381] dump_stack+0x138/0x197 [ 379.150001] should_fail.cold+0x10f/0x159 [ 379.154403] should_failslab+0xdb/0x130 [ 379.158365] __kmalloc_track_caller+0x2ec/0x790 [ 379.163892] ? kstrdup_const+0x48/0x60 [ 379.167776] kstrdup+0x3a/0x70 [ 379.170950] kstrdup_const+0x48/0x60 [ 379.174648] alloc_vfsmnt+0xe5/0x7d0 [ 379.178345] clone_mnt+0x70/0xee0 [ 379.181782] ? is_subdir+0x222/0x389 [ 379.185480] copy_tree+0x33b/0x8a0 [ 379.189007] copy_mnt_ns+0x11c/0x8c0 [ 379.192711] ? kmem_cache_alloc+0x611/0x780 [ 379.197018] ? selinux_capable+0x36/0x40 [ 379.201065] create_new_namespaces+0xc9/0x720 [ 379.205563] ? ns_capable_common+0x12c/0x160 [ 379.210477] copy_namespaces+0x284/0x310 [ 379.214533] copy_process.part.0+0x2603/0x6a00 [ 379.219121] ? proc_fail_nth_write+0x7d/0x180 [ 379.223621] ? proc_cwd_link+0x1b0/0x1b0 [ 379.227707] ? __cleanup_sighand+0x50/0x50 [ 379.232222] ? lock_downgrade+0x740/0x740 [ 379.236370] _do_fork+0x19e/0xce0 [ 379.239809] ? fork_idle+0x280/0x280 [ 379.243601] ? fput+0xd4/0x150 [ 379.246776] ? SyS_write+0x15e/0x230 [ 379.250918] SyS_clone+0x37/0x50 [ 379.254295] ? sys_vfork+0x30/0x30 [ 379.257843] do_syscall_64+0x1e8/0x640 [ 379.261721] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.266567] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 379.271740] RIP: 0033:0x459a59 [ 379.274932] RSP: 002b:00007f1e158d8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 379.282635] RAX: ffffffffffffffda RBX: 00007f1e158d8c90 RCX: 0000000000459a59 [ 379.289888] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 379.297606] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 379.304860] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158d96d4 [ 379.312111] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) openat$cgroup_subtree(r3, &(0x7f0000000000)='cgroup.subtree_control\x00', 0x2, 0x0) rmdir(0x0) r4 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r4) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x3, 0x0, 0xc6af, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0xfffffffffffffff8}, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, r4, 0xd, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) modify_ldt$read(0x0, &(0x7f00000000c0)=""/121, 0x79) 17:46:12 executing program 4 (fault-call:14 fault-nth:23): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:12 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = dup(0xffffffffffffffff) mmap$binder(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x11, r2, 0x0) bind$x25(r4, &(0x7f0000000100)={0x9, @null=' \x00'}, 0x12) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f0000000040)={r6}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000240)={r6, 0x6}, &(0x7f00000002c0)=0x8) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000000000)='/dev/snd/controlC#\x00', 0x0, 0x141400) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r9 = socket$key(0xf, 0x3, 0x2) ioctl$sock_SIOCOUTQ(r9, 0x5411, &(0x7f0000000300)) bind$nfc_llcp(r8, &(0x7f0000000140)={0x27, 0x1, 0x2, 0x3, 0x1, 0x0, "13b711a70cb17843b3896b9629e317a4031581de6cee41c6e0633c1fbc28ce754fb09be440150de520697616d1425e93c3088ffe4f2b1ab9947dd8b1c46e59", 0x1a}, 0x60) ioctl$int_in(r7, 0x5421, &(0x7f00000000c0)) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:12 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x9, 0x40001) getsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000100), &(0x7f0000000140)=0x10) open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x7, 0xfffffffffffffffb, 0x2}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:12 executing program 0 (fault-call:13 fault-nth:18): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 379.683864] FAULT_INJECTION: forcing a failure. [ 379.683864] name failslab, interval 1, probability 0, space 0, times 0 [ 379.695430] CPU: 0 PID: 20207 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 379.702559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.711913] Call Trace: [ 379.714499] dump_stack+0x138/0x197 [ 379.718118] should_fail.cold+0x10f/0x159 [ 379.722251] should_failslab+0xdb/0x130 [ 379.726216] kmem_cache_alloc+0x2d7/0x780 [ 379.730369] ? find_held_lock+0x35/0x130 [ 379.734414] ? copy_tree+0x4a2/0x8a0 [ 379.738110] alloc_vfsmnt+0x28/0x7d0 [ 379.741808] clone_mnt+0x70/0xee0 [ 379.745240] ? lock_downgrade+0x740/0x740 [ 379.749400] copy_tree+0x33b/0x8a0 [ 379.752937] copy_mnt_ns+0x11c/0x8c0 [ 379.756653] ? kmem_cache_alloc+0x611/0x780 [ 379.760978] ? selinux_capable+0x36/0x40 [ 379.765031] create_new_namespaces+0xc9/0x720 [ 379.769511] ? ns_capable_common+0x12c/0x160 [ 379.773914] copy_namespaces+0x284/0x310 [ 379.777958] copy_process.part.0+0x2603/0x6a00 [ 379.782528] ? proc_fail_nth_write+0x7d/0x180 [ 379.787005] ? proc_cwd_link+0x1b0/0x1b0 [ 379.791054] ? __cleanup_sighand+0x50/0x50 [ 379.795282] ? lock_downgrade+0x740/0x740 [ 379.799428] _do_fork+0x19e/0xce0 [ 379.802867] ? fork_idle+0x280/0x280 [ 379.806567] ? fput+0xd4/0x150 [ 379.809753] ? SyS_write+0x15e/0x230 [ 379.813551] SyS_clone+0x37/0x50 [ 379.816901] ? sys_vfork+0x30/0x30 [ 379.820428] do_syscall_64+0x1e8/0x640 [ 379.824304] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.829219] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 379.834391] RIP: 0033:0x459a59 [ 379.837571] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 379.845274] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 379.852538] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 379.859790] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 379.867052] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 379.874306] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 380.107098] FAULT_INJECTION: forcing a failure. [ 380.107098] name failslab, interval 1, probability 0, space 0, times 0 [ 380.118464] CPU: 1 PID: 20215 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 380.125486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.134835] Call Trace: [ 380.137441] dump_stack+0x138/0x197 [ 380.141067] should_fail.cold+0x10f/0x159 [ 380.145215] should_failslab+0xdb/0x130 [ 380.149176] __kmalloc_track_caller+0x2ec/0x790 [ 380.153840] ? kstrdup_const+0x48/0x60 [ 380.157713] kstrdup+0x3a/0x70 [ 380.160888] kstrdup_const+0x48/0x60 [ 380.164591] alloc_vfsmnt+0xe5/0x7d0 [ 380.168287] clone_mnt+0x70/0xee0 [ 380.171722] ? lock_downgrade+0x740/0x740 [ 380.177865] copy_tree+0x33b/0x8a0 [ 380.181396] copy_mnt_ns+0x11c/0x8c0 [ 380.185093] ? kmem_cache_alloc+0x611/0x780 [ 380.189400] ? selinux_capable+0x36/0x40 [ 380.193458] create_new_namespaces+0xc9/0x720 [ 380.198078] ? ns_capable_common+0x12c/0x160 [ 380.202500] copy_namespaces+0x284/0x310 [ 380.206576] copy_process.part.0+0x2603/0x6a00 [ 380.211176] ? proc_fail_nth_write+0x7d/0x180 [ 380.215677] ? proc_cwd_link+0x1b0/0x1b0 [ 380.219748] ? __cleanup_sighand+0x50/0x50 [ 380.223993] ? lock_downgrade+0x740/0x740 [ 380.228305] _do_fork+0x19e/0xce0 [ 380.231758] ? fork_idle+0x280/0x280 [ 380.235466] ? fput+0xd4/0x150 [ 380.238651] ? SyS_write+0x15e/0x230 [ 380.242351] SyS_clone+0x37/0x50 [ 380.245717] ? sys_vfork+0x30/0x30 [ 380.249265] do_syscall_64+0x1e8/0x640 [ 380.253153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.257984] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 380.263273] RIP: 0033:0x459a59 [ 380.266485] RSP: 002b:00007f1e158d8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 380.274204] RAX: ffffffffffffffda RBX: 00007f1e158d8c90 RCX: 0000000000459a59 [ 380.281564] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 380.288842] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 380.297231] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158d96d4 [ 380.304756] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) r0 = getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x1, 0x0, 0xfffffffc, 0x5, 0x0, 0x0, 0x3}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) r7 = getpgid(r0) sched_setattr(r7, &(0x7f00000002c0)={0x30, 0x6, 0x1, 0x8, 0x6, 0x37, 0x9}, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="48000000100005070000000000000000000094e8", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="740038b7c7dccf27e6bd0000f7143f82578146d97c661bab2a0c5363cf5c625b109a9e69fb643b76f48c15a1aa1863cd459055020076411ed2751ccfd8f9bbdd07309bb0d94ce22da4a2498116d71d81302124dde214989ea912bf03b7e9d6693105b700b643b9227400dd5f84fe182ca2b7630ffceae782565e3f954e79929fc2", @ANYRES32=r8, @ANYBLOB="00000000ffffffff00000000080001007366710048000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a9ea300"/92], 0x74}}, 0x0) r9 = socket(0x10, 0x803, 0x0) openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20ncci\x00', 0x8000, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) fcntl$setpipe(r9, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:13 executing program 4 (fault-call:14 fault-nth:24): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:13 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x8, 0x2) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f0000000140)=""/116) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) openat$cachefiles(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cachefiles\x00', 0x8000, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x11, r0) 17:46:13 executing program 0 (fault-call:13 fault-nth:19): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() getpid() ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000000c0)=0x0) sched_setattr(r1, &(0x7f0000000040)={0xfffffffffffffe9b, 0x2, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) ftruncate(r4, 0x4) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="4800000010000507000000000000000000000000ce5a0731e5302c160d535d09dad2d4ed1e840faf3eecf9b73ce978b4c0970991ac41a8247e226c6cbe45660b92d705fba126123c8ea4ba3d1c4001a7702d03972a73397b15ebe1f0", @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x290, r9, 0x701, 0x0, 0x0, {0x7, 0x0, 0x1a0ffffffff}}, 0x323}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r5, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x28, r9, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x14, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'teql0\x00'}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24008000}, 0x200404c8) socket(0x840000000002, 0x3, 0x200000000000ff) r10 = socket$netlink(0x10, 0x3, 0x0) r11 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)='trusted.overlay.origin\x00', &(0x7f00000002c0)='y\x00', 0x2, 0x1) getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="48000000100005070000000000000000000000005b775cec724f345280de28aaeac18f1fa0c8517c11281ad543addf81e4159b27bda8e7ef9967ec79de692ef29ac1d19494d82827501b25c74b9df71d3a", @ANYRES32=r12, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) ioctl$FS_IOC_FSSETXATTR(r10, 0x401c5820, &(0x7f0000000100)={0x5, 0x1000, 0x5, 0x1, 0x6}) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 380.523774] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=56519 sclass=netlink_route_socket pig=20235 comm=syz-executor.3 [ 380.569514] FAULT_INJECTION: forcing a failure. [ 380.569514] name failslab, interval 1, probability 0, space 0, times 0 [ 380.583351] CPU: 1 PID: 20242 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 380.590570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.599933] Call Trace: [ 380.602543] dump_stack+0x138/0x197 [ 380.606201] should_fail.cold+0x10f/0x159 [ 380.610385] should_failslab+0xdb/0x130 [ 380.614824] __kmalloc_track_caller+0x2ec/0x790 [ 380.619532] ? kstrdup_const+0x48/0x60 [ 380.623448] kstrdup+0x3a/0x70 [ 380.626655] kstrdup_const+0x48/0x60 [ 380.630384] alloc_vfsmnt+0xe5/0x7d0 [ 380.634122] clone_mnt+0x70/0xee0 [ 380.637570] ? lock_downgrade+0x740/0x740 [ 380.641735] copy_tree+0x33b/0x8a0 [ 380.645277] copy_mnt_ns+0x11c/0x8c0 [ 380.648987] ? kmem_cache_alloc+0x611/0x780 [ 380.653293] ? selinux_capable+0x36/0x40 [ 380.657349] create_new_namespaces+0xc9/0x720 [ 380.661826] ? ns_capable_common+0x12c/0x160 [ 380.666240] copy_namespaces+0x284/0x310 [ 380.670342] copy_process.part.0+0x2603/0x6a00 [ 380.674929] ? proc_fail_nth_write+0x7d/0x180 [ 380.679441] ? proc_cwd_link+0x1b0/0x1b0 [ 380.683502] ? __cleanup_sighand+0x50/0x50 [ 380.687723] ? lock_downgrade+0x740/0x740 [ 380.691864] _do_fork+0x19e/0xce0 [ 380.695321] ? fork_idle+0x280/0x280 [ 380.699059] ? fput+0xd4/0x150 [ 380.702251] ? SyS_write+0x15e/0x230 [ 380.705952] SyS_clone+0x37/0x50 [ 380.709304] ? sys_vfork+0x30/0x30 [ 380.712842] do_syscall_64+0x1e8/0x640 [ 380.716725] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.721558] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 380.726730] RIP: 0033:0x459a59 [ 380.729910] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 380.737617] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 380.744872] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 380.752125] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 380.759478] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 380.766752] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 381.001685] FAULT_INJECTION: forcing a failure. [ 381.001685] name failslab, interval 1, probability 0, space 0, times 0 [ 381.013026] CPU: 1 PID: 20253 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 381.020046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.030796] Call Trace: [ 381.033402] dump_stack+0x138/0x197 [ 381.037022] should_fail.cold+0x10f/0x159 [ 381.041160] should_failslab+0xdb/0x130 [ 381.045125] __kmalloc_track_caller+0x2ec/0x790 [ 381.049955] ? kstrdup_const+0x48/0x60 [ 381.053829] kstrdup+0x3a/0x70 [ 381.057011] kstrdup_const+0x48/0x60 [ 381.060729] alloc_vfsmnt+0xe5/0x7d0 [ 381.064429] clone_mnt+0x70/0xee0 [ 381.067873] ? lock_downgrade+0x740/0x740 [ 381.072009] copy_tree+0x33b/0x8a0 [ 381.075562] copy_mnt_ns+0x11c/0x8c0 [ 381.079259] ? kmem_cache_alloc+0x611/0x780 [ 381.083568] ? selinux_capable+0x36/0x40 [ 381.087623] create_new_namespaces+0xc9/0x720 [ 381.092113] ? ns_capable_common+0x12c/0x160 [ 381.096508] copy_namespaces+0x284/0x310 [ 381.100663] copy_process.part.0+0x2603/0x6a00 [ 381.105276] ? proc_fail_nth_write+0x7d/0x180 [ 381.109771] ? proc_cwd_link+0x1b0/0x1b0 [ 381.113863] ? __cleanup_sighand+0x50/0x50 [ 381.118107] ? lock_downgrade+0x740/0x740 [ 381.122249] _do_fork+0x19e/0xce0 [ 381.125689] ? fork_idle+0x280/0x280 [ 381.129392] ? fput+0xd4/0x150 [ 381.132570] ? SyS_write+0x15e/0x230 [ 381.136273] SyS_clone+0x37/0x50 [ 381.139638] ? sys_vfork+0x30/0x30 [ 381.143190] do_syscall_64+0x1e8/0x640 [ 381.147076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.151915] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.157089] RIP: 0033:0x459a59 [ 381.160263] RSP: 002b:00007f1e158d8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 381.167955] RAX: ffffffffffffffda RBX: 00007f1e158d8c90 RCX: 0000000000459a59 [ 381.175308] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 381.182565] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 381.189820] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158d96d4 [ 381.197074] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000014c0)={0x1, &(0x7f0000000240)=[{0x3, 0x3f}]}) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r4 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) recvmsg(r4, &(0x7f00000001c0)={&(0x7f00000000c0)=@isdn, 0x80, &(0x7f0000000180)=[{&(0x7f0000000000)=""/40, 0x28}, {&(0x7f00000002c0)=""/199, 0xc7}, {&(0x7f0000000140)=""/14, 0xe}, {&(0x7f00000003c0)=""/215, 0xd7}], 0x4, &(0x7f00000004c0)=""/4096, 0x1000}, 0x1) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:13 executing program 4 (fault-call:14 fault-nth:25): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:14 executing program 1 (fault-call:17 fault-nth:0): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 381.349340] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. [ 381.359707] netlink: 636 bytes leftover after parsing attributes in process `syz-executor.2'. [ 381.370542] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.2'. 17:46:14 executing program 0 (fault-call:13 fault-nth:20): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 381.531355] FAULT_INJECTION: forcing a failure. [ 381.531355] name failslab, interval 1, probability 0, space 0, times 0 [ 381.542698] CPU: 0 PID: 20285 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 381.549725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.559072] Call Trace: [ 381.561658] dump_stack+0x138/0x197 [ 381.565280] should_fail.cold+0x10f/0x159 [ 381.569417] should_failslab+0xdb/0x130 [ 381.573375] kmem_cache_alloc+0x2d7/0x780 [ 381.578117] ? find_held_lock+0x35/0x130 [ 381.582164] ? copy_tree+0x4a2/0x8a0 [ 381.585861] alloc_vfsmnt+0x28/0x7d0 [ 381.590430] clone_mnt+0x70/0xee0 [ 381.593869] ? lock_downgrade+0x740/0x740 [ 381.598015] copy_tree+0x33b/0x8a0 [ 381.601545] copy_mnt_ns+0x11c/0x8c0 [ 381.605255] ? kmem_cache_alloc+0x611/0x780 [ 381.609584] ? selinux_capable+0x36/0x40 [ 381.613673] create_new_namespaces+0xc9/0x720 [ 381.618165] ? ns_capable_common+0x12c/0x160 [ 381.622581] copy_namespaces+0x284/0x310 [ 381.626658] copy_process.part.0+0x2603/0x6a00 [ 381.631245] ? proc_fail_nth_write+0x7d/0x180 [ 381.635724] ? proc_cwd_link+0x1b0/0x1b0 [ 381.639778] ? __cleanup_sighand+0x50/0x50 [ 381.644044] ? lock_downgrade+0x740/0x740 [ 381.648180] _do_fork+0x19e/0xce0 [ 381.651710] ? fork_idle+0x280/0x280 [ 381.655409] ? fput+0xd4/0x150 [ 381.658584] ? SyS_write+0x15e/0x230 [ 381.662284] SyS_clone+0x37/0x50 [ 381.667568] ? sys_vfork+0x30/0x30 [ 381.671106] do_syscall_64+0x1e8/0x640 [ 381.675063] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.679894] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.685183] RIP: 0033:0x459a59 [ 381.688625] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 381.696592] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 381.704654] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 381.711924] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 381.719262] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 381.726535] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 381.736408] FAULT_INJECTION: forcing a failure. [ 381.736408] name failslab, interval 1, probability 0, space 0, times 0 [ 381.748186] CPU: 0 PID: 20288 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 381.755243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.766205] Call Trace: [ 381.768807] dump_stack+0x138/0x197 [ 381.772912] should_fail.cold+0x10f/0x159 [ 381.777098] should_failslab+0xdb/0x130 [ 381.781091] kmem_cache_alloc_node+0x287/0x780 [ 381.785695] ? get_pid_task+0x98/0x140 [ 381.790031] copy_process.part.0+0x17d5/0x6a00 [ 381.794637] ? save_trace+0x290/0x290 [ 381.798443] ? proc_fail_nth_write+0x7d/0x180 [ 381.802941] ? proc_cwd_link+0x1b0/0x1b0 [ 381.807008] ? __f_unlock_pos+0x19/0x20 [ 381.810992] ? find_held_lock+0x35/0x130 [ 381.815064] ? __cleanup_sighand+0x50/0x50 [ 381.819302] ? lock_downgrade+0x740/0x740 [ 381.823472] _do_fork+0x19e/0xce0 [ 381.827195] ? fork_idle+0x280/0x280 [ 381.830943] ? fput+0xd4/0x150 [ 381.834147] ? SyS_write+0x15e/0x230 [ 381.837870] SyS_clone+0x37/0x50 [ 381.841258] ? sys_vfork+0x30/0x30 [ 381.844801] do_syscall_64+0x1e8/0x640 [ 381.848694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.853554] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.859009] RIP: 0033:0x459a59 [ 381.862195] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 381.870081] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 381.877356] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 381.884721] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 381.892261] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 381.899639] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 381.913003] FAULT_INJECTION: forcing a failure. [ 381.913003] name failslab, interval 1, probability 0, space 0, times 0 [ 381.924656] CPU: 1 PID: 20293 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 381.932131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.941503] Call Trace: [ 381.944089] dump_stack+0x138/0x197 [ 381.948423] should_fail.cold+0x10f/0x159 [ 381.952577] should_failslab+0xdb/0x130 [ 381.956557] kmem_cache_alloc+0x2d7/0x780 [ 381.960688] ? find_held_lock+0x35/0x130 [ 381.964737] ? copy_tree+0x4a2/0x8a0 [ 381.968456] alloc_vfsmnt+0x28/0x7d0 [ 381.972163] clone_mnt+0x70/0xee0 [ 381.975611] ? lock_downgrade+0x740/0x740 [ 381.979764] copy_tree+0x33b/0x8a0 [ 381.983292] copy_mnt_ns+0x11c/0x8c0 [ 381.986989] ? kmem_cache_alloc+0x611/0x780 [ 381.991304] ? selinux_capable+0x36/0x40 [ 381.995359] create_new_namespaces+0xc9/0x720 [ 381.999839] ? ns_capable_common+0x12c/0x160 [ 382.004232] copy_namespaces+0x284/0x310 [ 382.008402] copy_process.part.0+0x2603/0x6a00 [ 382.012991] ? proc_fail_nth_write+0x7d/0x180 [ 382.017482] ? proc_cwd_link+0x1b0/0x1b0 [ 382.021546] ? __cleanup_sighand+0x50/0x50 [ 382.025765] ? lock_downgrade+0x740/0x740 [ 382.029904] _do_fork+0x19e/0xce0 [ 382.033527] ? fork_idle+0x280/0x280 [ 382.037229] ? fput+0xd4/0x150 [ 382.040409] ? SyS_write+0x15e/0x230 [ 382.044112] SyS_clone+0x37/0x50 [ 382.047463] ? sys_vfork+0x30/0x30 [ 382.050998] do_syscall_64+0x1e8/0x640 [ 382.054869] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.059960] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 382.065147] RIP: 0033:0x459a59 [ 382.068416] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 382.076108] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 382.083364] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 382.090616] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 382.097876] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 382.105128] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = socket$rxrpc(0x21, 0x2, 0x2) setsockopt$RXRPC_UPGRADEABLE_SERVICE(r2, 0x110, 0x5, &(0x7f0000000000)=[0x0, 0x3], 0x2) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe07, 0x0, @perf_bp={&(0x7f00000000c0), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x9, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:14 executing program 1 (fault-call:17 fault-nth:1): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:14 executing program 4 (fault-call:14 fault-nth:26): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x3c) ptrace$cont(0x18, r4, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r4, 0x0, 0x0) migrate_pages(r0, 0xffffffffffffffff, &(0x7f0000000140)=0xca1, &(0x7f0000000180)=0xf384) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:14 executing program 0 (fault-call:13 fault-nth:21): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 382.483535] FAULT_INJECTION: forcing a failure. [ 382.483535] name failslab, interval 1, probability 0, space 0, times 0 [ 382.494981] CPU: 0 PID: 20319 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 382.502021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.511538] Call Trace: [ 382.514397] dump_stack+0x138/0x197 [ 382.518039] should_fail.cold+0x10f/0x159 [ 382.522533] should_failslab+0xdb/0x130 [ 382.526534] kmem_cache_alloc+0x2d7/0x780 [ 382.530686] ? find_held_lock+0x35/0x130 [ 382.534751] ? copy_tree+0x4a2/0x8a0 [ 382.538511] alloc_vfsmnt+0x28/0x7d0 [ 382.542427] clone_mnt+0x70/0xee0 [ 382.542799] FAULT_INJECTION: forcing a failure. [ 382.542799] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 382.545892] ? lock_downgrade+0x740/0x740 [ 382.562048] copy_tree+0x33b/0x8a0 [ 382.565598] copy_mnt_ns+0x11c/0x8c0 [ 382.569306] ? kmem_cache_alloc+0x611/0x780 [ 382.573620] ? selinux_capable+0x36/0x40 [ 382.577680] create_new_namespaces+0xc9/0x720 [ 382.582165] ? ns_capable_common+0x12c/0x160 [ 382.586609] copy_namespaces+0x284/0x310 [ 382.590678] copy_process.part.0+0x2603/0x6a00 [ 382.595261] ? proc_fail_nth_write+0x7d/0x180 [ 382.600034] ? proc_cwd_link+0x1b0/0x1b0 [ 382.604126] ? __cleanup_sighand+0x50/0x50 [ 382.608359] ? lock_downgrade+0x740/0x740 [ 382.612507] _do_fork+0x19e/0xce0 [ 382.615963] ? fork_idle+0x280/0x280 [ 382.619927] ? fput+0xd4/0x150 [ 382.623196] ? SyS_write+0x15e/0x230 [ 382.627162] SyS_clone+0x37/0x50 [ 382.630515] ? sys_vfork+0x30/0x30 [ 382.634045] do_syscall_64+0x1e8/0x640 [ 382.637920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.642758] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 382.647932] RIP: 0033:0x459a59 [ 382.651123] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 382.658822] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 382.666179] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 382.673439] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 382.680883] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 382.688312] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 382.695762] CPU: 1 PID: 20324 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 382.702796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.712201] Call Trace: [ 382.715077] dump_stack+0x138/0x197 [ 382.719005] should_fail.cold+0x10f/0x159 [ 382.723298] __alloc_pages_nodemask+0x1d6/0x7a0 [ 382.727982] ? fs_reclaim_acquire+0x20/0x20 [ 382.732327] ? __alloc_pages_slowpath+0x2930/0x2930 [ 382.737632] cache_grow_begin+0x80/0x400 [ 382.741727] kmem_cache_alloc_node+0x6a4/0x780 [ 382.746315] ? get_pid_task+0x98/0x140 [ 382.750282] copy_process.part.0+0x17d5/0x6a00 [ 382.754877] ? save_trace+0x290/0x290 [ 382.758682] ? proc_fail_nth_write+0x7d/0x180 [ 382.763194] ? proc_cwd_link+0x1b0/0x1b0 [ 382.767361] ? __f_unlock_pos+0x19/0x20 [ 382.771344] ? find_held_lock+0x35/0x130 [ 382.775421] ? __cleanup_sighand+0x50/0x50 [ 382.779668] ? lock_downgrade+0x740/0x740 [ 382.784018] _do_fork+0x19e/0xce0 [ 382.787484] ? fork_idle+0x280/0x280 [ 382.791207] ? fput+0xd4/0x150 [ 382.794415] ? SyS_write+0x15e/0x230 [ 382.798395] SyS_clone+0x37/0x50 [ 382.801771] ? sys_vfork+0x30/0x30 [ 382.805344] do_syscall_64+0x1e8/0x640 [ 382.809233] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 382.814111] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 382.819310] RIP: 0033:0x459a59 [ 382.822673] RSP: 002b:00007f0dce39dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 382.830384] RAX: ffffffffffffffda RBX: 00007f0dce39dc90 RCX: 0000000000459a59 [ 382.839221] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 382.846503] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 382.853779] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce39e6d4 [ 382.861138] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 382.901927] FAULT_INJECTION: forcing a failure. [ 382.901927] name failslab, interval 1, probability 0, space 0, times 0 [ 382.913606] CPU: 1 PID: 20322 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 382.920644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.930007] Call Trace: [ 382.932618] dump_stack+0x138/0x197 [ 382.936266] should_fail.cold+0x10f/0x159 [ 382.940431] should_failslab+0xdb/0x130 [ 382.944421] __kmalloc_track_caller+0x2ec/0x790 [ 382.949109] ? kstrdup_const+0x48/0x60 [ 382.953096] kstrdup+0x3a/0x70 [ 382.956294] kstrdup_const+0x48/0x60 [ 382.956308] alloc_vfsmnt+0xe5/0x7d0 [ 382.956320] clone_mnt+0x70/0xee0 [ 382.956333] copy_tree+0x33b/0x8a0 [ 382.956348] copy_mnt_ns+0x11c/0x8c0 [ 382.956357] ? kmem_cache_alloc+0x611/0x780 [ 382.956368] ? selinux_capable+0x36/0x40 [ 382.956381] create_new_namespaces+0xc9/0x720 [ 382.956390] ? ns_capable_common+0x12c/0x160 [ 382.956399] copy_namespaces+0x284/0x310 [ 382.956409] copy_process.part.0+0x2603/0x6a00 [ 382.956423] ? proc_fail_nth_write+0x7d/0x180 [ 382.956430] ? proc_cwd_link+0x1b0/0x1b0 [ 382.956446] ? __cleanup_sighand+0x50/0x50 [ 383.014172] ? lock_downgrade+0x740/0x740 [ 383.018310] _do_fork+0x19e/0xce0 [ 383.021754] ? fork_idle+0x280/0x280 [ 383.025465] ? fput+0xd4/0x150 [ 383.028662] ? SyS_write+0x15e/0x230 [ 383.032360] SyS_clone+0x37/0x50 [ 383.036663] ? sys_vfork+0x30/0x30 [ 383.040189] do_syscall_64+0x1e8/0x640 [ 383.044153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.049007] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 383.054180] RIP: 0033:0x459a59 [ 383.057353] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 383.065930] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 383.073183] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 383.080590] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 383.087851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 383.095106] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:15 executing program 1 (fault-call:17 fault-nth:2): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:15 executing program 4 (fault-call:14 fault-nth:27): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() getsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0x15b, &(0x7f0000000240)=""/34, &(0x7f00000002c0)=0x22) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='G\xe8\x00', 0x98fe29520a37e8b2, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x2) r4 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe) add_key$user(&(0x7f0000000140)='user\x00', &(0x7f00000000c0)={'syz'}, &(0x7f0000000900)="585ccbc4ed83b836c1a6474914dc5500b66147b3c7218a91690000000042e3d35228897501f93191b076ac446ff0022b8753a1fa74ff569f435fb3bae96efb74b50ec93c2db8eae3198a29e5c0cfc60000ce0637cef580b4ec24c53d86571ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff33c1e8e036e5031949762d009d308bd73f477252d0000000000004000000000000000000000000000000000195e23", 0x395, r4) r5 = request_key(&(0x7f0000000000)='cifs.idmap\x00', &(0x7f00000000c0)={'syz', 0x1}, &(0x7f0000000100)='posix_acl_accessem0wlan1vmnet1@\x00', r4) keyctl$describe(0x6, r5, &(0x7f0000000140)=""/88, 0x58) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000000)) syz_open_pts(r6, 0x0) ioctl$VT_SETMODE(r6, 0x5602, &(0x7f00000001c0)={0x4, 0x13, 0x3f, 0x0, 0xa68}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:15 executing program 5: open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:15 executing program 0 (fault-call:13 fault-nth:22): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 383.360753] FAULT_INJECTION: forcing a failure. [ 383.360753] name failslab, interval 1, probability 0, space 0, times 0 [ 383.372427] CPU: 1 PID: 20352 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 383.379491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.388899] Call Trace: [ 383.391487] dump_stack+0x138/0x197 [ 383.396071] should_fail.cold+0x10f/0x159 [ 383.400226] should_failslab+0xdb/0x130 [ 383.404216] kmem_cache_alloc+0x2d7/0x780 [ 383.408366] ? creds_are_invalid+0x48/0x110 [ 383.412697] ? __validate_process_creds+0x14c/0x200 [ 383.417784] prepare_creds+0x3e/0x380 [ 383.421608] copy_creds+0x7b/0x4f0 [ 383.425170] ? lockdep_init_map+0x9/0x10 [ 383.429256] copy_process.part.0+0x868/0x6a00 [ 383.433778] ? save_trace+0x290/0x290 [ 383.437598] ? proc_fail_nth_write+0x7d/0x180 [ 383.442113] ? proc_cwd_link+0x1b0/0x1b0 [ 383.446195] ? __f_unlock_pos+0x19/0x20 [ 383.450197] ? __cleanup_sighand+0x50/0x50 [ 383.454444] ? lock_downgrade+0x740/0x740 [ 383.458609] _do_fork+0x19e/0xce0 [ 383.462074] ? fork_idle+0x280/0x280 [ 383.465804] ? fput+0xd4/0x150 [ 383.466704] FAULT_INJECTION: forcing a failure. [ 383.466704] name failslab, interval 1, probability 0, space 0, times 0 [ 383.469002] ? SyS_write+0x15e/0x230 [ 383.469026] SyS_clone+0x37/0x50 [ 383.487269] ? sys_vfork+0x30/0x30 [ 383.490813] do_syscall_64+0x1e8/0x640 [ 383.494694] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.499534] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 383.504723] RIP: 0033:0x459a59 [ 383.507903] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 383.515695] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 383.523912] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 383.531180] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 383.538443] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 383.545704] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 383.552991] CPU: 0 PID: 20359 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 383.560044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.569406] Call Trace: [ 383.572018] dump_stack+0x138/0x197 [ 383.575655] should_fail.cold+0x10f/0x159 [ 383.579806] should_failslab+0xdb/0x130 [ 383.583768] __kmalloc_track_caller+0x2ec/0x790 [ 383.588427] ? kstrdup_const+0x48/0x60 [ 383.592313] kstrdup+0x3a/0x70 [ 383.595490] kstrdup_const+0x48/0x60 [ 383.599223] alloc_vfsmnt+0xe5/0x7d0 [ 383.602950] clone_mnt+0x70/0xee0 [ 383.606413] ? lock_downgrade+0x740/0x740 [ 383.610596] copy_tree+0x33b/0x8a0 [ 383.614160] copy_mnt_ns+0x11c/0x8c0 [ 383.617879] ? kmem_cache_alloc+0x611/0x780 [ 383.622214] ? selinux_capable+0x36/0x40 [ 383.626295] create_new_namespaces+0xc9/0x720 [ 383.630802] ? ns_capable_common+0x12c/0x160 [ 383.635225] copy_namespaces+0x284/0x310 [ 383.639297] copy_process.part.0+0x2603/0x6a00 [ 383.643903] ? proc_fail_nth_write+0x7d/0x180 [ 383.648403] ? proc_cwd_link+0x1b0/0x1b0 [ 383.652483] ? __cleanup_sighand+0x50/0x50 [ 383.656731] ? lock_downgrade+0x740/0x740 [ 383.660978] _do_fork+0x19e/0xce0 [ 383.664438] ? fork_idle+0x280/0x280 [ 383.668180] ? fput+0xd4/0x150 [ 383.671376] ? SyS_write+0x15e/0x230 [ 383.675102] SyS_clone+0x37/0x50 [ 383.678497] ? sys_vfork+0x30/0x30 [ 383.682054] do_syscall_64+0x1e8/0x640 [ 383.685946] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.690798] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 383.695987] RIP: 0033:0x459a59 [ 383.699177] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 383.706894] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 383.714176] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 383.721453] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 383.728728] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 383.736003] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 383.748712] FAULT_INJECTION: forcing a failure. [ 383.748712] name failslab, interval 1, probability 0, space 0, times 0 [ 383.760323] CPU: 1 PID: 20353 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 383.767355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 383.776760] Call Trace: [ 383.779362] dump_stack+0x138/0x197 [ 383.783010] should_fail.cold+0x10f/0x159 [ 383.787177] should_failslab+0xdb/0x130 [ 383.791165] kmem_cache_alloc+0x2d7/0x780 [ 383.795323] ? find_held_lock+0x35/0x130 [ 383.799391] ? copy_tree+0x4a2/0x8a0 [ 383.803111] alloc_vfsmnt+0x28/0x7d0 [ 383.806841] clone_mnt+0x70/0xee0 [ 383.810293] ? lock_downgrade+0x740/0x740 [ 383.815320] copy_tree+0x33b/0x8a0 [ 383.818872] copy_mnt_ns+0x11c/0x8c0 [ 383.822585] ? kmem_cache_alloc+0x611/0x780 [ 383.826911] ? selinux_capable+0x36/0x40 [ 383.830986] create_new_namespaces+0xc9/0x720 [ 383.835570] ? ns_capable_common+0x12c/0x160 [ 383.840173] copy_namespaces+0x284/0x310 [ 383.844245] copy_process.part.0+0x2603/0x6a00 [ 383.848854] ? proc_fail_nth_write+0x7d/0x180 [ 383.853619] ? proc_cwd_link+0x1b0/0x1b0 [ 383.857702] ? __cleanup_sighand+0x50/0x50 [ 383.861943] ? lock_downgrade+0x740/0x740 [ 383.866098] _do_fork+0x19e/0xce0 [ 383.869645] ? fork_idle+0x280/0x280 [ 383.873363] ? fput+0xd4/0x150 [ 383.876554] ? SyS_write+0x15e/0x230 [ 383.880286] SyS_clone+0x37/0x50 [ 383.883657] ? sys_vfork+0x30/0x30 [ 383.887201] do_syscall_64+0x1e8/0x640 [ 383.891090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.895948] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 383.901315] RIP: 0033:0x459a59 [ 383.904499] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 383.912212] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 383.919487] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 383.926791] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 383.934065] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 383.943161] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:46:16 executing program 1 (fault-call:17 fault-nth:3): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x80, 0xce) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f00000000c0)={0x6, 0x1}) open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:16 executing program 5: open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:16 executing program 4 (fault-call:14 fault-nth:28): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:16 executing program 0 (fault-call:13 fault-nth:23): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 384.294847] FAULT_INJECTION: forcing a failure. [ 384.294847] name failslab, interval 1, probability 0, space 0, times 0 [ 384.306708] CPU: 1 PID: 20391 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 384.313751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.323116] Call Trace: [ 384.325075] FAULT_INJECTION: forcing a failure. [ 384.325075] name failslab, interval 1, probability 0, space 0, times 0 [ 384.325717] dump_stack+0x138/0x197 [ 384.340566] should_fail.cold+0x10f/0x159 [ 384.344736] should_failslab+0xdb/0x130 [ 384.348703] __kmalloc_track_caller+0x2ec/0x790 [ 384.353365] ? check_preemption_disabled+0x3c/0x250 [ 384.358372] ? prepare_creds+0x3e/0x380 [ 384.362335] ? selinux_cred_prepare+0x49/0xb0 [ 384.366842] kmemdup+0x27/0x60 [ 384.370097] selinux_cred_prepare+0x49/0xb0 [ 384.374419] security_prepare_creds+0x7d/0xb0 [ 384.378911] prepare_creds+0x2cf/0x380 [ 384.382905] copy_creds+0x7b/0x4f0 [ 384.386459] ? lockdep_init_map+0x9/0x10 [ 384.390550] copy_process.part.0+0x868/0x6a00 [ 384.395053] ? save_trace+0x290/0x290 [ 384.398847] ? proc_fail_nth_write+0x7d/0x180 [ 384.403335] ? proc_cwd_link+0x1b0/0x1b0 [ 384.407396] ? __f_unlock_pos+0x19/0x20 [ 384.411374] ? __cleanup_sighand+0x50/0x50 [ 384.416054] ? lock_downgrade+0x740/0x740 [ 384.420229] _do_fork+0x19e/0xce0 [ 384.423718] ? fork_idle+0x280/0x280 [ 384.427449] ? fput+0xd4/0x150 [ 384.430646] ? SyS_write+0x15e/0x230 [ 384.434356] SyS_clone+0x37/0x50 [ 384.437724] ? sys_vfork+0x30/0x30 [ 384.441261] do_syscall_64+0x1e8/0x640 [ 384.445140] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.449999] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.455189] RIP: 0033:0x459a59 [ 384.458377] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 384.466084] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 384.473349] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 384.480615] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 384.487878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 384.495142] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 384.502498] CPU: 0 PID: 20393 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 384.509574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.519031] Call Trace: [ 384.521630] dump_stack+0x138/0x197 [ 384.525284] should_fail.cold+0x10f/0x159 [ 384.530347] should_failslab+0xdb/0x130 [ 384.534341] __kmalloc_track_caller+0x2ec/0x790 [ 384.539037] ? kstrdup_const+0x48/0x60 [ 384.542944] kstrdup+0x3a/0x70 [ 384.546150] kstrdup_const+0x48/0x60 [ 384.549878] alloc_vfsmnt+0xe5/0x7d0 [ 384.553864] clone_mnt+0x70/0xee0 [ 384.557328] ? lock_downgrade+0x740/0x740 [ 384.561488] copy_tree+0x33b/0x8a0 [ 384.565075] copy_mnt_ns+0x11c/0x8c0 [ 384.568800] ? kmem_cache_alloc+0x611/0x780 [ 384.573134] ? selinux_capable+0x36/0x40 [ 384.577213] create_new_namespaces+0xc9/0x720 [ 384.581713] ? ns_capable_common+0x12c/0x160 [ 384.586130] copy_namespaces+0x284/0x310 [ 384.590200] copy_process.part.0+0x2603/0x6a00 [ 384.594800] ? proc_fail_nth_write+0x7d/0x180 [ 384.599297] ? proc_cwd_link+0x1b0/0x1b0 [ 384.603371] ? __cleanup_sighand+0x50/0x50 [ 384.607610] ? lock_downgrade+0x740/0x740 [ 384.611766] _do_fork+0x19e/0xce0 [ 384.615224] ? fork_idle+0x280/0x280 [ 384.618947] ? fput+0xd4/0x150 [ 384.622145] ? SyS_write+0x15e/0x230 [ 384.625982] SyS_clone+0x37/0x50 [ 384.629452] ? sys_vfork+0x30/0x30 [ 384.633015] do_syscall_64+0x1e8/0x640 [ 384.636917] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.641775] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.646965] RIP: 0033:0x459a59 [ 384.650166] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 384.658005] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 384.665290] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 384.672651] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 384.679946] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 384.687224] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 384.791965] FAULT_INJECTION: forcing a failure. [ 384.791965] name failslab, interval 1, probability 0, space 0, times 0 [ 384.803674] CPU: 1 PID: 20401 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 384.810713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.820096] Call Trace: [ 384.822698] dump_stack+0x138/0x197 [ 384.826353] should_fail.cold+0x10f/0x159 [ 384.830522] should_failslab+0xdb/0x130 [ 384.834520] __kmalloc_track_caller+0x2ec/0x790 [ 384.839224] ? kstrdup_const+0x48/0x60 [ 384.843138] kstrdup+0x3a/0x70 [ 384.846350] kstrdup_const+0x48/0x60 [ 384.850081] alloc_vfsmnt+0xe5/0x7d0 [ 384.854771] clone_mnt+0x70/0xee0 [ 384.858244] ? lock_downgrade+0x740/0x740 [ 384.862450] copy_tree+0x33b/0x8a0 [ 384.866018] copy_mnt_ns+0x11c/0x8c0 [ 384.869743] ? kmem_cache_alloc+0x611/0x780 [ 384.874082] ? selinux_capable+0x36/0x40 [ 384.878602] create_new_namespaces+0xc9/0x720 [ 384.883119] ? ns_capable_common+0x12c/0x160 [ 384.887552] copy_namespaces+0x284/0x310 [ 384.891641] copy_process.part.0+0x2603/0x6a00 [ 384.896250] ? proc_fail_nth_write+0x7d/0x180 [ 384.900759] ? proc_cwd_link+0x1b0/0x1b0 [ 384.904847] ? __cleanup_sighand+0x50/0x50 [ 384.909102] ? lock_downgrade+0x740/0x740 [ 384.913269] _do_fork+0x19e/0xce0 [ 384.916740] ? fork_idle+0x280/0x280 [ 384.920728] ? fput+0xd4/0x150 [ 384.923934] ? SyS_write+0x15e/0x230 [ 384.927665] SyS_clone+0x37/0x50 [ 384.931048] ? sys_vfork+0x30/0x30 [ 384.934603] do_syscall_64+0x1e8/0x640 [ 384.938503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.943369] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.948568] RIP: 0033:0x459a59 [ 384.951761] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 384.959479] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 384.966767] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 384.974132] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 384.981413] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 17:46:17 executing program 1 (fault-call:17 fault-nth:4): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 384.988690] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:17 executing program 5: open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:17 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r4) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) r11 = socket$netlink(0x10, 0x3, 0x0) r12 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r13, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r14 = socket$nl_route(0x10, 0x3, 0x0) r15 = socket$netlink(0x10, 0x3, 0x0) r16 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r16, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r15, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r17, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r14, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r17, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48, 0x2, {{}, 0x0, 0x0, 0x0, 0xfffffffe}}}]}, 0x74}}, 0x0) r18 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r18, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r17, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=@newtaction={0x578, 0x30, 0x800, 0x70bd29, 0x25dfdbff, {}, [{0x104, 0x1, @m_sample={0x100, 0xc, {{0xc, 0x1, 'sample\x00'}, {0x6c, 0x2, [@TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x5}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x2}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x7fffffff}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x2}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x3}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x7}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x6f, 0x7ff, 0x1, 0x62, 0x7fffffff}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x7, 0x1000, 0x0, 0x0, 0x80}}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x3}]}, {0x80, 0x6, "e3ff157b43abe5b71a249e48ab4695f86c13f5e6031ad12f840bf70f4081bbfa6d4496cb67d922445477147c1f2478b8341efa9b5da53f1062b45f11e2d0212fbb54fbf61147191e8dd61574b0de23056602bdbac8dab5e92dc9754fd2e9c1ba976039d8a6f7529e5a7df9a7a106795e58da412a79f8b3c48400"}}}}, {0xdc, 0x1, @m_ife={0xd8, 0xa, {{0x8, 0x1, 'ife\x00'}, {0xc, 0x2, [@TCA_IFE_TYPE={0x8, 0x5, 0xb5f}]}, {0xbc, 0x6, "cac102bc3322649cb358139c2ccd95e04ce5d65a6ad741e8b8e41c74f3fbff2ce3edd5b908f41457d77ceeaddf85e7571162f32d0be8f69ea8fede35cea0b6e8de1e8b6144b7e854346106ca9ae94dd5ea9679026ee6ba7141e6e17ccc90639103a80bd67b5bba574f3b2437e3aa40b0441512b72fc5f3e9b97d11bc156325ef88e8b341c064275c73d63d0dd737adf5f90c84dc362861e83919754f42dfc1b6d01ad6f237e5181f249cbcde5d6dbf8b111011b52d"}}}}, {0xfc, 0x1, @m_bpf={0xf8, 0x10, {{0x8, 0x1, 'bpf\x00'}, {0x88, 0x2, [@TCA_ACT_BPF_OPS={0xc, 0x4, [{0x2, 0x1, 0xea, 0x5}]}, @TCA_ACT_BPF_OPS_LEN={0x8, 0x3, 0x3}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}, @TCA_ACT_BPF_OPS_LEN={0x8, 0x3, 0x7}, @TCA_ACT_BPF_FD={0x8, 0x5, r10}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x5, 0x3, 0x5, 0x5}}, @TCA_ACT_BPF_FD={0x8, 0x5, r6}, @TCA_ACT_BPF_OPS_LEN={0x8, 0x3, 0x3}, @TCA_ACT_BPF_OPS={0x2c, 0x4, [{0x0, 0x1, 0x0, 0xfffffff9}, {0x2e1, 0x7, 0x6, 0xfffff800}, {0x0, 0x3, 0x2, 0x4}, {0x1000, 0x2, 0x2, 0xb39}, {0x4, 0x8, 0x40, 0x8d}]}]}, {0x60, 0x6, "d0e915c665feedaf8133d53382599407eacb198dbf6e6c6d026cf5428f32cabefebee74f58516d636af2f3d4da287c67401c2c6c0773addf9f3ae2f11a8307d621f7bf35679a201a9d30afae2db15c07d641322706872a1cb8ce41"}}}}, {0xb0, 0x1, @m_vlan={0xac, 0x6, {{0xc, 0x1, 'vlan\x00'}, {0x50, 0x2, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x8, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x8, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x8, 0x6, 0x3}, @TCA_VLAN_PARMS={0x1c, 0x2, {{0x4, 0xfffffaef, 0x4, 0x10}, 0x2}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x8, 0x6, 0x5}, @TCA_VLAN_PUSH_VLAN_ID={0x8, 0x3, 0xebc}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x8, 0x6, 0x1}]}, {0x48, 0x6, "71ed5e7385052046271d3cd7009af3d2da5471a813109eedf9eab3c5aca9dce45153dc18d24360246c646df0babac0ab9d227da6b8ae2a305e242e352a70b4c6b30cb5"}}}}, {0xa0, 0x1, @m_skbmod={0x9c, 0x0, {{0xc, 0x1, 'skbmod\x00'}, {0x44, 0x2, [@TCA_SKBMOD_ETYPE={0x8, 0x5, 0x8}, @TCA_SKBMOD_ETYPE={0x8, 0x5, 0x1ff}, @TCA_SKBMOD_DMAC={0xc, 0x3, @local}, @TCA_SKBMOD_PARMS={0x416, 0x2, {{0x7, 0xff, 0x2, 0xd7a, 0x136}, 0xa}}]}, {0x44, 0x6, "8b7a4886572edd8824d6f866ada9988f5293e1132f49cfb5d858db5aa39cb90abb40b372c7df04746322de0b4b161816721a15b2827dd211283855c984206649"}}}}, {0xb8, 0x1, @m_connmark={0xb4, 0x0, {{0x10, 0x1, 'connmark\x00'}, {0x20, 0x2, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4, 0x2, 0x0, 0xef7, 0x8}, 0x2}}}, {0x7c, 0x6, "39100bfe5568901fe86a782dbc2f2d5b19d7e956f1f8d7166d56457f61272ac40355acfa05098805a6a27aa561e15952502acc22c1be362ac81d7e3462ade00a216a036fe73d7219b04695f0823f0d96470d505960aefabc8b8563b8056022eebf845a927b277ce9c4999393b747e632be72d323e003dac5"}}}}, {0x80, 0x1, @m_mirred={0x7c, 0x1c, {{0xc, 0x1, 'mirred\x00'}, {0x24, 0x2, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x3, 0x5, 0x2, 0x3, 0x5}, 0x8, r17}}}, {0x44, 0x6, "445b5fd1472fd351089ac3ccb19ab820177bc031b514fa1d07d680cfca094c24a1fe2513482dbf94a915020cf7bc70d89a6840d7362aee072fa9f7beea9d84"}}}}]}, 0x578}}, 0x440d1) kcmp(0xffffffffffffffff, r4, 0x2, r9, r2) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) ioctl$KDGKBSENT(r3, 0x4b48, &(0x7f0000000300)={0x3, 0x1f, 0x2}) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:17 executing program 0 (fault-call:13 fault-nth:24): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:17 executing program 4 (fault-call:14 fault-nth:29): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 385.184643] FAULT_INJECTION: forcing a failure. [ 385.184643] name failslab, interval 1, probability 0, space 0, times 0 [ 385.196047] CPU: 1 PID: 20418 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 385.196056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.196060] Call Trace: [ 385.196080] dump_stack+0x138/0x197 [ 385.196098] should_fail.cold+0x10f/0x159 [ 385.196117] should_failslab+0xdb/0x130 [ 385.196130] kmem_cache_alloc+0x2d7/0x780 [ 385.196140] ? creds_are_invalid+0x48/0x110 [ 385.196152] ? selinux_is_enabled+0x9/0x50 [ 385.212548] ? creds_are_invalid+0x48/0x110 [ 385.212565] __delayacct_tsk_init+0x20/0x80 [ 385.212576] copy_process.part.0+0x1a6c/0x6a00 [ 385.212591] ? save_trace+0x290/0x290 [ 385.212601] ? proc_fail_nth_write+0x7d/0x180 [ 385.212610] ? proc_cwd_link+0x1b0/0x1b0 [ 385.212620] ? __f_unlock_pos+0x19/0x20 [ 385.212636] ? __cleanup_sighand+0x50/0x50 [ 385.212647] ? lock_downgrade+0x740/0x740 [ 385.218875] _do_fork+0x19e/0xce0 [ 385.226956] ? fork_idle+0x280/0x280 [ 385.235469] ? fput+0xd4/0x150 [ 385.243977] ? SyS_write+0x15e/0x230 [ 385.243991] SyS_clone+0x37/0x50 [ 385.244000] ? sys_vfork+0x30/0x30 [ 385.244012] do_syscall_64+0x1e8/0x640 [ 385.244020] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.244036] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 385.252901] RIP: 0033:0x459a59 [ 385.252906] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 385.252916] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 385.252922] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 385.252927] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 385.252932] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 385.252937] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 385.364625] FAULT_INJECTION: forcing a failure. [ 385.364625] name failslab, interval 1, probability 0, space 0, times 0 [ 385.376797] CPU: 0 PID: 20422 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 385.383814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.383820] Call Trace: [ 385.383839] dump_stack+0x138/0x197 [ 385.383862] should_fail.cold+0x10f/0x159 [ 385.395894] should_failslab+0xdb/0x130 [ 385.403625] kmem_cache_alloc+0x2d7/0x780 [ 385.403637] ? find_held_lock+0x35/0x130 [ 385.403652] ? copy_tree+0x4a2/0x8a0 [ 385.411732] alloc_vfsmnt+0x28/0x7d0 [ 385.411744] clone_mnt+0x70/0xee0 [ 385.411754] ? lock_downgrade+0x740/0x740 [ 385.419499] copy_tree+0x33b/0x8a0 [ 385.426652] copy_mnt_ns+0x11c/0x8c0 [ 385.434314] ? kmem_cache_alloc+0x611/0x780 [ 385.442309] ? selinux_capable+0x36/0x40 [ 385.442323] create_new_namespaces+0xc9/0x720 [ 385.442334] ? ns_capable_common+0x12c/0x160 [ 385.450862] copy_namespaces+0x284/0x310 [ 385.450875] copy_process.part.0+0x2603/0x6a00 [ 385.450893] ? proc_fail_nth_write+0x7d/0x180 [ 385.459316] ? proc_cwd_link+0x1b0/0x1b0 [ 385.468539] ? __cleanup_sighand+0x50/0x50 [ 385.476821] ? lock_downgrade+0x740/0x740 [ 385.480964] _do_fork+0x19e/0xce0 [ 385.480978] ? fork_idle+0x280/0x280 [ 385.480991] ? fput+0xd4/0x150 [ 385.488116] ? SyS_write+0x15e/0x230 [ 385.494981] SyS_clone+0x37/0x50 [ 385.498335] ? sys_vfork+0x30/0x30 [ 385.501954] do_syscall_64+0x1e8/0x640 [ 385.501963] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.501979] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 385.510688] RIP: 0033:0x459a59 [ 385.510693] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 385.510702] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 385.510708] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 385.510715] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 385.548879] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 385.556169] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 385.565189] FAULT_INJECTION: forcing a failure. [ 385.565189] name failslab, interval 1, probability 0, space 0, times 0 [ 385.578091] CPU: 0 PID: 20427 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 385.585133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.594497] Call Trace: [ 385.597103] dump_stack+0x138/0x197 [ 385.600755] should_fail.cold+0x10f/0x159 [ 385.604931] should_failslab+0xdb/0x130 [ 385.608948] __kmalloc_track_caller+0x2ec/0x790 [ 385.613640] ? kstrdup_const+0x48/0x60 [ 385.617661] kstrdup+0x3a/0x70 [ 385.620953] kstrdup_const+0x48/0x60 [ 385.624683] alloc_vfsmnt+0xe5/0x7d0 [ 385.628412] clone_mnt+0x70/0xee0 [ 385.631978] ? lock_downgrade+0x740/0x740 [ 385.636148] copy_tree+0x33b/0x8a0 [ 385.639888] copy_mnt_ns+0x11c/0x8c0 [ 385.643646] ? kmem_cache_alloc+0x611/0x780 [ 385.647982] ? selinux_capable+0x36/0x40 [ 385.652073] create_new_namespaces+0xc9/0x720 [ 385.656581] ? ns_capable_common+0x12c/0x160 [ 385.661005] copy_namespaces+0x284/0x310 [ 385.665083] copy_process.part.0+0x2603/0x6a00 [ 385.669682] ? proc_fail_nth_write+0x7d/0x180 [ 385.674185] ? proc_cwd_link+0x1b0/0x1b0 [ 385.678439] ? __cleanup_sighand+0x50/0x50 [ 385.682682] ? lock_downgrade+0x740/0x740 [ 385.686881] _do_fork+0x19e/0xce0 [ 385.690343] ? fork_idle+0x280/0x280 [ 385.694067] ? fput+0xd4/0x150 [ 385.697269] ? SyS_write+0x15e/0x230 [ 385.700998] SyS_clone+0x37/0x50 [ 385.704374] ? sys_vfork+0x30/0x30 [ 385.707932] do_syscall_64+0x1e8/0x640 [ 385.711854] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.716841] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 385.722049] RIP: 0033:0x459a59 [ 385.725240] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 385.732971] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 385.740251] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 385.747551] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 385.754829] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 385.762109] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:46:18 executing program 1 (fault-call:17 fault-nth:5): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f0000000140)={@mcast2}, &(0x7f0000000240)=0xfffffffffffffe61) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0400000000000000280012000c0001007665746800000000180002001400010000000045", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r6 = fcntl$getown(r3, 