1e4a73a24c1d5b06607912263a9d112fbd6f90eceb4e840d6e36ebd05f28ee84ef5d5bf512fd47f3001a9e3c8cc5c4fd799fbe99042c2ecd5169a0f73d4da40bb4d71d19dbec0742b9a420dfe873cd787b2d9808bf10ab560392c572a0fe7925e61b4634369d54789f9926d2b92a54208c1401c4497b44015d288085fa00abe584dc4b8cc96232e29789aacab8f019d8645ee285a49e15d821d9a3204681949a53c77609c76db79f6be2e9be3368001bed9826c1ce25e4b5cd2522f1dafc3f466105b7a9f039c39359e4c46d7548c69d43f504db12118937b67a61093a4a848b4311af8874592109ac5bbf2f777fc4a359491da32711ac73360ff10dc28e02e66699977a538bddcb41132b7cf20b81947d3a0175e76447141d739d29d6e582cbb636b182eb3b0b5bf3446e71a50ae4b34f83350e26f67f583998fc70cab0fb29d43ddafe73a2e7d8da4193896eb61f18cdcd9b90f56cd2f49cb15175b70b419f42f3859eeca893a345ddcc22c1401bf6c198f9d8da236c0413978f23e215b4a1474cffe71ac4dbfc78b999319b9ac5db47639bd2685d7e02622be93a3dc3e31ae272659f4bdee33ed6642ba799cc6b0f53723407a5db4140fb250656b9494ba07ef9e64831ee1fbbc7a205a17de642a4a66d03e12cd05257d26afc8a1c28028f71633a4cf547542cf2bfd9c9b1f4237ada8e0f15d44060419f5694ce60e921d0c1dc8c946930a5b59d14dd754e5eb021f0a1e44d5d5cf37bac000e7bb92594aa88512312f7d3f7d0609d7cbe8d272b66aeff925f7809598ef42154170fc632ed2034118255865ae1112deb714331156351fdf5838114bbf733502a8b46a0bd3d53317fd7be4063437dbed79c12d83b0efee3e060dd60b601da21be1b4bafd50b542d9e1cc622166c2eb1c41be9b7032e30f5d5f41349922d6619a0c67f4f967aa2647d77ce6fa027b692fbd1adfb4c6e388a8b14bfe724e6d1abe6dca612e2511a99b67a94fa53e0da21f7bf811d69c7c470ce2fc375ff7ce44827ffa219dbc770e1e9dd536fb2e9d18d25a58a35f066de53e8dedb0b2f75f6a5d0104b468e87324097c6838bdfdc247914d82660f51f78e8ae4aca4df672dac016b8618d951137b84be47720e05d60607d83b48fc2d8af8d3c3524810bbe4ac196b70901a26e884e7806a8990305daa340cb86c4698c263de73893f20980e1023bae0f56178c0ce978491f5ed00d1a6edd1c86c8353a6764a7574bf56480c71ad8be719593e145b066cbabe8cca94648a363262063149e992bb513458a4ff51b228ecce4e0e76c0bf459a6fb126c7f09a30f8c8e5864483df562d4a1643ce90808b2ecff9a9f51be2967cd538a6ac49dcea81cb219b3f", 0x1000, 0x3}, {&(0x7f0000001580)="e77786955e9c535beb104b457d8f49f7", 0x10, 0x80}], 0x800000, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:08 executing program 1: ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f00000000c0)=0x0) r1 = syz_open_procfs(r0, &(0x7f00000001c0)='net/igmp\x00') r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") fsync(r1) read(r1, &(0x7f0000000000)=""/151, 0xffffffffffffff40) 07:08:08 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:08 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) timer_create(0x2, &(0x7f0000000200)={0x0, 0x1c, 0x7, @thr={&(0x7f0000000080)="6eb0e72f795c480e10a8e39fc8e75b87d91911473cb7c646670936a4c1aa690f979e983022700e7d05236f8c39a153b894d6080bd4c964f9d3bf99d610071eaf74f40217eba4736372f44f0f70488356fe7c5e58833a26368e68bb221ff77b29f83c4dcb84485970272163b962699519e153b46e3436a86cc067c77c215e8fc752ad1f1d16365f702db8fb827e96e77f760bc730a49c0569a24407c9ea20a03bb767666fc492833cbe7bf3c89a3e706d1205da67cb01f4999f93", &(0x7f00000001c0)="15bf1dfb775be9a90b0098af627a436c8290bd441ef5d49340"}}, &(0x7f0000000240)=0x0) timer_gettime(r2, &(0x7f00000002c0)) 07:08:08 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000480000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:08 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x1200, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:08 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x100000000000000, 0x20}, [{}]}, 0x58) [ 344.923897] EXT4-fs: Invalid sb specification: sb=>,errors=continue [ 344.947222] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:08 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = syz_genetlink_get_family_id$team(&(0x7f0000000100)='team\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000002c0)={{{@in6=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vcan0\x00', 0x0}) getsockname$packet(r0, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000001900)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001940)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000001a40)=0xe8) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000001ac0)={0x0, @remote, @remote}, &(0x7f0000001b00)=0xc) getsockname$packet(r0, &(0x7f0000003240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000003280)=0x14) accept4(r1, &(0x7f00000032c0)=@hci={0x0, 0x0}, &(0x7f0000003340)=0x80, 0x800) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000003380)={{{@in=@remote, @in6=@ipv4={[], [], @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}}}, &(0x7f0000003480)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000004640)={{{@in, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@multicast2}}, &(0x7f0000004740)=0xe8) getsockname$packet(r0, &(0x7f0000004780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000047c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000004800)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000004840)={{{@in=@broadcast, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@local}}, &(0x7f0000004940)=0xe8) getpeername$packet(r0, &(0x7f0000004b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000004b80)=0x14) accept4$packet(r0, &(0x7f0000004c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000004cc0)=0x14, 0x800) getpeername$packet(r0, &(0x7f0000004d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000004d40)=0x14) getsockopt$inet6_mreq(r0, 0x29, 0x0, &(0x7f0000004d80)={@dev, 0x0}, &(0x7f0000004dc0)=0x14) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000004ec0)={{{@in=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @dev}}, 0x0, @in=@loopback}}, &(0x7f0000004fc0)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005000)={{{@in6=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@rand_addr}}, &(0x7f0000005100)=0xe8) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000005140)={0x0, @local, @broadcast}, &(0x7f0000005180)=0xc) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000051c0)={{{@in6=@loopback, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@multicast1}}, &(0x7f00000052c0)=0xe8) getpeername$packet(r0, &(0x7f0000005300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000005340)=0x14) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000067c0)={{{@in6, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@local}}, &(0x7f00000068c0)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000007640)={'team0\x00', 0x0}) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000007680)={{{@in6, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@remote}}, &(0x7f0000007780)=0xe8) getsockopt$inet6_mreq(r1, 0x29, 0x15, &(0x7f00000077c0)={@local, 0x0}, &(0x7f0000007800)=0x14) accept$packet(r0, &(0x7f0000007840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000007880)=0x14) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000078c0)={{{@in=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@multicast1}}, &(0x7f00000079c0)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000007a00)={{{@in=@multicast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@remote}}, &(0x7f0000007b00)=0xe8) sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000008540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x440008}, 0xc, &(0x7f0000008500)={&(0x7f0000007b40)=ANY=[@ANYBLOB="bc090000", @ANYRES16=r2, @ANYBLOB="000b26bd7000ffdbdf250100000008000100", @ANYRES32=r3, @ANYBLOB="680102003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000080003000300000008000400ff0f0000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000200000008000600", @ANYRES32=r5, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000002000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004000000000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400ffff000008000600", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=r7, @ANYBLOB="c401020040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r8, @ANYBLOB="080007000000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000008000008000600", @ANYRES32=r9, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000080000008000600", @ANYRES32=r10, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400c0010000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000800000008000600", @ANYRES32=r12, @ANYBLOB="4c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=r13, @ANYBLOB="4002020038000100240001006e6f746966795f70656572735f636f756e74000000000000000000000000000008000300030000000800040004000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000100000008000600", @ANYRES32=r14, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000002000008000700000000004c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000001c000400686173685f746f5f706f72745f6d617070696e670000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040000000000080007000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000900000008000700000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r15, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000100000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r16, @ANYBLOB="08000100", @ANYRES32=r17, @ANYBLOB="3c00020038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000800030003000000080004000500000008000100", @ANYRES32=r18, @ANYBLOB="5c0202003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r19, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r20, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000800000000000000000000000080003000e000000080004000700000008000600", @ANYRES32=r21, @ANYBLOB="3c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r22, @ANYBLOB="3c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000000c00040000000728000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r23, @ANYBLOB="3c252845d6a6b82d9eada194bb20d600010024000100656e61626c656400000000000000000000000000000000000000000000000000", @ANYRES32=r24, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r25, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r26, @ANYBLOB="08000100", @ANYRES32=r27, @ANYBLOB="740002003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r28, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000080003000300000008000400c200000008000100", @ANYRES32=r29, @ANYBLOB="3c00020038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400ff00000008000100", @ANYRES32=r30, @ANYBLOB="b400020038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000040000000800030003000000080004001f00000040000100240001006c625f686173685e737461747300000000000000000000000000000000000000080003000b0000000800040015ba8e7f080007000000000038000100240001006d486173745f72656a6f696e5f636f753274000000000000000000000000000008000300030000000800040000000100"], 0x9bc}, 0x1, 0x0, 0x0, 0xc1}, 0x4) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:08 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000048000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 345.039352] FAULT_INJECTION: forcing a failure. [ 345.039352] name failslab, interval 1, probability 0, space 0, times 0 [ 345.050657] CPU: 1 PID: 23049 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 345.050667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.050671] Call Trace: [ 345.050695] dump_stack+0x1c9/0x2b4 [ 345.050715] ? dump_stack_print_info.cold.2+0x52/0x52 [ 345.050731] ? __kernel_text_address+0xd/0x40 [ 345.050750] ? unwind_get_return_address+0x61/0xa0 07:08:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_tcp_int(r0, 0x6, 0x14, &(0x7f0000000080), &(0x7f0000001ac0)=0x4) r1 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x7c, 0x4000) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r1, 0x111, 0x4, 0x0, 0x4) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r2, &(0x7f0000000000)=""/151, 0x97) [ 345.089347] should_fail.cold.4+0xa/0x11 [ 345.093424] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 345.098548] ? save_stack+0xa9/0xd0 [ 345.102192] ? kasan_kmalloc+0xc4/0xe0 [ 345.106084] ? kasan_slab_alloc+0x12/0x20 [ 345.110243] ? kmem_cache_alloc+0x12e/0x760 [ 345.114577] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 345.119425] ? kvm_mmu_load+0x21/0x10e0 [ 345.123410] ? vcpu_enter_guest+0x3aa6/0x6090 [ 345.127909] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 345.132931] ? do_vfs_ioctl+0x1de/0x1720 [ 345.136995] ? ksys_ioctl+0xa9/0xd0 [ 345.140624] ? __x64_sys_ioctl+0x73/0xb0 [ 345.144693] ? do_syscall_64+0x1b9/0x820 [ 345.148756] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.154120] ? lock_acquire+0x1e4/0x540 [ 345.158099] ? percpu_ref_put_many+0x119/0x240 [ 345.158115] ? lock_downgrade+0x8f0/0x8f0 [ 345.158132] ? lock_acquire+0x1e4/0x540 [ 345.158144] ? fs_reclaim_acquire+0x20/0x20 [ 345.158158] ? lock_downgrade+0x8f0/0x8f0 [ 345.158175] ? check_same_owner+0x340/0x340 [ 345.158189] ? rcu_note_context_switch+0x730/0x730 [ 345.158204] ? kasan_unpoison_shadow+0x35/0x50 [ 345.158220] __should_failslab+0x124/0x180 07:08:08 executing program 3 (fault-call:8 fault-nth:27): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:08 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe803000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:08 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000050000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:08 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x1f00, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:08 executing program 1: fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000180)) r0 = fcntl$getown(0xffffffffffffff9c, 0x9) r1 = syz_open_procfs(r0, &(0x7f0000000300)='loginuid\x00') r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x100000001, 0xd, 0x19, 0x8, "245c750286033037b50e013d57adadc82aea52043f2e120714dcc45fe89630a59b6f7ed3fe4f3ea30c32d1bebbdbc48b00ef47bb0e5ddcb8ff3864544f757fcf", "3ab01481bd01dd1cbe95fcf021ae5dc624565b0db6e9edee28f9194ed52fd98b", [0x3, 0xda59]}) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r1, &(0x7f0000000000)=""/151, 0x97) 07:08:08 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x3, &(0x7f00000015c0)=[{&(0x7f00000004c0)="73ee43a6bad90f5c8f14342143958ab099416cdf2fe7793b220c5e11cc7f5f17ff5837a7c6e51dfe6859979d93d2aabf6fa02e53c12e76f397e2f02c1dc5b2540cd724d52f7803293343630574cd5d9e615faa4ddecf0ea5b8c6a9e8c9d755750ea1372e221ef8d1dae012a4aaf047253de101eb976d853a7d549741177a1f658d263528fd305f75221adf99e751f7721395118976e918288a1763d7e193666ddfddc5faddfe01f96988b2db", 0xac, 0x9}, {&(0x7f0000000580)="210e396f358a85ac24fb3244c6cfbc87e4757fe96d7e865b7a900421707a99ff121643c73c38375ade9a30fc3d02cc9fcd8fede5479b2430995db9e283facef515c2f93d2750c0f721d313536ac9d4af1aa27770b800b7ca2964c4928f3cacd41d8a678a6b564b7c36305ed37e0f0a1f8dd3d3c1071de7ea48a9472c1d276884e21e2fab404eb330f6dd334e89b269eb00578e9f099ef656d0aa35d2dca52535addd0c100cdb31a5d8d5b3d41a3735cb77c42985aa2ac907fd089e289cd078500e3fff225192aff541bbb92494e004827a5390beaebda363ff5abf3becb49b5e97ca46d5331e09e78bd9ca435a26b4aa3da72d3705b915159eee685ef8ed7ae890d5fbb1cf0d3c64a427eb8a1432b83b488950030939fcbb815e1b04d6c81517b547b1bd2100a1015582cb5bc41c67acc5c2c62e4b433d81e0be16845e33fac7a8c04545a0e04f66b3868e3664c2840ab5f43f3a423b74f31e9c9af799b118a73c14054fee7d61f19885e9473f606e1995c58afe9cd3fc2506f48246dc74704d0359567dbdbbf7b677a01c838f35aa11e54433c484dc1a00f2f2a58a38c405d1231cf7384b8dbaaa2e47197b7f509469db67b71c6d9cf066c61c6a3e85b479a2aba6aca3c0cc362819ca87fe3f9b29b0f7d4241d21baeb4692d48e64e3038032d53b8207b145a094901d207190f98cbf33c64249fe67626cec00a628e1bb865ef71c763cdcbd80bffe68c5bdd3068fb216b2f4f382aaed4e094e1732af5213b927dff6d53d878d93fc98d93a6963ee4b40b3771132431a819b3cd3c2cdd7b179353babdf56d65ba058c1517df13e10bfc285bf473f0a6902428fb059108a75a519ef6474c5c7e898ee50e060c75538fc1dbbfd73ce74d8dc819da759c2d860802fd88dc737d42edac037f0c049a8133dddf03e9d19e1ec901331829f7d5e2bbfd4df825b1444d43bd3054510540c741f739a8daf380358e30ff2d9a8b72b25b1f343f12272b918269725efe94e90d306757e67b4c0a7b77fd160f6a526a8200bce2780646cd5eae223c62318164cef808964da8ba5a89b713fc5f0fc17b52f399d3fd74f24300d3a41a0d5c0601787fd2320a12066a6c57dc79d90618e4c569df116d54586319f2e0ac273ab13b3d48d0db89da493e1eb8deebbd3c5ef05c286158688ab303c2aa65a65802ee98182ef216273b1996cecf98ec120496b6c27a095be378f547b6f0d292d19c58bc8c6bd2e69f26dadc18269f60954b728dc6ded43cf791e736f752d5f4cf86b7529842543f606d90a74550e98d7bb4ff34370bcfe2336df7e68489f17a167e6620268e0b3131ac4968837f2d86efcdfc16cb4b03479ea7b2c9af4f069f93a18092644ba777e428df66edf1e1a1a6ccb5dbfddd660ccfc256fb85d2f1fede385dad0ba055002eb044186d5dcd4c9505bdd1b1e139c809c26196052cab858406f4dab1e0aa0545b44eb1597d357acde5a74d9b932a3d0c462ed9dcede484f9bd0fdb7fd4e721633f60071783203992656af93e6a9c990bf4fea33757baa0e2d63be7bc4f54c57cf871392a817a6008e62ea6fe0790c979f506f192bea61547ef450fa1e3d5389b1b93942ca785c4060c9179f82ed9d253f30f53b557f01cf44be1b1728ada0bae0ac628df0116a330fc64327a3ba61efd65daf6514aed0ea54ad8e04033341bd6b76e9e86b8a2fc8fb7871d7a782cf1888df8c7e212643b9cec435f968d26c32ecb8ef0476758e1153fcf16aa773920445796224499f560adbb57471fcbbc79e6a15065c487161a18d61e3058f8ee5d35d004915c2a8e119d9a468513b91ae2a2fd52a714462bd9201f89a735c114e9277cefd033b2ef946952dea48e02fb10b848509a41c9f3f3ef4c2781dc3cb75f27a9fcbea539cf826b13da39e146f0da41c65f785a4b4409a0b4419edb4613523a7f4b720cdeab77bc0ee79716c049aadb805f63497f387f1b60d40a6970f5328cf38ebd871d53acfec737deb2c8fa63bc9d311e0c8433ad59533c3dd9d3d34286611e88c334b77eb61f848c516c51cd5a06fca9b5ea36ff034c019b5a598f1794dbff159f694b8488d87403795d6ecc28536a10fe7172f9870f7a1a2e6aca2e55160286532d5c2877cc9267590ea6a99dd4fedb733e1771259cef9e42dfbdffe7de97e4ffb5f13c988ef634ce643a20097f38980089b16def99a111c02700b98a55c6f1e62ad5bf7ab0a1fde2dd49091206d3ddc2256496512f3ecc81f40fbae30f43d67d43b8d23c4cf92332313ce60f7bc26a0c7286549818e58c1b1b1f0aacb35c54a505c0d810a58ef38f855b6916893094ff4249695d635c733a410d45e10a5a2c413e04223c2b4c43df50a25871ecfaa640a746e61269c066495f620658ab406865b7352683954ae88d2ea9504b079a390a3da4b054d4b67293f225cbb251089f585bff8eee484ba38f2f822a3338602bcd153d51812a526c32532fb2cf27a71f78ee8e773578c0fc95087678391b3ed18769d08d14ec0f0ca2ff1da40f78db5026603cccbbfe8d3fc186fb94a7467d1e9da2a270e41f9c70bceb65b2adf2472aaa64b54e5a22e9479ef6fa2f7509561e594f1bfaef39c75c652c0d8d50a8292867c7961241a8664e984e6de66c4375085d835dd1b84a8d522c109e62b6140d2e949a9413feeeae0945360db207ff5a709ac0def0e7aa4cb4c4947e72d5f6596457ded6b2cc2c17ea762561b59e3194abe64521e37e53bd187096afca027eabafe01039b1f9ec93b1ad4a39b3cca8239ab3b9b0e5dac524263ea070e3cf96899717b5b560cf3c6bdd32edad014c11b4521e90db1aefb252b52484620f2db1e5e73910c23c28b90905353cb6dc5ff035b393bc9be7da61b69ad0685afcd947a402163ed886aca9785068f4cc77bb0c12813a5d5f3018bd99d789509e8060a66c0c77e9273b59682315de2bb78e160813359c2d6e3c5dd44d07a259154f35778fa94bb57783c77191205b1bc59b624f83ac568f38bbbf2136b91e463e55c4f42864ce5ecfe660be8f5bb6663097e1feac1da8560873adaff06e2055ef8807cee140ab708049a199983f920d9d8089a9d42b99cc7527d1faf8a9de85e044c4d20801efaf275e306776ef49bd7cbf35d4e8a8126664d1daef78aedccc44d66718fcd8a07491d18b59c8a3bb8a09976cf03b78d9511f02d42bbf962e30339e0ba64e058022c307462c062205c6ecd3fc2858369e8006d495e91f4264a7330f879058ab6ad8d31f7d155a33c979b895f46380ae4fbaff3d5b531c1c529eb08ec8b3ab6add39dc3d88546128f71b8ac1b8c0c23911a54aa865abc455690dee76b5cd178c242aa493a51ed0d21018c14e6a645917131c429c7fc67e341f78bfc5143dafaa0c934bf4ba3c61083019dae59c4202c60760dfb3f60d3f4c472c28ee9a291946825d9462a696e79f651a7554915ddd4a8fb77b6f8368e60d5b9f9afe38a2c23bf32fdeb6d0483980f83c6c4c8839ea65953d70efa8bdb9a2ffd82032c342f38d42a68a63b078e8cdd4da7e4cd5b19997997f75797bd81e9d482a0cdf8dc6648357a013eb3eec0635cb8ff5c1dfa042345ab206316af34486c8a590ef5297c83846d83200b1399acc8c9e5affb7bb3b1c652bbeade4a13b88d44a6d882c8e0a9863f52bbe79c7305ef9ffa00ca08d05ca0bb854cbffdb1995ad692aa883aeb7fb59d3d163516eb109822fda3e66eb70bb38b0027f055bb9a13a6b15aa860e667f55fba2ef35e826e728ebe07ad126ceda075bd364b25403fa58deaa4b8bf84e7aaf2eac291c19130d67feaa3ee6ad6eb573e099f236e3ae99f87a69badc11071900074b32e114893129213b0d4dcc4f28bb3bdb8de806f157c736823130b0aea8c45513e19e38097009307002216f509bd34b2a3803b0e71913c452761bc6f2351829c917131407b0aae5aa868951f1fe4fccd7e5d62795d4bbbbd4baa3e7b221d382004698e1d28e343564d6c43b4fea9ebbaa1ce029e86788d164b218b483db90f6fd4a07ad54e712ddd1ca8857f6d3f982f7ffda295d5e9f2d8daba2ee9295eccebfaaf7f5fd1f6c8a4d16c0dbe5568b50b8775c60b115a0c52f61decf86db940bcf8f945f9f731af2f11a0e16bcb62a45290e4251f47985e97ab92e7c91ac13d3995bb9237cfb05d390530c4e21602ff9d711d4e07e8c0b4665500c0e3982d018844f0107c5beb2c9c8d41f35381a354293caf96f58a8b9e8e64f4aed665bcc072095ba491f3171a21c2e734376b619940919eedd84409c221f1a3b4ab5e2f967add0ceeb504c338928e3d3f90181fc83894c7ff921634045d3e3395b9de52e2e73a82e1fa88e1128086cf48e4d476f5461b8f45284d26664682829b7b88291191f6a85d8e7cd31f71e4a73a24c1d5b06607912263a9d112fbd6f90eceb4e840d6e36ebd05f28ee84ef5d5bf512fd47f3001a9e3c8cc5c4fd799fbe99042c2ecd5169a0f73d4da40bb4d71d19dbec0742b9a420dfe873cd787b2d9808bf10ab560392c572a0fe7925e61b4634369d54789f9926d2b92a54208c1401c4497b44015d288085fa00abe584dc4b8cc96232e29789aacab8f019d8645ee285a49e15d821d9a3204681949a53c77609c76db79f6be2e9be3368001bed9826c1ce25e4b5cd2522f1dafc3f466105b7a9f039c39359e4c46d7548c69d43f504db12118937b67a61093a4a848b4311af8874592109ac5bbf2f777fc4a359491da32711ac73360ff10dc28e02e66699977a538bddcb41132b7cf20b81947d3a0175e76447141d739d29d6e582cbb636b182eb3b0b5bf3446e71a50ae4b34f83350e26f67f583998fc70cab0fb29d43ddafe73a2e7d8da4193896eb61f18cdcd9b90f56cd2f49cb15175b70b419f42f3859eeca893a345ddcc22c1401bf6c198f9d8da236c0413978f23e215b4a1474cffe71ac4dbfc78b999319b9ac5db47639bd2685d7e02622be93a3dc3e31ae272659f4bdee33ed6642ba799cc6b0f53723407a5db4140fb250656b9494ba07ef9e64831ee1fbbc7a205a17de642a4a66d03e12cd05257d26afc8a1c28028f71633a4cf547542cf2bfd9c9b1f4237ada8e0f15d44060419f5694ce60e921d0c1dc8c946930a5b59d14dd754e5eb021f0a1e44d5d5cf37bac000e7bb92594aa88512312f7d3f7d0609d7cbe8d272b66aeff925f7809598ef42154170fc632ed2034118255865ae1112deb714331156351fdf5838114bbf733502a8b46a0bd3d53317fd7be4063437dbed79c12d83b0efee3e060dd60b601da21be1b4bafd50b542d9e1cc622166c2eb1c41be9b7032e30f5d5f41349922d6619a0c67f4f967aa2647d77ce6fa027b692fbd1adfb4c6e388a8b14bfe724e6d1abe6dca612e2511a99b67a94fa53e0da21f7bf811d69c7c470ce2fc375ff7ce44827ffa219dbc770e1e9dd536fb2e9d18d25a58a35f066de53e8dedb0b2f75f6a5d0104b468e87324097c6838bdfdc247914d82660f51f78e8ae4aca4df672dac016b8618d951137b84be47720e05d60607d83b48fc2d8af8d3c3524810bbe4ac196b70901a26e884e7806a8990305daa340cb86c4698c263de73893f20980e1023bae0f56178c0ce978491f5ed00d1a6edd1c86c8353a6764a7574bf56480c71ad8be719593e145b066cbabe8cca94648a363262063149e992bb513458a4ff51b228ecce4e0e76c0bf459a6fb126c7f09a30f8c8e5864483df562d4a1643ce90808b2ecff9a9f51be2967cd538a6ac49dcea81cb219b3f", 0x1000, 0x3}, {&(0x7f0000001580)="e77786955e9c535beb104b457d8f49f7", 0x10, 0x80}], 0x800000, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:08 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getown(r1, 0x9) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000000c0)) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000001c0)=0xc) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000200)) gettid() ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000240)=0x0) r3 = getpgrp(r2) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f00000002c0)={0x0, 0x4, 0x1ea5, 0x401}, &(0x7f0000000300)=0x10) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000340)=@assoc_value={r4, 0x3ff}, &(0x7f0000000380)=0x8) 07:08:08 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x200000000000000, 0x20}, [{}]}, 0x58) [ 345.158236] should_failslab+0x9/0x14 [ 345.158250] kmem_cache_alloc+0x2af/0x760 [ 345.158264] ? kasan_check_write+0x14/0x20 [ 345.158280] ? mmu_topup_memory_caches+0xf7/0x3a0 07:08:08 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xffff1f00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 345.158293] mmu_topup_memory_caches+0xf7/0x3a0 07:08:08 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x500000000000000, 0x20}, [{}]}, 0x58) 07:08:08 executing program 1: syz_open_procfs(0x0, &(0x7f0000000100)='mountstats\x00') r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0xfffffeb9) 07:08:08 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000006c0000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:09 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x4, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") dup3(r0, r0, 0x80000) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) [ 345.158307] kvm_mmu_load+0x21/0x10e0 [ 345.158320] ? rcu_note_context_switch+0x730/0x730 [ 345.158334] ? filemap_map_pages+0xca2/0x1990 [ 345.158349] vcpu_enter_guest+0x3aa6/0x6090 [ 345.158362] ? kasan_check_write+0x14/0x20 [ 345.158377] ? __mutex_lock+0x6c4/0x1680 [ 345.158392] ? kvm_set_msr_common+0x26a0/0x26a0 07:08:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x1fffff]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:09 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000034000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 345.158406] ? lock_acquire+0x1e4/0x540 [ 345.158421] ? vmx_vcpu_load+0xadf/0xff0 [ 345.158436] ? trace_hardirqs_on+0x10/0x10 [ 345.158450] ? vmx_vcpu_reset+0x1040/0x1040 [ 345.158465] ? find_get_entries_tag+0x1410/0x1410 [ 345.158490] ? lock_acquire+0x1e4/0x540 [ 345.158503] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 345.158518] ? lock_release+0xa30/0xa30 [ 345.158531] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 345.158552] ? kvm_arch_dev_ioctl+0x610/0x610 [ 345.158564] ? preempt_notifier_dec+0x20/0x20 [ 345.158581] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 345.158593] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 345.158612] kvm_vcpu_ioctl+0x7b8/0x1300 [ 345.158628] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 345.158648] ? lock_acquire+0x1e4/0x540 [ 345.158660] ? __fget+0x4ac/0x740 [ 345.158674] ? lock_downgrade+0x8f0/0x8f0 [ 345.158689] ? lock_release+0xa30/0xa30 [ 345.158703] ? pid_task+0x115/0x200 [ 345.158715] ? find_vpid+0xf0/0xf0 [ 345.158729] ? __f_unlock_pos+0x19/0x20 [ 345.158742] ? __fget+0x4d5/0x740 [ 345.158757] ? ksys_dup3+0x690/0x690 [ 345.158774] ? kasan_check_write+0x14/0x20 [ 345.158790] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 345.158805] ? perf_trace_sys_exit+0x3f7/0x650 [ 345.158817] ? vfs_write+0x2f3/0x560 [ 345.158833] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 345.158845] do_vfs_ioctl+0x1de/0x1720 [ 345.158859] ? fsnotify_first_mark+0x350/0x350 [ 345.158870] ? __fsnotify_parent+0xcc/0x420 [ 345.158882] ? ioctl_preallocate+0x300/0x300 [ 345.158894] ? __fget_light+0x2f7/0x440 [ 345.158906] ? fget_raw+0x20/0x20 [ 345.158920] ? __sb_end_write+0xac/0xe0 [ 345.158935] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 345.158950] ? syscall_slow_exit_work+0x111/0x500 [ 345.158964] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 345.158978] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 345.158993] ? security_file_ioctl+0x94/0xc0 [ 345.159006] ksys_ioctl+0xa9/0xd0 [ 345.159020] __x64_sys_ioctl+0x73/0xb0 [ 345.159034] do_syscall_64+0x1b9/0x820 [ 345.159048] ? syscall_slow_exit_work+0x500/0x500 [ 345.159062] ? syscall_return_slowpath+0x5e0/0x5e0 [ 345.159076] ? syscall_return_slowpath+0x31d/0x5e0 [ 345.159093] ? prepare_exit_to_usermode+0x291/0x3b0 [ 345.159107] ? perf_trace_sys_enter+0xb10/0xb10 [ 345.159122] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.159140] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.159151] RIP: 0033:0x455ba9 [ 345.159154] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 345.159363] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.159378] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 345.159385] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 345.159393] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 345.159400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 345.159408] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000001a [ 345.317652] EXT4-fs: Invalid sb specification: sb=>,errors=continue [ 345.317939] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 345.437536] FAULT_INJECTION: forcing a failure. [ 345.437536] name failslab, interval 1, probability 0, space 0, times 0 [ 345.537202] nla_parse: 9 callbacks suppressed [ 345.537209] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 345.538637] CPU: 1 PID: 23114 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 345.538646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 345.538651] Call Trace: [ 345.538674] dump_stack+0x1c9/0x2b4 [ 345.538694] ? dump_stack_print_info.cold.2+0x52/0x52 [ 345.792496] ? __kernel_text_address+0xd/0x40 [ 345.792508] ? unwind_get_return_address+0x61/0xa0 [ 345.792521] should_fail.cold.4+0xa/0x11 [ 345.792533] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 345.792546] ? save_stack+0xa9/0xd0 [ 345.792557] ? kasan_kmalloc+0xc4/0xe0 [ 345.792565] ? kasan_slab_alloc+0x12/0x20 [ 345.792574] ? kmem_cache_alloc+0x12e/0x760 [ 345.792586] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 345.792596] ? kvm_mmu_load+0x21/0x10e0 [ 345.792607] ? vcpu_enter_guest+0x3aa6/0x6090 [ 345.792616] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 345.792625] ? do_vfs_ioctl+0x1de/0x1720 [ 345.792633] ? ksys_ioctl+0xa9/0xd0 [ 345.792641] ? __x64_sys_ioctl+0x73/0xb0 [ 345.792651] ? do_syscall_64+0x1b9/0x820 [ 345.792662] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.792674] ? lock_acquire+0x1e4/0x540 [ 345.792684] ? percpu_ref_put_many+0x119/0x240 [ 345.792694] ? lock_downgrade+0x8f0/0x8f0 [ 345.792707] ? lock_acquire+0x1e4/0x540 [ 345.792717] ? fs_reclaim_acquire+0x20/0x20 [ 345.792727] ? lock_downgrade+0x8f0/0x8f0 [ 345.792740] ? check_same_owner+0x340/0x340 [ 345.792750] ? rcu_note_context_switch+0x730/0x730 [ 345.792760] ? kasan_unpoison_shadow+0x35/0x50 [ 345.792770] __should_failslab+0x124/0x180 [ 345.792781] should_failslab+0x9/0x14 [ 345.792791] kmem_cache_alloc+0x2af/0x760 [ 345.792800] ? kasan_check_write+0x14/0x20 [ 345.792812] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 345.792823] mmu_topup_memory_caches+0xf7/0x3a0 [ 345.792835] kvm_mmu_load+0x21/0x10e0 [ 345.792844] ? rcu_note_context_switch+0x730/0x730 [ 345.792854] ? filemap_map_pages+0xca2/0x1990 [ 345.792866] vcpu_enter_guest+0x3aa6/0x6090 [ 345.792876] ? kasan_check_write+0x14/0x20 [ 345.792887] ? __mutex_lock+0x6c4/0x1680 [ 345.792899] ? kvm_set_msr_common+0x26a0/0x26a0 [ 345.792908] ? lock_acquire+0x1e4/0x540 [ 345.792919] ? vmx_vcpu_load+0xadf/0xff0 [ 345.792929] ? trace_hardirqs_on+0x10/0x10 [ 345.792939] ? vmx_vcpu_reset+0x1040/0x1040 [ 345.792950] ? find_get_entries_tag+0x1410/0x1410 [ 345.792967] ? lock_acquire+0x1e4/0x540 [ 345.792976] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 345.792989] ? lock_release+0xa30/0xa30 [ 345.792997] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 345.793011] ? kvm_arch_dev_ioctl+0x610/0x610 [ 345.793021] ? preempt_notifier_dec+0x20/0x20 [ 345.793035] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 345.793043] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 345.793057] kvm_vcpu_ioctl+0x7b8/0x1300 [ 345.793069] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 345.793083] ? lock_acquire+0x1e4/0x540 [ 345.793091] ? __fget+0x4ac/0x740 [ 345.793101] ? lock_downgrade+0x8f0/0x8f0 [ 345.793112] ? lock_release+0xa30/0xa30 [ 345.793121] ? pid_task+0x115/0x200 [ 345.793130] ? find_vpid+0xf0/0xf0 [ 345.793141] ? __f_unlock_pos+0x19/0x20 [ 345.793151] ? __fget+0x4d5/0x740 [ 345.793161] ? ksys_dup3+0x690/0x690 [ 345.793173] ? kasan_check_write+0x14/0x20 [ 345.793183] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 345.793192] ? fsnotify+0xbac/0x14e0 [ 345.793201] ? vfs_write+0x2f3/0x560 [ 345.793212] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 345.793221] do_vfs_ioctl+0x1de/0x1720 [ 345.793230] ? fsnotify_first_mark+0x350/0x350 [ 345.793239] ? __fsnotify_parent+0xcc/0x420 [ 345.793249] ? ioctl_preallocate+0x300/0x300 [ 345.793257] ? __fget_light+0x2f7/0x440 [ 345.793266] ? fget_raw+0x20/0x20 [ 345.793276] ? __sb_end_write+0xac/0xe0 [ 345.793289] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 