0x9) prctl$PR_SET_PTRACER(0x59616d61, r6) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:18 executing program 4 (fault-call:14 fault-nth:30): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:18 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:18 executing program 0 (fault-call:13 fault-nth:25): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 386.085138] FAULT_INJECTION: forcing a failure. [ 386.085138] name failslab, interval 1, probability 0, space 0, times 0 [ 386.096519] CPU: 0 PID: 20448 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 386.103644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.114135] Call Trace: [ 386.116942] dump_stack+0x138/0x197 [ 386.120582] should_fail.cold+0x10f/0x159 [ 386.124753] should_failslab+0xdb/0x130 [ 386.129094] kmem_cache_alloc+0x2d7/0x780 [ 386.133282] ? lockdep_init_map+0x9/0x10 [ 386.137365] ? debug_mutex_init+0x2d/0x5a [ 386.141676] dup_fd+0x85/0xa40 [ 386.144886] ? refcount_inc_not_zero+0x88/0xe0 [ 386.149478] ? refcount_inc+0x1f/0x40 [ 386.153293] copy_process.part.0+0x1b5a/0x6a00 [ 386.157890] ? save_trace+0x290/0x290 [ 386.161699] ? proc_fail_nth_write+0x7d/0x180 [ 386.166336] ? proc_cwd_link+0x1b0/0x1b0 [ 386.170421] ? __cleanup_sighand+0x50/0x50 [ 386.174677] ? lock_downgrade+0x740/0x740 [ 386.178945] _do_fork+0x19e/0xce0 [ 386.182412] ? fork_idle+0x280/0x280 [ 386.182436] ? fput+0xd4/0x150 [ 386.182446] ? SyS_write+0x15e/0x230 [ 386.182459] SyS_clone+0x37/0x50 [ 386.182470] ? sys_vfork+0x30/0x30 [ 386.189360] do_syscall_64+0x1e8/0x640 [ 386.196488] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.203873] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 386.203881] RIP: 0033:0x459a59 [ 386.203886] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 386.213898] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 386.213903] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 386.213908] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 386.213914] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 386.213919] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 386.215929] FAULT_INJECTION: forcing a failure. [ 386.215929] name failslab, interval 1, probability 0, space 0, times 0 [ 386.225144] CPU: 0 PID: 20455 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 386.239701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.254207] Call Trace: [ 386.254223] dump_stack+0x138/0x197 [ 386.254239] should_fail.cold+0x10f/0x159 [ 386.272673] should_failslab+0xdb/0x130 [ 386.272684] __kmalloc_track_caller+0x2ec/0x790 [ 386.272698] ? kstrdup_const+0x48/0x60 [ 386.289044] kstrdup+0x3a/0x70 [ 386.289054] kstrdup_const+0x48/0x60 [ 386.289064] alloc_vfsmnt+0xe5/0x7d0 [ 386.289075] clone_mnt+0x70/0xee0 [ 386.295251] ? lock_downgrade+0x740/0x740 [ 386.303356] copy_tree+0x33b/0x8a0 [ 386.303373] copy_mnt_ns+0x11c/0x8c0 [ 386.303382] ? kmem_cache_alloc+0x611/0x780 [ 386.303394] ? selinux_capable+0x36/0x40 [ 386.311921] create_new_namespaces+0xc9/0x720 [ 386.311931] ? ns_capable_common+0x12c/0x160 [ 386.311943] copy_namespaces+0x284/0x310 [ 386.318895] copy_process.part.0+0x2603/0x6a00 [ 386.326202] ? proc_fail_nth_write+0x7d/0x180 [ 386.333843] ? proc_cwd_link+0x1b0/0x1b0 [ 386.341846] ? __cleanup_sighand+0x50/0x50 [ 386.341858] ? lock_downgrade+0x740/0x740 [ 386.350425] _do_fork+0x19e/0xce0 [ 386.350440] ? fork_idle+0x280/0x280 [ 386.358881] ? fput+0xd4/0x150 [ 386.367914] ? SyS_write+0x15e/0x230 [ 386.376205] SyS_clone+0x37/0x50 [ 386.383853] ? sys_vfork+0x30/0x30 [ 386.390732] do_syscall_64+0x1e8/0x640 [ 386.390741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.390758] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 386.397792] RIP: 0033:0x459a59 [ 386.422260] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 386.429970] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 386.437257] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 386.444540] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 386.451895] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 386.459178] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 386.469580] FAULT_INJECTION: forcing a failure. [ 386.469580] name failslab, interval 1, probability 0, space 0, times 0 [ 386.481106] CPU: 0 PID: 20458 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 386.488153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 386.497520] Call Trace: [ 386.500117] dump_stack+0x138/0x197 [ 386.503736] should_fail.cold+0x10f/0x159 [ 386.507881] should_failslab+0xdb/0x130 [ 386.511841] __kmalloc_track_caller+0x2ec/0x790 [ 386.516853] ? kstrdup_const+0x48/0x60 [ 386.520731] kstrdup+0x3a/0x70 [ 386.523903] kstrdup_const+0x48/0x60 [ 386.527600] alloc_vfsmnt+0xe5/0x7d0 [ 386.531308] clone_mnt+0x70/0xee0 [ 386.534839] ? lock_downgrade+0x740/0x740 [ 386.538971] copy_tree+0x33b/0x8a0 [ 386.542497] copy_mnt_ns+0x11c/0x8c0 [ 386.546193] ? kmem_cache_alloc+0x611/0x780 [ 386.550537] ? selinux_capable+0x36/0x40 [ 386.554607] create_new_namespaces+0xc9/0x720 [ 386.560476] ? ns_capable_common+0x12c/0x160 [ 386.564865] copy_namespaces+0x284/0x310 [ 386.569105] copy_process.part.0+0x2603/0x6a00 [ 386.573690] ? proc_fail_nth_write+0x7d/0x180 [ 386.578264] ? proc_cwd_link+0x1b0/0x1b0 [ 386.582337] ? __cleanup_sighand+0x50/0x50 [ 386.586569] ? lock_downgrade+0x740/0x740 [ 386.590703] _do_fork+0x19e/0xce0 [ 386.594140] ? fork_idle+0x280/0x280 [ 386.597865] ? fput+0xd4/0x150 [ 386.601130] ? SyS_write+0x15e/0x230 [ 386.604837] SyS_clone+0x37/0x50 [ 386.608185] ? sys_vfork+0x30/0x30 [ 386.611714] do_syscall_64+0x1e8/0x640 [ 386.615617] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.620459] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 386.627832] RIP: 0033:0x459a59 [ 386.631003] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 386.638701] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 386.646041] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 386.653291] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 386.660715] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 386.668053] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:19 executing program 1 (fault-call:17 fault-nth:6): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:19 executing program 4 (fault-call:14 fault-nth:31): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:19 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:19 executing program 0 (fault-call:13 fault-nth:26): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 386.990822] FAULT_INJECTION: forcing a failure. [ 386.990822] name failslab, interval 1, probability 0, space 0, times 0 [ 387.002130] CPU: 1 PID: 20477 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 387.009703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.019069] Call Trace: [ 387.021676] dump_stack+0x138/0x197 [ 387.025323] should_fail.cold+0x10f/0x159 [ 387.029570] should_failslab+0xdb/0x130 [ 387.033556] kmem_cache_alloc_trace+0x2e9/0x790 [ 387.035248] FAULT_INJECTION: forcing a failure. [ 387.035248] name failslab, interval 1, probability 0, space 0, times 0 [ 387.038232] ? lock_downgrade+0x740/0x740 [ 387.038249] alloc_fdtable+0x7f/0x280 [ 387.057752] dup_fd+0x693/0xa40 [ 387.061183] copy_process.part.0+0x1b5a/0x6a00 [ 387.065765] ? save_trace+0x290/0x290 [ 387.069555] ? proc_fail_nth_write+0x7d/0x180 [ 387.074044] ? proc_cwd_link+0x1b0/0x1b0 [ 387.078135] ? __cleanup_sighand+0x50/0x50 [ 387.082364] ? lock_downgrade+0x740/0x740 [ 387.086509] _do_fork+0x19e/0xce0 [ 387.089957] ? fork_idle+0x280/0x280 [ 387.093669] ? fput+0xd4/0x150 [ 387.096852] ? SyS_write+0x15e/0x230 [ 387.100564] SyS_clone+0x37/0x50 [ 387.104184] ? sys_vfork+0x30/0x30 [ 387.107720] do_syscall_64+0x1e8/0x640 [ 387.111598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.116445] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.121626] RIP: 0033:0x459a59 [ 387.124805] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 387.132507] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 387.139863] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 387.147123] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 387.154388] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 387.161650] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 387.168930] CPU: 0 PID: 20478 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 387.175972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.186283] Call Trace: [ 387.188964] dump_stack+0x138/0x197 [ 387.192577] should_fail.cold+0x10f/0x159 [ 387.196709] should_failslab+0xdb/0x130 [ 387.200669] __kmalloc_track_caller+0x2ec/0x790 [ 387.205335] ? kstrdup_const+0x48/0x60 [ 387.209207] kstrdup+0x3a/0x70 [ 387.212382] kstrdup_const+0x48/0x60 [ 387.216081] alloc_vfsmnt+0xe5/0x7d0 [ 387.219779] clone_mnt+0x70/0xee0 [ 387.223219] ? lock_downgrade+0x740/0x740 [ 387.227353] copy_tree+0x33b/0x8a0 [ 387.230882] copy_mnt_ns+0x11c/0x8c0 [ 387.234577] ? kmem_cache_alloc+0x611/0x780 [ 387.238882] ? selinux_capable+0x36/0x40 [ 387.242931] create_new_namespaces+0xc9/0x720 [ 387.247411] ? ns_capable_common+0x12c/0x160 [ 387.251804] copy_namespaces+0x284/0x310 [ 387.255851] copy_process.part.0+0x2603/0x6a00 [ 387.260423] ? proc_fail_nth_write+0x7d/0x180 [ 387.264902] ? proc_cwd_link+0x1b0/0x1b0 [ 387.268957] ? __cleanup_sighand+0x50/0x50 [ 387.273173] ? lock_downgrade+0x740/0x740 [ 387.277307] _do_fork+0x19e/0xce0 [ 387.280745] ? fork_idle+0x280/0x280 [ 387.284447] ? fput+0xd4/0x150 [ 387.287884] ? SyS_write+0x15e/0x230 [ 387.291678] SyS_clone+0x37/0x50 [ 387.295211] ? sys_vfork+0x30/0x30 [ 387.298747] do_syscall_64+0x1e8/0x640 [ 387.302619] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.307454] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.312625] RIP: 0033:0x459a59 [ 387.315799] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 387.323491] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 387.330770] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 387.338024] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 387.345278] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 387.352534] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 [ 387.408732] FAULT_INJECTION: forcing a failure. [ 387.408732] name failslab, interval 1, probability 0, space 0, times 0 [ 387.421088] CPU: 1 PID: 20482 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 387.428114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.437560] Call Trace: [ 387.440276] dump_stack+0x138/0x197 [ 387.443908] should_fail.cold+0x10f/0x159 [ 387.448054] should_failslab+0xdb/0x130 [ 387.452017] __kmalloc_track_caller+0x2ec/0x790 [ 387.456674] ? kstrdup_const+0x48/0x60 [ 387.460548] kstrdup+0x3a/0x70 [ 387.463727] kstrdup_const+0x48/0x60 [ 387.467433] alloc_vfsmnt+0xe5/0x7d0 [ 387.471132] clone_mnt+0x70/0xee0 [ 387.474571] ? lock_downgrade+0x740/0x740 [ 387.478704] copy_tree+0x33b/0x8a0 [ 387.482232] copy_mnt_ns+0x11c/0x8c0 [ 387.486016] ? kmem_cache_alloc+0x611/0x780 [ 387.490341] ? selinux_capable+0x36/0x40 [ 387.494387] create_new_namespaces+0xc9/0x720 [ 387.498867] ? ns_capable_common+0x12c/0x160 [ 387.503261] copy_namespaces+0x284/0x310 [ 387.507308] copy_process.part.0+0x2603/0x6a00 [ 387.511882] ? proc_fail_nth_write+0x7d/0x180 [ 387.516359] ? proc_cwd_link+0x1b0/0x1b0 [ 387.520412] ? __cleanup_sighand+0x50/0x50 [ 387.524628] ? lock_downgrade+0x740/0x740 [ 387.528848] _do_fork+0x19e/0xce0 [ 387.532301] ? fork_idle+0x280/0x280 [ 387.536001] ? fput+0xd4/0x150 [ 387.539196] ? SyS_write+0x15e/0x230 [ 387.542922] SyS_clone+0x37/0x50 [ 387.546299] ? sys_vfork+0x30/0x30 [ 387.549845] do_syscall_64+0x1e8/0x640 [ 387.553719] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.558571] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.563752] RIP: 0033:0x459a59 [ 387.566925] RSP: 002b:00007f1e158f9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 387.574620] RAX: ffffffffffffffda RBX: 00007f1e158f9c90 RCX: 0000000000459a59 [ 387.581874] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 387.589127] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 387.596392] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158fa6d4 [ 387.603672] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 17:46:20 executing program 1 (fault-call:17 fault-nth:7): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:20 executing program 5: prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:20 executing program 4 (fault-call:14 fault-nth:32): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:20 executing program 0 (fault-call:13 fault-nth:27): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 387.850793] FAULT_INJECTION: forcing a failure. [ 387.850793] name failslab, interval 1, probability 0, space 0, times 0 [ 387.862512] CPU: 0 PID: 20497 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 387.869546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.878918] Call Trace: [ 387.881528] dump_stack+0x138/0x197 [ 387.885283] should_fail.cold+0x10f/0x159 [ 387.889459] should_failslab+0xdb/0x130 [ 387.893458] kmem_cache_alloc_node_trace+0x280/0x770 [ 387.898582] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 387.904085] __kmalloc_node+0x3d/0x80 [ 387.907899] kvmalloc_node+0x4e/0xe0 [ 387.911630] alloc_fdtable+0xcf/0x280 [ 387.915454] dup_fd+0x693/0xa40 [ 387.918776] copy_process.part.0+0x1b5a/0x6a00 [ 387.923383] ? save_trace+0x290/0x290 [ 387.927228] ? proc_fail_nth_write+0x7d/0x180 [ 387.931738] ? proc_cwd_link+0x1b0/0x1b0 [ 387.935833] ? __cleanup_sighand+0x50/0x50 [ 387.940090] ? lock_downgrade+0x740/0x740 [ 387.944298] _do_fork+0x19e/0xce0 [ 387.947784] ? fork_idle+0x280/0x280 [ 387.951541] ? fput+0xd4/0x150 [ 387.954759] ? SyS_write+0x15e/0x230 [ 387.958495] SyS_clone+0x37/0x50 [ 387.961887] ? sys_vfork+0x30/0x30 [ 387.965452] do_syscall_64+0x1e8/0x640 [ 387.969386] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.974271] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.979480] RIP: 0033:0x459a59 [ 387.982679] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 387.990397] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 387.997682] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 388.004964] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 388.010047] FAULT_INJECTION: forcing a failure. [ 388.010047] name failslab, interval 1, probability 0, space 0, times 0 [ 388.012254] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 388.012261] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 388.176673] CPU: 1 PID: 20504 Comm: syz-executor.0 Not tainted 4.14.149 #0 [ 388.183766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.193127] Call Trace: [ 388.195731] dump_stack+0x138/0x197 [ 388.199400] should_fail.cold+0x10f/0x159 [ 388.203567] should_failslab+0xdb/0x130 [ 388.207556] __kmalloc_track_caller+0x2ec/0x790 [ 388.212243] ? kstrdup_const+0x48/0x60 [ 388.216148] kstrdup+0x3a/0x70 [ 388.219349] kstrdup_const+0x48/0x60 [ 388.223068] alloc_vfsmnt+0xe5/0x7d0 [ 388.226794] clone_mnt+0x70/0xee0 [ 388.230260] ? lock_downgrade+0x740/0x740 [ 388.234424] copy_tree+0x33b/0x8a0 [ 388.237977] copy_mnt_ns+0x11c/0x8c0 [ 388.241693] ? kmem_cache_alloc+0x611/0x780 [ 388.246022] ? selinux_capable+0x36/0x40 [ 388.250097] create_new_namespaces+0xc9/0x720 [ 388.254604] ? ns_capable_common+0x12c/0x160 [ 388.259023] copy_namespaces+0x284/0x310 [ 388.263098] copy_process.part.0+0x2603/0x6a00 [ 388.267691] ? proc_fail_nth_write+0x7d/0x180 [ 388.272191] ? proc_cwd_link+0x1b0/0x1b0 [ 388.276266] ? __cleanup_sighand+0x50/0x50 [ 388.280514] ? lock_downgrade+0x740/0x740 [ 388.284663] _do_fork+0x19e/0xce0 [ 388.288112] ? fork_idle+0x280/0x280 [ 388.291822] ? fput+0xd4/0x150 [ 388.295004] ? SyS_write+0x15e/0x230 [ 388.298707] SyS_clone+0x37/0x50 [ 388.302056] ? sys_vfork+0x30/0x30 [ 388.305580] do_syscall_64+0x1e8/0x640 [ 388.309449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.314284] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.319455] RIP: 0033:0x459a59 [ 388.322627] RSP: 002b:00007f1e158d8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 388.330318] RAX: ffffffffffffffda RBX: 00007f1e158d8c90 RCX: 0000000000459a59 [ 388.337572] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 388.344828] RBP: 000000000075c118 R08: ffffffffffffffff R09: 0000000000000000 [ 388.352516] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1e158d96d4 [ 388.359769] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000008 [ 388.418233] FAULT_INJECTION: forcing a failure. [ 388.418233] name failslab, interval 1, probability 0, space 0, times 0 [ 388.429670] CPU: 1 PID: 20507 Comm: syz-executor.4 Not tainted 4.14.149 #0 [ 388.436968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.446399] Call Trace: [ 388.448982] dump_stack+0x138/0x197 [ 388.452603] should_fail.cold+0x10f/0x159 [ 388.456737] should_failslab+0xdb/0x130 [ 388.460717] kmem_cache_alloc+0x2d7/0x780 [ 388.464859] ? find_held_lock+0x35/0x130 [ 388.468925] ? copy_tree+0x4a2/0x8a0 [ 388.472631] alloc_vfsmnt+0x28/0x7d0 [ 388.476353] clone_mnt+0x70/0xee0 [ 388.479790] ? lock_downgrade+0x740/0x740 [ 388.483923] copy_tree+0x33b/0x8a0 [ 388.487468] copy_mnt_ns+0x11c/0x8c0 [ 388.491165] ? kmem_cache_alloc+0x611/0x780 [ 388.495559] ? selinux_capable+0x36/0x40 [ 388.499605] create_new_namespaces+0xc9/0x720 [ 388.504083] ? ns_capable_common+0x12c/0x160 [ 388.508479] copy_namespaces+0x284/0x310 [ 388.512527] copy_process.part.0+0x2603/0x6a00 [ 388.517286] ? proc_fail_nth_write+0x7d/0x180 [ 388.521776] ? proc_cwd_link+0x1b0/0x1b0 [ 388.525830] ? __cleanup_sighand+0x50/0x50 [ 388.530050] ? lock_downgrade+0x740/0x740 [ 388.534824] _do_fork+0x19e/0xce0 [ 388.538273] ? fork_idle+0x280/0x280 [ 388.541975] ? fput+0xd4/0x150 [ 388.545155] ? SyS_write+0x15e/0x230 [ 388.548855] SyS_clone+0x37/0x50 [ 388.552210] ? sys_vfork+0x30/0x30 [ 388.555744] do_syscall_64+0x1e8/0x640 [ 388.559612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.564444] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.569615] RIP: 0033:0x459a59 [ 388.572788] RSP: 002b:00007fef9a16ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 388.580481] RAX: ffffffffffffffda RBX: 00007fef9a16ac90 RCX: 0000000000459a59 [ 388.587733] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 388.595681] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 388.602953] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef9a16b6d4 [ 388.610227] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000006 17:46:21 executing program 1 (fault-call:17 fault-nth:8): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:21 executing program 5: prlimit64(0x0, 0xe, 0x0, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:21 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) rt_sigpending(&(0x7f0000000140), 0x8) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(0xffffffffffffffff, 0xc058534b, &(0x7f00000000c0)={0x8000, 0x5, 0xffffffc0, 0xffff, 0x11c, 0x7f}) 17:46:21 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() mkdir(&(0x7f0000000340)='.\x00', 0x6) mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, 0x0) perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x81, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x1c35}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) openat$hwrng(0xffffffffffffff9c, 0x0, 0x0, 0x0) bind$inet(r0, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0) sendmsg$sock(0xffffffffffffffff, 0x0, 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/syz1\x00', 0x1ff) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x80000001, 0x381000) r1 = syz_open_procfs(0x0, &(0x7f0000000200)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$dV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/370) lseek(r1, 0x203ffffd, 0x0) write$P9_RXATTRWALK(r1, &(0x7f0000000080)={0xf, 0x1f, 0x0, 0x105}, 0x20000357) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(khazad-generic)\x00'}, 0x83) sendmsg$inet(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000380)="b904a551cb213a23414ccbb5aae80291152d433e00d906b2037078ebf6e0752a1d5c37ee0d7c43dc6632015f082d5414b1668e56f8f253328618bcc42a3059cf27faab81d7", 0x45}, {0x0}, {0x0, 0x1ed}, {&(0x7f0000001440)="ede31494270531125f", 0x9}], 0x4}, 0x0) r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="e1dc546a513cf28bbf0565378d329a29ae14cbcff7cd722896b430a97b945fbd45d2accf0356143ff04c5af3129a0e826d7d4790"], 0x1) fallocate(r2, 0x3, 0x0, 0x8020001) ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, 0x0) lseek(r2, 0x0, 0x3) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r4 = socket(0x4, 0x803, 0x9) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) syz_read_part_table(0x5, 0x1, &(0x7f0000000240)=[{&(0x7f0000000940)="4d4fb34c39085f141b4f5548ad1e486dd1e8194d57965d3a8104a37d918cf833fd6427b217b365c00de7af7da297a3189f5ac78efae7cf0a68826fef2e0c1383d1403e57deacddeaa457ab543bf4d8843e804fa1cbea2318c5939f5afb8f30eb31199742a1350ef77c6da95468970c498ecee6007aeff015080caf8941e9a6b4fe871a2919163574581553b7c550ca32e3ad6f3237bdca1b0acbf0e4681167320259c9d1eb1c6800ec777403b7c3ef6f537b8e707867b247f8046cf4ea1f4665f2eab3a10441239de3412efeb38f98e5cb218c6bd544b07d7b83493930abeb0ce5214949", 0xe4, 0x2}]) [ 388.819825] FAULT_INJECTION: forcing a failure. [ 388.819825] name failslab, interval 1, probability 0, space 0, times 0 [ 388.831258] CPU: 1 PID: 20521 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 388.838301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.847770] Call Trace: [ 388.850375] dump_stack+0x138/0x197 [ 388.854017] should_fail.cold+0x10f/0x159 [ 388.858177] should_failslab+0xdb/0x130 [ 388.862185] kmem_cache_alloc_node_trace+0x280/0x770 [ 388.867303] ? kasan_unpoison_shadow+0x35/0x50 [ 388.871925] __kmalloc_node+0x3d/0x80 [ 388.875736] kvmalloc_node+0x4e/0xe0 [ 388.879463] alloc_fdtable+0x13b/0x280 [ 388.883356] dup_fd+0x693/0xa40 [ 388.886651] copy_process.part.0+0x1b5a/0x6a00 [ 388.892207] ? save_trace+0x290/0x290 [ 388.896018] ? proc_fail_nth_write+0x7d/0x180 [ 388.900530] ? proc_cwd_link+0x1b0/0x1b0 [ 388.904640] ? __cleanup_sighand+0x50/0x50 [ 388.908888] ? lock_downgrade+0x740/0x740 [ 388.913066] _do_fork+0x19e/0xce0 [ 388.916536] ? fork_idle+0x280/0x280 [ 388.920262] ? fput+0xd4/0x150 [ 388.923464] ? SyS_write+0x15e/0x230 [ 388.927195] SyS_clone+0x37/0x50 [ 388.930576] ? sys_vfork+0x30/0x30 [ 388.934208] do_syscall_64+0x1e8/0x640 [ 388.938099] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.942956] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.948155] RIP: 0033:0x459a59 [ 388.951343] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 388.959063] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 17:46:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) r1 = getpid() r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000500)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@initdev}}, &(0x7f0000000240)=0xe8) r8 = timerfd_create(0x0, 0x0) fstat(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r9, 0x0, 0x0) r10 = timerfd_create(0x0, 0x0) fstat(r10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r11, 0x0, 0x0) r12 = timerfd_create(0x0, 0x0) fstat(r12, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r13, 0x0, 0x0) getgroups(0x9, &(0x7f0000000600)=[0xffffffffffffffff, 0xee01, 0xee00, 0xee00, 0xffffffffffffffff, r9, r11, 0x0, r13]) r15 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r15, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r16 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r16, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r16, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r17 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r17, 0x0) r18 = syz_open_dev$sndpcmp(&(0x7f0000000300)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r19 = getpgrp(0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0xc0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x7, 0x7}, &(0x7f0000000340)=0x8d, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=0x4}}, 0x10) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000004c0)={r19, r18, 0x0, 0x7, &(0x7f0000000100)='#wlan1\x00', r20}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xb, &(0x7f00000002c0)='em0@em0%.#\x00', r20}, 0x30) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000008c0)={0x0, r17, 0x0, 0xb, &(0x7f0000000880)='eth0md5sum\x00', r20}, 0x30) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000900)={{{@in6=@initdev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@empty}, 0x0, @in6=@initdev}}, &(0x7f0000000a00)=0xe8) r23 = timerfd_create(0x0, 0x0) fstat(r23, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r24, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r25, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r26, 0x0) r27 = timerfd_create(0x0, 0x0) fstat(r27, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r28, 0x0, 0x0) lstat(&(0x7f00000011c0)='./file0\x00', &(0x7f0000001200)={0x0, 0x0, 0x0, 0x0, 0x0}) r30 = getegid() r31 = socket$nl_route(0x10, 0x3, 0x0) r32 = socket$netlink(0x10, 0x3, 0x0) r33 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r33, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r33, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r32, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r34, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r31, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r34, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r35 = socket$nl_route(0x10, 0x3, 0x0) r36 = socket$netlink(0x10, 0x3, 0x0) r37 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r37, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r37, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0xffffff89) sendmsg$nl_route(r36, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r38, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r35, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r38, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r39 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r39, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r38, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r40 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000000) r41 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r41, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r41, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r42 = socket$nl_route(0x10, 0x3, 0x0) r43 = socket$netlink(0x10, 0x3, 0x0) r44 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r44, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r44, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r43, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r45, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r42, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r45, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r46 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r46, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r45, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000015c0)={r46}) r48 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r48, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r48, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r49 = socket$nl_route(0x10, 0x3, 0x0) r50 = socket$netlink(0x10, 0x3, 0x0) r51 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r51, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r51, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r50, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r52, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r49, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r52, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r53 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r53, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r52, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r54 = openat$dir(0xffffffffffffff9c, &(0x7f0000001600)='./file0\x00', 0x10000, 0x4) r55 = gettid() ptrace$setopts(0x4206, r55, 0x0, 0x0) tkill(r55, 0x3c) ptrace$cont(0x18, r55, 0x0, 0x0) ptrace$setregs(0xd, r55, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r55, 0x0, 0x0) getresuid(&(0x7f0000001640)=0x0, &(0x7f0000001680), &(0x7f00000016c0)) r57 = timerfd_create(0x0, 0x0) fstat(r57, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r58, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r59, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r60, 0x0) r61 = getgid() getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000001700)={0x0, 0x0}, &(0x7f0000001740)=0xc) r63 = getgid() getgroups(0x1, &(0x7f0000001780)=[0xee00]) r65 = openat$vhci(0xffffffffffffff9c, &(0x7f0000001980)='/dev/vhci\x00', 0x101000) r66 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r66, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r66, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r67 = socket$netlink(0x10, 0x3, 0x0) r68 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r68, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r68, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r67, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r69, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r70 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r70, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r70, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r71 = socket$netlink(0x10, 0x3, 0x0) r72 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r72, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r72, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r71, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r73, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r74 = openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000019c0)='/selinux/relabel\x00', 0x2, 0x0) r75 = socket$netlink(0x10, 0x3, 0x0) r76 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r76, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r76, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r75, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r77, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r78 = socket$nl_route(0x10, 0x3, 0x0) r79 = socket$netlink(0x10, 0x3, 0x0) r80 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r80, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r80, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r79, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r81, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r78, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r81, {0xfff3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x7cf}}}}]}, 0x74}}, 0x0) r82 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r82, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r81, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r83 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000001a00)='/selinux/load\x00', 0x2, 0x0) r84 = socket$netlink(0x10, 0x3, 0x0) r85 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r85, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r85, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r84, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r86, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r87 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r87) r88 = getuid() r89 = timerfd_create(0x0, 0x0) fstat(r89, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r90, 0x0, 0x0) r91 = gettid() ptrace$setopts(0x4206, r91, 0x0, 0x0) tkill(r91, 0x3c) ptrace$cont(0x18, r91, 0x0, 0x0) ptrace$setregs(0xd, r91, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r91, 0x0, 0x0) r92 = timerfd_create(0x0, 0x0) fstat(r92, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r93, 0x0, 0x0) r94 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r94, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r94, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r94, 0x29, 0x23, &(0x7f0000001a40)={{{@in6=@ipv4={[], [], @loopback}, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}}}, &(0x7f0000001b40)=0xe8) r96 = timerfd_create(0x0, 0x0) fstat(r96, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r97, 0x0, 0x0) r98 = getpgid(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r99, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r100, 0x0) r101 = timerfd_create(0x0, 0x0) fstat(r101, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r102, 0x0, 0x0) r103 = syz_open_dev$mice(&(0x7f0000001b80)='/dev/input/mice\x00', 0x0, 0x800200) r104 = socket$netlink(0x10, 0x3, 0x0) r105 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r105, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r105, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r104, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r106, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r107 = syz_open_dev$sndpcmc(&(0x7f0000001bc0)='/dev/snd/pcmC#D#c\x00', 0x8, 0x2000) r108 = socket$netlink(0x10, 0x3, 0x0) r109 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r109, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r109, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r108, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r110, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r111 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r111) r112 = getuid() r113 = gettid() ptrace$setopts(0x4206, r113, 0x0, 0x0) tkill(r113, 0x3c) ptrace$cont(0x18, r113, 0x0, 0x0) ptrace$setregs(0xd, r113, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r113, 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000004300)={{{@in, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@initdev}}, &(0x7f0000004400)=0xe8) r115 = timerfd_create(0x0, 0x0) fstat(r115, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r116, 0x0, 0x0) r117 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r117, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r117, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r118 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r118, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r118, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r119 = socket$nl_route(0x10, 0x3, 0x0) r120 = socket$netlink(0x10, 0x3, 0x0) r121 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r121, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r121, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r120, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r122, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r119, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r122, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r123 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r123, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r122, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r124 = socket$netlink(0x10, 0x3, 0x0) r125 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r125, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r125, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r124, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r126, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r127 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r127, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r127, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r128 = socket$nl_route(0x10, 0x3, 0x0) r129 = socket$netlink(0x10, 0x3, 0x0) r130 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r130, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r130, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r129, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r131, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r128, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r131, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r132 = getpid() getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000004440)={{{@in, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@loopback}}, &(0x7f0000004540)=0xe8) r134 = timerfd_create(0x0, 0x0) fstat(r134, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r135, 0x0, 0x0) r136 = openat$uinput(0xffffffffffffff9c, &(0x7f0000004580)='/dev/uinput\x00', 0x802, 0x0) r137 = socket$nl_route(0x10, 0x3, 0x0) r138 = socket$netlink(0x10, 0x3, 0x0) r139 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r139, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r139, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r138, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004900)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r140, @ANYBLOB="0000000c000100768568000000a36d60a90100001800020014000100000000007f1cb08acf55c20c54978acb5b3d27eff6ab85ed2bf35695601b380f0b4d80b517c971fa2822d67fa2aeaccd05c9ef79e646da333ab080980bb435bf70e1325c8fae889b2a29c0febb60873f8ea61dc78524faf4e16e14566ea476ebb1b3da92298252959b884d9f8a81893faff0eae9ee723f61bfee40eee0110f1aa3209692c99624859abe062b8d", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x5}}, 0x0) sendmsg$nl_route_sched(r137, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r140, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r141 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r141, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r140, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r142 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r142) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r143, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r144, 0x0) r145 = timerfd_create(0x0, 0x0) fstat(r145, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r146, 0x0, 0x0) r147 = gettid() ptrace$setopts(0x4206, r147, 0x0, 0x0) tkill(r147, 0x3c) ptrace$cont(0x18, r147, 0x0, 0x0) ptrace$setregs(0xd, r147, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r147, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r148, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r149, 0x0) r150 = timerfd_create(0x0, 0x0) fstat(r150, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r151, 0x0, 0x0) sendmmsg$unix(r6, &(0x7f0000004700)=[{&(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000480)=[{}, {&(0x7f0000000140)="0871ad85a724fc01d65fd0404925f295b596a24d0e1d31", 0x17}, {&(0x7f0000000180)="b505d3", 0x3}, {&(0x7f00000002c0)="f627c2fd56930d0f253e7d681925a7a6303015bf324e017c7de94a2faae919fa4c10f7c34e1ecdaa06a35929554e657dc8a586666d9967e32f6c47b9db77c54a268f94321a3cdbec546f89232f5aecfa36aeef6fa705bb43fc5ff6fca89344b9f3261e54ecfead59f8840f019f6bf60c8a5d2ba02de51b66bdc32fb4153a9c70b564314feb0818149f4b13841af1e1311669a6f739089ca53487482fb01eba11157779572c2af399988c98d154b99c093b33ac", 0xb3}, {&(0x7f00000001c0)="3875ffb7ef1b8d8a5059c150b16207d556559bde46c627ff1f2a08ee36", 0x1d}, {&(0x7f0000000380)="2f915cb321e03abb052f729092adf694889db4e075c7cf805ad891359d5365ecec042b65976803a31792ddbe7ed4523b8412dc37729d90c1b5e2fbf906f16155acc4bad82c950c6abf33d889cb1a511ddac3757ae510799dea02cd81a39876a33c7b328d7114096257172bf683a6218db03026fccd2f6467b02d4dafa5559bb790a36c948da532035dd125aea2a94e58ac0d7ef86a899e2f6e87a982de8d0b3cb1bcbac5902b7f0a5dcee294e597cd0adfd3ee090a4ea9cd6d678840eff3457ca6e85357f1bb1a68b7bc6682e6a9d886bc0fde5a611396fff8840493e06c7573ccbdc9", 0xe3}], 0x6, &(0x7f0000000640)=[@cred={{0x1c, 0x1, 0x2, {r2, r7, r14}}}, @rights={{0x18, 0x1, 0x1, [r15, r16]}}], 0x38, 0xc976875302086cc3}, {&(0x7f0000000680)=@file={0x2, './file0\x00'}, 0x6e, &(0x7f0000000700), 0x0, 0x0, 0x0, 0x800}, {&(0x7f0000000740)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000840)=[{&(0x7f00000007c0)="61762974aa4b984468a9aace6a8101d988471387c71c70b5a922f1fd86f71a26d3e217970009f1f66f902a8f670161a3adaf4e50129899836c40dc168f471742659fad9fbfd0bbec58d53a8e5e377c04e431abcd3488baeac141eb9047e3be", 0x5f}], 0x1, &(0x7f0000000a40)=[@cred={{0x1c, 0x1, 0x2, {r21, r22, r24}}}, @rights={{0x14, 0x1, 0x1, [r4]}}], 0x38, 0x4000}, {&(0x7f0000000a80)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000f00)=[{&(0x7f0000000b00)="689ce6e290e94fb64d87daabb4cb23e876e87340d7a1963ba9e4d6d8185ef926f5c701a2cd382610485549039282e47c4a3f8f084ad16dc510df2239430df4129a7b0b5c0b0fbea2ccf8bd7b35b9f93384b0013910877a912959e2aa912e0185fb967ee91d1b9f93e0f70008901b522a45027bdca451b02c0bdd2fc0240cf9a3a9107f36aac0e9e72b633b80d5fbc6527d800a00e92508e44661c7658af49304cb7d4e3b14871df0ab0bcd80ac066ca04e8a4fd95a31d14d50bc32f618485477052d9d88423e2cc3e29fbb8819739d4c03c4d745b4266723e498a830423e", 0xde}, {&(0x7f0000000c00)="7aff9e25ae9b3e99978afd5c2f604e0318932b2f2da9a9601181dd1c40ead4abfe4bce0c3cc107497e3e055742a7dfe04239bb5762757dfa144858048aeafdf797a1340dfe5e3079204e96a8832672ec16116941349a86ad059dd981c06866e20c32", 0x62}, {&(0x7f0000000c80)="1c848920f9f3e7bd2650", 0xa}, {&(0x7f0000000cc0)="e5962088a63a98a141909d998826ce350ea67eb2439d2b798776f510bb9102662a033b54343420cf274eace806806ce946ac6cd9e6c67f37465415f56ac6eeb8fa31d880633cd8b5866a0acb1e4e7abf4b52a257d94389291d88b23a2b80f71ab6654eb567d6f1ce4ad6c7e71b0162a0b8982d5c1b3e8588a1ccd3b12e0b5768ab87b364c26aac86289e37161fc978d6339a2e1d3ed2489b37f45372c25303f119e9b3b412dd872650ddb33ac86e4fac4ecb4ffe63", 0xb5}, {&(0x7f0000000d80)="e0fec29ee74f3ff70746f9cd807a51d6ac3c5159ff7051811ce67734db81238e32e12fbdd182e0336840c2b49c625f7400db78f33e1ff639ab0eef2fa2d53630b8b4babf2aa2d7d7f83ed32bade2015f65888f9c8eedf9a146cee6d7d52e1444", 0x60}, {&(0x7f0000000e00)="851070990e0caf3cb95c28740492e5701c068292a534632a4b9d897d2461aa33293246107534171a31e9c6e9b87a5448288fe6d24bc40aef7b4c5bf954ea40633e4fcf4fb3cfd2cc3481332634bb4c893735c1ffe137d105e1965ed6f95f6628f22d1e7c3f4409485967f96d46adadc6765b3e8b8d126c719b9026a52d5c23648993a0d379c059a212649f9aad252c87573d3fa23e05a007a4601dab07d25749548852bd28077f9d9c4f20326a7928523aa314", 0xb3}, {&(0x7f0000000ec0)="4672bdb01f35d9f020da9d5dc3479735434e9a19742a53d17054fe1f4b817e5917dc004d34ed5dd0303cc7f656b32168d9b89890b457134cf99e", 0x3a}], 0x7, &(0x7f0000000f80)=[@cred={{0x1c, 0x1, 0x2, {r2, r26, r28}}}], 0x20, 0x4000}, {&(0x7f0000000fc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001180)=[{&(0x7f0000001040)="314b440fb7dfc2971661e66dd5fa57f3a18e1397b870ddcd43931677fbf4bb84d01f695a61ce7c2610b46b8d457321e8909f5b3743129166922834c8769ae98ac3df093fe1e024826fa2b420285ecca639fa746f4abcb05d373e43e8886c9133714bec1b6d7a88a9144bee92d0fdf462907f2a09c9023065b7e599da83ceb699b80dde03a742f281e80dd11f56a26862205ca29075ed97cc90e58862bd8bed19beafb60df1a53e802a519bde5867372d75c2713fcdc0c72dd861f28508a9c4414c1254", 0xc3}, {&(0x7f0000001140)}], 0x2, &(0x7f0000001280)=[@cred={{0x1c, 0x1, 0x2, {r2, r29, r30}}}], 0x20, 0x40}, {&(0x7f00000012c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001400)=[{&(0x7f0000001340)="c425df71af8678269d966c4e2ec6c15ac445e29e092b8a873aff1a8f37cb13f64c854d547d40764673b28089dfc218c8e69779d53237f12583c1dae29f50d0a7c32551d106ede0dde6c523dce4ac789589296cf1a2f143adb27153fbeeb773e4bf74994262e6d55313c8d75eb4563f52e1a07fbf034e81e0f6a18aa569d6bbbcf244b2622e127e4e357eabe9b1511fdef460e580b6e53d6cd2c290b79506f2db6323db8a960be73de25a888c2a2357eb311d7da8088cb6cbe529", 0xba}], 0x1, 0x0, 0x0, 0x80}, {&(0x7f0000001440)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001580)=[{&(0x7f00000014c0)="596f8c29c5e127c568a3fce6179aa4e2ae10a6a2209019b813e06e2f807fba6bed09918162910ef2f1bff6c1e60b79d7e97de5615f20bc9b7ec365872d9116860aa14184a1f18d3c9b53b62e9b896f4a7ffd5bce7b1ce77072f24e50d69df74d42cd68f55bab12667dadad66114c5cd08dc1b7cff55806022baa2b534adc6cb2e2442ecb89018fb0160966e84ec4f09efa3af8b94c5bb736b1a8236f4988b4e25b8c6e3b", 0xa4}], 0x1, &(0x7f00000017c0)=[@rights={{0x30, 0x1, 0x1, [r31, r0, r3, r39, r40, r41, r47, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [r48, r53, r5, r54]}}, @cred={{0x1c, 0x1, 0x2, {r55, r56, r58}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r60, r61}}}, @cred={{0x1c, 0x1, 0x2, {r1, r62, r63}}}, @cred={{0x1c, 0x1, 0x2, {r1, 0x0, r64}}}], 0xd0, 0x8040}, {&(0x7f00000018c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000001940), 0x0, &(0x7f0000001c00)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x28, 0x1, 0x1, [r65, r66, r67, r70, r71, r74]}}, @rights={{0x28, 0x1, 0x1, [r75, 0xffffffffffffffff, r82, r83, r3, r84]}}, @cred={{0x1c, 0x1, 0x2, {r87, r88, r90}}}, @cred={{0x1c, 0x1, 0x2, {r91, 0xee01, r93}}}, @cred={{0x1c, 0x1, 0x2, {r2, r95, r97}}}, @cred={{0x1c, 0x1, 0x2, {r98, r100, r102}}}, @rights={{0x18, 0x1, 0x1, [r103, r104]}}, @rights={{0x20, 0x1, 0x1, [r0, r5, r107, r108]}}], 0x120, 0x8000}, {&(0x7f0000001d40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004280)=[{&(0x7f0000001dc0)="c2b856f6793ccae8d4c2d01e1e3cf81a0d6353e29d6d37992a1a9ccc085e186ee5741e68f7959b80e3ef02b85e5248c903ef63c18f74f73d8c59a78bbe8011350e3b61ccd1fe953733cd641f222c1ef4a3cc21ff2fe4d974f39b77eabd539087025cf47aed2bc13405c9e9e18f4bf18f97c6491b0ca97250ee62d3d65897f3198064e3a7b22f6a02a345292075f6c00a992469e26c3b379aacaf2b988942db6a2c700c6ce0eb25213180e1c67c50260e043dbc4ae6220b6333", 0xb9}, {&(0x7f0000001e80)="27b5e64eab7964f102a0e31c24ffa879f12ebabd645f81a1fc76c46daecf470882fa8f0417434c5234232b69230dabb9173ae5775c21694eebd94c924b717b6e3e618cbfc2801107d99833be01161040b57361042e8d4525", 0x58}, {&(0x7f0000001f00)="c523c491eff685e8b2bddfdc6e12c3449180bc5608f74f60636f430a470add2d03bfef96583b11e38084c78f20ab8aad42ab03cf49b723279cfd1388196e713075eebf53bee75867a1609a72904bf17d2923aea3e4975699f07dd63ac75743c2cccdd655945564886c85869a917532d69ac0db87e907e8b7396607b166c4aafe5f7cbd291455b251621831daea870e8fe50d62c16fc7bf6204d65051259de8c1405e38d3574ef5bf4b1aac933995cd6d8b23808954c3357a69bd456f4fd3bc554049352597c1ecb7eb5cc5cc66a14f7e932bbcfeac38b4a960e7bfc77b5e7e84a4f9e7a08d1522ae021ea821ce7c28bc56d2fd6d7163596c0d88888394684dfe8b84c02706eb8b9d932847b63674fe2c005f0f5a875a6f5ab1273018e32caf3420a6ec03243ff3290759103e87f1b36f6d2127d29b7a454865a59e5c38da6bc50436780b34abc8dde955540a0255395a0438bedd71fbdf737504b37c0ffe828ba743bf7aac43b0c47f649c3e315cf2c4a6bcd08eb4e69d2d8b5be8482a056c6f62f46866456a191dc675c8d382655ae1322ce1dd4c4074a7f42e3a3109cf60828281844c7ec257476561cacb3f515f1cc60a471a62a34085561164c79fe3071d5bedf657e2ebb64ffbcea0ec227e3dbef98673559a8d81f7510fc6a838a1d9e92a43565588ee131fd6d1f32ca76683a0b624dbae1cdd3b31b340dbf308f0888bef927e55952649a71887ec7a85354b6a238a2c3a1834a54801f3a9e9b2ad386cdbd0a717dd82ea7471f474824d065719572d51a51b5f256b8528c25f29603e46badf9d9510fd07040ae6b7a535d00d2ac71a46b8c0a70ccc0c779b79cfa707fe7dc8c9aed3f7e3923054e1228fd342130c649ac771fba41333c26ee3480f8af583955228cac5c91eb253eb09f4b5b2af1b65c4b11e6891b61bdafde141f495cfcff180a0c4a5a815078ea0cb7cfb4d8aa5312469e4d45c48c43b9c922283132ce99d60db6fc62cad0bdcacf53dd1b9a1de3774e05fcba3f0b6027f07b1cc7c9c3bb6af87ab4ddfe40f82e9b12f4730bff68d05c61c475118f6272318c98f28c4feeff832fc129c864b60d31488d55e13af701cd218cba1b3655df63b4d418a8cb358b0c4fb04eb90a5c7bf108a012bcb9797ce5350922c4a5b31bbefe0cb8bfc123fcedeba3d0e28892e4a90db511d9419b84c0ef96a6a148d93694c0d83cf99ae87414da34b459ff5532dd2eecdd4075d8d235108435195ba606dc44f3e0863baf868be076524ac6c4300f6d4fc7ef717aa68eea30f0e2fc350af23e3607ab7e59371f85ce7467b0b6fe500367a4e99078ecff19ba4181d1aba0bb0c9ff86f5ce64abd0ad9498dbac607acdee1547b9e8b92c15c20df4b708f425d7fbaa411c96469db94a78e869657ed5026c0badaec91c93fcc71ff4d3124ab4f38190c9b3407bd98388748fb67ac0f2636a29acefcf450a5ad53d98f398af2873f78ff3b900a5c8ffbdcf1a9c81064a18ba8a00831226ae4b517dfb3ca06b70f8b164eb560feded564264b1031c4e5d6356646c4121ededeabcf66fc2696421528163dd0d26980de2344212829b790def8159edf224dbc15981499447939f3ce07f2639b0d704a500d4f3b8c3892ee3bacba65860910b9e831e2cd0aad52ea22a56124339d6b44078ebaa1418167af5e5f4f18a41d12c4b31a069b452f2a7e9b4a73d79cc62d03ca3e97f374872fbdd9a840c139259682c1dcc51a7cb9e1b43c3dc780bcb4f3ae2f6da8c2ba60bf4fd198cae595d825af8bc22dc2f0444635f17f601db7da04abd57a16f35fb62b31630eece1a6fe465e4be58e4bc53f1165315e77e55968c2f21792101eaa3d044a56545b131d1f0758627ca61bfd09e000dfce437273b39c2ae599831610bbf891d9f3fe223e2e314b3099e937da72a3f6727f37e296a311920eafc597dba223d79a927df778c7d436b25add5f577df92b55a300be5a14bd49fbd5d6dda390f52afc7e2aaf2d148a658f592003e13f4451dc48656a36b9f5fea59c12c555ad81fbf7e7c74a75df123c339e355bfa1ab7fc70369c48a38c91279ef7de508aaa52079d7817c45d659852245e63a14f1a9dfbf2cd98c70cd8ac2273382f1fe140f9f1118c05b702275b7288606e8bceef6bb17e17906653ff1f35255a368573a7429649692459be30c703b58fcb98d4fb66e64e02f74c3e8d48f369153f1c068b46ce4412a2e383d4fb844e38716b9f397f51ba11087cdc7188e2fd1a0b3cb254e74027a0892e6f158cdbe75798d057455737d9e300996645dbd983c7d2d4af7681ca2d2509f6df8af3b74f527944c156a4ab171391b987732454229f5c872777d2aab6fe5318ff8c8fa1ff13a58a97aa57f4b612bcd0101bf35fc9b5a43045a6252a97328f298c4588d49a64f30eebfbffa7240e15a81cdf5fe05f87cf5d75b1bb86e485c56b6ae138a6cfb39112d9c49e201f8febb2c1ddbfe85f6389efe9e1f8d9a8ad331ed01d828454560539cd342b2c9682a039447d7b63014301a01d269eca00cd20448376c3c24f3be58bb4ae25ede0cd30b11feb4481325d73302ff4a9408e8ec42061d5000ad03e3fabd5e84f72fc0ba36fa877732ae1f6fb2bcc4e7950ea74f6ae44f22114b51adcfb70f89ad8bf97be310863b15255fe5ae8967276ba46b6c4a787ac9417cf12139813c0dbb328950a535fa28d0b595f712381c5910b0f6226bec89edb96d0c8ab49811778b2690a70c6dc8ba7654b8229c636904c21f8a444fb0e516733e9a2fd7eb2e9aca799cf2515cc9dd79774600cceb11fc39a49a1f58e6fe116024b3cd726db7eed0139f5442f70282b348c968144b3ceff9a9e3a3f08d74c334f418f777b2f2e43c5120e1769c8c60c3810671b6ae75f3023045dcd160866a9aef1369f0bcad5230f00ad05c3c1149e62ca2d8c702616b5b35608819e26b83d68efa5fec24acde0ac0e1745c1091df773430f5e10fccfd950fef1c2b58703ea0b8b5082ca1b37fff7788aeb5aad5427566efba050a2b39ed431e3e17c61cf6776e211972fd40d68b4bd4df2f334c0a00d3cfe2e1a235a8f1fd5cb888e385b36cb43cabb005d01275b1c07df03305181c8a0dbf55dae7857a052e228dfec69678eccd452710b9dc81604f93dab30da2afafbbc879ce534b3d9cc93c5f490c05526e9fdb4ce1555cadaadeb5b8d01944538a197b40e9eae29940f8d1e33ac0fda1a48322128ff0bb3a5bd4b1a5f24ca9c0cf4e5cfbd115448db079137a3af51aaa6ad13760756d6f6542129f5d9f568570926c08414cd766c1794d60870b509cb6e166b305634b436c54341bb537be6a09ccc7995d8b433979949313625ee8b924bd958391b5517fc6fe3af3b17230266fb5e9cf0afe0ba0200b4a8cf7ec161267682447754fec8917f9172a50157a650a9c46541c7247d4de743817e64c844db703b7ca9f3f262dd7b2b893b3105bb7618c24ef6875ed66211d012b623f5516646e37dd776463951173811233143adbbbd8d17bcf8f382580edcd9a0b557c4f1ea0d0f449b5db0f7dc7ed6f715a72ddbae766b114693b660ca4cd49a242bed3b26014ce145161760829e7053eacf536515ac61f867b93b3dbc4a024618a09bfe85aff2647296ce0be2aa3cb7044186e91f16a9e227171a714ff616b865cb0b7a92360df76f93aa87961cd8f588a8d03e47f4a7afe415245ec4ff824a92afbf35e21c33e4b506f808a997609afeebfac3b2b2f4b3206a854af0cda0c5337dcca16821eda8cb7513c902adca7c90836fd3f0941ec49d7bb48bf7782310cbb9951f304fc3379c8515194c0e99527772cfc81e8f898d96b3cbc3dc6cee3eb234ffb70179550911cf5ecdda9cbb7d53782cb7c53293de7a29e51d92fb198d8500bb14adcf244790f65c47155ccfcce58607c23ee82b2967e5dcd0cda807653f70ddf92f79317b7e47cb017cd21bd7ca75bda5dbf1f69a8fbd6db7b374c750404426d221e9fed30405715132a587bd76e2cb86fa32378f49b74a97c886603157d496add30cdb78078cd1f51f2b51a3ba0a10441c39ea1c861dcd3e97232b0ca18872fa768a25c09effd8da0c1009d16f5d3bbc3ad7dbf106195fd3103adf044a50969160d628fc0a0760d96c2ab38acaabc4d5d828b6026641d12b5de8b63b21aa5ecdfa5bd464f951a279cf3933769cb25a31eba9d5abebd01cae627d34bf4103051b9166c894d2beb03ba78b97f551b49beb159e69f4e9cbc15f82736c2a3eb4ae933a19a9f8dd42cb54bf15902ae53b6154e90310eb7c0e34438a96cb34952a51880dab821f1bdac347fc46d3386aeae6f6bb6e6fc8ca44b9dcd19f884fcd2bdbf49959d96ce0c90e84ffc4980893ee0fd46f49a6f7d6865d802e1c564d054be4b5840976c2dd0aaf1706af8d85d875a045243e2e121bbdedac31e3c575cfa7353645591b2f229d7e4fdd178715cbf4fd8896e8729d79da2d95140e562271fb5bc16c2d3c5e87c415328d4cf1d345d149a5a80ab850132478b0df82d32945d626670be61015a600d9673826ee3ed3f1d8a6c291fbc88a2da077794183c6165be84c4e1f9e9ab2e3e8b645d31833ab3bc6c7ce8629e90f57f9b0f94840db732e65f40cf3473569fd84d40d4ce00cbdae989f3748de476481cec2ccd2266bd48a4aa194ac3abd608127804223f932a764f27007872918d2e79e9fb4ea85856d5aa1f86000677188191284799d0cdbc7f9d3a1272d285396c5e6917009521d094ef2bda3839137ee22dd62ecfde93bc30d1e139dbf22eeb8a9db7ccf0e04bcf6a66ecfbe65a99c69d6cf6a7e5dcb9feb7d5d01384bf3aaec905521c49467c769f2d71f7295cb8692fb2b603aabbbdd054d8245f393ac8605d25bedb8ed7e49a7ec8f1cb27382bfdce52997ec21269d23661a3290e5f2a623634f609a63338fc746fc5f20e8528ab862f7bc978322f323520813242a1094a402b6f8f114d7629431cd379df78223e0703155dbbcc31b8747f44e2cc305ad773b28e2bcb38811a70c7c82eb0bbdd79906fb9e0c0058c31e3ebc365b7a58268d8d2f9a0d86d33a45bc7083e6c02c0bc78323362b5cefd749f935b796da05514d5978a507d5c74b90668d1dbac125f596622a95b7103447587a93ebc0b47f0d4622666809a8328e5624851bcf1fde3eb97bf1d7b392467f97ed9d1a3e2e2e73d113a3a0fa06ad98bbc761e66b01b8e473eb1544e65cacfba579c73659198d921ce08b597c90e8c118f9f3165f7a667990b4f9629d367346bf5821a35ae0959e7dba915b7ba1a6f634589c5f9bbc15154391b32c7811890f84b4df9347a375dc54e5f81bcaeda594ee8f13743050789858c9454445e2f82d33dde7754256479558592110e8aed618e1adaf00244ce8abbe50a261199af26c138fb33f24e6c43805497e74df8fc66f1ef68b0a55ea050b0a6643656d15ca7e760c844f1a00a92b63c1341c8e7c385305bffd42bade0f6f5ed23d75f1f7d284ea2905c45699088a776534f767dd8c08c1a31c38880b61df8e6da2b88c02ead9e348a49ca2f838a126481bb6b23927a3da39d60d2a95afb69cf3a81d3df6d265829f68891383554faa5a8c855e3879a64aa8276ac9ea417bc4ea53685755ccbbde271d90c572691f237c21b87091e379fd1e27d009047cff654d150fb9473182638169c49b9f56f1a598c377b0efe8f2f26bd44239032a18c7804632b786cabad270d51717dce68e7ab4a70e31b42c9009b2faa9f8c516148a71f10d420f4bf97efbe", 0x1000}, {&(0x7f0000002f00)="6e30c1f0db14cd44d2ac9a30fded42787618cab0cf605f7f272f9c12719af34667eb90dc16f347a44885eb033341236ac34999ba5271fd95187cf9b09fe1a15b08b86aa77b4fa397a09899156bbf0c01470a18172f330f7c0a09a478dd967a2d02", 0x61}, {&(0x7f0000002f80)="e07a03f5f4d209653dc8b5ccef40034498e3703a21061ad0fe17cd72ff6ed101598aff3053272dc1fad235a3988fbb1c4f033a5827fc220de83f82f38e7879e3b526d0089d422e06342dcb0a3b1129b1543e54ab7118b579a38560e27785e0318ee0f1656dfed49d577c4d64473caecbadda9c45deb9e7cc9a22d5bc6a536f942e9c2c3a057d3a4d58724818e56773374273444a50aebf83b66458a8e5383df1bdd7caee90570521b4b8bfc0b3c26adc22a395e5d5cbf8e82a32677ad53c662a328c0f39d976178e4ab4a0", 0xcb}, {&(0x7f0000003080)="7824305a5277271bc3c97b876788e318cf2ccc60fbeaf6a696d4a0a1266fe6c39d75ce8de953be61d094495d0d7945c85eb0fe7d2c0ce2fbf90c2882f41b7eb2c55a01374c609ddb33d1a92f68c05fa67c178660ca34c0526219a529c4ad69f45cf4d8b9aa7d58a2cabd1d3f3cc62b3f060e6cc6811219b41753d171bf3811875f530e3de6ffb63c76b84ffe5c4f944e76ab6dc062e726aebb53d9762fbadee1541ab362c05e8bc527cb25e8b483b941e2579403be23e04263694346c17ad327a215cbb4128806c260ac2765c96ea9d79e3552c97d6381ef7fa201b6f49f78dc8d0e42b86b3d07b6901bbefe71", 0xed}, {&(0x7f0000003180)="1cf6149eb2947505f1b52c4ec39a1b62b56a8d5e057be5879e24dfbc316e63b798c3941375954028b7f2731b14b8ea2cbfee3ca081f0aa8e9555d89f0394a0a8b379899bd1bbff5992ce818bd684910f792e115efd543b7f0d6aa71cc85c070e8edb4e49db94e688df6613cd992b09f960cf8883f5e3b0ba0301fb4685cc66d49cd8447c514b15f1b7357c294084d1445735427b428b1cbd2cf5ea4b9fc157075240ce1233dad1bfa1b48005ca4c8f98920f8fdefa83ee407fba6aa6e92e29afe2aea5b2921486b886229d5b8b4c", 0xce}, {&(0x7f0000003280)="315bcf5be62003504ca9c53a50f34d0a583b9bbdb0ca34c894d9f26f0580d389f373a775ef7b3768232861996c25580d1bef331ed83cdc53e7970c63b8f1df9acad1b0e4904d5cd18bd8020a2dee8bf7e307ba980af920d5f69728d416d6d7eeda36d95dc64300ab6d56cbc4faf1281e7cc5078f1147afb04a0d9760b7570b84d61c1f80a786f741bd00e806abc0f739abbb2198d6ca530d571f471798497f33bf36a1c003afa9515bee7a567d44d8252c2f846eec89478ea3a321b56c9003496a652dcf0fade68500938aa2854c30f556b36e87258716ca5577de661d741d6254771a73d1b604914be3e9c529f20cb0196f5a12bbd6505a24e32f54522385a4bb685030ebb65076a362d922b78c1983caf7dde1749a385621be68fe4bd752a11995229b73ec41ec189236420453f77ef6b3d58e9b9d368b4199571c774e7a73c17db092a99d64a779cf4c8f1cfad4372fcd90d4c5d2b1c615d2997cde5490a0c29719429ecc59ccfc5b60967eee740c41a3b43cdfb5c3a3ac234b6b3cd67e366135304597c8d7ca6e487e4b918573029974ceb3f5ac78ac6d0bc383210e7562c609c09d7d5e6977ed1350b67b50e142c8d2ac36012b669cc576033241aa04c661cdb174187a1f9c6643a7b65514447dd20537e9ce6840b4078c690e3495c55e07b5b0c2c2a494817171403a6d2c02f9b09d53ae5959956ba4197d15cf2253db389d643dc375d952556b69fcba27bf5ee838b99b46dd6d86f3cda35ef3fce44fc6463969fe32c72d406c5d2956532a926f2bc9fc6c338ef66d1d5d83d19de6060dd4ae597ddb1cf0f5e8828646273029187310c41962248745d55b99a292590592fe2976f5c823fd6fdb0cea6f2c5ee9dc5e55c90dd295eda6efcb651751776880e919a4b7161ee6cb0ebdb89095e4992695530881731bbf617aac363d701f3dd349585f00527e03846f16f171ad05596981a1ca979d335f0e15e8678c523fbb79a130727a02d6d3f2913bfd2369c8808c685dc2bcc72a69a9fda45e0d60991a99f186de6fc6a9fdb5f09215ce2bce7019294d878d15b2eca0b889d983ec60c12f515e565e02abf05a1e70fa5aa748800bbc0b51c60a037df67720d58cbe702ac31607c8482c636e1a7d6f29aa23f13b0234cd5ef014fc1ca51fd37b9d73b57e098a9f9ab371c4d9d957e38675de4dff7567e76a30cd3541d4253cd5a9cccbec9168a4fc7a69d9c7e91ef71226bc1623fd70e09d112d1f44bcd7d957c2c2cd787efef9c8b54fbfad80dd31cfb90ed06d1b5678b441eda16080232a34060a08a517d627fda6e61a958eae0ac93111a74e0b641e1e32b11893d61eecf445014dc8f182c34096f06a30bb6fac6655015f805f2edd0f273ea583f73efc78d4a1a029b6bcadf48a939199b2284935e48162328f68a57c8ae87317087873b423448d957adac6cbe5f68d9f00f16f052a652f2894db885f81c59f70675d50b1a45e6ea94dbd3124cbe5a66ac19d2d76e9d03b432ffaffd63089e06afb838ba3be7082f8f0b3f6900385956d8ee65a41a7a06d661b5d39f8f448dc69f3566db2a9c9ba859ddaa5aadf091f8bac3e21f6fc682ab4244a03ead9e8efcc948c7ceb0e0a0bdc6a37d9ded0d85a60b119012fabec543da448fb66fc43452dcbdd60036c9f14dd42caaff58f5ede974802a9705c37342019289a415fca6d5f6aea47ac5b8a173a4d34da13e655af876ee2095b21a4ea2926464cd1132cde101f86d5c3b7cd69e06a78d2942646257091b4f78d0db83bc6be09c52f67a653f3135e5f87a504be367ce7c8a5ce08ecf7871f69e462299ef7161ca45e6819569cb5e859fc576921a8cac44d036258999102a25b741a6ddffa12ab7fedebf64f506865fc3bd783ead535b6d86e9cda86955a8e995acf8de19c223d3a84a6b571362617bfde2e07629cb77ab397fb9f3937876351c759f149c642a82b6bb4e3871503cd13adb46c93edca2b134c173c57094904b5270f00450d103795caf2ccf5007f85959ea3606b5ec743e2aed7c11d1f84ae64d6e2b99e8a452a34e0c3c5a0b3bd84d7523c2823c589be2414aa3891567e62fd6d6871ae14aa2dd2ec4005996b5e483acb1eee1c6927200f0121d3da5eed51568ed2883b8536e32d1382c8a6a593bbe9fd98155e529de6066b16823ce1a11d2790984d53c99a9a06fa57e69cc2167314afe6aff18f7ada5c3b4ed249110c614eaefeb7ea81d6a8d4754207db91d0fe1b2f15ba9695b7c09f0a817d8f0178b19ae0bc3ab5793dda3263570ff18f0ece43bd9f5d235b76e908207a34557127951ce9435d30f77840d9355d9a10a194d814f625c89b978373ccf7515b4d48b33143fd7defafc2e7c90244d5f8a7528dd5a8739892f935c107c89950883983e6d9c63c3f10c687bb003bd6f7b32a1076f1600e9f9d3f3c65ead414e9e2504df2de7bd3bb66dc480f8da8fefd9a0526e3fb4e0b78744d184b840ba2c49b654b855f77e5b8732bc0b222860c446700a53c4d55c32ee7657d50e6d8bc726160eea73d2c4535cc36787b3827663684e2a7cce9ca831aaf87a0fe75adec4f066e0ba420cf3554d1d917d6c6ac70672de36998e225067c679754faa83cfabb67786d45c78c28e85181559e7cef07b1d471a360d83840e57b7031610580016c430779ae78b2a5e63d543a771b47713ad1d00b5a809274536406fabbc5433b8df62c1244ef4c2e6304c3ad420360b8eea0acb6adaf6c1a8068c4e578c0389f1e5c8e02e1272f7700792e1b73fb8b6e4fc1be609ba5b8f544a2ad7e016f98377631eab173c8b9baffe86381e4905689f771f8531a058b2f404e54a77422dac03b54a44f2a98235e0cbe825d4fe14ffe6eba9be5d01afe1b4524d1f30394d15dcd62868453a024377ccd71aba884c69b8113151d737f8f686e5991c0369f4dd29fc8db600ac95733f4c8c432cdd061eef2e972cc53dfeced24703a0138e6c7cd43418cd1bbee71f88eb7edce3727bcbfc3620c0c292fc5253e46a31e3ca5e80689edb612c18868d18d38450bcb67ffd7e708051eecc2279855d7cccf14d456964484e2dd6da82f902c3de6dca38f3b86436987fd115f1e62e9fa9a7b6de10ee1357ea224674890295535e202bfab248fae10eb9cd024e4ced524d5a5047c1c06a2a533e6f6b88ffb53759925bedba4f5d186d27f8a88bedf839b7fe7f4b187a7e545b9ac855d03091ff0113c707666b0b8e2a73224d30bbbf005f44365187a9f87a83e82bf97573e2c0cab8df33f6bc811f872fd76b4afc3d5bb09d6967c99b07ed26007fbee534bcf4aa1a14ddf9e4a6ca4eebe5c58d5d0a741e10fb7d872268a5834f72ccbc4a5605031ed24bef20c3543e7c81f10b19fdff4353db510e42f212350b4495575faf275bf1e56640c1e8a6b9582fc8b0b838115d8438079544fde5513aa3ebcf87c6a2eefa395c144bec327ed7bbf93afabf8c492e085e08af6edbcd7cdc49e8807b36a4f39f75de9bfb5a62102fda08875a4c56744083fac90d2b6899a1583cacb0c2a5e4dc04ced56d773b08e66882de260597054eb021732ecfe99166fd7b721e44649c2ea556a764891fb675bf1788372e4d58afca915850c46e58859544b0c351e21673ff086ca614508d927778d9ce0d98aacfd8c76e2f9fcaae6c5306eafac383dee67ec06902177267a0d871e939a23f215c4279fd99e10f319567fb7e18e2a9f31f106d7e1e0263d05122be60ac932433582f51bc06ebcc83a6943482e6c519fddc27cac66423741c434d9bee3548335f5bea437abe666cc9f4b53bfff4c4548a513e2684738502266892baa1ceca53028895c8f880050f9a96a308b3d62e592ca08419f4d59fac800fc8ac3c64d57898cdfe06472ad6bb9e38a657216adead132ac08179499d8d5765d3d1c1fa3d9f9732116e232dbba511d3695185920463613e426885a9c74fbaa768e39a01b7ec1b7a4f8369ff4eab663afec1bcdb954e794352039c495f8e3b6ad3e2320300ac325e45bf7296f952bff92b772e0117aff4987a1814868cb7b346e830ff14a2c1f319fef93ecd5db23abd811913d83ab5f638b2bd757bc454318ec623ba7e6826d05496ca65e891fa8fd9d6969131774c03775edbe2db8e1b93eef18071dea7527355a5b2c2b38a23f3db287248d2ef52583d55ceea350d52429f8202467412d54ff7e8608f2a06d484f324dd00b6c1e9255e67b69c4cbe71918ba1bcf6a31972348dbec71c171aaaf11557285b53c0d76e0f1ebffefde42eeb66e95e9f32b852d52ac0057f5eaac82143255b9864e937c8e3466d5a65ac93510b0e540101db227bbf36e1d76167341c048fe95ed0b6bb7b9158db7ec4615edb3043761c0932098f0d4e2b10c7b1e92f839780a2f4a8f578472d2b2ce9d1f239287bf9ad33a82cfea4c9fd46e4601e2eb0b25a5f33893ee09860a65dc7dd0427f9d5194032258355c0ca1b1e49ea1ce9c6c376f70c608eaacf5cf3607a492f8d0742a054aeca121bdc3ebcfb72962c77f6f5dc7b35627638f2261ec4ea25f1d4dc4d01abeb1200beaab75368cb444ee7ba9af01b291e15e46065667e919de725a7a1858993eaf53144a023bd8809322825b034a3cbbd175e6c48752b3f9b26ee3eb1455d939720235842896e555abe2390a2e953538732b4134154890460d130b3fdd71a62b7fbb05ebc3eed5f653729f413b23a3f6b07d2ffc93bb7670df733e4a0bc4e34595f7969a7900655800f87719764e0faa655345f8eb764ae45095ef355597ad084302799a54048d88ee3d5a27a018ba1a7095b310d5fa70e241ac587945c6c072f94a9202bdaa59c63334f16bb81f4e5809ed6b7d466546dc81577cdb8f58a07a892dce07edf9a59dd0918a87e70b17c4ebeba95f45343883a59636037e4f12df7659037eb64dc129c50bf55e560e9e6a1183961683cdf2d2f85cdbdde456e835fee6a7b2acb4f108c1db0fc4e42b6f0efee7c902092ff3b93ad2119b622134b1e307cf41f1b28b5638ef206a10a183ce5ff5d89172cce7bb79d4da5a2e95d6638d73aac73d07e8fd8f5c45590fe8ddc4bdd4a2815588babc0f6b2cbb11a6553b19f9581c6d552d201ff1c9b0cfc101f0bb75e9829968dea846b6670d02697995d8b7004550e161f76764c844eedce64085d236df6ffa5f56beffee3f68b1366d412b88222d4b10e32401f4560f33d12b2ab35f20baa9f06fb3e73829cd78b26ff1f9c14d2f52e1656f7991f4e5bfa22fd10ea0a1babb96c5c062194a21ba459994d6374833b47b3a6691a25ca87287a5ce80df0de492ca926b45a847f25930f7a06e9038c7676b94a194c9134c541cf01faadc77e8b4598301914f3aca2e18112fbcabb4d2c1595681b9416e6315775c157229302d3f55eb7385b3f184cf53a4d949a04dc8ff812ba9f57d8a5ce026b8c1d379002f2721c66fead65eb2a8268d18d21fa4bd2d094dde92c730054d6126b0ffbddf6e214edf8e02dcdd06a8fa73f3f0fa11197ebe8a8a80c096a338a1edc119eb158ee1276e0b72a3a5b6940865fc8bbdface45f1b2c95d402a630ca7e7ea71281cdea3bbf056634c001bf2786623c04dd9201f02f1682b00ae77dc2318c236f2adc4793731fa5eafe78b93c8e6314aa8f4a5474485021a8ab963dcd5b52f47e60c42a396bde7bf0be82369e481f061829db83d59fec65db0616641b23ae40bebd69e0d44eceb1d70596beccfa61eeeb2c9708d5129158c193646e1f304fcd81bf1e90a45ffedb8bdc0be76f5eeb519f1", 0x1000}], 0x8, &(0x7f00000045c0)=[@cred={{0x1c, 0x1, 0x2, {r111, r112, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r113, r114, r116}}}, @rights={{0x2c, 0x1, 0x1, [r117, r118, r5, r123, r124, r4, r4]}}, @rights={{0x18, 0x1, 0x1, [r127, r128]}}, @cred={{0x1c, 0x1, 0x2, {r132, r133, r135}}}, @rights={{0x14, 0x1, 0x1, [r136]}}, @rights={{0x14, 0x1, 0x1, [r141]}}, @cred={{0x1c, 0x1, 0x2, {r142, r144, r146}}}, @cred={{0x1c, 0x1, 0x2, {r147, r149, r151}}}], 0x118, 0x1080}], 0x9, 0x800) write(r5, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 388.966348] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 388.973623] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 388.980900] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 388.988188] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:21 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) lookup_dcookie(0x1ff, &(0x7f00000000c0)=""/75, 0x4b) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() ioctl$KVM_GET_REGS(r0, 0x8090ae81, &(0x7f00000000c0)) sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write$P9_RMKNOD(r3, &(0x7f0000000000)={0x14, 0x13, 0x1, {0x1, 0x4, 0x4}}, 0x14) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_GET_EVENT(r4, &(0x7f00000000c0)={0xc, 0x8, 0xfa00, {&(0x7f0000000280)}}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x80000000001, &(0x7f0000000000)={0xffffffffffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000140)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @remote}, r5}}, 0x171) write$RDMA_USER_CM_CMD_REJECT(r3, &(0x7f00000002c0)={0x9, 0x108, 0xfa00, {r5, 0x1b, "47d6e5", "fca2d08f27baed8760bac82324d321e06b59afaf729de1231fc17b17ce4b04048451d43f168d060749b67ebf6ddcb6dcba278dcffb8009bb6082613fb11acf3424ebe63d55fd016b4dc5b1a32bcf79ca54954c44f3cad986db303629a1c54daab5622ddd5f313c2fce751163746065a3107f4fec08d4ad6fdeee70f44d5ff249e89fbc5f4c33de511482b726a8e36a0b096afc0caf58781d2d6d6772a7e724fdcc522d68ac6b13674130799629c9b5eaae29c5f2ba044461ba1db56933db271cf0cc2fa92498df78edfd5ff9fed91249541fcf28733133e8055a63f9bde8ba739043cec33ddaf4941b51080441ec094c4d641522ca6704c7d7226a458ed0b3fd"}}, 0x110) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r3, 0x12, 0x3, &(0x7f0000000240), 0x4) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:22 executing program 1 (fault-call:17 fault-nth:9): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:22 executing program 5: prlimit64(0x0, 0xe, 0x0, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000000c0)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000100)=0x20) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000140)={r5, 0x101}, &(0x7f0000000180)=0x8) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 389.749033] FAULT_INJECTION: forcing a failure. [ 389.749033] name failslab, interval 1, probability 0, space 0, times 0 [ 389.761430] CPU: 1 PID: 20561 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 389.768473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.777839] Call Trace: [ 389.780451] dump_stack+0x138/0x197 [ 389.784095] should_fail.cold+0x10f/0x159 [ 389.788260] should_failslab+0xdb/0x130 [ 389.792259] kmem_cache_alloc+0x2d7/0x780 [ 389.796426] ? dup_fd+0x533/0xa40 [ 389.799903] copy_fs_struct+0x43/0x2d0 [ 389.803805] copy_process.part.0+0x3924/0x6a00 [ 389.808423] ? save_trace+0x290/0x290 [ 389.813121] ? proc_fail_nth_write+0x7d/0x180 [ 389.817636] ? proc_cwd_link+0x1b0/0x1b0 [ 389.821732] ? __cleanup_sighand+0x50/0x50 [ 389.825993] ? lock_downgrade+0x740/0x740 [ 389.830161] _do_fork+0x19e/0xce0 [ 389.833634] ? fork_idle+0x280/0x280 [ 389.837364] ? fput+0xd4/0x150 [ 389.840595] ? SyS_write+0x15e/0x230 [ 389.844413] SyS_clone+0x37/0x50 [ 389.847796] ? sys_vfork+0x30/0x30 [ 389.851352] do_syscall_64+0x1e8/0x640 [ 389.855260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.860121] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 389.865316] RIP: 0033:0x459a59 [ 389.868509] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 389.876248] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 389.883525] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 389.890806] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 389.898086] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 389.905367] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:22 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x60240, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x1081, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = getpid() r2 = getpid() sched_setattr(r2, &(0x7f00000000c0)={0x30, 0x2, 0x0, 0x3f, 0x5, 0x0, 0x4, 0x3}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r8, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) ioctl$KVM_GET_REG_LIST(r4, 0xc008aeb0, &(0x7f0000000140)=ANY=[@ANYPTR=&(0x7f0000000040)=ANY=[@ANYPTR64=&(0x7f00000002c0)=ANY=[@ANYPTR, @ANYRES32=r0, @ANYRES16=r2, @ANYPTR64=&(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="7ba2ba0af94599217ba4bae321fe9899558397cea0b0e0f4b470c55ecfc75314daa42b3e7d8d66eebd97e0a3a23e0cd265627f68fbe240a87543881b396a1af985eb5dc1b263f27b067dce584f9bb7ec1de5b9ae8252eb8141ccb62143f5b87fc852ea097fcaef8dc8f4654fcb0979e8fc6f522fefd0f780be9521bff9f7e9b02b106e43b4a7edca3b9a7a86dc5091", @ANYRES32=0x0, @ANYRESHEX], @ANYBLOB="29d9c617a528d70088425aeea165a492a0735955f60ed1c1a3023c1e80d6452d2ce67529d8c4c784433ad19f2b82c84b3bb56f3f4cd97c29533eaa13e0a15caa5f918756112d913f770c03f69c94b0b6897fa9593cff6b0423718e9816d86302834b7bbe52862cf3487fb5d7a7465d14b5df48d9d37db1757e6d3243c2a3e3474f258e1e20c5f5316887d97ed893c64d18facca52e6dff5d78879252335489dea5", @ANYPTR=&(0x7f00000003c0)=ANY=[@ANYBLOB="fbd9f60572fd62de73e5a15e9892adce2c8a1738bf80fc314c6248da3fc9ca6a790aded5afef38269671135940afd204f29799be6b13edebb0b258f06a87331560cefcb7d9699d9c3e6522ecefc2a9a8d8c227248f3c8f8bc1d872981413581dcf475ab9423a01a127624e87fb69"], @ANYRES64=r1, @ANYRESHEX]]]) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:23 executing program 1 (fault-call:17 fault-nth:10): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:23 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) modify_ldt$write(0x1, &(0x7f00000000c0)={0x512, 0x20001000, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x10) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:23 executing program 5: prlimit64(0x0, 0xe, 0x0, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 390.636270] FAULT_INJECTION: forcing a failure. [ 390.636270] name failslab, interval 1, probability 0, space 0, times 0 [ 390.647818] CPU: 0 PID: 20598 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 390.654862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.664227] Call Trace: [ 390.666864] dump_stack+0x138/0x197 [ 390.670519] should_fail.cold+0x10f/0x159 [ 390.674687] should_failslab+0xdb/0x130 [ 390.678681] kmem_cache_alloc+0x2d7/0x780 [ 390.682844] ? _raw_spin_unlock+0x2d/0x50 [ 390.687007] copy_process.part.0+0x3987/0x6a00 [ 390.691610] ? save_trace+0x290/0x290 [ 390.695415] ? proc_fail_nth_write+0x7d/0x180 [ 390.699917] ? proc_cwd_link+0x1b0/0x1b0 [ 390.704010] ? __cleanup_sighand+0x50/0x50 [ 390.708251] ? lock_downgrade+0x740/0x740 [ 390.712528] _do_fork+0x19e/0xce0 [ 390.716165] ? fork_idle+0x280/0x280 [ 390.719889] ? fput+0xd4/0x150 [ 390.723087] ? SyS_write+0x15e/0x230 [ 390.726814] SyS_clone+0x37/0x50 [ 390.730269] ? sys_vfork+0x30/0x30 [ 390.733842] do_syscall_64+0x1e8/0x640 [ 390.737790] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.742657] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.747854] RIP: 0033:0x459a59 [ 390.751043] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 390.758762] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 390.766041] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 390.773319] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 390.781044] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 390.788317] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:23 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r3, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f00000002c0)={{0x1, 0x2, 0x3f, 0x7, 'syz0\x00'}, 0x0, 0x10000000, 0x4, r3, 0x8, 0xd, 'syz0\x00', &(0x7f00000000c0)=['*eth0-\x00', 'em1-mime_type\x00', 'keyringppp0%-/[\x00', '$ppp1]ppp1\x00', 'wlan1:ppp0eth0keyring%\x00', 'cpusetvmnet1[vmnet0', 'keyring\x00', 'em0#]eth1Qmd5sumselfproc*\'!securityposix_acl_accesseth0#\x00'], 0x9b, [], [0x0, 0x2, 0x9, 0x9246]}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:23 executing program 4: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='j\xb4\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r0, 0x0) ioctl$VIDIOC_S_AUDOUT(r0, 0x40345632, &(0x7f0000000140)={0x1, "58fad32f49f7bfd47d6e87788cb9c8581abb3957009735d9c7b27e2252cce41d", 0x0, 0x1}) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000000), 0x4) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet6_mtu(r3, 0x29, 0x17, &(0x7f00000000c0), 0x4) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:23 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x6, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:24 executing program 1 (fault-call:17 fault-nth:11): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:24 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x10) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x200000, 0x0) ioctl$EVIOCRMFF(r3, 0x40044581, &(0x7f0000000100)=0x4ac) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r4, 0x408c5333, &(0x7f0000000140)={0x9, 0x800, 0x5, 'queue1\x00', 0x10000}) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 391.542825] FAULT_INJECTION: forcing a failure. [ 391.542825] name failslab, interval 1, probability 0, space 0, times 0 [ 391.555365] CPU: 1 PID: 20636 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 391.562398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.571776] Call Trace: [ 391.574388] dump_stack+0x138/0x197 [ 391.578054] should_fail.cold+0x10f/0x159 [ 391.582239] should_failslab+0xdb/0x130 [ 391.586246] kmem_cache_alloc+0x2d7/0x780 [ 391.590418] ? _raw_spin_unlock_irq+0x28/0x90 [ 391.594937] ? trace_hardirqs_on_caller+0x400/0x590 [ 391.599979] copy_process.part.0+0x1cd5/0x6a00 [ 391.604623] ? save_trace+0x290/0x290 [ 391.608443] ? proc_fail_nth_write+0x7d/0x180 [ 391.612957] ? proc_cwd_link+0x1b0/0x1b0 [ 391.617044] ? __cleanup_sighand+0x50/0x50 [ 391.621995] ? lock_downgrade+0x740/0x740 [ 391.627126] _do_fork+0x19e/0xce0 [ 391.630614] ? fork_idle+0x280/0x280 [ 391.634364] ? fput+0xd4/0x150 [ 391.637577] ? SyS_write+0x15e/0x230 [ 391.641308] SyS_clone+0x37/0x50 [ 391.644687] ? sys_vfork+0x30/0x30 [ 391.648240] do_syscall_64+0x1e8/0x640 [ 391.652141] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.658216] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.663454] RIP: 0033:0x459a59 [ 391.666674] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 391.674397] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 391.681739] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 391.689024] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 391.696406] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 391.703687] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000000)) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:24 executing program 1 (fault-call:17 fault-nth:12): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) membarrier(0x10, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) openat$selinux_policy(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/policy\x00', 0x0, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r1 = gettid() ptrace$setopts(0x4200, 0x0, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) ptrace(0x11, r1) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r1, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x400, 0xfffffffffffffffa, 0xf32}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 392.424835] FAULT_INJECTION: forcing a failure. [ 392.424835] name failslab, interval 1, probability 0, space 0, times 0 [ 392.436396] CPU: 1 PID: 20663 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 392.443442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.452808] Call Trace: [ 392.455550] dump_stack+0x138/0x197 [ 392.459215] should_fail.cold+0x10f/0x159 [ 392.463393] should_failslab+0xdb/0x130 [ 392.467396] kmem_cache_alloc+0x2d7/0x780 [ 392.471578] ? selinux_capable+0x36/0x40 [ 392.475669] create_new_namespaces+0x34/0x720 [ 392.480183] ? ns_capable_common+0x12c/0x160 [ 392.484612] copy_namespaces+0x284/0x310 [ 392.488692] copy_process.part.0+0x2603/0x6a00 [ 392.494295] ? proc_fail_nth_write+0x7d/0x180 [ 392.498810] ? proc_cwd_link+0x1b0/0x1b0 [ 392.502906] ? __cleanup_sighand+0x50/0x50 [ 392.507167] ? lock_downgrade+0x740/0x740 [ 392.511348] _do_fork+0x19e/0xce0 [ 392.514823] ? fork_idle+0x280/0x280 [ 392.518826] ? fput+0xd4/0x150 [ 392.522040] ? SyS_write+0x15e/0x230 [ 392.525782] SyS_clone+0x37/0x50 [ 392.529171] ? sys_vfork+0x30/0x30 [ 392.532726] do_syscall_64+0x1e8/0x640 [ 392.536627] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.541498] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.546713] RIP: 0033:0x459a59 [ 392.549924] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 392.558611] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 392.565893] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 392.573188] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 392.580468] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 392.587768] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="7400000024000705000000000000000000000000ba99b9923ea2478772828156b98b9652e813c10fc9a20cb7f7160ba23c6a0e273bbdb451f6c2ae9193d3d9e26b0360f042c9dcc27a2cbcd98c720080a79fa21645d12356a8ac8f8f26e1d6d0a332a4f80996e91e894884727eb8e0cd0aa4f9d1a6cd57b5e469b5768970f1", @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000080001007366710048000200"/92], 0x74}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r4, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) sendfile(r0, r5, &(0x7f0000000140), 0x1) r6 = getpid() sched_setattr(r6, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) modify_ldt$read(0x0, &(0x7f00000000c0)=""/6, 0x6) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r8, 0x407, 0x0) write(r8, &(0x7f0000000340), 0x41395527) vmsplice(r7, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) ioctl$SIOCGETNODEID(0xffffffffffffffff, 0x89e1, &(0x7f0000000100)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x3, 0x1, 0x0, 0x2, 0x7}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000000c0)={0x6, 0x0, 0x10001, 0x4}) ioctl$DRM_IOCTL_SG_FREE(r2, 0x40106439, &(0x7f0000000100)={0x1, r3}) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 392.750370] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.0'. 17:46:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0xf4, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x1) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:25 executing program 1 (fault-call:17 fault-nth:13): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 393.345042] FAULT_INJECTION: forcing a failure. [ 393.345042] name failslab, interval 1, probability 0, space 0, times 0 [ 393.356458] CPU: 0 PID: 20697 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 393.363489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.372860] Call Trace: [ 393.375484] dump_stack+0x138/0x197 [ 393.379136] should_fail.cold+0x10f/0x159 [ 393.383306] should_failslab+0xdb/0x130 [ 393.387309] kmem_cache_alloc+0x2d7/0x780 [ 393.391477] ? selinux_capable+0x36/0x40 [ 393.395558] create_new_namespaces+0x34/0x720 [ 393.400095] ? ns_capable_common+0x12c/0x160 [ 393.404620] copy_namespaces+0x284/0x310 [ 393.408702] copy_process.part.0+0x2603/0x6a00 [ 393.413304] ? proc_fail_nth_write+0x7d/0x180 [ 393.417808] ? proc_cwd_link+0x1b0/0x1b0 [ 393.421892] ? __cleanup_sighand+0x50/0x50 [ 393.426233] ? lock_downgrade+0x740/0x740 [ 393.430406] _do_fork+0x19e/0xce0 [ 393.434258] ? fork_idle+0x280/0x280 [ 393.437983] ? fput+0xd4/0x150 [ 393.441192] ? SyS_write+0x15e/0x230 [ 393.444927] SyS_clone+0x37/0x50 [ 393.448303] ? sys_vfork+0x30/0x30 [ 393.452741] do_syscall_64+0x1e8/0x640 [ 393.456739] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.461746] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.467904] RIP: 0033:0x459a59 [ 393.471096] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 393.478814] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 393.486097] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 17:46:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) [ 393.493385] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 393.500695] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 393.507978] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 393.534600] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.0'. 17:46:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x26b, 0x2, 0x0, 0x6, 0xf00, 0x0, 0x100000000000000, 0x400000000000400}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000100)={0x2, 0x0, [{0xc0000001, 0x4, 0x1, 0x35, 0x0, 0x401, 0x6}, {0x80000007, 0x6, 0xe191c6544987c934, 0x1, 0x9, 0x2, 0x101}]}) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) r5 = gettid() ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x3c) ptrace$cont(0x18, r5, 0x0, 0x0) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r5, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r4, 0xc1105518, &(0x7f00000002c0)={{0x6, 0x3, 0x2, 0x4, '\x00', 0x81}, 0x3, 0x10, 0x0, r5, 0x3, 0x3, 'syz0\x00', &(0x7f00000000c0)=['\x00', '\\self(\x00', '$\x00'], 0xa, [], [0x1, 0x7fff, 0x9, 0x1]}) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) sync_file_range(r1, 0x3, 0x1, 0x5) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x0) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$inet(r5, &(0x7f0000000240)={0x2, 0x4e24}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r6 = socket(0x10, 0x803, 0xfd) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000000c0)={0x0, 0x2}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000140)={r7, 0x3}, &(0x7f0000000180)=0x8) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:26 executing program 1 (fault-call:17 fault-nth:14): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 394.230357] FAULT_INJECTION: forcing a failure. [ 394.230357] name failslab, interval 1, probability 0, space 0, times 0 [ 394.242957] CPU: 0 PID: 20737 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 394.249992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.259363] Call Trace: [ 394.262009] dump_stack+0x138/0x197 [ 394.265651] should_fail.cold+0x10f/0x159 [ 394.269810] should_failslab+0xdb/0x130 [ 394.273790] kmem_cache_alloc_trace+0x2e9/0x790 [ 394.278607] ? retire_userns_sysctls+0x90/0x90 [ 394.283210] alloc_mnt_ns+0xde/0x450 [ 394.286933] copy_mnt_ns+0x95/0x8c0 [ 394.290569] ? kmem_cache_alloc+0x611/0x780 [ 394.294896] ? selinux_capable+0x36/0x40 [ 394.298967] create_new_namespaces+0xc9/0x720 [ 394.303465] ? ns_capable_common+0x12c/0x160 [ 394.307896] copy_namespaces+0x284/0x310 [ 394.311990] copy_process.part.0+0x2603/0x6a00 [ 394.316585] ? proc_fail_nth_write+0x7d/0x180 [ 394.321087] ? proc_cwd_link+0x1b0/0x1b0 [ 394.325174] ? __cleanup_sighand+0x50/0x50 [ 394.329427] ? lock_downgrade+0x740/0x740 [ 394.333608] _do_fork+0x19e/0xce0 [ 394.337085] ? fork_idle+0x280/0x280 [ 394.340808] ? fput+0xd4/0x150 [ 394.344012] ? SyS_write+0x15e/0x230 [ 394.347734] SyS_clone+0x37/0x50 [ 394.351112] ? sys_vfork+0x30/0x30 [ 394.354662] do_syscall_64+0x1e8/0x640 [ 394.358556] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.363418] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.368629] RIP: 0033:0x459a59 [ 394.371821] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 17:46:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) ioctl$USBDEVFS_CLAIMINTERFACE(r0, 0x8004550f, &(0x7f0000000000)=0x6) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$TIOCGICOUNT(0xffffffffffffffff, 0x545d, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 394.379538] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 394.386816] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 394.394309] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 394.402544] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 394.409831] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) write$binfmt_elf32(r3, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0xc9, 0x20, 0x4, 0x2, 0x2, 0x6, 0x7ff, 0x16c, 0x38, 0x390, 0xfffffff8, 0xff01, 0x20, 0x1, 0x81, 0x101, 0x8001}, [{0x0, 0x20, 0x8001, 0x40, 0x7fffffff, 0xffff, 0x2, 0xffff}], "e7faf7db42c59f", [[], [], [], [], [], [], []]}, 0x75f) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x5) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 394.673140] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51461 sclass=netlink_route_socket pig=20756 comm=syz-executor.0 17:46:27 executing program 1 (fault-call:17 fault-nth:15): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0x3) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) migrate_pages(r0, 0x508, &(0x7f00000000c0)=0x82, &(0x7f0000000100)=0x1000) ptrace(0x10, 0x0) [ 395.094306] FAULT_INJECTION: forcing a failure. [ 395.094306] name failslab, interval 1, probability 0, space 0, times 0 [ 395.105762] CPU: 1 PID: 20770 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 395.112788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.122151] Call Trace: [ 395.124781] dump_stack+0x138/0x197 [ 395.128430] should_fail.cold+0x10f/0x159 [ 395.132595] should_failslab+0xdb/0x130 [ 395.136587] kmem_cache_alloc+0x2d7/0x780 [ 395.140757] ? lock_downgrade+0x740/0x740 [ 395.144919] alloc_vfsmnt+0x28/0x7d0 [ 395.148644] clone_mnt+0x70/0xee0 [ 395.152101] ? is_subdir+0x222/0x389 [ 395.155845] copy_tree+0x33b/0x8a0 [ 395.159402] copy_mnt_ns+0x11c/0x8c0 [ 395.163123] ? kmem_cache_alloc+0x611/0x780 [ 395.167469] ? selinux_capable+0x36/0x40 [ 395.171547] create_new_namespaces+0xc9/0x720 [ 395.176051] ? ns_capable_common+0x12c/0x160 [ 395.180471] copy_namespaces+0x284/0x310 [ 395.184545] copy_process.part.0+0x2603/0x6a00 [ 395.189149] ? proc_fail_nth_write+0x7d/0x180 [ 395.193654] ? proc_cwd_link+0x1b0/0x1b0 [ 395.197738] ? __cleanup_sighand+0x50/0x50 [ 395.201985] ? lock_downgrade+0x740/0x740 [ 395.206236] _do_fork+0x19e/0xce0 [ 395.209702] ? fork_idle+0x280/0x280 [ 395.213428] ? fput+0xd4/0x150 [ 395.216627] ? SyS_write+0x15e/0x230 [ 395.220354] SyS_clone+0x37/0x50 [ 395.223723] ? sys_vfork+0x30/0x30 [ 395.227273] do_syscall_64+0x1e8/0x640 [ 395.231170] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.236031] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 395.241230] RIP: 0033:0x459a59 17:46:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) accept$inet(r3, 0x0, &(0x7f0000000000)) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) recvfrom$rose(r2, &(0x7f00000000c0)=""/77, 0x4d, 0x80, &(0x7f0000000140)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x1, @null}, 0x1c) [ 395.244421] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 395.252141] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 395.259509] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 395.266790] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 395.274073] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 395.281352] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 395.343846] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51461 sclass=netlink_route_socket pig=20777 comm=syz-executor.0 17:46:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() openat$tun(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/net/tun\x00', 0x208400, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:28 executing program 1 (fault-call:17 fault-nth:16): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x2395a3f0}], 0xdf4, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 395.986248] FAULT_INJECTION: forcing a failure. [ 395.986248] name failslab, interval 1, probability 0, space 0, times 0 [ 395.997778] CPU: 1 PID: 20803 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 396.004823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.014187] Call Trace: [ 396.016798] dump_stack+0x138/0x197 [ 396.020476] should_fail.cold+0x10f/0x159 [ 396.025264] should_failslab+0xdb/0x130 [ 396.029255] kmem_cache_alloc+0x2d7/0x780 [ 396.033426] ? lock_downgrade+0x740/0x740 [ 396.037590] alloc_vfsmnt+0x28/0x7d0 [ 396.041318] clone_mnt+0x70/0xee0 [ 396.044797] ? is_subdir+0x222/0x389 [ 396.048526] copy_tree+0x33b/0x8a0 [ 396.052092] copy_mnt_ns+0x11c/0x8c0 [ 396.055817] ? kmem_cache_alloc+0x611/0x780 [ 396.060226] ? selinux_capable+0x36/0x40 [ 396.064350] create_new_namespaces+0xc9/0x720 [ 396.068855] ? ns_capable_common+0x12c/0x160 [ 396.073314] copy_namespaces+0x284/0x310 [ 396.077426] copy_process.part.0+0x2603/0x6a00 [ 396.082047] ? proc_fail_nth_write+0x7d/0x180 [ 396.086556] ? proc_cwd_link+0x1b0/0x1b0 [ 396.090817] ? __cleanup_sighand+0x50/0x50 [ 396.095069] ? lock_downgrade+0x740/0x740 [ 396.099238] _do_fork+0x19e/0xce0 [ 396.102708] ? fork_idle+0x280/0x280 [ 396.106442] ? fput+0xd4/0x150 [ 396.109683] ? SyS_write+0x15e/0x230 [ 396.113443] SyS_clone+0x37/0x50 [ 396.116824] ? sys_vfork+0x30/0x30 [ 396.120381] do_syscall_64+0x1e8/0x640 [ 396.124281] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.129190] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.134387] RIP: 0033:0x459a59 [ 396.138534] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 396.146252] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 396.153528] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 396.160810] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 396.168089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 396.175371] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000140)={'rose0\x00', @link_local}) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80004, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_dev$cec(&(0x7f0000000180)='/dev/cec#\x00', 0x3, 0x2) ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f00000001c0)=0x2) 17:46:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f00000000c0)={0x8000000, 0xb1f33740, 0x26}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:29 executing program 1 (fault-call:17 fault-nth:17): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_open_dev$amidi(&(0x7f0000000300)='/dev/amidi#\x00', 0x7, 0x80880) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6(0xa, 0x0, 0x6) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket(0x840000000002, 0x3, 0x200000000000ff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x290, r6, 0x701, 0x0, 0x0, {0x7, 0x0, 0x1a0ffffffff}}, 0x323}}, 0x0) sendmsg$TIPC_NL_PEER_REMOVE(r4, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4002000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r6, 0x815, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_NET={0x54, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb400}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x8}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x8000}, 0x1) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) r7 = syz_open_dev$audion(&(0x7f0000000240)='/dev/audio#\x00', 0x6, 0x200000) ioctl$UFFDIO_REGISTER(r7, 0xc020aa00, &(0x7f00000002c0)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x2}) [ 396.887271] FAULT_INJECTION: forcing a failure. [ 396.887271] name failslab, interval 1, probability 0, space 0, times 0 [ 396.898724] CPU: 1 PID: 20833 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 396.905787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.916114] Call Trace: [ 396.918733] dump_stack+0x138/0x197 [ 396.922386] should_fail.cold+0x10f/0x159 [ 396.926562] should_failslab+0xdb/0x130 [ 396.930560] __kmalloc_track_caller+0x2ec/0x790 [ 396.935249] ? kstrdup_const+0x48/0x60 [ 396.939155] kstrdup+0x3a/0x70 [ 396.942361] kstrdup_const+0x48/0x60 [ 396.946130] alloc_vfsmnt+0xe5/0x7d0 [ 396.949903] clone_mnt+0x70/0xee0 [ 396.953366] ? is_subdir+0x222/0x389 [ 396.957095] copy_tree+0x33b/0x8a0 [ 396.960663] copy_mnt_ns+0x11c/0x8c0 [ 396.964395] ? kmem_cache_alloc+0x611/0x780 [ 396.968728] ? selinux_capable+0x36/0x40 [ 396.972813] create_new_namespaces+0xc9/0x720 [ 396.977328] ? ns_capable_common+0x12c/0x160 [ 396.981758] copy_namespaces+0x284/0x310 [ 396.985840] copy_process.part.0+0x2603/0x6a00 [ 396.990458] ? proc_fail_nth_write+0x7d/0x180 [ 396.994971] ? proc_cwd_link+0x1b0/0x1b0 [ 396.999057] ? __cleanup_sighand+0x50/0x50 [ 397.003312] ? lock_downgrade+0x740/0x740 [ 397.007486] _do_fork+0x19e/0xce0 [ 397.011006] ? fork_idle+0x280/0x280 [ 397.014749] ? fput+0xd4/0x150 [ 397.017961] ? SyS_write+0x15e/0x230 [ 397.021696] SyS_clone+0x37/0x50 [ 397.025075] ? sys_vfork+0x30/0x30 [ 397.028631] do_syscall_64+0x1e8/0x640 [ 397.032626] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.037493] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.042698] RIP: 0033:0x459a59 [ 397.045898] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 397.053622] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 397.060909] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 397.068193] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 397.075469] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 397.082747] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 397.141372] netlink: 636 bytes leftover after parsing attributes in process `syz-executor.2'. 17:46:29 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x400000, 0x20) renameat2(r0, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x4) open(0x0, 0x0, 0x2) getpid() r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/snapshot\x00', 0x4280, 0x0) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000300)={0x0, 0x7a7a}, 0x8) r3 = getpid() ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000180)) sched_setattr(r3, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r4, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=r8, @ANYBLOB="00000000e6f14200000012000c0001007665746800000000080002000300010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000001c0)={0x0}, &(0x7f0000000240)=0xc) ptrace$cont(0x1f, r9, 0x0, 0x8) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:29 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r7, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0x0, r2, 0x0, 0x7, &(0x7f0000000100)='cgroup\x00', 0xffffffffffffffff}, 0x30) r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r10, 0x40045431, &(0x7f0000000000)) syz_open_pts(r10, 0x0) ioctl$TIOCGPGRP(r10, 0x540f, &(0x7f0000000180)=0x0) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000780)={{{@in6, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@multicast2}}, &(0x7f00000001c0)=0xe8) r13 = gettid() ptrace$setopts(0x4206, r13, 0x0, 0x0) tkill(r13, 0x3c) ptrace$cont(0x18, r13, 0x0, 0x0) ptrace$setregs(0xd, r13, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r13, 0x0, 0x0) r14 = gettid() ptrace$setopts(0x4206, r14, 0x0, 0x0) tkill(r14, 0x3c) ptrace$cont(0x18, r14, 0x0, 0x0) ptrace$setregs(0xd, r14, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r14, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r16, 0x0) r17 = socket$netlink(0x10, 0x3, 0x0) r18 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r18, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r18, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r17, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r19, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r20 = socket$netlink(0x10, 0x3, 0x0) r21 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r21, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r21, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r20, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r22, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r23 = fcntl$dupfd(r20, 0xc0a, r2) r24 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r24, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r24, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r25 = socket$vsock_stream(0x28, 0x1, 0x0) r26 = socket$nl_route(0x10, 0x3, 0x0) r27 = socket$netlink(0x10, 0x3, 0x0) r28 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r28, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r28, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r27, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r29, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r26, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r29, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r30 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r30, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r29, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r31 = syz_init_net_socket$rose(0xb, 0x5, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000003140)={&(0x7f00000000c0)=@kern={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)=[{&(0x7f00000002c0)={0x1b8, 0x31, 0x2, 0x70bd29, 0x25dfdbfb, "", [@typed={0x8, 0x23, @str='\x00'}, @typed={0x8, 0x90, @fd=r2}, @typed={0x8, 0x27, @ipv4=@remote}, @generic="32669853bcc66e797a0eca4cf3752015da6f729beecb1f0baf440d446f3cdcc0cb86bf1d9a0db87a98b0fd840f1023d3228483aa41340c3cc0c7ef40032ed9bcbd21ed4a8ea5cef9145035430e93ad97d2a6912ce1e6ea255a75d93bce51878908dc8720613780cb2211bf189bf3694b2566cb6ef783ae6021314d5929a8846138b8b266fe06f1483c1f4d8e06983c436509c376917eabab71132a4749b073d59a36716705e04c83dfcd15dd305b7cbf36", @generic="2212e1e06678c13c6d83cfb4fcd0bb55f0e11518d19ce561de23520ba4d07ddb57e3351fe9dc67953658ad79963c4e07ec6e3b47e4312bbda13b97f5752e8390206bad52ac11e428143850665541486904eceb81f9f941bd0c94b01e2a890286d865ce5025302327546fd2bd6e200d4d2e80536c9b3a7ccaa250e7a52cc0d314da28c1e5dd959615ccd3fd5a28f4e082019592d1753c13ec3377e17cee207aa9e4a611dc76f11d05be7ad222a5a114015a1c03cf3c3900cfc297221706cca60f699976241c0a8f286ea22fe68957dbc2f9d35850a25c4997dd3d247e"]}, 0x1b8}, {&(0x7f0000000480)={0x2ec, 0x42, 0x1, 0x70bd29, 0x25dfdbfe, "", [@generic="b42ca5e120643b4e5a19a421718389e323", @typed={0x14, 0x0, @ipv6=@loopback}, @nested={0xdc, 0x5f, [@generic="5bee2594e539f0ac0e43e6ecf6cac74ed1866e70da2ca9ef1c89da7ab87683c60f9b24c23a27ae34969d441aa6bf47bc10645fccffe1ad0cfb0f428adb4be2ccb77c564ec7701e3ebf3c103afeb2a339de19077c5b27edca104cdfc19e81028cd3a9ba8e08cc35ea0dc03267c9cb169049a69ed633b8d7d1bb4f3c1f48ff0a3451f12814e38774366f53208cea413e117adf8fad91183d03cc7a27b2144a7e6f0c9e58ee9ec5e9401d21140ed5198f9f389176516b0c021df6", @generic="18929d4cc5b6f9e2a005e55623197b4613e358a4c5b37dc1cc", @typed={0x4, 0xf}]}, @typed={0x8, 0x95, @fd=r8}, @generic="aa9dba56de55c293c33fcd95b92dd163d091959debcdfa07c144ad7c2ca9712ec4fe45322cc1b0c510260fcf069ac505dcf7d2da631f4e7facb70d6ad097b239b754e2ba4c4fadd074d8a3a102bfa24e2c8382727b5f747ba533bdbc1a0c87193eee37b38a859a5d457bd7f719330d172105d469dc5cd02d2075ed11bcdcb8238fd1d90c69596ac40ddfbefca8cf6391fd3a385ce18d8bdb6db6b8966241785a33d2c3fe5b2b82", @typed={0x70, 0x2a, @binary="c1a9149baaf999b7f662c90052225fa87ae24a87dcc14c1c3f6183805ef7571c668e2cda77faf0aec33bee921c66ab7e52828cdf8b02a3cf7db38309dd7eefb245824662d8ae4b2c45d370bd94c7cab17a5ed214f80c903f5ca8ea4a9d92bd58bddcf14ccf922451dba2"}, @typed={0x8, 0x65, @pid=r9}, @nested={0xb4, 0x62, [@typed={0x8, 0x44, @str='\x00'}, @generic="3757d7b4e655e8302cc8efd0f8b6ca08b1e339c79f5fbbeae849b8c61beb85c1a4c55d353b2cf296840d2bead3f3391e835a6a88f97d1a79dfc62a28b329d0afeec060f689c25f1d0b088e563928ae547eaa95c3dcf48377924e578ab8ee06485dec74abb1a4448ccb2133ce0435c7a854ab16fc2d98f8ae10a42d193954c3abc3d7a7168c3cc13924b5b3d514b78b473c49725a312f79af52ded5d3b5ae15b52527ddabf7d70bcd"]}]}, 0x2ec}, {&(0x7f0000003180)=ANY=[@ANYBLOB="8c1400001e0000022abd7000fcdbdf2510110300d3593c703492d5d2ef146a92b573041be3963755809535410255a5fe7a412dd008003c002d000000f98ac5a51a526c73f63bfb97a5499f82ba93fd59846ee383c5107328e743cb082d19ad48fdf847ac3587b5eb6c0442c7b79b6005fec43613889e2f1278f3c915cdb2971a0ce2ff787e7f629804988b82026c388c10c8b48723d024dd5380f7000a91d13d8f3d4373a0a6a2684ba2cbd852a3ec270837e19297d57420040ee975b0d2a0760625a2ae2d6fd1b66513340c25ca21efeb32f5441623aaff2af09370f20985b199d211da989ba300b21393c08b1c63ff3d2a91b73955615a485f048f8fe33cc76a104defbac4f3ccb4231d2feaa511fc3f176cb7dee0e30f47ce8d9a3e532472a04a1eb816d49996194133fe85e787859c07d6298d59156152ee5fb9e45992790bea7cd3afd6787de211961d83fdd72e5dc0c6ce20e881ec9275f126c154c1a258fc5d8715b250b968c07bf717bd0471abe841cabe0cbe8f25cb9e3c25dcda8d6695cdf541688a72ac2fd51292a82b17a8b0d556167f5981bcaeca5c0884c792bd38070aeb7db23be2e9544997587bc204186604d8a47894615c60cfd6fafb71ff15f240fd198228625576fdc8292ff6519ceed0c840287352172d58782913e04ac3c0b96edc1e730b0341610f6a87d95a3784104eb257571f8bad50310473f1390ce46c5d87e157b3a033105601bed3f948be0a054600b506d8d8d005fe5c9c437c60df110f105dbe9aad626ef3023a27c671fc630daba463bb7005686d8a253003c767922e1fa4f26b56214f4f93f100395824871a071b3c1aa320c8f11015241aaef9eef341be5cc607c6f8b0692c350e7062a3f848880fe856b0391a12a96f262a6f9a4ceeef5a16e646544114b1112db465121560516c36f47a2de5159f0ee3ab6dfc601edc3b50ab24e077684a58cdab2ff12f48ba69fc969c4790a028f88bce5170dde63f4cfdbd65cd9b310efa9d4505b9f0e397f614ec9109ab29a874d0ff87d461cbaa75bf50ba6940de9b041be89e0ceed31f7e9cd47ef14cadfb7900daec5bf17d30a9c278d45869e505890f8004716b7056088540aa177ba36d01681a7570187b0cdad0fac8bb37f4a1b36727600902a3814fc81f5efc4005dcd2c36972af76a06c30801e704292fe415e866521aff232af33d5a81e8b609d17d7622813e97ae7bb3e594a8ec5d9ed502d90d28dd9d102898dea60451a1c23097653c686363c8f61c942e7db97c0a0aeb0464fb7c9afad40ddbacfcaa0e6ba1f9c8e01643b8a924263035378780414735fd4b1cb557e4cb0512c766c79a219c047b554c1e141e8b07be4f4ae594b024b113a558c5d2e6d0b0aeb39e341a82997a4c793866d44638fc7cb267f3a34c2d159492716062ee28859401b593e30d39bd30b25d31bbe2ab608d2e66cd76d0fb114e004b290d486de8c0a914fcf54dae51a7c507e1ef494d2ab7f8208d34671f50af039e2b5988bcd24082972f2cf183e657420953c2875ae84912a2fc883195f1357d3b82406cec0f8ddd05074b584384d42f2c2a89149e54f67e6fe1f4a339660956d2e59ea30ee931729508d227631cd8d6fe39ce92fc1233a4cce391c574bcfe84f2994e1e1f31d3a474f4821e5d0b278ade2e6e9549fac34dc1f1a33d8ba59f4b3887f42a5ce5d06231b69891a388d0ecda0bf973ca97759f36f1de2ce4ecfb717f8b92acaf798d2952dc86cf472723baaf0d84c1dc722f0328e2456593ac5592da59ccd96d0c5bc4653644fd4d0b504b72476250b1ed80564fcd0a67a2b697f3b1603647993b39f6f2dfc7795073de231758f7713d2db4a6f5fea0063d4826081096f028c8be798108cb4fdefe6c509770e438143018c74c292b3d06a1d5a4d122c841047f44b580f1b7c757f935fed442faaa237788270b128b95abb0d47ce47642e19e8526b9011fd7ac3b735ff7a0bdd47d4f60abe8ee0e58881c42a99f4ee79e6406b7e8a4398480e3ef8290e395afea0354d11733baa8ae247634456179a5dd4189987755553677fb74baf1d81089c0367fde427a795e8f557d947c8609ba771c221c993d79f0d8b41ec45a2953e4e34488c933980ad2dee681ba5b8c1f374a0868cfb82f2bbd274df76f5c9c7bd68302f0ff9d31934bf5878c233a567d00ca2c3d65c4b4f72de9ee967c2e1be401d58eb14f578a74dc979fec3a741926f8fa4fd831ebd152db1071498079c16e6ee4dd29153570e174ac176ce482fed207e3d25099c41a8cd00c2876b3e297f212eebaec650c631c4e7888b27937364a0d4033081c38214bf817c943fd68a974d6658c3ec93d1ed99e444ecb8c226395cc076d2a21b12e701d2b4a1c0299eb98a2aa15ceeef10b47261cc289d0c80e2f27f056ff546ee438c1f40667fb18649da43ee1efee9ee5b5372b1b24eab458bb06186335591fc51f8220a6c89a6d538433891a0834403e0a5d829e38cbc2ef1bfd32f153ba9cd81cff64fd439ce1e65a4d95ef42538305e11d6054c99cfea7c503dabd5fe6c00f6349d4873b05042720790a4de6d4db53ebe90c06d38367af8b6fa4723e2adc70dd416356e7035e2eb8348dbc2c4a50fefa35207604e5d60c9bc83bbe3a2570f9d627c9a9546834de71196a34844e2a2a6a49ea73db3d5be64962592654279f0355fc15f1e926476a5da304c17025d0ef173aa81df69c2360ba1bc68e44ed32ce17a4de234d27dcb9d47a041b9d42f90d57ab5a21fbe1a77b0e60e3ae950394720cfeed74bbbfdfac5129c213ce778b6a06c4579fb74c780cdad095cd670697aff58ce3569e84d265068f7367d3e1320dc3680a4ce96229bc3b12a78fc1f0d879c29b417220c9bf688f05f087d26aee5780bb13db21890e5b8c378f2f77c9a8d83c6908d51fcb751f21853a4a9ba251495df2af522ba79b0de1a7952c5a70124544b4ad1adb3daccb946ea42d4b61c2d753ac27e511429f7d55f23ce68be4797cbc218317e5617251e32ecb2cbdd7670445dbaf45cc9ecea1ef3b35a7aa48f31148442870f009493ff81ef10a75bba213dfed9c023c5d3f7e6357e2dcf36c0723ca27bbe19e606d81cfaee8ffa38a5e1432c3bc3b07c026beb1c85c64b5615d75ed63c3c0e5de89a99dfd2bd013a176b0c075879fedf2e629a9916cda300698d7621e8dab8d1ff5fcd3406cc486a415713e49dbaed2b0e868211decad99951fb21aeeb2264f834db25ed538667eb2fc2f9fdf6dcb52e8d7de808f5cefec315f271974b18bd649ed9c0fbb197f1e16af6e1f67843dbfc424201549f87f93bb6770cb7e9967ec98fb1f416ac19d609abe2ca2d752d5d69e1cc8b8c76007e7d849dfd6b8996b81f328e9cafbd17f4a1eea6a8a1c865cb4d4194755bdec1b038dd6ca5e2a62da5ad0b5ef2ae9892c8c75acdf0a445b0c0467a8d49f9c912f35422c8f55434473058a7bf7a2e1140f27445b0168eaadb0d7747d0949fb6d23251484343bfc6d00a34cae97c82c0cd0a2ef8bb7bfc7d79f0e31c4d30be7137ff7b2a4ccacd66760b6255d43ccbe62ed0000e5b0121a3c8437a070a00899ceb1b1c9623d260c6d18c6bf7acce2353989e08292675d7510ae17f6fe5c234283dd6a1334f91e8d44297b3285290852a32b6767ab55eb711478d85e46c87ca5888085a5b6a4eb02ce12b292292abf98b1dc60d5b93ae8d5bb82da06553631e8fa839e391470c7f45973af85f6abdeb95f4262c63fda8afa83caf4805ea5114a1b5938f2f726c392f1962839f34adc900877cd64c724cd0d7c9e81e5dea796b005d39c9ecaf193a76f2649b1234d4343c9dc90f829703b8d2855c59507d1f9dfd79fe3a0c11722fc02832259c6503805281afa8c28ca1feb4239af61ee8dd30dd3a7299600c40be848d7984761bcf1fce1892ba9c684ba38d8a3cdf5a3b09baf8b56491724bfe7ce0bdaf4a532405ef189723c1feda500d23774d8ed7e3c854ea9eeeb3e088fcb2135f68c91909c494f22978ed0c3f57ea61d321c615c2eca653cd322004f0d74692c9198ce4b2a18e97a1f349b26e4fec6a1a0d3ab0a5a38ac365b617097d4199b0c0b0627c8b40b7a4f79469a58b45025bfac5c8764872b3ba93b83c1fd594f4c766a14d21c5e603ac9296fe851168e47c0b16a4c5a0894c50f9c2334d592a3566559278d051002585d667e5acb7dd8f67d35b45689ec14b34ba1b4eac80038d4f8aa58ee8ec2cdcb5f21aece0b5b23b948b7673b911c1e14202b98c15676e472c59d0a655119675c2a601cd6750b1856f45d3f412bf159831c26db58291bc80ebbee3e49ed4691afbeb2aaa4189daa958ed34f61ae7c4bbc14be86b04419a16de2eab177753668821f4cde66f5c847a2c0442841649c736ccf1a4a33ad60dbe616d36769a528dd2d523cd417b05127b0fd5442197e53b3d79b2bd8a6d85ce15bdf68505e77ec9f622616ee03d7f5492a4914020473ebf68f57a98c7b937731a44f3aeee1b06ce9de5700a32f27d8da63c55eb86baa9903e8cb4edf268d4c194c6a83439367199146917071ec6fbe786ee94f6f8cb347090cebebaf92db8362226a2ccbbaf258a563f5be77f4b552fabc9fed3aa793a01ce924981495f4ceee254f70f15a766dbc169bfd806ff6138461114782d90cf7c96d3fc70ee7d808a2777d3e0e629e7f45136fbd1f04d864a8f0647183361bd716793f92537bbb4b89ad28a13d15c1d68163d71f3aaf8a6404e397824ca00548443c2948e2df3af1a0907a688b9a0e669964e5eac410c867a9b489d4d90b1a30c868839b4408c7a82f238be1f97469cd454d49c74bb64bd92f28c0b845de8afd2b39510154e683a3168f20c5b5a290cd3b2926d68a4071122d5ee65bac3b107ad216a17910e23c9c41f7055e1d0385b3727df7ffea060b7c02baed4e2e4dedafb5d7a1f2e119c089597469ef673830ceb14876228608473ba911dec6a420322d844e9f8970655e049f7126b4cf5705f3eae602947065ac7316bed6a9bd5b630b32cbb2cf2265f29979f9ca48c497f91f4016d3be21ca55a0ff2fad3184984ea32280c52497d705013991aabd501208e9a2759aee605ec6eef4d2648fdcde31efeab19f6fe091267ed6ca8091f7adb96c947eac462f57da434894edb9a9b79b57e9b58bb142ed3c90665592b81eb641bbe0771b2e3f6c96623dae06db53a7f0a5796a0bd0878fdfed471213823fbb04f38f4a862f784abedb45e6c359171a4f1429fa33710a27a15cf834224db54153fda824537590c143544d3f5b47678b57499b1da9c096b252fcd7e2134d9c963a8d01ebee9ff6c90f09b3a2887bf3eb14374e08f1f2ae197f78dff85cbdb8549d2bfbeb5f42a8984e286864cfef1079e009dca624e1bb0db1b5cf71322a3d14650451d43c34ab82246af8533939c577def21c2c027340fd4db7d3694c78fc86f0f407283f3d294d39ffcdd98ee554f3c225d2d70daf84552db504444355ea534bedf676af1fdfd6b4aadff812037af49572d9d435ab3df7608cbac5d2fc1c3826d07b59629ab61b51d590cac725fe3a9d683520197e99fab8201f564f43f1157e82194079368001f3d4d0eea460223503593fb893690ea33c5f6bc04f5ee31580d8790fe4f781d28f5b018218fb58df822c563bcfa78e68796287d91154cbc1489c96e4d4e586d29b8225a89a691c279365b662fd33868a6c2588d4683e1e94a85f5074ef8c332f2bacc7c653f8f8c8df7f329d546024e534801f6db2dce2962d6277d4960ee7c689b470bccf60782ac42aebf3c71d4e6c0b7def62429061f636904a925e888b8828f6d9a23fe0992eb4753296a1bfa27751d960e48e4e3c5ae7ad0bd56b7e1530d83463dafe00a15d5e7eb9b935d185c2602e94aa30d6ab7403e589bd82576583986fac680757846aeb5951308e0a71cb1c8b774b78273807244fddc00e79cd60d9ad0273e62c1222f56943b8b059d7b670da9f51809c0ddba1a7c7dbfeb2c0d8e684f45979e9067e7d6a9e04c127e4be62f5a0a43a27b19a9b62a3716a0f0424caa7009ea474fccc76c1f692b55c7556cfe294392aca24212b12b04c92658e3555a20c5c2d8f585da8c24983e5f9b3e47c23d0fa04094a5cb677a3908003600", @ANYRES32=r11, @ANYBLOB="14001c00ff0200000000000000000000000000010008000400", @ANYRES32=r12, @ANYBLOB="03f42e89ca70ab6093705e1f18555071e4155b82eb361edaffe9620d6f1cf1a416e3eca08d98e929b569027c30b838884962fb4163989a9fba76e52c8199ef4bd6b9650b37bf5b3b63b3b7ad55541683b7cc09597688725d1400470000000000000100000000000000000001238e0ec865a46c43e1595a1e8457584a8d1695ed5c840c230c2214533b69eb28a2b8e85a4ddb83ffcb3d70a048575785ba0dcc19a72e8d038fadf4661e48771fe763075f1df794239e6520472939ba81e8f94783353d060f96e466d13254110ee044c001d44cc45ef23ce27385bea6b353289fe66cf8688fd108494b2eaf1effdfd019e35087338a1dac19fe337e5b20ef9cb1df36446aa29536b07e5ccf9ebef18500a2e1ff34b98b2a316f3eb50c7207e608a884f8803a1e81b7720f9e5d2259f04c1a888fc43a610c248f09472a87910e773ae8503310eb021483f8ce4cffba8b5933dee896a7582d0498b05ba9ec1dccf00187009661da03437e6684d61dbb613e13a52b55cc367653ada22717500a7a66cae142e7becd0c0082002a27402800000000539c20bd20d8f84d1256c458e5e75cb81b228d29443a4736e76e6c7ec4004ae80be93166b0962e405453cf0284e589c72b6b8215c48750ace25f752a61b9b1f219db32ddf4f8c1d2b0aac2d76bd7ebc7ca84bbc9a7de2158ef3b992d1024a86345b24b8b867243dcfcc9f70f97c09f1c094c312f2a6c2f9e6726ca4de74bc047d18a0e6ff4d16a676a1c1cdeaeb3417903d64719bf8d1408f019d66234683022b5b4ea551c297dc4f4e2c6af94f39195c102d888d5f2aa4d5b8e6221070a808d2acfff5405e248b45e4bfe954b3c11b39b5729ed01a801ccac8f540a3539f3fb18d558cf8893c4c9c623a67f586cc4469b7737b0eb4d8c22ff9f6b536302a515c535239ed928afb02d2d13e26120c1bc1064a101c19229b08c4b08766a8181c7f96c2693a1546cc6c4c85116e0d6686e3e89bcb9429390bcba2a279d71217947051590c4c04d2bb6cdb01bc77dfcc109c0e184a59c39cef33af6533bf327e87b50ec454341a0197554aff81df0e77aef519a1c56a9ae2f1e081d78055f1ede98f58e1da81211ece470013b735f2e3e8276ffc5dab4b399cb3bde8d845a5d535d7ba4dc392d06249832822404e1665aa5dc7008ee9f4351b2646e867891100035000c00080008000000000000000000002e90a04bfba339514f5d68a9da47ddb7aeed060e5625cf34ba6cf34a3657ca6241dd15be1e45fb55491ccf76521cc8481272f65a4926459dfd51a9de17000000cbe5217cebbcf975d52dde5262edbd005162d628"], 