345.793297] ? fput+0x130/0x1a0 [ 345.793306] ? ksys_write+0x1ae/0x260 [ 345.793318] ? security_file_ioctl+0x94/0xc0 [ 345.793328] ksys_ioctl+0xa9/0xd0 [ 345.793337] __x64_sys_ioctl+0x73/0xb0 [ 345.793348] do_syscall_64+0x1b9/0x820 [ 345.793356] ? finish_task_switch+0x1d3/0x870 [ 345.793367] ? syscall_return_slowpath+0x5e0/0x5e0 [ 345.793377] ? syscall_return_slowpath+0x31d/0x5e0 [ 345.793388] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 345.793398] ? prepare_exit_to_usermode+0x291/0x3b0 [ 345.793408] ? perf_trace_sys_enter+0xb10/0xb10 [ 345.793419] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 345.793431] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 345.793439] RIP: 0033:0x455ba9 [ 345.793441] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:09 executing program 3 (fault-call:8 fault-nth:28): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:09 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x3, &(0x7f00000015c0)=[{&(0x7f00000004c0)="73ee43a6bad90f5c8f14342143958ab099416cdf2fe7793b220c5e11cc7f5f17ff5837a7c6e51dfe6859979d93d2aabf6fa02e53c12e76f397e2f02c1dc5b2540cd724d52f7803293343630574cd5d9e615faa4ddecf0ea5b8c6a9e8c9d755750ea1372e221ef8d1dae012a4aaf047253de101eb976d853a7d549741177a1f658d263528fd305f75221adf99e751f7721395118976e918288a1763d7e193666ddfddc5faddfe01f96988b2db", 0xac, 0x9}, {&(0x7f0000000580)="210e396f358a85ac24fb3244c6cfbc87e4757fe96d7e865b7a900421707a99ff121643c73c38375ade9a30fc3d02cc9fcd8fede5479b2430995db9e283facef515c2f93d2750c0f721d313536ac9d4af1aa27770b800b7ca2964c4928f3cacd41d8a678a6b564b7c36305ed37e0f0a1f8dd3d3c1071de7ea48a9472c1d276884e21e2fab404eb330f6dd334e89b269eb00578e9f099ef656d0aa35d2dca52535addd0c100cdb31a5d8d5b3d41a3735cb77c42985aa2ac907fd089e289cd078500e3fff225192aff541bbb92494e004827a5390beaebda363ff5abf3becb49b5e97ca46d5331e09e78bd9ca435a26b4aa3da72d3705b915159eee685ef8ed7ae890d5fbb1cf0d3c64a427eb8a1432b83b488950030939fcbb815e1b04d6c81517b547b1bd2100a1015582cb5bc41c67acc5c2c62e4b433d81e0be16845e33fac7a8c04545a0e04f66b3868e3664c2840ab5f43f3a423b74f31e9c9af799b118a73c14054fee7d61f19885e9473f606e1995c58afe9cd3fc2506f48246dc74704d0359567dbdbbf7b677a01c838f35aa11e54433c484dc1a00f2f2a58a38c405d1231cf7384b8dbaaa2e47197b7f509469db67b71c6d9cf066c61c6a3e85b479a2aba6aca3c0cc362819ca87fe3f9b29b0f7d4241d21baeb4692d48e64e3038032d53b8207b145a094901d207190f98cbf33c64249fe67626cec00a628e1bb865ef71c763cdcbd80bffe68c5bdd3068fb216b2f4f382aaed4e094e1732af5213b927dff6d53d878d93fc98d93a6963ee4b40b3771132431a819b3cd3c2cdd7b179353babdf56d65ba058c1517df13e10bfc285bf473f0a6902428fb059108a75a519ef6474c5c7e898ee50e060c75538fc1dbbfd73ce74d8dc819da759c2d860802fd88dc737d42edac037f0c049a8133dddf03e9d19e1ec901331829f7d5e2bbfd4df825b1444d43bd3054510540c741f739a8daf380358e30ff2d9a8b72b25b1f343f12272b918269725efe94e90d306757e67b4c0a7b77fd160f6a526a8200bce2780646cd5eae223c62318164cef808964da8ba5a89b713fc5f0fc17b52f399d3fd74f24300d3a41a0d5c0601787fd2320a12066a6c57dc79d90618e4c569df116d54586319f2e0ac273ab13b3d48d0db89da493e1eb8deebbd3c5ef05c286158688ab303c2aa65a65802ee98182ef216273b1996cecf98ec120496b6c27a095be378f547b6f0d292d19c58bc8c6bd2e69f26dadc18269f60954b728dc6ded43cf791e736f752d5f4cf86b7529842543f606d90a74550e98d7bb4ff34370bcfe2336df7e68489f17a167e6620268e0b3131ac4968837f2d86efcdfc16cb4b03479ea7b2c9af4f069f93a18092644ba777e428df66edf1e1a1a6ccb5dbfddd660ccfc256fb85d2f1fede385dad0ba055002eb044186d5dcd4c9505bdd1b1e139c809c26196052cab858406f4dab1e0aa0545b44eb1597d357acde5a74d9b932a3d0c462ed9dcede484f9bd0fdb7fd4e721633f60071783203992656af93e6a9c990bf4fea33757baa0e2d63be7bc4f54c57cf871392a817a6008e62ea6fe0790c979f506f192bea61547ef450fa1e3d5389b1b93942ca785c4060c9179f82ed9d253f30f53b557f01cf44be1b1728ada0bae0ac628df0116a330fc64327a3ba61efd65daf6514aed0ea54ad8e04033341bd6b76e9e86b8a2fc8fb7871d7a782cf1888df8c7e212643b9cec435f968d26c32ecb8ef0476758e1153fcf16aa773920445796224499f560adbb57471fcbbc79e6a15065c487161a18d61e3058f8ee5d35d004915c2a8e119d9a468513b91ae2a2fd52a714462bd9201f89a735c114e9277cefd033b2ef946952dea48e02fb10b848509a41c9f3f3ef4c2781dc3cb75f27a9fcbea539cf826b13da39e146f0da41c65f785a4b4409a0b4419edb4613523a7f4b720cdeab77bc0ee79716c049aadb805f63497f387f1b60d40a6970f5328cf38ebd871d53acfec737deb2c8fa63bc9d311e0c8433ad59533c3dd9d3d34286611e88c334b77eb61f848c516c51cd5a06fca9b5ea36ff034c019b5a598f1794dbff159f694b8488d87403795d6ecc28536a10fe7172f9870f7a1a2e6aca2e55160286532d5c2877cc9267590ea6a99dd4fedb733e1771259cef9e42dfbdffe7de97e4ffb5f13c988ef634ce643a20097f38980089b16def99a111c02700b98a55c6f1e62ad5bf7ab0a1fde2dd49091206d3ddc2256496512f3ecc81f40fbae30f43d67d43b8d23c4cf92332313ce60f7bc26a0c7286549818e58c1b1b1f0aacb35c54a505c0d810a58ef38f855b6916893094ff4249695d635c733a410d45e10a5a2c413e04223c2b4c43df50a25871ecfaa640a746e61269c066495f620658ab406865b7352683954ae88d2ea9504b079a390a3da4b054d4b67293f225cbb251089f585bff8eee484ba38f2f822a3338602bcd153d51812a526c32532fb2cf27a71f78ee8e773578c0fc95087678391b3ed18769d08d14ec0f0ca2ff1da40f78db5026603cccbbfe8d3fc186fb94a7467d1e9da2a270e41f9c70bceb65b2adf2472aaa64b54e5a22e9479ef6fa2f7509561e594f1bfaef39c75c652c0d8d50a8292867c7961241a8664e984e6de66c4375085d835dd1b84a8d522c109e62b6140d2e949a9413feeeae0945360db207ff5a709ac0def0e7aa4cb4c4947e72d5f6596457ded6b2cc2c17ea762561b59e3194abe64521e37e53bd187096afca027eabafe01039b1f9ec93b1ad4a39b3cca8239ab3b9b0e5dac524263ea070e3cf96899717b5b560cf3c6bdd32edad014c11b4521e90db1aefb252b52484620f2db1e5e73910c23c28b90905353cb6dc5ff035b393bc9be7da61b69ad0685afcd947a402163ed886aca9785068f4cc77bb0c12813a5d5f3018bd99d789509e8060a66c0c77e9273b59682315de2bb78e160813359c2d6e3c5dd44d07a259154f35778fa94bb57783c77191205b1bc59b624f83ac568f38bbbf2136b91e463e55c4f42864ce5ecfe660be8f5bb6663097e1feac1da8560873adaff06e2055ef8807cee140ab708049a199983f920d9d8089a9d42b99cc7527d1faf8a9de85e044c4d20801efaf275e306776ef49bd7cbf35d4e8a8126664d1daef78aedccc44d66718fcd8a07491d18b59c8a3bb8a09976cf03b78d9511f02d42bbf962e30339e0ba64e058022c307462c062205c6ecd3fc2858369e8006d495e91f4264a7330f879058ab6ad8d31f7d155a33c979b895f46380ae4fbaff3d5b531c1c529eb08ec8b3ab6add39dc3d88546128f71b8ac1b8c0c23911a54aa865abc455690dee76b5cd178c242aa493a51ed0d21018c14e6a645917131c429c7fc67e341f78bfc5143dafaa0c934bf4ba3c61083019dae59c4202c60760dfb3f60d3f4c472c28ee9a291946825d9462a696e79f651a7554915ddd4a8fb77b6f8368e60d5b9f9afe38a2c23bf32fdeb6d0483980f83c6c4c8839ea65953d70efa8bdb9a2ffd82032c342f38d42a68a63b078e8cdd4da7e4cd5b19997997f75797bd81e9d482a0cdf8dc6648357a013eb3eec0635cb8ff5c1dfa042345ab206316af34486c8a590ef5297c83846d83200b1399acc8c9e5affb7bb3b1c652bbeade4a13b88d44a6d882c8e0a9863f52bbe79c7305ef9ffa00ca08d05ca0bb854cbffdb1995ad692aa883aeb7fb59d3d163516eb109822fda3e66eb70bb38b0027f055bb9a13a6b15aa860e667f55fba2ef35e826e728ebe07ad126ceda075bd364b25403fa58deaa4b8bf84e7aaf2eac291c19130d67feaa3ee6ad6eb573e099f236e3ae99f87a69badc11071900074b32e114893129213b0d4dcc4f28bb3bdb8de806f157c736823130b0aea8c45513e19e38097009307002216f509bd34b2a3803b0e71913c452761bc6f2351829c917131407b0aae5aa868951f1fe4fccd7e5d62795d4bbbbd4baa3e7b221d382004698e1d28e343564d6c43b4fea9ebbaa1ce029e86788d164b218b483db90f6fd4a07ad54e712ddd1ca8857f6d3f982f7ffda295d5e9f2d8daba2ee9295eccebfaaf7f5fd1f6c8a4d16c0dbe5568b50b8775c60b115a0c52f61decf86db940bcf8f945f9f731af2f11a0e16bcb62a45290e4251f47985e97ab92e7c91ac13d3995bb9237cfb05d390530c4e21602ff9d711d4e07e8c0b4665500c0e3982d018844f0107c5beb2c9c8d41f35381a354293caf96f58a8b9e8e64f4aed665bcc072095ba491f3171a21c2e734376b619940919eedd84409c221f1a3b4ab5e2f967add0ceeb504c338928e3d3f90181fc83894c7ff921634045d3e3395b9de52e2e73a82e1fa88e1128086cf48e4d476f5461b8f45284d26664682829b7b88291191f6a85d8e7cd31f71e4a73a24c1d5b06607912263a9d112fbd6f90eceb4e840d6e36ebd05f28ee84ef5d5bf512fd47f3001a9e3c8cc5c4fd799fbe99042c2ecd5169a0f73d4da40bb4d71d19dbec0742b9a420dfe873cd787b2d9808bf10ab560392c572a0fe7925e61b4634369d54789f9926d2b92a54208c1401c4497b44015d288085fa00abe584dc4b8cc96232e29789aacab8f019d8645ee285a49e15d821d9a3204681949a53c77609c76db79f6be2e9be3368001bed9826c1ce25e4b5cd2522f1dafc3f466105b7a9f039c39359e4c46d7548c69d43f504db12118937b67a61093a4a848b4311af8874592109ac5bbf2f777fc4a359491da32711ac73360ff10dc28e02e66699977a538bddcb41132b7cf20b81947d3a0175e76447141d739d29d6e582cbb636b182eb3b0b5bf3446e71a50ae4b34f83350e26f67f583998fc70cab0fb29d43ddafe73a2e7d8da4193896eb61f18cdcd9b90f56cd2f49cb15175b70b419f42f3859eeca893a345ddcc22c1401bf6c198f9d8da236c0413978f23e215b4a1474cffe71ac4dbfc78b999319b9ac5db47639bd2685d7e02622be93a3dc3e31ae272659f4bdee33ed6642ba799cc6b0f53723407a5db4140fb250656b9494ba07ef9e64831ee1fbbc7a205a17de642a4a66d03e12cd05257d26afc8a1c28028f71633a4cf547542cf2bfd9c9b1f4237ada8e0f15d44060419f5694ce60e921d0c1dc8c946930a5b59d14dd754e5eb021f0a1e44d5d5cf37bac000e7bb92594aa88512312f7d3f7d0609d7cbe8d272b66aeff925f7809598ef42154170fc632ed2034118255865ae1112deb714331156351fdf5838114bbf733502a8b46a0bd3d53317fd7be4063437dbed79c12d83b0efee3e060dd60b601da21be1b4bafd50b542d9e1cc622166c2eb1c41be9b7032e30f5d5f41349922d6619a0c67f4f967aa2647d77ce6fa027b692fbd1adfb4c6e388a8b14bfe724e6d1abe6dca612e2511a99b67a94fa53e0da21f7bf811d69c7c470ce2fc375ff7ce44827ffa219dbc770e1e9dd536fb2e9d18d25a58a35f066de53e8dedb0b2f75f6a5d0104b468e87324097c6838bdfdc247914d82660f51f78e8ae4aca4df672dac016b8618d951137b84be47720e05d60607d83b48fc2d8af8d3c3524810bbe4ac196b70901a26e884e7806a8990305daa340cb86c4698c263de73893f20980e1023bae0f56178c0ce978491f5ed00d1a6edd1c86c8353a6764a7574bf56480c71ad8be719593e145b066cbabe8cca94648a363262063149e992bb513458a4ff51b228ecce4e0e76c0bf459a6fb126c7f09a30f8c8e5864483df562d4a1643ce90808b2ecff9a9f51be2967cd538a6ac49dcea81cb219b3f", 0x1000, 0x3}, {&(0x7f0000001580)="e77786955e9c535beb104b457d8f49f7", 0x10, 0x80}], 0x800000, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:09 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1200000000000000, 0x20}, [{}]}, 0x58) 07:08:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfcff000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:09 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x2, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:09 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000074000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") clock_nanosleep(0x3, 0x1, &(0x7f0000000080)={0x0, 0x1c9c380}, &(0x7f00000000c0)) sigaltstack(&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000100)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:09 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x0, 0x4) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$TIOCSBRK(r0, 0x5427) read(r0, &(0x7f0000000000)=""/151, 0x97) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f00000000c0)=""/30) r2 = fcntl$getown(r1, 0x9) ioprio_set$pid(0x2, r2, 0x2) [ 345.793604] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 345.793614] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 345.793620] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 345.793626] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 345.793631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 345.793637] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000001b [ 346.306174] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 346.322547] EXT4-fs: Invalid sb specification: sb=>,errors=continue 07:08:09 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x16000000, 0x20}, [{}]}, 0x58) 07:08:09 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)) recvmsg(r1, &(0x7f0000000240)={&(0x7f00000001c0)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000001700)=[{&(0x7f0000000100)=""/29, 0x1d}, {&(0x7f00000002c0)=""/112, 0x70}, {&(0x7f0000000340)=""/189, 0xbd}, {&(0x7f0000000400)=""/216, 0xd8}, {&(0x7f0000000500)=""/155, 0x9b}, {&(0x7f00000005c0)=""/122, 0x7a}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/181, 0xb5}], 0x8, &(0x7f0000001780)=""/216, 0xd8, 0x1b99}, 0x40000000) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000018c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="1e0000003eaebbf9a4fe49eb7364742728ad095394ec5a8e43dee1b9ad83e9f574dee64b302c6e2a9ee1c803538630326df0"], &(0x7f00000019c0)=0x26) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000001a80)={0x0, 0x7fffffff}, &(0x7f0000001ac0)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000001b00)={0x0, 0x1}, &(0x7f0000001b40)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000001bc0)=@assoc_value={r3, 0xb1}, &(0x7f0000001a40)=0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000001900), &(0x7f0000001940)=0x8) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)) getpgid(0x0) r4 = getpid() r5 = getpgrp(r4) capget(&(0x7f0000000000)={0x20080522, r5}, &(0x7f0000000040)) unlink(&(0x7f0000001880)='./file0\x00') 07:08:10 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x1600000000000000, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:10 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f00000015c0)=[{&(0x7f0000000580)="210e396f358a85ac24fb3244c6cfbc87e4757fe96d7e865b7a900421707a99ff121643c73c38375ade9a30fc3d02cc9fcd8fede5479b2430995db9e283facef515c2f93d2750c0f721d313536ac9d4af1aa27770b800b7ca2964c4928f3cacd41d8a678a6b564b7c36305ed37e0f0a1f8dd3d3c1071de7ea48a9472c1d276884e21e2fab404eb330f6dd334e89b269eb00578e9f099ef656d0aa35d2dca52535addd0c100cdb31a5d8d5b3d41a3735cb77c42985aa2ac907fd089e289cd078500e3fff225192aff541bbb92494e004827a5390beaebda363ff5abf3becb49b5e97ca46d5331e09e78bd9ca435a26b4aa3da72d3705b915159eee685ef8ed7ae890d5fbb1cf0d3c64a427eb8a1432b83b488950030939fcbb815e1b04d6c81517b547b1bd2100a1015582cb5bc41c67acc5c2c62e4b433d81e0be16845e33fac7a8c04545a0e04f66b3868e3664c2840ab5f43f3a423b74f31e9c9af799b118a73c14054fee7d61f19885e9473f606e1995c58afe9cd3fc2506f48246dc74704d0359567dbdbbf7b677a01c838f35aa11e54433c484dc1a00f2f2a58a38c405d1231cf7384b8dbaaa2e47197b7f509469db67b71c6d9cf066c61c6a3e85b479a2aba6aca3c0cc362819ca87fe3f9b29b0f7d4241d21baeb4692d48e64e3038032d53b8207b145a094901d207190f98cbf33c64249fe67626cec00a628e1bb865ef71c763cdcbd80bffe68c5bdd3068fb216b2f4f382aaed4e094e1732af5213b927dff6d53d878d93fc98d93a6963ee4b40b3771132431a819b3cd3c2cdd7b179353babdf56d65ba058c1517df13e10bfc285bf473f0a6902428fb059108a75a519ef6474c5c7e898ee50e060c75538fc1dbbfd73ce74d8dc819da759c2d860802fd88dc737d42edac037f0c049a8133dddf03e9d19e1ec901331829f7d5e2bbfd4df825b1444d43bd3054510540c741f739a8daf380358e30ff2d9a8b72b25b1f343f12272b918269725efe94e90d306757e67b4c0a7b77fd160f6a526a8200bce2780646cd5eae223c62318164cef808964da8ba5a89b713fc5f0fc17b52f399d3fd74f24300d3a41a0d5c0601787fd2320a12066a6c57dc79d90618e4c569df116d54586319f2e0ac273ab13b3d48d0db89da493e1eb8deebbd3c5ef05c286158688ab303c2aa65a65802ee98182ef216273b1996cecf98ec120496b6c27a095be378f547b6f0d292d19c58bc8c6bd2e69f26dadc18269f60954b728dc6ded43cf791e736f752d5f4cf86b7529842543f606d90a74550e98d7bb4ff34370bcfe2336df7e68489f17a167e6620268e0b3131ac4968837f2d86efcdfc16cb4b03479ea7b2c9af4f069f93a18092644ba777e428df66edf1e1a1a6ccb5dbfddd660ccfc256fb85d2f1fede385dad0ba055002eb044186d5dcd4c9505bdd1b1e139c809c26196052cab858406f4dab1e0aa0545b44eb1597d357acde5a74d9b932a3d0c462ed9dcede484f9bd0fdb7fd4e721633f60071783203992656af93e6a9c990bf4fea33757baa0e2d63be7bc4f54c57cf871392a817a6008e62ea6fe0790c979f506f192bea61547ef450fa1e3d5389b1b93942ca785c4060c9179f82ed9d253f30f53b557f01cf44be1b1728ada0bae0ac628df0116a330fc64327a3ba61efd65daf6514aed0ea54ad8e04033341bd6b76e9e86b8a2fc8fb7871d7a782cf1888df8c7e212643b9cec435f968d26c32ecb8ef0476758e1153fcf16aa773920445796224499f560adbb57471fcbbc79e6a15065c487161a18d61e3058f8ee5d35d004915c2a8e119d9a468513b91ae2a2fd52a714462bd9201f89a735c114e9277cefd033b2ef946952dea48e02fb10b848509a41c9f3f3ef4c2781dc3cb75f27a9fcbea539cf826b13da39e146f0da41c65f785a4b4409a0b4419edb4613523a7f4b720cdeab77bc0ee79716c049aadb805f63497f387f1b60d40a6970f5328cf38ebd871d53acfec737deb2c8fa63bc9d311e0c8433ad59533c3dd9d3d34286611e88c334b77eb61f848c516c51cd5a06fca9b5ea36ff034c019b5a598f1794dbff159f694b8488d87403795d6ecc28536a10fe7172f9870f7a1a2e6aca2e55160286532d5c2877cc9267590ea6a99dd4fedb733e1771259cef9e42dfbdffe7de97e4ffb5f13c988ef634ce643a20097f38980089b16def99a111c02700b98a55c6f1e62ad5bf7ab0a1fde2dd49091206d3ddc2256496512f3ecc81f40fbae30f43d67d43b8d23c4cf92332313ce60f7bc26a0c7286549818e58c1b1b1f0aacb35c54a505c0d810a58ef38f855b6916893094ff4249695d635c733a410d45e10a5a2c413e04223c2b4c43df50a25871ecfaa640a746e61269c066495f620658ab406865b7352683954ae88d2ea9504b079a390a3da4b054d4b67293f225cbb251089f585bff8eee484ba38f2f822a3338602bcd153d51812a526c32532fb2cf27a71f78ee8e773578c0fc95087678391b3ed18769d08d14ec0f0ca2ff1da40f78db5026603cccbbfe8d3fc186fb94a7467d1e9da2a270e41f9c70bceb65b2adf2472aaa64b54e5a22e9479ef6fa2f7509561e594f1bfaef39c75c652c0d8d50a8292867c7961241a8664e984e6de66c4375085d835dd1b84a8d522c109e62b6140d2e949a9413feeeae0945360db207ff5a709ac0def0e7aa4cb4c4947e72d5f6596457ded6b2cc2c17ea762561b59e3194abe64521e37e53bd187096afca027eabafe01039b1f9ec93b1ad4a39b3cca8239ab3b9b0e5dac524263ea070e3cf96899717b5b560cf3c6bdd32edad014c11b4521e90db1aefb252b52484620f2db1e5e73910c23c28b90905353cb6dc5ff035b393bc9be7da61b69ad0685afcd947a402163ed886aca9785068f4cc77bb0c12813a5d5f3018bd99d789509e8060a66c0c77e9273b59682315de2bb78e160813359c2d6e3c5dd44d07a259154f35778fa94bb57783c77191205b1bc59b624f83ac568f38bbbf2136b91e463e55c4f42864ce5ecfe660be8f5bb6663097e1feac1da8560873adaff06e2055ef8807cee140ab708049a199983f920d9d8089a9d42b99cc7527d1faf8a9de85e044c4d20801efaf275e306776ef49bd7cbf35d4e8a8126664d1daef78aedccc44d66718fcd8a07491d18b59c8a3bb8a09976cf03b78d9511f02d42bbf962e30339e0ba64e058022c307462c062205c6ecd3fc2858369e8006d495e91f4264a7330f879058ab6ad8d31f7d155a33c979b895f46380ae4fbaff3d5b531c1c529eb08ec8b3ab6add39dc3d88546128f71b8ac1b8c0c23911a54aa865abc455690dee76b5cd178c242aa493a51ed0d21018c14e6a645917131c429c7fc67e341f78bfc5143dafaa0c934bf4ba3c61083019dae59c4202c60760dfb3f60d3f4c472c28ee9a291946825d9462a696e79f651a7554915ddd4a8fb77b6f8368e60d5b9f9afe38a2c23bf32fdeb6d0483980f83c6c4c8839ea65953d70efa8bdb9a2ffd82032c342f38d42a68a63b078e8cdd4da7e4cd5b19997997f75797bd81e9d482a0cdf8dc6648357a013eb3eec0635cb8ff5c1dfa042345ab206316af34486c8a590ef5297c83846d83200b1399acc8c9e5affb7bb3b1c652bbeade4a13b88d44a6d882c8e0a9863f52bbe79c7305ef9ffa00ca08d05ca0bb854cbffdb1995ad692aa883aeb7fb59d3d163516eb109822fda3e66eb70bb38b0027f055bb9a13a6b15aa860e667f55fba2ef35e826e728ebe07ad126ceda075bd364b25403fa58deaa4b8bf84e7aaf2eac291c19130d67feaa3ee6ad6eb573e099f236e3ae99f87a69badc11071900074b32e114893129213b0d4dcc4f28bb3bdb8de806f157c736823130b0aea8c45513e19e38097009307002216f509bd34b2a3803b0e71913c452761bc6f2351829c917131407b0aae5aa868951f1fe4fccd7e5d62795d4bbbbd4baa3e7b221d382004698e1d28e343564d6c43b4fea9ebbaa1ce029e86788d164b218b483db90f6fd4a07ad54e712ddd1ca8857f6d3f982f7ffda295d5e9f2d8daba2ee9295eccebfaaf7f5fd1f6c8a4d16c0dbe5568b50b8775c60b115a0c52f61decf86db940bcf8f945f9f731af2f11a0e16bcb62a45290e4251f47985e97ab92e7c91ac13d3995bb9237cfb05d390530c4e21602ff9d711d4e07e8c0b4665500c0e3982d018844f0107c5beb2c9c8d41f35381a354293caf96f58a8b9e8e64f4aed665bcc072095ba491f3171a21c2e734376b619940919eedd84409c221f1a3b4ab5e2f967add0ceeb504c338928e3d3f90181fc83894c7ff921634045d3e3395b9de52e2e73a82e1fa88e1128086cf48e4d476f5461b8f45284d26664682829b7b88291191f6a85d8e7cd31f71e4a73a24c1d5b06607912263a9d112fbd6f90eceb4e840d6e36ebd05f28ee84ef5d5bf512fd47f3001a9e3c8cc5c4fd799fbe99042c2ecd5169a0f73d4da40bb4d71d19dbec0742b9a420dfe873cd787b2d9808bf10ab560392c572a0fe7925e61b4634369d54789f9926d2b92a54208c1401c4497b44015d288085fa00abe584dc4b8cc96232e29789aacab8f019d8645ee285a49e15d821d9a3204681949a53c77609c76db79f6be2e9be3368001bed9826c1ce25e4b5cd2522f1dafc3f466105b7a9f039c39359e4c46d7548c69d43f504db12118937b67a61093a4a848b4311af8874592109ac5bbf2f777fc4a359491da32711ac73360ff10dc28e02e66699977a538bddcb41132b7cf20b81947d3a0175e76447141d739d29d6e582cbb636b182eb3b0b5bf3446e71a50ae4b34f83350e26f67f583998fc70cab0fb29d43ddafe73a2e7d8da4193896eb61f18cdcd9b90f56cd2f49cb15175b70b419f42f3859eeca893a345ddcc22c1401bf6c198f9d8da236c0413978f23e215b4a1474cffe71ac4dbfc78b999319b9ac5db47639bd2685d7e02622be93a3dc3e31ae272659f4bdee33ed6642ba799cc6b0f53723407a5db4140fb250656b9494ba07ef9e64831ee1fbbc7a205a17de642a4a66d03e12cd05257d26afc8a1c28028f71633a4cf547542cf2bfd9c9b1f4237ada8e0f15d44060419f5694ce60e921d0c1dc8c946930a5b59d14dd754e5eb021f0a1e44d5d5cf37bac000e7bb92594aa88512312f7d3f7d0609d7cbe8d272b66aeff925f7809598ef42154170fc632ed2034118255865ae1112deb714331156351fdf5838114bbf733502a8b46a0bd3d53317fd7be4063437dbed79c12d83b0efee3e060dd60b601da21be1b4bafd50b542d9e1cc622166c2eb1c41be9b7032e30f5d5f41349922d6619a0c67f4f967aa2647d77ce6fa027b692fbd1adfb4c6e388a8b14bfe724e6d1abe6dca612e2511a99b67a94fa53e0da21f7bf811d69c7c470ce2fc375ff7ce44827ffa219dbc770e1e9dd536fb2e9d18d25a58a35f066de53e8dedb0b2f75f6a5d0104b468e87324097c6838bdfdc247914d82660f51f78e8ae4aca4df672dac016b8618d951137b84be47720e05d60607d83b48fc2d8af8d3c3524810bbe4ac196b70901a26e884e7806a8990305daa340cb86c4698c263de73893f20980e1023bae0f56178c0ce978491f5ed00d1a6edd1c86c8353a6764a7574bf56480c71ad8be719593e145b066cbabe8cca94648a363262063149e992bb513458a4ff51b228ecce4e0e76c0bf459a6fb126c7f09a30f8c8e5864483df562d4a1643ce90808b2ecff9a9f51be2967cd538a6ac49dcea81cb219b3f", 0x1000, 0x3}, {&(0x7f0000001580)="e77786955e9c535beb104b457d8f49f7", 0x10, 0x80}], 0x800000, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 346.348422] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 346.420844] FAULT_INJECTION: forcing a failure. [ 346.420844] name failslab, interval 1, probability 0, space 0, times 0 [ 346.432155] CPU: 1 PID: 23178 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 346.432170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 346.449911] Call Trace: [ 346.449935] dump_stack+0x1c9/0x2b4 [ 346.449956] ? dump_stack_print_info.cold.2+0x52/0x52 [ 346.449976] ? __kernel_text_address+0xd/0x40 [ 346.449990] ? unwind_get_return_address+0x61/0xa0 [ 346.450006] should_fail.cold.4+0xa/0x11 [ 346.450024] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 346.450042] ? save_stack+0xa9/0xd0 [ 346.450057] ? kasan_kmalloc+0xc4/0xe0 [ 346.450067] ? kasan_slab_alloc+0x12/0x20 [ 346.450081] ? kmem_cache_alloc+0x12e/0x760 [ 346.450096] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 346.450110] ? kvm_mmu_load+0x21/0x10e0 [ 346.450126] ? vcpu_enter_guest+0x3aa6/0x6090 [ 346.450140] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 346.450152] ? do_vfs_ioctl+0x1de/0x1720 [ 346.450162] ? ksys_ioctl+0xa9/0xd0 [ 346.450173] ? __x64_sys_ioctl+0x73/0xb0 [ 346.450191] ? do_syscall_64+0x1b9/0x820 [ 346.530001] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.535364] ? lock_acquire+0x1e4/0x540 [ 346.539333] ? percpu_ref_put_many+0x119/0x240 [ 346.543897] ? lock_downgrade+0x8f0/0x8f0 [ 346.548034] ? lock_acquire+0x1e4/0x540 [ 346.551991] ? fs_reclaim_acquire+0x20/0x20 [ 346.556308] ? lock_downgrade+0x8f0/0x8f0 [ 346.560442] ? check_same_owner+0x340/0x340 [ 346.564750] ? rcu_note_context_switch+0x730/0x730 [ 346.569661] ? kasan_unpoison_shadow+0x35/0x50 [ 346.574225] __should_failslab+0x124/0x180 [ 346.578447] should_failslab+0x9/0x14 [ 346.582230] kmem_cache_alloc+0x2af/0x760 [ 346.586359] ? kvm_clock_read+0x25/0x30 [ 346.590318] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 346.595327] ? ktime_get_with_offset+0x32e/0x4b0 [ 346.600069] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 346.604895] mmu_topup_memory_caches+0xf7/0x3a0 [ 346.609549] kvm_mmu_load+0x21/0x10e0 [ 346.613334] ? kasan_check_write+0x14/0x20 [ 346.617549] ? do_raw_spin_lock+0xc1/0x200 [ 346.621770] vcpu_enter_guest+0x3aa6/0x6090 [ 346.626087] ? kvm_set_msr_common+0x26a0/0x26a0 [ 346.630756] ? lock_acquire+0x1e4/0x540 [ 346.634719] ? vmx_vcpu_load+0xadf/0xff0 [ 346.638764] ? trace_hardirqs_on+0x10/0x10 [ 346.642983] ? vmx_vcpu_reset+0x1040/0x1040 [ 346.647289] ? find_get_entries_tag+0x1410/0x1410 [ 346.652123] ? lock_acquire+0x1e4/0x540 [ 346.656078] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 346.661080] ? lock_release+0xa30/0xa30 [ 346.665046] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 346.670304] ? kvm_arch_dev_ioctl+0x610/0x610 [ 346.675684] ? preempt_notifier_dec+0x20/0x20 [ 346.680201] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 346.685029] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 346.690032] kvm_vcpu_ioctl+0x7b8/0x1300 [ 346.694077] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 346.699776] ? lock_acquire+0x1e4/0x540 [ 346.703730] ? __fget+0x4ac/0x740 [ 346.707169] ? lock_downgrade+0x8f0/0x8f0 [ 346.711302] ? lock_release+0xa30/0xa30 [ 346.715262] ? pid_task+0x115/0x200 [ 346.718871] ? find_vpid+0xf0/0xf0 [ 346.722394] ? __f_unlock_pos+0x19/0x20 [ 346.726354] ? __fget+0x4d5/0x740 [ 346.729792] ? ksys_dup3+0x690/0x690 [ 346.733493] ? kasan_check_write+0x14/0x20 [ 346.737721] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 346.742641] ? fsnotify+0xbac/0x14e0 [ 346.746348] ? vfs_write+0x2f3/0x560 [ 346.750048] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 346.755741] do_vfs_ioctl+0x1de/0x1720 [ 346.759621] ? fsnotify_first_mark+0x350/0x350 [ 346.764188] ? __fsnotify_parent+0xcc/0x420 [ 346.768493] ? ioctl_preallocate+0x300/0x300 [ 346.772886] ? __fget_light+0x2f7/0x440 [ 346.776841] ? fget_raw+0x20/0x20 [ 346.780277] ? __sb_end_write+0xac/0xe0 [ 346.784237] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 346.789759] ? fput+0x130/0x1a0 [ 346.793023] ? ksys_write+0x1ae/0x260 [ 346.796809] ? security_file_ioctl+0x94/0xc0 [ 346.801306] ksys_ioctl+0xa9/0xd0 [ 346.805264] __x64_sys_ioctl+0x73/0xb0 [ 346.809138] do_syscall_64+0x1b9/0x820 [ 346.813009] ? finish_task_switch+0x1d3/0x870 [ 346.817494] ? syscall_return_slowpath+0x5e0/0x5e0 [ 346.822412] ? syscall_return_slowpath+0x31d/0x5e0 [ 346.827324] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 346.832325] ? prepare_exit_to_usermode+0x291/0x3b0 [ 346.837325] ? perf_trace_sys_enter+0xb10/0xb10 [ 346.841988] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 346.846820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 346.851992] RIP: 0033:0x455ba9 07:08:10 executing program 1: pipe(&(0x7f00000000c0)={0xffffffffffffffff}) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000100)={0x7, 0x7, 0x0, 0x6, 0x3, 0x6, 0x1, 0x200, 0xe000000000000000, 0xfffffffffffff000}) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r2 = socket$inet6(0xa, 0xffffffffffff, 0x1f) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r1, &(0x7f0000000000)=""/151, 0x97) 07:08:10 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600007fffffff000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:10 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0xffffff7f00000000, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 346.855174] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 346.874519] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 346.882211] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 346.889461] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 346.896711] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 346.903962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 346.911211] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000001c [ 346.957627] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 346.970249] EXT4-fs: Invalid sb specification: sb=>,errors=continue 07:08:10 executing program 3 (fault-call:8 fault-nth:29): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:10 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x14, 0x20}, [{}]}, 0x58) 07:08:10 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={0x0}, &(0x7f0000000400)=0xc) r2 = getpgrp(r1) pipe2(&(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f00000007c0)=""/163, &(0x7f0000000880)=0xa3) r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ashmem\x00', 0x48000, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e20}}, 0x0, 0x9, 0x5, 0x56, 0x20}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000002c0)={r6, @in6={{0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, [], 0x1b}, 0x3}}, [0x7f, 0x98, 0x9, 0x91b, 0x6, 0xc4, 0x1, 0xfffffffffffffff9, 0x8f, 0x800, 0x1, 0x8000, 0x7, 0x25d, 0x1]}, &(0x7f0000000100)=0x100) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000005c0)={r6, @in={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}}, &(0x7f0000000680)=0x84) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000580)=r6, 0x4) ioctl$TIOCCBRK(r4, 0x5428) ioctl(r0, 0x8912, &(0x7f0000000280)) sched_setaffinity(r2, 0x8, &(0x7f0000000540)=0x4) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000700)={r7, 0x1000}, &(0x7f0000000740)=0x8) fsync(r5) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r3, 0x84, 0x7, &(0x7f00000008c0)={0x3}, 0x2) getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000000440)=""/191, &(0x7f0000000500)=0xbf) sched_setaffinity(r1, 0x8, &(0x7f0000000280)=0xfa3) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r4, 0x800448d2, &(0x7f00000009c0)={0x1, &(0x7f0000000900)=[{}]}) r8 = getpgrp(0x0) ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f00000006c0)) capget(&(0x7f0000000000)={0x20080522, r8}, &(0x7f0000000040)) 07:08:10 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f00000000c0)=""/151, 0x97) 07:08:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x400300]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:10 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x5000000, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 347.002455] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:10 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000007000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:10 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f00000015c0)=[{&(0x7f0000001580)="e77786955e9c535beb104b457d8f49f7", 0x10, 0x80}], 0x800000, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 347.061550] IPVS: length: 191 != 8 07:08:10 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x2, 0x20}, [{}]}, 0x58) 07:08:10 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000000c0)) ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000100)={0x2, 0x7, 0x40, 0x40, 0x3}) 07:08:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x4010000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 347.118897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 347.140041] IPVS: length: 191 != 8 [ 347.166885] FAULT_INJECTION: forcing a failure. [ 347.166885] name failslab, interval 1, probability 0, space 0, times 0 [ 347.178154] CPU: 0 PID: 23243 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 347.186571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.195944] Call Trace: [ 347.198549] dump_stack+0x1c9/0x2b4 [ 347.202188] ? dump_stack_print_info.cold.2+0x52/0x52 [ 347.207392] ? __kernel_text_address+0xd/0x40 [ 347.211895] ? unwind_get_return_address+0x61/0xa0 07:08:10 executing program 1: socketpair(0x8, 0x5, 0x5, &(0x7f0000001300)={0xffffffffffffffff}) ftruncate(r0, 0x7fffffff) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') sync_file_range(r1, 0xfffffffffffffffe, 0x7ff, 0x1) fcntl$setflags(r1, 0x2, 0x1) r2 = socket$inet6(0xa, 0x1010008080002, 0x3ff) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f0000000100)={0x0, 0x20}, &(0x7f0000000140)=0x8) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000200)={@mcast1={0xff, 0x1, [], 0x1}, 0x100000000, 0x1, 0x2, 0xd, 0x200000000, 0x3ec, 