0x148c}, {&(0x7f0000001d40)={0x12a4, 0x15, 0x100, 0x70bd27, 0x25dfdbfb, "", [@nested={0x30, 0xc, [@typed={0x8, 0xfffc, @pid=r13}, @typed={0x4, 0x76}, @typed={0x8, 0x8, @pid=r14}, @typed={0x8, 0x86, @uid=r16}, @typed={0x8, 0x6d, @pid=0xffffffffffffffff}, @typed={0x8, 0x6d, @fd=r17}]}, @generic="9860b511d9bc5850856708c359", @nested={0x122c, 0x95, [@typed={0x8, 0x3, @u32=0x6}, @generic="74624ae5fdd03e4c9ff862d4976ae1a4bebd1e8d508cdb0856a29c4d317d8ad1da94e55e98ac752952d9173a84932dd8f63608454e4fd5417f82297e1a4228ff985c6575fa5019f07160e3d5bd9946927209775fbc9f44304866cdea59a33669fab2f0fd6103e24fca03f0d6e50394d743243c133b6b8fe1ce2465d70a38ab48384209e0674465f807d487e04b9b0129f2d5f8c1beef498e7b59267f355ac6a6d6750c2b2b", @generic="bc4ebf98a2af14ead4619d61f42c0b774c2baf028ef1496c9f65ee10095b9f02e2fa65100e511b89739ba8224735ccdd37410e23486d78a2f0897fb07d2269184c34dc74a3de8a04262551abbcb182536b852a9ae92f5ac7da1e4544627df9b8a67ccf54d913b2a93280d8d3e1429ba6fe2e355a5b5ef05e3f9048c318eea695682c03ee270777b944a02a71cf14c9f6e26c69087feece52f886bcb081a67472ea14e1aaac529d79a1ae23541d2c39680bbc7f57cc2810aa21a6957b2168675a5677af818758ccd04d5fecc7bb70feb0c9ef275645f481b738284638da2ddb1ab15e0b9931ee2e9ca73c0b759e1807", @generic="8caea51dc86b2d84fc8dc1a50bf5b0350c09d4e1aad321c2d5a5e5823e3f1cef2636b9e5705211dd075be0f2d31e49a9ead4f64be740224845e926a4148457c1e71b0048bd169b84e17bc3b6063515217edbe17cfec7f32342db7555352b770d2109b32eaed4976a2b3c12cfb4c51823bc9cdf01e8beeb2432b3ba39709d76caf961f71a36ccb0bdf611091a1513e4a3b0698a968b861b62c54fd93cbb248ba03a9c4edd1951759cf0afd9d7d72267b52007c5f48a45253c7633f931928528c926a90b71f711dceb9420245b78d8606e9117c1adccce673f34e507fd70befdf3c5e1ff122aa76532be8574319a518ae12aacea72cd77ed406d9588af6e5a9ddadd25dc59edc7f90cb205c6b8097881819e4947ecaf3b74a4e4b92c05d6535b7d2066ad0b4ba58511c037a9c7d109430cc50b394ebcb3774df043c66fd3a143ae81f40ca1941f822c28ad2d8b9c1c59dea233b60172b0eb9345a06a0d44828f3ba0b336a822d53dff4e6e24f345f17a37a5c4b8c719833534cc20681d4601f0c7264a8e296d8824da343b0f5a3b5397dcda08b212a3a96858df3d47d6f84d54f3c6f9d702387c109a124272435408586715dd7ad8e13f77c747ac605c2b42a792500a3720bc65646a80d9b1f3e93801f71d00bcbe1a2a92b4bf7663c002770796c8ec75b10b0c5faf034cd3ae93d9ea00e1ece876cb6e478fa48d993d277cbef3eaaa9ab9c4c5fea9f1ef3cfc22586f7e85897879d38f761c60cf31ff20153501d86a725896d1e10a20062294602dcb0bfea7be7adb980472d97ca7a8789bf86a630a00ba05f4dbbd85cb70a28a84004e47b2e23b3e3b5c8da2c7c535ac3be4e68c48507f6c9f34e82106457502f4b89c457595e17b449712a533f0623261e1a16d5fa929192a603c90ac123c3c8fabdb9b1c96756990d06ac35bdf23df93157ff8db5070293e2e49d4a2f44d0c0d6ed2cea875d6ca2b9f52768898a76fcc167a71c80c29ac78aaa2035a7c15214366642f300b1fdfa789961e3b1222906002fb59151af38acae788c5c89179d3e71ab80053820138266f25ffdc888fd31e79259c2fc902c8400a383f7d6571608f32defbb09f24feea0275ddeb20ce814b21962890fa708baf7a0a3d852ba9d88083c6189a183f26fe1015ef270392525d2090ecfeb9e82141cac2f74dad41f9037d23164e7dcd32f23549520d7adefd275fde74230cd00237480e93687fcfae2ebc8330d43400bae14418a24e0c1cc95d71d802f280e0860055584a4efbc26b756ea6ada7ae66dc91775180571ce6de803e2dcfa8bd2a94ecbcf917f0e77c3f3971b7b3afddc22014d273e93eb038d09c480e86055098ab072aeec09b7bdd99ea03bb3f298f26ace2ad76c36c77c217120a8dafbd5979a70381bdd12d954e75283cdd030b28be9df223c7c60d9f89c628dae1b1d756ba7d48c182687120dd972b868e021707ab413f0851e59fda90b3072282e832d05b896254834e8ede0a0682423f96e54e149a1d633a81a0452d21df164cb38e4c234c85ad1362c2d6976c3d5e017dd575845669d06e50918bd4beb7f667cdb1074293319c27388f099d376ca6e467ec9ddf5f7853a8ddc5689fe5e32f95eea22ccbd29beb641ec4e26d499468707fc06c5c798b732fd4f1f7745d64e0d1b1ad61b35bb84efd1cf0f9a66bdece86e0b2e3fc65f17a5ec0dd2593b8241ffe00042e4a6255fdf47a2fb3b22d88388d831be6ccdc431ad022b0fdae3f7a8b701be952a9500d1f3d23d6a8b452c3eda6a94532c309786d4518b15075e18aa735b9547b51fdcb3cf76aba5aab9734fba98a27ae20e61d9a370a00198fa9aea6f7570f41b424ebe20bab61b5fbd31a6c51b2f451af0312f873be61b06e6a097e9c55b1d9d9df81a52902131919143c9716a0368f844abbaaadf0eb52a9b5e562fb3147d73dc561a10fecb602eb63f096f1186dd5062c96a67912585d8be85803cf75625d288fda83902e086f401f68aa473006e253c9e2b1db8c225735ca6a25546e39a98e9d434d6b7d8133f077db88f7202f7b94a69101a10a97cef6cecbbc43a9ed82e633adff0ec63facd3c174a750d33505e92ba76e9f42874c7d0f9e613a8004fc6dcc329b641f1e726924ae213818c94f2f3ac85e9f9440bd863491f0bd4e6770c7b0c6718436002e90ae53425be496179c66d03f26351af32b47df4382aedac05928110c5bd286deb27aad69e621e735ed97d162a5782324cd0ddea71b0e0c6df9b385d0caa054af2697a7e781a77d6f76cc03486c36a29cdf42ee1d49eef6f10ccd0b3d131e11c8ead53b74651339f2197ccdb286afc646b6f386737f24e8c85f698119f408f162630d2b9899b4c377f746f31404317336902036b55dd57c2a2ed977f6139e62b9c372296ba229e3befff76eb29efc0855f1a86e4356a827710fc542b839301434056275af243047cde15e8756ddd32edf92b7f00a96f20000d785170c8c6324f49511780fe1fbed6075f840616f561692d0ce0580d3e67a7daae789c57b8f8de728650317d06f3163d6b82a2432625c94e6b4ce52425f13e07af163c4ba56e9cc20b4806dc69d95a69d9c42e12f0cd0341e2d051e85cf749186fbb60f867c21d77690fb84506141d0767120cae97cf1c991b03edda0d623cf6d4208fab226914d34143d98a7719c17d72a6843481338a072987b33cc7454ed17045fd95ee765c21ad05fd726737598cb7261f4d755b960cd6d8cc7ed4a8d9d5779ec1c17184a8d4accb84d5594640174e98424e7fef00b6ea8d5249dea01218460997e9f54fff3b9e23e605bc37e2e9da56bbccb928e9f1d5e654424878d705cbbe11784e6426ffefa61383a9cd454cab937f398afba5abf0036cc7d1aa47bfeb946abdef089060aac56fca002620e233be92bd0125e83b5f32246c1bdf1179784b838eb720e2f555b5c1e267864fd0c2160020742a266dcbe15baeecb990273cf37a6004d7f3a58cc4f3e364f1ea3cc4e5955a4c639a80c0880b8d2b8d108813ce3a500e9ab8178e5f29ac136edbf353d822f30cd1abd951357bf468232f53fe836c316cef2eb1b1f026155b3aa4184e8670552820b32d0f8777be533e06f4b50422c952c05dff775540d6e6bba04695ac25853b9b42acf39ea023b4c8671ce80279743f8c7dae1aa1d3a37d6dd1a9d51131f2e659bb5e73f55be84448bdd971fbe60c5bcf5f2ad48f7fff9e8ff84b64fd0e648f81cd39035b0bf0db6c6032d41b04a91fb687dcce96bd9f661d9a3736d6be4a7e7467aaf78efaca5c87371d466f4225ce54664e62ba34777088ad2761eda950c1a51a1e74665f21126793b82232dec662c36387854cef6b5db2c0ffab330a7fd16e04f085e4c2225b0ccc98b5514d5e431ad620e101f5127041ca8c1ab6116075c7d9235463735f9d51667b198023d851a993a7115811e5ddb28cf9282ca66cfe7021118213d8731c945303d3af8ee81735a82c2cb7cc8dc270456e16b1b2ca986f596903652f4e4923a27467154757fe507e83f0dd19174d7645d9c36c36fab7b9939725cdeeaaf8bc3f41ffc2b72079328b58646177c31f9dc5750f91496b67e1cc25f390fe54a878556fea26ce7fe938667a04882065372b73becb26697498107d726a20d09c4f8825d040ceb0b39a7da005ceed84a6f24f611173f22bfb5ea8563c34c6fc8cf0479e78e58355f7b4f8a509c487f9f8ee67a43f5b916c69c2086f638af214c1159572ac8405e0f97861deafb5e5aed2487bfef047481e5e742b563563056e00f181cb32c79e44d88168cd3ed92645dae5ed22289119b097f278175f986d06fe9f7de9c9eca29cab34e215bdd675f74d7506d117e97909cb4bb1c678a43844f80ae308593c4111c1654086d7c83d0142bd1526f64c9a0854299a29cfc96cd1814a6cda346d3f9da3d9e66b45975be339d5acd48dd87017df413c5f8aefec1fdaf116927a89326a9c2bb5e1438b4477e50058befb0c0fbc0a0b3be56a18a4abe53d9e486bb144aa98f115ce88244dd45dfa11220af182c1a71d45dc240b2ac5c8ffb028d30d6a0e87baadc32acba4c69b0ce892f375e3e7e5898221a854c078d5655e9a885a504a8c1059e53dfa48917adeafdcb97342506f6de00cc62eb0b00b598f89355f897ddca2ea79c8efa78cee89aeb92d1070ff067d9b7731a53847584279a5546b6fe0135b660f9c9c77d854a1506d84fcf7126e1939e2ab92a8a8524a419f866936c74ce621d2a77aa94ab539c56f131f5db187893e63eb4b4b8caea413904086606269fdbd313b27eb42bf43d765f251139c9c140af7fd596fceffce28a0a83d57583f14f9588c32bc69e24b3684a93c4bfcf30b852ee4a8aa92b108b2cd26005357ba5a79cfd63731cbf95b73780bc7f83f525294acf45612e8cd1a395311dda8a33ad998ae408572edd566b535287446d5667986d3c6cbba096f0362487d2a3463d12deffc26208535bff0e91d65beb3d4e29c9ddc4f5edad4d0f304702d7833f5eaed1df5dba3a367b25aca910d378b84dc84f926ae9fec247d261817aea07678a3ff22953bc99f3135bff6b8f0f5d7d9b22bbac98a9ea138fdfa240cf19aedf09acfe7e9a881417ae0ce3931e6de87853b783c5745bce8aa4c46f50826b1542632e0567d4d018116728bc64c216a470854e2151cc9a82ed9e22d2d9152a4edcec18e39c8de7350ad4406af409a21371293e0eb620cb477a474d5439fb0fa4e0d5243826ce711a9fd4fd63fb919b018b781448449993318b3065635b7e54b65ac1948bdda3440394cce69feb72b81e587f46739139e2ca54deeebf93fbe5adee2f11c5aca5f0b33af19b7b25d548cd64e7f1d034a04cadc6a635e4944ceaa594cd5f85b15f09d2338cef2250f61a039db0330b931f0f6797c5762739dae6736033f7a5823e25356772165c91b8d92985bf23620caf9fc426496945a7f03514053fa0c10e8c3c3202c079dd6dd8033eb5d6e8adcbe0859415cd470576e91705c643815e20536ed49c733eb002228a7a06aa3de5798227558e968ec212aa7914a6a53bae1a1a94170838b429aa29e49b75bd80b60d56b871ba2f7859635b9c0e883f8b5c392dca60f3cee4a3466af0eabd59690b76da822ae58915366703f8a1282a53e85bf717485c7f6ddcc380908d801b02430bb33a40f391af71aa6f482da24acfdcfb5564a8697992560927c0a57c1ee863b4f63099df4b7cc84d86db7d49098f8ecd9813696c5c5d6d6551cc6d9bbaf6a954f6c0375f042f84536dd1a5374b49beef9c773d44ed30c979c11e53c9c8cb65e1eefac6cc58a83ae3635c1f67989e22246fb7f2202658fa1b02db73622e087d860479e98012f1c1df455b439d63a8c70a851bbb0f3a79f0154a62cf528e9313c90952301c6ed5bf2aec29f105469c6638351c1b68ea95f9522207f6afc861e846c405a7a7e8daf4f9c3d7c4a521bbfe50966bd020c7130c78d04315613fc351d194fb5505b83e3426b180334eeb5ed1df47f394910e4679f87da86827764ba4b5f57a05e77f5246f1edcf6c7a98fe9ed1f2e9451533fba37a4c82b957e15885fcc79cdff0b6cdcb5219cca07ba0570e322611cf6ddcae785ae98866f55d51d32761ca9f99d2bfb8ecb908262f2f46d44d98fa550346a31bf70c8c2a247dbedbf7d267cc1b33adc4c55f6e0d83db8d780bd2a234b768d3ce102b31c0065968d3c3711c7d98550aec4705a87040c1b4b9dd8fd6ad766f3441b8f948f9f3d16f3ce719ecb3808561", @typed={0x4, 0x7}, @typed={0xc, 0x3a, @u64=0x5}, @generic="d22f3cea87360c36508a707482f6076820c548ccfc028c9b8dce87dfd62a809d67cc8af68fd60958e39ee4a53f6997c843694056b02c86dd8bd1d753079c812a20d1582472924e0e622466bf490d833d9ba9fd70d6894429fb4e0bf48963a4748d8d5efe17", @typed={0x14, 0x4f, @ipv6=@loopback}]}, @nested={0x28, 0x8d, [@typed={0x8, 0x89, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="2d49ec0980c5b576517458b68b15dc49e2059efd0b9324bbb227dcee"]}]}, 0x12a4}], 0x4, &(0x7f0000003100)=[@rights={{0x28, 0x1, 0x1, [r23, r24, r3, r25, r30, r31]}}], 0x28, 0x8c0}, 0x4000000) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 397.340450] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1801 sclass=netlink_route_socket pig=20853 comm=syz-executor.3 17:46:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f00000000c0)={0x1, 0xd4, "d2d02600b53a42bd3775d709d0454844904b65463e5e27977563c92af82e74673432521b2cb098e7159dae1e013b91c301fe561e3d8ddd058211ce1104affa36759d346c664acdd49c55f6db69c2c0e2ef200de19f65981dc58ddd66c454fb6c1ec8b681a3e027cc50569a38e1cadbdf3298305057768200b905dbcb9022a0d2be1e2fd4a95c811f092b5f8df738427ba83cec6df14a482b2321e2eed3d99692a4f2469e2a9be361bbe58b77fc5d07d989e7353d747b47e70d75a54bf2b4b8e41921332d0273ac2c7625c817b8e8c4792407b62e"}) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x5, 0x0, 0x0, 0x5, 0x0, 0x3}, 0x818c730464ba7cb9) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) chdir(&(0x7f0000000240)='./file0\x00') r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r6, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x220008}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="28010000050200042bbd7000fddbdf250a00000914017a0047799d42ad1a9d2f5beffb43847c002f3d3c04af83c25101df23721504e52aae3a6f56158a64942066b23388f321908c84bee138a62e3a83ead4e0993dfb02423b146c10a7ca123133e3e935c090f69852451d0738b3b833064f11366f1e8ed781eb32ccb32d8e98efaabac051efb83c13437c7c2f9e7d777fafca3f0a08004600", @ANYRES32=r1, @ANYBLOB="08000200", @ANYRES32=r4, @ANYBLOB="ce98259dedd6f5a385e6aaade70712cc4be4d842e137abc160d34cc333885f91ef18cd54e937aae114cba3bf50ab95745550969dace72a9af656d66fcc4585aa2b7b127cb304a0187c4d61958da33cc1fea3e645e65b11d018cf2040d19e7343a2c6fb2ce7d6f3392f0a6ce2164eb2a4142f46a28dcf3668d808001900", @ANYRES32=r6, @ANYBLOB='\x00;'], 0x128}, 0x1, 0x0, 0x0, 0x8000}, 0x0) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r7, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000400)={0xfff, 0x0, 0x1, 0x63}) ioctl$DRM_IOCTL_AGP_BIND(r7, 0x40106436, &(0x7f0000000440)={r8, 0xffffffffffffffff}) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:30 executing program 1 (fault-call:17 fault-nth:18): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_NET_SET(r1, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xdf84ad4cfb666a23}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x40, r4, 0x400, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x2c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x101}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xdb18}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}]}]}, 0x40}, 0x1, 0x0, 0x0, 0xc0000}, 0x20000000) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 397.719394] FAULT_INJECTION: forcing a failure. [ 397.719394] name failslab, interval 1, probability 0, space 0, times 0 [ 397.730821] CPU: 1 PID: 20878 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 397.737863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.747231] Call Trace: [ 397.749835] dump_stack+0x138/0x197 [ 397.753478] should_fail.cold+0x10f/0x159 [ 397.757641] should_failslab+0xdb/0x130 [ 397.761630] __kmalloc_track_caller+0x2ec/0x790 [ 397.766314] ? kstrdup_const+0x48/0x60 [ 397.770221] kstrdup+0x3a/0x70 [ 397.773419] kstrdup_const+0x48/0x60 [ 397.777142] alloc_vfsmnt+0xe5/0x7d0 [ 397.780860] clone_mnt+0x70/0xee0 [ 397.784321] ? is_subdir+0x222/0x389 [ 397.788044] copy_tree+0x33b/0x8a0 [ 397.791594] copy_mnt_ns+0x11c/0x8c0 [ 397.795331] ? kmem_cache_alloc+0x611/0x780 [ 397.799664] ? selinux_capable+0x36/0x40 [ 397.803735] create_new_namespaces+0xc9/0x720 [ 397.808326] ? ns_capable_common+0x12c/0x160 [ 397.812759] copy_namespaces+0x284/0x310 [ 397.817696] copy_process.part.0+0x2603/0x6a00 [ 397.822311] ? proc_fail_nth_write+0x7d/0x180 [ 397.826996] ? proc_cwd_link+0x1b0/0x1b0 [ 397.831079] ? __cleanup_sighand+0x50/0x50 [ 397.835319] ? lock_downgrade+0x740/0x740 [ 397.839497] _do_fork+0x19e/0xce0 [ 397.842955] ? fork_idle+0x280/0x280 [ 397.846696] ? fput+0xd4/0x150 [ 397.849896] ? SyS_write+0x15e/0x230 [ 397.853616] SyS_clone+0x37/0x50 [ 397.856983] ? sys_vfork+0x30/0x30 [ 397.860535] do_syscall_64+0x1e8/0x640 [ 397.864425] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.869286] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.874472] RIP: 0033:0x459a59 [ 397.877667] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 397.885383] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 397.892659] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 397.899934] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 397.907209] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 17:46:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x5573000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 397.914501] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) pipe(&(0x7f0000000140)) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000100)={@local, 0x2, 0x1, 0xff, 0x1, 0x4, 0x2}, 0x20) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:30 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x3, 0xe945, 0x9, 0x1, 0x8}, 0x14) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0xfffffffffffffebd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:31 executing program 1 (fault-call:17 fault-nth:19): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0xffffffffffffff45, 0x1, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 398.638829] FAULT_INJECTION: forcing a failure. [ 398.638829] name failslab, interval 1, probability 0, space 0, times 0 [ 398.650298] CPU: 0 PID: 20924 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 398.657343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.666707] Call Trace: [ 398.669309] dump_stack+0x138/0x197 [ 398.672955] should_fail.cold+0x10f/0x159 [ 398.677128] should_failslab+0xdb/0x130 [ 398.681125] __kmalloc_track_caller+0x2ec/0x790 [ 398.685814] ? kstrdup_const+0x48/0x60 [ 398.689723] kstrdup+0x3a/0x70 [ 398.692943] kstrdup_const+0x48/0x60 [ 398.696681] alloc_vfsmnt+0xe5/0x7d0 [ 398.700413] clone_mnt+0x70/0xee0 [ 398.703879] ? lock_downgrade+0x740/0x740 [ 398.708043] copy_tree+0x33b/0x8a0 [ 398.711604] copy_mnt_ns+0x11c/0x8c0 [ 398.715334] ? kmem_cache_alloc+0x611/0x780 [ 398.719674] ? selinux_capable+0x36/0x40 [ 398.723750] create_new_namespaces+0xc9/0x720 [ 398.728256] ? ns_capable_common+0x12c/0x160 [ 398.732676] copy_namespaces+0x284/0x310 [ 398.736759] copy_process.part.0+0x2603/0x6a00 [ 398.741363] ? proc_fail_nth_write+0x7d/0x180 [ 398.745868] ? proc_cwd_link+0x1b0/0x1b0 [ 398.749954] ? __cleanup_sighand+0x50/0x50 [ 398.754205] ? lock_downgrade+0x740/0x740 [ 398.758366] _do_fork+0x19e/0xce0 [ 398.761829] ? fork_idle+0x280/0x280 [ 398.765554] ? fput+0xd4/0x150 [ 398.768756] ? SyS_write+0x15e/0x230 [ 398.772483] SyS_clone+0x37/0x50 [ 398.775866] ? sys_vfork+0x30/0x30 [ 398.779425] do_syscall_64+0x1e8/0x640 [ 398.783340] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.788198] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 398.793395] RIP: 0033:0x459a59 [ 398.796590] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 398.804323] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 398.811610] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 398.818897] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 398.827215] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 398.834498] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3897ebb4ac00010700"/20, @ANYRES32=r4, @ANYBLOB="00000000000000000300000008000100627066000c0002000600080000000000"], 0x38}}, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000001400), 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x5c, &(0x7f0000000000)={&(0x7f0000001400)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x8063}, 0x28010) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r7, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) recvmsg(r8, &(0x7f0000001340)={&(0x7f00000002c0)=@xdp={0x2c, 0x0, 0x0}, 0x80, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/13, 0xd}], 0x1, &(0x7f0000000340)=""/4096, 0x1000}, 0x8000) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000001380)={@mcast1, @local, @loopback, 0xb4, 0x7, 0xffff, 0x400, 0x74b7, 0x100200008, r9}) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) r10 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x181000, 0x0) ioctl$VHOST_GET_FEATURES(r10, 0x8008af00, &(0x7f0000000100)) ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000000)={0x40, 0xa964, 0x3, 0x3e, 0x2, 0x3b, 0xf8, 0x5, 0x3ff, 0x5, 0x9, 0x8}) r11 = openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x2002, 0x0) ioctl$IMGETCOUNT(r11, 0x80044943, &(0x7f0000000180)) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r7, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000140)={r8}) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f00000001c0)={0x0, 0x2}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f00000002c0)={r9, 0x1, 0x20}, &(0x7f0000000300)=0x8) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200001e, 0x12, r10, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000100)={0x0, 0xfffffffe, 0x47f, &(0x7f00000000c0)=0x1}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 399.169216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=172 sclass=netlink_route_socket pig=20939 comm=syz-executor.2 17:46:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x4000000000001db, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000100)='SEG6\x00') sendmsg$SEG6_CMD_DUMPHMAC(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000510}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x38, r5, 0x8, 0x70bd27, 0x6, {}, [@SEG6_ATTR_DST={0x14, 0x1, @remote}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x400}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x81}]}, 0x38}, 0x1, 0x0, 0x0, 0x20004854}, 0x4000) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 399.252236] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=20942 comm=syz-executor.3 17:46:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x2, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c7465720000000000000000000000000000000000000000000000000000b1000000fe07ddbe2463a2fa89393c043f344ce3459b1b16cceea93c7295f8dc4d79cf920e3d10e8c3a9965a0561bb6e1b5ec2f1d7f2877721ae08aebaaea092414055b40f06c3e2f2ae03139750ee9d5c9cb4ad0fc84a444a728e6e0b43c9b405c0e35e63581a0a3b92c20f7edeab9c9e7020324c8b8c5921a491d1c10d24847a6f7d7843ec1fe8280dfaf644c29be2110500000000000000a55685d13f83cda0b7f8d3f31d51b753467c5836637c0801d4620ea3"], &(0x7f00000001c0)=0xd5) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 399.347268] QAT: Invalid ioctl 17:46:32 executing program 1 (fault-call:17 fault-nth:20): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:32 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:32 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x16403, 0x97) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, r3, 0xf01, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80004000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x80, r3, 0x800, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x6c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2c}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vxcan1\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x3}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr="9a6d30b6835cae56df3a150c9b2ccaa6"}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @dev={0xfe, 0x80, [], 0x25}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'hsr0\x00'}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) setxattr$security_smack_transmute(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='security.SMACK64TRANSMUTE\x00', &(0x7f00000001c0)='TRUE', 0x4, 0x1) fcntl$setpipe(r5, 0x407, 0x0) setxattr$trusted_overlay_nlink(&(0x7f0000000240)='./file0\x00', &(0x7f00000002c0)='trusted.overlay.nlink\x00', &(0x7f0000000300)={'L+', 0x7}, 0x28, 0x2) bind$unix(r4, &(0x7f00000000c0)=@file={0x3, './file0\x00'}, 0x6e) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 399.521403] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pig=20958 comm=syz-executor.2 [ 399.566432] FAULT_INJECTION: forcing a failure. [ 399.566432] name failslab, interval 1, probability 0, space 0, times 0 [ 399.577906] CPU: 1 PID: 20972 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 399.584940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.594307] Call Trace: [ 399.596911] dump_stack+0x138/0x197 [ 399.600555] should_fail.cold+0x10f/0x159 [ 399.604722] should_failslab+0xdb/0x130 [ 399.609583] __kmalloc_track_caller+0x2ec/0x790 [ 399.614270] ? kstrdup_const+0x48/0x60 [ 399.618166] kstrdup+0x3a/0x70 [ 399.621373] kstrdup_const+0x48/0x60 [ 399.625108] alloc_vfsmnt+0xe5/0x7d0 [ 399.628837] clone_mnt+0x70/0xee0 [ 399.632287] ? lock_downgrade+0x740/0x740 [ 399.636449] copy_tree+0x33b/0x8a0 [ 399.639985] copy_mnt_ns+0x11c/0x8c0 [ 399.643704] ? kmem_cache_alloc+0x611/0x780 [ 399.648010] ? selinux_capable+0x36/0x40 [ 399.652164] create_new_namespaces+0xc9/0x720 [ 399.656648] ? ns_capable_common+0x12c/0x160 [ 399.661043] copy_namespaces+0x284/0x310 [ 399.665108] copy_process.part.0+0x2603/0x6a00 [ 399.669713] ? proc_fail_nth_write+0x7d/0x180 [ 399.674210] ? proc_cwd_link+0x1b0/0x1b0 [ 399.678294] ? __cleanup_sighand+0x50/0x50 [ 399.682541] ? lock_downgrade+0x740/0x740 [ 399.686703] _do_fork+0x19e/0xce0 [ 399.690254] ? fork_idle+0x280/0x280 [ 399.693980] ? fput+0xd4/0x150 [ 399.697178] ? SyS_write+0x15e/0x230 [ 399.700905] SyS_clone+0x37/0x50 [ 399.704296] ? sys_vfork+0x30/0x30 [ 399.707850] do_syscall_64+0x1e8/0x640 [ 399.711745] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.716612] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 399.721805] RIP: 0033:0x459a59 [ 399.724995] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 399.732709] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 399.739983] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 399.747261] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 399.754628] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 399.761901] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x202000, 0x0) write$P9_RLERROR(r3, &(0x7f0000000100)={0x11, 0x7, 0x2, {0x8, '/\x89vmnet0'}}, 0x11) [ 400.138331] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pig=20977 comm=syz-executor.2 [ 400.166564] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1 sclass=netlink_route_socket pig=20989 comm=syz-executor.0 17:46:32 executing program 1 (fault-call:17 fault-nth:21): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:32 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) setpriority(0x2, r0, 0x3ff) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="e1ff000000000000280012000c00010076657468000000001800020014000100000000002f5eeeee", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) accept(r4, &(0x7f00000000c0)=@pppoe={0x18, 0x0, {0x0, @remote}}, &(0x7f0000000140)=0x80) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:32 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x606040) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f00000000c0)) open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0x1, 0x200) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r3, 0x6, 0x1d, &(0x7f0000000300), &(0x7f0000000340)=0x14) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) write$UHID_DESTROY(r4, &(0x7f0000000100), 0x4) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) fsetxattr$security_evm(r6, &(0x7f0000000140)='security.evm\x00', &(0x7f0000000180)=@sha1={0x1, "d09f8c26c38f6b53c33aa8b5b3599a2bb3a2c531"}, 0x15, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 400.546010] FAULT_INJECTION: forcing a failure. [ 400.546010] name failslab, interval 1, probability 0, space 0, times 0 [ 400.557557] CPU: 1 PID: 21021 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 400.564616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.564623] Call Trace: [ 400.564643] dump_stack+0x138/0x197 [ 400.564661] should_fail.cold+0x10f/0x159 [ 400.564676] should_failslab+0xdb/0x130 [ 400.564689] kmem_cache_alloc+0x2d7/0x780 [ 400.564699] ? find_held_lock+0x35/0x130 [ 400.564711] ? copy_tree+0x4a2/0x8a0 [ 400.576688] alloc_vfsmnt+0x28/0x7d0 [ 400.576701] clone_mnt+0x70/0xee0 [ 400.584457] ? lock_downgrade+0x740/0x740 [ 400.584473] copy_tree+0x33b/0x8a0 [ 400.584489] copy_mnt_ns+0x11c/0x8c0 [ 400.596756] ? kmem_cache_alloc+0x611/0x780 [ 400.596770] ? selinux_capable+0x36/0x40 [ 400.604177] create_new_namespaces+0xc9/0x720 [ 400.604187] ? ns_capable_common+0x12c/0x160 [ 400.611776] copy_namespaces+0x284/0x310 [ 400.611792] copy_process.part.0+0x2603/0x6a00 [ 400.611810] ? proc_fail_nth_write+0x7d/0x180 [ 400.611818] ? proc_cwd_link+0x1b0/0x1b0 [ 400.611836] ? __cleanup_sighand+0x50/0x50 [ 400.611849] ? lock_downgrade+0x740/0x740 [ 400.619105] _do_fork+0x19e/0xce0 [ 400.619119] ? fork_idle+0x280/0x280 [ 400.619135] ? fput+0xd4/0x150 [ 400.627499] ? SyS_write+0x15e/0x230 [ 400.627517] SyS_clone+0x37/0x50 [ 400.636380] ? sys_vfork+0x30/0x30 [ 400.636394] do_syscall_64+0x1e8/0x640 [ 400.636404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.692225] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.697399] RIP: 0033:0x459a59 [ 400.700657] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 400.709314] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 400.716566] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 400.723839] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 400.731100] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 400.738352] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 400.832375] device veth99 entered promiscuous mode [ 400.838708] IPv6: ADDRCONF(NETDEV_UP): veth99: link is not ready 17:46:33 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) r3 = add_key$keyring(&(0x7f0000000380)='keyring\x00', &(0x7f00000003c0)={'syz'}, 0x0, 0x0, 0xfffffffffffffffe) r4 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f00000000c0)={'syz'}, &(0x7f0000000900)="585ccbc4ed83b836c1a6474914dc5500b66147b3c7218a91690000000042e3d35228897501f93191b076ac446ff0022b8753a1fa74ff569f435fb3bae96efb74b50ec93c2db8eae3198a29e5c0cfc60000ce0637cef580b4ec24c53d86571ff5ff70e48884ca000018cea71fcfacf40d32e4b58a8d2725561f6110fd7b06f90b5274cc5c1e298a16324fe27da2a9d5ba9ff33c1e8e036e5031949762d009d308bd73f477252d0000000000004000000000000000000000000000000000195e23", 0x395, r3) r5 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f00000005c0)={'syz'}, &(0x7f0000000100)='\x00', 0x1, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000000)={r5, r4, r5}, &(0x7f0000000700)=""/243, 0xda, &(0x7f0000000500)={&(0x7f0000000580)={'rmd320\x00'}}) keyctl$get_keyring_id(0x0, r4, 0x80000001) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:33 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) openat$cgroup(r3, &(0x7f00000005c0)='syz0\x00', 0x200002, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x30, 0x2, 0x0, 0x4, 0x3, 0x0, 0xf}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00') sendmsg$TIPC_NL_NODE_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x15000002}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="80010000", @ANYRES16=r4, @ANYBLOB="000128bd7000fddbdf250d000000000101002c0004001400010002004e23ac1414bb00000000000000001400020002004e22ffffffff00000000000000004400040020acb8aefafe5d3e8ae5e4d20001000a004e2000000001fe8000000000000000000000000000180400001f000000000a004e2200000001fe8000000000000000000000000000bb080000002c0004001400010002004e20e000000100000000000000001400020002004e207f0000010000000000000000080003004b0f0000100001007564703a73797a32000000000800030002000000080003000100010038000400200001000a004e2300000002fe800000000000000000000000000021ff0000001400020002004e22e000000100000000000000002c00020008000100400000000400040008000100431d000008000100040000000400040008000100ff070000400004002400070008000200ff0f00000800030003000000080002000000000008000300070000000c00070008000400060000000c"], 0x180}, 0x1, 0x0, 0x0, 0x4000000}, 0x1) socket(0x840000000002, 0x3, 0x200000000000ff) r5 = creat(&(0x7f0000000580)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x98428d57a99b5f44) io_setup(0x4, &(0x7f00000004c0)=0x0) io_submit(r6, 0x237, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r5, &(0x7f0000000000), 0x377140be6b5ef4c7}]) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r10, 0x0) io_cancel(r6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2, 0x7050, r7, &(0x7f0000000440)="4cbeb2cb6f41535097820bd797f497c87287da790af880f212ac2a2c311226fcb1a7d0a7d9fc920e3abd6b092080966f17fa428199fb452e0b3036d825933cde5aae657d7510f6e8d4c5fe66c263df5956a0e83fcf4c557fec2f56a6c54d21576c40963dd9ad83c65c5504b68649a8d85e207b6baedee8353ddeb368b7bf437c3306cff46b1f078b50eadcce228246fd83526c1c1c8ddcad9eb5118e18e0e7b0c84cba8cf9fc0b60a58135607cc82c66f77ac3923e3cd064dd4ac3cbbe6787ab13309d58c2abab300cb6248a0328d163196997e5e9340ee17954524d17122fea7da95e7a4fbe4a6d4bb82070d86d792d14d3af94f8ba1dba5ccdf1ccddfe", 0xfe, 0x2, 0x0, 0x2, r10}, &(0x7f0000000240)) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:33 executing program 1 (fault-call:17 fault-nth:22): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() ioctl$BLKFRASET(0xffffffffffffffff, 0x1264, &(0x7f0000000000)=0x80000000) sched_setattr(r1, &(0x7f0000000040)={0x30, 0x5, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000000000), 0x4b0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, &(0x7f00000002c0)={0x0, 0x0, 0x2080}) 17:46:33 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 401.535264] FAULT_INJECTION: forcing a failure. [ 401.535264] name failslab, interval 1, probability 0, space 0, times 0 [ 401.547143] CPU: 1 PID: 21067 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 401.554166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.563535] Call Trace: [ 401.566141] dump_stack+0x138/0x197 [ 401.569788] should_fail.cold+0x10f/0x159 [ 401.573950] should_failslab+0xdb/0x130 [ 401.577941] __kmalloc_track_caller+0x2ec/0x790 [ 401.582626] ? kstrdup_const+0x48/0x60 [ 401.586523] kstrdup+0x3a/0x70 [ 401.589721] kstrdup_const+0x48/0x60 [ 401.593441] alloc_vfsmnt+0xe5/0x7d0 [ 401.597168] clone_mnt+0x70/0xee0 [ 401.600638] ? lock_downgrade+0x740/0x740 [ 401.604810] copy_tree+0x33b/0x8a0 [ 401.608383] copy_mnt_ns+0x11c/0x8c0 [ 401.612107] ? kmem_cache_alloc+0x611/0x780 [ 401.616439] ? selinux_capable+0x36/0x40 [ 401.620516] create_new_namespaces+0xc9/0x720 [ 401.625040] ? ns_capable_common+0x12c/0x160 [ 401.629472] copy_namespaces+0x284/0x310 [ 401.633552] copy_process.part.0+0x2603/0x6a00 [ 401.639142] ? proc_fail_nth_write+0x7d/0x180 [ 401.643652] ? proc_cwd_link+0x1b0/0x1b0 [ 401.647736] ? __cleanup_sighand+0x50/0x50 [ 401.651989] ? lock_downgrade+0x740/0x740 [ 401.656255] _do_fork+0x19e/0xce0 [ 401.659727] ? fork_idle+0x280/0x280 [ 401.663452] ? fput+0xd4/0x150 [ 401.666657] ? SyS_write+0x15e/0x230 [ 401.670389] SyS_clone+0x37/0x50 [ 401.673758] ? sys_vfork+0x30/0x30 [ 401.677309] do_syscall_64+0x1e8/0x640 [ 401.681213] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.686071] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 401.691266] RIP: 0033:0x459a59 [ 401.694457] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 401.702173] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 401.709451] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 401.716735] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 401.724019] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 401.731387] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000300)='SEG6\x00') sendmsg$SEG6_CMD_SET_TUNSRC(r5, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c, r6, 0x0, 0x70bd2a, 0x25dfdbfc, {}, [@SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x1}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x7f}, @SEG6_ATTR_SECRETLEN={0x8}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x800}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x14, r8, 0xf01, 0x0, 0x0, {0x4}}, 0x14}}, 0x0) sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100010c0}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x88, r8, 0x302, 0x70bd2a, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x800}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x2}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x32}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x4}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0x1d}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffffe000}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}]}, 0x88}, 0x1, 0x0, 0x0, 0x800}, 0x4028000) [ 401.955837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pig=21080 comm=syz-executor.2 17:46:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x2, &(0x7f0000000140)=ANY=[@ANYBLOB="850000faad744ab548e979a8095163bc00000000002500"/37], &(0x7f00000005c0)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195}, 0x48) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) recvfrom$ax25(r3, &(0x7f00000002c0)=""/4096, 0x1000, 0x8cb8a18975fdc842, &(0x7f00000000c0)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x3a) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:34 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f00000002c0), &(0x7f0000000300)=0xc) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}}]}, 0x74}}, 0x0) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f00000000c0)=0x0) ioctl$UI_GET_SYSNAME(r0, 0x8040552c, &(0x7f0000000140)) sched_setattr(r5, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x10000000000, 0x0, 0x6}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x117, 0x5, 0x0, 0x707) 17:46:34 executing program 1 (fault-call:17 fault-nth:23): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x202100, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r7, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) sendmmsg(r3, &(0x7f0000005100)=[{{&(0x7f00000000c0)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth0_to_bond\x00'}}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000140)="fc27072493c24702fd3ebb0b32a80c5a4fa509688ca9d483fecedc4f80ed1d040861a32572be9c7f6a3b33aa89c41bc7c73c7dd9fda057074fd5d06a7b0fde800da4c70b1da07c5e6671828f5b93d646e7bb498e9dfcae8abb3a19067132d28221313c8282fd358d0d47008f96637012cb2cb7b2a82195b6c447698abbc7577cdbd7797ebc087faf08fd", 0x8a}, {&(0x7f00000002c0)="d8f05bacf1fe1e9484f40ad65703e98c1994c6de178475b706395a49d8219ce6d3d65b767a7c8563ff304c334086079d29cb56e96cc557b33b28c01ef617d45a995bff0a63f698199616d9cef4d338db219d11e2888788c55481a7f69fef34143f599d102a7055779170a7fefbb49e80e0aa12203768ef65d450b922", 0x7c}, {&(0x7f0000000240)="06df", 0x2}], 0x3, &(0x7f0000000380)=[{0x60, 0x117, 0x80000000, "670ea595dfffd81f0b64633ebb1d03cb655c4fdd387003fd3d93236a8eaeca2b080f2fcf10d9d56fbfaf14db9bfa6233129d7ff10e2646e0254a134e6318db9ac2d020826b6f6232ab68"}, {0x78, 0x0, 0x8, "814eb708adfac4a7f26428d9736a69f6700ad0a5102275c8a72a727a83987cf54353407d18d91e3c2fc190c3d09b2a0362a558b8c03897d00857d6dffab85faf2f652c2954a75f2db20c843f7b54861ad9582d2754729e40dc7e10e8e18505aca49234574bed"}, {0x28, 0x110, 0x3, "60dba100bb92284e2c9be033987582f635"}, {0x90, 0x0, 0x5, "612b32686b7b04aa0d0b82798db00e3031190246548d7d5a481a4c7a2f2cd275b75f4347b63011a0ca5620a6a70f5325ec99ce86602219e302fbb01332ac081fe75fa3f8dca2cfe4826316b98adb350c36a77eb6481259142ad713a57e5a430670059d99a6f832b90828274851096e4a83a71c20c58bd3fc0c072e67db"}, {0x88, 0x10d, 0x1, "a52c64ffdb9ceeedf53a31a6744a0771fc17724a9912a6815904a520bd4e71e1fa774090bebe1c249a1683e54df04254674bf4d2e90fc908b27cd990ebb1e8295fe1b4a72e42a3e7b08d20b2d28b004fbc0a36e5a9663ad7405e61dd26224e3dd6faf6ebb5a2380d7feedb8a0f7e7026f4c569805116"}, {0x1010, 0x84, 0x7, "4f2099acd275503787a9e3e70168a93e58b6b914b8ac5afd6fecb219e4309570db6a7047012d0e125f4eabacc82a36e030ee9b7b472f478aaab00fe8aadf3783a2a7b221e11d5f40fcb3224cf84775f20a14b43e79b5ece1b99eeeb002bfe87a903619145c49e59527c9f3d364edfd128e5546be8eb8b1914cb200c463f208706a6d22f9be5b2bc4c6abc1310da4fe09c997f3ada5c8f7fc240a427f49b9c72111f20e45fb46b91fd8f5b347032f972c0ec6a3a99a59def5ba99ee55af23eebd742a34176369928812e35bdea3ba96242389a70c561b16511a8490bca231107132d3dd101be0bd6fbc53a43066a06716f53626ac456608a9a9f23d2f6836315e8b9572d827f622b2270f83ffa7d5c411267cd2a63011f0a5bea1823b1528bc1cdc98923824a18ddf021c91444e3b7b835e8fb52c7c90c13dab70ae874ec8e6c9097e1b365b7bc8bd0da0e6c64c37d30e442ddd419e424891a9682f27f70652f86c98c5c36eabceef270d2b6b0a4ad935f5c062ec8914a929ddddfa05742f431db836659ae37b528018add419a765edb9849d1a2b18a6bacebca24e90158f0714c2537228b9dc6f75b36d1d9b947491dac68f4c514b6b4b56b97eeee6010b57be7460d011f31d00fb157f24c152bb2a1d2450e5c4ddcbe06010d3ed029f1960c288226443fb43105183c0f9dbc4142e28e47c6cf0b79d3ac215dd10f3a2489bde5685f5e4c86a001f2c8f3f2e71bc9e7c525d7f81a130a99f8cb8fb35e7d135a6c6cdaa144a17c27ec571730e3c64e5c752c242f973fce1eb40df42b3938b127679494457648a0fb01836802cf774bdab328ad0315e56432811a61b9236b7fd222eded9afb6ef7ad03a8c50308fa145aaaf26ad7d6fc8a83edcda270f9ba0bab5a06607631a982708778989c230aa10740c54b1adc92b06fc3127957ff8dee98f6137befb4978e6b782dfee47d88b8212297791ecdda6bd2914a11d1f5a7cef2110e0a4a99b3101721fad5252d3fe1de514ba1e5fcaa5ae4dad154488b45a2c958a4749a41f098fa60cd204fba69d2229597bd0090cf23f355cc54043948b353f1af2c2683670bd12b7c92414223974a9a4f92e8f3ea75fbab81be5ef51607a12a68775e2eb34b9bb82e7969eef7df5592f6dd901306069dc03562e163f4dd6179a30d25eda316c9d3fe510a953faa208ad9ff58abd6d34b9a25665e86329d34941a563f72880086b3794a5c268fac8239f01850ac1a7943971bdc866594bbd2143425fd21efda8ab5a6d1e754b17231945559284f4dbd5d3792510d78b16731af3278a0d2891e8139c17eee1b6cced2ebd3e785d3e920a9020b106e64e2a83eeabee3a0097ac95e536400c286934b2e4e272cd2ebe445ade4f19b2c682171cd61b795402da1c25c6fa822feceea214b033a473624bdad84c485b621a8aaeb2e57dcca48ae57c68f2a27a61d4b72566fccf67430ed481c77691a6b0261f79f8e809750b22ad3fa3753adcdd37ab7c7d9f638c4b53aecb94ca8e70e936b750407e7b93b1d54441b2ec9cfc31f32a6e75ba94072089fb14f3827b50d8b2f2eed9f88ea284bef4be8c6149e284d7a501a525a7c0270428d11f952332c98d939ea18ff04a16cf2183255aaae4cb04ca3f1310e4853bd2cfffe9e98a9d20b2015e8e9d6289acf60e038bee09fa52084c49c2a6a4c359e9636cbaf9bab7aa2599b3ef1b0c96ed2f4db862451c70e1958793d53215596baac940ea71bf5e50a8c924e9524ae9d6e7c7e64dd167d9dce271928c282acc261e2de11856ee900128cbd73275e7f2a0bcda31925a2b37a33aa50dc0db5c0eb88130a3a57d94c099bb51a74776dd7411de3fd5f3e624e3f884243d5e0da327d4d6c85b8c508b7f659192d71207e7ac316b5c3d72a19c936b90d4da7a9afa4c9dbdc884770eb2dc3fc67f60ae90ac567057fab926aa4b9f64faec66977ef2bd32c3665478447c2ed2d63720144cad1ca31239e18da27cbad0b90b88f7d0fcca4b46308b5f28b0d9fb0b51a056ae40b7e316033b9d29cf9b4773aca3663b3d58146a6343bd2e446fe2b5311f92034b08bb81696bd7f18e607a131f61d68e1d92a0afd6e1f1d302e4d63ae144b51875742b8aa872eb45deded49bc0ec3d2ea7dd6ecbc39cb9c6f778b168f9e4ac8050b5d94fb016f5b56edc72b8f4b805efb36050de4ee5c2b20b311df16529fc6cc9960f502dc588dcbda0e903f0038c2ae9aaa3cf2399b44300d7aa7b9c41147a86f829aff2ee2287d3ba6b5334a78745ac5a0f7c45358abafcffadf63e86bff7679ed6823930771a8813b1f7ece55d7ef7f06444d8c130b850fcc68474e44fa1f3fddfdf0209c9b3215a667d52b4bf77d9f86f51ddceac1c1366f0880a4c067363ae9f9088e377fc25e1cc2679c65bebb56141df2af6bd1879a74e3962869cf5dec2160928efa40610c84688b7d74539c4720de4538901fb2458ee0db1c0f1c7d83361c232fb3b9cb8cde9a179f454999eb047fa89925b76e2ff90d5fa4e8aa0b853d37dce4e8bc3c04a81fdb1bb8a5143a99e3dbc6a10b06d19010b6be3d41285a18f9d96b02ade23edc7a5843b5c11c53441d8911837483a0d49b227d955d714c0926ab6706b1b1cddba1b0d28693e46ad1657910b451117d5e3362a661c6f374c16eaaed78fb5f2a03a5203ff611b0620200726dfae0bda22cf029e335c3bf209cfa41acca8549b4980eac1d2f1f3c9c7d3a83b8f5a543286ecf95465bca7240a63cc8f4f6f48af7ff7c56384e600bf016b6715fff12ad964a74b872856084226b83b9851a109b8dea23aa0fa048eb211857c5ea1342135e29f7da8cc23f256688446c6e12b7db5f511f996a891ee91247a924d9224ec75b3d83b42d0a2955081c64a3627bb2b122a723d79618ac7f8cdbe37c08c7ccf32a300b21d44bfd559fe2b08a8945b9e10e72c216d4272f1a42650657f88842cc3fa28a8e93954d186f1bee94a7d5d16270ea9099f6508fcb4828b55076f366294ce45b3ffbaa8b9f420fdc66e86c0b4ed8a8dd7ee2f55d0cf872a65cf708a9be710919f7b006b2bb215704dcdafbb6cacc325bf052b5d45e595d9f33dce10a82b45c41c2bd54d78ebf376c6975e162d0f9dda20a1dbab68013487a902190a6c475c75354b227c4e9f9583a5988c197a3d8a5c9331e4a64ef9a76a91fdc909f2057e62161ff09bf88c92f188862755567b9c5ff1326844fceac5b9611472fd3ee4a67d1b469d1bf59c31b50275c58f49cd41d952019dbb58f69261f141f43f35d26064d5c41556688a0fd7e62764938d98782bb78a627e834867e27f91aa8f7ff6fff5dde25e094b2506e88361ba253cf9ad9ba29d3dd3f281cdeb487ca6f44015b8e4a4572905c15088ff5aa49233f7ac15cbf76e8a0cec63925dba317e362dcdef95f9bbc241da725e25c115f94fad89aeb515dbd711315ff4ee026604f8f67af5764d985a02710578ff8f63a8ea2c86e561d24595149426024a07d1dc6f2e02f2d30486be4ae3b5181e358192cffd0c82ae7935ad3e826ebf9daa844798f39d0c8cfbc78d1f9858c84b855da51da53c866923e911e364bf603a2d17e07c87dd6796b457ee0f69074e9249b184baacbddb6be1a02d9edaf60899ca0167ef68ae758d607b58a5fe7eafcdfa43e3fdf813759b05cfc8a4087a0f8c35885c85c87037f6d484ad54d4ebccada860bc28457508f98b86734c9b709f98361585a79af0d2e8dd7240d324744818227038d1066a88f65d05e2f1fd8e0ebfbfe62162659aadc8e83c2d6066eb8e9b064f8c1d4715fa11023b2eb4e601c3c3a44a992512a7b1579f4f2fa897221ede397fc31a1f0424fe15b2a156b6f491ce06fe9a0b7efacc99618dee4f08b524c8b98e92915db890cac234db8f1a6adf7deda60b2db70d9d212a79a1d8f198de0d6a5940b345b7c3cb922625d3052e31bc88536d4e49eb01a395f9378acf583626d18b2d0d8b25b788378f0257119d8ef89463bbf002083311b7031c7b3d707aad32561ae22df30b09bf4521a79ea5e940cbc34dd60376758cbbf56bc1309a6b97125cddb20164d029283dc8aa3f9aa52ec11b5dfb0cebf3243f29a169e8cd25a10efca5cf74dcca25ea7a2e98cab6d53a5a16b06da467ce5dba735c4b7b0d65f5e62479aefbdec664524abab1a8cdce0d2cb0de0c14460ad8f3614579d9ecea46245f6fd61fbf4353f5dd22222a650e675adf730330d7e8c8563fb862a63ef3eb73993292b893c6c407eb99dab29b12def937c5c05e4d4d89868576b6017890a192e7f5b8b666c3b3fd018bd238e587e1736e51362d3a2e1164ec2897d87e2ec01f313d9ad52f4cd3e82a0dcbb1d1a33ef8aefb5b107df9bc0ef5dae50c29bbc4792633b9fd84b7ac4764429fe9fc0d243279ef0e7f398006d14c65baff67f06e9e70e1f2128ae09976ccd9d08191d598aef2d9659069fa8481174d31b28e2deedf45d60ab9e856d4c56cc77c5ff066efa275ec0d7dea6a2ba042202c177983cf7d3e14a8811a02d32d831764c58b999b7d43a9421f33d59be9009f8f9d757a776de9d924811c3f965e67ade0e97884205caa0609c6f2a720c635b04696737d31d792b17a6eb8cd46ce3831b6f1b5feb2d294fb972d655baf00354c00c54136192d86550dd5595e50c4b4395cb7c43c34eb2c0d085f68be62022caa23f557c4c0603689713b513944c40543df8b6a4d35bfba3cbb95a1c8ad61d77a1580d59a5ccd8a3f5913a048bbf1e984f550eca6a96a8454eac69ba6e226e83d3337c80a777e722c34c64305122cf71f6be8312379c20cbf2add132d7592ad57a928b8b7a724dc00648b47f13214836e5ecf4086c1519b36d812ecfa0dd7e1e705edd99e9846bd57190188f42970c2eabed101ba4f92ca14181ff6a6bec9984448ff3123abf85bf5aba7ef5dfdd9b2aade2942a33c92cbe5e50f75417ebf00d096ae0f19921d01797be69018929bf4ce7afc6cadd747870055e13c1688ba2a83adc357aae5d64c43f776f4caaefabbe6f5cd934e62ca0c936953e03152b1092e1348a10b61935b022dc8a2bbb33f254ed48804be1ea0d43ab948241a90847c68ea1d7f55c0cef14cf54f5c65d099fab12db193b49494934b9ea66129ce4068a0866de08e3890603c0b50894ea4e3b1bb7619bea97de6cfa9596ff45469fe548ef8e916f143aa00a6945a29e716a09f78087acbf7b056203811e28404ff27ef697b878a05ffe88454335dca9942721a80d001fafed11135cbd752818fc575d67cea25c27058bf74bd27a2ff901c8ba369c5dad4c9d29ed1c18514a173de1426e45c6d5631838268d59ece654906eb867d308714febc08090ff76550bbb9d4bb21e6f3803c2a155c30816fe410430bd28f49395cf22828808e622a4b8fb3ae994a846a480abc4ca3301586937690b95fea178bcdc2680b9965c91f70c381e8ef6be547053596b1514ea872166ae8c8b632599f1c312854ca89795aab0b6605e5fb776ee7ade21ae9a021f704b1ee827ac4574baa147a659d689c730feb51d08ed4b1cddd7f09b47040e4aba839186f42341a62364cb1fde7bb3c3522d748ed1ab5f9de1427c43b95794bb12a40f6e9ace4b9672d3370833d6f1bce04acc02ab04db8980c727c433e6a921a5893bbbc9541641b493b33657f9e9a3ad07422cae24c917d927beeae9f364ccd05d488618384b39df318821fb841e88bc97321e8d28b6a0a26ad44796022108059792c7bbf7af3e7aecfcff52a74507816a2dadc501a8e7a"}, {0x60, 0x3a, 0x6, "6965587874c60e859d873189408ac71235918af69826a560df6a85144b5938025f76b7696852f5dd7c1eb2a730e5889e24134c63f6b14901087498c1ff6e24590522ecdac90bbc4a78"}, {0xc0, 0x101, 0x7, "8d0df9560ca8d567ca303f2fc22a761f635db58cfc1fdeee2a8908c538bd95d72c529ab8f61aa24add0b989bf370439f47668c93a8bb57863420acdbf9815e8a32529af666c4d0c048c0a51da89071e62667774189594ced98d9866fc192104b8e2a7b0d8ce6330c13f9c422e715c243ebc75c7442d20ee6b019d1d205fb77cbfe0b3ea3f2010774ec9fb2240be63b69a38d6508f7bf7a443775920f1fef02f7aa9fb558068f43b251174f09332d7d45"}], 0x1348}}, {{&(0x7f0000001700)=@hci={0x1f, r7, 0x3}, 0x80, &(0x7f00000039c0)=[{&(0x7f0000001780)="a88797317a90bfd6f3616a03e934d3659f43d24d8fe7d5", 0x17}, {&(0x7f00000017c0)="fc22b7cb4d59b2144cfe132b599133a7fadca2248b8ea2279c67cef97d0632c89c359fd56b5cd9b401edd7ebe3f531f9ae94ae6814914ffda6ca5346b9a6484429d55f24222a76ea5e7d1b659d08ccf817b1a606de45b15ed381d94562bac2ffb4ef245648b0dbc3e69ebed85f80db9fa1e19c12a502f3106155b1e5ed315b9735e6b3ca85c5a9266b13d860c4c11d36b1040a51171134f83a68423374e48bcd906137d7dae232f1c0b3c766a1e261203d7eeb0f2698e83c78b4ba3941c81a203a8621a5972c0b684710f73e707ace2f861b9ced9fb3530505832d3996d2c9885c9e9f145323245c6da1794e7fe881dbfa7a5225c3fb6532ea38bd056706a78d38360bbbee9685fd3358377883508289c7dc35f5079e19c26be0f3c03e855cf369a91bd29b2321f78c0e850511fb0003212d95e0a2489f37d2731acbda3f09a9e5d3c6f27383c0ff6e5bf415340a7cc0f2b9a83eb9356eee72d0b98bb72d8070ac6083172ba6a53683fce5976ba3ef327852a746a2c55bdf9044112b9e0cc5fe80ccc02c20a6e0516d4a5fb26cb9ac71c2bee42f68a1c9b3c7b8f19644b3027bc9664cb1fcb3e14f8328b8126bd51749c6109eafac8710f94d16a987c0f15953b48aa79dc7aff899e48e46dc3f1fc959801d7270e09b0f2c9feda35f207c74957abbabfee66ed83fae90973d85578c3a22813147484fcaaecdffdc6873eff771a612598e18e6b95efebc87e8e6dadce919cc2c1de0dc82fa8206f47411fa73de667b8265c1aae3859ff20782ceebba3bfbe75f0608392848247e0094e4ef22e76c974e4cf84acf37694c03daa2cea173adce089a5812c6924cfe43caffc3e479e3aa85f5986b4abbed86fb121debd47b4c4e850fa6cdce429d51f5639e9d6c8b68182813a27c795ccd682ff520cf0574932f34d4be70a4871bc1911859b4fdd64622e30659de8c2731e31d8e9e10ab192d6f6c2af7ae12b4d05d6e1acc2dd4cb38ea67e660874af7970cee08089c91fa34519d4c9fbbc059ef9574340e9ab6fe4033e7f7358ac17b40774d67213db2259a840dc2101b6713a7f1c40b2110251c9c59580b2a7a418b6194657d4ad41035f09222802701233212b8f5c8b001fb166f3a71c449ec45ca0a7a4464eee02af9fa0268221814afe808cd2b9e54977317d99afbb32a2c9595e99dcd807c66cb1d61bebd12475e7dba7027516be1495cd9a9b989f631dd0ff9ea8476c61a814cab55189f8c93b22db59be0473a987ade3e2567202132c7c55b512256075f9ea18db8fdf9ca5b42b44bcfe8340a342a79ea475a21a7577e6f13e210d6c523d675f090ee609c3cc8cdfff8ea6fd4bc1f80577ab18798d19de495b1b6f4d9bdbb604d1ee03009acbb67da3ba9378c15cd9b11c6f57dbef3800c2ea44f48e0edba0c79bd24624f98fe3d8933310d911a23b97c8be7360976f26aea3c5f032fe0395aeb2c3a0805923a738ea10b1c266ea428c4c09730e9301f9a07c1599435e77a5a7b33e1aa525f5919e4b7add964e16276a4b5a5014f91f1545e799f0ab1f6e1d195980be24302f5db6295c605406f74d87230bb4dd6f901bc7b76f70f3845bd3275a6d6d66ad3b3d792ffdff988c18e5fb326d87d61367637cca8a362152552b6d925846e295a5b10e9d951b73bf781860d25074af2152a7a1d98d3c2d6d8d59d26b950f47aba1e11bc1126dad689074f589a15e3f9078683ba85f3fd8cbf919acda6ffc02d659fdf81e7a71992772a47c96647f3d386251835436b9e585c1b422e40fbca3c2e980728ef3567a195eb91529ba02bbc2e25256f6c51c0aba1c63de6ebf8122db889a63b47ab7ad05db50593d59321688cdd310b9b901324c3009e5c155de4cfa5f0798a9d358da2cf9e789aaf1bd8dfdd21d4595c0414faa293871029c267116bf805fc4f3dab2cc21bfd6deff0160cbe43803df7fb43501580aac805523b75d71c34cf336bbfc03940d3a1b0189a2056187ee20c4444e769eb875ab58ffb9676e65f3f9ad442b7ad996a8f7421379956f0f1fa87a6d233a1c29fe7cce219925192e4ea44ea3ea32034af47df43462558ca18fc4188ecf558d6b3a57139a277ab353b1f9acd2e95079ecfbf35c720f3f52bfa31a43eaf783118b800c760124e163a71e81d7776d382d505898862a322ba9eabe938c6fb8b770bdb2140fc3d6784fb241d59dc257dcb221eb7987390e3ca9c1f58f23c85378cbe022473069dcd24f4b76db4d31c29f25f116552931cd850b11f1ed9e5167b5ddb1735bf126b71de1bab088b69952f1e5c1013f85fccde03d5e3415c536d8c651c062aa8f8f5a94631d222481322b2f43d446b60353b6b947224f629c8a0a73a93bc07835b6afa796ffd358fe6a9254adf903dffb6df8c88ca44d8dfa48538987f2f029b5765398e315286c08ce742a87a35cfa319b812930e0d5ae15322846052aa561db6ae1ad92f5c18db3a11ae83b889da7eee9ad9eee302e4c2fde354e8bd78f543a3f17b4e0514d4835b7aa6fab726dd071152277990570abbdf4d4fa81ffbbfda7ddd5d40cc5abc0f139c8593c764753624f545ee07b5aa115769e50e65efc5b658a0f682aa1e06ff0bcffc62d388696b66d923f23c2afbd9532b7844348d52601dcf4a7057da0e544187ac66ee2eb3d6eace9996038a18594c1537f65b43fc0b0a8c8467aa112bedd623ca416bafdcbdc9618286783d6db25c37e5b2939a5ac94405e15c0efcc22cb76a7045b22e6c235c3b481b4ec95939a3e14cb9d2f0b9ff67c84a858dc694168bd0485496ec1ef3b163237d0f6e4a8103ddfcc253423a21df8e8f2fc8dd41c6a1145bc434f45b6eb8d604325711695c1f227a9a0b123f6a798511bf4d239cb805b490ed524ded167b3d476b3fff9b7a558f1b69999ff2c021a3a3b95d7a9bf4f9826e845867db0320a3352759c89b44fc08f45b476cd5afd99ca17b2a2650773fed7084dd25258cd74b95217ddbc245af8400151ad34fc97db5ef5d642547724f26ad4e4abe16b5033f8ae81b4112d550ccfeb741106faf13525394bb21e4f47fc9e0591412db6f9ced572086020368720eaf89448f22e25b9785773ee5f240cf852944c4f9eceee51c55937c2dd6a74232c84c5de8ed7e8ecd1963c75754c3cfd3ffa8c9e5e818cb45cb2069cf22e7831736645ac09516e95baa554f31b65da3b5d13907bfa36f5d4b230254be070a67484eef813c78b6d8b25074308da14f05446d592a4811f649060ddb032602403d3e4d0f1d55e8447bb4cb79bec5bf28619738969e69420c783437b1c7b85cef177de3c02fae8592b13b7c648471a4d655ab8bace521eac44ab28a847d0ee94d5a93d52dfcd269c97d529a9b36515f1ebf557fb73bf7db611ba42e80b56ee027c09fcfcd4a0998939261805743d8512671d560c61bb74693a559405a4a65333b5d65d74649dac9330f9270013e8d020f386e708311adfa89bc7e8ac2a139be456c48c95ed216590abe308cac6d8b82172eee99b67a10bed84d27641deedfb0a0d806c95aebc5f1f3a550ac753295bcf80b4e59a114377d5e776ce22392bce31395896765d46188e7753ea732fe16eabe75d78d011ded5fd4f221ce9e3e89c6453152fe3f4ae44778be948b9aa1983d8e118592e3fc3c489aa89f32dae70847c3055e5a8bd9d98a219a0864008f087ffd03724218b58a1d3d68b56ed476eecdc4f9d04596bf248b644a5b71d8a71ac6ee02eb81287aeae9e406c5bdd99ad1ccb4addbbf18562eb7fd04bf5d8cfb5162daaa2e232835250cb837c789d91fdf1d4e2e6631a732f166203046d46a819adc7228cde9b46b6e67a07fa5b3eddd01d2b19438848a576177783eacdceee7e9ac0e6b1996131ce9cc5d494918a8ee8060d2e42da6dac6eac0d22aa0bc1f3fd2d3306ab960de6dc7348ee0fd71327835fd2e06bbd79d31361ad8f5fde3200884fdb298bfce2c5ec1506e04cad1245fd4be2df03d24ebe90a6ceda20b8495f5934c961830fac72533fd13bd89b4f56ac480c1a548eaeda4915331f553f4810b9e66ea79d797614b7c49e76cbe0ab8be9613e6455262c4542d41f5f0b82a9e61183ed309662a6fdfd01bd56a573675ffa95a042c50fa9f7d622e6599d13e7c9f5afa2d4ce5715e81993a30313c70254457407a578def52d6bab7bdf3b42c0d4ac3b673f9ba1317c81db6b0d2baca52796be83706fefbe687d437e5f31940e93e3c1f920713f0bf8233c2931d6d2c915cc7106dad3be7e01db47d5fbecaa05c803fa6d2a844f3c2920d7e662c6bfb0685720e31964100a9b836fa442050feb0c07a45359d773ee94b2bc0d6577fc0855ac7ca69fa621da142b8cb0e9e90773fafe2ecec1c8af49ffba8e2ba1507297275a634259de18be68c1726a2646affe68a26bd8b0ffee9fe2422f0cb9ed776863eefb1fb74e03d6bc3d463be2614f009cfa95588bed3537fb2b3023317be576827285d6f2507a674532749d969f6f2d80d3c386c89be34f6dbc5fdd704cbac2684e61d008ba6714a380cbad539953c002ec45444ed9aa6a5ddf3f720736188a3fc1888af433e51d23c5482000b4393716c3f59eb22882675d071b93daab1f3dabb0bf1cd6ec62b47ee3930c7527bf927e2bfa1ba9cd1631c052a6db42647a3bf3c9d8dd539d9eb26b4f82daeac01d67da062e537ff7ff66b181fd77ae9d43edcb1932cd96e2101954ac2a4ff82346ea76e07d5358390753a8a0f151458b73965bf0fb4d01ac264bb89bc7b0d5ad126684548d79edefdc0f8adc1a5079fd59d771c8855c346e79c1a353efae6c881f87f0b3ba24abb420d9b2c13426789f83850dd8dd746c5e3be3d8a1fa1a43f9b544dfc73bf769f20cecca8513a07621eeb5c9c8dfdddb474abd8882ef7f22bf94cb8c5ead196d82308bdc681f42693444efb9641aa9a964f5ffad21ee9e7d99e00eabb3aeb91156dae30a3572aec5842b9921bc743863b1d27a3d8ffd7520fe82d9335b6383db3e025ade0286a6103c2a03e7e2339f9488b233ad6bde861685355ee83f21087904cf0b4446aa9ff6877534fe88999ec35fa667e404f04cb9429be7d19d12533ec5ee184c80c55c16cafc5cb6f7e7482716a7193ee086ed4def813baa565e25c140d85f7c80723a87856d8acdb537a6ddfdea7782fa805c6589e855df162bdf23b85d0e746f614526588065346d5a59dacd8e34f54f822e1f80137e832c979f4d0ba82bae56cd9b7ab680ec9f430995c582a065be3cef49f71620575835a190ddc9e72d0fa78f995caa1808ba776e64577158fcb912a401a3b834d1da5ecc9696eeacf11aed45201a63007271319a91198bce20257ec3093e24a1bc6cf5333cd4570140269d5d7dc1ebb0fb27952b6c4e4252a5db99bfda3f740c2ce02d3682794ee31012ecede5cc3f1f751060ba154c5e11f2c08c66bb543fbe9bf8f4274bc755c7036effa8daf7c880479880b9e93fa18a6cfbdf9d3a73c66d6a88a11391053d48777bd5cbc951c82b85057333b1b35ff3439eff6b6d0a94fd4790ec18a79edd54abf980623ee9a967b37f01e3b2c133c1b1baaebf59786d430745a1b0b282e22126e5f690c7a983267f6f7e69a93b735750c77617a3488d2d15312cbce785a1822b41c89d593740ed922fdd81d60f578b9a80ef55ec217c3208bc64ac1a18884b1bcded392ca1273d42baa7c328f4c2c2759304f79919cfa7d039bd28f483166888a5392f393b2cda7b854cd31e842f1489c3161c802d56b74d49c4be98fe8ede2f1deadc2", 