0x1}, &(0x7f0000000240)=0x20) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000002c0)=ANY=[@ANYRES32=r3, @ANYBLOB="00100000d728572415b39f9d08e3d2b772d1f8c66df93e5dc16fb8266185419c579ce1addc17179ed867b3947fa466d3fed4320ac77f696028e661f37857d8eb123f02ba9c45b99f5f1d9780feee96db69ce2d1cbe5733824672ad2f9208a877e7b9a828ba901b9bf735bd0e1418427d6de8db903cd3b32b632c6c4725c30113d15f65b2402664f131926db48ff8dd6fd9d6f565a7100b8a5248f6a3b016ef95922afa2341d31dc4a942fa079ff7b8075ff909d60a9cbeefa9f6a8ded8b0496019fb1d0802fcd4c6d85f4936c087f38c7f6e29421d295620aed21a16699e4e9d7522192d1e23444f73fbc414fb3ed034862049325a4a5de4242e8d3806479d967d45584c3d7413e2cb5632f888d54a349136b5f5e3bfd71b29f19840abc2ec07555fcecfe41cbf47e949660d7ee2d9929f81a8b363a867d066bd83e9aa220c1ea8d400d1dacfa0b4a1e36178957651ece0eec1f840265dfb2e0d154a74a10015ae25a08dc8251711b3197614e0a611d942e27b527556cdde2068878a19829ea3cc88b0a729e33f27865f93752eec79cc1305f77a342b77804b5ae3ae8240775898b5663a91157ab9d89a43cfa68d8e2a6abb954d9bd09881c3fc7c4ebf1c755a27e1d900d236c78607a1a6ec0f6ed1ca8b1c27c2b0f14f4a76f7f350f18103045e8eba2c97be8fafef5769e230cf57ed4f201815f43abb19d864b2b10116a5f06a3e13001172efcb9b5955fe1a7c7211e48d2ff3ce99682156300fee6b11b20b50f33e49d485f99ec0953eac78123082b203f50e24bde72ae039988ffc25e111491a0823500fcd281b5bfa41a7aeb03d3b0df6b3fa7d42158e19628de13becfe39ff899921974b72aecdaa1d2d465972e7a6eb0e860783d9806b40d89921436976248f58698cf4a546d4fd072f7f559d78fe9278279344680ee8530bcc07d78c0c16bf94c0edcad69de3dbe19c191be027c6d22492c598c02b85c9d6d74f0475e312e44fddb66c8fb7810a9167019ae243027216d486622ab374e8ccb01181a32af0ce68e914e281dce3ac8348cef0dcda53f4623ca349e2f7e6fa1af92064e91849435ae811fe655bd26b52a9ba1e05ea74151d9dd06299c243372eae63dc8c0d019632efa3604181a067cf755e9e327a79365c732aa5a771daaca74ac6afa5a5cb301331690c5b26a54e93cecc596832934c636eadf4f257a894018945442e82945a33270e5f0e6bc012ea622b707e35eef56c59f8b37564460e56e0194eaed2b576cf2a464f6c22e779bfbb73b4e2eb1fd8f301d15d5b63cabda72a3c9efe7179cf6c48c847e54b6f60e8811ef3b87ace0f00ba1de8f9e3b32e50839c2fc905c7539b4aa9d64cdaa299aa7ce92947575f6559a6ab958df83f0c231305a5666af4aa9cf913ade98a46ea17b82add95a8216b039360942edcbf912fc3bf278992418e8677b65c217c3bb5a1a7874bcea5ad97df2a8093c261d8202a6f1e1445e6c375e75464576a3a6930479c802e67a835c446233fedd63974f059507962fcc035a5ce1b02da95ffdbbcdd77a2b4ffc6bee0244eec82e4bfd8564faa73bdc4a646935ed65d788f4bada6af7dfb5729bbb18728cd902fb63e7baf7dfc1537c0717438c9f15297730aa2f28668109c00b2c7c39a8c127030a6ba7675e59c85fdfcf4432802cefa78b75d0c6556da79da0c682ccaea8addd5feaefd42236e1d2db804673097069096c78ed15c96dc0f1670f0d5daa3cd8357b71a7a33cbc0539f6ce7b8cfe69b50dc61f5463ba369a21e65fd6cd12f3e7cbbd2dd51b71e90b7eaac68b62bf05e373211b7a02e49dfa04f506566204b107788a646118df1acfc2fe189fd7495960f4b436b6a882c0901584859da496db78e0ade2335e1591e235958779dad5a06c0c9b9e5f7392841563d4fb597e27164e5d27bfaf5b5fddb8ccc490918c8364d51deb72b2b000ac878a739bb63312e38f73ad382dc55135988642b51e477cc2dd1b056a64a25dc9a47b23aa8d1abf497f9084db74a3d4c18b542cbe3daf503996d96d5f44e45423e05b8914957b1d6f7c052214c5e95aa9a09fb6e669c53d9499849961199606e94ec531bae70c0294b7bf4ddd5e4b176e48be1cce6c00020f23aa53e31da35a77fa23ebe44dab9a144f6b3a71e9d707842681497356ab4997723c82b32c6d3d6124831b8bb687148d8581be5400724ca78a9a516a400b0ca215c512a40f08e771bf4548e47e3a31f2b24088a4f8f7e8ed2706c4cf2f5d45c1ba01950c93bee0b36b3cc7bc37a310eef349c884b15bbf84fcbe97fde3b0f98ce85610d309c9d3d49aa3179e0e84349ca0fb3b6d8559a1f1e0d5f6baea2b89585a232a304c979d542c13199ef9708b6b9030a2546ff9b9e3f9608e7e076ecaece2cf9e30a94c1e000177b01ac0828e2857e2d6f2c43f8b80003abfe25a72d0f4e870bffc7fcdc9101c4c4adf58f69e308ffd7c4468e9575a5545ec754776213c0be8697d05b4cc112e53ea890804d129123e05fb5a7bfd22c7d9f32016ddd879cbcae11b383f34bf11c747cc3ff543f774d22762875ea41f33f00361fec0077d86f1faab69c9e01d98f1996ec7ea47e4d79136ca473bb4fcaba603b4716ca3e700885fed18b33e730f0d669b8c42412d9d672f7a280597fc2215f3531ef6b8f4621465429795e9a999f1b4ee5ff861f10572ba81fbe8e4a3a788bbb76547eda5916521f216082a4207655b946f7106f24908155d9e52297f99b19a8379cf20e7783bdf01c7f27ddf57ce6bd7ec2e85093a0a7f3d9c0929d6ccc60851a753f76336336589b2c4dc031a73c676256d66606895a8edc1d0f361a66ef16916d5b96b5b9557e0f6b6a2fbd578f0798ff6cf90dc90c3de10ea8657755b021838584e78028f8d4aefaeafed7e50ee98ab343d448eeddfb70492e8e54ed8adb1817d99ed8c1e3330f88e37e2e465bafa6e0154bf3cd4cf58e6712838cba5bff57ed9e97b9f3b74546da1b3bf10879a41500b70e3524afa49b4103754f45880bd46d5e9c36a102a5bd76566cc8f4d91b9ea23843e86206865c4d44d6443fb5c04f96caa87b61816b98ae35a93e8e07d29f1a74aafe61a0a2ae9fee55148cc347ae1a542b103de14a90c7f1594bc516dd2368aae243140c0905d87877a8defbc4f88d5bb6d5f5aed88f77fedb479e46406e5dbe0985e71a0eae354b6ccd9113ea0a1aeb5b09382d5e5855f252f74b00deae9923159abfde9c7dab0aa9c6c53e6f7d85ae3a2506ac17d1a3eea97cf3565d29ac670a66ad982518a6b3ea0182e33390b7c2925b54eea5f74dda3052199a806b81fbe19daf862ac2a4fe88d38d0eaf2709f4d50a79641c51db292568cb63eb80a5ff2fba9a536dec06ac48b8913b7b11f38853cbe43662288f8cf591c4c14b0b29acd6e958172a1aa7b84aabc92af8079e1911b2070cbd23fa4e1d665ed5a23ef41518218fce26df54fdff639eca4fe96a59e4b2845f712de2861f45eaf67b0cd32d2d02833584cbea47b47aabfa48cc8ef8f1038a69358364731116c42de1c37fad6b0e019dcd961ec13854d35abd95ed381720d8063b6e30d96be3234a59e21a8a0fec8a8e06447aecebed11f4377ba1a89b9858b0fb1ca5880026ac83bd3265d541dbcdfa86d764405a75dc7870d269229b6d9c0533516666e5923eea4589671ec81bb6e3cac30783f49642302cedc618b09bf32d95952cd4bbe06294a7af9302019e16b7462bf940a17b19ece671058c8057b26e0167d704832dc77ac52e55c7d042a9dfa6ab561ee1e21c9fda63e4c78597cd8c27b3fd26e7910678d1d91cea0ddefffd9a25357edbd8c15e2d8fdd8bce0bd9d41500fb8fef08dd43df4fa1788f096228fbb33157d664cdf6cbe96a6f63ce0429f2fa22560fa953c698ea04d2e0530a10c583c73ab750cc847d778d2728cd8f6d367bcbc700c75ca5f9d709973679c07ab5da5d86eef8a66bf97436469b4dcdd51fce35d437b104ee189f2683ebb0a561b6d3941c30de22717b4b8d1caa3789a68afed63f87f8bc1de7ce9172a78288aab4689dd33477a629f45f75c3270149143b20b5597a3f9620dec611dcb270798fab40a0d69b801fd2122c5dcd28074b2e89e919a2bd94d2761692d80ff22defd887a71bc1060610fb0b7df0e72225304fd7f3868671fb7d9c0a5c5ec665341df74eccb186f974a0b59fdacdf2f587431c4e764f5be6a63badded28f0c45685e46c11bad434880435855d2d7f544733fc4508b4026e99a261901f4964058bce62e439ab26c02d8d34ccd37041585e85fc834c0d2e4a115266fc2718da648b79bb64c8a78cb2b9e91ab8f6331ee4abad832a797617dcbd9ee2277cca163481e8251a00a15e94fe2ab4cbaa69817867519dae41a46a533f50c0335fbf8f92aabd4563ca8c00e945b5379b2d406a8937f89c319e54209b757c1000b0fea84afb2905059b60ca1478b34cd9b7f6eac750a2075ab50c9a0fc4704dd0477029fa9f602d205ed2973189a0d43497fb5737d8e332329ee0e005344f15584729bb903d908fb12de777b1cb32ba989d1740e615862b38c7ba16c675c09476432ddcf910c3e894747b7f0d60093211ee45f0f64f8d760ae981f317010fb0986aa9aa837ed53e570a7a92209053a017de5bc1bd825480de241c099fd0850a526ea2211f484e5faed6a3eaebd627353fe9ffc5bb1218cb0b7471a68d308e271fa30dcc0f7ace3d3e6d8ee37e299cfb90be23c04324c47754bc2612592a3a94437bf79786a9186df5eab55fef600798a7bc32220c6ba180bd2086fc0d5f0004c51bc6c3c2253f93e9e766b30015ec3bb74415585d27c87b01f8e8a44524c7a4c6dc1025a5d1a6cd748406df97f1fb980289294acd6329c8cd0dc2db16cd4b7f411daf25cf60538e78bc7c24377f96de5b5fa36c3bb4dee431bc837f1bab3d30a6f9aae277fdbe70ef32c513ced862f1c74c20006d7dd3ac87360ea7484a877a9b4f7f3513d54d05f08c95a2538810b07867792bdce683d2ad9f72d1a1d86a1455ddbac2150f51d97da93c8ba0e9ebeef80f4dd179837a134703cc52555f81052268eac41c310674ecc648b63e817613744d22520343771335e26ffd7d208b3d1aea22294c1197b8b0ffe2f63fd66f0777c3bd5ff61ca59bb9f3190f6141c6f3cfc08696ad8617065954ad39a5f679b90b082aab6f7fa86a1d5fff3370af0803a8716a59ea454ce28ba3578d927fe9835f305d889d076f550f18fe6a1ee8b22ee7b208bbf58ab88d93490eac10dc04e6ac8178385dc7fc952cccdd0799a39f978f4a07ee5754c9d47f928697f7def816f8ade472432a050935ebccd4e83f16434947662a9fcd9b040b59dd4030e91ecc029696b71e07177fa4d16caad6a29d6907a22319596d6634f0950724acd492f2b16d1ea0d79b2a8aa127b00301718e523215ec36f23d7c1e87c272c9c25e81a2f37859e113a9b7016e7ec96fb73e420e8e1de7b5c0e871de2da084908dd0c0930b76abdfaba09275dcdd0982c6b4d0c16629e4cc98447c44725dddf4d5987706edcf8641a8c651228adb0b3a7a241d896c08d43a263dace6d7ac437d6d0d9aa8c1cc31ad8ebecc91aeb1c5a0b7dd142cff46c7e431a575553fc478ddca168169eb19d41517971b65ae1a451c0b10d0da0263454a5d9d6bd68c938fed2d85ef46eba4a255162fcfcbcd5846dbccbf73bee308d38a43e9e7799d3c6b64c6d3d718cc6282338db9965801ce24e41d7c585fd9a1bc66177195903c1105942a7d80f8c8ab0e5ec"], &(0x7f0000000180)=0x1008) inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x110) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$KDSKBLED(r1, 0x4b65, 0x1) read(r1, &(0x7f0000000000)=""/151, 0x97) [ 347.216836] should_fail.cold.4+0xa/0x11 [ 347.220915] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 347.225264] EXT4-fs: Invalid sb specification: sb=>,errors=continue [ 347.226025] ? save_stack+0xa9/0xd0 [ 347.226043] ? kasan_kmalloc+0xc4/0xe0 [ 347.239918] ? kasan_slab_alloc+0x12/0x20 [ 347.244055] ? kmem_cache_alloc+0x12e/0x760 [ 347.248362] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 347.253187] ? kvm_mmu_load+0x21/0x10e0 [ 347.257166] ? vcpu_enter_guest+0x3aa6/0x6090 [ 347.261648] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 347.266651] ? do_vfs_ioctl+0x1de/0x1720 [ 347.270697] ? ksys_ioctl+0xa9/0xd0 [ 347.274310] ? __x64_sys_ioctl+0x73/0xb0 [ 347.278359] ? do_syscall_64+0x1b9/0x820 [ 347.282404] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.287755] ? lock_acquire+0x1e4/0x540 [ 347.291712] ? percpu_ref_put_many+0x119/0x240 [ 347.296277] ? lock_downgrade+0x8f0/0x8f0 [ 347.300411] ? lock_acquire+0x1e4/0x540 [ 347.304370] ? fs_reclaim_acquire+0x20/0x20 [ 347.308688] ? lock_downgrade+0x8f0/0x8f0 [ 347.312822] ? check_same_owner+0x340/0x340 [ 347.317142] ? rcu_note_context_switch+0x730/0x730 [ 347.322054] ? kasan_unpoison_shadow+0x35/0x50 [ 347.326623] __should_failslab+0x124/0x180 [ 347.330864] should_failslab+0x9/0x14 [ 347.334648] kmem_cache_alloc+0x2af/0x760 [ 347.338779] ? kasan_check_write+0x14/0x20 [ 347.342999] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 347.347831] mmu_topup_memory_caches+0xf7/0x3a0 [ 347.352490] kvm_mmu_load+0x21/0x10e0 [ 347.356284] ? rcu_note_context_switch+0x730/0x730 [ 347.361206] ? filemap_map_pages+0xca2/0x1990 [ 347.365684] vcpu_enter_guest+0x3aa6/0x6090 [ 347.369990] ? kasan_check_write+0x14/0x20 [ 347.374221] ? __mutex_lock+0x6c4/0x1680 [ 347.378272] ? kvm_set_msr_common+0x26a0/0x26a0 [ 347.382933] ? lock_acquire+0x1e4/0x540 [ 347.386890] ? vmx_vcpu_load+0xadf/0xff0 [ 347.390936] ? trace_hardirqs_on+0x10/0x10 [ 347.395163] ? vmx_vcpu_reset+0x1040/0x1040 [ 347.399469] ? find_get_entries_tag+0x1410/0x1410 [ 347.404300] ? lock_acquire+0x1e4/0x540 [ 347.408268] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 347.413267] ? lock_release+0xa30/0xa30 [ 347.417223] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 347.422481] ? kvm_arch_dev_ioctl+0x610/0x610 [ 347.426967] ? preempt_notifier_dec+0x20/0x20 [ 347.431457] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 347.436282] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 347.441295] kvm_vcpu_ioctl+0x7b8/0x1300 [ 347.445353] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 347.451063] ? lock_acquire+0x1e4/0x540 [ 347.455024] ? __fget+0x4ac/0x740 [ 347.458461] ? lock_downgrade+0x8f0/0x8f0 [ 347.462604] ? lock_release+0xa30/0xa30 [ 347.466560] ? pid_task+0x115/0x200 [ 347.470168] ? find_vpid+0xf0/0xf0 [ 347.473691] ? __f_unlock_pos+0x19/0x20 [ 347.477646] ? __fget+0x4d5/0x740 [ 347.481084] ? ksys_dup3+0x690/0x690 [ 347.484782] ? kasan_check_write+0x14/0x20 [ 347.489003] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 347.494526] ? perf_trace_sys_exit+0x3f7/0x650 [ 347.499089] ? vfs_write+0x2f3/0x560 [ 347.502788] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 347.508480] do_vfs_ioctl+0x1de/0x1720 [ 347.512352] ? fsnotify_first_mark+0x350/0x350 [ 347.516917] ? __fsnotify_parent+0xcc/0x420 [ 347.521221] ? ioctl_preallocate+0x300/0x300 [ 347.525621] ? __fget_light+0x2f7/0x440 [ 347.529577] ? fget_raw+0x20/0x20 [ 347.533040] ? __sb_end_write+0xac/0xe0 [ 347.537013] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 347.542533] ? syscall_slow_exit_work+0x111/0x500 [ 347.547359] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 347.552016] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 347.557451] ? security_file_ioctl+0x94/0xc0 [ 347.561858] ksys_ioctl+0xa9/0xd0 [ 347.565295] __x64_sys_ioctl+0x73/0xb0 [ 347.569174] do_syscall_64+0x1b9/0x820 [ 347.573043] ? syscall_slow_exit_work+0x500/0x500 [ 347.577872] ? syscall_return_slowpath+0x5e0/0x5e0 [ 347.582785] ? syscall_return_slowpath+0x31d/0x5e0 [ 347.587699] ? prepare_exit_to_usermode+0x291/0x3b0 [ 347.592699] ? perf_trace_sys_enter+0xb10/0xb10 [ 347.597350] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 347.602176] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 347.607348] RIP: 0033:0x455ba9 [ 347.610514] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 347.629675] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 347.637366] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 347.644618] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 347.651870] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 347.659133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 07:08:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe803]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:11 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x12000000, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:11 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x15, 0x20}, [{}]}, 0x58) [ 347.666384] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000001d 07:08:11 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f00000002c0)=""/151, 0x97) fsetxattr(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="6f7316c1e56c6164657600000000000000000000000000000000"], &(0x7f0000000100)='net/igmp\x00', 0x9, 0x2) timer_create(0x5, &(0x7f0000000080)={0x0, 0x30, 0x0, @thr={&(0x7f0000000000)="1da1a2e1416b26d0918af47ca151042c09955a3880", &(0x7f0000000040)="a781c0c01c7f10de7e0ee92b0939f51f59a4b33b"}}, &(0x7f0000000140)) [ 347.702231] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:11 executing program 3 (fault-call:8 fault-nth:30): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:11 executing program 0: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = semget(0x2, 0x3, 0xa0) semctl$GETNCNT(r0, 0x3, 0xe, &(0x7f00000002c0)=""/233) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpgrp(0x0) 07:08:11 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000007000000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:11 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4000000, 0x20}, [{}]}, 0x58) 07:08:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x700000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:11 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x9, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:11 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x800000, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:11 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x15000000, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:11 executing program 1: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x180, 0x0) ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000300)={{0xfffffffffffff820, 0x81}, {0x7, 0x99}, 0x2, 0x2, 0x3}) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r2 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000380)={0x0, 0x8001}, &(0x7f00000003c0)=0x8) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000400)={r3, 0xffffffffffffffff, 0x7}, 0x8) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x8f6, 0x4) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") io_setup(0xb73, &(0x7f00000000c0)=0x0) io_cancel(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x3, 0x9, r2, &(0x7f0000000100)="111d9b9a74c39b0a9bcb23348780deec5afae442bcfff6b6e935dd827916e8b462c3ec3a13e519c545aab147eba57e84aa5d5893ef28d1bb37d264db97296a80810b0b34937fc61284fc585de1f2ffe45e4b66734e266ecdf2579f9340e26ce5b5409f38d3b66f4a10d34b59db65fd34219a734d31607188ecb0b6960f0eee2fdc8aefa461ed9bbe543e63c755690ec6568269c27a799fa9", 0x98, 0x200, 0x0, 0x0, r1}, &(0x7f0000000240)) read(r1, &(0x7f0000000000)=""/151, 0x97) rmdir(&(0x7f0000000440)='./file0\x00') 07:08:11 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x101000, 0x0) ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000200)='/dev/mixer\x00') [ 347.856688] EXT4-fs: Invalid sb specification: sb=>,errors=continue [ 347.859741] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 347.875057] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:11 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1f00, 0x20}, [{}]}, 0x58) 07:08:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 347.957402] FAULT_INJECTION: forcing a failure. [ 347.957402] name failslab, interval 1, probability 0, space 0, times 0 [ 347.968703] CPU: 1 PID: 23313 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 347.977110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.986465] Call Trace: [ 347.989066] dump_stack+0x1c9/0x2b4 [ 347.992704] ? dump_stack_print_info.cold.2+0x52/0x52 [ 347.997909] ? __kernel_text_address+0xd/0x40 [ 348.002413] ? unwind_get_return_address+0x61/0xa0 07:08:11 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:11 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000fffff000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xbb8]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 348.007356] should_fail.cold.4+0xa/0x11 [ 348.011428] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 348.016539] ? save_stack+0xa9/0xd0 [ 348.020178] ? kasan_kmalloc+0xc4/0xe0 [ 348.024072] ? kasan_slab_alloc+0x12/0x20 [ 348.028228] ? kmem_cache_alloc+0x12e/0x760 [ 348.032557] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 348.037410] ? kvm_mmu_load+0x21/0x10e0 [ 348.041390] ? vcpu_enter_guest+0x3aa6/0x6090 [ 348.045887] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 348.050907] ? do_vfs_ioctl+0x1de/0x1720 07:08:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xc0fe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 348.054973] ? ksys_ioctl+0xa9/0xd0 [ 348.058606] ? __x64_sys_ioctl+0x73/0xb0 [ 348.062673] ? do_syscall_64+0x1b9/0x820 [ 348.066744] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.072121] ? lock_acquire+0x1e4/0x540 [ 348.076097] ? percpu_ref_put_many+0x119/0x240 [ 348.080687] ? lock_downgrade+0x8f0/0x8f0 [ 348.080743] EXT4-fs: Invalid sb specification: sb=>,errors=continue [ 348.084841] ? lock_acquire+0x1e4/0x540 [ 348.084859] ? fs_reclaim_acquire+0x20/0x20 [ 348.084876] ? lock_downgrade+0x8f0/0x8f0 [ 348.084889] ? lock_downgrade+0x8f0/0x8f0 [ 348.084909] ? check_same_owner+0x340/0x340 [ 348.104212] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 348.107845] ? rcu_note_context_switch+0x730/0x730 [ 348.107863] ? kasan_unpoison_shadow+0x35/0x50 [ 348.107878] __should_failslab+0x124/0x180 [ 348.107894] should_failslab+0x9/0x14 [ 348.107912] kmem_cache_alloc+0x2af/0x760 [ 348.139709] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 348.144542] mmu_topup_memory_caches+0xf7/0x3a0 [ 348.149198] kvm_mmu_load+0x21/0x10e0 [ 348.152981] ? rcu_note_context_switch+0x730/0x730 [ 348.157893] ? filemap_map_pages+0xca2/0x1990 [ 348.162372] vcpu_enter_guest+0x3aa6/0x6090 [ 348.166678] ? kasan_check_write+0x14/0x20 [ 348.170895] ? __mutex_lock+0x6c4/0x1680 [ 348.174941] ? kvm_set_msr_common+0x26a0/0x26a0 [ 348.179600] ? lock_acquire+0x1e4/0x540 [ 348.183557] ? vmx_vcpu_load+0xadf/0xff0 [ 348.187603] ? trace_hardirqs_on+0x10/0x10 [ 348.191820] ? vmx_vcpu_reset+0x1040/0x1040 [ 348.196125] ? find_get_entries_tag+0x1410/0x1410 [ 348.200957] ? lock_acquire+0x1e4/0x540 [ 348.204916] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 348.209915] ? lock_release+0xa30/0xa30 [ 348.213869] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 348.219129] ? kvm_arch_dev_ioctl+0x610/0x610 [ 348.223608] ? preempt_notifier_dec+0x20/0x20 [ 348.228090] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 348.232914] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 348.237915] kvm_vcpu_ioctl+0x7b8/0x1300 [ 348.241961] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 348.247667] ? lock_acquire+0x1e4/0x540 [ 348.251625] ? __fget+0x4ac/0x740 [ 348.255072] ? lock_downgrade+0x8f0/0x8f0 [ 348.259203] ? lock_release+0xa30/0xa30 [ 348.263169] ? pid_task+0x115/0x200 [ 348.266780] ? find_vpid+0xf0/0xf0 [ 348.270307] ? __f_unlock_pos+0x19/0x20 [ 348.274268] ? __fget+0x4d5/0x740 [ 348.277706] ? ksys_dup3+0x690/0x690 [ 348.281406] ? kasan_check_write+0x14/0x20 [ 348.285627] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 348.290540] ? fsnotify+0xbac/0x14e0 [ 348.294237] ? vfs_write+0x2f3/0x560 [ 348.297937] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 348.303648] do_vfs_ioctl+0x1de/0x1720 [ 348.307520] ? fsnotify_first_mark+0x350/0x350 [ 348.312083] ? __fsnotify_parent+0xcc/0x420 [ 348.316387] ? ioctl_preallocate+0x300/0x300 [ 348.320777] ? __fget_light+0x2f7/0x440 [ 348.324733] ? fget_raw+0x20/0x20 [ 348.328191] ? __sb_end_write+0xac/0xe0 [ 348.332150] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 348.337672] ? fput+0x130/0x1a0 [ 348.340933] ? ksys_write+0x1ae/0x260 [ 348.344718] ? security_file_ioctl+0x94/0xc0 [ 348.349109] ksys_ioctl+0xa9/0xd0 [ 348.352545] __x64_sys_ioctl+0x73/0xb0 [ 348.356417] do_syscall_64+0x1b9/0x820 [ 348.360295] ? finish_task_switch+0x1d3/0x870 [ 348.364776] ? syscall_return_slowpath+0x5e0/0x5e0 [ 348.369689] ? syscall_return_slowpath+0x31d/0x5e0 [ 348.374600] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 348.379602] ? prepare_exit_to_usermode+0x291/0x3b0 [ 348.384601] ? perf_trace_sys_enter+0xb10/0xb10 [ 348.389256] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 348.394096] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.399285] RIP: 0033:0x455ba9 [ 348.402457] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.421632] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 348.429327] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 348.436576] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 348.443829] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 348.451079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 348.458331] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000001e [ 348.468009] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:12 executing program 3 (fault-call:8 fault-nth:31): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:12 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x11, 0x20}, [{}]}, 0x58) 07:08:12 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x3f000000, 0x38, 0x0, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xb80b000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:12 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:12 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600007e010000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:12 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) ioctl(r0, 0x3, &(0x7f00000000c0)) [ 348.587993] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 348.589565] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:12 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) r2 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0xffffffff80000001, 0x1) ioctl$TIOCSTI(r2, 0x5412, 0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:12 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={0x0, 0x4}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0x401, 0x5, 0x201, 0x29, 0x8, 0x7, 0x5, 0x7cf5, r1}, 0x20) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1, 0x400) r2 = socket$inet6(0xa, 0x1, 0xd61e) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r2, &(0x7f00000002c0)=""/151, 0xc0f6dd0d2b4e3f2c) 07:08:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x2000000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 348.632247] FAULT_INJECTION: forcing a failure. [ 348.632247] name failslab, interval 1, probability 0, space 0, times 0 [ 348.643517] CPU: 0 PID: 23376 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 348.651918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 348.661274] Call Trace: [ 348.663875] dump_stack+0x1c9/0x2b4 [ 348.667522] ? dump_stack_print_info.cold.2+0x52/0x52 [ 348.672721] ? __kernel_text_address+0xd/0x40 [ 348.677229] ? unwind_get_return_address+0x61/0xa0 07:08:12 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000068000000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x900000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 348.682174] should_fail.cold.4+0xa/0x11 [ 348.686247] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 348.691365] ? save_stack+0xa9/0xd0 [ 348.695002] ? kasan_kmalloc+0xc4/0xe0 [ 348.698891] ? kasan_slab_alloc+0x12/0x20 [ 348.703048] ? kmem_cache_alloc+0x12e/0x760 [ 348.707386] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 348.707401] ? kvm_mmu_load+0x21/0x10e0 [ 348.707418] ? vcpu_enter_guest+0x3aa6/0x6090 [ 348.707433] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 348.707447] ? do_vfs_ioctl+0x1de/0x1720 [ 348.707457] ? ksys_ioctl+0xa9/0xd0 [ 348.707467] ? __x64_sys_ioctl+0x73/0xb0 [ 348.707480] ? do_syscall_64+0x1b9/0x820 [ 348.707494] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.707509] ? lock_acquire+0x1e4/0x540 [ 348.707526] ? percpu_ref_put_many+0x119/0x240 [ 348.707539] ? lock_downgrade+0x8f0/0x8f0 [ 348.707558] ? lock_acquire+0x1e4/0x540 [ 348.707572] ? fs_reclaim_acquire+0x20/0x20 [ 348.707584] ? lock_downgrade+0x8f0/0x8f0 [ 348.707603] ? check_same_owner+0x340/0x340 07:08:12 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x16, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:12 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x12, 0x20}, [{}]}, 0x58) [ 348.729897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 348.729936] ? rcu_note_context_switch+0x730/0x730 [ 348.789556] ? kasan_unpoison_shadow+0x35/0x50 07:08:12 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:12 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000028000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 348.789568] __should_failslab+0x124/0x180 [ 348.789582] should_failslab+0x9/0x14 [ 348.789592] kmem_cache_alloc+0x2af/0x760 [ 348.789605] ? write_comp_data+0x70/0x70 [ 348.789617] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 348.789627] mmu_topup_memory_caches+0xf7/0x3a0 [ 348.789641] kvm_mmu_load+0x21/0x10e0 [ 348.789651] ? rcu_note_context_switch+0x730/0x730 [ 348.789663] ? filemap_map_pages+0xca2/0x1990 [ 348.789677] vcpu_enter_guest+0x3aa6/0x6090 [ 348.789687] ? kasan_check_write+0x14/0x20 [ 348.789699] ? __mutex_lock+0x6c4/0x1680 [ 348.789712] ? kvm_set_msr_common+0x26a0/0x26a0 [ 348.789726] ? lock_acquire+0x1e4/0x540 [ 348.789738] ? vmx_vcpu_load+0xadf/0xff0 [ 348.789748] ? trace_hardirqs_on+0x10/0x10 [ 348.789758] ? vmx_vcpu_reset+0x1040/0x1040 [ 348.789769] ? find_get_entries_tag+0x1410/0x1410 [ 348.789786] ? lock_acquire+0x1e4/0x540 [ 348.789795] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 348.789807] ? lock_release+0xa30/0xa30 [ 348.789815] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 348.789825] ? kvm_arch_dev_ioctl+0x610/0x610 [ 348.789834] ? preempt_notifier_dec+0x20/0x20 [ 348.789847] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 348.789856] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 348.789870] kvm_vcpu_ioctl+0x7b8/0x1300 [ 348.789881] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 348.789896] ? lock_acquire+0x1e4/0x540 [ 348.789905] ? __fget+0x4ac/0x740 [ 348.789915] ? lock_downgrade+0x8f0/0x8f0 [ 348.789926] ? lock_release+0xa30/0xa30 [ 348.789937] ? pid_task+0x115/0x200 [ 348.789946] ? find_vpid+0xf0/0xf0 [ 348.789957] ? __f_unlock_pos+0x19/0x20 [ 348.789967] ? __fget+0x4d5/0x740 [ 348.789977] ? ksys_dup3+0x690/0x690 [ 348.789989] ? kasan_check_write+0x14/0x20 [ 348.789999] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 348.790012] ? fsnotify+0xbac/0x14e0 [ 348.790024] ? vfs_write+0x2f3/0x560 [ 348.790036] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 348.790046] do_vfs_ioctl+0x1de/0x1720 [ 348.790055] ? fsnotify_first_mark+0x350/0x350 [ 348.790064] ? __fsnotify_parent+0xcc/0x420 [ 348.790074] ? ioctl_preallocate+0x300/0x300 [ 348.790082] ? __fget_light+0x2f7/0x440 [ 348.790091] ? fget_raw+0x20/0x20 [ 348.790101] ? __sb_end_write+0xac/0xe0 [ 348.790113] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 348.790122] ? fput+0x130/0x1a0 [ 348.790131] ? ksys_write+0x1ae/0x260 [ 348.790144] ? security_file_ioctl+0x94/0xc0 [ 348.790153] ksys_ioctl+0xa9/0xd0 [ 348.790163] __x64_sys_ioctl+0x73/0xb0 [ 348.790174] do_syscall_64+0x1b9/0x820 [ 348.790182] ? finish_task_switch+0x1d3/0x870 [ 348.790193] ? syscall_return_slowpath+0x5e0/0x5e0 [ 348.790204] ? syscall_return_slowpath+0x31d/0x5e0 [ 348.790214] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 348.790226] ? prepare_exit_to_usermode+0x291/0x3b0 [ 348.790237] ? perf_trace_sys_enter+0xb10/0xb10 [ 348.790247] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 348.790259] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 348.790267] RIP: 0033:0x455ba9 [ 348.790270] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 348.790431] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 348.790442] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 348.790447] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 348.790453] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:12 executing program 3 (fault-call:8 fault-nth:32): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:12 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x40030000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:12 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000003000000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:12 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x4e24, 0x2, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, {0xa, 0x4e21, 0x1200, @empty, 0x7ff}, 0x9, [0x7f, 0x8, 0x8, 0x19db, 0x9, 0x5f, 0x101]}, 0x5c) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:12 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x0, 0x0) ioctl$EVIOCSABS0(r2, 0x401845c0, &(0x7f00000000c0)={0x3, 0x7, 0x6, 0x8, 0x4, 0x10001}) ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000004c0)={0x1, 0x1, &(0x7f00000002c0)=""/200, &(0x7f00000003c0)=""/182, &(0x7f0000000480)=""/11, 0x5001}) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000540)={0x0, @multicast2, @multicast2}, &(0x7f00000001c0)=0xc) ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000240)={{0x6, 0x8, 0x4, 0x200, 0x7fffffff, 0x9}, 0x8000}) ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000200)={@ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x3c, r3}) fcntl$getownex(r1, 0x10, &(0x7f0000000500)={0x0, 0x0}) r5 = getpgrp(r4) capget(&(0x7f0000000000)={0x20080522, r5}, &(0x7f0000000040)) 07:08:12 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x5, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:12 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1400000000000000, 0x20}, [{}]}, 0x58) [ 348.790458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 348.790464] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000001f [ 348.886348] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 348.900934] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 349.297603] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 349.321821] FAULT_INJECTION: forcing a failure. [ 349.321821] name failslab, interval 1, probability 0, space 0, times 0 [ 349.333279] CPU: 1 PID: 23421 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 349.333292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.351192] Call Trace: [ 349.353787] dump_stack+0x1c9/0x2b4 [ 349.357424] ? dump_stack_print_info.cold.2+0x52/0x52 [ 349.362613] ? __kernel_text_address+0xd/0x40 [ 349.367099] ? unwind_get_return_address+0x61/0xa0 [ 349.372025] should_fail.cold.4+0xa/0x11 [ 349.376077] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 349.381171] ? save_stack+0xa9/0xd0 [ 349.384782] ? kasan_kmalloc+0xc4/0xe0 [ 349.388650] ? kasan_slab_alloc+0x12/0x20 [ 349.392780] ? kmem_cache_alloc+0x12e/0x760 [ 349.397086] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 349.401911] ? kvm_mmu_load+0x21/0x10e0 [ 349.405868] ? vcpu_enter_guest+0x3aa6/0x6090 [ 349.410345] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 349.415342] ? do_vfs_ioctl+0x1de/0x1720 [ 349.419384] ? ksys_ioctl+0xa9/0xd0 [ 349.422996] ? __x64_sys_ioctl+0x73/0xb0 [ 349.427053] ? do_syscall_64+0x1b9/0x820 [ 349.431098] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.436446] ? lock_acquire+0x1e4/0x540 [ 349.440402] ? percpu_ref_put_many+0x119/0x240 [ 349.444966] ? lock_downgrade+0x8f0/0x8f0 [ 349.449101] ? lock_acquire+0x1e4/0x540 [ 349.453058] ? fs_reclaim_acquire+0x20/0x20 [ 349.457363] ? lock_downgrade+0x8f0/0x8f0 [ 349.461496] ? lock_downgrade+0x8f0/0x8f0 [ 349.465630] ? check_same_owner+0x340/0x340 [ 349.469936] ? rcu_note_context_switch+0x730/0x730 [ 349.474849] ? kasan_unpoison_shadow+0x35/0x50 [ 349.479413] __should_failslab+0x124/0x180 [ 349.483643] should_failslab+0x9/0x14 [ 349.487425] kmem_cache_alloc+0x2af/0x760 [ 349.491558] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 349.496384] mmu_topup_memory_caches+0xf7/0x3a0 [ 349.501041] kvm_mmu_load+0x21/0x10e0 [ 349.504836] ? rcu_note_context_switch+0x730/0x730 [ 349.509750] ? filemap_map_pages+0xca2/0x1990 [ 349.514233] vcpu_enter_guest+0x3aa6/0x6090 [ 349.518537] ? kasan_check_write+0x14/0x20 [ 349.522756] ? __mutex_lock+0x6c4/0x1680 [ 349.526801] ? kvm_set_msr_common+0x26a0/0x26a0 [ 349.531451] ? lock_acquire+0x1e4/0x540 [ 349.535411] ? vmx_vcpu_load+0xadf/0xff0 [ 349.539457] ? trace_hardirqs_on+0x10/0x10 [ 349.543676] ? vmx_vcpu_reset+0x1040/0x1040 [ 349.547982] ? find_get_entries_tag+0x1410/0x1410 [ 349.552820] ? lock_acquire+0x1e4/0x540 [ 349.556777] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 349.561778] ? lock_release+0xa30/0xa30 [ 349.565732] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 349.570993] ? kvm_arch_dev_ioctl+0x610/0x610 [ 349.575472] ? preempt_notifier_dec+0x20/0x20 [ 349.579952] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 349.584775] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 349.589781] kvm_vcpu_ioctl+0x7b8/0x1300 [ 349.593825] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 349.599524] ? lock_acquire+0x1e4/0x540 [ 349.603482] ? __fget+0x4ac/0x740 [ 349.606918] ? lock_downgrade+0x8f0/0x8f0 [ 349.611048] ? lock_release+0xa30/0xa30 [ 349.615007] ? pid_task+0x115/0x200 [ 349.618617] ? find_vpid+0xf0/0xf0 [ 349.622141] ? __f_unlock_pos+0x19/0x20 [ 349.626104] ? __fget+0x4d5/0x740 [ 349.629539] ? ksys_dup3+0x690/0x690 [ 349.633241] ? kasan_check_write+0x14/0x20 [ 349.637461] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 349.642372] ? fsnotify+0xbac/0x14e0 [ 349.646068] ? vfs_write+0x2f3/0x560 [ 349.649767] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 349.655462] do_vfs_ioctl+0x1de/0x1720 [ 349.659333] ? fsnotify_first_mark+0x350/0x350 [ 349.663896] ? __fsnotify_parent+0xcc/0x420 [ 349.668200] ? ioctl_preallocate+0x300/0x300 [ 349.672602] ? __fget_light+0x2f7/0x440 [ 349.676557] ? fget_raw+0x20/0x20 [ 349.679997] ? __sb_end_write+0xac/0xe0 [ 349.683958] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 349.689476] ? fput+0x130/0x1a0 [ 349.692736] ? ksys_write+0x1ae/0x260 [ 349.696521] ? security_file_ioctl+0x94/0xc0 [ 349.700910] ksys_ioctl+0xa9/0xd0 [ 349.704345] __x64_sys_ioctl+0x73/0xb0 [ 349.708219] do_syscall_64+0x1b9/0x820 [ 349.712097] ? finish_task_switch+0x1d3/0x870 [ 349.716578] ? syscall_return_slowpath+0x5e0/0x5e0 [ 349.721490] ? syscall_return_slowpath+0x31d/0x5e0 [ 349.726404] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 349.731403] ? prepare_exit_to_usermode+0x291/0x3b0 [ 349.736403] ? perf_trace_sys_enter+0xb10/0xb10 [ 349.741055] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 349.745885] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 349.751057] RIP: 0033:0x455ba9 [ 349.754222] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 349.773822] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 349.781513] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 349.788763] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 07:08:13 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000440)=0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000280)={{0x3, 0x0, 0x3, 0xa029, '\x00', 0x3f}, 0x3, 0x10, 0x6, r1, 0x8, 0x9, 'syz0\x00', &(0x7f0000000200)=['net/igmp\x00', 'net/igmp\x00', ':em1cpuset\x00', 'net/igmp\x00', "7472757374656428922b00", '!/md5sum.wlan0\x00', 'system\x00', 'net/igmp\x00'], 0x50, [], [0x7ff, 0x1, 0x81, 0x1e]}) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x890a, &(0x7f0000000140)="025cc83d6d345f8f762070") ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f00000003c0)={0x13, 0x13, &(0x7f0000000180)="6d2e1b446443ec7e6bbe495f8c8462aff1e5b1"}) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000100)={0x6, 0x2d}) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xffffff7f]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:13 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:13 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1400, 0x20}, [{}]}, 0x58) [ 349.796023] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 349.803272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 349.810532] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000020 07:08:13 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x100000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:13 executing program 3 (fault-call:8 fault-nth:33): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:13 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000002000000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x3000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:13 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) sync_file_range(r0, 0x4, 0x1000, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") get_thread_area(&(0x7f00000000c0)={0xc58d, 0x20100000, 0x5000, 0x5, 0x7, 0x8, 0x1ff, 0x6, 0xffffffff, 0x3}) syncfs(r0) mknodat(r0, &(0x7f0000000200)='./file0\x00', 0x80, 0x5000000) read(r0, &(0x7f0000000000)=""/151, 0x97) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000240), 0x4) ioctl$KDADDIO(r0, 0x4b34, 0x20) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000140), &(0x7f0000000180)=0x18) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/pfkey\x00', 0x800, 0x0) ioctl$VHOST_SET_VRING_CALL(r2, 0x4008af21, &(0x7f00000004c0)={0x3, r0}) write(r1, &(0x7f0000000340)="5383bebcb21276aa9eaab5b4cffb6b77afbb62ff6744567577cf09f833f1ec2fb61f0622f85ef1028647b76e4cbcdd1ace6b2fbb9791760dc1fa229d1a37e40d0e863f8c36c0f88c267d163521082fc70d2cb83040493eeb1a524b37e1b7c77410124576aeea2850655de916cbfc701da41fbc3cde6377108ba32dacc59ba37fd7afe66bcdea368e0c645b545569b9c3410d77ef30c3e9071373a1bdf911c19d4e6f3f6b97505db21a5d5eee9176c9847340818a6f12c352186e820c15d773c4", 0xc0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000002c0)=0x0) ioctl$KVM_SET_VAPIC_ADDR(r0, 0x4008ae93, &(0x7f0000000300)=0xf004) r4 = syz_open_procfs(r3, &(0x7f0000000540)="6e65742f6d6366696c7465720027c186fb710ed3a865299dc656416988436b26b20d2655f5cd7b7e0e03aa620686ecffc7cb1364a504187bec193ebf41071c3f96d85a908f669ece552ff73890b9") setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100)=0x3, 0x4) ioctl$VHOST_SET_VRING_NUM(r4, 0x4008af10, &(0x7f0000000400)={0x3, 0x9df}) [ 349.933344] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 349.970943] FAULT_INJECTION: forcing a failure. [ 349.970943] name failslab, interval 1, probability 0, space 0, times 0 07:08:13 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 349.982231] CPU: 0 PID: 23463 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 349.990634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 349.999988] Call Trace: [ 350.002586] dump_stack+0x1c9/0x2b4 [ 350.006244] ? dump_stack_print_info.cold.2+0x52/0x52 [ 350.011443] ? __kernel_text_address+0xd/0x40 [ 350.015945] ? unwind_get_return_address+0x61/0xa0 [ 350.020888] should_fail.cold.4+0xa/0x11 [ 350.024964] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 350.030079] ? save_stack+0xa9/0xd0 07:08:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfc000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:13 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000003f1d8000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 350.033717] ? kasan_kmalloc+0xc4/0xe0 [ 350.037617] ? kasan_slab_alloc+0x12/0x20 [ 350.041772] ? kmem_cache_alloc+0x12e/0x760 [ 350.046100] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 350.050945] ? kvm_mmu_load+0x21/0x10e0 [ 350.054922] ? vcpu_enter_guest+0x3aa6/0x6090 [ 350.059416] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 350.064420] ? do_vfs_ioctl+0x1de/0x1720 [ 350.068465] ? ksys_ioctl+0xa9/0xd0 [ 350.072074] ? __x64_sys_ioctl+0x73/0xb0 [ 350.076124] ? do_syscall_64+0x1b9/0x820 [ 350.080168] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.085516] ? lock_acquire+0x1e4/0x540 [ 350.089475] ? percpu_ref_put_many+0x119/0x240 [ 350.094048] ? lock_downgrade+0x8f0/0x8f0 [ 350.098182] ? lock_acquire+0x1e4/0x540 [ 350.102138] ? fs_reclaim_acquire+0x20/0x20 [ 350.106443] ? lock_downgrade+0x8f0/0x8f0 [ 350.110577] ? check_same_owner+0x340/0x340 [ 350.114887] ? rcu_note_context_switch+0x730/0x730 [ 350.119799] ? kasan_unpoison_shadow+0x35/0x50 [ 350.124368] __should_failslab+0x124/0x180 [ 350.128592] should_failslab+0x9/0x14 [ 350.132378] kmem_cache_alloc+0x2af/0x760 [ 350.136508] ? kasan_check_write+0x14/0x20 [ 350.140727] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 350.145566] mmu_topup_memory_caches+0xf7/0x3a0 [ 350.150223] kvm_mmu_load+0x21/0x10e0 [ 350.154358] ? rcu_note_context_switch+0x730/0x730 [ 350.159272] ? filemap_map_pages+0xca2/0x1990 [ 350.163753] vcpu_enter_guest+0x3aa6/0x6090 [ 350.168058] ? kasan_check_write+0x14/0x20 [ 350.172275] ? __mutex_lock+0x6c4/0x1680 [ 350.176321] ? kvm_set_msr_common+0x26a0/0x26a0 [ 350.180978] ? lock_acquire+0x1e4/0x540 [ 350.184948] ? vmx_vcpu_load+0xadf/0xff0 [ 350.188992] ? trace_hardirqs_on+0x10/0x10 [ 350.193215] ? vmx_vcpu_reset+0x1040/0x1040 [ 350.197530] ? find_get_entries_tag+0x1410/0x1410 [ 350.202377] ? lock_acquire+0x1e4/0x540 [ 350.206332] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 350.211332] ? lock_release+0xa30/0xa30 [ 350.215298] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 350.220559] ? kvm_arch_dev_ioctl+0x610/0x610 [ 350.225037] ? preempt_notifier_dec+0x20/0x20 [ 350.229518] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 350.234341] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 350.239344] kvm_vcpu_ioctl+0x7b8/0x1300 [ 350.243389] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 350.249087] ? lock_acquire+0x1e4/0x540 [ 350.253045] ? __fget+0x4ac/0x740 [ 350.256482] ? lock_downgrade+0x8f0/0x8f0 [ 350.260625] ? lock_release+0xa30/0xa30 [ 350.264579] ? pid_task+0x115/0x200 [ 350.268202] ? find_vpid+0xf0/0xf0 [ 350.271725] ? __f_unlock_pos+0x19/0x20 [ 350.275682] ? __fget+0x4d5/0x740 [ 350.279118] ? ksys_dup3+0x690/0x690 [ 350.282817] ? kasan_check_write+0x14/0x20 [ 350.287036] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 350.292643] ? perf_trace_sys_exit+0x3f7/0x650 [ 350.297210] ? vfs_write+0x2f3/0x560 [ 350.300925] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 350.306620] do_vfs_ioctl+0x1de/0x1720 [ 350.310516] ? fsnotify_first_mark+0x350/0x350 [ 350.315081] ? __fsnotify_parent+0xcc/0x420 [ 350.319386] ? ioctl_preallocate+0x300/0x300 [ 350.323774] ? __fget_light+0x2f7/0x440 [ 350.327742] ? fget_raw+0x20/0x20 [ 350.331189] ? __sb_end_write+0xac/0xe0 [ 350.335149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 350.340673] ? syscall_slow_exit_work+0x111/0x500 [ 350.345501] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 350.350154] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 350.355594] ? security_file_ioctl+0x94/0xc0 [ 350.359985] ksys_ioctl+0xa9/0xd0 [ 350.363423] __x64_sys_ioctl+0x73/0xb0 [ 350.367293] do_syscall_64+0x1b9/0x820 [ 350.371162] ? syscall_slow_exit_work+0x500/0x500 [ 350.375998] ? syscall_return_slowpath+0x5e0/0x5e0 [ 350.380915] ? syscall_return_slowpath+0x31d/0x5e0 [ 350.385832] ? prepare_exit_to_usermode+0x291/0x3b0 [ 350.390830] ? perf_trace_sys_enter+0xb10/0xb10 [ 350.395486] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 350.400325] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.405496] RIP: 0033:0x455ba9 [ 350.408664] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 350.427833] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:08:14 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0xf0c98b0c6e6954cc, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x6, 0xffffffff, 0x1, 'queue1\x00', 0xffff}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = getpgid(0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x590, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r2, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) [ 350.435524] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 350.442774] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 350.450026] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 350.457275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 350.464528] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000021 07:08:14 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1f00000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:14 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x300000000000000, 0x20}, [{}]}, 0x58) [ 350.482844] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:14 executing program 1: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000000c0)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000180)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000200)='net/nfsfs\x00') r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r1, &(0x7f00000002c0)=""/151, 0xfffffffffffffe70) 07:08:14 executing program 3 (fault-call:8 fault-nth:34): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:14 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 350.604547] nla_parse: 1 callbacks suppressed [ 350.604554] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:14 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0xfffffffffffffff9, 0x6}, &(0x7f0000000100)=0x8) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000180)='tls\x00', 0x4) readlinkat(r0, &(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)=""/4096, 0x1000) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000140)={r2, 0x4}, 0x8) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:14 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1100000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x900]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:14 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x40000, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x242000, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(r2, 0x4008af13, &(0x7f00000000c0)={0x2}) 07:08:14 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1f00000000000000, 0x20}, [{}]}, 0x58) [ 350.661788] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 350.730005] FAULT_INJECTION: forcing a failure. [ 350.730005] name failslab, interval 1, probability 0, space 0, times 0 [ 350.741335] CPU: 1 PID: 23505 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 350.749739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.759092] Call Trace: [ 350.761693] dump_stack+0x1c9/0x2b4 [ 350.765333] ? dump_stack_print_info.cold.2+0x52/0x52 [ 350.770535] ? __kernel_text_address+0xd/0x40 [ 350.775047] ? unwind_get_return_address+0x61/0xa0 07:08:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000f00000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfc00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 350.779992] should_fail.cold.4+0xa/0x11 [ 350.784066] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 350.789202] ? save_stack+0xa9/0xd0 [ 350.792862] ? kasan_kmalloc+0xc4/0xe0 [ 350.796753] ? kasan_slab_alloc+0x12/0x20 [ 350.800906] ? kmem_cache_alloc+0x12e/0x760 [ 350.805235] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 350.810085] ? kvm_mmu_load+0x21/0x10e0 [ 350.814097] ? vcpu_enter_guest+0x3aa6/0x6090 [ 350.818611] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 07:08:14 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0xffffffffffffffd6) [ 350.818783] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 350.823642] ? do_vfs_ioctl+0x1de/0x1720 [ 350.823657] ? ksys_ioctl+0xa9/0xd0 [ 350.823674] ? __x64_sys_ioctl+0x73/0xb0 [ 350.843774] ? do_syscall_64+0x1b9/0x820 [ 350.847855] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 350.853348] ? lock_acquire+0x1e4/0x540 [ 350.857329] ? percpu_ref_put_many+0x119/0x240 [ 350.861917] ? lock_downgrade+0x8f0/0x8f0 [ 350.866081] ? lock_acquire+0x1e4/0x540 [ 350.870067] ? fs_reclaim_acquire+0x20/0x20 [ 350.874395] ? lock_downgrade+0x8f0/0x8f0 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfcff]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:14 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x8000, 0x40380) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r0, 0x111, 0x4, 0x0, 0x4) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r1, &(0x7f0000000000)=""/151, 0x97) syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x2) [ 350.878550] ? check_same_owner+0x340/0x340 [ 350.882875] ? rcu_note_context_switch+0x730/0x730 [ 350.887804] ? kasan_unpoison_shadow+0x35/0x50 [ 350.892389] __should_failslab+0x124/0x180 [ 350.896627] should_failslab+0x9/0x14 [ 350.900433] kmem_cache_alloc+0x2af/0x760 [ 350.904586] ? kasan_check_write+0x14/0x20 [ 350.908823] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 350.913666] mmu_topup_memory_caches+0xf7/0x3a0 [ 350.918340] kvm_mmu_load+0x21/0x10e0 [ 350.922143] ? rcu_note_context_switch+0x730/0x730 07:08:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000740000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 350.927076] ? filemap_map_pages+0xca2/0x1990 [ 350.931578] vcpu_enter_guest+0x3aa6/0x6090 [ 350.935907] ? kasan_check_write+0x14/0x20 [ 350.940150] ? __mutex_lock+0x6c4/0x1680 [ 350.944230] ? kvm_set_msr_common+0x26a0/0x26a0 [ 350.948898] ? lock_acquire+0x1e4/0x540 [ 350.952875] ? vmx_vcpu_load+0xadf/0xff0 [ 350.956937] ? trace_hardirqs_on+0x10/0x10 [ 350.961173] ? vmx_vcpu_reset+0x1040/0x1040 [ 350.965501] ? find_get_entries_tag+0x1410/0x1410 [ 350.970356] ? lock_acquire+0x1e4/0x540 [ 350.974332] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x11]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 350.976354] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 350.979349] ? lock_release+0xa30/0xa30 [ 350.979362] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 350.979381] ? kvm_arch_dev_ioctl+0x610/0x610 [ 351.001485] ? preempt_notifier_dec+0x20/0x20 [ 351.006007] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 351.010874] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 351.015901] kvm_vcpu_ioctl+0x7b8/0x1300 [ 351.019972] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 351.025691] ? lock_acquire+0x1e4/0x540 07:08:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000028000000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x401000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 351.029665] ? __fget+0x4ac/0x740 [ 351.033123] ? lock_downgrade+0x8f0/0x8f0 [ 351.037274] ? lock_release+0xa30/0xa30 [ 351.041251] ? pid_task+0x115/0x200 [ 351.044878] ? find_vpid+0xf0/0xf0 [ 351.048429] ? __f_unlock_pos+0x19/0x20 [ 351.052405] ? __fget+0x4d5/0x740 [ 351.055862] ? ksys_dup3+0x690/0x690 [ 351.059584] ? kasan_check_write+0x14/0x20 [ 351.063824] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 351.068756] ? fsnotify+0xbac/0x14e0 [ 351.069905] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 351.072468] ? vfs_write+0x2f3/0x560 [ 351.072487] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 351.072506] do_vfs_ioctl+0x1de/0x1720 [ 351.094288] ? fsnotify_first_mark+0x350/0x350 [ 351.098890] ? __fsnotify_parent+0xcc/0x420 [ 351.103217] ? ioctl_preallocate+0x300/0x300 [ 351.107625] ? __fget_light+0x2f7/0x440 [ 351.111685] ? fget_raw+0x20/0x20 [ 351.115142] ? __sb_end_write+0xac/0xe0 [ 351.119122] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.124659] ? fput+0x130/0x1a0 [ 351.127939] ? ksys_write+0x1ae/0x260 [ 351.131744] ? security_file_ioctl+0x94/0xc0 [ 351.136152] ksys_ioctl+0xa9/0xd0 [ 351.139611] __x64_sys_ioctl+0x73/0xb0 [ 351.143506] do_syscall_64+0x1b9/0x820 [ 351.147396] ? finish_task_switch+0x1d3/0x870 [ 351.151909] ? syscall_return_slowpath+0x5e0/0x5e0 [ 351.151927] ? syscall_return_slowpath+0x31d/0x5e0 [ 351.161763] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 351.166784] ? prepare_exit_to_usermode+0x291/0x3b0 [ 351.171809] ? perf_trace_sys_enter+0xb10/0xb10 [ 351.176482] ? trace_hardirqs_off_thunk+0x1a/0x1c 07:08:14 executing program 3 (fault-call:8 fault-nth:35): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfe80000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000d8f10300000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:14 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x11000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:14 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 351.181321] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.186497] RIP: 0033:0x455ba9 [ 351.189684] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:14 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x9, &(0x7f0000000080)="02e41135a75bb09bdeef1ce4d3ccc622305cc83d6d345f8f762070664e7049e4256290") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0xa091, 0x2) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000240)={{{@in6=@ipv4={[], [], @multicast2}, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@dev}}, &(0x7f0000000340)=0xe8) bind$can_raw(r1, &(0x7f0000000380)={0x1d, r2}, 0x10) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:14 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) ioctl(r1, 0x8912, &(0x7f0000000100)="225cc83d6c345f8f762070") fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000000c0)) read(r0, &(0x7f0000000000)=""/151, 0x97) lseek(r1, 0x0, 0x2) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000200)={0xfff, {{0xa, 0x4e23, 0x5ae, @mcast1={0xff, 0x1, [], 0x1}, 0x80}}, 0x1, 0x3, [{{0xa, 0x4e21, 0x7, @remote={0xfe, 0x80, [], 0xbb}, 0x7ff}}, {{0xa, 0x4e22, 0x8, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0xd70}}, {{0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x5}}]}, 0x210) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000140), &(0x7f0000000180)=0x4) 07:08:14 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1000000, 0x20}, [{}]}, 0x58) 07:08:14 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600009effffff000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xffff1f0000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 351.189846] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.189857] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 351.189863] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 351.189869] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 351.189874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 351.189880] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000022 [ 351.229392] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 351.276156] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 351.317342] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 351.350107] FAULT_INJECTION: forcing a failure. [ 351.350107] name failslab, interval 1, probability 0, space 0, times 0 [ 351.421552] CPU: 1 PID: 23591 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 351.421563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.421567] Call Trace: [ 351.421590] dump_stack+0x1c9/0x2b4 [ 351.421611] ? dump_stack_print_info.cold.2+0x52/0x52 [ 351.421631] ? __kernel_text_address+0xd/0x40 [ 351.421648] ? unwind_get_return_address+0x61/0xa0 [ 351.421665] should_fail.cold.4+0xa/0x11 [ 351.421682] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 351.421699] ? save_stack+0xa9/0xd0 [ 351.421715] ? kasan_kmalloc+0xc4/0xe0 [ 351.421727] ? kasan_slab_alloc+0x12/0x20 [ 351.421740] ? kmem_cache_alloc+0x12e/0x760 [ 351.421755] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 351.421769] ? kvm_mmu_load+0x21/0x10e0 [ 351.421784] ? vcpu_enter_guest+0x3aa6/0x6090 [ 351.421796] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 351.421809] ? do_vfs_ioctl+0x1de/0x1720 [ 351.421820] ? ksys_ioctl+0xa9/0xd0 [ 351.421833] ? __x64_sys_ioctl+0x73/0xb0 [ 351.421847] ? do_syscall_64+0x1b9/0x820 [ 351.421862] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.421878] ? lock_acquire+0x1e4/0x540 [ 351.421891] ? percpu_ref_put_many+0x119/0x240 [ 351.421906] ? lock_downgrade+0x8f0/0x8f0 [ 351.421925] ? lock_acquire+0x1e4/0x540 [ 351.421939] ? fs_reclaim_acquire+0x20/0x20 [ 351.421954] ? lock_downgrade+0x8f0/0x8f0 [ 351.421968] ? lock_downgrade+0x8f0/0x8f0 [ 351.421991] ? check_same_owner+0x340/0x340 [ 351.422017] ? rcu_note_context_switch+0x730/0x730 [ 351.422034] ? kasan_unpoison_shadow+0x35/0x50 [ 351.422049] __should_failslab+0x124/0x180 [ 351.422063] should_failslab+0x9/0x14 [ 351.422075] kmem_cache_alloc+0x2af/0x760 [ 351.422089] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 351.422107] mmu_topup_memory_caches+0xf7/0x3a0 [ 351.457615] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 351.460594] kvm_mmu_load+0x21/0x10e0 [ 351.460610] ? rcu_note_context_switch+0x730/0x730 [ 351.460630] ? filemap_map_pages+0xca2/0x1990 [ 351.611165] vcpu_enter_guest+0x3aa6/0x6090 [ 351.615490] ? kasan_check_write+0x14/0x20 [ 351.619711] ? __mutex_lock+0x6c4/0x1680 [ 351.623758] ? kvm_set_msr_common+0x26a0/0x26a0 [ 351.628424] ? lock_acquire+0x1e4/0x540 [ 351.632385] ? vmx_vcpu_load+0xadf/0xff0 [ 351.636429] ? trace_hardirqs_on+0x10/0x10 [ 351.640650] ? vmx_vcpu_reset+0x1040/0x1040 [ 351.644955] ? find_get_entries_tag+0x1410/0x1410 [ 351.649802] ? lock_acquire+0x1e4/0x540 [ 351.653757] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 351.658758] ? lock_release+0xa30/0xa30 [ 351.662716] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 351.667986] ? kvm_arch_dev_ioctl+0x610/0x610 [ 351.672465] ? preempt_notifier_dec+0x20/0x20 [ 351.676947] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 351.681775] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 351.686778] kvm_vcpu_ioctl+0x7b8/0x1300 [ 351.690823] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 351.696522] ? lock_acquire+0x1e4/0x540 [ 351.700480] ? __fget+0x4ac/0x740 [ 351.703916] ? lock_downgrade+0x8f0/0x8f0 [ 351.708048] ? lock_release+0xa30/0xa30 [ 351.712008] ? pid_task+0x115/0x200 [ 351.715618] ? find_vpid+0xf0/0xf0 [ 351.719142] ? __f_unlock_pos+0x19/0x20 [ 351.723101] ? __fget+0x4d5/0x740 [ 351.726539] ? ksys_dup3+0x690/0x690 [ 351.730240] ? kasan_check_write+0x14/0x20 [ 351.734457] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 351.739373] ? fsnotify+0xbac/0x14e0 [ 351.743069] ? vfs_write+0x2f3/0x560 [ 351.746767] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 351.752460] do_vfs_ioctl+0x1de/0x1720 [ 351.756333] ? fsnotify_first_mark+0x350/0x350 [ 351.760896] ? __fsnotify_parent+0xcc/0x420 [ 351.765201] ? ioctl_preallocate+0x300/0x300 [ 351.769592] ? __fget_light+0x2f7/0x440 [ 351.773547] ? fget_raw+0x20/0x20 [ 351.776987] ? __sb_end_write+0xac/0xe0 [ 351.780948] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 351.786469] ? fput+0x130/0x1a0 [ 351.789733] ? ksys_write+0x1ae/0x260 [ 351.793521] ? security_file_ioctl+0x94/0xc0 [ 351.797914] ksys_ioctl+0xa9/0xd0 [ 351.801352] __x64_sys_ioctl+0x73/0xb0 [ 351.805227] do_syscall_64+0x1b9/0x820 [ 351.809095] ? finish_task_switch+0x1d3/0x870 [ 351.813575] ? syscall_return_slowpath+0x5e0/0x5e0 [ 351.818488] ? syscall_return_slowpath+0x31d/0x5e0 [ 351.823399] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 351.828410] ? prepare_exit_to_usermode+0x291/0x3b0 [ 351.833419] ? perf_trace_sys_enter+0xb10/0xb10 [ 351.838074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 351.842902] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 351.848073] RIP: 0033:0x455ba9 [ 351.851244] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 351.870499] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 351.878198] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 351.885451] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 07:08:15 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x3ff, &(0x7f00000000c0)="025cc83d6d345f8f7620700ae4d6c0607d640674afacfbb0a693d72fbfb8617cca62d2c8a87307aca1afa9dd7305393f879f8e9c285ba304e6455157b7e5d30e7241613921d33b3e044053fe3874a6776549f0294c3dc844a4297fbab8dc406e443b930abe14d06444073f0bbf153f12362dda4f0e9c8865878aa4d7465b9c85633d5107a209edfd8533b40d79321f8057d65d5be191303fc69e7409a931948aab52c2a90436ded26ecd589636a0e84b5a6f844b2958301a0779cb351d7b5ea3e8b5452d7bc62897bceb7b2fac7f66c33e44c814258dae58f89f6482fe47d390d400082ff84ab14513a2baae582705") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000060000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:15 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x8000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:15 executing program 1: r0 = msgget(0x0, 0x409) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000280)=""/203) r1 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) ioctl$BLKFLSBUF(r1, 0x1261, &(0x7f00000003c0)=0x8000) bind$pptp(r1, &(0x7f0000000380)={0x18, 0x2, {0x2, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1e) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f7620701bcd78580e335b3eb87c82c9529275696be95fd8146c0a2183cfcdc48f601c5c69ece85ba5161c8422fe6b4328878116251dbe578607f968e890963c2abe8407cabfeebab9ed416ffce718dbcf9f5f7b8a35e95d74cca2af369848cf6d973e586f2d12399143ad51db2244c1e201de4502241894c2346481cf2724f4ebc0169127d101b7fb32ebfa3a3259029273ebc33763bce69b207cdb0600152b402707f7e02ffd7327326a8b89d5cb097225baaf89eb79a1afd2") read(r1, &(0x7f0000000000)=""/151, 0x97) 07:08:15 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x2000000, 0x20}, [{}]}, 0x58) [ 351.892703] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 351.899955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 351.907209] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000023 [ 351.920612] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:15 executing program 3 (fault-call:8 fault-nth:36): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:15 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x12000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000740000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfec00000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:15 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:15 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)={0x0, 0x200200000000000, 0x4}) 07:08:15 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x5000000, 0x20}, [{}]}, 0x58) 07:08:15 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f00000000c0)={0x1, 0x3f00000000000, 0xf0ad, 0x40}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:15 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x500]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 352.046259] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 352.078763] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:15 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x500, 0x20}, [{}]}, 0x58) 07:08:15 executing program 0: prctl$setmm(0x23, 0x7, &(0x7f0000ffd000/0x1000)=nil) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@local, @in6=@ipv4={[], [], @remote}}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000000080)=0xe8) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockname(r0, &(0x7f00000000c0)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, &(0x7f00000001c0)=0x80) accept4$bt_l2cap(r2, 0x0, &(0x7f0000000200), 0x80800) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:15 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x500, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000f0ffff0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 352.161439] FAULT_INJECTION: forcing a failure. [ 352.161439] name failslab, interval 1, probability 0, space 0, times 0 [ 352.172711] CPU: 1 