0x1000}, {&(0x7f00000027c0)="3b590fad6efe76f3e9042018b6b7fac3dcb38bf19cb7c17312c28333b3c3f8fc8e0586d3c9b0da9cff4936c64c9c98aa1b3930c14851731fc686f8285ad76adca555cbc40b", 0x45}, {&(0x7f0000002840)="0e5e34a5bd25e971703b4268bacb6826b478a399f61e47fc9fbd02a7adc07453538b0f9cd1b718581495081651288bf4c1e42700ac62464c9fa0f3cf9d7c939fb50176ce3deb72acec0c5cda43aea13c2c3d149a09f38b607eada78c39ae570191515d214f2e32fa6ccb84bbca58e5c660009e2348c44b", 0x77}, {&(0x7f00000028c0)="606ce76d7a6cd405b401b48bcb495b06f524710249cee70dc60a0624faabc37234342fe77338c16b59473165f5b8432a126dda0e87b5c143152af793a455f61c4b839160a578b8731c1fc8fd143562e145d916dce9450597d872195ce702ebf0cc35023573a4756aafb4c7960d13c35d59baa00f20ee9f691f0da36b58a75c958ce6862d769e7c8021f6cb52182daba82933eb9f71cd793d2c13018017e0c37747e3bc80ac8753bc3f0e4e3a1a31bc2eff7664221ce58a43859c4b4e3f1dd29ca0a7aa4c4031c47eddfba8e9c91df42ab12cdff1501a16725d3263596e2afc444097f579aed5751b34ca6ab2425fd98c6e32062684a1c029588010eac4ae315de9bfe7dd9501e10beb94bbce987b9270826c94158f8dda346fc17b4dbd324053ed8fb82837bedb5e6f403e8ff7ccffd63e02ac89ff96ecdef52fdba674ceda400330ced086405dd03873ed0e56c5e1bd660c241ae556359747aee9db71e8600c5e78686209109e35e75204b657650586c35b7e349bfc2ec8fda2477963b5cb182a8aa3e300688bd0cbe80f79d6cc7bf8e075756f1a59905b2ee487b3975387ba55973262935ad19955e3cafc44f3934f69e49b7ef4bf4ad6f0f2d14637a8364201c9273fbf1b2ec00ad239e3f85b56025ee9f81d6c06b7bca738d312c66e72c0eebcaf7c695f794b181b584dcbdf663eacfb635d9f624e19b52ae9b2afe11cdc341cf27b7ad82dcfc52a382942d84339733ae772d256e5090b97f6011b371c863f20e828b5458e5002acadedf9a93f9d2e313d596463fceff97833c9f07579a76277b1038a90e84a00445d0ea0e0995efbcd89b396e740fbf48037382c6d2c42294e7a9f86b95ce998fc39b524cdef5531cf7ab231f11d6540ee77ff621bd739bbf243f16c5d6788102e073d31a7dfde8605982a98c2aba0fbc27bb3cecde8c77c72d61be7d3ccad7bf6e19be8fa35cd936c741ba798f1aa0b6e40b2fe2fe460856c190f236a29f98bb788df5afa068ffda2d8472d5e854ecdad3d918b55f0e2e9e4166fbce886d9b2738aeb4071169bf4da5c204ae29ca65e1a9b6f2e8f56ae22697b10e4f31f8d27036404e36b101c53993e0e60041bb26c117978461575e3e01d8728a396d5c305b381bf1f0f62cdb31f123943cbb8ec8366061b18f6ed803423aaec2fd97f30b9632b7628ca02e8d9699e35a54bb940cb112e21bcd13d831ee3ab1fb478f22c8faf4fd0b4beddaeaebe630a2c60eecbab1349f7e76521dce5e9f7b2700c508da57e7e6ecb61f1153c677c4288593b5db7ebd57b0c0be7e30e54d51f6bf592e413e8d0d278b08a4fd3a08cbb711c6a145c64d1528448069345fcce7e2c46ced9fd1025971704b5a7bb03a0b50b5133279bd330ec942613311aa085d9b0b92f5036dd26145e064ed1585f5331c84d44b4bd3926223fc82b6b33273cf07a1c7bf2892817e063c1debf93bde870cf2fc90f80f94a9bad1aae11e57ad8fe2a8ec42685a5f572d39d18d3cdd93bf32e5b537dfbd8c6472d91cf508a629c7b99bc16d007dbb3d2fb7e359a7b97814a4e7ef3345ba315db5845a63604cbe4180dd21b7f6b043a71fa000bb1bd06557e769a82fdc486b16a08d0441dcf97e6194fbab0f078580143a027024f0d23425b156dfc4905d9486ee44508548ded6b07d370a33ca114f9755ca66ae3b197086c07acf186654b21fc3fa4f2b49d4e3f1275ce0603109519f61f739e3862c0ae006f4aac0ec7740f87b2ef3e719afff40c1373d94355a310629374049936b3cb1d9b5c592b12b290f5e247cdca432e7a3b0595fabfab9fd50f1c7495bfd7a743e4896cc78760c9da150f4722642badcd0bdaf92855c609d9a496b3a9acb3bec1055db0dc92d4c33780c7c48001b8e348f8dcb53505f086c407b8442dc42be782e75d356275eba34be161512d5704f7a8663d6d0b1b38c0a7f9466861facf43da441d29858791e57c808670e4ecce452ef9154b5d87b14545d07a6a9ef73de1d029e407a634567f7419398ea73772b80f7235959eb6ad31507139e62de2bd2c2310538db16e4dd036b646992989c65db6bde5f9d88136b41cd5bb1d53a17201586c73639ab1175a8d015b4150842159721f0dbfd7518d45e2dbe8a3057ad816427c664ed0912e2b1f1d6e7b5712ee0cd336122e406d13e38409a66d96a16bd0eaec5870a956247cf159572307dbbba6266f2b5745c4988660f21ac5efde67cc62d85d0d20c428f6f66ecaaae4c44c389772bf8c00136ffad795871595d8610c151145206af33f16a803cfe4af61eb68d7fd03d927eb9e0283aea34011c015ed677795077c8c15825b5413f5794774a84104d3e14f0a2d8657501e9e44b1c50a385d5568c85960778c736249bb285ad95c69e6fbd8ad100a516f986e2922cff3025df028c9f959c30ca9b6e01d31ada24530e36e0d1c72874131b6524ae78f1cdb2c5767f79c07e71f25a5003a2238591aa8262454120a189d2d285d905da763b5888c0909dd2bd5b4c720f1f89268441d15ed098b71a528a07bc3d85e09a9f679dae303b5a5b935dfc4ae992134f0aae360ba5e73b9ec3e7211cdf65b699b69a695bad7660d39a70d13e1583689dd5cd9754b3750766738598ae3ce441b78185532ce18b713c500f0badd55dfd807db471ba640e015921525c47865a387092e4c606acb6188b5781892f6c6a43d6de2f94270bd5c4396ee27f207bda12d0536ae9eb4b07423cd64071e149ea0fd950e0214138b6eb9df257f45b7900ee610dcc0ba9f4871c4515becb3c1c5c62d1a775940cbfc4401b900bc531118daed7488e6625a68f69e01ef08c8a19a3e192cbe16f078b5efa9e14db7998f43f777040983ffb0cd58aa927f32d7bcd0940316b6d6eb1d2abfb60e7c46edad4dd3b6bf8b5570a39e78d841dcdee715ec61256660b35ed4bb84eb5ad50a9be1023a9435481656c354108b13793fce531d7a7cc30e88b3559129f3531c82f6b7e6d30f9f1fd93fc41bc87fa18655c7053ae132274b4f68600e86cbf64a0a962774f64aa9f1c89f8b4f960491846f7de780405f2d2f9e78b8b090f90e156b3258e5a40b09d0ba564f9181843a8c5df29dec81ee669ca86d2ab5c3e31ea5fa8e34aa760109aa2047357d7eadcf87294e2967f1f94ee8dac494c7340fc6d40a90f4d286db1a82eeef47488859841554cf488b5f4f95b68cba44aa73232559402667e64b0423651c6b58410e50216ec01ae34b6c5251607369fa887b68b5e3eeca46e5f364f71914c614e62418791b25fdcecb7f815804bc39dfb0bbeb5f830d943960d3f142418d0bc6cb578cd279fab09b1c2573ee4ff13d7a18671ba3b1a7682ce37b22e0799615bd5e6e55c907e3a3e7af793b54bd35c6494f8d6ea7410219a064448b29a025326c15b43f00d60eb82f49a8e6f58c5282feff09834204963c7442eadcc8d4c458501fbdc9a01c294c8a8f6e8168e245068ea007e9bd931740c1e107f906bcce7685e2c889e40f5fd7e313827edd51c5c687159211c3f54ba1b3cdeffb289b494490f550e988df670056980ff3be14c45faca38b1f47ab085c8ceab964854354416ab8cd41882c7755c407e3e01225792ff6c6faed75a0b378aaf1317c2f121b13b26b4cccc4a297af900c130ddb5159e0c258e8dd19356e3615a8b8f4093f6616a2d64fbdda684baf2e777900b0583205c0b67539d98a138af49394297c724ea10bd3c3f99ad5886438c1e691d8b664b3407c147dd10ff591f0bb6538c7a92ed864c127cf4a85281705028aaaebddfffaedf1010f150b71f0ba6addde2f0ce316d70f8a1cfc82d2e95aefbeadeb518819e9791311e62312e0335d9e0ea141220a21571fa96f125a1c7ba2142e4556242f850cadbfd3eea6874bda5e2c70a5f151161e1a249632733321f42c1c2ac61401f520ee5ffff311bfe6faa419c3796a13f12e28c5aca49da5480ed81f002eb17ff62e9cece682baabff3b09ec8b326dafac7574ca749eeedde09beb806409d6afdbe67b13a0ce328b8216e82e8fc940a0284bb16cf36e05b7c274f74eaa96f9aac015fa75161b8eb395797b9d65ccc48a47ce0796a79aa4f6d560e5e689f0dc4929863c78dd89a0ce492b25ddaaed7c799a64958e98f60dc35c703cbe3c83e20e8920ac875258196277d9f3cceb79e8c6c5457dd48810bb0c0ddfddcc2e204a5e2e3e2a2dcda4ebffcdd5119e278167457858cedc18cac6f98fad99f3ccd6076b5aafc5c6eb722bfb81bf2d3dcf6a8891453a4bae96e2a6d5d0f4c053b8c228ef501fa15c282c6fe7750bd1f5f1ef1e6420b2ea8f7b28409c4e557c0cfc097ff8b3f917e559c3e55e875008dfdbcfa53762bfb780fb46599ebf82bae73d51f9f5c43f8638c0c040a2aacf96131cad4e67a42bd003f308cf89249109a7425329ec44b36af918fccb92a27bd97d92ffd763638e5682a18e7053ba795a8ec3dffbbb5141bb7c365b134ee707dd14f8a5038eb57653001a753830db5d39002f03cd3fd18242afc4072d226c156446fda39a85e4d9dd87ef9e0748d9f1daa3251d7ea97d3b7e575e9b9bafa0a2085a3e7dc15531f138c403560823c0b367ea558b34a7c18dd5a0ec0e5bb7b5f5e6609cfbaf6c2c827e104c148931fd0b69191bcf647682464960b907d36140aed2f0609cd8fffeda3b9edffb16c9d734b9bc47790908dd34c3d0b38d0874faed631d4e1e14a050d3a287f8b3e060019b7e4d3500ff2b43107e8b6fa2cea5781dae2a8c2ea20f13df631d6a33f36297d7ecc1da30af4387938bcff605c7b584c8abcd20ad671a1b6c79179eb6a213a07a9adaac437fcd92ff7b3d045c3a6f8ec466e5c1308fa830c60c301b2438f3ead388421dcf54de75308af4cf4d00ba46c48bc8ca6fa4f68a82ef361dc9bff09764630fdcf64d5b9adf4ef4a27e519dc2558e3f6feaa8c57784d126f1039271108588924a1ac6ebdc6d69164da324524fe59111d8d104cf0c571b6e97f9d2b828f1b323e47f09398dd909d1686576000bf0d8549203962abb001ad2717414e0411d7a0011aafa063e29080942cafae39ee8d3e03eaebf8160ac10dc9a7987982194e030f4568a6e4f15998df923ae611f2fd94eb8be9144658ebe146d16789e99387167ecb51ef32eb53b8c4ad91b686d69ccddb0f894d0f6722206f736a1160a00d5a7d79fa61b133252d2da83152964a85a76aa517ae18c498077845efafaf148aba436ba2654e8b7feccf05cc7e3c281e6a4f06c36f90a45347dfc9ed6244c506bce1cf35ce9aaf57c0832e85c616b70e2f50eb35ab1eaf161f08313d10c161ce3511f6ba5fa073301078204527a78ee9980384ea87c622f6d848b86d300af89e6c015a510d6514e06e075c41c3ecd8c38b1c67f04ee126a61f96f6fae4ff2e594fe7211ac13663a57786e0c24b4824a78b87dd3ff2bf777ed0b5f4bedbb9705d3286c7356810f364dfcebf6313c8e08f57d2ba3c2b6f0ce25e5a18355ac6d8848f41d1d34148aafef781c4077b84c6c29d103c5b41dce6a531a8760a2f29d27251457b9007204ba43d69400aa9c046e1e23c6eb40f6eeb5ba4a86bbe316c4e2f68f76a97cbdf10bd4ef1952047217a07338d3d9c939334bd469ffe3be5ebaaf42c0d5a0afbe8d95142a83c4545aedf71e8b7b840e7755230d1abed4fcfcdc064a8e388e81ecb0652e664dbd8260d17c02a482ae14d6c113631c2cbbf83d4d0131b7508d2c1eadec233cd18b4119c43b51b030ba9b9b59418423aa35b4b3a2319c15", 0x1000}, {&(0x7f00000038c0)="9fcd615f0477c10c70a5802504e81bd724973761497c007d35390bddc2d244bfdb99618d3baf849d3da12917abf9714262d82aa4e4f6bdae592e422bd9fd35dc4f90fa9f8e4b1883609c46dddbf8b448f014a48161ec3121b9d6c66d3b7bfdccf346d67396e5824441da700763c3163b611f1596de4f1c98cc30e59f13795059900b8843b36e351d03459e31ae4d08ede24cb020420591f09dab890760edf1ccf8ef6ed71e421a4c2bc7878cf3b96a71a530b09c0c6125db5f5bc39ff52b219f21aaa7f6e79ed3fd60a5367cf4e0b36f0e3631dcb3c547b774a9", 0xda}], 0x6, &(0x7f0000003a40)=[{0xf8, 0x16, 0x7fff, "6a20dba8b08e6a2f096ea48ca34591d549b70c069620238426abc902c5c4902f51e21748cd238d88d144708d16de57983ee34ecf7bf623d38b15107bc1210b06e619c182844dc687ea2c500a4794b1df0b1aa912fb7ce667f3f1580224efbaf1f30ffdfa677546314450eda4c7ae2b6c1df06d11e5a4034e7eea0e7b29c46a33e2d3e1d33edc46ae9873d719984a976d1181d4815826d42563cbb63c074a5e316ee536c3e18a8b8e924fcc821c78913c283d827d493d0ad55a0a25a20e9a6242895f7fe50de952ed9be4adbadc75607386300c0cc1dfce7ae765e06b178dd764f1"}, {0x88, 0x112, 0x200, "611a0b21f505c9bacf141cb5f31228e136476229df383651596a01f47bc2d24413cc790cede430039e8688bb84f2b204f9699ef0088b090272266d135f394aef7629bf959e9f99a89e9f902d53f38463d7f2bbb56a9e460cc8f7558adba23d996e0e2f43b8a4039c488918381ae7eca6a0"}, {0xb0, 0x6, 0x401, "0633a1f1501af56ad00a6a0df66b352d6cc4c95fe58db59af1eb461fafe010512fcd57c225f86f91577f10df055e5992e5197c70753c51083e83da8768ffff6000938c9744fdbfb9fdba247ed1696a8a031473311c139d156ea4361f047710d608f2955571d5d96ee2c326e8595a515efbe81cfc8af652d54ca5d9f2c56d8d60b53afb23161b185fb2c0853060744a13fb8b3fbd113a4d2687f6"}, {0x1010, 0x103, 0x10000, "806bfa856219e0f7f4aee6337874c368856e12bf8f5e61257de6a692d4aea15f868edb8969a8a8a362f313a85925a806735ae6570d511bc0c98cfbf680f197d20f2e5e3d02cbfc9e76ad622974fd50794f1f60559107779287dca78a3237761fed0fbbe67fe823d42d459dccf73221a1fc0db39d2ef895c8b0a5ba82a320f8247103696ce16af23af621ccf0ef63c90c113114dbcdd767f08baa9c2cad2e4f8057fb1a3affc0ee5cf1586225834789370cbdb465306aaf15ba572fcbc39e9d3a040b2654483a6d82621e5231b6008954a9ba4121a06d96f2ce28789333b3699c782657a5ccad182838439dbc845a5484004f23944a10bff3c416961803d1f93977d0a4d033713bb326a246f47a83142e7f0051086fb5077cdba168c3a9d8e84998927ad49f5dd8488b5e51bd20ab1392dc2910c64bad436e960050840a7330c9fc7823a027226ed1b4dcb5dd2cc853c0b24864b0966cccf11a3980a63c40765d67344f63f3178f32177a8eab839cd566277918be59a556363467908c4221f2b6409ca65b3cce88c31ba3291e5996dcae8f0f497634d9bf7d16995f665ffd920cc4b634b12456f09f0a729742cc83655336a75adfd8ad436af6f88b0417d3617fa2ddc81f7227d5e542261cf82ba82b52d4f5f66d73f71b7ed492eca9f3dcf8f8e5003a5200a6cbef84b342f504a9f0bba4b7aa312c35ad178839d72a54c958143efd0a47121b7a297dc72b094a20e5974fe674daf037e94c8a2e94dc49eb59ed9d62c478f0c80f58dbd78a85bf34cf3a1fe53754c764cb65a940984de036c72bf28fe995f6ac228e82918b8f411bae7ef0836f8b067f3dea7599bbd6afd1e8d42cadcdc7c97764c1a0006cf91b00a8fccb7af4dec2543c0d19bd0c625a24fc5bf4030382660248b82a470fe9b2eb28651126f3b4ad588e5250179aaa0ff168ecdced4d4b413177362a78c2d363b076e22b250bc5b89ce9777bb2fcc97a43a35262f28dd9c8fb8171af94c4833638755d8c557bf61708ef858afda8c01923cd9c563e62d7d8663211a0a083db0dbce80929fadc072a6796569920dfef24542a47b7bff2aaf21b919f70eb5e5b71de0164d2f2633bb1c2313581ad92eea8e75ae9a2763abc155eba4b6add604bdcd23f02a7df8364e586bbdd81546bbd3829d04861768b0301df8c04a946fd1da735bac77b162333a6b59fe6a519aa8e613b55264e9453a2fc4233638dbc8e365ac30068d47db53c7cd1f43f6209c315d1044a418e464e933c9b9dc86b6a7b2c0e6db7d98404c94f2faa71dfb87acb195ce3b424dd35c71bd71b2a432e06f5c67363b11b34419de4b80e239170ab1fff13da0ddd167a89ffdd47cf01f2095e80664fa9cacc7bb0e77f1e32b5d83f2107a528efb6fa33b1b7c4a0cb0a29b41c0256f5d15cac9fb497b198e449aaff07e3d99fc9acbf5dab005d1a07a1c83063ac7389a760ee119ecb5736858897fcef762ed25ea3429a11d56287a7745b9ea5bd97d43a2fdf99e4aeb330dc8edd57875327d5ca2503e232840ab1763f91c3496f6729e475000ca8b738aff7153d817152e6ff4af9c5855d354f20df1dadd022f4af46d3a40cc26f44dae58ebe922298d721b3b09eca98f5a5058c2acf17ed8e8249a13f6a27c59a15f70700460803b75b63d599aa686d9ac0fb5239f370440a0d350b61a4a74cc0ce9a1406a0ddeadca4985b37ddc80208675c1ccfc391dca43bffbcd6d9570b594b541a54e8bffe6cb8a563ab9ecdcffe17eac7d75cfde829d3f2cd8d00dceee85f1053f21c22c35f2bf3bfe1ae4afaebf5c829cf0ec16cd26a934f82f5d1cb23649d47928253c5faddef16dc0a527cea67c6d9a7351c5c7f26aea430eaf9bd9129dd510c3271045ebee16471906d4171bc15e6417c2f603394100fdef41fdfe95ceca0080f6070b36ec491709c34f2b69bd2c94e68019cdce231e7641ceb28c00ff8815561ca40becbdc0930751b477f84a29531f99bf26d75a961b6587d4dfddb2bc06aab2382aac7ac1aeaa0e0b2c99cf5840baa8d06205e911d9d15c18ba140769b38de0d1bd36b488b31b039fbefbc10ce78945c6b20376799c30c5b7d3e8539505c31cc54f2753f4afe6520a69e95e6f1e2c0523a2b7b255c3c30a3971e2ec25ba690d7c80285b7a7f26b35a409bf7b3b962122178ad38fa4da16efe8dea404ecba3fb9e16ce645a12d99705bca00ab6c48848cb145612d99e1a88503646986f98f7f743d63254e9d5b2a1eaa7555c9a95c36e78d06b4b4b3c11e3021d82255f92fec7b36430c33dabc9e52cbe04776f342d040c31d27f76bf15fadd3bd0ed15852e564f1120bb58f8ba6b7fdfe2396a0f5b1ff70fe559f1638100efff533b57f240f502246944b7486b93aafd1078ca2fffb6f6df111f09090eaad896a024bed9a492bfe59075edb16629a1ec1f16156b8e6ae2f1082b21c2f3d72a83fcaa29f8d0bb6f54242ea18378ea550224411631f731f5ad73c177eb4252bbabc969de737ebc30a968e50bf07a49e3d581a80fb4f17d4e1d53790194b99b8f572a4d482dc730bffbc232ec782a218f8503ac1d3af4c1c5e1c6ca31c7a85a4c9a61e1b00550783f96aebc4d937ae78841b4e315d568c689e1156f3dc9d3819070a86a9bbc67ef947b9f97396610c181c17a14b2408f1594ea1d75cb5cf8e69752f7e8e097595963ba10d3dd37544dc973b84e8788d6e42e317c0b0e67985634826dc74a3d266b55e2fe0ba11a7a6517fbc0b19f6fb537083b657a42a68a699240cbea895b15f6c22dbb5a3612cc5dd64243dcc99559be508e18aefc2f7028b5b2eba72b7b783266dfbec8be3914b84f22de25fd49828fd236beca3a070b4dca22c4e047b0e43f6c9218357011f95d8f457b21ba992c5f2e46927acedd4c8303f7dceb5b8d95c33a74d1ec2c2c98495a8b283734c1638df2c3623bcf2d3dd1f567d898b1d057ba00ed45bb6a1819b2b425f8d0ffdc1a741ae748f480009da4697b2dda9d8ee2d556a23c8fde548d3dc22c685c13fdce896841a499e4dac51f4f7c11b8d0663c2d2c534e778894f3fe93376dbead68e0247dc9ccfa61e7cfb484001c17e77f802aca509665e0b119830d89eef86d0d9baf4bb13e3937c2fd8c82aa2110448e3778ab490ea3160c8bb727a6b83b1ea66f2238a49d32194c1da999b72f5951e7fb98cf81496197a68aeff897fc55a6768b6f325c29a03c4f3a04a7a25e26183e3e94b44b7b6612a5aab64adaab9f004777db0e8db1214e8eccc1e42f7a29fb5f2bec44bebc702c3506fe7f231de246e9e878c4329003af2003c2dd57255220057cc2e216e213bf381782e429b8fecaa9124d6784bebda6bc7ad56e8d9fd7447e884b2d83dc54f4fa5a8179eb132d8f9f0c30f2aa1b4e2487e00c84ec69a079db3e8e752a8491020f0c44a453282ef3d528020ef32d803f30ff309905291dc3fdd11fbb1c761a9decdf580638e331fd40460a0bdfbfc43fb432a9f3a5e47ab4c4fd301adb58679f58848f4e0cced360d393dc52c8beca001ef3131a2f8f98c2780fc2dc59787a697d99d72d4205b6e238dc19da4b9c47c93ffccf72566f3682dce1d1422057dabaa6b452006853ed95cd7536d029b5be1cad1f3cf706b534ea264e3a08b9d7e7341adc9304280c33cf451d8c6a5d6db8afac5dccb16ada395dcf2c5f4872fb5e3cc3d852e5ab7d129ba2955ef9a0e12c2aca85d1b5a90a00bfbed87eef7fba2edf900a0a1ad9af4a6070dda691cffe9b32418d6e8956d67ebb255236a5c496477abcd14a87bd13ae71dd692141e76643ce3fe0f1bc8cfbd9ff4b9f38ef44ae87a858f3b36681d628f9de71fc070410f61b3b8148c3240370b0d0259cac486f9e18bcf204c66bf20878834e6581cf754d425477d40b5fc5af399cf0c03fa130476ef40d865a87de3cf1a29c7d9ca953ea6239321dd73959ed366253967a60a17cf8d2b2fa59615ecc442e7c2d9270699f9db82336fc3188a87bcd46107fdeccdbca985446e3af31d3db494886dea5ebf13341b4665a33715e1bbaeded0da3bf055f3a9c5664adb070afe92e5eab722327ad66d88ff543c18540ca37499a751703d1c570c0bc61381a482799e6fca09108ad9c51ee2984f39a999c5d12655e302ac039300c9197492d68a3ae167945d835677e8fbe91bd0f43a3fea05b4823fb257bd5c2c51b657bc6831198f6bdae025534132e5230f6592a977229af7fd35905f075bd0b33e651931fcd011846c796842608c976e1300c7bd3a701c3800650775c5ea91c27338eb974619f0fb35d317f885e24a69b73a5a22ad2c2579a02b3e1c741913846ba7b473d7c7c6f763a24d1313b7cb6903ddc1381415e9708fae808e812477143bb14e97c1fa9a8e93e98dceabdbb6e666338044beb1c24e05720556edd18d1b85fea5386e7d4b828a9fb88355bfa0ebcc3e4434d81ca708f034cedde51b8e8f859315752b6011773503323a0e10267d77196224096619290d497d5138a3f660625c8c2efb718b76fc306efc72e05e1676bc0a6ec84f2f69964a405094fc1755a0ecf9ae6395d9a0c395025e001a7886e25663b755b80787677dcd1e54e1d492be030c99b7518bb6f7e6e8b578de436621a550cb861f3b6ecdd0f01410743513404de8e494cd853aaf64a2eb73d4055a9230d8e05039a8e4461d4d9c87c018b28619c9f80acdec95bab08df1d489a546c4a3b2c27530928a7d5c84d8e2330431292465496dfa6e0667e483a6d6fe642d1096a4e867cdfd95a1985f7c0f84415e6449039b6e868a8ce3431829ea0eaf01b023d10c5ea8e5f18da16e46af85643700b802861c9bf5cf0f892ea960198b51a70f1ad2498d680e6403bfdcc0527e6171945616b991d40388cc5cb26d7f089998783d47dcd94266b2ec8661a53746a9f27ec70801ae3ae68bc9c417bd1dfb6b92b8410652d82f81f133d21eb60d253e9a64fbe631f328d1917707a6e472c46de2f8ada55e8877e19af992ec4878a75cdab37bda056886d0cb512767fd0b5e50e3348828cf9981087a61bc5f48a026bbb24e9909f9dfa582c46b718ecf6de4281819c3401aa4c5e9cb4b10944ca53ce3abded4ae9286b5fe03e69fe5657aa21832f0e29fba89336e6c6e5a499068c1d766fc2deb0257c93268b891e55f59eef898be6cb1c794ff2ab8225f8d42fd921aa96596a9d3249f4894dab482fe7bef6814c1f1169c060b857e8f18afcdd82dc702f6a6dbcce41bfbf8f1d16bb77739e595f2d815c77be0d9758e234983fb9a8d983db1acc5285bcc056b70db21462213e736b3a024a9b72a1b59a7aa334bac81fea82d6c6663506584246ee12fdd8a9c57fc88054c4a1d361a0ec94049dad327c96e26a817eaff741108f505cca78f1e19e522442a34d11d1a0ca1bc641460fe3cdde3ebbea939449d7cc0bc7ac02609121506efc201660c00918ac570a4ffa22b25b27a92a65bbccfb3008872900c5d89fca95bcecef582cff4fbaf599a8de3661bd5766c40c4e2d30e59ce1d95c253083edd7d24ab3b104fb55519a5780c741262b7777eb329badb45133416e84457be5b270cda65ae1ca519b397b603ac188c7a0b5e110a0d736a0236eeae32063e5da7de0da9c979bd94586ee1f0f8d69d2e988d479b5108c31d8eb80e5833fd4bb0694a0f54aa1ae86e74b12061857d23cbe9bdcf3b1a79c6b3490307c3be9d5490197b77face71b46844002f33ae3ffc30ae124197204ea60377c036bf51736ba007b603815950b260986a9b3c1350"}, {0x38, 0x116, 0x3ff, "5fd96080f3b77ee335c4ed2a2b78709b77ca9fffc06d0efb37e3ebd2f88407386e373512"}], 0x1278}}, {{&(0x7f0000004cc0)=@x25={0x9, @null=' \x00'}, 0x80, &(0x7f0000004f00)=[{&(0x7f0000004d40)="62a049001aede61105d7afc3559ec1d4f65cf8bab7eb7118ee43a510ee483e438f6da26e445175a2a247d65dca2e007bc144258689a0258ed6a2d21c439cf505ebda60da52ccef36930aba938f64b20344fe1811581bdf096e1ac5e7447979e2c44bc6566f0a6c3b8a92e16573fbe275253dcd3adef16e5c9b4a54db9a7cc0e57c1bfa0ceb4da6b147121e33f3f3afc323f6b09b50ee92e5bc005ad647a0f856ccf9d0dff1869f4a37f5485b15ca6aa539b0b8a66d", 0xb5}, {&(0x7f0000004e00)="09c3dabd77fac43526c144315adf0ba951b47b2cdd26551dd1748be15f2637b84f8112cea98f37b58d8957ab85e17f9be5ea49981452af4fe751cb54553c56bdf51348820121ed064d4881480b5ddc50c180e2fb037e99feaa676df08f3806cb344901e39472b8cd76b2c00c1bb6284efcda014e4a32e6bb044ce762944d648aa8910ad7c4d62e920586b5ca862ccc4a4150357877006ca906734cf1e6b055ecdfeed988881133a6fef358b39f3c82fadfe58606ab264c873c92695b19c313aa1808b78ca1834b97cb3fe346475304d01312c90805545705f9b132e350430c02d953ed83e21098c877baacb34769", 0xee}], 0x2, &(0x7f0000004f40)=[{0xb8, 0x107, 0x5, "03e530e34629459f11d5d35fc2131aa0b17c0ac26d7c515e2cc53a1753ee3519772fa59075f360092646c694c9cff1d5105f83f221751fbd2d47704380b8954d1548d97198175ce5180ac8baf35016857993516d05d037aa68d0a72464c78407d3bc76fee306c5013c4cb5df316845a4804111d4e7b9593b66fff15998f1d58b208c0e6da631319fef7876ab56577b16876155ba7286df74f5aabc5b36ca74beebdc68c7a41552"}, {0x78, 0x119, 0x8, "decdc25ac38fb22e2749e62902f6ae109e1054703d84f5754eea6adbf5de00adad8e65b5f2ee6581baa1ff0cdcf1c56de76ce1da73e52f0da4fa5a43df5a8b84af40799f0d93e67ce79413ddc68fcc05cf2673e926b60255de5d9dce475311170e516b6ed90baa"}, {0x78, 0xc57b484fd0e7418, 0x5, "5db7d12cf8a88520946fe84105c5d556d7881194fc19f589b7c07f8c25fef268af21d0f604cd40c70f7a89753e9be824a98e5fb8fbe2746ef4a308bdf20c684076c8aaf4226395dd4b260cb662b2c8204f9882f1df62a2d3b0a6f32703a778c92469cc27e5f636"}], 0x1a8}}], 0x3, 0x1) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:34 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 402.413433] FAULT_INJECTION: forcing a failure. [ 402.413433] name failslab, interval 1, probability 0, space 0, times 0 [ 402.424916] CPU: 1 PID: 21108 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 402.431954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.441314] Call Trace: [ 402.443933] dump_stack+0x138/0x197 [ 402.447576] should_fail.cold+0x10f/0x159 [ 402.451739] should_failslab+0xdb/0x130 [ 402.455725] kmem_cache_alloc+0x2d7/0x780 [ 402.459889] ? find_held_lock+0x35/0x130 [ 402.463964] ? copy_tree+0x4a2/0x8a0 [ 402.467691] alloc_vfsmnt+0x28/0x7d0 [ 402.471418] clone_mnt+0x70/0xee0 [ 402.474875] ? lock_downgrade+0x740/0x740 [ 402.479019] copy_tree+0x33b/0x8a0 [ 402.482564] copy_mnt_ns+0x11c/0x8c0 [ 402.486263] ? kmem_cache_alloc+0x611/0x780 [ 402.490574] ? selinux_capable+0x36/0x40 [ 402.494621] create_new_namespaces+0xc9/0x720 [ 402.499097] ? ns_capable_common+0x12c/0x160 [ 402.503491] copy_namespaces+0x284/0x310 [ 402.507550] copy_process.part.0+0x2603/0x6a00 [ 402.512122] ? proc_fail_nth_write+0x7d/0x180 [ 402.516621] ? proc_cwd_link+0x1b0/0x1b0 [ 402.520676] ? __cleanup_sighand+0x50/0x50 [ 402.524909] ? lock_downgrade+0x740/0x740 [ 402.529046] _do_fork+0x19e/0xce0 [ 402.532487] ? fork_idle+0x280/0x280 [ 402.536216] ? fput+0xd4/0x150 [ 402.539425] ? SyS_write+0x15e/0x230 [ 402.543139] SyS_clone+0x37/0x50 [ 402.546496] ? sys_vfork+0x30/0x30 [ 402.550027] do_syscall_64+0x1e8/0x640 [ 402.553906] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.558736] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.563917] RIP: 0033:0x459a59 [ 402.567089] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 402.574793] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 402.582078] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 402.589356] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 402.596635] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 402.603927] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) io_setup(0x2, &(0x7f00000000c0)=0x0) io_destroy(r4) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = accept(r5, 0x0, &(0x7f0000000100)) getsockopt$inet6_opts(r6, 0x29, 0x37, &(0x7f00000002c0)=""/209, &(0x7f0000000140)=0xd1) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 402.705961] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=39 sclass=netlink_route_socket pig=21119 comm=syz-executor.2 17:46:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x100, 0x0) ioctl$BLKPBSZGET(r4, 0x127b, &(0x7f0000000100)) ptrace(0x10, 0x0) 17:46:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x545c, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:35 executing program 1 (fault-call:17 fault-nth:24): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:35 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 403.325133] FAULT_INJECTION: forcing a failure. [ 403.325133] name failslab, interval 1, probability 0, space 0, times 0 [ 403.336684] CPU: 1 PID: 21156 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 403.344676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.354041] Call Trace: [ 403.357517] dump_stack+0x138/0x197 [ 403.362128] should_fail.cold+0x10f/0x159 [ 403.366306] should_failslab+0xdb/0x130 [ 403.370723] __kmalloc_track_caller+0x2ec/0x790 17:46:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) lsetxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='trusted.overlay.opaque\x00', &(0x7f00000001c0)='y\x00', 0x2, 0x2) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r3, 0x40086200, &(0x7f0000000100)=0x2) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() semget$private(0x0, 0x4, 0xa0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x4, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000480)=[{{&(0x7f00000002c0)=@pppoe={0x18, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000340)=""/121, 0x79}, {&(0x7f0000000140)=""/49, 0x31}], 0x2, &(0x7f00000003c0)=""/141, 0x8d}, 0x9}], 0x1, 0x1, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x6) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r4, 0x118, 0x1, &(0x7f00000000c0), 0x4) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r5, 0x0) ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f00000004c0)={[], 0x5, 0x7, 0x0, 0x0, 0x6, 0x0, 0xf000, [], 0xc1c9}) fanotify_init(0x14, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000680)={0x0, @in6={{0xa, 0x4e21, 0x401, @remote, 0x7}}, 0x1ba0, 0x9, 0x10001, 0x2}, &(0x7f0000000740)=0x98) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r10, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r12 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r12, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r12, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r13 = socket$nl_route(0x10, 0x3, 0x0) r14 = socket$netlink(0x10, 0x3, 0x0) r15 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r15, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r15, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r14, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r16, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r13, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r16, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000880)=ANY=[@ANYRES32=0x0, @ANYRESDEC, @ANYRESOCT=r0, @ANYRESOCT=0x0, @ANYRES32, @ANYRESHEX, @ANYBLOB="9a13e05e209037a65428d3438475e2eaef46a5c0ad6690ffc2ba1805b8e94d548abc3f7e851f8a180aa8c756d022c018b87413f868647493050244f84688876c423d271d17a9a606782c014f00745e813315668508c67106", @ANYRESOCT=r12, @ANYRESOCT, @ANYRESDEC=r13], 0xa) [ 403.375409] ? kstrdup_const+0x48/0x60 [ 403.379289] kstrdup+0x3a/0x70 [ 403.382501] kstrdup_const+0x48/0x60 [ 403.386224] alloc_vfsmnt+0xe5/0x7d0 [ 403.389954] clone_mnt+0x70/0xee0 [ 403.393417] ? lock_downgrade+0x740/0x740 [ 403.397582] copy_tree+0x33b/0x8a0 [ 403.401150] copy_mnt_ns+0x11c/0x8c0 [ 403.405911] ? kmem_cache_alloc+0x611/0x780 [ 403.410227] ? selinux_capable+0x36/0x40 [ 403.414279] create_new_namespaces+0xc9/0x720 [ 403.418758] ? ns_capable_common+0x12c/0x160 [ 403.423152] copy_namespaces+0x284/0x310 [ 403.427222] copy_process.part.0+0x2603/0x6a00 [ 403.431795] ? proc_fail_nth_write+0x7d/0x180 [ 403.436293] ? proc_cwd_link+0x1b0/0x1b0 [ 403.440346] ? __cleanup_sighand+0x50/0x50 [ 403.444570] ? lock_downgrade+0x740/0x740 [ 403.448725] _do_fork+0x19e/0xce0 [ 403.452202] ? fork_idle+0x280/0x280 [ 403.455914] ? fput+0xd4/0x150 [ 403.459119] ? SyS_write+0x15e/0x230 [ 403.462841] SyS_clone+0x37/0x50 [ 403.466193] ? sys_vfork+0x30/0x30 [ 403.469735] do_syscall_64+0x1e8/0x640 [ 403.473606] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.478444] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.483962] RIP: 0033:0x459a59 [ 403.487146] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 403.494849] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 403.502102] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 403.509353] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 403.516605] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 17:46:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x40200, 0x0) ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f00000002c0)) r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f00000001c0)={&(0x7f00000000c0), 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x24, r2, 0xd11, 0x70bd26, 0x25dfdbfc, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x20}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x40008001}, 0x0) r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x200, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) r6 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/checkreqprot\x00', 0x80000, 0x0) finit_module(r6, &(0x7f0000000340)='/dev/dlm-control\x00', 0x2) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x4, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 403.523860] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 403.606462] audit: type=1400 audit(1570902396.199:114): avc: denied { module_load } for pid=21168 comm="syz-executor.0" path="/selinux/checkreqprot" dev="selinuxfs" ino=15 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=system permissive=1 17:46:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0xffffff4a, 0x2, 0x1, 0x2, 0x5, 0xfffffffffffffffd}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) clock_getres(0x6, &(0x7f0000000140)) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_buf(r3, 0x29, 0x9cb9bb908d17fd00, &(0x7f00000000c0)=""/57, &(0x7f0000000100)=0x39) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:36 executing program 1 (fault-call:17 fault-nth:25): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x2000, 0x40) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x206080, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000000), &(0x7f00000000c0)=0xb) 17:46:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 404.175502] FAULT_INJECTION: forcing a failure. [ 404.175502] name failslab, interval 1, probability 0, space 0, times 0 [ 404.186956] CPU: 1 PID: 21194 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 404.193986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.203360] Call Trace: [ 404.203379] dump_stack+0x138/0x197 [ 404.203398] should_fail.cold+0x10f/0x159 [ 404.203411] should_failslab+0xdb/0x130 [ 404.217759] __kmalloc_track_caller+0x2ec/0x790 [ 404.222452] ? kstrdup_const+0x48/0x60 [ 404.226351] kstrdup+0x3a/0x70 [ 404.229553] kstrdup_const+0x48/0x60 [ 404.233277] alloc_vfsmnt+0xe5/0x7d0 [ 404.237010] clone_mnt+0x70/0xee0 [ 404.240467] ? lock_downgrade+0x740/0x740 [ 404.244634] copy_tree+0x33b/0x8a0 [ 404.248196] copy_mnt_ns+0x11c/0x8c0 [ 404.251898] ? kmem_cache_alloc+0x611/0x780 [ 404.256206] ? selinux_capable+0x36/0x40 [ 404.260267] create_new_namespaces+0xc9/0x720 [ 404.265616] ? ns_capable_common+0x12c/0x160 [ 404.270015] copy_namespaces+0x284/0x310 [ 404.274071] copy_process.part.0+0x2603/0x6a00 [ 404.278643] ? proc_fail_nth_write+0x7d/0x180 [ 404.283119] ? proc_cwd_link+0x1b0/0x1b0 [ 404.287179] ? __cleanup_sighand+0x50/0x50 [ 404.291404] ? lock_downgrade+0x740/0x740 [ 404.295566] _do_fork+0x19e/0xce0 [ 404.299029] ? fork_idle+0x280/0x280 [ 404.302749] ? fput+0xd4/0x150 [ 404.305944] ? SyS_write+0x15e/0x230 [ 404.309663] SyS_clone+0x37/0x50 [ 404.313031] ? sys_vfork+0x30/0x30 [ 404.316577] do_syscall_64+0x1e8/0x640 [ 404.320474] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.325330] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 404.330520] RIP: 0033:0x459a59 [ 404.333711] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 404.341422] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 404.348698] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 404.355975] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 404.363601] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 404.370888] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x401c0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000040)=ANY=[@ANYBLOB="06000080"]) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r1 = open(0x0, 0x0, 0x0) r2 = getpid() r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r4, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r7, 0x0) ioctl$SG_NEXT_CMD_LEN(r7, 0x2283, &(0x7f00000000c0)=0x5f) write(r6, &(0x7f00000002c0)="2745509784f727690e05161e7e712bb3c4ff0d66a70f365a3526accf56725c42d03cb8869601b17560508d3a5b7f548bb0c148b5afaf54bae7d00d00908143943b7919ec0d101f2ae1c055dabe0fd15f89eac83b286f828e3bcfffbeecce1f50fc634208f6cea4c1371f02c8c8673f54716f05c1c1f739471f33367bda8b5be498e6c67b1ceaac3adf59b608d5ba189e8d21f7e8e106f4863558dcb2672272598a77bb0c8bfffba8b431a16b2ed4ea1a52f5f3c174d4d9c729622c6cd5ea45aace001d6fa760df7d5dc78f5edbe269b91f83adc1fa449afc0e7ee0724acebeea92e6931667110e5f70340b7156bdb7c1a7b1eb8045a5bfc8", 0xffffffa1) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r2, &(0x7f0000000080)={0x30, 0xbb4e732c9e8238b, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'nr0\x01\x00', 0x1132}) ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000140)={0x5, {0x3, 0x4, 0xfffffffe, 0x5}}) ioctl$TUNATTACHFILTER(r8, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x28}, {0x6}]}) ioctl$TUNGETDEVNETNS(r8, 0x54e3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) symlinkat(&(0x7f00000000c0)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00') vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:37 executing program 1 (fault-call:17 fault-nth:26): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000000)) r4 = syz_open_pts(r3, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x2) ioctl$TIOCCONS(r4, 0x541d) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) pipe(&(0x7f00000000c0)) 17:46:37 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x0, 0x60, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:37 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_crypto(r1, &(0x7f0000000500)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f0000000110001002dbd7000fbdbdf257863686163686131322d6e656f6e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000d02aaf259b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e5e00000000000000000000000000000000000000000000002000000000000000000000000000000800010000000000080001"], 0xf0}, 0x1, 0x0, 0x0, 0x40080}, 0x20048010) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$DRM_IOCTL_IRQ_BUSID(r4, 0xc0106403, &(0x7f0000000540)={0x8, 0x1, 0x1, 0x5d}) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) accept$unix(r6, &(0x7f0000000340)=@abs, &(0x7f0000000140)=0xfffffffffffffd2b) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_buf(r7, 0x0, 0x11, &(0x7f00000002c0)=""/113, &(0x7f0000000240)=0x71) 17:46:37 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 405.124500] netlink: 208 bytes leftover after parsing attributes in process `syz-executor.0'. [ 405.135731] FAULT_INJECTION: forcing a failure. [ 405.135731] name failslab, interval 1, probability 0, space 0, times 0 [ 405.147255] CPU: 0 PID: 21250 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 405.154295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.163646] Call Trace: [ 405.166233] dump_stack+0x138/0x197 [ 405.169966] should_fail.cold+0x10f/0x159 [ 405.174126] should_failslab+0xdb/0x130 [ 405.178111] __kmalloc_track_caller+0x2ec/0x790 [ 405.182789] ? kstrdup_const+0x48/0x60 [ 405.186751] kstrdup+0x3a/0x70 [ 405.189938] kstrdup_const+0x48/0x60 [ 405.193660] alloc_vfsmnt+0xe5/0x7d0 [ 405.197391] clone_mnt+0x70/0xee0 [ 405.200863] copy_tree+0x33b/0x8a0 [ 405.204468] copy_mnt_ns+0x11c/0x8c0 [ 405.208192] ? kmem_cache_alloc+0x611/0x780 [ 405.212535] ? selinux_capable+0x36/0x40 [ 405.216632] create_new_namespaces+0xc9/0x720 [ 405.221138] ? ns_capable_common+0x12c/0x160 [ 405.225559] copy_namespaces+0x284/0x310 [ 405.229630] copy_process.part.0+0x2603/0x6a00 [ 405.234227] ? proc_fail_nth_write+0x7d/0x180 [ 405.238730] ? proc_cwd_link+0x1b0/0x1b0 [ 405.242917] ? __cleanup_sighand+0x50/0x50 [ 405.247163] ? lock_downgrade+0x740/0x740 [ 405.251339] _do_fork+0x19e/0xce0 [ 405.254803] ? fork_idle+0x280/0x280 [ 405.258528] ? fput+0xd4/0x150 [ 405.261726] ? SyS_write+0x15e/0x230 [ 405.265452] SyS_clone+0x37/0x50 [ 405.268818] ? sys_vfork+0x30/0x30 [ 405.272366] do_syscall_64+0x1e8/0x640 [ 405.276431] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.281371] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 405.286737] RIP: 0033:0x459a59 [ 405.290543] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 405.298344] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 405.305808] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 405.314223] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 405.322070] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 405.329350] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() getpid() r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x30, 0x1, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = socket$bt_hidp(0x1f, 0x3, 0x6) recvmmsg(r1, &(0x7f0000002bc0)=[{{&(0x7f00000000c0)=@un=@abs, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)=""/131}, {&(0x7f00000002c0)=""/166}, {&(0x7f0000000240)=""/19}, {&(0x7f0000000380)=""/166}], 0x0, &(0x7f0000000480)=""/4096}, 0x9}, {{&(0x7f0000001480)=@generic, 0x0, &(0x7f0000001740)=[{&(0x7f0000001500)}, {&(0x7f0000001540)=""/146}, {&(0x7f0000001600)=""/161}, {&(0x7f00000016c0)=""/65}], 0x0, &(0x7f0000001780)=""/237}, 0x7f}, {{&(0x7f0000001880)=@isdn, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001900)=""/189}]}, 0x10001}, {{&(0x7f0000001a00)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x0, &(0x7f0000001b80)=[{&(0x7f0000001a80)=""/202}], 0x0, &(0x7f0000001bc0)=""/4096}, 0x5}], 0x40000000000020b, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000000)) syz_open_pts(r4, 0x0) ioctl$KDDISABIO(r4, 0x4b37) 17:46:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x50142, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r2, 0xc0505350, &(0x7f0000000100)={{0x7f, 0x3b}, {0x32, 0xd9}, 0xfffffff9, 0x4}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:38 executing program 1 (fault-call:17 fault-nth:27): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:38 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = creat(&(0x7f0000000140)='./file0\x00', 0x42) ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000180)={0x81, 0x2, 0x2, 0x3, 0x2, 0x81, 0x3}) open(0x0, 0x0, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)="b4a9482553eda2c5ecaf9fbb81a0a42233d97ecf6e630343ac4a2103a3c0ce339c1067484b0c15c2643b55b4c426f0a5adb6b0fc7fcdbcfd27fc9aeff1ccd5fd37397e5dbee87a71edeae203b402cff931da84fdff7d75e85938", 0x5a}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x2) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:38 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 405.917842] netlink: 208 bytes leftover after parsing attributes in process `syz-executor.0'. 17:46:38 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x5, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x4, 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm_plock\x00', 0x1, 0x0) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f0000000040)={r6}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000240)={r6, 0x8, 0x10}, 0xc) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0028001200000018000200140001000000000017af11f4496fe5c9292780fae96db18f19da6df77785cde00ffca5f5070df7049f8ed3ed0ec7fcebb23aecd5c0295b0bd00aab01742026781ff1616c3b5a7a525fc5cae0fbc17ae5990c6429804a995314088ac223577fc29251fb54ab71255de7c1bc8b39ea18f94958d8210f341b4225cb3a2f88091fae30d4c99c9815654d0c97ec5223ea8cd3497abe27d3d74f0baf327325d0c838e768dfd8f79bff4d8fcd05d66e44d4f9482428c70f9762", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) dup3(r1, r2, 0x80000) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r9, 0x407, 0x0) write(r9, &(0x7f0000000340), 0x41395527) vmsplice(r8, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r10, 0x0) ioctl$VIDIOC_S_FREQUENCY(r10, 0x402c5639, &(0x7f00000000c0)={0x7, 0x1, 0x5}) arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0xdd) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 406.014399] FAULT_INJECTION: forcing a failure. [ 406.014399] name failslab, interval 1, probability 0, space 0, times 0 [ 406.026426] CPU: 0 PID: 21289 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 406.033567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.044483] Call Trace: [ 406.047090] dump_stack+0x138/0x197 [ 406.050732] should_fail.cold+0x10f/0x159 [ 406.054887] should_failslab+0xdb/0x130 [ 406.059035] __kmalloc_track_caller+0x2ec/0x790 [ 406.063712] ? kstrdup_const+0x48/0x60 [ 406.067594] kstrdup+0x3a/0x70 [ 406.070787] kstrdup_const+0x48/0x60 [ 406.074509] alloc_vfsmnt+0xe5/0x7d0 [ 406.078213] clone_mnt+0x70/0xee0 [ 406.081657] ? lock_downgrade+0x740/0x740 [ 406.085791] copy_tree+0x33b/0x8a0 [ 406.089327] copy_mnt_ns+0x11c/0x8c0 [ 406.093202] ? kmem_cache_alloc+0x611/0x780 [ 406.097517] ? selinux_capable+0x36/0x40 [ 406.101564] create_new_namespaces+0xc9/0x720 [ 406.106042] ? ns_capable_common+0x12c/0x160 [ 406.110524] copy_namespaces+0x284/0x310 [ 406.114668] copy_process.part.0+0x2603/0x6a00 [ 406.119252] ? proc_fail_nth_write+0x7d/0x180 [ 406.120773] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. [ 406.124187] ? proc_cwd_link+0x1b0/0x1b0 [ 406.124217] ? __cleanup_sighand+0x50/0x50 [ 406.124228] ? lock_downgrade+0x740/0x740 [ 406.124243] _do_fork+0x19e/0xce0 [ 406.148776] ? fork_idle+0x280/0x280 [ 406.152600] ? fput+0xd4/0x150 [ 406.155812] ? SyS_write+0x15e/0x230 [ 406.159631] SyS_clone+0x37/0x50 [ 406.163004] ? sys_vfork+0x30/0x30 [ 406.166570] do_syscall_64+0x1e8/0x640 [ 406.170469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.175324] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.180521] RIP: 0033:0x459a59 [ 406.183711] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 406.191428] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 406.198704] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 406.205982] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 406.213269] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 406.220547] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000100)=@sha1={0x1, "6ae8bd8ae8222110dff6290dd5d56cc7f90b64bb"}, 0x15, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/dsp\x00', 0x40000, 0x0) bind$bt_sco(r4, &(0x7f0000000540)={0x1f, {0x7, 0x1, 0x6, 0x7, 0x40, 0x8}}, 0x8) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r5 = syz_open_dev$radio(&(0x7f0000000580)='/dev/radio#\x00', 0x1, 0x2) ioctl$TIOCCONS(r5, 0x541d) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000340)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) recvmmsg(r6, &(0x7f0000000400)=[{{&(0x7f00000000c0)=@isdn, 0x80, &(0x7f0000000240)=[{&(0x7f0000000140)=""/51, 0x33}, {&(0x7f00000002c0)=""/127, 0x7f}, {&(0x7f0000000440)=""/91, 0x5b}], 0x3}, 0x1}], 0x1, 0x12040, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:39 executing program 1 (fault-call:17 fault-nth:28): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(0xffffffffffffffff, &(0x7f0000000000)={0x30, 0x2, 0xb26b790388a4b590, 0x0, 0x76b8, 0x5, 0xfff, 0x2ce}, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:39 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 407.003061] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'. 17:46:39 executing program 4: prlimit64(0x0, 0xa, &(0x7f0000000240)={0x9, 0x8d}, 0x0) open(0x0, 0x2580, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/full\x00', 0x10000, 0x0) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r0, 0x29) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r2, 0x0, 0x0) write$FUSE_LK(r1, &(0x7f0000000100)={0x28, 0xa3d4e6564029977e, 0x4, {{0xc000000000000000, 0x8001, 0x1, r2}}}, 0x28) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) r6 = accept4(0xffffffffffffffff, &(0x7f0000000140)=@in={0x2, 0x0, @remote}, &(0x7f00000001c0)=0x80, 0x800) bind$netrom(r6, &(0x7f00000002c0)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @bcast]}, 0x48) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) recvfrom(r3, &(0x7f0000000280)=""/23, 0x17, 0x12101, &(0x7f0000000340)=@isdn={0x22, 0x3f, 0x6, 0x11}, 0x80) rmdir(0x0) r7 = shmat(0x0, &(0x7f0000fee000/0x2000)=nil, 0x5000) shmdt(r7) shmdt(r7) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 407.089969] FAULT_INJECTION: forcing a failure. [ 407.089969] name failslab, interval 1, probability 0, space 0, times 0 [ 407.101726] CPU: 1 PID: 21348 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 407.108860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.123689] Call Trace: [ 407.129577] dump_stack+0x138/0x197 [ 407.133196] should_fail.cold+0x10f/0x159 [ 407.137332] should_failslab+0xdb/0x130 [ 407.141292] __kmalloc_track_caller+0x2ec/0x790 [ 407.145969] ? kstrdup_const+0x48/0x60 [ 407.152601] kstrdup+0x3a/0x70 [ 407.155783] kstrdup_const+0x48/0x60 [ 407.159514] alloc_vfsmnt+0xe5/0x7d0 [ 407.163224] clone_mnt+0x70/0xee0 [ 407.166662] ? lock_downgrade+0x740/0x740 [ 407.170849] copy_tree+0x33b/0x8a0 [ 407.174407] copy_mnt_ns+0x11c/0x8c0 [ 407.178129] ? kmem_cache_alloc+0x611/0x780 [ 407.182460] ? selinux_capable+0x36/0x40 17:46:39 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RCREATE(r2, &(0x7f00000000c0)={0x18, 0x73, 0x2, {{0x0, 0x1, 0x4}, 0xffff9728}}, 0x18) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 407.186532] create_new_namespaces+0xc9/0x720 [ 407.186543] ? ns_capable_common+0x12c/0x160 [ 407.195433] copy_namespaces+0x284/0x310 [ 407.195447] copy_process.part.0+0x2603/0x6a00 [ 407.195465] ? proc_fail_nth_write+0x7d/0x180 [ 407.208598] ? proc_cwd_link+0x1b0/0x1b0 [ 407.212685] ? __cleanup_sighand+0x50/0x50 [ 407.216929] ? lock_downgrade+0x740/0x740 [ 407.221177] _do_fork+0x19e/0xce0 [ 407.224623] ? fork_idle+0x280/0x280 [ 407.228360] ? fput+0xd4/0x150 [ 407.231550] ? SyS_write+0x15e/0x230 [ 407.235278] SyS_clone+0x37/0x50 [ 407.238652] ? sys_vfork+0x30/0x30 [ 407.242199] do_syscall_64+0x1e8/0x640 [ 407.246086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.251013] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 407.256280] RIP: 0033:0x459a59 [ 407.259884] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 407.267578] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 407.274840] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 407.282284] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 17:46:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) dup3(r0, r0, 0x528b3d436fd52220) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f000000a780)=[{{&(0x7f00000002c0)=@can, 0x80, &(0x7f0000000140)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1, &(0x7f0000000240)=""/49, 0x31}, 0x8000000}, {{&(0x7f0000001340)=@isdn, 0x80, &(0x7f0000001680)=[{&(0x7f00000013c0)=""/29, 0x1d}, {&(0x7f0000001400)=""/192, 0xc0}, {&(0x7f00000014c0)=""/86, 0x56}, {&(0x7f0000001540)=""/191, 0xbf}, {&(0x7f0000001600)=""/96, 0x60}], 0x5}, 0x6}, {{&(0x7f0000001700)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000001bc0)=[{&(0x7f0000001780)=""/143, 0x8f}, {&(0x7f0000001840)=""/227, 0xe3}, {&(0x7f0000001940)=""/92, 0x5c}, {&(0x7f00000019c0)=""/247, 0xf7}, {&(0x7f0000001ac0)=""/243, 0xf3}], 0x5}, 0x7}, {{&(0x7f0000001c40)=@nl=@proc, 0x80, &(0x7f0000002f00)=[{&(0x7f0000001cc0)=""/49, 0x31}, {&(0x7f0000001d00)=""/82, 0x52}, {&(0x7f0000001d80)=""/198, 0xc6}, {&(0x7f0000001e80)=""/33, 0x21}, {&(0x7f0000001ec0)=""/4096, 0x1000}, {&(0x7f0000002ec0)=""/60, 0x3c}], 0x6, &(0x7f0000002f80)=""/127, 0x7f}, 0x9}, {{&(0x7f0000003000)=@isdn, 0x80, &(0x7f0000004180)=[{&(0x7f0000003080)=""/4096, 0x1000}, {&(0x7f0000004080)=""/83, 0x53}, {&(0x7f0000004100)=""/107, 0x6b}], 0x3, &(0x7f00000041c0)=""/181, 0xb5}, 0x3f}, {{&(0x7f0000004280)=@l2, 0x80, &(0x7f0000005640)=[{&(0x7f0000004300)=""/195, 0xc3}, {&(0x7f0000004400)=""/200, 0xc8}, {&(0x7f0000004500)=""/4096, 0x1000}, {&(0x7f0000005500)=""/6, 0x6}, {&(0x7f0000005540)=""/246, 0xf6}], 0x5}, 0x200}, {{&(0x7f00000056c0)=@isdn, 0x80, &(0x7f0000007b40)=[{&(0x7f0000005740)=""/14, 0xe}, {&(0x7f0000005780)=""/88, 0x58}, {&(0x7f0000005800)=""/4096, 0x1000}, {&(0x7f0000006800)=""/141, 0x8d}, {&(0x7f00000068c0)=""/99, 0x63}, {&(0x7f0000006940)=""/120, 0x78}, {&(0x7f00000069c0)=""/228, 0xe4}, {&(0x7f0000006ac0)=""/121, 0x79}, {&(0x7f0000006b40)=""/4096, 0x1000}], 0x9, &(0x7f0000007c00)=""/29, 0x1d}, 0x6}, {{&(0x7f0000007c40)=@nl=@unspec, 0x80, &(0x7f0000007e40)=[{&(0x7f0000007cc0)=""/125, 0x7d}, {&(0x7f0000007d40)=""/31, 0x1f}, {&(0x7f0000007d80)=""/155, 0x9b}], 0x3, &(0x7f0000007e80)}}, {{&(0x7f0000007ec0)=@generic, 0x80, &(0x7f0000009240)=[{&(0x7f0000007f40)=""/151, 0x97}, {&(0x7f0000008000)=""/96, 0x60}, {&(0x7f0000008080)=""/4096, 0x1000}, {&(0x7f0000009080)=""/130, 0x82}, {&(0x7f0000009140)=""/224, 0xe0}], 0x5}}, {{0x0, 0x178, &(0x7f000000a640)=[{&(0x7f00000092c0)=""/78, 0x4e}, {&(0x7f0000009340)=""/4096, 0x1000}, {&(0x7f000000a340)=""/183, 0xb7}, {&(0x7f000000a400)=""/195, 0xc3}, {&(0x7f000000a500)=""/22, 0x16}, {&(0x7f000000a540)=""/19, 0x13}, {&(0x7f000000a580)=""/160, 0xa0}], 0x7, &(0x7f000000a6c0)=""/184, 0xb8}, 0x6}], 0xa, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x3, 0x0, 0x0, 0x3, 0x0, 0xbb34}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40086607, &(0x7f00000000c0)=0xffffffff00000001) [ 407.289547] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 407.296814] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) write$evdev(r4, &(0x7f0000000100)=[{{}, 0x15, 0x40, 0x9d}, {{0x0, 0x7530}, 0x15, 0x5, 0x2}, {{}, 0x16, 0x1f, 0x1}], 0x48) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000003c0)={@ipv4={[], [], @broadcast}, 0x9, 0x1, 0x0, 0x2, 0x0, 0x8}, &(0x7f0000000400)=0x20) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$EVIOCSABS2F(r2, 0x401845ef, &(0x7f0000000240)={0x6, 0x6, 0x0, 0x1, 0x0, 0xa5}) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = socket(0xa, 0x803, 0x9) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) read(r5, &(0x7f00000002c0)=""/221, 0xdd) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000180)=0xb, 0x4) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r9, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r9, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) readv(r6, &(0x7f0000000800)=[{&(0x7f0000000440)=""/6, 0x6}, {&(0x7f0000000480)=""/45, 0x2d}, {&(0x7f0000000500)=""/83, 0x53}, {&(0x7f0000000580)=""/211, 0xd3}, {&(0x7f0000000680)=""/142, 0x8e}, {&(0x7f0000000740)=""/6, 0x6}, {&(0x7f0000000780)=""/113, 0x71}], 0x7) 17:46:40 executing program 1 (fault-call:17 fault-nth:29): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:40 executing program 3: read$FUSE(0xffffffffffffffff, &(0x7f00000002c0), 0x1000) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) open(0x0, 0x0, 0x2) pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x4000) ioctl$USBDEVFS_RESET(r0, 0x5514) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000000)={0x8001007, 0x7ff, 0x5}) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) syz_open_dev$vivid(&(0x7f00000000c0)='/dev/video#\x00', 0x0, 0x2) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:40 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:40 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x290, r4, 0x701, 0x0, 0x0, {0x7, 0x0, 0x1a0ffffffff}}, 0x323}}, 0x0) sendmsg$TIPC_NL_MON_PEER_GET(r1, &(0x7f0000000140)={&(0x7f00000000c0), 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x264, r4, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x38, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffd}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x9}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfffffffb}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x48, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x200}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80000000}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8001}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7f}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x401}]}, @TIPC_NLA_LINK={0x118, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8d9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x800}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3d89d330}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3fc}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x10}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}]}, @TIPC_NLA_NET={0x30, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x98}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x80000001}, @TIPC_NLA_NET_ID={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x80000001}]}, @TIPC_NLA_BEARER={0x5c, 0x1, [@TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e22, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e20, @loopback}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x8001}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz0\x00'}]}, @TIPC_NLA_MEDIA={0x20, 0x5, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x264}, 0x1, 0x0, 0x0, 0xc080080}, 0xe0c0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 408.229957] FAULT_INJECTION: forcing a failure. [ 408.229957] name failslab, interval 1, probability 0, space 0, times 0 [ 408.241422] CPU: 1 PID: 21398 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 408.248682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.258040] Call Trace: [ 408.260645] dump_stack+0x138/0x197 [ 408.264295] should_fail.cold+0x10f/0x159 [ 408.268989] should_failslab+0xdb/0x130 [ 408.272985] kmem_cache_alloc+0x2d7/0x780 [ 408.277155] ? find_held_lock+0x35/0x130 [ 408.282108] ? copy_tree+0x4a2/0x8a0 [ 408.286016] alloc_vfsmnt+0x28/0x7d0 [ 408.289765] clone_mnt+0x70/0xee0 [ 408.294114] ? lock_downgrade+0x740/0x740 [ 408.298287] copy_tree+0x33b/0x8a0 [ 408.301857] copy_mnt_ns+0x11c/0x8c0 [ 408.305577] ? kmem_cache_alloc+0x611/0x780 [ 408.310427] ? selinux_capable+0x36/0x40 [ 408.314482] create_new_namespaces+0xc9/0x720 [ 408.318981] ? ns_capable_common+0x12c/0x160 [ 408.323378] copy_namespaces+0x284/0x310 [ 408.327509] copy_process.part.0+0x2603/0x6a00 [ 408.332081] ? proc_fail_nth_write+0x7d/0x180 [ 408.336731] ? proc_cwd_link+0x1b0/0x1b0 [ 408.340806] ? __cleanup_sighand+0x50/0x50 [ 408.345025] ? lock_downgrade+0x740/0x740 [ 408.349160] _do_fork+0x19e/0xce0 [ 408.352596] ? fork_idle+0x280/0x280 [ 408.356391] ? fput+0xd4/0x150 [ 408.359578] ? SyS_write+0x15e/0x230 [ 408.363278] SyS_clone+0x37/0x50 [ 408.366633] ? sys_vfork+0x30/0x30 [ 408.370171] do_syscall_64+0x1e8/0x640 [ 408.374051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.378883] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.384054] RIP: 0033:0x459a59 [ 408.387227] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 408.394937] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 408.402200] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 408.409509] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 408.417299] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 408.424554] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x410000, 0x0) ioctl$VIDIOC_LOG_STATUS(r3, 0x5646, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r4 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/checkreqprot\x00', 0x200100, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000100), &(0x7f0000000140)=0x4) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 408.526917] netlink: 636 bytes leftover after parsing attributes in process `syz-executor.4'. 17:46:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000005980)) open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) fcntl$setpipe(r5, 0x407, 0x7fff) write(r4, &(0x7f0000000340), 0x41395527) r6 = socket(0x3, 0x6, 0x10) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) recvmmsg(r6, &(0x7f00000057c0)=[{{&(0x7f0000000100)=@pptp, 0x80, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/211, 0xd3}, {&(0x7f00000003c0)=""/186, 0xba}, {&(0x7f0000000180)=""/4, 0x4}], 0x3, &(0x7f0000000480)=""/4096, 0x1000}, 0x8001}, {{&(0x7f0000001480)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000001a80)=[{&(0x7f0000001500)=""/114, 0x72}, {&(0x7f0000001580)=""/100, 0x64}, {&(0x7f0000001600)=""/91, 0x5b}, {&(0x7f0000001680)=""/240, 0xf0}, {&(0x7f0000001780)=""/247, 0xf7}, {&(0x7f0000000240)=""/30, 0x1e}, {&(0x7f0000001880)=""/238, 0xee}, {&(0x7f0000001980)=""/67, 0x43}, {&(0x7f0000001a00)=""/20, 0x14}, {&(0x7f0000001a40)=""/15, 0xf}], 0xa, &(0x7f0000001b40)=""/152, 0x98}, 0x9}, {{&(0x7f0000001c00)=@pppoe={0x18, 0x0, {0x0, @dev}}, 0x80, &(0x7f0000002f40)=[{&(0x7f0000001c80)=""/225, 0xe1}, {&(0x7f0000001d80)=""/3, 0x3}, {&(0x7f0000001dc0)=""/183, 0xb7}, {&(0x7f0000001e80)=""/180, 0xb4}, {&(0x7f0000001f40)=""/4096, 0x1000}], 0x5, &(0x7f0000002fc0)=""/55, 0x37}, 0x1}, {{&(0x7f0000003000)=@x25={0x9, @remote}, 0x80, &(0x7f0000003140)=[{&(0x7f0000003080)=""/180, 0xb4}], 0x1, &(0x7f0000003180)=""/4096, 0x1000}, 0x3}, {{&(0x7f0000004180)=@generic, 0x80, &(0x7f0000004300)=[{&(0x7f0000004200)=""/251, 0xfb}], 0x1, &(0x7f0000004340)=""/4096, 0x1000}, 0x8000}, {{0x0, 0x0, &(0x7f0000005640)=[{&(0x7f0000005340)=""/142, 0x8e}, {&(0x7f0000005400)=""/230, 0xe6}, {&(0x7f0000005500)=""/63, 0x3f}, {&(0x7f0000005540)=""/66, 0x42}, {&(0x7f00000055c0)=""/7, 0x7}, {&(0x7f0000005600)=""/8, 0x8}], 0x6, &(0x7f00000056c0)=""/218, 0xda}, 0x6}], 0x6, 0x4201, &(0x7f0000005940)={0x77359400}) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r7, 0x0) ioctl$LOOP_SET_BLOCK_SIZE(r7, 0x4c09, 0x8) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) keyctl$join(0x1, &(0x7f00000000c0)={'syz', 0x1}) ptrace(0x10, 0x0) 17:46:41 executing program 1 (fault-call:17 fault-nth:30): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x5, 0x0, 0x1, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000000)) r4 = syz_open_pts(r3, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000200)=0x2) ioctl$TIOCOUTQ(r4, 0x5411, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:41 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 409.179962] FAULT_INJECTION: forcing a failure. [ 409.179962] name failslab, interval 1, probability 0, space 0, times 0 [ 409.191378] CPU: 0 PID: 21441 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 409.198495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.207858] Call Trace: [ 409.210588] dump_stack+0x138/0x197 [ 409.214236] should_fail.cold+0x10f/0x159 [ 409.218401] should_failslab+0xdb/0x130 [ 409.222394] __kmalloc_track_caller+0x2ec/0x790 [ 409.227255] ? kstrdup_const+0x48/0x60 [ 409.231160] kstrdup+0x3a/0x70 [ 409.234371] kstrdup_const+0x48/0x60 [ 409.238100] alloc_vfsmnt+0xe5/0x7d0 [ 409.241825] clone_mnt+0x70/0xee0 [ 409.245287] ? lock_downgrade+0x740/0x740 [ 409.249453] copy_tree+0x33b/0x8a0 [ 409.253544] copy_mnt_ns+0x11c/0x8c0 [ 409.257278] ? kmem_cache_alloc+0x611/0x780 [ 409.262249] ? selinux_capable+0x36/0x40 [ 409.266305] create_new_namespaces+0xc9/0x720 [ 409.270804] ? ns_capable_common+0x12c/0x160 [ 409.275226] copy_namespaces+0x284/0x310 [ 409.279395] copy_process.part.0+0x2603/0x6a00 [ 409.284113] ? proc_fail_nth_write+0x7d/0x180 [ 409.288945] ? proc_cwd_link+0x1b0/0x1b0 [ 409.293140] ? __cleanup_sighand+0x50/0x50 [ 409.297390] ? lock_downgrade+0x740/0x740 [ 409.301544] _do_fork+0x19e/0xce0 [ 409.304990] ? fork_idle+0x280/0x280 [ 409.308963] ? fput+0xd4/0x150 [ 409.312145] ? SyS_write+0x15e/0x230 [ 409.315848] SyS_clone+0x37/0x50 [ 409.319212] ? sys_vfork+0x30/0x30 [ 409.322764] do_syscall_64+0x1e8/0x640 [ 409.326651] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.331494] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 409.336671] RIP: 0033:0x459a59 [ 409.339846] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 409.347546] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 409.354807] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 409.362068] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 409.369354] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 17:46:41 executing program 4: prlimit64(0x0, 0x14d932f4ed85ca46, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_udp_int(r2, 0x11, 0xcb, &(0x7f0000000140), &(0x7f0000000240)=0x4) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f00000000c0)={0x7, 0x4}, 0xc) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x2) write(r4, &(0x7f0000000340), 0x41395527) write$UHID_CREATE2(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c60005000900000000000080030000000600000048772b2a694b17def9e24615d395c957d0e3338b59d67b38dcb97306e7a312e96f619aae4edc2e01a43163b249a2da76a22882d77baa3b6a51b1519d65d1d3ffe917ea0c0bf940a21c30495fcf77d2badb15f95d2b81f5df94a36e36e1b46963f2a1466b67fc52016f6c742b7b57fadd97f3656b4cdf8989f09cf57ca4e8bf8f08eeecc77100443e5e749013dd7c18057442aad4322141a03c44170429398b2e56835924121ac879228f524445e2955d0fa78203cf60d437bb182a37e73a98f3ae99cab01309"], 0x1de) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00') sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x290, r6, 0x701, 0x0, 0x0, {0x7, 0x0, 0x1a0ffffffff}}, 0x323}}, 0x0) sendmsg$TIPC_NL_SOCK_GET(r2, &(0x7f0000000680)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0xb53d5f7dd4af1884}, 0xc, &(0x7f0000000640)={&(0x7f0000000500)={0x104, r6, 0x0, 0x70bd29, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x60, 0x1, [@TIPC_NLA_BEARER_PROP={0x4c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x51}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'tunl0\x00'}}]}, @TIPC_NLA_SOCK={0x40, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1fd}]}, @TIPC_NLA_NET={0x50, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffff7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xffff}, @TIPC_NLA_NET_NODEID_W1={0xc}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x200}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x1}, 0x404001c) [ 409.376712] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x3c) ptrace$cont(0x18, r4, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r4, 0x0, 0x0) r5 = gettid() ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x3c) ptrace$cont(0x18, r5, 0x0, 0x0) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r5, 0x0, 0x0) sched_setattr(r5, &(0x7f0000000080)={0x16, 0x3, 0x2, 0x0, 0x3}, 0x0) ioctl$DRM_IOCTL_SET_MASTER(r2, 0x641e) rmdir(0x0) ioctl$VIDIOC_G_JPEGCOMP(0xffffffffffffffff, 0x808c563d, &(0x7f00000000c0)) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r0, 0x0) ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f0000000240)) open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(0xffffffffffffffff, 0x6611) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000003740)=[{{&(0x7f00000000c0)=@un=@abs, 0x80, &(0x7f0000003300), 0x6, &(0x7f0000003380)=""/79, 0x5c}, 0x6}, {{&(0x7f00000002c0)=@pppoe={0x18, 0x0, {0x0, @random}}, 0x80, &(0x7f0000003700)=[{&(0x7f0000003480)=""/167, 0xa7}, {&(0x7f0000003540)=""/121, 0xffffffffffffff67}, {&(0x7f00000035c0)=""/13, 0xd}, {&(0x7f0000003600)=""/229, 0xfffffffffffffe00}], 0x4}, 0x3f}], 0x2, 0x0, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000180)={&(0x7f0000000140)='./file0\x00', r2}, 0x10) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) capget(&(0x7f0000000340)={0x19980330, r1}, &(0x7f0000000380)={0x80000000, 0x200, 0x8, 0xffffffff, 0x7, 0x4d}) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f00000001c0)=0x4, 0x4) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000002c0)={r3, 0xd8, "d8d08fc5cc2c44b70e0d59314b17166ac5a88a8ec572bc0c497463af0c21160e767ace580da3017324004f43ff77349eb4ad317f8367f9ac5f0b14625b892c93d130f4908a6e8225265c828d698f75d2f96e64abcadd403b5adc3f8b7c212c8c6638ad2b5a38c7c683bca1e82c4fa5b447d84a8b8ec6a0983ddd50a303f6260bddc0615751e6b71d80c63e4b6211da6dcfaedc5c1c3a06e3d2bdab5a64cb461a92c4fdcb3513e5613a8764197901dbaac8bf09833084b39e6c372c8df293eb14ca37d48c966b58057767f0bc81a7ce7f8a78b0b94a22e6ad"}, &(0x7f0000000240)=0xe0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r4, 0x84, 0x6b, &(0x7f0000000140)=[@in={0x2, 0x4e21, @empty}], 0x10) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) accept4$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, &(0x7f0000000100)=0x10, 0x0) [ 409.662256] netlink: 636 bytes leftover after parsing attributes in process `syz-executor.4'. 17:46:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x6, 0x0, 0x0, 0x15b}, 0x7bf030d57f235254) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xf000000000000000, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:42 executing program 1 (fault-call:17 fault-nth:31): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x1, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x80, 0x0) ptrace(0x10, 0x0) 17:46:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 410.074650] FAULT_INJECTION: forcing a failure. [ 410.074650] name failslab, interval 1, probability 0, space 0, times 0 [ 410.087028] CPU: 1 PID: 21500 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 410.094063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.103443] Call Trace: [ 410.106064] dump_stack+0x138/0x197 [ 410.109712] should_fail.cold+0x10f/0x159 [ 410.113898] should_failslab+0xdb/0x130 [ 410.117890] kmem_cache_alloc+0x2d7/0x780 [ 410.122051] ? find_held_lock+0x35/0x130 [ 410.126120] ? copy_tree+0x4a2/0x8a0 [ 410.129854] alloc_vfsmnt+0x28/0x7d0 [ 410.133578] clone_mnt+0x70/0xee0 [ 410.137037] ? lock_downgrade+0x740/0x740 [ 410.141283] copy_tree+0x33b/0x8a0 [ 410.144992] copy_mnt_ns+0x11c/0x8c0 [ 410.149338] ? kmem_cache_alloc+0x611/0x780 [ 410.153674] ? selinux_capable+0x36/0x40 [ 410.157834] create_new_namespaces+0xc9/0x720 [ 410.162352] ? ns_capable_common+0x12c/0x160 [ 410.166773] copy_namespaces+0x284/0x310 [ 410.170858] copy_process.part.0+0x2603/0x6a00 [ 410.175466] ? proc_fail_nth_write+0x7d/0x180 [ 410.179981] ? proc_cwd_link+0x1b0/0x1b0 [ 410.184153] ? __cleanup_sighand+0x50/0x50 [ 410.188395] ? lock_downgrade+0x740/0x740 [ 410.192558] _do_fork+0x19e/0xce0 [ 410.196022] ? fork_idle+0x280/0x280 [ 410.199746] ? fput+0xd4/0x150 [ 410.202948] ? SyS_write+0x15e/0x230 [ 410.206679] SyS_clone+0x37/0x50 [ 410.210074] ? sys_vfork+0x30/0x30 [ 410.213652] do_syscall_64+0x1e8/0x640 [ 410.217552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.222412] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 410.227611] RIP: 0033:0x459a59 [ 410.230801] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 410.238519] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 410.245809] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 410.253092] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 410.260369] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 410.267648] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:43 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f0000000340), 0x4) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r4, 0x0, 0x64, 0x2b, &(0x7f00000000c0)="31b1de6497c450d1f73d6bebf265f59a76647c12e8eb63980b1394ef452898604d81a35eaa6b23813e10ff332268fe7b8ebb654ac66c78c8f90cd94480b419ea6d0c784af1e126ca591e20d34a595ed0fe461a01ef58168557cff31b07fde6e16605e362", &(0x7f0000000140)=""/43, 0x9, 0x0, 0x6c, 0x72, &(0x7f0000000180)="6a794cf49d9f9fd00c82a277e070d74fc020c4bd4ec34a7054fca78c608e71f98f0aebd8f1c2e187361139810984b3ec0f8da9151f9f1bf8942ff23ffc11620d24e336dac3df7cf1006704292ba6d97f8db2179bd7b5afb76de7413a37a96a28fe2273ab7d915e03a2928c03", &(0x7f00000002c0)="64b50e2278f106c621c38aa747af13f4950372e7a850b7a137ef6bed5555d1b8fb27747bf611bf5b52edd3009b668a4873361322d1077418b7df1a1bbce6fd808a28189a70a9f7de1270743266447b7f8f5dc48c1a8e84393b58a9df6ac2e8414eac8ded61b7501411ec5af07cf77ab387b9"}, 0x40) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000000c0)=0x3f) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) ioctl$RTC_EPOCH_SET(r0, 0x4008700e, 0xa9d4) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:43 executing program 1 (fault-call:17 fault-nth:32): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/cache_stats\x00', 0x0, 0x0) vmsplice(r6, &(0x7f0000000340)=[{&(0x7f0000000400)="b91d8df6f9579d1a4f42e684f5c613e8606e92904623739c749f1f74cd14cafb2f7b1c8e9ecaa1507d78100982c1b9aa09de8df01dae967955f99b2e3c848d387636ce31659269200c2dc0ef50b39ef596759d10bc8ba9ab1931ba40532c1f70dd192fd78ac156f9611ed9c57a318b14b47d114b08d864fd6403b7a7f364f5548bc38888fdf63b257d416a218c7d0a92c7ade3051e", 0x95}, {&(0x7f00000004c0)="c5c028560a9638e83bfa99f26e0f89c156e350e71654445e6676117f1b1c693dbb2dd6639398178f64a3802bf097275ffdfc7b1c9a7c86757a1e8713ea8e1a43d26b39e3529c5ef47698e81e449a86f16732f1e107b31d372aceb252207098aea8c82b68725ed7c8e34faa7fc6d47f42aa55b7f5895fb2d7826f784ef84f7794ade139a121765efaa66edd0a4b18972d18db5d51c23c330b586d0a160e7369bdb0838ffe1e889b678c910ce278112352e86e20afd187aa5bb3ddab66", 0xbc}], 0x2, 0x8) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="74000000240007050000000000000000000000000d32d2852ffc0f65cf9ea6f400a6e02d0f42c18561d3cef49c83075d2fa34594ec6efde229424496b6dedb05aff19aa169f537fc3385feffc7c8bfb39e44e0dcb76aa004d77a5c587c9476dd74285c978c58091eb24c361f33014733218e6f0b421846ae2796254aace9fdddc8c8ae", @ANYRES32=r8, @ANYBLOB="00000000ffffffff00000000080001007366710048000200"/92], 0x74}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r8, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) fsetxattr$trusted_overlay_upper(r9, &(0x7f00000000c0)='trusted.overlay.upper\x00', &(0x7f0000000100)={0x0, 0xfb, 0xa3, 0x2, 0xe8, "be2cebf060dabd2500e43f1652054de5", "a2798f6a297dcf47c7cffb4e09dfbce8cdab7cf0ef25af09f2fac0c1b714d16e78244882988eea90812f500ad01662e3ef916b18eee95838b119c2995702215a1187973eba8bdad187371fcdbc5da447a1b8d370d1437183928d6ddd5aaca643061cdf53db1459919055f245abec5abbf6f1f06a99823fcc0441fbc56022b079f50cbaaa9bc4ad5d1af57dfacdba"}, 0xa3, 0x7) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 411.021097] FAULT_INJECTION: forcing a failure. [ 411.021097] name failslab, interval 1, probability 0, space 0, times 0 [ 411.033003] CPU: 1 PID: 21546 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 411.041058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.050415] Call Trace: [ 411.050435] dump_stack+0x138/0x197 [ 411.050452] should_fail.cold+0x10f/0x159 [ 411.050467] should_failslab+0xdb/0x130 [ 411.050479] __kmalloc_track_caller+0x2ec/0x790 [ 411.050492] ? kstrdup_const+0x48/0x60 [ 411.050502] kstrdup+0x3a/0x70 [ 411.050512] kstrdup_const+0x48/0x60 [ 411.056723] alloc_vfsmnt+0xe5/0x7d0 [ 411.056734] clone_mnt+0x70/0xee0 [ 411.056747] ? lock_downgrade+0x740/0x740 [ 411.064874] copy_tree+0x33b/0x8a0 [ 411.064891] copy_mnt_ns+0x11c/0x8c0 [ 411.073422] ? kmem_cache_alloc+0x611/0x780 [ 411.073435] ? selinux_capable+0x36/0x40 [ 411.073450] create_new_namespaces+0xc9/0x720 [ 411.073459] ? ns_capable_common+0x12c/0x160 [ 411.073471] copy_namespaces+0x284/0x310 [ 411.073483] copy_process.part.0+0x2603/0x6a00 [ 411.073494] ? save_trace+0x290/0x290 [ 411.080364] ? find_held_lock+0x35/0x130 [ 411.080375] ? save_trace+0x290/0x290 [ 411.080384] ? cpuacct_charge+0x1db/0x360 [ 411.080394] ? save_trace+0x290/0x290 [ 411.080402] ? find_held_lock+0x35/0x130 [ 411.080423] ? __cleanup_sighand+0x50/0x50 [ 411.088439] ? __schedule+0x137b/0x1cd0 [ 411.088457] _do_fork+0x19e/0xce0 [ 411.096123] ? fork_idle+0x280/0x280 [ 411.096133] ? __schedule+0x137b/0x1cd0 17:46:43 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 411.096148] ? pci_mmcfg_check_reserved+0x150/0x150 [ 411.104157] SyS_clone+0x37/0x50 [ 411.104168] ? sys_vfork+0x30/0x30 [ 411.112697] do_syscall_64+0x1e8/0x640 [ 411.112705] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.112721] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.112728] RIP: 0033:0x459a59 [ 411.112733] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 411.112742] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 411.112748] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 411.112754] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 411.112760] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 411.112765] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 411.273551] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'. 17:46:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x4000000, 0x10800) ioctl$UI_SET_PHYS(r3, 0x4008556c, &(0x7f0000000100)='syz1\x00') perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r8, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x304, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400a210bd1c010000000000", @ANYRES32=0x0, @ANYRES16=r8], 0x5}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r4, @ANYBLOB="00000000ffffffff00000000080001e47266710048000200"/92], 0x74}}, 0x0) r10 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r4, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) recvmmsg(r10, 0x0, 0x0, 0x0, 0x0) socket$inet6(0xa, 0x5, 0xf7) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r12, 0x407, 0x0) write(r12, &(0x7f0000000340), 0x41395527) vmsplice(r11, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_init_net_socket$rose(0xb, 0x5, 0x0) [ 411.740286] netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'. 17:46:44 executing program 1 (fault-call:17 fault-nth:33): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:44 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) read$eventfd(r0, &(0x7f0000000140), 0x8) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) write$FUSE_STATFS(r3, &(0x7f00000000c0)={0x60, 0x0, 0x7, {{0x0, 0x91c, 0x43, 0xd5, 0xfffffffffffff801, 0x8000, 0x7, 0x3}}}, 0x60) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = syz_open_dev$vivid(&(0x7f00000000c0)='/dev/video#\x00', 0x1, 0x2) ioctl$VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000100)={0x80, 0x2}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb, 0x1}, 0x0) fcntl$setpipe(r3, 0x407, 0x236) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 412.002781] FAULT_INJECTION: forcing a failure. [ 412.002781] name failslab, interval 1, probability 0, space 0, times 0 [ 412.014281] CPU: 0 PID: 21594 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 412.021309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.030676] Call Trace: [ 412.033274] dump_stack+0x138/0x197 [ 412.036904] should_fail.cold+0x10f/0x159 [ 412.041050] should_failslab+0xdb/0x130 [ 412.045026] __kmalloc_track_caller+0x2ec/0x790 [ 412.049693] ? kstrdup_const+0x48/0x60 [ 412.053570] kstrdup+0x3a/0x70 [ 412.056777] kstrdup_const+0x48/0x60 [ 412.060488] alloc_vfsmnt+0xe5/0x7d0 [ 412.064209] clone_mnt+0x70/0xee0 [ 412.067649] ? lock_downgrade+0x740/0x740 [ 412.071880] copy_tree+0x33b/0x8a0 [ 412.075412] copy_mnt_ns+0x11c/0x8c0 [ 412.079113] ? kmem_cache_alloc+0x611/0x780 [ 412.083422] ? selinux_capable+0x36/0x40 [ 412.088361] create_new_namespaces+0xc9/0x720 [ 412.092857] ? ns_capable_common+0x12c/0x160 [ 412.097263] copy_namespaces+0x284/0x310 [ 412.101325] copy_process.part.0+0x2603/0x6a00 [ 412.105912] ? proc_fail_nth_write+0x7d/0x180 [ 412.110419] ? proc_cwd_link+0x1b0/0x1b0 [ 412.114502] ? __cleanup_sighand+0x50/0x50 [ 412.118747] ? lock_downgrade+0x740/0x740 [ 412.122892] _do_fork+0x19e/0xce0 [ 412.126348] ? fork_idle+0x280/0x280 [ 412.130069] ? fput+0xd4/0x150 [ 412.133272] ? SyS_write+0x15e/0x230 [ 412.136988] SyS_clone+0x37/0x50 [ 412.140363] ? sys_vfork+0x30/0x30 [ 412.143907] do_syscall_64+0x1e8/0x640 [ 412.147797] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.152643] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.157922] RIP: 0033:0x459a59 [ 412.161106] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 412.168818] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 412.176074] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 412.183352] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 412.190614] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 412.197881] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:44 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:45 executing program 1 (fault-call:17 fault-nth:34): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) readv(r1, &(0x7f0000001940)=[{&(0x7f0000001880)=""/184, 0xb8}], 0x1) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) pipe(&(0x7f0000000240)={0xffffffffffffffff}) setsockopt$inet6_icmp_ICMP_FILTER(r7, 0x1, 0x1, &(0x7f00000017c0)={0x7fff}, 0x4) socket$rds(0x15, 0x5, 0x0) vmsplice(r6, &(0x7f0000001700)=[{&(0x7f00000002c0)="3597a302867636aa5c4319d3eb45b1470569666d8dd1124ce18cd442022038f17d281db8749df454c6a85d89d93abf25d1a485a9f14cad9dbc257bf7db77f8801061c7807cd64a6ac5866c297082fb2a5f90b9815f2accae020d572d0ff49f4cbd8c4b2e3a92b8aa7b4ef2a54d7b71973e89a34221d7f171d54b7cebc8123620b3c37ec33a22c2d230076c7106b39cfd6d2adc2d79ed6e6b6c7ed0ecc29dc0cdd61ddcb0a9e757ca76ab95ddf8847bcadf977fd39f0150bf460e4fb1d54cba7880e8f8a772d3fffdfae6d1f04634fb1e1930c416a46ebaf6822238864ebed434dd633a7786879e21d16878601d63f1146c67a9cdd5d5f64da5f6180466cb9094c8d4774d68f569ec6b1ee10b721dff396760cb281a776669051e98f63e301172894e5aa7e775d6946626ab74fbcf3761617187ce3a8e296bf36afa9438518c7b9f79726f3a57651261775f38078f7862599ed50fb86d505094ce8f587f222320bb67bc735f5e74d719dccda53fd5d0a736bcfe5513d867b1e39e6db04b886b5c117309d5418466f96fef4077ee887662b26df1350c5784f6502d7d5705c844a4e43828db769ff3fd3aa2513146026026d358a74b019143f786c5a656bbff7618fe47f9c529e27a04418bd0bd4d95cd616307508d805e27c53d806b0ca52de568eaebff5598a8452098e91c9d3abc9bf618fb5a89066a1944eeee368742a89a8d90e52584dbba9113ddae96c25321cb251d2bd17425e046d11c2056e9ecd42dc2ecf24b92aff1da1551f3a263bc390c7065a52b8ec880099138fbc2c54c3d065df26d7150efb03a9f596c2285ba4db0989e48e3351b8c6199c077762e5c7a4faef9fda05b86ee17ac94ada27b9d316a298921d5494571aa5663ed1fcfc578c74ecf547572f2072d2d59402846eb0aad3d01961cfa22ee22221eebe71cefe70886c37aed6e0c57c14a7cbc57edda01f3a3359eba8805434ef50a91cf6026e64e1db31f87e2deba3bbe45786bf4d22c97b5a1a2891b9d1a545050bd7798cf83b58125e1ca8ab0423057cca9f172c0412b5392c61878430614b19e69d6df3afb897113f4ab03705e358fef83cb2f0bbd72792510b9c5862c7ad8222c5f6b0f0d9a4c0d16d2444825de40b7ee109d1de7f347f2b008ef016ae85c378a7af022906de9d39f1cb11667a2dafab15cdf283d5273c49c3a4625e6fedf96717088514be2786c15954b2b8479cdb7a282e84b5bb3b60ec525bad3ec581dcb2da4e1abafa3f378e4c9bcbf1b05107d0e621a9ffdda28bf5722b0001b73209854d5609877864db673065651880183997d24eeab67496225988aa5db5ca855190c14d60ffe22ae0bf1121ae67a1a68d2d7370f36f68d85dab1749aba456b1f5db329b67c3e89a928aa78caa00314c4409135662145e668ee1717d6e1343880854901f73b04e6108cbaa28f1836034e53f09a1ce29b215dcabb40ad95b456bb5496da862e82d671c01ed5e3a70031bb63f2eaac01dd6ffd535da352a370ea1bc023fab6cb0350dd32f206a098468a80465427b4acbd8686e52e29231c2fab90c930389e87c2cbe358ea211600b7fadb8d2d34c3a91c7000a33e8abb2c715695ed0d8b6fbc791ea0a95a57d5acad02aa116d90601bb71f0898a373913cc8ad3d0c3fd4af58a65acd9530a812603bbbcc8dbada90ae4810249599a821e3b321c2fb0fab8069fa16435fc5f41094f3093c03bc87b2077927acd0e03b578b90d07e56f1a7fc87fe445dd94f2366a2e873c56085f914c1297c8a3f45a59ab9c22533af27ad244d2acba9e3db86242da37eb53ddc36dcf82ea81bae4742a7d2672c0edf2351c10230b9d47c519d1f67d0739c33bf8badb3c63777134a3a72fdfc518179db8bb930b65e95df1de85394d3c8b6c5b296baf8f656e2a34b6a4aa7acf729e91c3462b0352e9a7a9032998151be9b13945f445cfa3cf0f312afa7427b8f1c08ed9843d143687e167582d3e00ab20e84feaba957afc01151b24a5840940a3a348b5db2f188a1f3a8b55589f9dea3a7ee681efcecaa191f69d076cef85e1b523efe432bdb91c17c3a2be5d4a65c81d8657df8f7dc1db125088580c7fded11d469a79d3361ab6d9f90999dfa7391a04d8db90b47fa622604b5fb00248216090b1935e6918c477632fe469bf722ba45bfb0d415588c968cf1426e816280d5f997c152b346da1bddb30dc0612822edcffee5163288b890b59385f0ec5865d3efd04f5d7607eb3c6f60228c14da7612c09112ae41acff161f4cacf7f4c988cd544e00c7a9d1bfde06e39c46da8381abfa4b19843816fed193f955bb3dc74ed70d1331ee1b8ec7336cfd0fc9f557a77436f30ff39a9a204141bbdcbac82543cb2673317eb476ada78df2035752e39fca15508e5b40096f780f8621d2d971b9a46e6cd72707a6bfb88d72098ae67785f23aa97f73c1ed474c9164bac5e71145fdf26fe6f1ecb470fabd5a7f605b2d75ff972341f908b8ea81b40542032bd9c221cfad8d616863ed552fbb345d0d60603ee396c6f3c695da9c6c0ccca7687faa437d40cf5c547f53a2daecb7377f15558912fc534904bbbf01c7ad944818edb9f26c26ef8d13ba86fced8fe3a9578f40d89850564871383167c7afa5c726cd9c9b4570b8bfd28ed6cac00327331b216c0682922a37a3a2ff67fab42adfeeadebadb9da6e6a463b46b7a60f4bf3daa597c17341d3bc9bce55ffaa8047493cf353f9f5afce9aacca517ed621d9c40e5df90b82ec25c739ac6c0489313d6ea2fa8f96f3fe6dc2bef03f9e128917536b5bc3773f8201376c64a1fca88184b93129f2150f439618b69330b0cba7da3d98c71cf80b766d919b4464300b0e0ccab99bc17f39cbae9eacf9418c745dbb988d24b765c8be15ab5d550d0774988cab2b05bf7b902294091ea1269b19a738b27b0fdc2c1ce2bec754319c05c7e37237fe7c02675e7ba4f17c66672ca1574731428c7e5a40f9dffbd40e1cac01a28ae4cedaa649e4b1853cdafe80a89ac5f641bf4888e25bf644ce185f2562bc0371a9959cf7659e44e4de7d7dbddd1b08758b07109bbaab9ef1a1f3fecbfc4b2c00384b3f788791c39e4ac4870bc45fcc0c5c24b205148a085e0f46abe170cb8318cd8e962a4e5982b3cf99f98b72e7267718f123a58ae20d83a5d9bcc2d2986745551bba33d08b71701cc533970df9b84a7a11d99d29081e3630b2d7d4726ca762a363dc93436b3df5220748ebf2230e665fad5866d6d0c827efa81b715013962f950946c926d2a0e51c521d0d9b797e237222b1f8fa25109556f666eeb800d46d1fc3c10cce9b02d3ab7cc42b5a5f4744cd65747c9a8a9f75acaa66e71b32e45b730b05ad4d07cd5a475fc1634c68350098442e188ae0aaa54bd1b49becb5676d5ec0698c05232a53984d6c01ff4f733af0bfeb260962f28de89a3d7f848bb0508e78c10307e19b2c055b79fab98c2fd557c78c1810d7e80b0f82f6efd37404943229c14e4a8442c8319d1c76a274f3b633effb9dade084ba567199608627110565c6dcd15e655078c9e1207468e2e35a1ffab27ba7115e2d0ceb1a32418d4102876d65d293d8d7b8e3fb0356ab93456c70005ce8152f91042fcf744c7423617d085a3def5ad53d8be5e0e7ba84da2bea9bf0ccbe08a9d3d85280f319b51cfe38549c15c6073dbb284cea2717b960db1205e7e0b9174508946eefe1f537686c11fd6927f4b565393e21a6ebf35c78ee7ce997c36b760c1c79b89c6dc8d7e5f4e12b9e04aaa9ac74b3c4edf84fb494ed19e86e9c96a8e7e1f1a7c9ea71c9e3c1ab396dc152848506e3094e016a20dcd2e2931af71b4400c19600137826fc5b1613a3316ed5fcc15d24e60e029e8a996a45537bb2a3a941c811e090c37f32a5e59c4bd0e6613bf2c56337d42e767c8e9d9d0d7661977dfd56f16bc7ad1dc094e21ba65f723a0d6aafa9f293f7df910e999d263a72795c9b37e6ff8fdd74212eac12fb062bab4297e3609e285ae6339a9a796f2cffc7d16759e364a2a3ba52ec20800555239d4a791aef9e851700136e6678492d3a3ecf2674ecdb23be9a8361c27e75e27a2325543b2a9bb6dad31846cfccbf55cffdc47d8d29e63d183c07f2a883852f60ea3d16f238cbd5aa084255086704dd96fecfb941cbaa2adbb14f89010ddda97a6b31abbb8d6e6bf544d011278f10ade95cdd23fbb38d70361c9d043845ed98c84522125b09f6c276c58f315bae58d24af8b6a667a8f69aa9ef54f206c906bd08b7c6d494615e4d92c3cfa6e0d65b36f6f0c32d80aefd7554b3012cdf2c16ce79697918295c4de4c266a9f06a39e332788211f576bf2be883ca5496a2ccc7e789bdfd9f6468841c0680e815e4e001f6a3d88cc65139d23789e10e45a0003f4bfd5d2c21df23c484170b9c3547407ab8d1caafa8a726dbb9b8598d5570eee6ae00cd17a6df57e8de79692dc8ce327ed2ca8f52b6596bf90f034ff679c3d726fc4529d302097209cdf79c1732dd437452ee699311ef44b9bfef5f24418d5c0419a39e3b8be18db5d24195112a9b07f4bd6391b1393f297c4f602dad3d2324f837a19ec116611d59796492958c8021ddb1043e513e8b13a6638b4eaa8313874c5c7df3a42b5a2b96efea5e83420cee37a353b09fa8c53b2b49be5ba6905119431d897a76ca1189fcfedf748fd40f72470de9bd693aaf2a6fc60bbec2bf030e6b520874446e1a5cce2e870d63bfdbf547798b33fec6b045f8479c3926ceb130b0e858dfcb5129890e01ae066face2ad76a1e37a5b83134beb72a1d7a07e51ed9fedf2de355f529abad2984a6727f3962858285d694e8ddee7c6539b97dadbc939a97d0c273517f79354f636e991f3320425c416902de56d15ac884a8837b2e29997f038e3ad018dcad1c003ce8bb9d78a3e5873c4b077bdb1746cc5f6d4a810e96ee188e6ec64dae0572279737c09e27ac735661c4f3f485a71b56b853d0f06503e9b4255437757e9506bcea4b2eb1764e35b4cace6f6055572a039e7854fe998b20e845c5a3534a7208d8f6dcd1f61c62d79669e717d9efa331a7d79c81afd0b0f520bcfc543a5ece68b9af01e6e5ce1b64abe1aab1711f6771ddcff6a88e2b34f31520792270f928b0b6bdf06a40d67a6d91b0d4bff27fe62b4af334ed8f87cf00a5d9384df6130add84ac70bb83520176f03d4ab1f7d833d9dece00af3ba7eb11626fdcdb711fbed463bb07cbaddc0dd8209d3796fe92f1d35057b8a91327e0183f1387050aaf22cb82480cf772d9a6a629fe18bd4dc46822a4e583e79a0868b0c7019a408609b2bdd9a8dc50727e2b4fd343f40575eeae3a618f336542fdfbff0096826c24915520dcd9d628083593fa72f5344873117d9b0900f320fef30088297d78e74abd79707b264828c43a7fb43c0be9b83b283084e3acc90f2179868cb3b7d008ed7175fc5af09fae9f7ae0f4da34a5bd8ea097735361e03a5bbb95ea9efe975d6ad00e0d6a11e0b58c0850600d0facdce525850e6b1fb301fe82af0214fe61ed5fc25ded7448442c11f0565ad749743af4f283b6c9a0acb192487288cb472ee07edab0a4b01abbc003a3409e514ecae13af5997266d0a62ad6ac618bd4d5bfd027eeadd24a5b15e3707d4627cde744cbb3c1c930459a3d1bc171a8d4897fe33258fafdfcc92754bd5a2f8aee875bfa682ef26efc67574698e40d060c1256a5638ebb3e11a90a9e6695854a3d681364e93d7f69d9d96045044191b49778bdc54d15202d7dd7e1cc909", 0x1000}, {&(0x7f00000000c0)="7c46474f4b251f435cfe860d9376b188842aac22766409a582c1b7d5726cdfcecfe88abd48e948cdca4aed19013a364a52a2e7c2b3c23a7546d9e8091a0a9e14aa56d5e07a2c1fa11abd266df5f172948a5c2a30017673e6df537e1b91e615a457bfc164bdd02f405b510c9e40cc2e58717d39dbe89b36b3d55db87827fbdad1e7a65f89fffe65c9e6", 0x89}, {&(0x7f0000000180)="9eb38a655beca713bda53a64020573af6f14109f34ca985a2401e09e8d57f48956b3f7dfbf106354adebe9f5decc645b07dc2f89", 0x34}, {&(0x7f00000012c0)="1db0a9cd4dccad9d680653540ed4e54376b87ddc6d2a77f22e464e1e5369959ed93f6709e8e6961a3b19e85ad8940ef287f98604afc21d657c7ddf837de85816b13118", 0x43}, {&(0x7f00000001c0)="35bc956990243af995eb4fafe750fddeeac38d34752aafbcc36b04816047b0be75f80b0552", 0x25}, {&(0x7f0000001340)="370e4c065e3c569b68ad6d9c5a79dd79a5e76ff3ca9bea05550cf7f94b1320ab82e54a8c52c327537e40b2b09dedb65449f7aee3847ec121abe470332a4ee1dfd4c0503bd52ff5f0644bf596eedc7cfcbcd912c5f2136beaf3615e34e05984c0d11c363700de3b6a0557c4f424ba8b3556b9756616f52116fe359297990532ef1ae96e5749dfb8e3119ab5a95c19a553575312a4d627568fe8977e7f8e05bb3d020b4a0b5cb3184e786a9ea33a5c3923c0945626121403da35d99f990d67dba1c492a0582a452d8e98f45142ed4ad7b6095baec3151908", 0xd7}, {&(0x7f0000001440)="2293976ccc15e78b3c40e1f7a1c09a819138623e0db0b83c6d3ed6d61773525351ce05d5ecd4261aa3ef34426240675b61645af503510d86a224fdfcd9ec9fb8f287b8a3f06956fab9c1f5a17868211e159127d58f67f2d1316fac962025da8cd328622571e1016b6e12ec290083d88156dd12f81dca6a91083a84a3fa40dd7d4d30cc392e1fe37e8cd400675945d2fd7b69d3f503db96b1976256a1f9f890724cb567b845e76086bbebdafcd5759419c779ad3d5cf1b07fa63e868a3b09f0afda82d8b48b238d333caedb8afcb34861bf795a60ec629d8c0a4870259a64baac08512e9fb826cad451fc617717084e", 0xef}, {&(0x7f0000001540)="aaac9ba6391fb7a138c9d28583224b053acc0ae71a5e0999ad0bf8d56dc0f6ffc221fde958053ce50d2ec34f5d0388e58d7013f3f42ff5eb1b44018e66819aa0ec583f817200590bf91d28f85aa2744abe328a1244957f2828acbef7521b35d10a368c4980082cd19623c6ae25b787a5b662cf2553418118c0a9740be868c0495311e2354c05ecce5a9de8757be486a80ae2cf55d9b6986676da3e62ed4a1aa7a9aab3d30652715670ea6daf51caf6c77df4a0", 0xb3}, {&(0x7f0000001600)="3de9267df577384322e9a31d0d8edf0f693f6a9c1d8159054cf1c88f1d31b200ba7c6d7c7aa055e546c95e54b047fd9ff82ec24774f014a796a0d3df21be7ed3c30b27ac909fbb7fa12d0cb9d50edf403b67f1838d153ee17ce2b9dc9bb68fa8770181f1ace31f38cba71fe020613a2d02dfc0049be16dec4085047d5e00f4a3109999267d3bb9fca6c242c794d3874a5508001e1f3668051aa807c7f904141358835026abc1ecace5619496e9936df259954231b424e774aecc3ed74c74d4bd480dc838e36130b7f0e9e4c4128762c08058efd71dc65f3a36c51f40e6094fef", 0xe0}], 0x9, 0x3) openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000001840)='/proc/self/attr/current\x00', 0x2, 0x0) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) syz_open_dev$video(&(0x7f0000001800)='/dev/video#\x00', 0xfffffffffffffffd, 0x80000) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x6, 0x3a) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) semget$private(0x0, 0x3, 0x300) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) recvmmsg(r2, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f00000000c0)=""/1, 0x1}, {&(0x7f0000000100)=""/170, 0xaa}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/105, 0x69}, {&(0x7f0000001340)=""/243, 0xf3}, {&(0x7f0000001440)=""/186, 0xba}, {&(0x7f0000001500)=""/157, 0x9d}, {&(0x7f00000015c0)=""/215, 0xd7}, {&(0x7f00000016c0)=""/4096, 0x1000}, {&(0x7f00000026c0)=""/150, 0x96}], 0xa, &(0x7f00000001c0)=""/25, 0x19}, 0x6}], 0x1, 0x18040, &(0x7f0000002840)={0x0, 0x1c9c380}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r7 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r7) ioprio_get$pid(0x5db1620a97f44ba8, r7) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:45 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) ptrace$cont(0x18, r1, 0x0, 0x0) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r1, 0x0, 0x0) r2 = syz_open_procfs(r1, &(0x7f00000000c0)='net/ip_mr_vif\x00') setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000100)='netdevsim0\x00', 0x10) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:45 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f00000000c0)="03a88891fe75926a0ea1664ca36f407c8d87ee0c2318c6608fc01bd60491a04e1bd564425a24283f2b967faa0155000000002000000000000000", 0x3a) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 412.954409] FAULT_INJECTION: forcing a failure. [ 412.954409] name failslab, interval 1, probability 0, space 0, times 0 [ 412.966041] CPU: 0 PID: 21647 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 412.973071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.982426] Call Trace: [ 412.985018] dump_stack+0x138/0x197 [ 412.988651] should_fail.cold+0x10f/0x159 [ 412.992789] should_failslab+0xdb/0x130 [ 412.996757] __kmalloc_track_caller+0x2ec/0x790 [ 413.001414] ? kstrdup_const+0x48/0x60 [ 413.005301] kstrdup+0x3a/0x70 [ 413.008476] kstrdup_const+0x48/0x60 [ 413.012183] alloc_vfsmnt+0xe5/0x7d0 [ 413.015929] clone_mnt+0x70/0xee0 [ 413.019393] ? lock_downgrade+0x740/0x740 [ 413.023552] copy_tree+0x33b/0x8a0 [ 413.027100] copy_mnt_ns+0x11c/0x8c0 [ 413.030814] ? kmem_cache_alloc+0x611/0x780 [ 413.035146] ? selinux_capable+0x36/0x40 [ 413.039217] create_new_namespaces+0xc9/0x720 [ 413.043715] ? ns_capable_common+0x12c/0x160 [ 413.048134] copy_namespaces+0x284/0x310 [ 413.052203] copy_process.part.0+0x2603/0x6a00 [ 413.056794] ? proc_fail_nth_write+0x7d/0x180 [ 413.061292] ? proc_cwd_link+0x1b0/0x1b0 [ 413.065365] ? __cleanup_sighand+0x50/0x50 [ 413.070564] ? lock_downgrade+0x740/0x740 [ 413.074806] _do_fork+0x19e/0xce0 [ 413.078265] ? fork_idle+0x280/0x280 [ 413.081983] ? fput+0xd4/0x150 [ 413.085173] ? SyS_write+0x15e/0x230 [ 413.088893] SyS_clone+0x37/0x50 [ 413.092261] ? sys_vfork+0x30/0x30 [ 413.095803] do_syscall_64+0x1e8/0x640 [ 413.099691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.104544] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.109736] RIP: 0033:0x459a59 [ 413.112922] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 413.120632] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 413.127905] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 413.135270] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 413.142547] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 413.149826] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) setsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000300)=0x5, 0x4) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000002c00010700"/20, @ANYRES32=r4, @ANYBLOB="00000000000200000300000008000100627066000c0002000600080000000000"], 0x38}}, 0x0) sendto(r5, &(0x7f00000000c0)="c4880a0f15a7171b47958f0326cb77b6644dc7719c6f1fbce1b159592a273bb9671b8c0d9d7c2674335d7cb418ddac3a5ad9da8736201441f990404e53372251480e72d3bc9dfba6d52ad0bc34158c9b4355b9c7ab6ecbb65b33f81339c284cb4ab5289fea9b0603e666c25ff8e470ea76f89fc7dfb8897b298ecca068de91a0ac3a4c20027ef9f90076cd1386a04cf6984dd8dfd850f59b24150c", 0x9b, 0x90418990b646612f, &(0x7f0000000180)=@rxrpc=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x80) open(0x0, 0x0, 0x0) getpid() r6 = getpid() sched_setattr(r6, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r7 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r7, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r9, 0x407, 0x0) write(r9, &(0x7f0000000340), 0x41395527) vmsplice(r8, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:45 executing program 4: r0 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r0) prlimit64(r0, 0x0, &(0x7f0000000240)={0xfffffffffffffff7, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r1, 0x0) waitid$P_PIDFD(0x3, r1, &(0x7f00000000c0), 0x2, &(0x7f0000000140)) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:45 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$VIDIOC_G_AUDIO(r3, 0x80345621, &(0x7f0000000000)) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:46 executing program 1 (fault-call:17 fault-nth:35): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_WINDOW(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, r4, 0x10, 0x70bd29, 0x25dfdbfe, {{}, 0x0, 0x4109, 0x0, {0x4c, 0x18, {0x2, @media='udp\x00'}}}, ["", "", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x4000040}, 0x24000000) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000380)=0x0) perf_event_open(&(0x7f0000000300)={0x0, 0x70, 0x0, 0x9, 0x4, 0x5, 0x0, 0x7f, 0x1000, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x80000001, 0x0, @perf_bp={&(0x7f00000002c0), 0x1}, 0x19, 0x8, 0xffff, 0x9, 0x401, 0x3, 0x81}, r5, 0xd, r3, 0x1) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 413.874484] FAULT_INJECTION: forcing a failure. [ 413.874484] name failslab, interval 1, probability 0, space 0, times 0 [ 413.885974] CPU: 0 PID: 21698 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 413.893028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.902392] Call Trace: [ 413.904997] dump_stack+0x138/0x197 [ 413.908641] should_fail.cold+0x10f/0x159 [ 413.912802] should_failslab+0xdb/0x130 [ 413.916791] kmem_cache_alloc+0x2d7/0x780 [ 413.920959] ? find_held_lock+0x35/0x130 [ 413.925032] ? copy_tree+0x4a2/0x8a0 [ 413.928759] alloc_vfsmnt+0x28/0x7d0 [ 413.932481] clone_mnt+0x70/0xee0 [ 413.935939] ? lock_downgrade+0x740/0x740 [ 413.940097] copy_tree+0x33b/0x8a0 [ 413.943650] copy_mnt_ns+0x11c/0x8c0 [ 413.947371] ? kmem_cache_alloc+0x611/0x780 [ 413.951719] ? selinux_capable+0x36/0x40 [ 413.955800] create_new_namespaces+0xc9/0x720 [ 413.960400] ? ns_capable_common+0x12c/0x160 [ 413.965176] copy_namespaces+0x284/0x310 [ 413.969253] copy_process.part.0+0x2603/0x6a00 [ 413.973865] ? proc_fail_nth_write+0x7d/0x180 [ 413.978374] ? proc_cwd_link+0x1b0/0x1b0 [ 413.982458] ? __cleanup_sighand+0x50/0x50 [ 413.986706] ? lock_downgrade+0x740/0x740 [ 413.990885] _do_fork+0x19e/0xce0 [ 413.994355] ? fork_idle+0x280/0x280 [ 413.998084] ? fput+0xd4/0x150 [ 414.001286] ? SyS_write+0x15e/0x230 [ 414.005014] SyS_clone+0x37/0x50 [ 414.008387] ? sys_vfork+0x30/0x30 [ 414.011949] do_syscall_64+0x1e8/0x640 [ 414.015851] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.020717] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 414.025911] RIP: 0033:0x459a59 [ 414.029102] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 414.036820] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 414.044119] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 414.051398] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 414.058675] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 414.065953] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() setrlimit(0xf, &(0x7f00000000c0)={0x9, 0x4}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) write(r0, &(0x7f00000000c0)="af7caf4fbdfb2036b96df7e5efc531f837a0286e5cea1bb239a8b368bd3fa4c553c6944f0448d06d8ed9598d9a58086b484baa603daafc20c3de11e7c853f1693ef48d26f71be981a20ac7c15fe43ed793d4ae45ef8a311a6a1173b581fc2f1d3fec4d3abd261577b8820d3d8eb529c94b8f574912ca9bcd4de13dc768d2bbce0fd3f74e0bed2754e9bff561455270", 0x8f) 17:46:47 executing program 1 (fault-call:17 fault-nth:36): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x4}) getpid() r1 = getpid() r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) dup2(r2, r5) sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r9 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r9, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r10, 0x407, 0x0) write(r10, &(0x7f0000000340), 0x41395527) r11 = gettid() sched_setattr(r11, &(0x7f00000000c0)={0x30, 0x2, 0x1, 0x5, 0x0, 0x0, 0x8001, 0x9}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) syncfs(r3) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 414.908683] FAULT_INJECTION: forcing a failure. [ 414.908683] name failslab, interval 1, probability 0, space 0, times 0 [ 414.920143] CPU: 0 PID: 21742 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 414.927799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.927806] Call Trace: [ 414.927827] dump_stack+0x138/0x197 [ 414.927847] should_fail.cold+0x10f/0x159 [ 414.947563] should_failslab+0xdb/0x130 [ 414.951557] kmem_cache_alloc+0x2d7/0x780 [ 414.955718] ? find_held_lock+0x35/0x130 [ 414.959784] ? copy_tree+0x4a2/0x8a0 [ 414.963533] alloc_vfsmnt+0x28/0x7d0 [ 414.967261] clone_mnt+0x70/0xee0 [ 414.970716] ? lock_downgrade+0x740/0x740 [ 414.974870] copy_tree+0x33b/0x8a0 [ 414.978417] copy_mnt_ns+0x11c/0x8c0 [ 414.982132] ? kmem_cache_alloc+0x611/0x780 [ 414.986477] ? selinux_capable+0x36/0x40 [ 414.990557] create_new_namespaces+0xc9/0x720 [ 414.995236] ? ns_capable_common+0x12c/0x160 [ 414.995250] copy_namespaces+0x284/0x310 [ 415.003720] copy_process.part.0+0x2603/0x6a00 [ 415.008311] ? proc_fail_nth_write+0x7d/0x180 [ 415.012837] ? proc_cwd_link+0x1b0/0x1b0 [ 415.016917] ? __cleanup_sighand+0x50/0x50 [ 415.021163] ? lock_downgrade+0x740/0x740 [ 415.025327] _do_fork+0x19e/0xce0 [ 415.025340] ? fork_idle+0x280/0x280 [ 415.032507] ? fput+0xd4/0x150 [ 415.035705] ? SyS_write+0x15e/0x230 [ 415.039422] SyS_clone+0x37/0x50 [ 415.039431] ? sys_vfork+0x30/0x30 [ 415.046347] do_syscall_64+0x1e8/0x640 [ 415.050240] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.056076] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.061271] RIP: 0033:0x459a59 [ 415.064456] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 415.072162] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 415.072168] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 415.072173] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 415.072182] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 415.086707] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:47 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) bind$alg(r3, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58) ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f00000000c0)={0x0}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000100)={r5, 0x80000}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) sendto$llc(r3, &(0x7f00000000c0)="2ac2589227360d00ff63a8aeea0d72fffec38245538c1518ee245ed06fa952cf7aef1e9c5771560a14c95f94c3f461c4cbbcc6cfabf0e7bd9f1a6f419d88e3834cbc031b3a54813c75a84cd8aee203e9c7a7fa3653b85ebe9d1f9373d1b28693fb986eba2d5640f229e583928f09850b46cd21fe0e283fda9977d67e454c15e7db14aa640f44337b826f6014696d89239386042660873718c3ceb48fdf89d721d494c28ef06bb9f62a2a023e8d5bb0655e709ae1446306d5fcc09111d7345b33e2c9c04ce1ee6ee65b05ff5299e8077009a36bf4c309074959547670", 0xdc, 0x800, &(0x7f00000001c0)={0x1a, 0xffff, 0x0, 0x5, 0xff, 0x7f}, 0x10) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x20004f, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0)='TIPC\x00') sendmsg$TIPC_CMD_SET_LINK_TOL(r4, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1010000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, r5, 0x0, 0x70bd26, 0x25dfdbff, {{}, 0x0, 0x4107, 0x0, {0x14, 0x18, {0x0, @bearer=@l2={'eth', 0x3a, 'batadv0\x00'}}}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x22000001) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) write$FUSE_NOTIFY_POLL(r3, &(0x7f00000000c0)={0x18, 0x1, 0x0, {0x6}}, 0x18) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:48 executing program 1 (fault-call:17 fault-nth:37): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) set_tid_address(&(0x7f0000000000)) [ 415.830687] FAULT_INJECTION: forcing a failure. [ 415.830687] name failslab, interval 1, probability 0, space 0, times 0 [ 415.842235] CPU: 1 PID: 21792 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 415.849270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.858656] Call Trace: [ 415.861269] dump_stack+0x138/0x197 [ 415.864916] should_fail.cold+0x10f/0x159 [ 415.869082] should_failslab+0xdb/0x130 [ 415.873074] kmem_cache_alloc+0x2d7/0x780 [ 415.877236] ? find_held_lock+0x35/0x130 [ 415.881306] ? copy_tree+0x4a2/0x8a0 [ 415.885031] alloc_vfsmnt+0x28/0x7d0 [ 415.888754] clone_mnt+0x70/0xee0 [ 415.892221] ? lock_downgrade+0x740/0x740 [ 415.896385] copy_tree+0x33b/0x8a0 [ 415.899938] copy_mnt_ns+0x11c/0x8c0 [ 415.903657] ? kmem_cache_alloc+0x611/0x780 [ 415.907988] ? selinux_capable+0x36/0x40 [ 415.912060] create_new_namespaces+0xc9/0x720 [ 415.916582] ? ns_capable_common+0x12c/0x160 [ 415.921016] copy_namespaces+0x284/0x310 [ 415.925092] copy_process.part.0+0x2603/0x6a00 [ 415.929691] ? proc_fail_nth_write+0x7d/0x180 [ 415.934202] ? proc_cwd_link+0x1b0/0x1b0 [ 415.938288] ? __cleanup_sighand+0x50/0x50 [ 415.943494] ? lock_downgrade+0x740/0x740 [ 415.947656] _do_fork+0x19e/0xce0 [ 415.951148] ? fork_idle+0x280/0x280 [ 415.954910] ? fput+0xd4/0x150 [ 415.958129] ? SyS_write+0x15e/0x230 [ 415.961866] SyS_clone+0x37/0x50 [ 415.965241] ? sys_vfork+0x30/0x30 [ 415.968805] do_syscall_64+0x1e8/0x640 [ 415.972700] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.977555] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.982742] RIP: 0033:0x459a59 [ 415.985923] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 415.993697] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 416.000965] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 416.008235] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 416.015504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 416.022853] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000000c0)=[@in={0x2, 0x4e23, @rand_addr=0x4}], 0x10) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:48 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:48 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = syz_open_dev$radio(&(0x7f00000000c0)='/dev/radio#\x00', 0x1, 0x2) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_NET_GET(r3, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80409000}, 0xc, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="38010000f182716af1fb5562235672a1b4fe00aa3c15644c36e912c3ec5803000000000000008e2196c6a5654eb333c2eb5ef74d5273c8df899e7b90b9c96d8ac75d4c48efe36187da0b5b5b5355ed9c01033c9f407a14aed61357ffe42fee36ad6836aeb401799f8ee7f1e07b8ae311c615a6baa514763548d1dd4ac764e20d84e9bc59184fd33559ea381aeaba917a99deb01ebf23847943aa4cc5f3f4f3f6e5f343ab07863b99f5032924ad242744d34be836292027f7a0555e9c427119c3e7ebe3d3ae6026ededba2afae0bd36369fa59eb792a7e60a0f9b655e3f731b3c2a2a49b7e65e7c746c61423a0d7eb92bb774000000000000", @ANYRES16=r4, @ANYBLOB="000c2bbd7000fcdbdf250e0000002400020008000100ff030000080001008300000008000200010000000800010005000000540009000800020005000000080002000800000008000100b50c000008000200ebf7ffff08000200040000000800010014ae892d0800020007000000080002000000000008000100000001000800020025040000500004001400010062726f6164636173742d6c696e6b000024000700080003000200000008000100070000000800030000000000080001000a00000014000700080003000900000008000100000000000800020004000400280006000400020004000200080001000005000008000100ffffffff08000100080000000400020010000600080001000800000004000200100006000400020004000200040002000c0005000800010075647000"], 0x138}, 0x1, 0x0, 0x0, 0x40001}, 0x1) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:49 executing program 1 (fault-call:17 fault-nth:38): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) ioctl$SCSI_IOCTL_PROBE_HOST(r3, 0x5385, &(0x7f00000000c0)={0x5b, ""/91}) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/cache_threshold\x00', 0x2, 0x0) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000000340)={0x7, 0x7}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="e908000000000007"], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r6, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f00000000c0)) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r9, 0x407, 0x0) write(r9, &(0x7f0000000340), 0x41395527) vmsplice(r8, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 416.793849] FAULT_INJECTION: forcing a failure. [ 416.793849] name failslab, interval 1, probability 0, space 0, times 0 [ 416.805348] CPU: 1 PID: 21835 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 416.812826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.822191] Call Trace: [ 416.824800] dump_stack+0x138/0x197 [ 416.828454] should_fail.cold+0x10f/0x159 [ 416.832620] should_failslab+0xdb/0x130 [ 416.836607] __kmalloc_track_caller+0x2ec/0x790 [ 416.841287] ? kstrdup_const+0x48/0x60 [ 416.845180] kstrdup+0x3a/0x70 [ 416.848378] kstrdup_const+0x48/0x60 [ 416.852097] alloc_vfsmnt+0xe5/0x7d0 [ 416.855825] clone_mnt+0x70/0xee0 [ 416.859280] ? lock_downgrade+0x740/0x740 [ 416.863435] copy_tree+0x33b/0x8a0 [ 416.867008] copy_mnt_ns+0x11c/0x8c0 [ 416.870726] ? kmem_cache_alloc+0x611/0x780 [ 416.876016] ? selinux_capable+0x36/0x40 [ 416.880082] create_new_namespaces+0xc9/0x720 [ 416.884696] ? ns_capable_common+0x12c/0x160 [ 416.889112] copy_namespaces+0x284/0x310 [ 416.893182] copy_process.part.0+0x2603/0x6a00 [ 416.897780] ? proc_fail_nth_write+0x7d/0x180 [ 416.902283] ? proc_cwd_link+0x1b0/0x1b0 [ 416.906358] ? __cleanup_sighand+0x50/0x50 [ 416.910599] ? lock_downgrade+0x740/0x740 [ 416.914757] _do_fork+0x19e/0xce0 [ 416.918217] ? fork_idle+0x280/0x280 [ 416.921945] ? fput+0xd4/0x150 [ 416.925140] ? SyS_write+0x15e/0x230 [ 416.928857] SyS_clone+0x37/0x50 [ 416.932220] ? sys_vfork+0x30/0x30 [ 416.935764] do_syscall_64+0x1e8/0x640 [ 416.939655] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.944505] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 416.949691] RIP: 0033:0x459a59 [ 416.952874] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 416.960587] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 416.967870] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 416.975144] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 