PID: 23669 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 352.181125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 352.190482] Call Trace: [ 352.193081] dump_stack+0x1c9/0x2b4 [ 352.196741] ? dump_stack_print_info.cold.2+0x52/0x52 [ 352.200106] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 352.201942] ? __kernel_text_address+0xd/0x40 [ 352.201963] ? unwind_get_return_address+0x61/0xa0 [ 352.219785] should_fail.cold.4+0xa/0x11 [ 352.223867] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 352.229414] ? save_stack+0xa9/0xd0 [ 352.233054] ? kasan_kmalloc+0xc4/0xe0 [ 352.236952] ? kasan_slab_alloc+0x12/0x20 [ 352.241108] ? kmem_cache_alloc+0x12e/0x760 [ 352.245442] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 352.250294] ? kvm_mmu_load+0x21/0x10e0 [ 352.254276] ? vcpu_enter_guest+0x3aa6/0x6090 [ 352.258311] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 352.258781] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 352.272169] ? do_vfs_ioctl+0x1de/0x1720 [ 352.276232] ? ksys_ioctl+0xa9/0xd0 [ 352.279855] ? __x64_sys_ioctl+0x73/0xb0 [ 352.283920] ? do_syscall_64+0x1b9/0x820 [ 352.287981] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.293347] ? lock_acquire+0x1e4/0x540 [ 352.297323] ? percpu_ref_put_many+0x119/0x240 [ 352.301906] ? lock_downgrade+0x8f0/0x8f0 [ 352.306071] ? lock_acquire+0x1e4/0x540 [ 352.306086] ? fs_reclaim_acquire+0x20/0x20 [ 352.306101] ? lock_downgrade+0x8f0/0x8f0 [ 352.306120] ? check_same_owner+0x340/0x340 [ 352.306136] ? rcu_note_context_switch+0x730/0x730 [ 352.306153] ? kasan_unpoison_shadow+0x35/0x50 [ 352.306168] __should_failslab+0x124/0x180 [ 352.306185] should_failslab+0x9/0x14 [ 352.306199] kmem_cache_alloc+0x2af/0x760 [ 352.306213] ? kasan_check_write+0x14/0x20 [ 352.306230] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 352.306246] mmu_topup_memory_caches+0xf7/0x3a0 [ 352.306264] kvm_mmu_load+0x21/0x10e0 07:08:15 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:15 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$bt_sco_SCO_OPTIONS(r0, 0x11, 0x1, &(0x7f00000000c0)=""/171, &(0x7f0000000180)=0xab) read(r0, &(0x7f00000002c0)=""/151, 0xe) 07:08:15 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000480d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 352.306278] ? rcu_note_context_switch+0x730/0x730 [ 352.306293] ? filemap_map_pages+0xca2/0x1990 [ 352.306310] vcpu_enter_guest+0x3aa6/0x6090 [ 352.306327] ? kasan_check_write+0x14/0x20 [ 352.380093] ? __mutex_lock+0x6c4/0x1680 [ 352.384164] ? kvm_set_msr_common+0x26a0/0x26a0 [ 352.388845] ? lock_acquire+0x1e4/0x540 [ 352.388865] ? vmx_vcpu_load+0xadf/0xff0 [ 352.396879] ? trace_hardirqs_on+0x10/0x10 [ 352.401119] ? vmx_vcpu_reset+0x1040/0x1040 [ 352.405448] ? find_get_entries_tag+0x1410/0x1410 [ 352.410306] ? lock_acquire+0x1e4/0x540 [ 352.414272] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 352.419281] ? lock_release+0xa30/0xa30 [ 352.423243] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 352.428515] ? kvm_arch_dev_ioctl+0x610/0x610 [ 352.432998] ? preempt_notifier_dec+0x20/0x20 [ 352.437483] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 352.442315] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 352.447334] kvm_vcpu_ioctl+0x7b8/0x1300 [ 352.451380] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 352.457075] ? lock_acquire+0x1e4/0x540 [ 352.461036] ? __fget+0x4ac/0x740 [ 352.464469] ? lock_downgrade+0x8f0/0x8f0 [ 352.468602] ? lock_release+0xa30/0xa30 [ 352.472554] ? pid_task+0x115/0x200 [ 352.476168] ? find_vpid+0xf0/0xf0 [ 352.479697] ? __f_unlock_pos+0x19/0x20 [ 352.483651] ? __fget+0x4d5/0x740 [ 352.487093] ? ksys_dup3+0x690/0x690 [ 352.490804] ? kasan_check_write+0x14/0x20 [ 352.495035] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 352.499945] ? fsnotify+0xbac/0x14e0 [ 352.503641] ? vfs_write+0x2f3/0x560 [ 352.507341] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 352.513041] do_vfs_ioctl+0x1de/0x1720 [ 352.516928] ? fsnotify_first_mark+0x350/0x350 [ 352.521487] ? __fsnotify_parent+0xcc/0x420 [ 352.525789] ? ioctl_preallocate+0x300/0x300 [ 352.530176] ? __fget_light+0x2f7/0x440 [ 352.534131] ? fget_raw+0x20/0x20 [ 352.537563] ? __sb_end_write+0xac/0xe0 [ 352.541540] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 352.547055] ? fput+0x130/0x1a0 [ 352.550316] ? ksys_write+0x1ae/0x260 [ 352.554100] ? security_file_ioctl+0x94/0xc0 [ 352.558490] ksys_ioctl+0xa9/0xd0 [ 352.561926] __x64_sys_ioctl+0x73/0xb0 [ 352.565794] do_syscall_64+0x1b9/0x820 [ 352.569667] ? finish_task_switch+0x1d3/0x870 [ 352.574148] ? syscall_return_slowpath+0x5e0/0x5e0 [ 352.579059] ? syscall_return_slowpath+0x31d/0x5e0 [ 352.583977] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 352.588974] ? prepare_exit_to_usermode+0x291/0x3b0 [ 352.593969] ? perf_trace_sys_enter+0xb10/0xb10 [ 352.598618] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 352.603441] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.608608] RIP: 0033:0x455ba9 [ 352.611771] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 352.630899] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 352.638592] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 352.645842] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 352.653090] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:16 executing program 3 (fault-call:8 fault-nth:37): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:16 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x80002, 0x400000000000000) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet6_tcp_int(r0, 0x6, 0x9, &(0x7f00000002c0), &(0x7f0000000300)=0x4) read(r0, &(0x7f0000000000)=""/151, 0x97) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000000c0)={{{@in6=@mcast1, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@local}}, &(0x7f0000000200)=0xe8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'veth0\x00', r2}) 07:08:16 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000007a0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000080)=0xfffffffffffffff9, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:16 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1100, 0x20}, [{}]}, 0x58) 07:08:16 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1500000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:16 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 352.660343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 352.667601] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000024 [ 352.683346] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:16 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000740d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfffc]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:16 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f00000000c0)={'vcan0\x00', {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}}) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xfffffffffffffffe}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) close(r2) [ 352.798748] EXT4-fs: Invalid sb specification: sb=>,errors=continue [ 352.808062] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 352.818315] FAULT_INJECTION: forcing a failure. [ 352.818315] name failslab, interval 1, probability 0, space 0, times 0 [ 352.829592] CPU: 1 PID: 23735 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 352.837993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 07:08:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x4]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 352.847348] Call Trace: [ 352.849945] dump_stack+0x1c9/0x2b4 [ 352.853583] ? dump_stack_print_info.cold.2+0x52/0x52 [ 352.858785] ? __kernel_text_address+0xd/0x40 [ 352.863288] ? unwind_get_return_address+0x61/0xa0 [ 352.868234] should_fail.cold.4+0xa/0x11 [ 352.872303] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 352.877414] ? save_stack+0xa9/0xd0 [ 352.881055] ? kasan_kmalloc+0xc4/0xe0 [ 352.884948] ? kasan_slab_alloc+0x12/0x20 [ 352.889103] ? kmem_cache_alloc+0x12e/0x760 [ 352.893436] ? mmu_topup_memory_caches+0xf7/0x3a0 07:08:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x2, @loopback={0x0, 0x1}, 0x8001}, 0x1c) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x200, 0x0) ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000100)=""/49) r2 = getpgrp(0x0) prctl$void(0x3) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x1f4]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 352.898281] ? kvm_mmu_load+0x21/0x10e0 [ 352.902258] ? vcpu_enter_guest+0x3aa6/0x6090 [ 352.906756] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 352.911774] ? do_vfs_ioctl+0x1de/0x1720 [ 352.915843] ? ksys_ioctl+0xa9/0xd0 [ 352.919480] ? __x64_sys_ioctl+0x73/0xb0 [ 352.923548] ? do_syscall_64+0x1b9/0x820 [ 352.927616] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 352.932986] ? lock_acquire+0x1e4/0x540 [ 352.936964] ? percpu_ref_put_many+0x119/0x240 [ 352.941550] ? lock_downgrade+0x8f0/0x8f0 [ 352.945706] ? lock_acquire+0x1e4/0x540 [ 352.949678] ? fs_reclaim_acquire+0x20/0x20 [ 352.953986] ? lock_downgrade+0x8f0/0x8f0 [ 352.958185] ? check_same_owner+0x340/0x340 [ 352.962496] ? rcu_note_context_switch+0x730/0x730 [ 352.967415] ? kasan_unpoison_shadow+0x35/0x50 [ 352.971982] __should_failslab+0x124/0x180 [ 352.976202] should_failslab+0x9/0x14 [ 352.979985] kmem_cache_alloc+0x2af/0x760 [ 352.984119] ? kvm_clock_read+0x25/0x30 [ 352.988094] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 352.993106] ? ktime_get_with_offset+0x32e/0x4b0 [ 352.997846] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 353.002676] mmu_topup_memory_caches+0xf7/0x3a0 [ 353.007332] kvm_mmu_load+0x21/0x10e0 [ 353.011118] ? kasan_check_write+0x14/0x20 [ 353.015335] ? do_raw_spin_lock+0xc1/0x200 [ 353.019557] vcpu_enter_guest+0x3aa6/0x6090 [ 353.023869] ? kvm_set_msr_common+0x26a0/0x26a0 [ 353.028522] ? lock_acquire+0x1e4/0x540 [ 353.032479] ? vmx_vcpu_load+0xadf/0xff0 [ 353.036521] ? trace_hardirqs_on+0x10/0x10 [ 353.040742] ? vmx_vcpu_reset+0x1040/0x1040 [ 353.045047] ? find_get_entries_tag+0x1410/0x1410 [ 353.049890] ? lock_acquire+0x1e4/0x540 [ 353.053852] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 353.058856] ? lock_release+0xa30/0xa30 [ 353.062810] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 353.068068] ? kvm_arch_dev_ioctl+0x610/0x610 [ 353.072557] ? preempt_notifier_dec+0x20/0x20 [ 353.077037] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 353.081863] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 353.086868] kvm_vcpu_ioctl+0x7b8/0x1300 [ 353.090915] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 353.096622] ? lock_acquire+0x1e4/0x540 [ 353.100578] ? __fget+0x4ac/0x740 [ 353.104034] ? lock_downgrade+0x8f0/0x8f0 [ 353.108173] ? lock_release+0xa30/0xa30 [ 353.112128] ? pid_task+0x115/0x200 [ 353.115737] ? find_vpid+0xf0/0xf0 [ 353.119262] ? __f_unlock_pos+0x19/0x20 [ 353.123218] ? __fget+0x4d5/0x740 [ 353.126665] ? ksys_dup3+0x690/0x690 [ 353.130561] ? kasan_check_write+0x14/0x20 [ 353.134779] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 353.139691] ? fsnotify+0xbac/0x14e0 [ 353.143385] ? vfs_write+0x2f3/0x560 [ 353.147085] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 353.152778] do_vfs_ioctl+0x1de/0x1720 [ 353.156648] ? fsnotify_first_mark+0x350/0x350 [ 353.161211] ? __fsnotify_parent+0xcc/0x420 [ 353.165515] ? ioctl_preallocate+0x300/0x300 [ 353.169903] ? __fget_light+0x2f7/0x440 [ 353.173861] ? fget_raw+0x20/0x20 [ 353.177296] ? __sb_end_write+0xac/0xe0 [ 353.181257] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 353.186785] ? fput+0x130/0x1a0 [ 353.190049] ? ksys_write+0x1ae/0x260 [ 353.193839] ? security_file_ioctl+0x94/0xc0 [ 353.198228] ksys_ioctl+0xa9/0xd0 [ 353.201666] __x64_sys_ioctl+0x73/0xb0 [ 353.205538] do_syscall_64+0x1b9/0x820 [ 353.209407] ? syscall_slow_exit_work+0x500/0x500 [ 353.214233] ? syscall_return_slowpath+0x5e0/0x5e0 [ 353.219146] ? syscall_return_slowpath+0x31d/0x5e0 [ 353.224061] ? prepare_exit_to_usermode+0x291/0x3b0 [ 353.229059] ? perf_trace_sys_enter+0xb10/0xb10 [ 353.233712] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.238539] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.243710] RIP: 0033:0x455ba9 [ 353.246888] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 353.266059] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 353.273750] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 353.280999] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 353.288251] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:16 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1200000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 353.295502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 353.302752] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000025 07:08:17 executing program 3 (fault-call:8 fault-nth:38): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:17 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4, 0x20}, [{}]}, 0x58) 07:08:17 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:17 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0xffffffffffffffff, 0x1, 0x8, 0x0, 0x92}}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$RTC_PLL_SET(r0, 0x40207012, &(0x7f00000000c0)={0x2, 0x1, 0x8000, 0x40, 0x67d, 0x40b, 0xfffffffffffffffe}) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = msgget$private(0x0, 0x0) msgctl$MSG_INFO(r2, 0xc, &(0x7f00000002c0)=""/231) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000004c00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:17 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:17 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x7, 0x5) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x281) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000580)=0x11, 0x2) set_robust_list(&(0x7f0000000540)={&(0x7f0000000480)={&(0x7f0000000180)}, 0x9cb6, &(0x7f0000000500)={&(0x7f00000004c0)}}, 0x18) syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f00000003c0)=[{&(0x7f00000002c0)="007174e29ca2a4773c2e36905c036e1c3bca7d36bf25092417b35600e9fb3287e0fe694b476531b57a802406bcf883ecde032dbec289cdcc021f263acccc9ff67e581cb77a2a641b0ae691fd5175246acde6cc6f804082e6b6aac4c74f9868220ee253e1fee0263267fe08651d370d8b03940d56fb6372d2dcc27e6a75a914053c555983852b12b93c9e50498825047fa37513bed6196f232789025abe4490eeeb29a7aca806badaad9de12a97b081c2ae073c46dac3dde6fe6eca670d0123edefc82790bb11d4ebab11630361fb930dc868b3edff278c1440c6bbb75eda9d1d", 0xe0, 0x2}, {&(0x7f0000000140)="10aa3804f8f009a808ddd838634daebf3642d8c00e7b90afe343c77d1d15cbbfc72f1cfe37", 0x25, 0x8}, {&(0x7f0000000180), 0x0, 0x4}, {&(0x7f0000000200)="2dbb12d6a21dc14e97ae2053e04d5258ca843bc296dac16cdb14f5640f443f10e275f92fe2324c576e2e491cb0f40cdd036a3f473ae658426caf3d6aa28e790e841f3f", 0x43, 0xfffffffffffffff8}], 0x840, &(0x7f0000000440)={[{@fmask={'fmask', 0x3d, [0x32, 0x36, 0x36, 0x32, 0x36]}, 0x2c}, {@tz_utc='tz=UTC', 0x2c}]}) 07:08:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x400000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:17 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x16000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000007a0000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:17 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r0}, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8}) 07:08:17 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x400000000000000, 0x20}, [{}]}, 0x58) [ 353.471442] EXT4-fs: Invalid sb specification: sb=>3825?,data=journal,journal_ioprio=73;5,errors=continue [ 353.500376] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 353.528139] FAULT_INJECTION: forcing a failure. [ 353.528139] name failslab, interval 1, probability 0, space 0, times 0 [ 353.539483] CPU: 0 PID: 23796 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 353.547953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 353.557398] Call Trace: [ 353.560005] dump_stack+0x1c9/0x2b4 [ 353.563652] ? dump_stack_print_info.cold.2+0x52/0x52 [ 353.568855] ? __kernel_text_address+0xd/0x40 [ 353.573359] ? unwind_get_return_address+0x61/0xa0 [ 353.578289] should_fail.cold.4+0xa/0x11 [ 353.582347] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 353.587440] ? save_stack+0xa9/0xd0 [ 353.591062] ? kasan_kmalloc+0xc4/0xe0 [ 353.594932] ? kasan_slab_alloc+0x12/0x20 [ 353.599067] ? kmem_cache_alloc+0x12e/0x760 [ 353.603371] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 353.608195] ? kvm_mmu_load+0x21/0x10e0 [ 353.612152] ? vcpu_enter_guest+0x3aa6/0x6090 [ 353.616643] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 353.621644] ? do_vfs_ioctl+0x1de/0x1720 [ 353.625686] ? ksys_ioctl+0xa9/0xd0 [ 353.629320] ? __x64_sys_ioctl+0x73/0xb0 [ 353.633367] ? do_syscall_64+0x1b9/0x820 [ 353.637409] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.642758] ? lock_acquire+0x1e4/0x540 [ 353.646715] ? percpu_ref_put_many+0x119/0x240 [ 353.651279] ? lock_downgrade+0x8f0/0x8f0 [ 353.655415] ? lock_acquire+0x1e4/0x540 [ 353.659375] ? fs_reclaim_acquire+0x20/0x20 [ 353.663679] ? lock_downgrade+0x8f0/0x8f0 [ 353.667811] ? check_same_owner+0x340/0x340 [ 353.672120] ? rcu_note_context_switch+0x730/0x730 [ 353.677037] ? kasan_unpoison_shadow+0x35/0x50 [ 353.681608] __should_failslab+0x124/0x180 [ 353.685828] should_failslab+0x9/0x14 [ 353.689613] kmem_cache_alloc+0x2af/0x760 [ 353.693744] ? kasan_check_write+0x14/0x20 [ 353.697964] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 353.702796] mmu_topup_memory_caches+0xf7/0x3a0 [ 353.707459] kvm_mmu_load+0x21/0x10e0 [ 353.711242] ? rcu_note_context_switch+0x730/0x730 [ 353.716163] ? filemap_map_pages+0xca2/0x1990 [ 353.720643] vcpu_enter_guest+0x3aa6/0x6090 [ 353.724947] ? kasan_check_write+0x14/0x20 [ 353.729168] ? __mutex_lock+0x6c4/0x1680 [ 353.733215] ? kvm_set_msr_common+0x26a0/0x26a0 [ 353.737865] ? lock_acquire+0x1e4/0x540 [ 353.741823] ? vmx_vcpu_load+0xadf/0xff0 [ 353.745878] ? trace_hardirqs_on+0x10/0x10 [ 353.750097] ? vmx_vcpu_reset+0x1040/0x1040 [ 353.754401] ? find_get_entries_tag+0x1410/0x1410 [ 353.759233] ? lock_acquire+0x1e4/0x540 [ 353.763188] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 353.768191] ? lock_release+0xa30/0xa30 [ 353.772147] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 353.777407] ? kvm_arch_dev_ioctl+0x610/0x610 [ 353.781884] ? preempt_notifier_dec+0x20/0x20 [ 353.786368] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 353.791196] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 353.796210] kvm_vcpu_ioctl+0x7b8/0x1300 [ 353.800256] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 353.805971] ? lock_acquire+0x1e4/0x540 [ 353.809925] ? __fget+0x4ac/0x740 [ 353.813363] ? lock_downgrade+0x8f0/0x8f0 [ 353.817495] ? lock_release+0xa30/0xa30 [ 353.821452] ? pid_task+0x115/0x200 [ 353.825061] ? find_vpid+0xf0/0xf0 [ 353.828586] ? __f_unlock_pos+0x19/0x20 [ 353.832560] ? __fget+0x4d5/0x740 [ 353.836000] ? ksys_dup3+0x690/0x690 [ 353.839706] ? kasan_check_write+0x14/0x20 [ 353.843936] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 353.848849] ? fsnotify+0xbac/0x14e0 [ 353.852547] ? vfs_write+0x2f3/0x560 [ 353.856256] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 353.861952] do_vfs_ioctl+0x1de/0x1720 [ 353.865821] ? fsnotify_first_mark+0x350/0x350 [ 353.870395] ? __fsnotify_parent+0xcc/0x420 [ 353.874698] ? ioctl_preallocate+0x300/0x300 [ 353.879089] ? __fget_light+0x2f7/0x440 [ 353.883049] ? fget_raw+0x20/0x20 [ 353.886485] ? __sb_end_write+0xac/0xe0 [ 353.890443] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 353.895962] ? fput+0x130/0x1a0 [ 353.899239] ? ksys_write+0x1ae/0x260 [ 353.903030] ? security_file_ioctl+0x94/0xc0 [ 353.907431] ksys_ioctl+0xa9/0xd0 [ 353.910867] __x64_sys_ioctl+0x73/0xb0 [ 353.914739] do_syscall_64+0x1b9/0x820 [ 353.918960] ? syscall_return_slowpath+0x5e0/0x5e0 [ 353.923872] ? syscall_return_slowpath+0x31d/0x5e0 [ 353.928785] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 353.933783] ? prepare_exit_to_usermode+0x291/0x3b0 [ 353.938781] ? perf_trace_sys_enter+0xb10/0xb10 [ 353.943444] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 353.948286] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 353.953466] RIP: 0033:0x455ba9 [ 353.956634] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:17 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 353.975801] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 353.983490] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 353.990745] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 353.997997] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 354.005251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 354.012505] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000026 07:08:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x4000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000050d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:17 executing program 3 (fault-call:8 fault-nth:39): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:17 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1f000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:17 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1500000000000000, 0x20}, [{}]}, 0x58) [ 354.081879] FAT-fs (loop1): invalid media value (0x4d) [ 354.087237] FAT-fs (loop1): Can't find a valid FAT filesystem [ 354.118159] EXT4-fs: Invalid sb specification: sb=>825?,data=journal,journal_ioprio=73;5,errors=continue 07:08:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfeffffff]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 354.198285] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 354.219271] FAULT_INJECTION: forcing a failure. [ 354.219271] name failslab, interval 1, probability 0, space 0, times 0 [ 354.230558] CPU: 1 PID: 23848 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 354.238964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 07:08:17 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000fffffff00d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 354.239030] FAT-fs (loop1): invalid media value (0x4d) [ 354.248314] Call Trace: [ 354.248343] dump_stack+0x1c9/0x2b4 [ 354.248363] ? dump_stack_print_info.cold.2+0x52/0x52 [ 354.248388] ? __kernel_text_address+0xd/0x40 [ 354.253656] FAT-fs (loop1): Can't find a valid FAT filesystem [ 354.256218] ? unwind_get_return_address+0x61/0xa0 [ 354.256243] should_fail.cold.4+0xa/0x11 [ 354.284353] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 354.289471] ? save_stack+0xa9/0xd0 [ 354.293108] ? kasan_kmalloc+0xc4/0xe0 07:08:17 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x2]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 354.297004] ? kasan_slab_alloc+0x12/0x20 [ 354.301167] ? kmem_cache_alloc+0x12e/0x760 [ 354.305493] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 354.310345] ? kvm_mmu_load+0x21/0x10e0 [ 354.314325] ? vcpu_enter_guest+0x3aa6/0x6090 [ 354.318826] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 354.323845] ? do_vfs_ioctl+0x1de/0x1720 [ 354.327907] ? ksys_ioctl+0xa9/0xd0 [ 354.331536] ? __x64_sys_ioctl+0x73/0xb0 [ 354.335622] ? do_syscall_64+0x1b9/0x820 [ 354.339682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.345054] ? lock_acquire+0x1e4/0x540 [ 354.349036] ? percpu_ref_put_many+0x119/0x240 [ 354.353624] ? lock_downgrade+0x8f0/0x8f0 [ 354.357778] ? lock_acquire+0x1e4/0x540 [ 354.361759] ? fs_reclaim_acquire+0x20/0x20 [ 354.366086] ? lock_downgrade+0x8f0/0x8f0 [ 354.370240] ? check_same_owner+0x340/0x340 [ 354.374560] ? rcu_note_context_switch+0x730/0x730 [ 354.379495] ? kasan_unpoison_shadow+0x35/0x50 [ 354.384078] __should_failslab+0x124/0x180 [ 354.388316] should_failslab+0x9/0x14 [ 354.392124] kmem_cache_alloc+0x2af/0x760 [ 354.396280] ? kasan_check_write+0x14/0x20 [ 354.400509] ? mmu_topup_memory_caches+0xf7/0x3a0 [ 354.405334] mmu_topup_memory_caches+0xf7/0x3a0 [ 354.409988] kvm_mmu_load+0x21/0x10e0 [ 354.413780] ? rcu_note_context_switch+0x730/0x730 [ 354.418701] ? filemap_map_pages+0xca2/0x1990 [ 354.423186] vcpu_enter_guest+0x3aa6/0x6090 [ 354.427502] ? kasan_check_write+0x14/0x20 [ 354.431717] ? __mutex_lock+0x6c4/0x1680 [ 354.435765] ? kvm_set_msr_common+0x26a0/0x26a0 [ 354.440764] ? lock_acquire+0x1e4/0x540 [ 354.444725] ? vmx_vcpu_load+0xadf/0xff0 [ 354.448769] ? trace_hardirqs_on+0x10/0x10 [ 354.452984] ? vmx_vcpu_reset+0x1040/0x1040 [ 354.457290] ? find_get_entries_tag+0x1410/0x1410 [ 354.462129] ? lock_acquire+0x1e4/0x540 [ 354.466098] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 354.471110] ? lock_release+0xa30/0xa30 [ 354.475074] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 354.480340] ? kvm_arch_dev_ioctl+0x610/0x610 [ 354.484813] ? preempt_notifier_dec+0x20/0x20 [ 354.489293] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 354.494126] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 354.499127] kvm_vcpu_ioctl+0x7b8/0x1300 [ 354.503176] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 354.508878] ? lock_acquire+0x1e4/0x540 [ 354.512843] ? __fget+0x4ac/0x740 [ 354.516276] ? lock_downgrade+0x8f0/0x8f0 [ 354.520417] ? lock_release+0xa30/0xa30 [ 354.524379] ? pid_task+0x115/0x200 [ 354.527995] ? find_vpid+0xf0/0xf0 [ 354.531523] ? __f_unlock_pos+0x19/0x20 [ 354.535476] ? __fget+0x4d5/0x740 [ 354.538921] ? ksys_dup3+0x690/0x690 [ 354.542620] ? kasan_check_write+0x14/0x20 [ 354.546838] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 354.552356] ? perf_trace_sys_exit+0x3f7/0x650 [ 354.556925] ? vfs_write+0x2f3/0x560 [ 354.560619] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 354.566331] do_vfs_ioctl+0x1de/0x1720 [ 354.570209] ? fsnotify_first_mark+0x350/0x350 [ 354.574772] ? __fsnotify_parent+0xcc/0x420 [ 354.579077] ? ioctl_preallocate+0x300/0x300 [ 354.583475] ? __fget_light+0x2f7/0x440 [ 354.587429] ? fget_raw+0x20/0x20 [ 354.590862] ? __sb_end_write+0xac/0xe0 [ 354.594821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 354.600341] ? syscall_slow_exit_work+0x111/0x500 [ 354.605177] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 354.609826] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 354.615257] ? security_file_ioctl+0x94/0xc0 [ 354.619646] ksys_ioctl+0xa9/0xd0 [ 354.623088] __x64_sys_ioctl+0x73/0xb0 [ 354.626957] do_syscall_64+0x1b9/0x820 [ 354.630826] ? finish_task_switch+0x1d3/0x870 [ 354.635302] ? syscall_return_slowpath+0x5e0/0x5e0 [ 354.640213] ? syscall_return_slowpath+0x31d/0x5e0 [ 354.645128] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 354.650135] ? prepare_exit_to_usermode+0x291/0x3b0 [ 354.655141] ? perf_trace_sys_enter+0xb10/0xb10 [ 354.659799] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 354.664625] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 354.669796] RIP: 0033:0x455ba9 [ 354.673549] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 354.692745] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 354.700455] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 354.707713] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 354.714979] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 354.722226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 354.729482] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000027 07:08:18 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/igm\x00M') getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f00000002c0)={0x0, 0x1000, "e0abdf96a56a89dbd118280444200d790b18393c58703a3598255731dfcabd6d3006447b8c825c0d35dd60fa0951c5516cd112851be3d7b23842dd2320064432f14ab255cf62e05e062267d2c5fbac996a97d527ad5b375d9193d6968916b4588179806357f1d76d8cb1ec5e0003fad5d5112a1857f32f18ca6a9a7f2842e48dcf8626eff6d23dab45e5027823fb088eba2a51de1579fb93bb91e8fe6fcdf9cbfb9b24a7cb87752269f5c8dc7cb9000667e79fae6fd74d69f386e3e1e04157e32cd11658532873da053fedc05852ae69899103f879673dd82585ae45857c0cc95b0d233b22a6cf1ec2fba430ab3e601d031c6406fb06896d1132b6bc808ccab90d1ee395f672d5fbc93efa3e8e57f50b0b20719b4e044526f8063d0788e9451e23431d322d62194212715dba7e8e8af3b009c653f71c313f51fc5b7d0fd5118c8189d04ae1ccdeb12ea7fa22faf6878860ac5d89f7ed232ef6b543bab3124e0463eed398bd871da438a6893aa5cd55c43bf773b0468a3e2edcbbfa090ff40fd7d8405071533d4b71847aa70421b6bcf311eec62bcce6bc24489a743ffeb24088b08bd7c31b4083af6be7ceb64d9698f9cc3aec5a86b627480b9a36084e84c30e115904c611e8ac39ab56f6ab9b09f4d32289c99621da038bf7b1f368886426210fa4de2c5ca400c0ded0147d5e294540f0fb738d783884c151912162cd3fd36bfb3320c6ab4ff5d3fb998f72e851005f30152882e3ccf9727277d976d388be5e85013f1a94953bdfac96df110d976aa5a47c3c2d51c96267df06d5c057beaaa7e9eb9cbfda4040752ee6ed2c37f3f7835eb47be12448885443b94852ef79ed67333f4302f480c8f4471eb987dbc08c591d9d2b2c09f7bdb6c990d76804623b86cb7f72ff32a298740c3cb5045ad5457ca8ebc66c542bef83b3629dc80b66e9ad3ec443958dac45c347af6c393bab4cab1f86b2841f539d1443417d57cc01ef1a734c9e444c5d23b3f9f8f9360b4859991f3b725cb9400076a345d51fee8097c3594979c0685e854970fa29166391f3e14b6083f3a65738bc51c6ce844b58f540db15a23f14ee5aeeb71a6e9e1bcd463a539ae2909df8b9e959de7a70b43f342c31466e7baa57a7feb2603731c981f148f088fab982d16e60655adc648e1a60c6b2c8b75fd320e72562843680ffb8dcadc34ef297c664ae52a7e5a36db801ad04a241497153fa4352923ef7d6aae484f888a5db910739a7c1fa8426427021deaf9d3acf588f233ad027264a56f68e56eb8f91d26a1b64e2e97167bac5da6b61c7057836a73933dc1e2bad8498be92ef495a9b4e3a83b0da3c788a6a1f4c89b0af99f31e700c3cf7d6bacc7c222522c62a11e6fde4ce8b8c006ff401092b1b2032d970acc59a04b184f14b4af7d5aa73a9b1207445a62583cde3e43928c8a419a36c23249e342907a4a4207d1c1be351c17bc86f28f53c366689ed22bc22dedc57945760f3784931643f4f8a157aa81357b6fbdd8f56aee29eb0a5c9c096efa301ecceb5565e83924d317ad83b8ed45a50c12555309758e139b784e604c0d223d7e1e4149de7bb37a9eb37578bbfb861dd19cac42d3e4c6db6ca6bb4ca5f684309f9c7bf6f2742195358d99634d9dbc6822cd9672022f18a19d6fde7a215a1363fd72c51adab5cd910d05e93f1b9d1efc07b805a5bf0c28720d773007411abf923899e9e42bb4ca5215a321245e0d8e3cd4dc41f2867c9f2c0669234808560a991aa84e6308767ff983c25f95bde7097c91d9fdc01f08a8864e78f13555ebe58b16df4b502f1ece9ca7d501e74d4144f39291fa743f2d13e4ae52278491e0afdc50e190cbc8619f0305e82242e047c77fb9306b4193379c0d5aa156e7895116c6ca02fbb46eedcf75298dabb2c5189d1ef6270c25bae963fe41300fe24948315366564646a1ff1479854252202d1060d7771c375b296a0a5908865a70bcaf3e5922488466f84e64b1f17019d7d4c51b03391f481424196a37eae353e254f39a1784ae3383b410a17ed9e0d7ee65af14efa8ec9c3181159ae81f673cc4cf266d59101c4f2ae553315195ece4aaa5996a382c8642fa57b620ea0a681758266be8880081c1dae4ba2991ae7b1e92b0fdb4c38237dee029469507100f7ead3c73f389c4254471534cca8b3126b27d2e74d08b24cbc2f39b3cc286255e7706bfe84c4e92d488fb480e9a8f91661459e6ce5340fab0bfedb4813195f255f8b504925ae516c40cb4e1ee4fdb120f40c442309ba1d8c1474626c72aada37d20284d16b2d3d12860ef684b53ae305911c1907e64490fed58c59a65558d08676e145e0ad5ea1cfd2b6edfcc805e4e0137b21b4dd4a9b8e02179c1d6685fcc5e0c2336df0529c02474adfc5d4e3d4f98671ccf9a98a639da014cf942244cf7184113eb97ec82fdfa367abd4480399b84efe8b045443ef5cc6f231fbc2eadf841399a9129c9f9d4a88d457e894b5677a3cb64e5e2c41b459703d3fa0d6bc7017ce53fecc461b2365752a995e6e7a20d093e8a3a5b700b31d9caf37d8bced7f2712e0397de1709150ebfeeb8658ee8395672c5044e15111ae4c70f77e73aa0e8c4be2caff1576df93923b854247ac56841ebb6ac1e1eecbf14842bbd8a649e541344a6a037bbb28124216664e553d272b5546d69920a5575dbaca00c8c3ff20057ddb3b2305ab52a90b9213739686b653aba5e6c158a9f1a783ecea66bd9db0f94f8c1133204aeacb4a48067814b81ed6810d13bd3edfb50cc4a2f87505b8f7d5f7ab054f0ee0f0c7020b33c1dbbb98f49487e344c6f53af25455fe4c79d98cff605ac97feae76877a235761747e201e02290e5fbc2cf3192cbca15ee8b13639cb8610588ffa48c9891ac7f49b8c35a7e95b5aeef1b40a9ed298d3cf20cf070949cdfdb097a490178104a046bedd54c4e71bc39cf216339f58090794e94f994050aea930ecc615a2ecbfbbc99188d91c07577f2a54b4e9a5c8294d0ef93b9ac4e6ff283aaf97d301f385e7788805a5c51680631b80b2e08e5427cc93277b8920e9bc0445b5e0ad29fec6e4aea71bc16824b1c47205815575ea8e7da268cf6ab16dffbef0b6fa9153272d10ace646fbea50693af1aee3ed7ff40adb47822efeff0d906de7feb7cf23b1bbb27adb0e8bd88f110b2eb949edfc5545bb18919ac420fd6d96891a267c50da94252c6525db99f7a810ea6ca85756a8f3f52dc9c43a8e2a256fed64e5fd178dcaa8fe9d1600cea0d855aaf1263422cac6040a28d8734df90d46e2cb84b1f4c54d46185f6a6a8be9228e4304d6aa5c76a4146c755cc5a5fe71bcfd56fbfaec1c9d8780e03fb74d0bb5948bf5080baca6c0b9c925588a56014734438c06fb310861bf33e69b4893f3712973aaaac9acdcf7037337600816e31a28313299c7ff3e32d022220fa4df93beb0526ad70b81f10e3edbe947f486164151b5d9737a8e9992d2a22d3e37bcad149bcd0fa3b9b5e742eaab11849b0f2ef71972bd617501a16a6fc0ab54a1b4537b09fff2442d9ad061c84eaadd0ee3b642d34b897e748ea5768ce4810d0ffeeb4bc9ac03a940e48f993a80f640257082b8bb52ff1b451c0b395b76795bb1929f0b6133cb6036c961bd52094a2c935049513d4698f022a4437e0221c5d267cc86673183422f33e74a25321da5e82a509185ba8ce17b5e147fde1598daa57ac7cf0cd1792a5a151798bdfc6042267972d32c1e14864dc184c77eb545555af073b15c2635f786a5cdc9dc20eff2eda48261f121b1183ab25ab18d4dc2408c24ef32b6a71a5776292ff845d7b961cb5ff58e4cefad187079e831bcc7c054c2640bed857ba67ab32932b7e6a1cbedb7f31eabc54f3b64e2b5bd3bdebb72b0b749a19f82129a259defc9397e0d973c34859b6067c0bfe09f7e2c51b5107f5a6c3533958ab4d8dceee45f0d2328e5b3fbbe6deeaa4c80a6a4fc6811a04620d7e22a75d9cdaa6a36dc9b4916d680eda5785abf32fce36ffb9a83f88524283d17d6052271548ff69086ec87fa0e9693bc8a03552a2ce04bb9be700e7b6f419733818211f8b270272548d2070864fbdf6d0523a4fd2eea365f176192d241bc998642f52a5b28d70f4aba709c5adb78de2dc898f970f84ef1caa98b6b1b1ff4804a6d799db4e0343697c28738fec5e9b32f06321360ffa3fe16425235cd8fc6c7f929086bbb12c8e4a5241d20b8fb75ed28ef18654321c907bd65f421a4671a8867264bf68fc538f9d62e9f82a44f41e2d2b8ce3cbbb7c34523ed8d1dfc09902fa6d104295a10ba2b86ec116f2a9090f9c75ef25b84f7409e5c577d7df1efc54623eba86b728a774c34505ae3ab0c4b57b572e1596cf33057cbabee4ca386972c32572cae3a3cfcd5a41925545a5d62c30a16c9bb65449019650505920e76f32790bc88eea0f3d8f3e4faa30f97b5e037e758f204cab4056f426a54dd3063eb753b1ea7c2a06e62a59685e0d340345b06c629a33e8b987f600f6d5eb40a5cfd4eb095852f50b28b9120fe80c5804d2d9a6864be1b237f7d25a1f5d70707045eb46899ddf1204268ce482b59fae3b9f018ee72abdb87c9274f3266b8e49f7e30cb382952c9c16957c09e5333bdfdd5571d761bb8ade7b18651349879410fe201827ef7a800f362d21acb5d1d8563c3c301eaf6d6826649cdc29c00d4531be250e5bc2b5adfe0f09dbb41758a256493aba2fe170a4420c1b5dc3eea1d96b2667efc1eff2480db7f8d55f5ab6517baa12dc350b7e29d05fafced75123587196accbd3f4f4a6f362a2d7cf8495412b5276ca7135f2a7798ed847f98e162c4afede6c82a01dedbd2751e3c3bddb37ba3b14180fd85ddeacf83ce5e302a7e65f7786162dccb4c14831b8f0fe6ebf548c2a0f0b9d8c3eabf4c40fe354f90fd0c24c1e4512bea86b6cd9396926e83fcef6c02e3bbc99c3edb100a88b7e5b9ce3c3ca053766bd39d06f45ec871f9a2f303b0185c6e93d112c3c2106b227a19be4ecdf255917affa97d9e2be81e13bbd17806e9a52098a11b18f0a750e86d2d82db052a8bcc2af35281a52f2e62f6b9219d4e81cf89c4d490ae01b9f85b2135973e8c7f2c12d94a1d9a1969cb9c0ace6cb1d5f45941b4dd3be0389ec4b14372c951215ad0c4a464e13cadc02683c986815017aa64841c31aadf5676b879c475c755f28a6d8092cbba9cf20039b8dff3d50dc0fb359c3b1b5b3bdf02cce9d81a2a56f24aed83e81a240827cc697267658ed8b35a3b6b89a686b1692334e404fc8df3cfb5d8917651b28ba32534e33ff2a094c21509cbba2dff416ac302e90cc3513d5347881eda716eef3982b02f3dc68d1e6087a729a00f12289f63cec7ef58670d60ad570cf4190073864da18c10faef4e9beb9cce06290adced0b419a13fab2e88c65ae0dca66a23b5b5965a903c7187694f5437a3ed6ceea4adc6e50c9af9dc10b8f5d07a317ae5217597a86ae64f39513d38ca23e91f7f54b9fcaf034841f7c93e786c8496cee2f430ab9800e61082d24e45ccbcb7af747766b92c294ade99d42788020bf77118bcff43209ff5e9b3be9ae3d6ba7ad0feb6eb7dc6892ed8a87743ff7449b5f9c36bb6c68c2854d31d508200e4e4bcaa73a0314a9de84acec984380177abad415cceb86a02d3d690f431b2c5cfbe090d94b7927a4ddd492b74072a8ed23cd8909c1b688ff4ec6b03f04ee94d87594a85c2e62f7d0e049bc3c7486c1fa83e4fc13a5341e73b5b3d4a129be61573fd0eed85cc47472f12d1e071"}, &(0x7f0000000140)=0x1008) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000180)={r1, 