416.982416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 416.989689] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:49 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:49 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x1, 0x0, 0x3, 0x80000000, 0xfffffffffffffffb, 0x1}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = syz_open_dev$swradio(&(0x7f0000000300)='/dev/swradio#\x00', 0x0, 0x2) ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f0000000340)={0x0, 0x6, 0x3, "a848aa02e2147c95ed80030c4629cd4b952e3dcf03470c095e1505f946878a9ad3a7b885172088302ea9b31147b720b3fb24c06a35d7e7dda45dd495", 0x36, "d399d6ad8f0a3b8d2a1449111272fdd556c4f7534625bf7e9cc68736b69e5611aed25b42f1560531b26d3fffca941d13c277c1112806e7c16ecb427d", 0x20}) open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) write$USERIO_CMD_REGISTER(r2, &(0x7f00000001c0)={0x0, 0x90}, 0x2) chmod(&(0x7f00000000c0)='./file0\x00', 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x73a2, 0x1000) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$packet_buf(r6, 0x107, 0x5, &(0x7f0000000240)=""/53, &(0x7f00000002c0)=0x35) setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000140)={{0x11, @remote, 0x4e21, 0x3, 'sed\x00', 0x20, 0x40, 0x76}, {@multicast2, 0x4e21, 0x10000, 0x3, 0x8001, 0x2}}, 0x44) 17:46:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r0, 0x0, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000000)='auxv\x00') ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f00000000c0)={0x1, 0x0, {0xfffeffff, 0xff, 0x8000, 0x6}}) open(0x0, 0x0, 0x2) getpid() r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0xffff) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) lsetxattr$security_smack_transmute(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000180)='TRUE', 0x4, 0x2) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:50 executing program 1 (fault-call:17 fault-nth:39): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 417.718207] FAULT_INJECTION: forcing a failure. [ 417.718207] name failslab, interval 1, probability 0, space 0, times 0 [ 417.729699] CPU: 1 PID: 21881 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 417.736737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.746098] Call Trace: [ 417.748708] dump_stack+0x138/0x197 [ 417.752360] should_fail.cold+0x10f/0x159 [ 417.756539] should_failslab+0xdb/0x130 [ 417.760530] kmem_cache_alloc+0x2d7/0x780 [ 417.765300] ? find_held_lock+0x35/0x130 [ 417.769371] ? copy_tree+0x4a2/0x8a0 [ 417.773102] alloc_vfsmnt+0x28/0x7d0 [ 417.776830] clone_mnt+0x70/0xee0 [ 417.780287] ? lock_downgrade+0x740/0x740 [ 417.784447] copy_tree+0x33b/0x8a0 [ 417.788003] copy_mnt_ns+0x11c/0x8c0 [ 417.791723] ? kmem_cache_alloc+0x611/0x780 [ 417.796055] ? selinux_capable+0x36/0x40 [ 417.800126] create_new_namespaces+0xc9/0x720 [ 417.804629] ? ns_capable_common+0x12c/0x160 [ 417.809047] copy_namespaces+0x284/0x310 [ 417.813123] copy_process.part.0+0x2603/0x6a00 [ 417.817721] ? proc_fail_nth_write+0x7d/0x180 [ 417.822223] ? proc_cwd_link+0x1b0/0x1b0 [ 417.826305] ? __cleanup_sighand+0x50/0x50 [ 417.830542] ? lock_downgrade+0x740/0x740 [ 417.834789] _do_fork+0x19e/0xce0 [ 417.838259] ? fork_idle+0x280/0x280 [ 417.841988] ? fput+0xd4/0x150 [ 417.845185] ? SyS_write+0x15e/0x230 [ 417.848903] SyS_clone+0x37/0x50 [ 417.852275] ? sys_vfork+0x30/0x30 [ 417.855828] do_syscall_64+0x1e8/0x640 [ 417.859721] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.864576] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 417.869771] RIP: 0033:0x459a59 [ 417.872962] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 417.880681] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 417.887956] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 417.895239] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 417.902512] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 417.909786] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x14) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000240)={r2, 0x40}, &(0x7f00000002c0)=0x8) sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)="475ca735b9c7dd771ad150e5c0731a7e0610f4cbab0fa1003e2737dc8ce79f5e8a8ea174275a4f7f96c2421290616926dcf74f1ad621a60b25029ad5de26e615862ae4dcd369d7bfaf5f2b1d447a48a81d9bbfda6d13e120634ac3381c8282eae5dfd86b38f02a20b504399c777f563d6859b525319ce510955bf5a37718116aeba80588269b035f96ad8a7e51c52a1e9aefee69260549e6e3a1dca78c641252945566e246e24b5f1271b0c0", 0xac}], 0x1, 0x8) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r6, 0x0) ioctl$KVM_ENABLE_CAP(r6, 0x4068aea3, &(0x7f0000000300)={0x79, 0x0, [0x80000001, 0x5, 0x3, 0x6]}) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$TIOCMIWAIT(r4, 0x545c, 0x0) ptrace(0x10, 0x0) ioctl$BLKTRACETEARDOWN(r5, 0x1276, 0x0) 17:46:50 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() getpid() r0 = getpgid(0x0) sched_setattr(r0, &(0x7f0000000000)={0x30, 0x2, 0x0, 0x2, 0x80000005, 0x100000000, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) linkat(r2, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x400) syz_emit_ethernet(0xb3, &(0x7f0000000040)={@broadcast=[0xff, 0xe0], @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0xa5, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @dev={0xac, 0x14, 0x14, 0x11}}, @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x4d, 0x3, [], "ca9a0bc65b20c51f445d77a49cae9fae9b400284fdfaf26b1ae6b5c889073bf0851d237a98e17f39e05a7b680a057239040ad67ac233c55882b4c6ab62f6a816989d2194e0599cf0aeb4ffc70b"}}}}}}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$LOOP_CLR_FD(r3, 0x4c01) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:50 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0xfffffffe, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r11 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r10, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) r12 = dup2(r11, r5) setsockopt$inet6_group_source_req(r12, 0x29, 0x33, &(0x7f0000000400)={0x6, {{0xa, 0x4e23, 0x41b4, @mcast2, 0x1}}, {{0xa, 0x4e22, 0x0, @remote, 0x1}}}, 0x108) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r13, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r13, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r14 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r14, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r13, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) ppoll(&(0x7f00000000c0)=[{r14}, {r2, 0x1}, {r0, 0x824}], 0x3, &(0x7f0000000100)={0x77359400}, &(0x7f0000000140)={0x101}, 0x8) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:50 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) mq_open(&(0x7f00000000c0)='nodev\x00', 0x0, 0x100, &(0x7f0000000100)={0x7, 0x8, 0x1, 0x80, 0x1, 0x0, 0xfffffffffffffff7}) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) munlockall() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001840)=ANY=[@ANYBLOB="48001fdbf7b3bd5f19001000050700"/26, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="000010662a4bd661b42923747b67574cbf55553083a7b05e"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) writev(r2, &(0x7f0000001740)=[{&(0x7f00000002c0)="4964ba7162a36cceece694666fda94ae9d1c7bde62c5e345891e4db5a313899199b8f22842a844a8a0fd508db13784ae1328130ff04e67c8f3d2197ba1196ff2b1de8ff5c917fb33c48362fde306f663ed375e045c488d76a0fe73affa71123c6a923a3cf76a0620c79a73d663b99bc8a2b5194c5ff4b84a23b406e97b79d3c0f6c0706000b6c377453ca08f88155462196d4a56d78f884e76967599d56f6434b37a0333db6250a204249482042825b8045644aef43d4095c6984840bb9d861a91ab297d2c837bc7371886f890aaf611f4a058a53ad86ab4a19613ede3", 0xdd}, {&(0x7f0000000140)="e2f1716e754cdaca280c2e854585f244a018fca727f279f2c31fe59b3a9ff8b7a1300950fb4c1f0df1660fc5e7758e21c4216e922acb7f9d5e427db728a80a8a6436da02a6ea84371a1502ae2773a6ee2f1b8c0dbebc373c037b3f5a9256a4093607de05b35497b3e3bb27c39cc710a355aa2af64f473d21651ae9783d873e5aff97d2256dd0a75f2a6dc8bfc90ebcbf3c", 0x91}, {&(0x7f00000003c0)="37fb82289206a1ace62e48ea0833bce760be952c844f93402217dca534ec26912b832383583079ff7593e627596cb7810753c27e4102c6908d3db4d437405a26322dd8b938c04ebf9d5eb007b6b2b76e2f43787c5ba3626dcdd605c905cb9949c8ef7c85ec42d3a97d11d3fb3e9fe10f76d94514ba432da1ee8285995d0523f149aa70f1352aa896d60d0685ceed951408d1de5340ba849d9c4b354f7d152ac81e8fce9b73101c28324e8c60ff0f6c12ab75063a1346fd2a5f2ec282e7256c64e4a1a3719c3499e127f01e1bb3f0266cad7cd6a5fb54cb5b64b74bf809c01ce2c6fffc36930f72fc4451a55907101c8c99bc152a07fa815853d235db", 0xfc}, {&(0x7f00000004c0)="35ea5015307d78226cd253a056772f0f2ea47ba32325e29453e36adc5b121b42ad36c88689ff9eca355a92098e83c3e2efa827b6e807ba2e5c056bf7d35fb77113c995ca627db4b1c001a0791f67717c5191384d9f53ab96b179382753bccfff1663e88e9c31628ddde7a096fc89762c9a008b66c2c28dd25cbfd273ec6888f5b89ffe27bbab2fdd031052b739146138ff549a4d7415caadadbffcc50adc139c8a524967a4eb89fb403a2266c7fba692564b995605b3f909add2285f810057b5a6ea152aa8d02634e17ab0bfa5735893e2b1bf6ccb7dcab9df661a34bf34af984e5e276f99c4e1ef05fb5c6fec281210182ee50ded9da2d55a71d2736a7b76a247581959746d85b1a9015d5c9a12517d1b1f6f88304680264ae07942cf71033dceeadcb7a79e653d26aa87731363f021f601ce7b6a44266166fd6a355e38adb93237e6491c02f0326be343c5f66a32dddee370f4f4cf45737bcebe5fb605536db44d1461dfa6f5587ce0c123308679b760d5f81412ebc5a3aff4c345cae8af07581e230fbff33b8c47efa5facc581f0afd0c617d68be72bf6a40c527ef796e886b2c2d53853563894a0c70037cbd9381cbcdcbc5c3484df7c81640ec6b9295ef5b46c81e434887a387bea6249e20e2672b7f2f2ae4ecfec7236400491daa974add8c22b0a1f6266190ed6d9f03acc9c4a0203d7ab054497e8c5131acec0153db2ea7fd8180febacb07a8fe327379e7884ebd5f536dba6baf10d8c4df43bf7eb661bdc2e02564e0614d3afe94f5c0986feb4bc081b3fb6ac0a2def5807dd37fd2e8f5fe040f7ab622a5b8a2c43c6e553a53ee4d1150168449863d181f3c71e067c82ff9a1726cf1b246cf6e15d6e61581122ff13787c23a483be6bc1d354bc927ee285c8113b0b6fafd41fe51c88dcb9faf7fd40b1679219791b3e6785984c932d392d6c4fb1c6f32c10bbae48f60f6c019a37acca731cb15028333c3c04bbda9e4b45b67f625d62bde68ad3c75e1be2ff0e7ac8be1d01ae4625a32928c27169a072aa7ebd613c901d8761c395d7fe3969f78d996c56ca3d4208cb2787b16495416ea87e1663a4f8ab9afb7f8a89294aa26c7fd02347a08679e30087f33cb2f8e7263e7072494ee4c29c09869529c53606720298e5ef01ebfc8686fbec8a458e7ce12ba5a4694ea6fbbff4de1a88fe39801ce02eca1b24f1194782c0c3fb3119d926d47c17ed6c72d4ae39ab2318eeefc8637b729e8f2933c92bf113e86da23e36befe698d6ec0061f2c35acf80256dbf29bca4c7c539111df767775c8a7647fdd696c9f00e07ac8c7bd579dde38b61a8164486cb934090eb017f6a71eae2ceaa0e2d0559729c8947f5c4a6644939031d7fddc86d53bbc8851fa2ae772525e9174e14f66c7e1c5d62d30755ffebab3114a668a80fa948d334429e9d0bb3cc074ec3cccc5fcb29f5eee0908f2f350e981521e1af4a2ab43117a0f99b228b3d82eff0efe6414abc1d90264454a6a015335a0ea28ecbf3225b11b02a0ab614e9e731ed89d0cb858551afac3507726b9268f9070b8d6baf901277c1edab3ae2fc6a123ffe4f83eb5c7d57ba92ab9f86273b5f5af1c1b57be986d8050ec2dd72b04550b94918dc8ec853e176915406fe1f490e2f2c70999440ada23fe743d7a200f855b427c1b4417c5cb6d59a2cb4cbe0b09bec24a71907925032ca93f5b64ec4f22ad70fe6f93885f3d6ba6f944157ff63e1d9ff658c1cade5c52eb2e1dcaf1261f146db5fdc1e09b6c5c71ef47705f0c5989622200de59fb4ef16ba80ae84b5de04a67d2ca32c197b943ffd832d6ca98c20f23d997490973ef8721453507af3b87dc97d49a67000df10804e3611044a6d73d69d7ac71265a080ea59d6e0cdb6b03a85b58d65dfbc243488cd636735f78086aac72096372959723b5fad8288b4e67fe38fedf3a5fe1acb2678e553cd76a691da3d0184fdf3c31b87c211de6bb5b5adc341f9e5496a36b0999e781579c611ad70e3d777ccad881c49e54f1cab56061721ea87b72e7fb069a18dc9ec678698f923b7136366918ef02f02a76b67dc7d420833e525f0cec09b15644627453dc079628f38ceebcbc18596cbae1b1b7ae3cfd0c0983b791c0fd888888161021dd28aaeeaa225162f26ae2d3e7a7fed4dee9c2f60132f14912c2fc58f97643ae65ef4492d48c0e4bc047c13aa6e6d0f3b549a4df7970c1019de34bc19789d8a7e10375a92eb9d623986ffb22fc55b36ed61bb87cd09f8e46fc874883f58c28cfeca56a22ec437adb2f167d325d816333c4643537626ecbf2d183a03cb8ee39121c9076193da18a7d716bbc5c29b70914f669680c07e4c401b83ea5fdc69b2f49e10c450510dec08a57ce6daa3548dff61f7fe3741ae5dfc1e5c35515158baae14500e23ae55364740f671564cc7abe8d298d7f8723afebfe4e94882daa22e93a23cd834c9e9610f76a7c6aad842b9d78a8d79c27b6cc7963fad3716ead2ad3b658913fb415a2c7c27be4ec0cc5f2461fa7387b1709ee4a272e6fc4859f2465f9de8dac0d6791bc165c4f6c3ba46e5282d1035042f268045d793bfeca8ebc56d721c2e9ab283b3b9f6df0ce69df628b0eb705613ba6e09a619fe4e1da6a6cb4cfc86f8dea8daee97985fde2e08eedc776b0371d4cfd2f15128463064565345c0c05c3880eceab783fd258a4e561b09d6499e9385ab3a4a1887e79709fbd3a0bafec23c33fb8891b1e19b6e4336bc3669a4d89679deb7eda92dd904b43d0a89857fe8a1c657d7e68656909794ffd4e16e9593339d10a2fb35610c1dea3ca094228f637215f9f737f28300700a94b80de34950ff1a2daf32cb4526406423eebc7fe937fe5d9af239741f5bf61d66077d03417daafd83f888ab2d905fdc89b9c7aafaf3963ec5d30576306215feefc55923dde0f10ea5fb6ae98201da5b0ae18b23e8a772c53dfe124c065d2a8a9ac407405141ecef32eefdd0c9ce679567fff84582751e41b5df8439cdc72c8c982693183a98b658f2d7ef80c4c8246ec56c29c2d5604c9f1c90b6ae55a55adad2c46280145aaa2f17f9fbd06232e1a4c7f4a587e781f92570489c839f8699c6cf560a8e1bba4a093cf36c00795623ae9cf8493533fb7bc43e16649f9a94ad2a8c543ec5cbc33b18ec4496139e90936223e36502389df5c6772849d24b1cd1df86ac32e48825e43394453852766e604c7446adabf40da051271ab7d7482c00e3b8b0ee1d77e86e3f0bf7ef57d154ad477520b591534fa05953ba3fc9a29fe7aca334a29942d2ec0979c493e95f78e4efa01d58fc5fb615bbf7060be09148abb29ec3b916b06269ed31049452f93e73145c47ff6cca643d2d495e6b248f178e34f58c61f2b809278edf9a81f61fc90f867fde86310115588cd20d995545bb8cdfb4ab9456d30b647cc59cd58e42159103c69831d49d43f45db3cbb3f1af6f187f9aefa490f73d94b3937aefb682eda4406c9aa306141498f2e42b8b055f58842c9d7970b538a5cf4b962f678de6cbf8037dd215fe2203432802a3c8943929dfea7e2db9afa1cb22a000c141d1bae326ccb3266731a7c459e0bb25f719eee5b19609aaaf52838a877f0815c4e4b14de03eee41356d0519aec616f27d46e868e9ac1b578f4b2587ecb0fb4eefa1d5bf89234d385631fdb5e7e501b0b716e9d08379a8ae01a14c5ed0436a29d25007d1adcea15a42a24daebf04e06b79b3adef5cd91bd94b40e97461c126d20a99b5eef318eebc365be64f48ec62e410b15835c8ff4bd9016312f223fe883cf71b561f1696c03fce7dfe45d0a17ad8e9dceb6c9f2bc7cdd983168a32274cb09c7cc01704807f92352706167e4a9318b3bc7dae7a3c6600b3de9fca6c8bc9d3ac50cd84c64a98c63c46158544ecdb4dddbd3341a5cbc7df532a59cd325b21fe742bc61bcea6df24b4a1319af193e99d45e15853a9f523bdb483ebf1ce95d42725707011934e8f53e0e34eff4fc5956db45f795e786d922d07013141319a0aac061cd67ccb0c8f8159c8e81a4d64d945213bbea79f0fd07f1cdf56e2e87b2b39032d84491cf7bf5659f6afedaff85d22011b7c07b5657f8f78ba8abceecbfbcfc24a085b37d2fad16b9f9089cdb47b669cac389c9b974c9056792dd259c1b0f5ce6f2a3d25691da4d6601a27ae1a05931d886402d2b4597a557fdf673302a50e2ae21b5f81fc73c63aa3e854b87c85b8d52b934f4cfa0ce085ee302da55ee4140ed3868d34fa1bed32b4f3f7573e986229f20b59637af62d1d0f5179010a89b0dc20d2c4446c64f9b4f06d4e2be527d5ef249ade9a689684b5acdec54e840dd853c7cefc941690c6c4c99784e4b2c1602c85c8f53d31c7ff0819891e4ae6f5fcfb9a2a7262f53fa82c2a04756a343ed3403f45b6674a394930fa930abb4e251a16db1ee473523637b1c4a3afc2a3a02252f11336e026a26fa8dd81366cb80d2207b2685c46a3a7b5fd7dd3398204bd7915abb3f10753298a1c90267d3ac8036a07716bc2c0e9d0a3c1532e15b85b71670bb840aeb7cd171f4623bfea6b1944d7e3245911d1730f9c1da32e9f6b136d1fc2d8d277399dd6be0623184a15de4e90518a1a87673ab6423c6b3e781a0743f5c667084f8d80d41d5044a716f5df7a907e7f1121ef24bac4aa1b55221a7be3728dc88c72f00b393e7ccb7b9f757796c351b03c9f5f1afbcbabbbc35d10e19dc094d1764939fb1743a56394030fae866eb0fa0a8f3fd6f704451d9ecd0a2534d3b92edcd03e29d593d285f737d08b32b2fe075a135d466eeeea6295859da4ec6bfb6e2ec8d99710eaba9cb5714596cbc693c303a68470798252f7dcd0fc0125c2818111e1c9d9d1aeb62ebf04d38db0c396ec287ffd97d5825204ab74e1130d24a5c5190ad29069ec8218361690e394759590025ca576247115f5106fe3c83b45f35f2b0e7750038757a85f1c6a67e33069cb330949346e415e97ade6fe9044eb3c8926b51fb3ca0cbb6a3e9839cbfc1165f1a52db8ab24aa7e6b6c5631fa739718e281e3d6499e10448a838924c08a0d54a8270d6e63d174e1641f331cfb2f6beee5ff889a6bfa80badbe968bcf5f6ac941b5eab4355e849f8985beb42a811af60bb536d093503141497979fd894d610f38bf2203ca3238a833fd4221cf86021d699e5f57cf3ca239ac928e309ab7d3f33ca6bc3df695ed5b452209a2407f7f74c5cb840d74c6f829bdc1526b7f1fe205dabf373d60981fdd8bba329381161f102dba28fc937e1067de60f67c3072e24ffc4aa8d5d08c81ab126c7f8ba3005e766a8c6e28348e6cc4e972c7d27f0eb43f85cbc72b21e0600042ae1e22127e1f8dc1cbc3b5d73be8bd28415e8ae02fb4c5da84be79fef578c60ea7ff6f3ab3308caa59f5cfbd0ca6acd3d55d76f76d256bc72f45257e5e6bcb37329ef9d92df4de6261f61aa4422d898f9ae34116b8b80f5086d66c350ae37ecf854036fffeabd139c6aeb2c1772398ea0ae51cbbc388f2e72dd4392c3faae306ab9b21bbb0663d87ffde32b76e1a055ffdf499ab3bcb2d21339440f78bf75de5d2738c4a76c1110a913a4bef6ad033948553048aa75a7f156ebf816cf51b5a03aa9204bebc5b74e397b319dac9c5382d0f274b56ac45ff85def00d63725cc68126bad0baf722a932e8c84246df383b766980d8f85f798aa6a4f4b53fdcb39c42a67287f4cb26cc4093d854b83cdbd2fc42eb570d2eb77e5049bb9d332f510907ef9f6fcbc26a01276b31e7709dcdaa496010fd9", 0x1000}, {&(0x7f00000014c0)="99cc0245d31f42e060deac38a0abbbc6b6e7816ba35b6c3d641390935780c24918193069951986817045dfadc55656c80a1cbe8c1a8e5d69a12a918ece6c114faeb9ca239650c2f0a4faf6e04c3f545172b055b38d31d33f39b3f3de72a5c95b0b008d6c47fdeac2047532fb45c91faa97d19bd3b00af87951c8c6e32dbb53002c6f5557faa740a59b943497d95959d66245c4f42d1ae4654d37d982b522fbb8434159b7d4c037209257f20f6d168c9bf9de536cf3a05ac09590f5755888efa6f5fef16bee8343a7", 0xc8}, {&(0x7f0000000240)}, {&(0x7f00000015c0)="7d43f462aa2798c37f6615da511e1a7d6c0f17b87c148fcc81a678d3ed67c6d1c3ee53889365f1b43873f69fe5bcfe2ae12665bc03102640238d006c8fbb40df6e887160af858eb9ec90778c5bd3298beeb4227359348aa95b716746f6b1bb38799e65d4558edc54a55906852e8eb0c0a2b37056035e7b721abe542021843a0175dbf54e16c5", 0x86}, {&(0x7f0000001680)="8f2dfad265561f9510c36703ad9973ed87b262a2907052f3af822b6238b169d682bcb3aa4367d04a14b304385f245e41e572a6cb36e21878679c975b816f6ce0ce464ae6005412e88748408956b828c914cf06eaf53dbb85d3384124852eb6608d1f72a08cc229c85fae332363e4b316391ebdc8ba1cc49aff4f08a3b0629b867cf02b0849668a2d6e99df5ac1f6e9781fa0befb9d09df35bb4893ea19c12b1f04776a47a3d28b31bc4c43886a9c1680a185624cf16b71557454f1", 0xbb}], 0x8) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:51 executing program 1 (fault-call:17 fault-nth:40): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 418.387067] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=46071 sclass=netlink_route_socket pig=21909 comm=syz-executor.4 [ 418.433410] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=41826 sclass=netlink_route_socket pig=21913 comm=syz-executor.4 [ 418.589655] FAULT_INJECTION: forcing a failure. [ 418.589655] name failslab, interval 1, probability 0, space 0, times 0 [ 418.601027] CPU: 0 PID: 21921 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 418.608590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.617961] Call Trace: [ 418.620581] dump_stack+0x138/0x197 [ 418.624325] should_fail.cold+0x10f/0x159 [ 418.628646] should_failslab+0xdb/0x130 [ 418.632645] __kmalloc_track_caller+0x2ec/0x790 [ 418.637338] ? kstrdup_const+0x48/0x60 [ 418.641329] kstrdup+0x3a/0x70 [ 418.644533] kstrdup_const+0x48/0x60 [ 418.648259] alloc_vfsmnt+0xe5/0x7d0 [ 418.651992] clone_mnt+0x70/0xee0 [ 418.655460] ? lock_downgrade+0x740/0x740 [ 418.659621] copy_tree+0x33b/0x8a0 [ 418.663177] copy_mnt_ns+0x11c/0x8c0 [ 418.666903] ? kmem_cache_alloc+0x611/0x780 [ 418.671236] ? selinux_capable+0x36/0x40 [ 418.675310] create_new_namespaces+0xc9/0x720 [ 418.679814] ? ns_capable_common+0x12c/0x160 [ 418.684235] copy_namespaces+0x284/0x310 [ 418.688308] copy_process.part.0+0x2603/0x6a00 [ 418.692909] ? proc_fail_nth_write+0x7d/0x180 [ 418.697418] ? proc_cwd_link+0x1b0/0x1b0 [ 418.701499] ? __cleanup_sighand+0x50/0x50 [ 418.705746] ? lock_downgrade+0x740/0x740 [ 418.709907] _do_fork+0x19e/0xce0 [ 418.713381] ? fork_idle+0x280/0x280 [ 418.717117] ? fput+0xd4/0x150 [ 418.720319] ? SyS_write+0x15e/0x230 [ 418.724047] SyS_clone+0x37/0x50 [ 418.727424] ? sys_vfork+0x30/0x30 [ 418.730981] do_syscall_64+0x1e8/0x640 [ 418.734924] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.739826] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 418.745039] RIP: 0033:0x459a59 [ 418.748233] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 418.755950] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 418.763228] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 418.770506] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 418.777788] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 418.785066] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:51 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) socket$inet6(0xa, 0x1008, 0x5e) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:51 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0xa1) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r4}) setsockopt$inet6_udp_encap(r5, 0x11, 0x64, &(0x7f00000000c0)=0x5, 0x4) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r6, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x2}, 0x0, 0xefffffffffffffff, r6, 0x1) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:51 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:51 executing program 1 (fault-call:17 fault-nth:41): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f00000001c0)=[{&(0x7f00000004c0)="33721012e54cf845d3a60806b1529a42f6f911339b0bc8b295f75137eb46c89c616f9abd995531729052ed82c8e21003349aa2f468262066baf1d2315c85c83c2b323fa9635b389ef416878b6702c8c3e55c9b061791d4c5ae6b8218786502516ee556e1d460304a06d36ddd2d6801e4a0f6756fc4c76fa5609d58a241221024c3e2a2bf6190b45ed488dbdb4fc6577a41b0bf059778fda24bbfdaf84bb25b6979b5b95f262a9b9faf7c0bf7d716317ad7a5795a174a72465d2fabc1c199b3f5558ea5be7b6c7b9ce744c502bf088b0cfecf578ceb0f6c3a7388", 0xda}, {&(0x7f00000005c0)="df5e23fec237479504e636667fddf9455bd5bcbc7a552cfdc7702c349bbc8be54d2be41170da7ae33b6f587c21a3d0c6b9a8c8ad5cfeffc607c052795d50640000200000000000d201e01e40724bf690f1cbf72a11303c700aab35d00cc408401c0331886f9b18d05d74372cae53d22cf6459ba28151d5ba27c23b4c8d8975131a656b5355af8eb699bd36fd5fd5589b3519ac95d5b6a1f6886468a92b31afc2a00ff0dce3a8e1b94834ca26cf0a3970886cf62418f48b47a9d13db48cb0a4ef1ecd41707e6b45d9d0ba223a79753a856a24fbf63cde82bed45dbe02942f2131f6d3fa35f369145a675316f7bfcb313db2c4bb3ebc19d32d144cd65dde2e3e25222a03f4139815e000741980e4ed798a33db74f0aa622ddbca0cb3b450610c544ed6889ee0e172215e39b97d0579db0836680d460546d6ed162d2dff43", 0xfffffffffffffd3b}, {&(0x7f00000003c0)="86a907ae8c4834a2565335b3903d7649a6c6d04d6904e1476ea002965d9bcabd22ad28ebaaa152b8b154b2b57f66d9e7a50352a85293d5fb1b5bff7a968181985da3cd38f6b38467b9f731b6b7efadaf93f77759e2e875026f460145b02c67f1472176e892f09a2e20b1376411c79672332c94ca66277855082110e495a82e65b20eb3943622b36c95e255933bc7ae5c5b6565894a9a7f4b532e4f96c19f64d17a1c2f9250f728faf5bb97aef992d2a34467bd777714f7c818bcf90067be39c4982964c158e6", 0xc6}], 0x10000000000001af, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) tee(r0, r4, 0x25d2, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@empty, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @initdev}}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r8, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x20000, &(0x7f0000000700)={'trans=fd,', {'rfdno'}, 0x2c, {'wfdno'}, 0x2c, {[{@cache_mmap='cache=mmap'}, {@noextend='noextend'}, {@cachetag={'cachetag'}}], [{@obj_role={'obj_role', 0x3d, 'ppp0*selinux@systemcgroupwlan1\xd2$'}}, {@smackfshat={'smackfshat'}}, {@fowner_gt={'fowner>', r6}}, {@fsuuid={'fsuuid', 0x3d, {[0x30, 0x30, 0x37, 0x66, 0x66, 0x0, 0x66, 0x36], 0x2d, [0xf, 0x34, 0x88168cc702f93117, 0x37], 0x2d, [0x3c, 0x39, 0x66, 0x66], 0x2d, [0x36, 0x30, 0x34, 0x32], 0x2d, [0x36, 0xb291f00fee4b2d91, 0x30, 0x62, 0x2d, 0x65, 0x62]}}}, {@subj_role={'subj_role', 0x3d, ').(-'}}, {@euid_eq={'euid', 0x3d, r8}}, {@permit_directio='permit_directio'}]}}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x25a0e103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000100)=[@in6={0xa, 0x4e22, 0x9f2, @empty, 0x1}, @in={0x2, 0x4e20, @multicast1}], 0x2c) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x40}, 0x1}, 0x0, 0x3, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_ENUMAUDIO(r0, 0xc0345641, &(0x7f00000000c0)={0x1f, "dc0e7020fd2d58e1be27785c690d082c8740cbbba63a50d9f1d52a6b3290c93a", 0x1, 0x1}) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 419.537622] FAULT_INJECTION: forcing a failure. [ 419.537622] name failslab, interval 1, probability 0, space 0, times 0 [ 419.549318] CPU: 1 PID: 21960 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 419.556353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.565713] Call Trace: [ 419.568320] dump_stack+0x138/0x197 [ 419.571967] should_fail.cold+0x10f/0x159 [ 419.576131] should_failslab+0xdb/0x130 [ 419.580117] kmem_cache_alloc+0x2d7/0x780 [ 419.584272] ? find_held_lock+0x35/0x130 [ 419.588339] ? copy_tree+0x4a2/0x8a0 [ 419.592063] alloc_vfsmnt+0x28/0x7d0 [ 419.595781] clone_mnt+0x70/0xee0 [ 419.599238] ? lock_downgrade+0x740/0x740 [ 419.606437] copy_tree+0x33b/0x8a0 [ 419.609990] copy_mnt_ns+0x11c/0x8c0 [ 419.613704] ? kmem_cache_alloc+0x611/0x780 [ 419.618038] ? selinux_capable+0x36/0x40 [ 419.622116] create_new_namespaces+0xc9/0x720 [ 419.626623] ? ns_capable_common+0x12c/0x160 [ 419.631075] copy_namespaces+0x284/0x310 [ 419.635148] copy_process.part.0+0x2603/0x6a00 [ 419.639750] ? proc_fail_nth_write+0x7d/0x180 [ 419.644251] ? proc_cwd_link+0x1b0/0x1b0 [ 419.648329] ? __cleanup_sighand+0x50/0x50 [ 419.652568] ? lock_downgrade+0x740/0x740 [ 419.656723] _do_fork+0x19e/0xce0 [ 419.660187] ? fork_idle+0x280/0x280 [ 419.663909] ? fput+0xd4/0x150 [ 419.667102] ? SyS_write+0x15e/0x230 [ 419.670837] SyS_clone+0x37/0x50 [ 419.674213] ? sys_vfork+0x30/0x30 [ 419.677758] do_syscall_64+0x1e8/0x640 [ 419.681647] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 419.686500] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 419.691689] RIP: 0033:0x459a59 [ 419.694877] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 419.702588] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 419.709860] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 419.717225] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 419.724503] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 419.731776] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:52 executing program 2: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=0x0) prlimit64(r0, 0x0, &(0x7f0000000280)={0x0, 0xa}, 0x0) open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r6, 0x0) ioctl$BLKTRACESTOP(r6, 0x1275, 0x0) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB="000000f6f98000000000000000e28eabab3371707f755a7ba56679d3fb83001a2d6da2bd29dcdda537d8cfa000b7aefbd18c3f95400b38593c965203c10294ae479561ec5ca011a692c4ba0fb2a947ef04f234cf717a8a41baf48bfbf80e29b728c9a0f4d8e4da4854704b3cdc4641824da283755aefe0185b1d05ff43c154164cd79b868c9736172e3cf19396315eb4"], 0x48}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0xfffffffc, 0x0, {0x0, r5, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x8}]}}]}, 0x38}}, 0x0) ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f00000000c0)=0x0) ptrace$poke(0x4, r8, &(0x7f0000000100), 0xffffffffffffff73) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000000)={&(0x7f0000c00000/0x400000)=nil, 0x400000}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r9, 0x407, 0x0) write(r9, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x6554836e64fe7938, 0x0, 0x5, 0x0, 0x1}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x60000) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:52 executing program 1 (fault-call:17 fault-nth:42): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket(0x0, 0xa, 0x2) r4 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000002c0)='/selinux/mls\x00', 0x0, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0xfffffe56, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0xfc9e, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0xfffffffffffffff7, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000051600000000000000feffffff00", @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0xc4) write(r2, &(0x7f0000000340), 0x41395527) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r9, 0x0) ioctl$BLKGETSIZE64(r9, 0x80081272, &(0x7f0000000140)) r10 = socket(0x1, 0x7513f4affa160164, 0xfe) sendmsg$NBD_CMD_DISCONNECT(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$FS_IOC_SETFSLABEL(r10, 0x41009432, &(0x7f0000000400)="160ef8660ec13f0b782ef9b57691947a2315a9dc2b0b0ae5b0905bd217c206029a731b09e3ae67762b16089dff363e20bcba543d3df776d6018105033a5576e05faa409d87ebe1bf600eba06f7c53114ba1740ae06295686962b7f4b21d55af962f5d0bd15e6d5b9dcbadc0cb8d6ef623affb48c59dad3844ebdc32e33445ff6b7d553adbdb973e55d388276ccf82cad7aa116f4137c4fdd2135a7e1948c7cb651b6303f825192e76d67dbfceac5ebb338972cd21e70a2b3a2f4c6c5834c8c2928c0069129c2ef71fd77f512eb06e11c8c4671c6c3a5a000bad4790a2517562ae20dfc30b11ede6ab543655d4d3454460c8c4a6f720064b2e3e9f8a6e579d6db") vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 420.431422] FAULT_INJECTION: forcing a failure. [ 420.431422] name failslab, interval 1, probability 0, space 0, times 0 [ 420.442851] CPU: 1 PID: 22001 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 420.449980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.459351] Call Trace: [ 420.461964] dump_stack+0x138/0x197 [ 420.465618] should_fail.cold+0x10f/0x159 [ 420.469791] should_failslab+0xdb/0x130 [ 420.473825] kmem_cache_alloc+0x2d7/0x780 [ 420.478017] ? find_held_lock+0x35/0x130 [ 420.482180] ? copy_tree+0x4a2/0x8a0 [ 420.488340] alloc_vfsmnt+0x28/0x7d0 [ 420.493027] clone_mnt+0x70/0xee0 [ 420.496487] ? lock_downgrade+0x740/0x740 [ 420.500644] copy_tree+0x33b/0x8a0 [ 420.504196] copy_mnt_ns+0x11c/0x8c0 [ 420.507911] ? kmem_cache_alloc+0x611/0x780 [ 420.513199] ? selinux_capable+0x36/0x40 [ 420.517281] create_new_namespaces+0xc9/0x720 [ 420.521788] ? ns_capable_common+0x12c/0x160 [ 420.526248] copy_namespaces+0x284/0x310 [ 420.530329] copy_process.part.0+0x2603/0x6a00 [ 420.534938] ? proc_fail_nth_write+0x7d/0x180 [ 420.539445] ? proc_cwd_link+0x1b0/0x1b0 [ 420.543530] ? __cleanup_sighand+0x50/0x50 [ 420.547835] ? lock_downgrade+0x740/0x740 [ 420.552026] _do_fork+0x19e/0xce0 [ 420.555498] ? fork_idle+0x280/0x280 [ 420.559225] ? fput+0xd4/0x150 [ 420.562434] ? SyS_write+0x15e/0x230 [ 420.566167] SyS_clone+0x37/0x50 [ 420.569537] ? sys_vfork+0x30/0x30 [ 420.573092] do_syscall_64+0x1e8/0x640 [ 420.576991] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.581859] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 420.588917] RIP: 0033:0x459a59 [ 420.592126] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 420.599852] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 420.607225] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 420.614504] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 420.621788] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 420.629066] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() ioctl$CAPI_SET_FLAGS(r0, 0x80044324, &(0x7f0000000240)) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ptrace$getregs(0xffffffffffffffff, 0x0, 0x10000000000, &(0x7f00000000c0)=""/163) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0xc6e9fe671e8a869a, 0x0, 0x3, 0x0, 0x0, 0x1000000}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) futimesat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)={{r4, r5/1000+10000}, {0x77359400}}) 17:46:53 executing program 2: prlimit64(0x0, 0x2, &(0x7f0000000280)={0xc, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x68, 0x1, 0x40, 0x5, 0x7e}, &(0x7f0000000100)=0x14) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000140)="fe37368612f77769c8781cff42b047f8f85947a18377da11f87c4d4782db4f2c416d8ae57eac95556ef442f2412c89f75d99", 0x32}], 0x1, 0x8) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000000c0), &(0x7f0000000100)=0x14) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r0, 0x0) write$vhci(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="04a45c09dcb0ba60bf47a7c71b0618bc7cb87a235dc31bc0533e36efa09e"], 0x30) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r5 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x100000000, 0x400000) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x5) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:53 executing program 1 (fault-call:17 fault-nth:43): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 421.248296] FAULT_INJECTION: forcing a failure. [ 421.248296] name failslab, interval 1, probability 0, space 0, times 0 [ 421.259884] CPU: 1 PID: 22052 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 421.267013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.276372] Call Trace: [ 421.278994] dump_stack+0x138/0x197 [ 421.282797] should_fail.cold+0x10f/0x159 [ 421.287043] should_failslab+0xdb/0x130 [ 421.291381] __kmalloc_track_caller+0x2ec/0x790 [ 421.296070] ? kstrdup+0x1f/0x70 [ 421.299437] ? kstrdup_const+0x48/0x60 [ 421.303320] kstrdup+0x3a/0x70 [ 421.306505] kstrdup_const+0x48/0x60 [ 421.310241] alloc_vfsmnt+0xe5/0x7d0 [ 421.313959] clone_mnt+0x70/0xee0 [ 421.317403] ? lock_downgrade+0x740/0x740 [ 421.321542] copy_tree+0x33b/0x8a0 [ 421.325078] copy_mnt_ns+0x11c/0x8c0 [ 421.328801] ? kmem_cache_alloc+0x611/0x780 [ 421.333135] ? selinux_capable+0x36/0x40 [ 421.337192] create_new_namespaces+0xc9/0x720 [ 421.341699] ? ns_capable_common+0x12c/0x160 [ 421.346104] copy_namespaces+0x284/0x310 [ 421.350170] copy_process.part.0+0x2603/0x6a00 [ 421.354758] ? proc_fail_nth_write+0x7d/0x180 [ 421.361346] ? proc_cwd_link+0x1b0/0x1b0 [ 421.365432] ? __cleanup_sighand+0x50/0x50 [ 421.369851] ? lock_downgrade+0x740/0x740 [ 421.374019] _do_fork+0x19e/0xce0 [ 421.377493] ? fork_idle+0x280/0x280 [ 421.381206] ? fput+0xd4/0x150 [ 421.384684] ? SyS_write+0x15e/0x230 [ 421.388409] SyS_clone+0x37/0x50 [ 421.391770] ? sys_vfork+0x30/0x30 [ 421.395406] do_syscall_64+0x1e8/0x640 [ 421.399308] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.404161] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 421.409342] RIP: 0033:0x459a59 [ 421.412535] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 421.420943] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 421.428407] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 421.435687] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 421.442979] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 421.450255] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x800000, 0x0) setsockopt$IP_VS_SO_SET_STOPDAEMON(r3, 0x0, 0x48c, &(0x7f0000000180)={0x2, 'lo\x00', 0x3}, 0x18) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r2, 0xc080661a, &(0x7f00000002c0)={{0x1, 0x0, @descriptor="d659a32991ed58f1"}}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, &(0x7f00000000c0)={0xb, @output={0x0, 0x0, {0x2, 0x8}, 0xa0a, 0xffffffff}}) socket(0x8, 0x2, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) execveat(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000540)=[&(0x7f0000000240)='+em1\\em0{vboxnet0\xf6/:\x00', &(0x7f0000000340)='em0vboxnet0\x00', &(0x7f0000000380)='vboxnet1-&%\'\x00', &(0x7f00000003c0)='[system!em1)GPL&]!trusted[\x00', &(0x7f0000000400)='em1(!keyring\x00', &(0x7f0000000440)='\x00', &(0x7f0000000480)='\\\x00', &(0x7f00000004c0)='nodev-\x00', &(0x7f0000000500)='-wlan0\xf5\x00'], &(0x7f0000000640)=[&(0x7f00000005c0)='system)em0md5sum\x00', &(0x7f0000000600)='\x00'], 0x1000) 17:46:54 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="740000002400070500"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff0000000008000100736671004800027100000000000000000000000000000085b52bf8fa001000000000f5ff0400b765000000000000e89c00000000cc4ceb5b00"/95], 0x74}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r6, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) fcntl$setpipe(r7, 0x407, 0x204) r8 = syz_open_dev$vcsn(&(0x7f0000000380)='/dev/vcs#\x00', 0x4000000000, 0x400000) setsockopt$inet_sctp_SCTP_EVENTS(r8, 0x84, 0xb, &(0x7f00000003c0)={0x3f, 0xae, 0xec, 0x1, 0xff, 0x2, 0x40, 0x4, 0x40, 0x1, 0xff}, 0xb) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:54 executing program 1 (fault-call:17 fault-nth:44): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) ioctl$PPPIOCSFLAGS(r4, 0x40047459, &(0x7f00000000c0)=0x4) ptrace(0x10, 0x0) 17:46:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x3, 0x2) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r4, 0x84, 0x1e, &(0x7f0000000100)=0x7, 0x4) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$bt_BT_SECURITY(r5, 0x112, 0x4, &(0x7f00000002c0), 0x2) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000240)={0x6c, 0x2, &(0x7f0000000140)="d1591935633cb00dfb48319e0f2ec42fb7d26834cdacc7a12891a3f28851b47a75edb0f0b0962d535f184b60152e16ab369422ff7797fb5fb44d208400d6520d661438624e185546f9a8e4a1f286ded245e677bccae63c5480b7f684d941a69aed430d61f3f5140eebd87e7eb70094b650de58639d977c0d61f8498f6a6e3dcd2ae5acd605451db563a31a205e7b83f894e6e3ffa82efdf5", {0x4, 0x400, 0x20303159, 0x2, 0x5, 0x7, 0x6, 0x1}}) [ 422.149557] FAULT_INJECTION: forcing a failure. [ 422.149557] name failslab, interval 1, probability 0, space 0, times 0 [ 422.161118] CPU: 0 PID: 22094 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 422.168541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.177900] Call Trace: [ 422.180485] dump_stack+0x138/0x197 [ 422.184121] should_fail.cold+0x10f/0x159 [ 422.188456] should_failslab+0xdb/0x130 [ 422.192444] __kmalloc_track_caller+0x2ec/0x790 [ 422.197131] ? kstrdup_const+0x48/0x60 [ 422.202076] kstrdup+0x3a/0x70 [ 422.205288] kstrdup_const+0x48/0x60 [ 422.209024] alloc_vfsmnt+0xe5/0x7d0 [ 422.212924] clone_mnt+0x70/0xee0 [ 422.216427] ? lock_downgrade+0x740/0x740 [ 422.220589] copy_tree+0x33b/0x8a0 [ 422.224417] copy_mnt_ns+0x11c/0x8c0 [ 422.228154] ? kmem_cache_alloc+0x611/0x780 [ 422.232497] ? selinux_capable+0x36/0x40 [ 422.236569] create_new_namespaces+0xc9/0x720 [ 422.241081] ? ns_capable_common+0x12c/0x160 [ 422.245497] copy_namespaces+0x284/0x310 [ 422.249571] copy_process.part.0+0x2603/0x6a00 [ 422.254173] ? proc_fail_nth_write+0x7d/0x180 [ 422.258674] ? proc_cwd_link+0x1b0/0x1b0 [ 422.262752] ? __cleanup_sighand+0x50/0x50 [ 422.266995] ? lock_downgrade+0x740/0x740 [ 422.271170] _do_fork+0x19e/0xce0 [ 422.274978] ? fork_idle+0x280/0x280 [ 422.278701] ? fput+0xd4/0x150 [ 422.281913] ? SyS_write+0x15e/0x230 [ 422.285619] SyS_clone+0x37/0x50 [ 422.289060] ? sys_vfork+0x30/0x30 [ 422.292588] do_syscall_64+0x1e8/0x640 [ 422.296460] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.301291] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 422.306558] RIP: 0033:0x459a59 [ 422.309727] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 422.317427] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 422.324689] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 422.331944] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 422.339282] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 422.346564] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x585000, 0x8a) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3ff}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={r4, @in={{0x2, 0x4e21, @empty}}, 0x3, 0x19e, 0x3, 0x1ff, 0xa}, &(0x7f0000000240)=0x98) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0xfffffffffffffe21, 0x2, 0x1, 0x0, 0x3, 0x0, 0x0, 0x10000000000}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x6, 0x0, 0xf9, 0x0, 0x0, 0x8, 0x4812, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x65, 0x2}, 0x0, 0x0, 0x0, 0x5, 0x6, 0x0, 0x4}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:55 executing program 1 (fault-call:17 fault-nth:45): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x6a0}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f00000000c0)) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = gettid() ptrace$setopts(0x4206, r3, 0x0, 0x0) tkill(r3, 0x3c) ptrace$cont(0x18, r3, 0x0, 0x0) ptrace$setregs(0xd, r3, 0xfffffffffffffffd, &(0x7f0000000080)) ptrace$cont(0x9, r3, 0x0, 0x0) ioctl$BLKPBSZGET(r1, 0x127b, &(0x7f0000000100)) ptrace$setopts(0x4200, r3, 0x1, 0x5) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev\xa2\x8asp\x00', 0x4040, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$EVIOCGABS20(r4, 0x80184560, &(0x7f0000000140)=""/114) setsockopt$inet6_IPV6_ADDRFORM(r2, 0x29, 0x1, &(0x7f0000000240), 0x4) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 423.002108] FAULT_INJECTION: forcing a failure. [ 423.002108] name failslab, interval 1, probability 0, space 0, times 0 [ 423.013584] CPU: 1 PID: 22132 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 423.020802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.030163] Call Trace: [ 423.032765] dump_stack+0x138/0x197 [ 423.036422] should_fail.cold+0x10f/0x159 [ 423.040609] should_failslab+0xdb/0x130 [ 423.044632] kmem_cache_alloc+0x2d7/0x780 17:46:55 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20ncci\x00', 0x8100, 0x0) connect$rds(r3, &(0x7f0000000100)={0x2, 0x4e24, @empty}, 0x10) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x84, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xffffffffffffffff}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 423.048791] ? find_held_lock+0x35/0x130 [ 423.052866] ? copy_tree+0x4a2/0x8a0 [ 423.052881] alloc_vfsmnt+0x28/0x7d0 [ 423.052893] clone_mnt+0x70/0xee0 [ 423.052905] ? lock_downgrade+0x740/0x740 [ 423.060347] copy_tree+0x33b/0x8a0 [ 423.060367] copy_mnt_ns+0x11c/0x8c0 [ 423.060377] ? kmem_cache_alloc+0x611/0x780 [ 423.060389] ? selinux_capable+0x36/0x40 [ 423.060403] create_new_namespaces+0xc9/0x720 [ 423.060412] ? ns_capable_common+0x12c/0x160 [ 423.060423] copy_namespaces+0x284/0x310 [ 423.096641] copy_process.part.0+0x2603/0x6a00 [ 423.101593] ? proc_fail_nth_write+0x7d/0x180 [ 423.106110] ? proc_cwd_link+0x1b0/0x1b0 [ 423.110199] ? __cleanup_sighand+0x50/0x50 [ 423.115145] ? lock_downgrade+0x740/0x740 [ 423.119312] _do_fork+0x19e/0xce0 [ 423.122977] ? fork_idle+0x280/0x280 [ 423.126710] ? fput+0xd4/0x150 [ 423.129911] ? SyS_write+0x15e/0x230 [ 423.129928] SyS_clone+0x37/0x50 [ 423.129936] ? sys_vfork+0x30/0x30 [ 423.129949] do_syscall_64+0x1e8/0x640 [ 423.129960] ? trace_hardirqs_off_thunk+0x1a/0x1c 17:46:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r1, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f00000002c0)) open(0x0, 0x0, 0x0) getpid() r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet6_udp_int(r6, 0x11, 0xa, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 423.149415] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 423.154589] RIP: 0033:0x459a59 [ 423.157764] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 423.165455] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 423.172717] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 423.179986] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 423.187259] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 423.194530] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x84}, 0x0, 0x9, 0xffffffffffffffff, 0x2) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) connect$bt_sco(r3, &(0x7f0000000000)={0x1f, {0x3, 0x20, 0x7, 0x9, 0x9, 0x5}}, 0x8) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:56 executing program 1 (fault-call:17 fault-nth:46): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:56 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x11, r1, 0x40000000000000) ioctl$VIDIOC_G_CROP(r1, 0xc014563b, &(0x7f00000000c0)={0x9, {0x800, 0x236c, 0x6, 0xeaf}}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 423.937063] FAULT_INJECTION: forcing a failure. [ 423.937063] name failslab, interval 1, probability 0, space 0, times 0 [ 423.948593] CPU: 1 PID: 22173 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 423.955711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.966041] Call Trace: [ 423.968649] dump_stack+0x138/0x197 [ 423.972299] should_fail.cold+0x10f/0x159 [ 423.976901] should_failslab+0xdb/0x130 [ 423.980887] kmem_cache_alloc+0x2d7/0x780 [ 423.985050] ? retire_userns_sysctls+0x90/0x90 [ 423.989651] copy_pid_ns+0x1ae/0xa40 [ 423.993374] ? refcount_inc+0x1f/0x40 [ 423.997191] create_new_namespaces+0x267/0x720 [ 424.001787] copy_namespaces+0x284/0x310 [ 424.005860] copy_process.part.0+0x2603/0x6a00 [ 424.010468] ? proc_fail_nth_write+0x7d/0x180 [ 424.014973] ? proc_cwd_link+0x1b0/0x1b0 [ 424.019052] ? __cleanup_sighand+0x50/0x50 [ 424.023307] ? lock_downgrade+0x740/0x740 [ 424.027594] _do_fork+0x19e/0xce0 [ 424.031102] ? fork_idle+0x280/0x280 [ 424.034851] ? fput+0xd4/0x150 [ 424.038069] ? SyS_write+0x15e/0x230 [ 424.041990] SyS_clone+0x37/0x50 [ 424.045366] ? sys_vfork+0x30/0x30 [ 424.048928] do_syscall_64+0x1e8/0x640 [ 424.052852] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 424.057726] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 424.062934] RIP: 0033:0x459a59 [ 424.066142] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 424.073870] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 424.081169] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 424.088630] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 424.095911] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 424.103365] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x5, 0xe07f36b5624a96e1) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r5, 0x0) ioctl$VIDIOC_DBG_S_REGISTER(r5, 0x4038564f, &(0x7f0000000180)={{0x2, @addr=0x8}, 0x8, 0x9f3a, 0xd26}) ioctl$PIO_CMAP(r4, 0x4b71, &(0x7f0000000100)={0x2, 0x9, 0x2ff, 0xffffffff, 0x9, 0x2403}) fcntl$setpipe(r3, 0x407, 0x0) mq_notify(r0, &(0x7f0000000140)={0x0, 0xf, 0x1, @thr={&(0x7f00000002c0)="1833669babd699e9870cfa20994517e8def3d9f2643b257e3e198ddcb71bb893325c8dc3f2af3427797689babc89523a84434ee544f14932dc6c87c1dcd94c79fc4866e84b8a56d0bf0f4563da96a655f5c4bc7fb58b8f548a712beec41985e82977a851408ad1b350c74e0ec94968724ac89c0f94f0d3e285adfe6256f53449b130860bda35ab2497dd44f963f5cf3e87186592ca3609c3abba9af285d9907b76b6364e9afabd23e89649a4a08dc15d7e0cb1fed2d9d2a46eefc248b7f192e60fbaa18fd5cd92a94a35e0137b98a925b90fce649fbd7e2d2b1e2aa72f1cb9069c3d8f237a73557f26cbab2b4e8d9ec99d", &(0x7f00000003c0)="15e4534d990ca5be61094b64eaf169e3675db4ae3d1b5a3ad8e1cd939df85212861173f5b432ab70ce970b96469ac154f3d2bf3ef4a170161d6ccab41caedd4d92cf139c5fbb85609013e8a8c772fcfad3a016bcbd2d8377c38a1b79535838b4b775abda20c4cb8218a246e5906bad64e6f99a3d0e226cbd2fac7032a74f556a84c9807f35b9c2ec142dce33f8e11577622412682d549ad725ed622192dff8cbfb6e3aef7307163eae2fcab5b5d9420a7dd3c2e476ea7d5215e7d53dc62acc46ade5baf1bc1b669c56e252a6025412b794dec921dae0c3910f07aa4492450961ee9741196a1e6bec0dc251a5a6fd5fae1abe43877cf2204cf7bb7b1f3770735eb9f66ee2fec41e85a3d0e6e5dc3a381fba2e31e5aa61678f3ca469dcc6ffea677a88bf8c86363b9872f1ba149a6a4317b2a52018a95e05b82eca20afe6917fdc29731b1489fe258dc5c71440fa6ad95029c7f4d959a648e5e5f0557b9a472726f0d76a8c3a4a4ab6e30a7b33adb9f3e48b515e33e71be564c7308a24d96a5d119f0b78d9579cfe23d8e73fa38f3412471ab9f1f9f5be747f756767527646c75968ab57eed4b41677b171675f69f8c74355513ef9feb96bf0d55584c0797159f7950d284d56a1d8416b9ad0feb46f7c0dd17f990bb90a2930e6bf559d6f9f63a7a868c14eced843198644515c741851e49699bbd8f6af18cfe1dc01d9bd0b902ae42381ee4116e5a6268737f1d56dbf0e59761956784869be12642e64f18d390af88dd29fd46ca91f81cf8a7897678fbf350d310ac26749b6301b16742368cfe3d531d34c36d40535d5e8d1bcec76b5f94f7ef342df352a741a6491b27749e7ee357c148de5fe65aaee31543f6d032a8e84a486a8a894842298b09d192b00cb79f6ff471366938cb3fcd2c6d1bf9abe51e45f496c7bc8b21b8fa39c5c516c82a5172d5551b57b1f04925e102ec473409af97f68151c582cd901ccebbab7a2ad7fb9012c5fbeca3c83931b3a152b27d63ff1304b376fc25f08eedccd774d09da00d751fecec57cf73e5db4f24d7e8416c5cbbad0eea369b06807e965e43b6de44c52d0882fe00dedc6feac91b6b200160dfea608f7d9be69fa8efbc4fe1ba2b46df41368d671dfe5bfa0640b30b80445cde9c2aead8097fdb9272c131dbda0c87d5777269c292d53567981c0bd718316e9a118b84f3e5721fcf15007082d60d46eefbd61f206fdbacd4501496decaf69a21c6761beef4d8ea24e580d1a3f576ba51743310cdee32df61452c537846f177e1f1717f0716b4bbb7e1d82ad633e77e8c5ff73d36ba15578e3a4e396c72abdab6c0b06aff7fe6004f5e7daaa76eb9a3072640ba25f670f10e37d009874aa8739d11734147aa32f04b31d40137f8939754b690aa2d36de537f02d7f5dac5f51f4b9c84bf48d39fb6da6c407699346dd7e7123a9a5a3bae062d96e48cfdd03b0399d91ca87e94bfdc31c836c0b280bf8ac1b26f45e99b200d4955ffa796e98af86ed8d1e21e19b0fcb7ef6017acf1cabed35aa117c85c3b184fe788888360e855f1613501d4b41fc35327b5a7ec802aefb0d2207fa6624fe47842841dd76ed6e2ee50913d93a70bbcc3273653afb25ba622fef07352b996d0f71d9d0a482ce17a1b2494ef373279a5d122ac7e9a05352edaff2634ec577a020a34fd96e231938c666b8415308961570dc74565ae0ae18f3278199ecad5da84f35492747aea07a1ed5f80cb337e489a7c181962c9840237d38182b9aa806572cd77aefffae3edb1ed595d6856a858975db8c8ad0c92e0569210f19006fac3e8dcbb7f3ccddd4e0d7fdda38c6fed094e22fc428ff728b82693acaf0895225cf90de57989833fe4beadc665e6320f9baeeb063d74783489886d7ec5ce39dd8d96d7f714380fee5e277a80699b5e5362bb86d645dc4f51a5ad7309f43302a3908fbe1c4310d7fde0faca2151ae0b8cf1e8c4349275d802b5b62424ddf85b9202f5c313ea41e3f41f3a425dd9c87cd2952943b85f68d454b4c6f18d8e67821c67e14dfd3e7396cb73df3056842a2a6e6749171ab5707cef8882784c8ab4850c3645b7125e2420a4950355a893f893a3bfff6a74364669f1a4592620604ea9764db9dfa86b91a9cb0be439550099d06f4c1d5495928533e2626a01d49694226c0fe6c19be2351fb87da727528be11ffd0b13375a56269b87704523b097c972d0de0785f2f5d9daafac453816fdf6a2d812a83ae1e6b18216d749754e70931d10630ab1c30c083a7d43d524f22e0ea1d9845803287dbd7c7dc64549a52ab3c6fc5980526b6343ac7a654f869fa262c7b28fc257e4dd05a18788b2bd29673b493b9a4b4eb3dc295f52fb148f0616fc020c8ebae5333b8743aea2e294e365a224b7ead510dc40d2c9ccaaa628268f631b91dfbb18f3952b03b1ab24b160d62a9c6a42df8bab288cef43d266e3198a1e6b80c8f96cfd660dd68c5ab802561be6b22a74a70cf78e8e735b6bcf8dbb1fa771232c1edc8c26f596eef9d6e36f89fce14a615652423c74b6c76ec8d595e9c72d83c30dae16f190300137a02f30e146c6ea71fe77d9ded100a3396d94b47bdb37bb7b5a1f9f65cf5ddce78fc6cad09877184ae01fd9e1e1a56fc8b492c2a6c74b75a7b0c37a7008ab2ac3e5f6268234f975b2611372653b9aba7b3622ed218aa0d04a7c7ca4eb6a6c54a108fc3598379524ab9db7c17e604586462679130f994ad4ea85518c28545de8eb689354d450c99f9366b2096b4b75a1d61d72fe8ec3f5977361bb56b880346f7a2da01c598206bc219dc76c147d18f4bc6556131ed1b79e5307141e21008f94f9f69bb111d5a06e868c1d573f4a01e5b69d05ec1e98c94753c86f5c6062e338125d4d1c1291b3e9047a1c0b0fbdb11ace3a3d7789a45b4883886107c2a9644f59e715604a7ed353c97a200c3b2244d5149d58b33974fa76e9dc72ae1038c2b50c5f8e04f3155175655b027b211f8a69c110d4d754a0f7c335af85a26f15c407d9da893956c9334b5c795cb5bf8fb118c1eb387207a221f488f9cb6998f0b30b0faef6caa6946b8ed7c07f727ec61a0899d91fea2c4b0fb7ccd68f9e82f0871ccfbb64e9a62ca9adef9c585d8462d1a1ce105ac153762a5df7968f2fb6e7b94bf72fc2adb255c05f17c5cd2e9a54fa99bef0bd528f2144967e7982a471b5f4a1a7699ebd4e680d41e9a1caf04780638ab9890ca2ad23e23f196bcf48de82f8a4d84b807b8e4340a41c64a4a03f2a2f8dde4a83dc7f3e2393942d7db126137f6c4f7f9b0392261eae281f339994b1fd36b63cf09f7ea5ff9c5d3677961a01beaf8d16e364a9ebaf6f2de6d4013c93942e748a1a9dac74388d9431d72970c7fe7440a4705ec435eb691987f1c22725ed32d0bf6072f0744cf6590a805e45ef80f8c8f12c29c8de9c93f300c39a4aa9a3ec7894536295ee5fd6d8f75fd531dc92f1886093e082a3635a97dcb0617028604fd1628e1bb0e192516eb306c8663f8da597b436ecf64cfbecbf0b18e45b41a224721a0ce42853260adb947ab88906b99b92ab36559a1455e024264af104b74c4ad8208cae56994ce7d74b2df344a5694ee34cddd0f376b37595cb752a845424dec25b4a0f4f83dab405d7bb5d20639999bb8e66ed6e85ea55216b99822e4f182bd19582b9e559c461b54c2d549a1456f72d41fe12752f0486286a8da6e01bf7754c9303020d6322f3378d4344641fcba68bc1962d3f506d4cf7a04ce6e731d2bcae8e1c0a031f8e7ef18a8fb47b8b654719e61fbae1c3d816707916bb809ab4959611a455aeb345767075aee3d30d5ea04c06a95687f763b531eb7280e4bc4654026d37f8818a6698fa1d8f1f8744204a2a6a9bd4d4e43cfedacb68b65827585f90c0264e9f284184d68a74a1e51e5ca1d368e4b38893d1fdcb5b16e97e930f5374b29552a099cc12c6a3c4cdf18bd40bf64d1a32cb00472c842f98a2562657375f4e0e31572dc4ab1c24fb2c124d902bfe84f8fc550fe2f289d2f655b22b0d589a78e0e60ea31c68dea4100b4822f0cf956052d111f2abbe03703c64d4fdaf008039e4ab36576e2df1e7b36c39d8c0dfc0cd1e91454e174f57dc3d827e83ada9f10f9e056b52e4016a656172fa569e123c4981be3011cdb68e2514246668b21b741a859e50e160254ce81f20cd3f3a41bc79865e414e22736d5476eb77672bd32a569445dab074f7f70914e348e330870872bbfc3e7ce38020ebefa6457476f1098add9c5921ea86095b19bea5d9101150bcf9ff1d2bcc34859a14bf4b890ad54626db7a91d87abaf52b2048c6019497c41893180603f463ff871544e651dbb57e7458db246d51a5df9ae80ee1e3cbeeeb963b048e430a83b63509467db4621235fb79215f8b0ace96f48b8f5c6bc69ff3c0ce7b0a5493409f19a524c2846dc8e0121ea96a5eea72f92163810a4e4c925d6e1ad811f9dcf3f9671247b06eb7932b0adc5e1520021d1713396df6082d592857fd0c8b45b8156d03e78fc202726fa7bef37707f48372f2ab79ae38cd6fef5d722cfacd6567889fca9eff4cc4a486e4bf7b83c164315a00b098dafb331db794b083c396380d6ca843fffc151bafdf05148ccf1bbcebe50ab0a05b21aabb80e72935cf6031385b0f1016aa496a7ea632f51298b252a24cba347df7bc9a2946dbef8d5371f59dac9667ac15050c6596f4fc0124927cacee817ea69c8916ac06101a593dbf516c3c71485140263a436cbf11d4ca3ccfc7d10e2ad6fe64da56458b1abef1b53178d619adddfa226bcf3b4289237f14d67769e463d796b0a69064160a44e9b9b18b6e9291d3c9a75175abe06b9f6205e6a4f928e4932485508aa6281407315e08228be01d78eb88f350c7c2194e0bbfa7be86b98d0f3fa2b2c217d00a901569b3a296f32f105eabe7cdf019321d63522b9359604326c8d80d9465440340c0d1d8b399263e43076ea8dd0eb732c5ef268a3977c209b6ea52b33ddc1896d2bce0e9637a0a2ed516b3d3b63fab6cc796b0c05685432e40e3d983ac3b2fc95353d6d4d61fa1211fe56ee86d439d70255813e6fd94b5ab4ae4f835936e19b0f84fa185fccdda6114ec110007a580fdb6b26fa9e765879af6f719465b9419a900e1f609045d7b12da12776fafac6c569550da2fec6df149f6a40bb7038353e5a13983094a66e109a8cde89c5c0ee86ed579571b576af98a90b5bd733061321b601db5006a5b2e323b10e8f772c0a1913556bc68d6c9707b9cc5575f8354889084486042e84d905ea1c1b4008bb229feb40a745426abc866a02aacf87a2b5e241a3f5d2f2f8cb0828ae7278fa0bf60205165f0d3f5dabc6f9c391f9bf20566b43f5134ee9fa67bb99988fcd522e59b1c1deaa1745c562583dd1dd423b313b1d867850c2848f64fd21d8da88e0a90faab5d14c8183ed6c03a0c1b287c9002041143bb901143a5d8a5a760009814a882968013fc9d6b078e7abc3686cc90fecec6cd16e3a7f4f685ae35305197fc9e993c31c3449845be81e91a96bc90a68b8bf9ba075667cc82d59d5efbb0715e088f651a43a62ff7cbd5879631d484926c1931ac94cab347d8a34acab6fff0dfff7316d5aced8ce16875f5209feb4f3cfdeb5082fa88353ee0775e65cf31169ad5edbc0fa92ed7acdca177f55278447491cc7ed86dbbffb2c93d9c20578c22946a86fd962025f228486153a70047b225c8d37761bf7e236fd5e8254b253c7053c41ea4bfeef8e36549337af93c4bceecf2e02b3"}}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r10, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) fallocate(r8, 0x28, 0xfff, 0x1) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r11, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r12 = syz_genetlink_get_family_id$tipc(&(0x7f0000000240)='TIPC\x00') sendmsg$TIPC_CMD_GET_BEARER_NAMES(r6, &(0x7f0000001440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001400)={&(0x7f00000013c0)={0x1c, r12, 0x200, 0x70bd2a, 0x25dfdbfc, {}, ["", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x48040}, 0x40) prctl$PR_MPX_DISABLE_MANAGEMENT(0x2c) socket(0x840000000002, 0x5, 0xc2) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000003e40)=[{{&(0x7f0000000100)=@rc, 0x80, &(0x7f0000000540)=[{&(0x7f0000000180)=""/87, 0x57}, {&(0x7f0000000240)=""/62, 0x3e}, {&(0x7f00000002c0)=""/72, 0x48}, {&(0x7f0000003f00)=""/100, 0x64}, {&(0x7f00000003c0)=""/82, 0x52}, {&(0x7f0000003f80)=""/252, 0xfc}], 0x6, &(0x7f00000005c0)=""/4096, 0x1000}, 0x3}, {{&(0x7f00000015c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000002840)=[{&(0x7f0000001640)=""/169, 0xa9}, {&(0x7f0000001700)=""/4096, 0x1000}, {&(0x7f0000002700)=""/94, 0x5e}, {&(0x7f0000002780)=""/175, 0xaf}], 0x4, &(0x7f0000002880)=""/95, 0x5f}, 0x6}, {{&(0x7f0000002900)=@nl=@proc, 0x80, &(0x7f0000003cc0)=[{&(0x7f0000002980)=""/38, 0x26}, {&(0x7f00000029c0)=""/4096, 0x1000}, {&(0x7f00000039c0)=""/198, 0xc6}, {&(0x7f0000003ac0)=""/215, 0xd7}, {&(0x7f0000003bc0)=""/125, 0x7d}, {&(0x7f0000003c40)=""/111, 0x6f}], 0x6, &(0x7f0000004080)=""/224, 0xe0}, 0x2}], 0x3, 0x1, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000000c0)='bic\x00', 0x4) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$sock(r2, &(0x7f00000003c0)={&(0x7f00000002c0)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000340)="bc04915baf0a46d83b2168b3d8da517521c4615b8193e1b394b7b9c5854dd18b51e3a385fcbeb24c375d2ebc79384dce7556326e9fbdf922e626043073efe4a5ec57c129406f8e4b43a052959e1fe2f7463426484b01d68f6faaaf05278579ad96f0701d1056fe3e6440c8134cecbdbc", 0x70}], 0x1, &(0x7f0000000240)=[@timestamping={{0x14, 0x1, 0x25, 0x2}}], 0x18}, 0x2000000) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) socket$vsock_stream(0x28, 0x1, 0x0) fcntl$setpipe(r3, 0x407, 0x0) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$VIDIOC_EXPBUF(r4, 0xc0405610, &(0x7f00000000c0)={0x1, 0x0, 0x29b, 0x25e66a727fa96fb, r3}) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) write(r5, &(0x7f0000000100)="78645bb1435150d6e887a772da48d983ba55e3df5324c20de26cf76cfe2b6ee66aa894d1ef110d9769ba0d00000000000000000000000000000094ec5a0d3fb398900e6550ab995f1bc1d4efcdba5f391a108a8596f10a9067ba87fa0270fbbb72877a68b9dd8f0185758a022781199f47716cf69f98627a7a1428df578eccbe0b221e7380f521d4367d0e0184c7051114c0d946355dbeb432cb4eee75b8c000d110c64e7323419547", 0xa9) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 424.388539] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pig=22195 comm=syz-executor.0 17:46:57 executing program 1 (fault-call:17 fault-nth:47): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 424.668870] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=20803 sclass=netlink_route_socket pig=22207 comm=syz-executor.3 17:46:57 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:57 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() socketpair$unix(0x1, 0x4000000000002, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r3, r1, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/72}) [ 424.944832] FAULT_INJECTION: forcing a failure. [ 424.944832] name failslab, interval 1, probability 0, space 0, times 0 [ 424.956335] CPU: 0 PID: 22224 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 424.963361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 424.972723] Call Trace: [ 424.975328] dump_stack+0x138/0x197 [ 424.978980] should_fail.cold+0x10f/0x159 [ 424.983158] should_failslab+0xdb/0x130 [ 424.987164] kmem_cache_alloc+0x2d7/0x780 [ 424.991326] ? retire_userns_sysctls+0x90/0x90 [ 424.995928] copy_pid_ns+0x1ae/0xa40 [ 424.999648] ? refcount_inc+0x1f/0x40 [ 425.003474] create_new_namespaces+0x267/0x720 [ 425.008076] copy_namespaces+0x284/0x310 [ 425.012326] copy_process.part.0+0x2603/0x6a00 [ 425.016922] ? proc_fail_nth_write+0x7d/0x180 [ 425.021425] ? proc_cwd_link+0x1b0/0x1b0 [ 425.025508] ? __cleanup_sighand+0x50/0x50 [ 425.029747] ? lock_downgrade+0x740/0x740 [ 425.033908] _do_fork+0x19e/0xce0 [ 425.037374] ? fork_idle+0x280/0x280 [ 425.041094] ? fput+0xd4/0x150 [ 425.044287] ? SyS_write+0x15e/0x230 [ 425.048005] SyS_clone+0x37/0x50 [ 425.051372] ? sys_vfork+0x30/0x30 [ 425.054930] do_syscall_64+0x1e8/0x640 [ 425.058824] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 425.063684] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 425.068880] RIP: 0033:0x459a59 [ 425.072069] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 425.079786] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 425.087062] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 425.094390] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 425.102101] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 425.109553] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x141400, 0x10) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/current\x00', 0x2, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) accept$inet(r3, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, &(0x7f0000000100)=0x10) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:57 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/btrfs-control\x00', 0x100, 0x0) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(r3, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x50, r4, 0x300, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_MON={0x2c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x6204c050}, 0x80) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0xc) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r3) getpgrp(r3) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:58 executing program 1 (fault-call:17 fault-nth:48): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f00000002c0)={0x1000, 0x3, 0xa7, 0x7, 0x6, 0x2}) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) recvmmsg(r1, &(0x7f0000004340)=[{{&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f00000024c0)=[{&(0x7f0000000140)=""/155, 0x9b}, {&(0x7f0000004440)=""/4097, 0x1001}, {&(0x7f0000000240)=""/4, 0x4}, {&(0x7f00000012c0)=""/22, 0x16}, {&(0x7f0000001300)=""/232, 0xe8}, {&(0x7f0000001400)=""/148, 0x94}, {&(0x7f00000014c0)=""/4096, 0x1000}], 0x7, &(0x7f0000002540)=""/41, 0x29}, 0x100}, {{&(0x7f0000002580)=@nfc_llcp, 0x80, &(0x7f0000003b80)=[{&(0x7f0000002600)=""/26, 0x1a}, {&(0x7f0000002640)=""/222, 0xde}, {&(0x7f0000002740)=""/172, 0xac}, {&(0x7f0000002800)=""/145, 0x91}, {&(0x7f00000028c0)=""/191, 0xbf}, {&(0x7f0000002980)=""/230, 0xe6}, {&(0x7f0000002a80)}, {&(0x7f0000002ac0)=""/4096, 0x1000}, {&(0x7f0000003ac0)=""/131, 0x83}], 0x127e, &(0x7f0000003c40)=""/248, 0xf8}, 0x7}, {{&(0x7f0000003d40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000003e80)=[{&(0x7f0000003dc0)=""/138, 0x8a}], 0x1, &(0x7f0000005480)=""/206, 0xce}, 0x7fff}, {{0x0, 0x0, &(0x7f00000042c0)=[{&(0x7f0000003fc0)=""/213, 0xd5}, {&(0x7f00000040c0)=""/52, 0x34}, {&(0x7f0000004100)=""/211, 0xd3}, {&(0x7f0000004200)=""/56, 0x38}, {&(0x7f0000005580)=""/73, 0x4f}], 0x5}, 0x17}], 0x4, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r7, 0x407, 0x0) write(r7, &(0x7f0000000340), 0x41395527) vmsplice(r6, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 425.877661] FAULT_INJECTION: forcing a failure. [ 425.877661] name failslab, interval 1, probability 0, space 0, times 0 [ 425.888986] CPU: 0 PID: 22283 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 425.896116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 425.905478] Call Trace: [ 425.908154] dump_stack+0x138/0x197 [ 425.911784] should_fail.cold+0x10f/0x159 [ 425.915944] should_failslab+0xdb/0x130 [ 425.919916] kmem_cache_alloc+0x2d7/0x780 [ 425.924052] ? find_held_lock+0x35/0x130 [ 425.928098] ? copy_tree+0x4a2/0x8a0 [ 425.931794] alloc_vfsmnt+0x28/0x7d0 [ 425.935495] clone_mnt+0x70/0xee0 [ 425.939018] ? lock_downgrade+0x740/0x740 [ 425.943254] copy_tree+0x33b/0x8a0 [ 425.946807] copy_mnt_ns+0x11c/0x8c0 [ 425.950529] ? kmem_cache_alloc+0x611/0x780 [ 425.955147] ? selinux_capable+0x36/0x40 [ 425.959472] create_new_namespaces+0xc9/0x720 [ 425.963962] ? ns_capable_common+0x12c/0x160 [ 425.968803] copy_namespaces+0x284/0x310 [ 425.972901] copy_process.part.0+0x2603/0x6a00 [ 425.977564] ? proc_fail_nth_write+0x7d/0x180 [ 425.982119] ? proc_cwd_link+0x1b0/0x1b0 [ 425.986215] ? __cleanup_sighand+0x50/0x50 [ 425.990567] ? lock_downgrade+0x740/0x740 [ 425.994745] _do_fork+0x19e/0xce0 [ 425.998210] ? fork_idle+0x280/0x280 [ 426.001921] ? fput+0xd4/0x150 [ 426.005117] ? SyS_write+0x15e/0x230 [ 426.008834] SyS_clone+0x37/0x50 [ 426.012195] ? sys_vfork+0x30/0x30 [ 426.015732] do_syscall_64+0x1e8/0x640 [ 426.019613] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 426.024470] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 426.029838] RIP: 0033:0x459a59 [ 426.033029] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 426.040731] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 426.048097] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 426.055357] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 426.062769] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 426.070036] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:58 executing program 3: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup2(r1, r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x80000000000a01, 0x0) write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[], 0xffffff78) ioctl$TIOCSLCKTRMIOS(r3, 0x5457, &(0x7f0000000000)) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r4 = getpid() sched_setattr(r4, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r5 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r5, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r6, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() r2 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$bt_sco_SCO_CONNINFO(r2, 0x11, 0x2, &(0x7f0000000140), &(0x7f0000000180)) sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x40) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fsetxattr$security_evm(r0, &(0x7f00000000c0)='security.evm\x00', &(0x7f0000000100)=@md5={0x1, "655681114dd3114a29ab491e36d1b01d"}, 0x11, 0x1) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000002c0)="098d6cfab753f852db621493e4d9bb7efe59edc895fda83220fdf0b23f85513e2f983a72a9eb860e1eecc9ad8025dd78378b28ad7fde1f6b282fe24473b368cde11f54846fb4caf84c7d03ec3c4d85aa904b5145682a9bc62e22e7", 0x5b) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) tkill(r4, 0x3c) ptrace$cont(0x18, r4, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r4, 0x0, 0x0) sched_setattr(r4, &(0x7f0000000080)={0x30, 0x2, 0x0, 0xfffffffe, 0x3, 0x1000000009, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) r5 = gettid() ptrace$setopts(0x4206, r5, 0x0, 0x0) tkill(r5, 0x3c) ptrace$cont(0x18, r5, 0x0, 0x0) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) ptrace$cont(0x9, r5, 0x0, 0x0) capget(&(0x7f0000000100)={0x19980330, r5}, &(0x7f0000000140)={0x0, 0x9, 0x7, 0xffffffff, 0x0, 0x8}) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0xdff4, 0x600084) 17:46:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r8, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000001c0)={'veth1\x00', &(0x7f00000002c0)=@ethtool_regs={0x4, 0x6, 0x60, "0c87b61fbd5fae8d6480ccb53de08d86873d03d71c9b02160f23a5a91f22e1f094132399928f991f38c53710046fd8ea9d088aa5d10483e9691b95575f41f16bc352632e756835c6fd240e87355be2ba0bee20613ab57ceb43a518972b383567"}}) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x8, 0x0) r9 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r9, 0x84, 0xb, &(0x7f0000000100)={0xff, 0x8, 0x40, 0x1f, 0x3, 0x2, 0x7f, 0x0, 0x9, 0xff, 0x20}, 0xb) r10 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000180)={r0, 0x0, 0x1, r10}) 17:46:59 executing program 1 (fault-call:17 fault-nth:49): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:46:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f00000000c0)='TIPC\x00') socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 426.983865] FAULT_INJECTION: forcing a failure. [ 426.983865] name failslab, interval 1, probability 0, space 0, times 0 [ 426.995333] CPU: 0 PID: 22332 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 427.002383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.011748] Call Trace: [ 427.014356] dump_stack+0x138/0x197 [ 427.018003] should_fail.cold+0x10f/0x159 [ 427.022165] should_failslab+0xdb/0x130 [ 427.026153] kmem_cache_alloc+0x2d7/0x780 [ 427.030312] ? refcount_inc+0x1f/0x40 [ 427.034227] alloc_pid+0x5d/0xc70 [ 427.037691] ? copy_thread_tls+0x3c8/0x7a0 [ 427.041936] copy_process.part.0+0x272f/0x6a00 [ 427.046530] ? proc_fail_nth_write+0x7d/0x180 [ 427.051036] ? proc_cwd_link+0x1b0/0x1b0 [ 427.055120] ? __cleanup_sighand+0x50/0x50 [ 427.059393] ? lock_downgrade+0x740/0x740 [ 427.063565] _do_fork+0x19e/0xce0 [ 427.067728] ? fork_idle+0x280/0x280 [ 427.071451] ? fput+0xd4/0x150 [ 427.074649] ? SyS_write+0x15e/0x230 [ 427.078372] SyS_clone+0x37/0x50 [ 427.081742] ? sys_vfork+0x30/0x30 [ 427.085303] do_syscall_64+0x1e8/0x640 [ 427.089216] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 427.094095] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 427.099294] RIP: 0033:0x459a59 [ 427.102489] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 427.110219] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 427.117508] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 427.124814] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 17:46:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x4, 0x15b}, 0x0) r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) ioprio_set$pid(0x0, r1, 0x4) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 427.132178] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 427.139470] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:46:59 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$KVM_ASSIGN_SET_INTX_MASK(r3, 0x4040aea4, &(0x7f00000000c0)={0x3ff, 0x6, 0x3, 0x5}) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:46:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x1, 0x0, 0x5, 0x5, 0x0, 0x15b}, 0xf2a0c11efe31225e) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$DRM_IOCTL_MAP_BUFS(r2, 0xc0186419, &(0x7f00000007c0)={0x8, &(0x7f00000000c0)=""/132, &(0x7f0000000700)=[{0x8000, 0x64, 0x4, &(0x7f0000000180)=""/100}, {0x10001, 0xfa, 0x8001, &(0x7f00000002c0)=""/250}, {0x38d57d4, 0xe2, 0x3, &(0x7f00000003c0)=""/226}, {0x6bb, 0x56, 0xfa43, &(0x7f00000004c0)=""/86}, {0x2, 0x44, 0x9, &(0x7f0000000540)=""/68}, {0x5c, 0xb2, 0xfffff395, &(0x7f00000005c0)=""/178}, {0x80, 0x63, 0x6, &(0x7f0000000680)=""/99}, {0x9, 0xffffffffffffff36, 0x1f, &(0x7f0000000240)=""/28}]}) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) write$USERIO_CMD_SEND_INTERRUPT(r4, &(0x7f0000000900)={0x2, 0x7}, 0x2) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) getsockopt$netrom_NETROM_T2(r3, 0x103, 0x2, &(0x7f0000000800)=0x101, &(0x7f0000000840)=0x4) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = getpgid(r0) ptrace$getregs(0xe, r5, 0x2, &(0x7f0000000880)=""/80) ptrace(0x10, 0x0) 17:47:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x1, 0x1) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:00 executing program 1 (fault-call:17 fault-nth:50): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:00 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 427.909931] FAULT_INJECTION: forcing a failure. [ 427.909931] name failslab, interval 1, probability 0, space 0, times 0 [ 427.921644] CPU: 0 PID: 22384 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 427.928690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 427.938142] Call Trace: [ 427.940937] dump_stack+0x138/0x197 [ 427.944589] should_fail.cold+0x10f/0x159 [ 427.948746] should_failslab+0xdb/0x130 [ 427.952735] kmem_cache_alloc+0x2d7/0x780 [ 427.956896] ? check_preemption_disabled+0x3c/0x250 [ 427.963234] alloc_vfsmnt+0x28/0x7d0 [ 427.966954] vfs_kern_mount.part.0+0x2a/0x3d0 [ 427.971451] ? rcu_read_lock_sched_held+0x110/0x130 [ 427.976651] kern_mount_data+0x56/0xc0 [ 427.980646] pid_ns_prepare_proc+0x1e/0x90 [ 427.984904] alloc_pid+0x9ef/0xc70 [ 427.988445] copy_process.part.0+0x272f/0x6a00 [ 427.993643] ? proc_fail_nth_write+0x7d/0x180 [ 427.998145] ? proc_cwd_link+0x1b0/0x1b0 [ 428.002204] ? __cleanup_sighand+0x50/0x50 [ 428.006431] ? lock_downgrade+0x740/0x740 [ 428.010578] _do_fork+0x19e/0xce0 [ 428.014043] ? fork_idle+0x280/0x280 [ 428.017744] ? fput+0xd4/0x150 [ 428.021007] ? SyS_write+0x15e/0x230 [ 428.024709] SyS_clone+0x37/0x50 [ 428.028067] ? sys_vfork+0x30/0x30 [ 428.031607] do_syscall_64+0x1e8/0x640 [ 428.035492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 428.040347] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 428.045668] RIP: 0033:0x459a59 [ 428.048843] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 17:47:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(0xffffffffffffffff, 0x2401, 0x17de00000) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 428.056626] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 428.064153] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 428.071407] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 428.078661] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 428.086445] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:47:00 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x4, 0x0, 0xa5) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x38, 0x2c, 0x701, 0x0, 0x0, {0x0, r6, {}, {}, {0x3}}, [@filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, [@TCA_BPF_FLAGS={0x6}]}}]}, 0x38}}, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r7, 0x660c) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) 17:47:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f00000000c0)={0x7, 0x7ff, 0x3, 0x9, 0x6, 0x9}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) prctl$PR_GET_CHILD_SUBREAPER(0x25) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x4, 0x80000, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) setitimer(0x2, &(0x7f0000000240)={{r3, r4/1000+30000}, {0x77359400}}, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r5, 0x6, 0x16, &(0x7f00000000c0)=[@mss={0x2, 0x5}, @window={0x3, 0x8000, 0x3}, @window={0x3, 0x3f, 0x8}], 0x3) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:01 executing program 1 (fault-call:17 fault-nth:51): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 429.078751] FAULT_INJECTION: forcing a failure. [ 429.078751] name failslab, interval 1, probability 0, space 0, times 0 [ 429.090218] CPU: 0 PID: 22443 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 429.097526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.106893] Call Trace: [ 429.109501] dump_stack+0x138/0x197 [ 429.113153] should_fail.cold+0x10f/0x159 [ 429.117319] should_failslab+0xdb/0x130 [ 429.121332] kmem_cache_alloc+0x2d7/0x780 [ 429.125498] ? check_preemption_disabled+0x3c/0x250 [ 429.130526] alloc_vfsmnt+0x28/0x7d0 [ 429.134252] vfs_kern_mount.part.0+0x2a/0x3d0 [ 429.138756] ? rcu_read_lock_sched_held+0x110/0x130 [ 429.143795] kern_mount_data+0x56/0xc0 [ 429.147689] pid_ns_prepare_proc+0x1e/0x90 [ 429.151931] alloc_pid+0x9ef/0xc70 [ 429.155697] copy_process.part.0+0x272f/0x6a00 [ 429.160345] ? proc_fail_nth_write+0x7d/0x180 [ 429.164868] ? proc_cwd_link+0x1b0/0x1b0 [ 429.168941] ? __cleanup_sighand+0x50/0x50 [ 429.173185] ? lock_downgrade+0x740/0x740 [ 429.177342] _do_fork+0x19e/0xce0 [ 429.180798] ? fork_idle+0x280/0x280 [ 429.184508] ? fput+0xd4/0x150 [ 429.187698] ? SyS_write+0x15e/0x230 [ 429.191408] SyS_clone+0x37/0x50 [ 429.194764] ? sys_vfork+0x30/0x30 [ 429.198298] do_syscall_64+0x1e8/0x640 [ 429.202623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 429.207481] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 429.212732] RIP: 0033:0x459a59 [ 429.215915] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 429.223611] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 429.231195] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 429.239200] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 429.247361] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 429.254800] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:47:01 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x3, 0x5, 0x3}, 0x0) socket$inet6(0xa, 0x2, 0x0) r2 = shmget(0x1, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) shmctl$IPC_INFO(r2, 0x3, &(0x7f0000000100)=""/85) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x3cc7e6c7) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x2f2802e3}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) ptrace$cont(0x27, r0, 0x9, 0x1) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r5, 0x84, 0x66, &(0x7f0000000040)={r6}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000180)={r6, 0x4}, &(0x7f00000001c0)=0x8) 17:47:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @mcast2, 0x3}, 0x1c) fcntl$setpipe(r2, 0x407, 0x0) r4 = socket$tipc(0x1e, 0x2, 0x0) recvfrom(0xffffffffffffffff, &(0x7f0000000340)=""/210, 0xd2, 0xfb2565a10e1a991c, &(0x7f0000000440)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e21, @empty}, 0x2, 0x0, 0x3, 0x1}}, 0x80) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xde0c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) connect$nfc_llcp(r5, &(0x7f00000002c0)={0x27, 0x1, 0x1, 0x7, 0x5, 0x1f, "8091c485667bcc73907dd9b157226bb7bae290a9bb1b99f23d3c6502b6bbec3cb9e39abd8cc84683c777561c05080c05589738ba9be0dbd2a868910a2feaf0", 0x16}, 0x60) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0xbd5ec7c1d3986f5a, 0xffffffff, 0x5, 0x0, 0x0, 0x15b}, 0x70d6d5bf9f9f2608) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:02 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:02 executing program 1 (fault-call:17 fault-nth:52): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x2) getpid() getpid() ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000001c0)=0x0) sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x6, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f00000002c0)={0x0, 0x7, 0x2, 0x6, [], [], [], 0x80000001, 0x1, 0x8, 0x70, "5287fbc61e969d788276c6a285068c20"}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r4, 0x900, 0x70bd27, 0x25dfdbff}, 0xfffffffffffffef8}, 0x1, 0x0, 0x0, 0xeded590a58b11492}, 0x44001) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 429.942615] FAULT_INJECTION: forcing a failure. [ 429.942615] name failslab, interval 1, probability 0, space 0, times 0 [ 429.954135] CPU: 0 PID: 22488 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 429.961175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 429.970543] Call Trace: [ 429.973150] dump_stack+0x138/0x197 [ 429.976833] should_fail.cold+0x10f/0x159 [ 429.980998] should_failslab+0xdb/0x130 [ 429.985621] kmem_cache_alloc+0x2d7/0x780 [ 429.989791] ? check_preemption_disabled+0x3c/0x250 [ 429.995093] alloc_vfsmnt+0x28/0x7d0 [ 429.998847] vfs_kern_mount.part.0+0x2a/0x3d0 [ 430.003357] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.008423] kern_mount_data+0x56/0xc0 [ 430.012329] pid_ns_prepare_proc+0x1e/0x90 [ 430.016575] alloc_pid+0x9ef/0xc70 [ 430.020130] copy_process.part.0+0x272f/0x6a00 [ 430.024724] ? proc_fail_nth_write+0x7d/0x180 [ 430.029223] ? proc_cwd_link+0x1b0/0x1b0 [ 430.033315] ? __cleanup_sighand+0x50/0x50 [ 430.037569] ? lock_downgrade+0x740/0x740 [ 430.041731] _do_fork+0x19e/0xce0 [ 430.045196] ? fork_idle+0x280/0x280 [ 430.048924] ? fput+0xd4/0x150 [ 430.052121] ? SyS_write+0x15e/0x230 [ 430.055844] SyS_clone+0x37/0x50 [ 430.059215] ? sys_vfork+0x30/0x30 [ 430.062766] do_syscall_64+0x1e8/0x640 [ 430.066668] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.071531] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 430.076740] RIP: 0033:0x459a59 [ 430.079927] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 430.087637] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 430.095700] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 430.103014] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 430.110293] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 430.117577] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:47:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() ioctl$TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f00000000c0)=0x8) sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:02 executing program 4: prlimit64(0x0, 0xd, &(0x7f0000000280)={0x9, 0x8a}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x10, 0x803, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) ioctl$VIDIOC_DQBUF(r2, 0xc0585611, &(0x7f00000002c0)={0xd913, 0xa, 0x4, 0x10, {}, {0x1, 0x2, 0xd5, 0x0, 0x6, 0x1f, "fb0cab03"}, 0x100, 0x1, @fd, 0x4}) getpid() sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/avc/cache_stats\x00', 0x0, 0x0) openat(r5, &(0x7f0000000140)='./file0\x00', 0x80000, 0x121) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() r1 = gettid() prctl$PR_SET_PTRACER(0x59616d61, r1) sched_setattr(r0, &(0x7f0000000040)={0xe9, 0x2, 0x1, 0x0, 0xfffffffd, 0x0, 0x0, 0x20000000000007}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:03 executing program 1 (fault-call:17 fault-nth:53): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002600)=[{{&(0x7f00000027c0)=@ax25={{0x3, @default}, [@remote, @default, @rose, @default, @bcast, @null, @default, @bcast]}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000140)=""/76, 0x4c}, {&(0x7f00000002c0)=""/195, 0xc3}, {&(0x7f00000003c0)=""/4080, 0x1000}], 0x3, 0x0, 0x287}, 0xf06c}, {{&(0x7f00000013c0)=@llc, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000240)}, 0x4}, {{&(0x7f0000001440)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f00000015c0)=[{&(0x7f00000026c0)=""/220, 0xdc}], 0x1, &(0x7f0000001600)=""/4096, 0x1000}, 0x5}], 0x3, 0x40, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext={0x4}, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 430.828411] FAULT_INJECTION: forcing a failure. [ 430.828411] name failslab, interval 1, probability 0, space 0, times 0 [ 430.839857] CPU: 1 PID: 22534 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 430.846902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 430.856263] Call Trace: [ 430.858862] dump_stack+0x138/0x197 [ 430.862516] should_fail.cold+0x10f/0x159 [ 430.866678] should_failslab+0xdb/0x130 [ 430.870670] kmem_cache_alloc_trace+0x2e9/0x790 [ 430.875537] ? rcu_lockdep_current_cpu_online+0xf2/0x140 [ 430.881091] ? sget_userns+0xfe/0xc30 [ 430.884897] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.890013] selinux_sb_alloc_security+0x46/0x220 [ 430.894864] security_sb_alloc+0x6d/0xa0 [ 430.898935] sget_userns+0x196/0xc30 [ 430.902651] ? set_anon_super+0x20/0x20 [ 430.906635] ? get_empty_filp.cold+0x3b/0x3b [ 430.911048] mount_ns+0x6d/0x190 [ 430.914417] ? proc_get_inode+0x620/0x620 [ 430.918570] proc_mount+0x6a/0xa0 [ 430.922030] mount_fs+0x97/0x2a1 [ 430.925409] vfs_kern_mount.part.0+0x5e/0x3d0 [ 430.929906] ? rcu_read_lock_sched_held+0x110/0x130 [ 430.934930] kern_mount_data+0x56/0xc0 [ 430.938825] pid_ns_prepare_proc+0x1e/0x90 [ 430.943070] alloc_pid+0x9ef/0xc70 [ 430.946632] copy_process.part.0+0x272f/0x6a00 [ 430.951231] ? proc_fail_nth_write+0x7d/0x180 [ 430.955736] ? proc_cwd_link+0x1b0/0x1b0 [ 430.959816] ? __cleanup_sighand+0x50/0x50 [ 430.964062] ? lock_downgrade+0x740/0x740 [ 430.968224] _do_fork+0x19e/0xce0 [ 430.971690] ? fork_idle+0x280/0x280 [ 430.975416] ? fput+0xd4/0x150 [ 430.978633] ? SyS_write+0x15e/0x230 [ 430.982358] SyS_clone+0x37/0x50 [ 430.985735] ? sys_vfork+0x30/0x30 [ 430.989285] do_syscall_64+0x1e8/0x640 [ 430.993182] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 430.998041] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 431.003235] RIP: 0033:0x459a59 [ 431.006424] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 431.014142] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 431.021419] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 431.029557] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 431.036833] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 431.044109] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:47:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f00000000c0)) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f00000000c0)="8fe25653246586134776bee4911ba91c", 0x10) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:04 executing program 1 (fault-call:17 fault-nth:54): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x4000000000002fc, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f00000000c0)={0x0, 0x6, 0x2, 0x3, 0x2, [{0x3, 0x9, 0x4, 0x0, 0x0, 0x3046}, {0x4, 0x9, 0x40, 0x0, 0x0, 0x90a}]}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) munlockall() ptrace(0x10, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r5, 0x0) syz_mount_image$reiserfs(&(0x7f0000000180)='reiserfs\x00', &(0x7f00000001c0)='./file0\x00', 0x9, 0x6, &(0x7f0000000700)=[{&(0x7f0000000240)="130a5d738d14d45de02028503118270460953d14aa6cd0f5ed2b56b908e771e12859b6", 0x23, 0x7ff}, {&(0x7f00000002c0)="482f518335c24cf0c46d0ba71b909eb41758109be01829b425485576583f096474022bb2225c9e8879c8bcdcc7fe1819adce25369dcde907afcf92a9d0d7bfa52546ee70032b4ed4914fba19f50dd467c32fff392fdf9d7e05ddab3e83011445e83c75a0dbcdf6809a6af604cc86931c465a1e80a5c7bc4c43f0737d18235886bfdc7562510fbfbedcc052b4a2d59e3df47d72d28fea4e441715da777025440d3fa3a1b5e34355caee8cbaa0c05d1ce163bad4cd3d8c3a2a593eb045665c8317e1688cdbf3d5185cb07d9b93a48bc208f19f0cd530671e", 0xd7}, {&(0x7f00000003c0)="a0f0c8d6397793785fd2e5479f6198aa50204c05b6b31235c1ccd3b40bbdc67e192c0c5fa4070f8562b5f18cc7d92ed73d034644886be1ba2a92b8e6589408985d170766c912de103e6901f950004cb84135470337f3f0249ae1fd16baa2a8ab58287c3d3ac7a8dc1105e3187c795216298146425d894c30ddc129bcab54793174fb3e54330fdecb74b6605ddb832d273a6d82c96f5d7d24fc27d1e6a18577b33cc8d5aa1df7237ab44737f04396905234167e8fc7794a2dbbb6d0c05f87221d811c05d7673d97c5b0a1d244bf537aef56f2285518aaff959ef5ac", 0xdb, 0x4aa3}, {&(0x7f00000004c0)="ce0eed42ee459377040d01f49b45d57a1df32bcbbc3b8dc4cea5e74bded3c165bb88599fe2d1e5e7c94a8cb3f3d80a302d168978da3f2982a49af5d5bc7b138fc695643538b39a5c379e", 0x4a, 0x7}, {&(0x7f0000000540)="f9a828e04a6752dd7924abbae15027191830df984098b678af418a9f6689dd1d3b84cc7ed55731217508734d6f0797892e38454ece0ca8cdff656010ee1e63205ff1437e57eace50afed71b198c5924b9820a12f3563c6e518e58c544ef0142808809affb5d433c2378caf6fae7c91b91cac76f08dc368838fcce996fbe1bac50d826317ca99136d4ff8595d6cffcba499024c068bd95494f785454c0511971c3443b67e7e8242548e343f2f9df6f478f5153860a24bddea97705f28d82f22118b5a313362c2ac9b5d94c0d111a7268addb2078c0eef30996de2dcc950a5515009cc70b4bd48560d0e58cc57958eee7482e0770594e0eae0c07b598f904950", 0xff, 0xffff}, {&(0x7f0000000640)="bbb562bd8d130eb5185559a67bdd0bdea082164ac6b6808e38d141a294839b92199f0961d9de1d557d0e6a141e37efdc72955579032219cc4bfa0cf9598bd227e62c71bfb4f52ee88314e3cf463019a58eb233b63903a74d762ad88788c96c5e422fedf31e61ce24667181934fb620ec046cd3b2a6a26db654fda98daa2f6c14dcb84927d1c28997d712657b9443ec2997d13f9cbaf64bfb815a2b09b2df538509f3c4997f15ef6391eba4135a01b06a8ffbb7099efb7318", 0xb8, 0x3}], 0x80000, &(0x7f00000007c0)={[{@errors_continue='errors=continue'}, {@jqfmt_vfsold='jqfmt=vfsold'}], [{@obj_user={'obj_user', 0x3d, ']em1'}}, {@appraise='appraise'}, {@uid_gt={'uid>', r5}}]}) [ 431.720027] FAULT_INJECTION: forcing a failure. [ 431.720027] name failslab, interval 1, probability 0, space 0, times 0 [ 431.731947] CPU: 1 PID: 22576 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 431.739073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.748447] Call Trace: [ 431.751089] dump_stack+0x138/0x197 [ 431.754738] should_fail.cold+0x10f/0x159 [ 431.758906] should_failslab+0xdb/0x130 [ 431.762889] __kmalloc+0x2f0/0x7a0 [ 431.766465] ? __list_lru_init+0x6b/0x660 [ 431.770619] __list_lru_init+0x6b/0x660 [ 431.774602] sget_userns+0x4e0/0xc30 [ 431.778321] ? set_anon_super+0x20/0x20 [ 431.782290] ? get_empty_filp.cold+0x3b/0x3b [ 431.786692] mount_ns+0x6d/0x190 [ 431.790052] ? proc_get_inode+0x620/0x620 [ 431.794198] proc_mount+0x6a/0xa0 [ 431.797641] mount_fs+0x97/0x2a1 [ 431.801006] vfs_kern_mount.part.0+0x5e/0x3d0 [ 431.805498] ? rcu_read_lock_sched_held+0x110/0x130 [ 431.810515] kern_mount_data+0x56/0xc0 [ 431.814401] pid_ns_prepare_proc+0x1e/0x90 [ 431.818632] alloc_pid+0x9ef/0xc70 [ 431.822168] copy_process.part.0+0x272f/0x6a00 [ 431.826772] ? proc_fail_nth_write+0x7d/0x180 [ 431.831267] ? proc_cwd_link+0x1b0/0x1b0 [ 431.835335] ? __cleanup_sighand+0x50/0x50 [ 431.839558] ? lock_downgrade+0x740/0x740 [ 431.843696] _do_fork+0x19e/0xce0 [ 431.847159] ? fork_idle+0x280/0x280 [ 431.850892] ? fput+0xd4/0x150 [ 431.854082] ? SyS_write+0x15e/0x230 [ 431.857807] SyS_clone+0x37/0x50 [ 431.861165] ? sys_vfork+0x30/0x30 [ 431.864711] do_syscall_64+0x1e8/0x640 [ 431.868599] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.873445] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 431.878634] RIP: 0033:0x459a59 [ 431.881820] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 431.889532] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 431.896803] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 431.904142] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 431.911420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 431.918690] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:47:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32=r7, @ANYBLOB="0000000000000000280012000c0001007665746800000000180002001400010000000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x74, 0x24, 0x507, 0x0, 0x0, {0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_sfq={{0x8, 0x1, 'sfq\x00'}, {0x48}}]}, 0x74}}, 0x0) write(r4, &(0x7f00000000c0)="759fe36609ff17457f08d931da09059fa3fc731992489300e9d2decf3ce13a8e95a5a284612ae87b85cdff4608b38f51b44492e6f016e085d2877761861c50266b784d7707b1b9cf4e2aba21012e7843e5209f9562968161cde5f95c6090bda0523286828f65ae17f23c1085ab027356c3af7495e787b04b02ea99c98ab93ae6c22396e0cafe55ca303930ac910393c4391bcdd20d1a3503b50ecc84924989c3390b0cae7c9e34a28421bdc80ca83972d9a55b2832e60ed5f331bbec3f8f98989430423fdefa99ad9c29841fa1ce4efd76a45678330bd24f63e98a95b4d90cc200f35f46d5c7fdadf89baaca9f6d7f599b", 0xf1) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = open(0x0, 0x80001, 0x2) getpid() getpid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r2, 0x0) fstat(0xffffffffffffffff, &(0x7f0000000180)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r4, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x40000) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f00000002c0)={{{@in6=@mcast2, @in6=@dev}}, {{@in6=@empty}, 0x0, @in=@local}}, &(0x7f0000000240)=0xe8) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r7, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r9, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x56) setresuid(0x0, r11, 0x0) stat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000480), &(0x7f00000004c0)=0xc) getgid() getresgid(&(0x7f0000000500), &(0x7f0000000540), &(0x7f0000000580)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x300}, 0x0, 0x3, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x803, 0x2) 17:47:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0xffffffff, 0x7, 0x0, 0xfffffffffffffffb, 0x2}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f00000000c0)={0x4, 0x6, 0x4, 0x6d4, 0x5, [{0xe1, 0x2, 0x8, 0x0, 0x0, 0x2000}, {0x2, 0x1, 0x8, 0x0, 0x0, 0x100}, {0x5, 0x2cb3, 0x5, 0x0, 0x0, 0x5}, {0xfffffffffffffffd, 0x6, 0x4, 0x0, 0x0, 0x3900}, {0x6, 0x8000, 0xff, 0x0, 0x0, 0x1}]}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f00000002c0)) r0 = socket(0x10, 0x803, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) ioctl$TIOCLINUX6(r1, 0x541c, &(0x7f0000000240)={0x6, 0x6}) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r2 = accept$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, &(0x7f00000000c0)=0x1c) setsockopt$inet6_dccp_int(r2, 0x21, 0x11, &(0x7f0000000100)=0x7fffffff, 0x4) open(0x0, 0x0, 0x2) getpid() r3 = getpid() sched_setattr(r3, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r4 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r4, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000fff000/0x1000)=nil) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) prctl$PR_SET_TIMERSLACK(0x1d, 0x2) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 432.191489] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65289 sclass=netlink_route_socket pig=22602 comm=syz-executor.2 17:47:05 executing program 1 (fault-call:17 fault-nth:55): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 432.640414] FAULT_INJECTION: forcing a failure. [ 432.640414] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 432.652278] CPU: 1 PID: 22627 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 432.659296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 432.668665] Call Trace: [ 432.671272] dump_stack+0x138/0x197 [ 432.674915] should_fail.cold+0x10f/0x159 [ 432.679077] __alloc_pages_nodemask+0x1d6/0x7a0 [ 432.683758] ? fs_reclaim_acquire+0x20/0x20 [ 432.688093] ? __alloc_pages_slowpath+0x2930/0x2930 [ 432.693136] cache_grow_begin+0x80/0x400 [ 432.697208] kmem_cache_alloc_trace+0x6b2/0x790 [ 432.701895] ? lock_downgrade+0x740/0x740 [ 432.707006] ? trace_hardirqs_on_caller+0x400/0x590 [ 432.712036] sget_userns+0xfe/0xc30 [ 432.715667] ? set_anon_super+0x20/0x20 [ 432.719655] ? get_empty_filp.cold+0x3b/0x3b [ 432.724070] mount_ns+0x6d/0x190 [ 432.727435] ? proc_get_inode+0x620/0x620 [ 432.731592] proc_mount+0x6a/0xa0 [ 432.735049] mount_fs+0x97/0x2a1 [ 432.738423] vfs_kern_mount.part.0+0x5e/0x3d0 [ 432.742919] ? rcu_read_lock_sched_held+0x110/0x130 [ 432.747944] kern_mount_data+0x56/0xc0 [ 432.751841] pid_ns_prepare_proc+0x1e/0x90 [ 432.756078] alloc_pid+0x9ef/0xc70 [ 432.759635] copy_process.part.0+0x272f/0x6a00 [ 432.764235] ? proc_fail_nth_write+0x7d/0x180 [ 432.768730] ? proc_cwd_link+0x1b0/0x1b0 [ 432.772807] ? __cleanup_sighand+0x50/0x50 [ 432.777048] ? lock_downgrade+0x740/0x740 [ 432.781209] _do_fork+0x19e/0xce0 [ 432.784671] ? fork_idle+0x280/0x280 [ 432.788391] ? fput+0xd4/0x150 [ 432.791588] ? SyS_write+0x15e/0x230 [ 432.795315] SyS_clone+0x37/0x50 [ 432.798683] ? sys_vfork+0x30/0x30 [ 432.802294] do_syscall_64+0x1e8/0x640 [ 432.806272] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.811116] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 432.816323] RIP: 0033:0x459a59 [ 432.819674] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 432.827385] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 432.835603] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 432.842916] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 432.850180] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 432.857459] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 17:47:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000240)='/dev/null\x00', 0x4000, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000002c0)={'icmp6\x00'}, &(0x7f0000000300)=0x1e) open(0x0, 0x0, 0x0) getpid() r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={0x0, 0xffffff00}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000140)={r6, 0x8, 0x7f}, 0x8) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:05 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0xd704daac94f10eda) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x331, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x0, 0x600200) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000100)=0x80000000) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r4, 0x0) ioctl$KVM_NMI(r4, 0xae9a) [ 432.930154] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65289 sclass=netlink_route_socket pig=22607 comm=syz-executor.2 17:47:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x5, 0x8) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:05 executing program 3: prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) prctl$PR_SET_PDEATHSIG(0x1, 0x15) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0xfffffd56, 0x2, 0x0, 0x4, 0x5, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x15b}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/vga_arbiter\x00', 0x24020, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x19f) sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="48000000efdeb10023aac4c0bd7abfc5e4cde543a30000000000000000000000c0dd29ea3efff110771c388dd2dc351a3e3298e70e373e0e4c4e18fc59dd96dc40aa4af23a72926449b4c4f2989a889b196ed5c9b597546620cf81f53ccdfcec494f289d05d705845c033054579bd75d0a59559cbbf5819491e9789badedf79802ebf35e42cf0edc0aca9083addb5d5a90621b2ac5f52ded217c986849a81ae936cc1d413f83fc008aff0c3b349b91b9d250f7f5184ac0cd0b145170", @ANYRES32=r6, @ANYBLOB="0000000000000000280012010c00010076ffff0000000000180002000000000000007f00", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\a'], 0x48}}, 0x0) r7 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) write(r7, &(0x7f0000000340), 0x82bb8087c52a885c) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) r8 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r8, 0x0) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r9, 0x0) r10 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r10, 0x0) r11 = syz_open_procfs(r0, &(0x7f0000000140)='net/psched\x00') r12 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r12, 0x0) sendmsg$nl_route(r5, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x404}, 0xc, &(0x7f0000000240)={&(0x7f0000000340)=@RTM_GETNSID={0x44, 0x5a, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@NETNSA_FD={0x8, 0x3, r8}, @NETNSA_FD={0x8, 0x3, r9}, @NETNSA_FD={0x8, 0x3, r10}, @NETNSA_FD={0x8, 0x3, r11}, @NETNSA_NSID={0x8}, @NETNSA_FD={0x8, 0x3, r12}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000000}, 0x4) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 17:47:05 executing program 1 (fault-call:17 fault-nth:56): prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x7f, 0xd02, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x40) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) 17:47:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 433.389171] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57071 sclass=netlink_route_socket pig=22662 comm=syz-executor.3 [ 433.513853] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=57071 sclass=netlink_route_socket pig=22662 comm=syz-executor.3 17:47:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x2) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) rmdir(0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xefffffffffffffff, 0xffffffffffffffff, 0x0) socket$inet_udp(0x2, 0x2, 0x0) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r3, 0x0) ioctl$SCSI_IOCTL_DOORLOCK(r3, 0x5380) r4 = eventfd2(0xf6, 0x80800) write$binfmt_elf64(r4, &(0x7f0000000800)=ANY=[@ANYBLOB="7f454c4637010305030000000000000002003b0008f30000d103000000000000400000000000000054020000000000002000000009003800010000800600008005000000070000000400000000000000040000000000000004000000000000000800000000000000000000000100000007000000000000002b0350df2333728026e273008ebe652a49289057d80b5778a8dc894d9c1bcb3e5dd3ce4633240f4b358bdf94cfc85ecec665a738e58f11e0c1e1bf0f9ac2216cb2d3087bba378019788c3c75af494d8ce69d0708728d224c8d408a81b3e4e6c06f397479eb7a44a54390b0f4ac64916d123e3f6b066e7e1fc51f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006d00000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000118d2d3c612ec4d40d3a5b3fc8ff3f20fb3fe1b1ba5dc209f930f33a61e56a7e924e8ff2"], 0x4f2) [ 433.614751] FAULT_INJECTION: forcing a failure. [ 433.614751] name failslab, interval 1, probability 0, space 0, times 0 [ 433.626754] CPU: 0 PID: 22683 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 433.633811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.643199] Call Trace: [ 433.645800] dump_stack+0x138/0x197 [ 433.649450] should_fail.cold+0x10f/0x159 [ 433.653624] should_failslab+0xdb/0x130 [ 433.657700] __kmalloc+0x2f0/0x7a0 [ 433.661257] ? lock_downgrade+0x740/0x740 [ 433.665408] ? register_shrinker+0xbd/0x220 [ 433.669742] register_shrinker+0xbd/0x220 [ 433.673896] sget_userns+0x9bf/0xc30 [ 433.677618] ? set_anon_super+0x20/0x20 [ 433.681606] ? get_empty_filp.cold+0x3b/0x3b [ 433.686022] mount_ns+0x6d/0x190 [ 433.689396] ? proc_get_inode+0x620/0x620 [ 433.693560] proc_mount+0x6a/0xa0 [ 433.697020] mount_fs+0x97/0x2a1 [ 433.700397] vfs_kern_mount.part.0+0x5e/0x3d0 [ 433.704894] ? rcu_read_lock_sched_held+0x110/0x130 [ 433.709936] kern_mount_data+0x56/0xc0 [ 433.715606] pid_ns_prepare_proc+0x1e/0x90 [ 433.719850] alloc_pid+0x9ef/0xc70 [ 433.723409] copy_process.part.0+0x272f/0x6a00 [ 433.728007] ? proc_fail_nth_write+0x7d/0x180 [ 433.732540] ? proc_cwd_link+0x1b0/0x1b0 [ 433.736628] ? __cleanup_sighand+0x50/0x50 [ 433.740865] ? lock_downgrade+0x740/0x740 [ 433.745022] _do_fork+0x19e/0xce0 [ 433.748483] ? fork_idle+0x280/0x280 [ 433.752212] ? fput+0xd4/0x150 [ 433.755412] ? SyS_write+0x15e/0x230 [ 433.759133] SyS_clone+0x37/0x50 [ 433.762504] ? sys_vfork+0x30/0x30 [ 433.766051] do_syscall_64+0x1e8/0x640 [ 433.769943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.774805] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 433.780106] RIP: 0033:0x459a59 [ 433.783295] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 433.791009] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 433.798282] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 433.805554] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 433.812825] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 433.820095] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 433.850844] ================================================================== [ 433.858570] BUG: KASAN: use-after-free in put_pid_ns+0x100/0x110 [ 433.864725] Read of size 8 at addr ffff88805a9668f8 by task syz-executor.1/22683 [ 433.872257] [ 433.873893] CPU: 1 PID: 22683 Comm: syz-executor.1 Not tainted 4.14.149 #0 [ 433.880904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 433.890263] Call Trace: [ 433.892861] dump_stack+0x138/0x197 [ 433.896502] ? put_pid_ns+0x100/0x110 [ 433.900328] print_address_description.cold+0x7c/0x1dc [ 433.905614] ? put_pid_ns+0x100/0x110 [ 433.909420] kasan_report.cold+0xa9/0x2af [ 433.913574] __asan_report_load8_noabort+0x14/0x20 [ 433.918509] put_pid_ns+0x100/0x110 [ 433.922147] free_nsproxy+0x103/0x200 [ 433.925950] switch_task_namespaces+0x98/0xb0 [ 433.930450] exit_task_namespaces+0x18/0x20 [ 433.934783] copy_process.part.0+0x3b59/0x6a00 [ 433.939374] ? proc_fail_nth_write+0x7d/0x180 [ 433.943871] ? proc_cwd_link+0x1b0/0x1b0 [ 433.947947] ? __cleanup_sighand+0x50/0x50 [ 433.952184] ? lock_downgrade+0x740/0x740 [ 433.956328] _do_fork+0x19e/0xce0 [ 433.959791] ? fork_idle+0x280/0x280 [ 433.963495] ? fput+0xd4/0x150 [ 433.966694] ? SyS_write+0x15e/0x230 [ 433.970406] SyS_clone+0x37/0x50 [ 433.973783] ? sys_vfork+0x30/0x30 [ 433.977328] do_syscall_64+0x1e8/0x640 [ 433.981204] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 433.986035] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 433.991225] RIP: 0033:0x459a59 [ 433.994398] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 434.002092] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 434.009345] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 17:47:06 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff}, 0x85aada546cc286d4) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0xa7, 0x3c, 0x2, 0xfffffffffffffffb, 0x400000000000}, 0x0) rmdir(0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) clone(0x20200000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 434.016613] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 434.023890] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 434.031249] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 434.038524] [ 434.040154] Allocated by task 22683: [ 434.040171] save_stack_trace+0x16/0x20 [ 434.040181] save_stack+0x45/0xd0 [ 434.040188] kasan_kmalloc+0xce/0xf0 [ 434.040196] kasan_slab_alloc+0xf/0x20 [ 434.040205] kmem_cache_alloc+0x12e/0x780 [ 434.040213] copy_pid_ns+0x1ae/0xa40 [ 434.040221] create_new_namespaces+0x267/0x720 [ 434.040228] copy_namespaces+0x284/0x310 [ 434.040237] copy_process.part.0+0x2603/0x6a00 [ 434.040244] _do_fork+0x19e/0xce0 [ 434.040251] SyS_clone+0x37/0x50 [ 434.040260] do_syscall_64+0x1e8/0x640 [ 434.040270] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 434.040273] [ 434.040277] Freed by task 22650: [ 434.040283] save_stack_trace+0x16/0x20 [ 434.040289] save_stack+0x45/0xd0 [ 434.040296] kasan_slab_free+0x75/0xc0 [ 434.040306] kmem_cache_free+0x83/0x2b0 17:47:06 executing program 0: r0 = semget(0x1, 0x1, 0x40) semctl$IPC_INFO(r0, 0x0, 0x3, &(0x7f00000002c0)=""/4096) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x12, r2, 0x0) ioctl$ION_IOC_ALLOC(0xffffffffffffffff, 0xc0184900, &(0x7f0000000140)={0xffffffffffffffc0, 0x11, 0x1, r2}) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x7) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x0, 0x0) r6 = getpgrp(0x0) write$P9_RGETLOCK(r5, &(0x7f0000000100)={0x1e, 0x37, 0x2, {0x0, 0x5, 0x5, r6}}, 0x1e) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x2186a103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) [ 434.116146] delayed_free_pidns+0x89/0xb0 [ 434.120310] rcu_process_callbacks+0x7b8/0x12b0 [ 434.124997] __do_softirq+0x244/0x9a0 [ 434.128796] [ 434.130428] The buggy address belongs to the object at ffff88805a9660c0 [ 434.130428] which belongs to the cache pid_namespace of size 2264 [ 434.144135] The buggy address is located 2104 bytes inside of [ 434.144135] 2264-byte region [ffff88805a9660c0, ffff88805a966998) [ 434.156222] The buggy address belongs to the page: [ 434.161160] page:ffffea00016a5980 count:1 mapcount:0 mapping:ffff88805a9660c0 index:0x0 compound_mapcount: 0 [ 434.171236] flags: 0x1fffc0000008100(slab|head) [ 434.175918] raw: 01fffc0000008100 ffff88805a9660c0 0000000000000000 0000000100000003 [ 434.183827] raw: ffffea00016a7a20 ffffea00015d07a0 ffff888219ffb200 0000000000000000 [ 434.191718] page dumped because: kasan: bad access detected [ 434.197428] [ 434.199062] Memory state around the buggy address: [ 434.204005] ffff88805a966780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.211370] ffff88805a966800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.219346] >ffff88805a966880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.226704] ^ [ 434.233987] ffff88805a966900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 434.241386] ffff88805a966980: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 434.248751] ================================================================== [ 434.256113] Disabling lock debugging due to kernel taint [ 434.261806] Kernel panic - not syncing: panic_on_warn set ... [ 434.261806] [ 434.269208] CPU: 1 PID: 22683 Comm: syz-executor.1 Tainted: G B 4.14.149 #0 [ 434.277436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 434.286800] Call Trace: [ 434.290098] dump_stack+0x138/0x197 [ 434.293734] ? put_pid_ns+0x100/0x110 [ 434.297545] panic+0x1f2/0x426 [ 434.300744] ? add_taint.cold+0x16/0x16 [ 434.304723] ? ___preempt_schedule+0x16/0x18 [ 434.309144] kasan_end_report+0x47/0x4f [ 434.313126] kasan_report.cold+0x130/0x2af 17:47:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) open(0x0, 0x0, 0x0) getpid() r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x42, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x15b}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0) rmdir(0x0) socket$inet_udp(0x2, 0x2, 0x0) mkdir(0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x840000000002, 0x3, 0x200000000000ff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ptrace(0x10, 0x0) [ 434.317370] __asan_report_load8_noabort+0x14/0x20 [ 434.322308] put_pid_ns+0x100/0x110 [ 434.325948] free_nsproxy+0x103/0x200 [ 434.329756] switch_task_namespaces+0x98/0xb0 [ 434.334345] exit_task_namespaces+0x18/0x20 [ 434.338678] copy_process.part.0+0x3b59/0x6a00 [ 434.343272] ? proc_fail_nth_write+0x7d/0x180 [ 434.347779] ? proc_cwd_link+0x1b0/0x1b0 [ 434.351855] ? __cleanup_sighand+0x50/0x50 [ 434.356102] ? lock_downgrade+0x740/0x740 [ 434.359728] kobject: 'loop5' (ffff8880a4b49220): kobject_uevent_env [ 434.360255] _do_fork+0x19e/0xce0 [ 434.360266] ? fork_idle+0x280/0x280 [ 434.360277] ? fput+0xd4/0x150 [ 434.360286] ? SyS_write+0x15e/0x230 [ 434.360296] SyS_clone+0x37/0x50 [ 434.360303] ? sys_vfork+0x30/0x30 [ 434.360315] do_syscall_64+0x1e8/0x640 [ 434.395921] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 434.400777] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 434.405971] RIP: 0033:0x459a59 [ 434.409165] RSP: 002b:00007f0dce3bec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 434.416875] RAX: ffffffffffffffda RBX: 00007f0dce3bec90 RCX: 0000000000459a59 [ 434.424153] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 000000002186a103 [ 434.426974] kobject: 'loop5' (ffff8880a4b49220): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 434.431429] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 434.431435] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0dce3bf6d4 [ 434.431440] R13: 00000000004bff5a R14: 00000000004d2130 R15: 0000000000000009 [ 434.433074] Kernel Offset: disabled [ 434.467875] Rebooting in 86400 seconds..