0x4, 0x30}, &(0x7f00000001c0)=0xc) r2 = socket$inet6(0xa, 0x800, 0x6) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$KVM_GET_FPU(r0, 0x81a0ae8c, &(0x7f0000001300)) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000000c0)=0x7f, 0x4) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf4010000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000007fffffff0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:18 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1f000000, 0x20}, [{}]}, 0x58) 07:08:18 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0xb00, 0x0) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f0000000040)=0x4000, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpgrp(0x0) 07:08:18 executing program 3 (fault-call:8 fault-nth:40): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:18 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:18 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1100, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000700000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfcff0000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 354.875449] EXT4-fs: Invalid sb specification: sb=>25?,data=journal,journal_ioprio=73;5,errors=continue [ 354.889200] FAULT_INJECTION: forcing a failure. [ 354.889200] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 354.901100] CPU: 1 PID: 23893 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 354.909493] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 354.915291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 07:08:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000600000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xb80b0000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000f0ffffff0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 354.924643] Call Trace: [ 354.927242] dump_stack+0x1c9/0x2b4 [ 354.930887] ? dump_stack_print_info.cold.2+0x52/0x52 [ 354.936117] should_fail.cold.4+0xa/0x11 [ 354.940195] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 354.945484] ? kasan_check_read+0x11/0x20 [ 354.949637] ? rcu_is_watching+0x8c/0x150 [ 354.953804] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 354.958534] ? is_bpf_text_address+0xd7/0x170 [ 354.963039] ? kernel_text_address+0x79/0xf0 [ 354.967456] ? __kernel_text_address+0xd/0x40 07:08:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe8030000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:18 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000004c0000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfc]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 354.971954] ? unwind_get_return_address+0x61/0xa0 [ 354.976890] ? lock_acquire+0x1e4/0x540 [ 354.980868] ? fs_reclaim_acquire+0x20/0x20 [ 354.985199] ? lock_downgrade+0x8f0/0x8f0 [ 354.989359] ? check_same_owner+0x340/0x340 [ 354.993694] ? save_stack+0x43/0xd0 [ 354.997325] ? kasan_kmalloc+0xc4/0xe0 [ 355.001218] ? rcu_note_context_switch+0x730/0x730 [ 355.006185] ? vcpu_enter_guest+0x3aa6/0x6090 [ 355.010700] __alloc_pages_nodemask+0x36e/0xdb0 [ 355.015377] ? lock_downgrade+0x8f0/0x8f0 [ 355.019539] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 355.024563] ? mem_cgroup_handle_over_high+0x130/0x130 [ 355.029846] ? fs_reclaim_acquire+0x20/0x20 [ 355.034188] ? lock_downgrade+0x8f0/0x8f0 [ 355.038360] ? percpu_ref_put_many+0x131/0x240 [ 355.042947] ? mem_cgroup_id_get_online+0x310/0x310 [ 355.047973] ? kasan_unpoison_shadow+0x35/0x50 [ 355.052563] ? kasan_kmalloc+0xc4/0xe0 [ 355.056460] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 355.062005] alloc_pages_current+0x10c/0x210 [ 355.066509] __get_free_pages+0xc/0x40 [ 355.070401] mmu_topup_memory_caches+0x1f8/0x3a0 [ 355.075166] kvm_mmu_load+0x21/0x10e0 [ 355.078971] ? rcu_note_context_switch+0x730/0x730 [ 355.083903] ? filemap_map_pages+0xca2/0x1990 [ 355.088404] vcpu_enter_guest+0x3aa6/0x6090 [ 355.092731] ? kasan_check_write+0x14/0x20 [ 355.096969] ? __mutex_lock+0x6c4/0x1680 [ 355.101043] ? kvm_set_msr_common+0x26a0/0x26a0 [ 355.105715] ? lock_acquire+0x1e4/0x540 [ 355.109697] ? vmx_vcpu_load+0xadf/0xff0 [ 355.113765] ? trace_hardirqs_on+0x10/0x10 [ 355.118006] ? vmx_vcpu_reset+0x1040/0x1040 [ 355.122335] ? find_get_entries_tag+0x1410/0x1410 [ 355.127190] ? lock_acquire+0x1e4/0x540 [ 355.131170] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 355.136182] ? lock_release+0xa30/0xa30 [ 355.140159] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 355.145435] ? kvm_arch_dev_ioctl+0x610/0x610 [ 355.149931] ? preempt_notifier_dec+0x20/0x20 [ 355.154436] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 355.159280] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 355.164303] kvm_vcpu_ioctl+0x7b8/0x1300 [ 355.168368] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 355.174087] ? lock_acquire+0x1e4/0x540 [ 355.178061] ? __fget+0x4ac/0x740 [ 355.181521] ? lock_downgrade+0x8f0/0x8f0 [ 355.185679] ? lock_release+0xa30/0xa30 [ 355.189655] ? pid_task+0x115/0x200 [ 355.193292] ? find_vpid+0xf0/0xf0 [ 355.196838] ? __f_unlock_pos+0x19/0x20 [ 355.200815] ? __fget+0x4d5/0x740 [ 355.204270] ? ksys_dup3+0x690/0x690 [ 355.207983] ? kasan_check_write+0x14/0x20 [ 355.212230] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 355.217143] ? fsnotify+0xbac/0x14e0 [ 355.220842] ? vfs_write+0x2f3/0x560 [ 355.224569] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 355.230263] do_vfs_ioctl+0x1de/0x1720 [ 355.234135] ? fsnotify_first_mark+0x350/0x350 [ 355.238701] ? __fsnotify_parent+0xcc/0x420 [ 355.243008] ? ioctl_preallocate+0x300/0x300 [ 355.247407] ? __fget_light+0x2f7/0x440 [ 355.251364] ? fget_raw+0x20/0x20 [ 355.254799] ? __sb_end_write+0xac/0xe0 [ 355.258769] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 355.264297] ? fput+0x130/0x1a0 [ 355.267559] ? ksys_write+0x1ae/0x260 [ 355.271345] ? security_file_ioctl+0x94/0xc0 [ 355.275737] ksys_ioctl+0xa9/0xd0 [ 355.279175] __x64_sys_ioctl+0x73/0xb0 [ 355.283050] do_syscall_64+0x1b9/0x820 [ 355.286923] ? finish_task_switch+0x1d3/0x870 [ 355.291401] ? syscall_return_slowpath+0x5e0/0x5e0 [ 355.296313] ? syscall_return_slowpath+0x31d/0x5e0 [ 355.301225] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 355.306225] ? prepare_exit_to_usermode+0x291/0x3b0 [ 355.311224] ? perf_trace_sys_enter+0xb10/0xb10 [ 355.315875] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 355.320706] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 355.325874] RIP: 0033:0x455ba9 [ 355.329042] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 355.348210] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 355.355900] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 355.363171] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 355.370420] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:19 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') syz_open_pts(r0, 0x101000) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000006c0000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x3e8]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:19 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1200, 0x20}, [{}]}, 0x58) [ 355.377669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 355.384928] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000028 07:08:19 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000100)) capget(&(0x7f00000001c0)={0x20080522, r1}, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x0, 0x5}) r2 = syz_open_procfs(r1, &(0x7f0000000080)='net/udp\x00') socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000240)) ioctl$EVIOCSKEYCODE(r2, 0x40084504, &(0x7f00000000c0)=[0x9, 0x1]) eventfd(0x7ff) ioctl$sock_netdev_private(r0, 0x89f3, &(0x7f00000002c0)="5b5b3eb1e76d449038104eabd0de829620ca16cc492a51b2948ec5834d106ebe983c2328c6a09676a07d066989c58d1cf0276ead96aec5cf258032ad41a9b346ba67e2a06e183c1331d23d6de716cd080104aed0bda21af3a1db793130de4fb490e21ed8258a7f9beeeacf0dbf26532d3f9e3250a9e11b6d5cd5d7c648028fb32d4cbe37228a6e300c2307cbef039445e4808bcb5473cae623e387f9177d4f58138715af5a5dfa8a55250d6d2309fdfbb74f6c78ff7d28bc2ef9b1c82f5927ab745e932017fb") 07:08:19 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1f00, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:19 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:19 executing program 3 (fault-call:8 fault-nth:41): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x34000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000004c0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:19 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x5, 0x20}, [{}]}, 0x58) 07:08:19 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x2000000000000) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) [ 355.545992] EXT4-fs: Invalid sb specification: sb=>5?,data=journal,journal_ioprio=73;5,errors=continue 07:08:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000007400000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:19 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@gettclass={0x24, 0x2a, 0x31d, 0x70bd2a, 0x25dfdbfc, {0x0, r1, {0xf, 0xfffb}, {0x3, 0xc}, {0xf, 0xfffb}}, ["", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x8001) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x1100]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:19 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x15, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:19 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3, 0x20}, [{}]}, 0x58) [ 355.590674] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 355.673727] nla_parse: 13 callbacks suppressed [ 355.673734] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 355.678246] FAULT_INJECTION: forcing a failure. [ 355.678246] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 355.698800] CPU: 1 PID: 23971 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 355.707201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 355.716553] Call Trace: [ 355.719151] dump_stack+0x1c9/0x2b4 [ 355.722795] ? dump_stack_print_info.cold.2+0x52/0x52 [ 355.727997] should_fail.cold.4+0xa/0x11 [ 355.732065] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 355.737178] ? kasan_check_read+0x11/0x20 [ 355.741334] ? rcu_is_watching+0x8c/0x150 [ 355.745496] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 355.750182] ? is_bpf_text_address+0xd7/0x170 [ 355.750202] ? kernel_text_address+0x79/0xf0 [ 355.750220] ? __kernel_text_address+0xd/0x40 [ 355.750234] ? unwind_get_return_address+0x61/0xa0 [ 355.750251] ? lock_acquire+0x1e4/0x540 [ 355.750267] ? fs_reclaim_acquire+0x20/0x20 [ 355.750284] ? lock_downgrade+0x8f0/0x8f0 [ 355.750300] ? check_same_owner+0x340/0x340 [ 355.750314] ? save_stack+0x43/0xd0 [ 355.750326] ? kasan_kmalloc+0xc4/0xe0 [ 355.750338] ? rcu_note_context_switch+0x730/0x730 [ 355.750351] ? vcpu_enter_guest+0x3aa6/0x6090 [ 355.750368] __alloc_pages_nodemask+0x36e/0xdb0 [ 355.750381] ? lock_downgrade+0x8f0/0x8f0 [ 355.750396] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 355.750410] ? mem_cgroup_handle_over_high+0x130/0x130 07:08:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000f00000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x104]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:19 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 355.750420] ? fs_reclaim_acquire+0x20/0x20 [ 355.750436] ? percpu_ref_put_many+0x131/0x240 [ 355.750447] ? mem_cgroup_id_get_online+0x310/0x310 [ 355.750460] ? kasan_unpoison_shadow+0x35/0x50 [ 355.750473] ? kasan_kmalloc+0xc4/0xe0 [ 355.750490] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 355.750507] alloc_pages_current+0x10c/0x210 [ 355.750522] __get_free_pages+0xc/0x40 [ 355.750538] mmu_topup_memory_caches+0x1f8/0x3a0 [ 355.750554] kvm_mmu_load+0x21/0x10e0 [ 355.750568] ? kasan_check_write+0x14/0x20 [ 355.750581] ? do_raw_spin_lock+0xc1/0x200 [ 355.750600] vcpu_enter_guest+0x3aa6/0x6090 [ 355.750628] ? kvm_set_msr_common+0x26a0/0x26a0 [ 355.750643] ? lock_acquire+0x1e4/0x540 [ 355.750662] ? vmx_vcpu_load+0xadf/0xff0 [ 355.750679] ? trace_hardirqs_on+0x10/0x10 [ 355.750696] ? vmx_vcpu_reset+0x1040/0x1040 [ 355.750716] ? find_get_entries_tag+0x1410/0x1410 [ 355.750746] ? lock_acquire+0x1e4/0x540 [ 355.750760] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 355.750777] ? lock_release+0xa30/0xa30 [ 355.750789] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 355.750804] ? kvm_arch_dev_ioctl+0x610/0x610 [ 355.750817] ? preempt_notifier_dec+0x20/0x20 [ 355.750837] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 355.750850] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 355.750871] kvm_vcpu_ioctl+0x7b8/0x1300 [ 355.750888] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 355.750909] ? lock_acquire+0x1e4/0x540 [ 355.750921] ? __fget+0x4ac/0x740 [ 355.750936] ? lock_downgrade+0x8f0/0x8f0 [ 355.750952] ? lock_release+0xa30/0xa30 [ 355.750965] ? pid_task+0x115/0x200 [ 355.750979] ? find_vpid+0xf0/0xf0 [ 355.750995] ? __f_unlock_pos+0x19/0x20 [ 355.751009] ? __fget+0x4d5/0x740 [ 355.751025] ? ksys_dup3+0x690/0x690 [ 355.751043] ? kasan_check_write+0x14/0x20 [ 355.751059] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 355.751073] ? perf_trace_sys_exit+0x3f7/0x650 [ 355.751083] ? vfs_write+0x2f3/0x560 [ 355.751101] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 355.796150] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 355.798509] do_vfs_ioctl+0x1de/0x1720 [ 355.798525] ? fsnotify_first_mark+0x350/0x350 [ 355.798537] ? __fsnotify_parent+0xcc/0x420 [ 355.798554] ? ioctl_preallocate+0x300/0x300 [ 356.034708] ? __fget_light+0x2f7/0x440 [ 356.038676] ? fget_raw+0x20/0x20 [ 356.042124] ? __sb_end_write+0xac/0xe0 [ 356.046089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 356.051611] ? syscall_slow_exit_work+0x111/0x500 [ 356.056439] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 356.061094] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 356.066530] ? security_file_ioctl+0x94/0xc0 [ 356.070920] ksys_ioctl+0xa9/0xd0 [ 356.074356] __x64_sys_ioctl+0x73/0xb0 [ 356.078236] do_syscall_64+0x1b9/0x820 [ 356.082109] ? finish_task_switch+0x1d3/0x870 [ 356.086592] ? syscall_return_slowpath+0x5e0/0x5e0 [ 356.091505] ? syscall_return_slowpath+0x31d/0x5e0 [ 356.096436] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.101437] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.106435] ? perf_trace_sys_enter+0xb10/0xb10 [ 356.111090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.115920] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.121096] RIP: 0033:0x455ba9 [ 356.124263] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.143437] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.151141] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 356.158395] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 356.165644] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:19 executing program 0: r0 = socket$inet6(0xa, 0x1000000000012, 0x3) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") delete_module(&(0x7f0000000080)="6367726f75707b7d706f7369785f61636c5f616363657373656d311100", 0xa00) rename(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0\x00') perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) r2 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0xffff, 0x204080) ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f00000002c0)={0x0, 0xf000, 0x80, 0x4, 0x9}) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f00000001c0)={0x6, 0x0, [{0x3ff, 0x0, 0x2}, {0x3, 0x0, 0x80000000}, {0x2, 0x0, 0x5}, {0x6, 0x0, 0xfffffffffffffdc2}, {0x6, 0x0, 0x7fff}, {0x0, 0x0, 0x5ed}]}) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:19 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x5, 0x4}]}) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000140)) 07:08:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x500000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:19 executing program 3 (fault-call:8 fault-nth:42): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:19 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000280000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:19 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x14, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:19 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1000000000000, 0x20}, [{}]}, 0x58) [ 356.172898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 356.180150] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000029 [ 356.194267] EXT4-fs: Invalid sb specification: sb=>?,data=journal,journal_ioprio=73;5,errors=continue [ 356.206334] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:19 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x3, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0x8, 0xffffffff00000000, 0xffffffffffffff6e, 0x34}, 0x8) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:19 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:19 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x4, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 356.274426] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 356.333421] FAULT_INJECTION: forcing a failure. [ 356.333421] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 356.345348] CPU: 1 PID: 24057 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 356.345359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 356.345363] Call Trace: [ 356.345386] dump_stack+0x1c9/0x2b4 [ 356.345410] ? dump_stack_print_info.cold.2+0x52/0x52 [ 356.357250] EXT4-fs: Invalid sb specification: sb=>,data=journal,journal_ioprio=73;5,errors=continue [ 356.363155] should_fail.cold.4+0xa/0x11 [ 356.363176] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 356.363198] ? percpu_ref_tryget_live+0x15b/0x440 [ 356.373814] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 356.374557] ? mem_cgroup_id_get_many+0x160/0x160 [ 356.374580] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 356.413217] ? lock_acquire+0x1e4/0x540 [ 356.417187] ? percpu_ref_put_many+0x119/0x240 [ 356.421752] ? lock_downgrade+0x8f0/0x8f0 [ 356.426155] ? lock_release+0xa30/0xa30 [ 356.430116] ? __kernel_text_address+0xd/0x40 [ 356.434606] ? lock_acquire+0x1e4/0x540 [ 356.438569] ? fs_reclaim_acquire+0x20/0x20 [ 356.442877] ? lock_downgrade+0x8f0/0x8f0 [ 356.447025] ? check_same_owner+0x340/0x340 [ 356.451344] ? save_stack+0x43/0xd0 [ 356.454955] ? kasan_kmalloc+0xc4/0xe0 [ 356.458826] ? rcu_note_context_switch+0x730/0x730 [ 356.463740] __alloc_pages_nodemask+0x36e/0xdb0 [ 356.468391] ? lock_downgrade+0x8f0/0x8f0 [ 356.472526] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 356.477531] ? mem_cgroup_handle_over_high+0x130/0x130 [ 356.482792] ? fs_reclaim_acquire+0x20/0x20 [ 356.487099] ? percpu_ref_put_many+0x131/0x240 [ 356.491664] ? mem_cgroup_id_get_online+0x310/0x310 [ 356.496664] ? kasan_unpoison_shadow+0x35/0x50 [ 356.501231] ? kasan_kmalloc+0xc4/0xe0 [ 356.505105] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 356.510623] alloc_pages_current+0x10c/0x210 [ 356.515017] __get_free_pages+0xc/0x40 [ 356.518891] mmu_topup_memory_caches+0x1f8/0x3a0 [ 356.523634] kvm_mmu_load+0x21/0x10e0 [ 356.527416] ? rcu_note_context_switch+0x730/0x730 [ 356.532328] ? filemap_map_pages+0xca2/0x1990 [ 356.536807] vcpu_enter_guest+0x3aa6/0x6090 [ 356.541111] ? kasan_check_write+0x14/0x20 [ 356.545346] ? __mutex_lock+0x6c4/0x1680 [ 356.549392] ? kvm_set_msr_common+0x26a0/0x26a0 [ 356.554044] ? lock_acquire+0x1e4/0x540 [ 356.558006] ? vmx_vcpu_load+0xadf/0xff0 [ 356.562053] ? trace_hardirqs_on+0x10/0x10 [ 356.566273] ? vmx_vcpu_reset+0x1040/0x1040 [ 356.570578] ? find_get_entries_tag+0x1410/0x1410 [ 356.575410] ? lock_acquire+0x1e4/0x540 [ 356.579370] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 356.584371] ? lock_release+0xa30/0xa30 [ 356.588327] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 356.593596] ? kvm_arch_dev_ioctl+0x610/0x610 [ 356.598074] ? preempt_notifier_dec+0x20/0x20 [ 356.602561] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 356.607389] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 356.612393] kvm_vcpu_ioctl+0x7b8/0x1300 [ 356.616441] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 356.622150] ? lock_acquire+0x1e4/0x540 [ 356.626118] ? __fget+0x4ac/0x740 [ 356.629559] ? lock_downgrade+0x8f0/0x8f0 [ 356.633692] ? lock_release+0xa30/0xa30 [ 356.637650] ? pid_task+0x115/0x200 [ 356.641260] ? find_vpid+0xf0/0xf0 [ 356.644785] ? __f_unlock_pos+0x19/0x20 [ 356.648742] ? __fget+0x4d5/0x740 [ 356.652192] ? ksys_dup3+0x690/0x690 [ 356.655894] ? kasan_check_write+0x14/0x20 [ 356.660116] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 356.665031] ? fsnotify+0xbac/0x14e0 [ 356.668727] ? vfs_write+0x2f3/0x560 [ 356.673192] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 356.678918] do_vfs_ioctl+0x1de/0x1720 [ 356.682790] ? fsnotify_first_mark+0x350/0x350 [ 356.687352] ? __fsnotify_parent+0xcc/0x420 [ 356.691655] ? ioctl_preallocate+0x300/0x300 [ 356.696059] ? __fget_light+0x2f7/0x440 [ 356.700018] ? fget_raw+0x20/0x20 [ 356.703454] ? __sb_end_write+0xac/0xe0 [ 356.707414] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 356.712935] ? fput+0x130/0x1a0 [ 356.716198] ? ksys_write+0x1ae/0x260 [ 356.719990] ? security_file_ioctl+0x94/0xc0 [ 356.724385] ksys_ioctl+0xa9/0xd0 [ 356.727822] __x64_sys_ioctl+0x73/0xb0 [ 356.731703] do_syscall_64+0x1b9/0x820 [ 356.735574] ? finish_task_switch+0x1d3/0x870 [ 356.740054] ? syscall_return_slowpath+0x5e0/0x5e0 [ 356.744967] ? syscall_return_slowpath+0x31d/0x5e0 [ 356.749892] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 356.754892] ? prepare_exit_to_usermode+0x291/0x3b0 [ 356.759904] ? perf_trace_sys_enter+0xb10/0xb10 [ 356.764556] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 356.769384] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 356.774564] RIP: 0033:0x455ba9 [ 356.777730] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 356.797070] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 356.804760] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 356.812013] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 356.819264] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 356.826518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 07:08:20 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x14000000, 0x20}, [{}]}, 0x58) 07:08:20 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x500000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000040d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 356.833768] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000002a 07:08:20 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e]}, 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x7000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 356.941415] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:20 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x44d41, 0x0) ioctl$PIO_UNIMAP(r2, 0x4b67, &(0x7f0000000100)={0x6, &(0x7f00000000c0)=[{0x7, 0x1}, {0x400, 0x5}, {0x1c, 0xe68}, {0x9}, {0x9, 0x4}, {0x9, 0x8}]}) connect$pptp(r2, &(0x7f0000000300)={0x18, 0x2, {0x2, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1e) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)={0x100000000000, 0x0, 0xfffffffffffffffd}) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) ptrace$pokeuser(0x6, r3, 0x13, 0x6) readahead(r1, 0x5, 0x78) futimesat(r2, &(0x7f0000000200)='./file0\x00', &(0x7f00000002c0)={{r4, r5/1000+30000}}) 07:08:20 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x300, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:20 executing program 3 (fault-call:8 fault-nth:43): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:20 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x3f, &(0x7f0000000100)="b3064e209d93961ae13feacef8fab4fbd14378b20bcb4ec9152cdc1d09eee888c0446d2862bafd1283b910b37bc4cf6ddc607c1229b3aef5e8e084768d") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:20 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x15000000, 0x20}, [{}]}, 0x58) 07:08:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfe800000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000006c0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 356.982409] EXT4-fs: Invalid sb specification: sb=>,journal_ioprio=73;5,errors=continue [ 357.017639] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:20 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000003f1d80d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 357.070879] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:20 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0xfffffffffffe, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x1a) 07:08:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:20 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1600, 0x20}, [{}]}, 0x58) [ 357.128769] EXT4-fs: Invalid sb specification: sb=>,init_itable=,errors=continue [ 357.152152] FAULT_INJECTION: forcing a failure. [ 357.152152] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 357.164060] CPU: 1 PID: 24129 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 357.172468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.181829] Call Trace: [ 357.184431] dump_stack+0x1c9/0x2b4 [ 357.187663] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 357.188072] ? dump_stack_print_info.cold.2+0x52/0x52 [ 357.188099] should_fail.cold.4+0xa/0x11 [ 357.205824] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 357.210935] ? percpu_ref_tryget_live+0x15b/0x440 [ 357.215789] ? mem_cgroup_id_get_many+0x160/0x160 [ 357.220639] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 357.225498] ? lock_acquire+0x1e4/0x540 [ 357.229475] ? percpu_ref_put_many+0x119/0x240 [ 357.234069] ? lock_downgrade+0x8f0/0x8f0 [ 357.238227] ? lock_release+0xa30/0xa30 [ 357.242208] ? __kernel_text_address+0xd/0x40 [ 357.246718] ? lock_acquire+0x1e4/0x540 [ 357.250695] ? fs_reclaim_acquire+0x20/0x20 [ 357.255021] ? lock_downgrade+0x8f0/0x8f0 [ 357.259176] ? check_same_owner+0x340/0x340 [ 357.263506] ? save_stack+0x43/0xd0 [ 357.267137] ? kasan_kmalloc+0xc4/0xe0 [ 357.271023] ? rcu_note_context_switch+0x730/0x730 [ 357.275958] __alloc_pages_nodemask+0x36e/0xdb0 [ 357.280630] ? lock_downgrade+0x8f0/0x8f0 [ 357.284788] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 357.289813] ? mem_cgroup_handle_over_high+0x130/0x130 [ 357.295095] ? fs_reclaim_acquire+0x20/0x20 [ 357.299421] ? lock_downgrade+0x8f0/0x8f0 [ 357.299520] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 357.303567] ? percpu_ref_put_many+0x131/0x240 [ 357.303580] ? mem_cgroup_id_get_online+0x310/0x310 [ 357.303598] ? kasan_unpoison_shadow+0x35/0x50 [ 357.303611] ? kasan_kmalloc+0xc4/0xe0 [ 357.303630] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 357.335542] alloc_pages_current+0x10c/0x210 [ 357.339958] __get_free_pages+0xc/0x40 [ 357.343847] mmu_topup_memory_caches+0x1f8/0x3a0 [ 357.348608] kvm_mmu_load+0x21/0x10e0 [ 357.352411] ? rcu_note_context_switch+0x730/0x730 [ 357.357340] ? filemap_map_pages+0xca2/0x1990 [ 357.361840] vcpu_enter_guest+0x3aa6/0x6090 [ 357.366166] ? kasan_check_write+0x14/0x20 [ 357.370404] ? __mutex_lock+0x6c4/0x1680 [ 357.374475] ? kvm_set_msr_common+0x26a0/0x26a0 [ 357.379145] ? lock_acquire+0x1e4/0x540 [ 357.383124] ? vmx_vcpu_load+0xadf/0xff0 [ 357.387186] ? trace_hardirqs_on+0x10/0x10 [ 357.391415] ? vmx_vcpu_reset+0x1040/0x1040 [ 357.395736] ? find_get_entries_tag+0x1410/0x1410 [ 357.400589] ? lock_acquire+0x1e4/0x540 [ 357.404567] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 357.409585] ? lock_release+0xa30/0xa30 [ 357.413558] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 357.418852] ? kvm_arch_dev_ioctl+0x610/0x610 [ 357.423355] ? preempt_notifier_dec+0x20/0x20 [ 357.427843] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 357.432671] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 357.437680] kvm_vcpu_ioctl+0x7b8/0x1300 [ 357.441726] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 357.447429] ? lock_acquire+0x1e4/0x540 [ 357.451400] ? __fget+0x4ac/0x740 [ 357.454839] ? lock_downgrade+0x8f0/0x8f0 [ 357.458973] ? lock_release+0xa30/0xa30 [ 357.462931] ? pid_task+0x115/0x200 [ 357.466541] ? find_vpid+0xf0/0xf0 [ 357.470065] ? __f_unlock_pos+0x19/0x20 [ 357.474022] ? __fget+0x4d5/0x740 [ 357.477464] ? ksys_dup3+0x690/0x690 [ 357.481165] ? kasan_check_write+0x14/0x20 [ 357.485384] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 357.490297] ? fsnotify+0xbac/0x14e0 [ 357.493992] ? vfs_write+0x2f3/0x560 [ 357.497695] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 357.503387] do_vfs_ioctl+0x1de/0x1720 [ 357.507257] ? fsnotify_first_mark+0x350/0x350 [ 357.511823] ? __fsnotify_parent+0xcc/0x420 [ 357.516127] ? ioctl_preallocate+0x300/0x300 [ 357.520517] ? __fget_light+0x2f7/0x440 [ 357.524479] ? fget_raw+0x20/0x20 [ 357.527915] ? __sb_end_write+0xac/0xe0 [ 357.531873] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 357.537390] ? fput+0x130/0x1a0 [ 357.540664] ? ksys_write+0x1ae/0x260 [ 357.544449] ? security_file_ioctl+0x94/0xc0 [ 357.548932] ksys_ioctl+0xa9/0xd0 [ 357.552373] __x64_sys_ioctl+0x73/0xb0 [ 357.556244] do_syscall_64+0x1b9/0x820 [ 357.560115] ? finish_task_switch+0x1d3/0x870 [ 357.564595] ? syscall_return_slowpath+0x5e0/0x5e0 [ 357.569510] ? syscall_return_slowpath+0x31d/0x5e0 [ 357.574425] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 357.579428] ? prepare_exit_to_usermode+0x291/0x3b0 [ 357.584440] ? perf_trace_sys_enter+0xb10/0xb10 [ 357.589097] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 357.593936] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 357.599111] RIP: 0033:0x455ba9 [ 357.602279] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 357.621449] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:08:20 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8913, &(0x7f0000000280)="025cc83d6d34538f762070") ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f00000000c0)={0x2f2, 0x8}) read(r0, &(0x7f0000000000)=""/151, 0x97) prctl$setname(0xf, &(0x7f0000000100)='net/igmp\x00') 07:08:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xa00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:20 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000500000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:20 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x6]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 357.629142] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 357.636403] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 357.643653] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 357.650902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 357.658154] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000002b [ 357.668339] EXT4-fs (loop5): VFS: Can't find ext4 filesystem 07:08:21 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f00000002c0)=""/242, &(0x7f0000000080)=0xf2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") munlockall() r1 = dup3(r0, r0, 0x80000) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000001c0)={0x28, 0x3, 0x9, 0x1e, 0x3, 0x80000001, 0x1, 0x10f, 0x1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f00000000c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000100)={r2}) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x200000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lseek(r3, 0x1e, 0x4) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:21 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f00000000c0), &(0x7f0000000100)=0x4) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:21 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000030000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x9]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:21 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x11, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:21 executing program 3 (fault-call:8 fault-nth:44): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:21 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x3e]}, 0x2c}]}) 07:08:21 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x300, 0x20}, [{}]}, 0x58) 07:08:21 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x200000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:21 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x20000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 357.807387] EXT4-fs: Invalid sb specification: sb=>,,errors=continue [ 357.809605] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 357.847175] EXT4-fs (loop5): VFS: Can't find ext4 filesystem [ 357.867861] FAULT_INJECTION: forcing a failure. [ 357.867861] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 357.879801] CPU: 1 PID: 24187 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 357.888211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.897569] Call Trace: [ 357.900175] dump_stack+0x1c9/0x2b4 [ 357.903814] ? dump_stack_print_info.cold.2+0x52/0x52 [ 357.909015] should_fail.cold.4+0xa/0x11 [ 357.913090] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 357.918182] ? percpu_ref_tryget_live+0x15b/0x440 [ 357.923019] ? mem_cgroup_id_get_many+0x160/0x160 [ 357.927847] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 357.932676] ? lock_acquire+0x1e4/0x540 [ 357.936632] ? percpu_ref_put_many+0x119/0x240 [ 357.941198] ? lock_downgrade+0x8f0/0x8f0 [ 357.945350] ? lock_release+0xa30/0xa30 [ 357.949312] ? __kernel_text_address+0xd/0x40 [ 357.953797] ? lock_acquire+0x1e4/0x540 [ 357.957758] ? fs_reclaim_acquire+0x20/0x20 [ 357.962062] ? lock_downgrade+0x8f0/0x8f0 [ 357.966196] ? check_same_owner+0x340/0x340 [ 357.970503] ? save_stack+0x43/0xd0 [ 357.974113] ? kasan_kmalloc+0xc4/0xe0 [ 357.978007] ? rcu_note_context_switch+0x730/0x730 [ 357.982931] __alloc_pages_nodemask+0x36e/0xdb0 [ 357.987584] ? lock_downgrade+0x8f0/0x8f0 [ 357.991720] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 357.996724] ? lock_downgrade+0x8f0/0x8f0 [ 358.000864] ? kasan_check_read+0x11/0x20 [ 358.004997] ? percpu_ref_put_many+0x131/0x240 [ 358.009566] ? mem_cgroup_id_get_online+0x310/0x310 [ 358.014567] ? kasan_unpoison_shadow+0x35/0x50 [ 358.019147] ? kasan_kmalloc+0xc4/0xe0 [ 358.023026] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 358.028550] alloc_pages_current+0x10c/0x210 [ 358.032944] __get_free_pages+0xc/0x40 [ 358.036819] mmu_topup_memory_caches+0x1f8/0x3a0 [ 358.041560] kvm_mmu_load+0x21/0x10e0 [ 358.045344] ? rcu_note_context_switch+0x730/0x730 [ 358.050258] ? filemap_map_pages+0xca2/0x1990 [ 358.054749] vcpu_enter_guest+0x3aa6/0x6090 [ 358.059057] ? kasan_check_write+0x14/0x20 [ 358.063285] ? __mutex_lock+0x6c4/0x1680 [ 358.067332] ? kvm_set_msr_common+0x26a0/0x26a0 [ 358.071989] ? lock_acquire+0x1e4/0x540 [ 358.076048] ? vmx_vcpu_load+0xadf/0xff0 [ 358.080096] ? trace_hardirqs_on+0x10/0x10 [ 358.084315] ? vmx_vcpu_reset+0x1040/0x1040 [ 358.088621] ? find_get_entries_tag+0x1410/0x1410 [ 358.093455] ? lock_acquire+0x1e4/0x540 [ 358.097414] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 358.102417] ? lock_release+0xa30/0xa30 [ 358.106373] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 358.111632] ? kvm_arch_dev_ioctl+0x610/0x610 [ 358.116890] ? preempt_notifier_dec+0x20/0x20 [ 358.121373] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 358.126211] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 358.131213] kvm_vcpu_ioctl+0x7b8/0x1300 [ 358.135272] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 358.140973] ? lock_acquire+0x1e4/0x540 [ 358.144930] ? __fget+0x4ac/0x740 [ 358.148367] ? lock_downgrade+0x8f0/0x8f0 [ 358.152766] ? lock_release+0xa30/0xa30 [ 358.156726] ? pid_task+0x115/0x200 [ 358.160335] ? find_vpid+0xf0/0xf0 [ 358.163877] ? __f_unlock_pos+0x19/0x20 [ 358.167846] ? __fget+0x4d5/0x740 [ 358.171282] ? ksys_dup3+0x690/0x690 [ 358.174984] ? kasan_check_write+0x14/0x20 [ 358.179214] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 358.184736] ? perf_trace_sys_exit+0x3f7/0x650 [ 358.189300] ? vfs_write+0x2f3/0x560 [ 358.193014] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 358.198708] do_vfs_ioctl+0x1de/0x1720 [ 358.202579] ? fsnotify_first_mark+0x350/0x350 [ 358.207144] ? __fsnotify_parent+0xcc/0x420 [ 358.211447] ? ioctl_preallocate+0x300/0x300 [ 358.215838] ? __fget_light+0x2f7/0x440 [ 358.219793] ? fget_raw+0x20/0x20 [ 358.223232] ? __sb_end_write+0xac/0xe0 [ 358.227203] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 358.232728] ? syscall_slow_exit_work+0x111/0x500 [ 358.237552] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 358.242206] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 358.247640] ? security_file_ioctl+0x94/0xc0 [ 358.252035] ksys_ioctl+0xa9/0xd0 [ 358.255474] __x64_sys_ioctl+0x73/0xb0 [ 358.259346] do_syscall_64+0x1b9/0x820 [ 358.263220] ? syscall_return_slowpath+0x5e0/0x5e0 [ 358.268133] ? syscall_return_slowpath+0x31d/0x5e0 [ 358.273047] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 358.278047] ? prepare_exit_to_usermode+0x291/0x3b0 [ 358.283050] ? perf_trace_sys_enter+0xb10/0xb10 [ 358.287702] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 358.292529] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 358.297701] RIP: 0033:0x455ba9 [ 358.300869] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:21 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={0x0, @in={{0x2, 0x4e20, @broadcast=0xffffffff}}, 0xfffffffffffffffd, 0x1ff}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000240)={r1, 0x8, "525603f02ebd2b39"}, &(0x7f0000000280)=0x10) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8910, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:21 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1600000000000000, 0x20}, [{}]}, 0x58) [ 358.320042] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 358.327747] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 358.334998] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 358.342252] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 358.349516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 358.356776] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000002c 07:08:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffffffd) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'bcsf0\x00', &(0x7f00000000c0)=@ethtool_stats={0x1d, 0x3, [0x3f, 0x8, 0x4]}}) r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x80000) ioctl$KVM_SET_XSAVE(r2, 0x5000aea5, &(0x7f00000002c0)={"39b84335784fbd637bf902d391e187ab92c6f0d91d0c7f5ef048d592da4eb5e57655629b01c5d39b3fa4cde69e21a1a9a7c2a88736aa94baf3b2e4a2e58d4eec4e0aca8491cabd4e3149acebae1f80d5af26498449b8e8d700e0126d12ff9600b0afec724b309f679d187183337d74d592cdf523cc8e7c0d0de8a8fab679be4159e9f22ada10f09698ed90916cf1ee53379852f041925d75d6c25f26d3af59f9497a148d25826069239bb72a0fa82d466fc2ec8335fd635033126736556b7e487ca556413eafb623d13dab4ccc6395919eaf1e7967fa9d509193452dab51e0bb72cc8ea79bb41db9a7c2606733986fa94fd1b90f36aa761247a7fe5221bcc142f496180979ca43f5aeeb814549e9d9c84e9b07c7d53ebeb4fcbe0fc3cd9be643660b077e4db41b725e13afad297550e20929c71e356cfdc0a5f96ba12b028d6a7b6391baa4c59d75b47d94cb5a4624000cddede02afacea6485e0cc45f0162684cfb32528d0ed7b74206c3dffb80d1c6503266861d845427e8d0f03354cbd48972d95f3528008138e7173e3927f8a1e80523d458969971dceee360d66221ec96834db1f5fe60dec811761ceb4552a4aca74e3e08124f7bda2923e1af68c98989c6a426d26eb9b389f6c60906da40b915115ee8cce71275d2eb985e2c587da00469ef7ffa1a05012ba3cb9642dcaadb50445d6785a781eaa44dd0850e50c7dad0b39653beeffb3e32b653434b17ef0bb404afd8282f54704d0bbe1466925664f7a859b4a5b8ed04abd251301e3590d54326cdf9a7a0e2612747e47ff5bf5cc38317c566324c6f8e2c55b946f0edfb94f4fa74b211507defb537bb26289140855eb94f12662fe75d499f4a329da6e7acf52e3dd5505e0c6dc8ff17999e2db165481bb2ce684cf01f94cbb6b78e54f5757c4c1b6195dfbcba74eacbba23c675e4eff3cfa7662253e8a3259ace0ff5e3f69bbccdd1faaee738dfa924e32feadc52555c94c08a38b1b619f29aa6142cdd9e1b57bbc8f260ebc6c1719ec0c07f998113ff0388c2dcd7a80ec07b2aca1d46d1d79cbce0c18c787ad7ee02f26af135a324cb58ea8d0707eb0e3f05fa95b77e0d49939f1988bb524b72441d8998b69537875a5af116d8e678418bb70be0c927e803a6c7d21ca0553d953f187fdb6f154c470fb475955bbe9c08eaa74cb38d2f051354d1d59ddcc281d5d4530b67adaf3d888a137e2bdc94739ea0b80070116b09d3fac117e7a5ed9b5908ae0d00398c2a130036bb22047a7ecbdbaec5c3147e936f71e3d004d549b1c48e3758e391e260f0e0ded6055b7d316ff27f971469eb76f0cce1afd160f1f93002325e2d10584b4397ef1f5f09859e7ae56d03dfafbca2a388c31add0e8dd99fe9e3cefbe0016610f5b7f0f0f3e123add9b0d8e7b821818636d45c1e5c4eb396f120528cec0adc55"}) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xff00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000011630d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:22 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x15000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:22 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x6}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfdb8, 0x4008080, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}}, 0x1c) perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg(r1, &(0x7f00000092c0), 0x4ff, 0x0) 07:08:22 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f00000000c0)) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$inet_mreqsrc(r0, 0x0, 0x25, &(0x7f0000000140)={@multicast2=0xe0000002, @rand_addr=0x8, @multicast1=0xe0000001}, 0xc) read(r0, &(0x7f0000000000)=""/151, 0x97) ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000100)) 07:08:22 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3000000, 0x20}, [{}]}, 0x58) 07:08:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:22 executing program 3 (fault-call:8 fault-nth:45): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x801, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@rand_addr, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@remote}}, &(0x7f0000000100)=0xe8) bind$packet(r1, &(0x7f00000001c0)={0x11, 0x7, r2, 0x1, 0x151, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0xff, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x12}}, 0x6}, 0x1c) [ 358.514959] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:22 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1600000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:22 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000140)="6eb5f93d6e676d7000443ce3a46db12af1667f34c76d2516f27ce03bfd1172bcfe8dd863055ebbe610199f9c3d0ebc6e71f427311bcbcd249ef3ea7c780350052e98b56c2e") r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0xffffffffffffffd6) 07:08:22 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1500, 0x20}, [{}]}, 0x58) 07:08:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xff00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 358.657940] FAULT_INJECTION: forcing a failure. [ 358.657940] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 358.669878] CPU: 1 PID: 24253 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 358.669887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 358.669892] Call Trace: [ 358.669920] dump_stack+0x1c9/0x2b4 [ 358.693867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 358.699071] should_fail.cold.4+0xa/0x11 [ 358.703146] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 358.708258] ? percpu_ref_tryget_live+0x15b/0x440 [ 358.713105] ? mem_cgroup_id_get_many+0x160/0x160 [ 358.717934] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 358.722761] ? lock_acquire+0x1e4/0x540 [ 358.726718] ? percpu_ref_put_many+0x119/0x240 [ 358.731287] ? lock_downgrade+0x8f0/0x8f0 [ 358.735422] ? lock_release+0xa30/0xa30 [ 358.739380] ? __kernel_text_address+0xd/0x40 [ 358.743864] ? lock_acquire+0x1e4/0x540 [ 358.747829] ? fs_reclaim_acquire+0x20/0x20 [ 358.752147] ? lock_downgrade+0x8f0/0x8f0 [ 358.756281] ? check_same_owner+0x340/0x340 [ 358.760586] ? save_stack+0x43/0xd0 [ 358.764196] ? kasan_kmalloc+0xc4/0xe0 [ 358.768074] ? rcu_note_context_switch+0x730/0x730 [ 358.772992] __alloc_pages_nodemask+0x36e/0xdb0 [ 358.777647] ? lock_downgrade+0x8f0/0x8f0 [ 358.781779] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 358.786778] ? mem_cgroup_handle_over_high+0x130/0x130 [ 358.792035] ? fs_reclaim_acquire+0x20/0x20 [ 358.796344] ? percpu_ref_put_many+0x131/0x240 [ 358.800909] ? mem_cgroup_id_get_online+0x310/0x310 [ 358.805912] ? kasan_unpoison_shadow+0x35/0x50 [ 358.810477] ? kasan_kmalloc+0xc4/0xe0 [ 358.814357] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 358.819878] alloc_pages_current+0x10c/0x210 [ 358.824269] __get_free_pages+0xc/0x40 [ 358.828149] mmu_topup_memory_caches+0x1f8/0x3a0 [ 358.832893] kvm_mmu_load+0x21/0x10e0 [ 358.836675] ? rcu_note_context_switch+0x730/0x730 [ 358.841597] ? filemap_map_pages+0xca2/0x1990 [ 358.846080] vcpu_enter_guest+0x3aa6/0x6090 [ 358.850388] ? kasan_check_write+0x14/0x20 [ 358.854606] ? __mutex_lock+0x6c4/0x1680 [ 358.858651] ? kvm_set_msr_common+0x26a0/0x26a0 [ 358.863304] ? lock_acquire+0x1e4/0x540 [ 358.867261] ? vmx_vcpu_load+0xadf/0xff0 [ 358.871314] ? trace_hardirqs_on+0x10/0x10 [ 358.875535] ? vmx_vcpu_reset+0x1040/0x1040 [ 358.879852] ? find_get_entries_tag+0x1410/0x1410 [ 358.884690] ? lock_acquire+0x1e4/0x540 [ 358.888659] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 358.893658] ? lock_release+0xa30/0xa30 [ 358.897614] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 358.903221] ? kvm_arch_dev_ioctl+0x610/0x610 [ 358.907695] ? preempt_notifier_dec+0x20/0x20 [ 358.912174] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 358.916999] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 358.922006] kvm_vcpu_ioctl+0x7b8/0x1300 [ 358.926055] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 358.931753] ? lock_acquire+0x1e4/0x540 [ 358.935710] ? __fget+0x4ac/0x740 [ 358.939147] ? lock_downgrade+0x8f0/0x8f0 [ 358.943278] ? lock_release+0xa30/0xa30 [ 358.947234] ? pid_task+0x115/0x200 [ 358.950846] ? find_vpid+0xf0/0xf0 [ 358.954369] ? __f_unlock_pos+0x19/0x20 [ 358.958325] ? __fget+0x4d5/0x740 [ 358.961776] ? ksys_dup3+0x690/0x690 [ 358.965475] ? kasan_check_write+0x14/0x20 [ 358.969694] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 358.975214] ? perf_trace_sys_exit+0x3f7/0x650 [ 358.979782] ? vfs_write+0x2f3/0x560 [ 358.983480] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 358.989183] do_vfs_ioctl+0x1de/0x1720 [ 358.993053] ? fsnotify_first_mark+0x350/0x350 [ 358.997618] ? __fsnotify_parent+0xcc/0x420 [ 359.001922] ? ioctl_preallocate+0x300/0x300 [ 359.006312] ? __fget_light+0x2f7/0x440 [ 359.010271] ? fget_raw+0x20/0x20 [ 359.013710] ? __sb_end_write+0xac/0xe0 [ 359.017669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 359.023189] ? syscall_slow_exit_work+0x111/0x500 [ 359.028017] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 359.032670] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 359.038105] ? security_file_ioctl+0x94/0xc0 [ 359.042497] ksys_ioctl+0xa9/0xd0 [ 359.045932] __x64_sys_ioctl+0x73/0xb0 [ 359.049814] do_syscall_64+0x1b9/0x820 [ 359.053692] ? syscall_slow_exit_work+0x500/0x500 [ 359.058518] ? syscall_return_slowpath+0x5e0/0x5e0 [ 359.063442] ? syscall_return_slowpath+0x31d/0x5e0 [ 359.068356] ? prepare_exit_to_usermode+0x291/0x3b0 [ 359.073354] ? perf_trace_sys_enter+0xb10/0xb10 [ 359.078008] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.082839] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.088011] RIP: 0033:0x455ba9 07:08:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000f000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:22 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x16, 0x20}, [{}]}, 0x58) [ 359.091179] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 359.110351] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 359.118042] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 359.125293] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 359.132559] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 359.139818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 359.147068] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000002d 07:08:22 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) close(r1) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(tnepres)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7be", 0x10) r3 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r3, &(0x7f0000003d00)=[{0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f0000001f80)="b0887c5916ad7dce6c4a71cfed26e70412ed4a3ae90c106c384e59c54e2c23b37e3be3f5988fe72d81204b21de7607ba", 0x30}], 0x1, &(0x7f0000000240)}], 0x1, 0x0) recvmsg(r3, &(0x7f0000003e40)={&(0x7f0000003e80)=@nfc, 0x80, &(0x7f0000030fa0)=[{&(0x7f000034df41)=""/191, 0xbf}], 0x1, &(0x7f0000590000)}, 0x0) 07:08:22 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x5000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 359.175363] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000060000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:23 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000006c0)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000780)) ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000b80)) 07:08:23 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000009effffff0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfc00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:23 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x3f00, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:23 executing program 1: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r0, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x2d6) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r1, &(0x7f0000000100), 0xffffffffffffffd6, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = socket$inet(0x10, 0x3, 0x4) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0) 07:08:23 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x11000000, 0x20}, [{}]}, 0x58) 07:08:23 executing program 3 (fault-call:8 fault-nth:46): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:23 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x200500, 0x0) ioctl$VHOST_SET_LOG_BASE(r2, 0x4008af04, &(0x7f0000000100)=&(0x7f00000000c0)) prctl$void(0x7) ioctl$sock_netdev_private(r0, 0x89f0, &(0x7f00000002c0)="45de26d75b6492ef26824a32682a18a72855ee493040df47deb9bd3a987a34cf0514bd4d7a816c3f7d6b764d9d917f0b31901504be55562b67ce2e21a555a07222f1557db32c564ccfadae560e7993d39e5d9d107555dd3a7e7244f1d930bf2f4770e3a59822f6485fc55a4aeab0313ad8150feb3edf339399ae939cd4aed736e040fc5c5f8fb7acd27308314de0f90ea3fd5a83ab4c6f0502b0d15b79df04b401a92e42c80dd3e84e659b7a6fe3543f4c912a7031e98f0541240254a2efd4056e1b89b19358c3304a16e38d3a55b2b055b88f40be9b297a1494f88e6d366895e9baaf79097900cb0725123fd8872a153d58de56df055690391aa16f8b6efb0f31b425eb567c0a75f1dff5394b5b8a3cd5f51baf626ee3beccbaf6e9d3212b89b9935fc244f158c7edcc54174347883509913fd14eb03d8e44f7ea41294c564220af248475a1265a00b180f3afdcad83040551455e91025ca84dde1d488e11a73d89d48edd5605ae9a6f6b74f30b8fed3fa0bb273c88415552e564d42f57b310ea95b7b27301fa10a227873386b87cd217e2a60d521680a8a0b497b60afdb8e0c7c47fe1b97fa98e615164684c993191a00c86836717bfb20ab9a628c87ad18dfbe17375e33b4a8ce2c4051685c3a33764ae235da04dca4b73baf226c688781689c564d82601c101a4614d5c68561acbf354e6016c303bedeca9a6f2a0ade1859b89be6ffb573f72a77f7c8b48fb25988b99b4df95fe0bcf0d0dd52d6263faad948e595ce7c5aa913f199c74458841be5030f611f0f358279c9665c3c27c14cbc7176190b2488e9993aa99b0f185f0db61f8b1cfb94db643ce642787718405f3622adcadaaf18029dff37f4747613539fd2cd304cfbd9ee36758aa04ef28db9402fced36a8a9c7bec1c8330266ae63e5a1ff997608c92d62dfd0492d89272b9fc46c60593aa96350554e0aa62f9dd1573e65d5f43696b92700a6423d990cc8790183b21fa65e601f78650390d8f9b5aaa20acdb25516cee43b7661dac55dfa8477610b83ed57fa9dbe7beb4007bf971b14e4480f259507c4b176bdc73b6c0b1b742297af0f40188953882316d6f5ed2d16c5f9f0598b5c8196a9d41f7a1c0193b4144b4737582f56e5f19b0f8214144f6624ce17f71040be2638a80aabad1d2b7900a9008af0be604caed53d4aec915223a56e419508d8c8b33519251eed95229087e3084cc4c3a823c39d72e2fcc1dae87dda3e1c8daf4de4d5dc536972eaefcd5cef17f527848bafbc70ed4b775ee42641cd3be7e5370bb6ab0a5d4ebdf08394c5830f172e242e135fc4f90a37ab2fa515b2beeb3d050b9d346b523440450fe113f3b24b3c4554976b1b354928fa0819bdaaefa7e7b4b204dc3a33e88c0a9f3f59bd40b35027710bc2a9e793423011661e6f5d9a6d009a515532f53ec0a05fdf93c5028ecf23691516de0a606dfdac27faa6fec6cff22343f9b0ec91a782e80f8a3adc2ba3173e469cc05ae31d546541d771eb9502a3a210d8176198fa2b9e15cafdf419b912e42074941061c579107f60021630c6deaa09f3a176eb2c712cdbe2156998d57b804730c06220448520bb446678075793d0b5f8f0ffd6dca9556841d9c104c61fef66814922dbab313a1fc46edf0a4e4e20211580326a604225fc88d18084757ecbb64f5cfbe23f99527c46943d5cce72f2923ae7367d0f2a0d5a82c35daf6c66e4fe1d7cb3b46a7a423bb517c26fe91fadad426f0a5e24bdfc0507f353986ea5767a37dea0e24c71ab9ed8cfc50ae1b2064255f0320ebee2f47ec678a906febe55e85cfb62921017dec4b488fc9848f623105853771629e6ff2fda1a4c5d26ee6a88478a88e6465124f3dc3c90f3fa8752b4a77786b7dda2ccc64d5b5f438f9f621efc191e2030163f825eda228a217dc35bdd3bd07d6ce0ee33160f1256484f32322d09776bd85a88f1d4d26ef4f456112a1c4f3a7f22d73935078b9ed136ae79c250087314ea2c10793759d0d2458545270f8bf5d0f8d6aa3bc9c4f8d0c9ae9bcff752ca1efbb266cb6ac967885c3d3100d0747be8786129da5f4ee002207695b630adc9323fea138a34c0dfeb5fb94bb9db70e5269e59489f2acc0de9f474cf6a1d30bb82bc09e43dd242da38cf7a5c2285942d5dd3d0067122e7e7f32e10c566064efa6abaed870a308563e60c095b8954af30a2d71ff8f1b767d338de9d8e8f2b8d9ca0113100bcdac9c13312d9f247c37a7215f0e6907eb11df0e01a6b93155e8f0ac9e7ee09ea35aaf6cc442af1b850f158dec08ff6d3486069f2ae8a93da39e89b3d7b1808e9d915d6e1496c932be21a9a1feec169122cb1fd120c329caeea763258d3871911a6f321a175d9bf52dab1a06d3f8941db762b738ae42aa5b9bb1fecba4909560a3de0f4beaf73b88f706d3ef790278d48e0d4613c03dd8562c13295bf6e981c6d40d8563895f12c8ea73083a6dc94535563f6c5a50a4e20cc03fd4b9157d9790c0d0ad75b381496e5ea509a1bc4e1056c0f53c650b69b31ac7e81776cf6264c4c066044b56521a3004e3ccc0994c74809cd8e34cf4df008790507639a1d1a5bad097ad7bd588b4bd1fe35ebc15e0d3607af2d6130d988542a25635dbf869c85694e7627d19221aee805919ec8abdc6ccf63dfb1f48b99134db4b28368f69f53aa5b44f9b2e9d29aeb2db1ffc4237a48e2032573fdcfb4f5dab56b00e17012b5464fbca5f89a5fe74425712d0ffba04e666d0636b040d7f8bb6cf8d2d1847e0ba0b599b69407a88583f48c9c589b373c6d1a4f373d0ee1a6e698e8d916511919621a4fc856931507a1b2fcb2b796a8cd24f9deaa8de70fb37d961a456ed2ec0e8aaf34c80b2a50752f58f8cd4468011442d106dba009d4e48d37b56e95cd2aad703676db238ee89c0120f969f0cd2000ac9be663642cfbd7d3ad176f0bf3a8517dcaac79948999aae3e9eb2d01f366b9867a1764cb3128f56901bab7a7ca434b094a8a6631aa35aad9bf52c1308f8d0da851356a56e15788b537fffb58b633e79c55c7c6befee62367fde4555b88ee910b122e7cd7507761c679ca5210f6243623acc45885d6c2fbb8552880f0c7019166643f9cbf632d7546d32f3a15fd048a841163d37bdb328f48acc4d793607a5253001f8b641f9b82bf6b90c91871a3201582f13080a9a20d88003307c7d7bb2c45141861d5892fc3f218e454863fafba74171a7f1f66a6618d2f378884f714c884b622bead35d009314f45b2164dbe0c5122c5c58a14c26354fb75acffbd5b728d4497b3df00144a5d34b6b8d888ea8e4085f11ff85559897e0431be4ba046fdb573905283e3a966ade1357d85da6d72c79052729ce0c80ddfb99bd57c89cfaf5a5c11da1cccdbe1295a37bfb856dbd9130895ebd0778557d6f10309901ffe3db42b8a9714ae065f296f607f7375e39c9b85eaebd5639b4860fb658bb11d2d2be6510df4320e2aed211bb2e7078d4c6bdfdc8b112ee111167bd871f8e6f26ad4ee63c2575e14ee8044fb302cce32b325ad98fad17436ba86b0716a55ed92b986243bf6ee00349e7cc2f4001578da8c017b02b910fb347074e86345f44f268d16277a4ecbc0f65e61cd8601080c0303b57d1e6cb6c655bb54febdec9e4d4e8a2c26a05a03d46cbaa8fc3dd48cfd19d7bd8ddd0dee46f408b5fd59e66d4f80560e871f2f7e060809d61f99499f9038aed1acea3c9b7dd458d9bea6ae79e586eeaf44ce6cf37c71c45545952831a3a63640e6d13834690568dd0222c4278dd8568875fa6bfa17cb4e5805ed610ffd38717c0861a41e20ad59ea49149d6173d92f6917b2e9b61dfd59044a1ab30c56f468377570b73e9f68b904ac73dce376949af4bc1546e2f28669c74d7bd3c9ae19d90729b52a81564437567d28508bb5bcc4bf37dc15d121ec9880ff7ac37a4b11c8dc32e8947cc5c33056d2eb74f0dc7a6bf266ba9e797429a9b747189e5bf254b111278b4dc9a6f386a70d915e9468865557b59da9d1d561d77abf8e87040ff16fa0af18d1daad767943a830459b64b8451dd2a63ee37776b8facee1ae6dadfe3acb25a29f4ee5ad6996055621ce97a5003287cfa9ead14ddd8a280359c4c7a4923fd20a93f6073ed41950bb4128effe19c4847d8417357d4fc611b8db9cb07766970d661a64507054cd5d36acadaf443627f098b32801ca1306cb7e91223ce04bf7fa69248696e50b39bee5ef2f9626a4c394864bd30a7b4ae25fe4339539526eaefd5200165977de3fb9518464e9ad578d32b34d3e2f5da461c5dea7c30198595f4421c8ea34bd34f87b65067498793dae2d40ddc68af0b0517284d27c7e29e54bcff2cbcd5a8640258fb911844d5c28a075eae2abdd9474caa23ebe2cc71cab03efb06e1e088fe887eb2ae37496c97893dba507d10f4bf33b37a845bd76f0bac11f8bb73a17e8eba15d13d6fe933a146246736d6045440e371d075f2ed29a5a7e50f4856f3f8ca2dc4814a1a61351d0b9e02c0d6762c2e6d15725473f41c6bca7a1926bcb0c3e334d20f8262a1c0786eeb73ce5216c59477466a7d63ce55d15e3112d3430fc5aa3d2ad7af777a82b8f8fc5665da1f85b3b50cee61793d6cd668a94ccbbb4d873584c05230cc06d90dbe3a9694d18e2a8d0e32d1a60819d5b2a5fefd6d16dec8947ee75623f1a9c310271112ed7e6e88dc27f132f715c6900b0b21fe47e7d2e43f55dc54f674910191ea26016d4be53c34d8ea06383c09d266351569f6b39f015eaf1f3f3c974e98bdbe3df0481900aa010e802afa52f865fa6ab7c6f21cc943fa2c527ac992237e2e3217bbe042b64c19f32b9fb6fc953454c3bed943d1453cbeb1cc97b9cc7b428f1101bfac55bd11707626bcf18b19882f17fd1b207badedc058e019cc0abf886e38f4ee075e342c538012ecf65d42957d2ac90568acaced6f04ccb88766de2e5909db2ba17057edae5cbd5063ebf1b3b6a6299595d65e0cc758c0c0f0f0692f091eb0819e4f132283a6a05e0bfbc38d428e849c3ce9d8936762e19d9c70fc5d3821af7a2fed338ff90136c07847cfae828fdda36b56eccf3c68064035e08830dc444396ab889f878265441f8e4a19c7ec71cf4612d2e36320306df24c86d6ef4b49504a3de9b969576b0cf9bb7cb0c42ea2005a7efb64d3f998b4d08243da8c30ed3eb5936abbd4590144af928174c1d2db313478c5fb1a5e62fecca80bd257be5c226d0401aa8c7968e5a88a763e4602be1c08a18ceebba9ff38c4e44af7a1115cd24d8841606d1183d374759379cb347031a051b8dcb2d66961505cef90f3eb91920feb7cf0edc0e0e542ab648083d64e191382a569221b62de077ad5210ebf54b8ea7c1c027c69eccb1544e50cd4f98337e74e5f12f65755a632c0bdcc3bec2df252fe53bf7d0abdcd5ef16ac6ddbb793472cd3fb2ddbd23d8d647f2da78a78ee6337d7adca074495677c9635d5e9975811f41f91fd51c52b774db8513277617185427a0fd6071531203fa665c89854a36cd611ca24de83ec130fb654fc0fb3fb4fdd8ed74410beacbbbf658d3e59752db86ad765efb2a25564b14339306abf8ec9e705e023ff3386926f8b1de389cc3b629109303093b98a8224fc90efbf440be5421a226efba3a1a2327eca0e20bd923d46a51956a8963fead069911980d4c3c21f30804f6a60209284ce213f5c7aa6ad5d120a9bfaf9d889f0f26b70fa4e7fdb5794fb6e9a8321fdf82846d4026bc7fd96629f9c2d55a06972ff46d7b1dee6") 07:08:23 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x2, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:23 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000020000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 359.552306] FAULT_INJECTION: forcing a failure. [ 359.552306] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 359.564207] CPU: 0 PID: 24322 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 359.572614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 359.581971] Call Trace: [ 359.584563] dump_stack+0x1c9/0x2b4 [ 359.588178] ? dump_stack_print_info.cold.2+0x52/0x52 [ 359.593361] should_fail.cold.4+0xa/0x11 [ 359.597406] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 359.602495] ? percpu_ref_tryget_live+0x15b/0x440 [ 359.607322] ? mem_cgroup_id_get_many+0x160/0x160 [ 359.612157] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 359.616986] ? lock_acquire+0x1e4/0x540 [ 359.620944] ? percpu_ref_put_many+0x119/0x240 [ 359.625509] ? lock_downgrade+0x8f0/0x8f0 [ 359.629641] ? lock_release+0xa30/0xa30 [ 359.633657] ? __kernel_text_address+0xd/0x40 [ 359.638147] ? lock_acquire+0x1e4/0x540 [ 359.642108] ? fs_reclaim_acquire+0x20/0x20 [ 359.646426] ? lock_downgrade+0x8f0/0x8f0 [ 359.650571] ? check_same_owner+0x340/0x340 [ 359.654877] ? save_stack+0x43/0xd0 [ 359.658485] ? kasan_kmalloc+0xc4/0xe0 [ 359.662359] ? rcu_note_context_switch+0x730/0x730 [ 359.667286] __alloc_pages_nodemask+0x36e/0xdb0 [ 359.671941] ? lock_downgrade+0x8f0/0x8f0 [ 359.676077] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 359.681078] ? mem_cgroup_handle_over_high+0x130/0x130 [ 359.686338] ? fs_reclaim_acquire+0x20/0x20 [ 359.690648] ? percpu_ref_put_many+0x131/0x240 [ 359.695212] ? mem_cgroup_id_get_online+0x310/0x310 [ 359.700212] ? kasan_unpoison_shadow+0x35/0x50 [ 359.704781] ? kasan_kmalloc+0xc4/0xe0 [ 359.708656] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 359.714179] alloc_pages_current+0x10c/0x210 [ 359.718572] __get_free_pages+0xc/0x40 [ 359.722447] mmu_topup_memory_caches+0x1f8/0x3a0 [ 359.727189] kvm_mmu_load+0x21/0x10e0 [ 359.730974] ? rcu_note_context_switch+0x730/0x730 [ 359.735888] vcpu_enter_guest+0x3aa6/0x6090 [ 359.740215] ? kasan_check_write+0x14/0x20 [ 359.744433] ? __mutex_lock+0x6c4/0x1680 [ 359.748481] ? kvm_set_msr_common+0x26a0/0x26a0 [ 359.753132] ? cpuacct_charge+0x30a/0x5d0 [ 359.757266] ? vmx_vcpu_load+0xadf/0xff0 [ 359.761310] ? trace_hardirqs_on+0x10/0x10 [ 359.765528] ? vmx_vcpu_reset+0x1040/0x1040 [ 359.769834] ? update_curr+0x4e7/0xc00 [ 359.773714] ? find_get_entries_tag+0x1410/0x1410 [ 359.778543] ? __account_cfs_rq_runtime+0x770/0x770 [ 359.783550] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 359.789075] ? lock_acquire+0x1e4/0x540 [ 359.793034] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 359.798035] ? lock_release+0xa30/0xa30 [ 359.802013] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 359.807273] ? kvm_arch_dev_ioctl+0x610/0x610 [ 359.811750] ? preempt_notifier_dec+0x20/0x20 [ 359.816234] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 359.821058] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 359.826255] kvm_vcpu_ioctl+0x7b8/0x1300 [ 359.830303] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 359.836014] ? lock_acquire+0x1e4/0x540 [ 359.839970] ? __fget+0x4ac/0x740 [ 359.843406] ? lock_downgrade+0x8f0/0x8f0 [ 359.847538] ? lock_release+0xa30/0xa30 [ 359.851497] ? pid_task+0x115/0x200 [ 359.855107] ? find_vpid+0xf0/0xf0 [ 359.858631] ? __f_unlock_pos+0x19/0x20 [ 359.862588] ? __fget+0x4d5/0x740 [ 359.866026] ? ksys_dup3+0x690/0x690 [ 359.869725] ? kasan_check_write+0x14/0x20 [ 359.873959] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 359.878871] ? fsnotify+0xbac/0x14e0 [ 359.882570] ? vfs_write+0x2f3/0x560 [ 359.886269] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 359.891962] do_vfs_ioctl+0x1de/0x1720 [ 359.895832] ? fsnotify_first_mark+0x350/0x350 [ 359.900395] ? __fsnotify_parent+0xcc/0x420 [ 359.904699] ? ioctl_preallocate+0x300/0x300 [ 359.909088] ? __fget_light+0x2f7/0x440 [ 359.913046] ? fget_raw+0x20/0x20 [ 359.916497] ? __sb_end_write+0xac/0xe0 [ 359.920468] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 359.925986] ? fput+0x130/0x1a0 [ 359.929255] ? ksys_write+0x1ae/0x260 [ 359.933041] ? security_file_ioctl+0x94/0xc0 [ 359.937440] ksys_ioctl+0xa9/0xd0 [ 359.940880] __x64_sys_ioctl+0x73/0xb0 [ 359.944757] do_syscall_64+0x1b9/0x820 [ 359.948626] ? syscall_slow_exit_work+0x500/0x500 [ 359.953462] ? syscall_return_slowpath+0x5e0/0x5e0 [ 359.958375] ? syscall_return_slowpath+0x31d/0x5e0 [ 359.963299] ? prepare_exit_to_usermode+0x291/0x3b0 [ 359.968298] ? perf_trace_sys_enter+0xb10/0xb10 [ 359.972950] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 359.977777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 359.982947] RIP: 0033:0x455ba9 07:08:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x6000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:23 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x12000000, 0x20}, [{}]}, 0x58) [ 359.986115] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.005284] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.012977] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 360.020227] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 360.027477] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 360.034743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 360.042006] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000002e 07:08:23 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x3, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:23 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000050000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:23 executing program 3 (fault-call:8 fault-nth:47): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:23 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x2}, [{}]}, 0x58) [ 360.127789] netlink: 'syz-executor5': attribute type 29 has an invalid length. [ 360.148743] netlink: 'syz-executor5': attribute type 29 has an invalid length. [ 360.207944] FAULT_INJECTION: forcing a failure. [ 360.207944] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.219934] CPU: 0 PID: 24369 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 360.228339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.237689] Call Trace: [ 360.240272] dump_stack+0x1c9/0x2b4 [ 360.243889] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.249070] should_fail.cold.4+0xa/0x11 [ 360.253116] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 360.258202] ? percpu_ref_tryget_live+0x15b/0x440 [ 360.263029] ? mem_cgroup_id_get_many+0x160/0x160 [ 360.267855] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 360.272687] ? lock_acquire+0x1e4/0x540 [ 360.276656] ? percpu_ref_put_many+0x119/0x240 [ 360.281222] ? lock_downgrade+0x8f0/0x8f0 [ 360.285355] ? lock_release+0xa30/0xa30 [ 360.289314] ? __kernel_text_address+0xd/0x40 [ 360.293797] ? lock_acquire+0x1e4/0x540 [ 360.297755] ? fs_reclaim_acquire+0x20/0x20 [ 360.302061] ? lock_downgrade+0x8f0/0x8f0 [ 360.306195] ? check_same_owner+0x340/0x340 [ 360.310499] ? save_stack+0x43/0xd0 [ 360.314113] ? kasan_kmalloc+0xc4/0xe0 [ 360.317997] ? rcu_note_context_switch+0x730/0x730 [ 360.322922] __alloc_pages_nodemask+0x36e/0xdb0 [ 360.327575] ? lock_downgrade+0x8f0/0x8f0 [ 360.331712] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 360.336716] ? mem_cgroup_handle_over_high+0x130/0x130 [ 360.341973] ? fs_reclaim_acquire+0x20/0x20 [ 360.346279] ? percpu_ref_put_many+0x131/0x240 [ 360.350846] ? mem_cgroup_id_get_online+0x310/0x310 [ 360.355847] ? kasan_unpoison_shadow+0x35/0x50 [ 360.360414] ? kasan_kmalloc+0xc4/0xe0 [ 360.364289] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 360.369811] alloc_pages_current+0x10c/0x210 [ 360.374728] __get_free_pages+0xc/0x40 [ 360.378603] mmu_topup_memory_caches+0x1f8/0x3a0 [ 360.383343] kvm_mmu_load+0x21/0x10e0 [ 360.387138] ? rcu_note_context_switch+0x730/0x730 [ 360.392063] ? filemap_map_pages+0xca2/0x1990 [ 360.396545] vcpu_enter_guest+0x3aa6/0x6090 [ 360.400853] ? kasan_check_write+0x14/0x20 [ 360.405072] ? __mutex_lock+0x6c4/0x1680 [ 360.409120] ? kvm_set_msr_common+0x26a0/0x26a0 [ 360.413773] ? lock_acquire+0x1e4/0x540 [ 360.417733] ? vmx_vcpu_load+0xadf/0xff0 [ 360.421779] ? trace_hardirqs_on+0x10/0x10 [ 360.426013] ? vmx_vcpu_reset+0x1040/0x1040 [ 360.430320] ? find_get_entries_tag+0x1410/0x1410 [ 360.435152] ? lock_acquire+0x1e4/0x540 [ 360.439107] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 360.444107] ? lock_release+0xa30/0xa30 [ 360.448063] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 360.453586] ? kvm_arch_dev_ioctl+0x610/0x610 [ 360.458064] ? preempt_notifier_dec+0x20/0x20 [ 360.462559] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 360.467387] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 360.472388] kvm_vcpu_ioctl+0x7b8/0x1300 [ 360.476447] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 360.482149] ? lock_acquire+0x1e4/0x540 [ 360.486117] ? __fget+0x4ac/0x740 [ 360.489555] ? lock_downgrade+0x8f0/0x8f0 [ 360.493686] ? lock_release+0xa30/0xa30 [ 360.497664] ? pid_task+0x115/0x200 [ 360.501272] ? find_vpid+0xf0/0xf0 [ 360.504798] ? __f_unlock_pos+0x19/0x20 [ 360.508757] ? __fget+0x4d5/0x740 [ 360.512195] ? ksys_dup3+0x690/0x690 [ 360.515898] ? kasan_check_write+0x14/0x20 [ 360.520117] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 360.525639] ? perf_trace_sys_exit+0x3f7/0x650 [ 360.530222] ? vfs_write+0x2f3/0x560 [ 360.533923] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 360.539615] do_vfs_ioctl+0x1de/0x1720 [ 360.543485] ? fsnotify_first_mark+0x350/0x350 [ 360.548051] ? __fsnotify_parent+0xcc/0x420 [ 360.552354] ? ioctl_preallocate+0x300/0x300 [ 360.556748] ? __fget_light+0x2f7/0x440 [ 360.560709] ? fget_raw+0x20/0x20 [ 360.564147] ? __sb_end_write+0xac/0xe0 [ 360.568109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 360.573651] ? syscall_slow_exit_work+0x111/0x500 [ 360.578476] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 360.583142] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 360.588578] ? security_file_ioctl+0x94/0xc0 [ 360.592970] ksys_ioctl+0xa9/0xd0 [ 360.596405] __x64_sys_ioctl+0x73/0xb0 [ 360.600278] do_syscall_64+0x1b9/0x820 [ 360.604162] ? finish_task_switch+0x1d3/0x870 [ 360.608642] ? syscall_return_slowpath+0x5e0/0x5e0 [ 360.613557] ? syscall_return_slowpath+0x31d/0x5e0 [ 360.618471] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 360.623471] ? prepare_exit_to_usermode+0x291/0x3b0 [ 360.628469] ? perf_trace_sys_enter+0xb10/0xb10 [ 360.633133] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 360.637960] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 360.643134] RIP: 0033:0x455ba9 [ 360.646300] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 360.665465] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 360.673162] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 360.680417] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 360.687668] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 360.694925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 360.702811] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000002f 07:08:24 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000013c0)) 07:08:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xa000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:24 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000020d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:24 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x3f00000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:24 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffffffc) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:24 executing program 3 (fault-call:8 fault-nth:48): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="025cc83d6d345f8f742070") syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x8, 0x2, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}}}}}}, &(0x7f0000000000)) [ 360.716669] netlink: 'syz-executor5': attribute type 29 has an invalid length. [ 360.724139] nla_parse: 6 callbacks suppressed [ 360.724148] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'. 07:08:24 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1000000}, [{}]}, 0x58) 07:08:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfec0]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 360.794845] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:24 executing program 0: r0 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0xfffffffffffffff9, 0x2400) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8002}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x98, r1, 0x0, 0x70bd25, 0x25dfdbfb, {0x9}, [@IPVS_CMD_ATTR_DAEMON={0x84, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip_vti0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback={0x0, 0x1}}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'yam0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x60f7}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}]}, 0x98}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:24 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0xffffff7f00000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 360.883283] FAULT_INJECTION: forcing a failure. [ 360.883283] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.895173] CPU: 1 PID: 24403 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 360.903579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.912932] Call Trace: [ 360.915527] dump_stack+0x1c9/0x2b4 [ 360.919179] ? dump_stack_print_info.cold.2+0x52/0x52 [ 360.924385] should_fail.cold.4+0xa/0x11 [ 360.928462] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 360.933571] ? percpu_ref_tryget_live+0x15b/0x440 [ 360.938439] ? mem_cgroup_id_get_many+0x160/0x160 [ 360.943300] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 360.948175] ? lock_acquire+0x1e4/0x540 [ 360.948190] ? percpu_ref_put_many+0x119/0x240 [ 360.948205] ? lock_downgrade+0x8f0/0x8f0 [ 360.948221] ? lock_release+0xa30/0xa30 [ 360.948242] ? __kernel_text_address+0xd/0x40 [ 360.969356] ? lock_acquire+0x1e4/0x540 [ 360.973334] ? fs_reclaim_acquire+0x20/0x20 [ 360.977655] ? lock_downgrade+0x8f0/0x8f0 [ 360.981823] ? check_same_owner+0x340/0x340 [ 360.986140] ? save_stack+0x43/0xd0 [ 360.989760] ? kasan_kmalloc+0xc4/0xe0 [ 360.993636] ? rcu_note_context_switch+0x730/0x730 [ 360.998554] __alloc_pages_nodemask+0x36e/0xdb0 [ 361.003209] ? lock_downgrade+0x8f0/0x8f0 [ 361.007355] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 361.012359] ? mem_cgroup_handle_over_high+0x130/0x130 [ 361.017618] ? fs_reclaim_acquire+0x20/0x20 [ 361.021926] ? percpu_ref_put_many+0x131/0x240 [ 361.026492] ? mem_cgroup_id_get_online+0x310/0x310 [ 361.031505] ? kasan_unpoison_shadow+0x35/0x50 [ 361.036080] ? kasan_kmalloc+0xc4/0xe0 [ 361.039959] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 361.045478] alloc_pages_current+0x10c/0x210 [ 361.049869] __get_free_pages+0xc/0x40 [ 361.053741] mmu_topup_memory_caches+0x1f8/0x3a0 [ 361.058482] kvm_mmu_load+0x21/0x10e0 [ 361.062266] ? rcu_note_context_switch+0x730/0x730 [ 361.067179] ? filemap_map_pages+0xca2/0x1990 [ 361.071662] vcpu_enter_guest+0x3aa6/0x6090 [ 361.075980] ? kasan_check_write+0x14/0x20 [ 361.080201] ? __mutex_lock+0x6c4/0x1680 [ 361.084246] ? kvm_set_msr_common+0x26a0/0x26a0 [ 361.088898] ? lock_acquire+0x1e4/0x540 [ 361.092856] ? vmx_vcpu_load+0xadf/0xff0 [ 361.096902] ? trace_hardirqs_on+0x10/0x10 [ 361.101119] ? vmx_vcpu_reset+0x1040/0x1040 [ 361.105426] ? find_get_entries_tag+0x1410/0x1410 [ 361.110260] ? lock_acquire+0x1e4/0x540 [ 361.114215] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 361.119216] ? lock_release+0xa30/0xa30 [ 361.123175] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 361.128434] ? kvm_arch_dev_ioctl+0x610/0x610 [ 361.132911] ? preempt_notifier_dec+0x20/0x20 [ 361.137391] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 361.142216] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 361.147230] kvm_vcpu_ioctl+0x7b8/0x1300 [ 361.151288] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 361.156986] ? lock_acquire+0x1e4/0x540 [ 361.160946] ? __fget+0x4ac/0x740 [ 361.164381] ? lock_downgrade+0x8f0/0x8f0 [ 361.168523] ? lock_release+0xa30/0xa30 [ 361.172485] ? pid_task+0x115/0x200 [ 361.176096] ? find_vpid+0xf0/0xf0 [ 361.179620] ? __f_unlock_pos+0x19/0x20 [ 361.183577] ? __fget+0x4d5/0x740 [ 361.187021] ? ksys_dup3+0x690/0x690 [ 361.190722] ? kasan_check_write+0x14/0x20 [ 361.194941] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 361.199851] ? fsnotify+0xbac/0x14e0 [ 361.203911] ? vfs_write+0x2f3/0x560 [ 361.207610] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 361.213303] do_vfs_ioctl+0x1de/0x1720 [ 361.217172] ? fsnotify_first_mark+0x350/0x350 [ 361.221738] ? __fsnotify_parent+0xcc/0x420 [ 361.226043] ? ioctl_preallocate+0x300/0x300 [ 361.230432] ? __fget_light+0x2f7/0x440 [ 361.234388] ? fget_raw+0x20/0x20 [ 361.237824] ? __sb_end_write+0xac/0xe0 [ 361.241786] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 361.247314] ? fput+0x130/0x1a0 [ 361.250577] ? ksys_write+0x1ae/0x260 [ 361.254364] ? security_file_ioctl+0x94/0xc0 [ 361.258753] ksys_ioctl+0xa9/0xd0 [ 361.262192] __x64_sys_ioctl+0x73/0xb0 [ 361.266062] do_syscall_64+0x1b9/0x820 [ 361.269931] ? finish_task_switch+0x1d3/0x870 [ 361.274409] ? syscall_return_slowpath+0x5e0/0x5e0 [ 361.279322] ? syscall_return_slowpath+0x31d/0x5e0 [ 361.284246] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 361.289243] ? prepare_exit_to_usermode+0x291/0x3b0 [ 361.294240] ? perf_trace_sys_enter+0xb10/0xb10 [ 361.298892] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 361.303722] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 361.308893] RIP: 0033:0x455ba9 [ 361.312060] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:24 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:24 executing program 5: r0 = socket$unix(0x1, 0x2, 0x0) setsockopt$inet_buf(r0, 0x0, 0x0, &(0x7f0000000600)="e4", 0x1) keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000280)}, {&(0x7f0000000540)}], 0x2, 0x0) 07:08:24 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000060d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x2000000}, [{}]}, 0x58) 07:08:25 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f000051cff6)='/dev/ptmx\x00', 0x0, 0x0) openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x40000, 0x0) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000943ffc)=0xa35) read(r1, &(0x7f00003fefff)=""/1, 0x1) r2 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000029000)={0xffffffffffffffff, 0xffffffffffffffff}) readv(r1, &(0x7f0000dcdff0)=[{&(0x7f0000cd8000)=""/1, 0x1}], 0x1) ioctl$int_in(r3, 0x5452, &(0x7f0000b28000)=0x3e) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fb9000)) fcntl$setsig(r3, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r4}], 0x1, 0xfffffffffffffff8) ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000080)) r5 = dup2(r3, r4) fcntl$setown(r5, 0x8, r2) tkill(r2, 0x1a) r6 = getgid() setfsgid(r6) [ 361.331235] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 361.338926] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 361.346177] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 361.353431] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 361.360693] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 361.367943] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000030 07:08:25 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x2000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x7]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:25 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = gettid() r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x7, 0x400) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0xf16, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x400000) read$eventfd(r3, &(0x7f00000000c0), 0x8) fcntl$setown(r0, 0x8, r1) socket$bt_hidp(0x1f, 0x3, 0x6) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x16000000}, [{}]}, 0x58) [ 361.420071] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000070000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:25 executing program 3 (fault-call:8 fault-nth:49): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:25 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:25 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1600, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x5]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x500000000000000}, [{}]}, 0x58) 07:08:25 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x4, 0x4000) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x800, 0x0) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000001c0)={0x10000, &(0x7f00000000c0), 0xe, r2, 0x3}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) [ 361.578380] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000040000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 361.648074] FAULT_INJECTION: forcing a failure. [ 361.648074] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 361.659968] CPU: 1 PID: 24460 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 361.668373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 361.677724] Call Trace: [ 361.679346] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 361.680317] dump_stack+0x1c9/0x2b4 [ 361.680338] ? dump_stack_print_info.cold.2+0x52/0x52 [ 361.680365] should_fail.cold.4+0xa/0x11 [ 361.701591] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 361.706678] ? percpu_ref_tryget_live+0x15b/0x440 [ 361.711505] ? mem_cgroup_id_get_many+0x160/0x160 [ 361.716329] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 361.721160] ? lock_acquire+0x1e4/0x540 [ 361.725126] ? percpu_ref_put_many+0x119/0x240 [ 361.729702] ? lock_downgrade+0x8f0/0x8f0 [ 361.733837] ? lock_release+0xa30/0xa30 [ 361.737794] ? __kernel_text_address+0xd/0x40 [ 361.742281] ? lock_acquire+0x1e4/0x540 [ 361.746249] ? fs_reclaim_acquire+0x20/0x20 [ 361.750553] ? lock_downgrade+0x8f0/0x8f0 [ 361.754686] ? check_same_owner+0x340/0x340 [ 361.758990] ? save_stack+0x43/0xd0 [ 361.762603] ? kasan_kmalloc+0xc4/0xe0 [ 361.766474] ? rcu_note_context_switch+0x730/0x730 [ 361.771395] __alloc_pages_nodemask+0x36e/0xdb0 [ 361.776057] ? lock_downgrade+0x8f0/0x8f0 [ 361.780204] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 361.785204] ? mem_cgroup_handle_over_high+0x130/0x130 [ 361.790461] ? fs_reclaim_acquire+0x20/0x20 [ 361.794778] ? lock_downgrade+0x8f0/0x8f0 [ 361.798911] ? percpu_ref_put_many+0x131/0x240 [ 361.803478] ? mem_cgroup_id_get_online+0x310/0x310 [ 361.808480] ? kasan_unpoison_shadow+0x35/0x50 [ 361.813047] ? kasan_kmalloc+0xc4/0xe0 [ 361.816920] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 361.822445] alloc_pages_current+0x10c/0x210 [ 361.826836] __get_free_pages+0xc/0x40 [ 361.830709] mmu_topup_memory_caches+0x1f8/0x3a0 [ 361.835451] kvm_mmu_load+0x21/0x10e0 [ 361.839234] ? rcu_note_context_switch+0x730/0x730 [ 361.844154] ? filemap_map_pages+0xca2/0x1990 [ 361.848636] vcpu_enter_guest+0x3aa6/0x6090 [ 361.852943] ? kasan_check_write+0x14/0x20 [ 361.857164] ? __mutex_lock+0x6c4/0x1680 [ 361.861233] ? kvm_set_msr_common+0x26a0/0x26a0 [ 361.865886] ? lock_acquire+0x1e4/0x540 [ 361.869853] ? vmx_vcpu_load+0xadf/0xff0 [ 361.873899] ? trace_hardirqs_on+0x10/0x10 [ 361.878119] ? vmx_vcpu_reset+0x1040/0x1040 [ 361.882432] ? find_get_entries_tag+0x1410/0x1410 [ 361.887275] ? lock_acquire+0x1e4/0x540 [ 361.891231] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 361.896236] ? lock_release+0xa30/0xa30 [ 361.900193] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 361.905463] ? kvm_arch_dev_ioctl+0x610/0x610 [ 361.909954] ? preempt_notifier_dec+0x20/0x20 [ 361.914434] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 361.919258] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 361.924299] kvm_vcpu_ioctl+0x7b8/0x1300 [ 361.928355] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 361.934054] ? lock_acquire+0x1e4/0x540 [ 361.938020] ? __fget+0x4ac/0x740 [ 361.941457] ? lock_downgrade+0x8f0/0x8f0 [ 361.945588] ? lock_release+0xa30/0xa30 [ 361.949546] ? pid_task+0x115/0x200 [ 361.953159] ? find_vpid+0xf0/0xf0 [ 361.956683] ? __f_unlock_pos+0x19/0x20 [ 361.960638] ? __fget+0x4d5/0x740 [ 361.964081] ? ksys_dup3+0x690/0x690 [ 361.967793] ? kasan_check_write+0x14/0x20 [ 361.972017] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 361.977539] ? perf_trace_sys_exit+0x3f7/0x650 [ 361.982102] ? vfs_write+0x2f3/0x560 [ 361.985812] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 361.991508] do_vfs_ioctl+0x1de/0x1720 [ 361.995381] ? fsnotify_first_mark+0x350/0x350 [ 361.999954] ? __fsnotify_parent+0xcc/0x420 [ 362.004259] ? ioctl_preallocate+0x300/0x300 [ 362.008651] ? __fget_light+0x2f7/0x440 [ 362.012611] ? fget_raw+0x20/0x20 [ 362.016072] ? __sb_end_write+0xac/0xe0 [ 362.020036] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 362.025560] ? syscall_slow_exit_work+0x111/0x500 [ 362.030388] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 362.035041] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 362.040477] ? security_file_ioctl+0x94/0xc0 [ 362.044867] ksys_ioctl+0xa9/0xd0 [ 362.048304] __x64_sys_ioctl+0x73/0xb0 [ 362.052177] do_syscall_64+0x1b9/0x820 [ 362.056064] ? finish_task_switch+0x1d3/0x870 [ 362.060545] ? syscall_return_slowpath+0x5e0/0x5e0 [ 362.065461] ? syscall_return_slowpath+0x31d/0x5e0 [ 362.070382] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 362.075381] ? prepare_exit_to_usermode+0x291/0x3b0 [ 362.080392] ? perf_trace_sys_enter+0xb10/0xb10 [ 362.085044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.089874] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.095044] RIP: 0033:0x455ba9 [ 362.098225] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 362.117488] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 362.125182] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 362.132435] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 362.139685] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:25 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x9, 0x10002) ioctl$VHOST_GET_VRING_BASE(r2, 0xc008af12, &(0x7f00000000c0)) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x15}, [{}]}, 0x58) 07:08:25 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1400000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 362.146936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 362.154272] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000031 07:08:25 executing program 5: 07:08:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x1100000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:25 executing program 3 (fault-call:8 fault-nth:50): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:25 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000070d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:25 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:25 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x3f000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x300000000000000}, [{}]}, 0x58) 07:08:25 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)=0x1, 0x4) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='/dev/snd/pcmC#D#c\x00', r2}, 0x10) r3 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x100000000, 0x82) llistxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=""/47, 0x2f) mq_notify(r3, &(0x7f00000001c0)={0x0, 0x24, 0x4, @thr={&(0x7f00000000c0)="14ceafe83985db1a8fd8d4f12a0b1f2194bc46f0dffa", &(0x7f0000000100)="66d7259cf17f5473c5333bb61370c609b2166210a0f89f454f"}}) ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f00000002c0)={0x0, 0x0, 0x561, &(0x7f0000000240)=0x200}) 07:08:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 362.401441] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1f00000000000000}, [{}]}, 0x58) 07:08:26 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000ffffff9e0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:26 executing program 5: r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0) ioctl$BLKPG(r0, 0x90000915, &(0x7f00000002c0)={0x0, 0x0, 0xffcf}) 07:08:26 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x4000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:26 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = getpid() getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x0, 0x1, 0x80000001, 0x0, 0xffffffffffffff00}, &(0x7f0000000240)=0x98) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000380)={r2, 0x4}, &(0x7f00000003c0)=0x8) r3 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x400, 0x400000) openat$cgroup_ro(r3, &(0x7f0000000200)='io.stat\x00', 0x0, 0x0) sched_setparam(r1, &(0x7f0000000080)=0xfffffffffffffeff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x740) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100)={0x1, 0x3, 0x6, 0x81}, 0x14) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) dup2(0xffffffffffffffff, r1) [ 362.541839] FAULT_INJECTION: forcing a failure. [ 362.541839] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 362.554263] CPU: 1 PID: 24534 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 362.562660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 362.571997] Call Trace: [ 362.574581] dump_stack+0x1c9/0x2b4 [ 362.578196] ? dump_stack_print_info.cold.2+0x52/0x52 [ 362.583372] should_fail.cold.4+0xa/0x11 [ 362.587430] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 362.592517] ? percpu_ref_tryget_live+0x15b/0x440 [ 362.597348] ? mem_cgroup_id_get_many+0x160/0x160 [ 362.602174] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 362.607003] ? lock_acquire+0x1e4/0x540 [ 362.610965] ? percpu_ref_put_many+0x119/0x240 [ 362.615533] ? lock_downgrade+0x8f0/0x8f0 [ 362.619666] ? lock_release+0xa30/0xa30 [ 362.623626] ? __kernel_text_address+0xd/0x40 [ 362.628107] ? lock_acquire+0x1e4/0x540 [ 362.632065] ? fs_reclaim_acquire+0x20/0x20 [ 362.636369] ? lock_downgrade+0x8f0/0x8f0 [ 362.640505] ? check_same_owner+0x340/0x340 [ 362.644813] ? save_stack+0x43/0xd0 [ 362.648424] ? kasan_kmalloc+0xc4/0xe0 [ 362.652297] ? rcu_note_context_switch+0x730/0x730 [ 362.657214] __alloc_pages_nodemask+0x36e/0xdb0 [ 362.661867] ? lock_downgrade+0x8f0/0x8f0 [ 362.666000] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 362.671888] ? mem_cgroup_handle_over_high+0x130/0x130 [ 362.677148] ? fs_reclaim_acquire+0x20/0x20 [ 362.681454] ? percpu_ref_put_many+0x131/0x240 [ 362.686038] ? mem_cgroup_id_get_online+0x310/0x310 [ 362.691040] ? kasan_unpoison_shadow+0x35/0x50 [ 362.695610] ? kasan_kmalloc+0xc4/0xe0 [ 362.699482] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 362.705009] alloc_pages_current+0x10c/0x210 [ 362.709404] __get_free_pages+0xc/0x40 [ 362.713278] mmu_topup_memory_caches+0x1f8/0x3a0 [ 362.718034] kvm_mmu_load+0x21/0x10e0 [ 362.721817] ? rcu_note_context_switch+0x730/0x730 [ 362.726740] ? filemap_map_pages+0xca2/0x1990 [ 362.731219] vcpu_enter_guest+0x3aa6/0x6090 [ 362.735536] ? kasan_check_write+0x14/0x20 [ 362.739764] ? __mutex_lock+0x6c4/0x1680 [ 362.743808] ? kvm_set_msr_common+0x26a0/0x26a0 [ 362.748471] ? lock_acquire+0x1e4/0x540 [ 362.752431] ? vmx_vcpu_load+0xadf/0xff0 [ 362.756476] ? trace_hardirqs_on+0x10/0x10 [ 362.760696] ? vmx_vcpu_reset+0x1040/0x1040 [ 362.765022] ? find_get_entries_tag+0x1410/0x1410 [ 362.769856] ? lock_acquire+0x1e4/0x540 [ 362.773812] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 362.778811] ? lock_release+0xa30/0xa30 [ 362.782765] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 362.788026] ? kvm_arch_dev_ioctl+0x610/0x610 [ 362.792513] ? preempt_notifier_dec+0x20/0x20 [ 362.796997] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 362.801833] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 362.806833] kvm_vcpu_ioctl+0x7b8/0x1300 [ 362.810892] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 362.816590] ? lock_acquire+0x1e4/0x540 [ 362.820544] ? __fget+0x4ac/0x740 [ 362.823978] ? lock_downgrade+0x8f0/0x8f0 [ 362.828111] ? lock_release+0xa30/0xa30 [ 362.832070] ? pid_task+0x115/0x200 [ 362.835678] ? find_vpid+0xf0/0xf0 [ 362.839209] ? __f_unlock_pos+0x19/0x20 [ 362.843167] ? __fget+0x4d5/0x740 [ 362.846606] ? ksys_dup3+0x690/0x690 [ 362.850305] ? kasan_check_write+0x14/0x20 [ 362.854526] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 362.859435] ? fsnotify+0xbac/0x14e0 [ 362.863132] ? vfs_write+0x2f3/0x560 [ 362.866832] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 362.872524] do_vfs_ioctl+0x1de/0x1720 [ 362.876395] ? fsnotify_first_mark+0x350/0x350 [ 362.880957] ? __fsnotify_parent+0xcc/0x420 [ 362.885262] ? ioctl_preallocate+0x300/0x300 [ 362.889652] ? __fget_light+0x2f7/0x440 [ 362.893608] ? fget_raw+0x20/0x20 [ 362.897047] ? __sb_end_write+0xac/0xe0 [ 362.901014] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 362.906533] ? fput+0x130/0x1a0 [ 362.909805] ? ksys_write+0x1ae/0x260 [ 362.913594] ? security_file_ioctl+0x94/0xc0 [ 362.917988] ksys_ioctl+0xa9/0xd0 [ 362.921425] __x64_sys_ioctl+0x73/0xb0 [ 362.925296] do_syscall_64+0x1b9/0x820 [ 362.929165] ? finish_task_switch+0x1d3/0x870 [ 362.933645] ? syscall_return_slowpath+0x5e0/0x5e0 [ 362.938556] ? syscall_return_slowpath+0x31d/0x5e0 [ 362.943468] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 362.948469] ? prepare_exit_to_usermode+0x291/0x3b0 [ 362.953478] ? perf_trace_sys_enter+0xb10/0xb10 [ 362.958130] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 362.962955] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 362.968139] RIP: 0033:0x455ba9 [ 362.971310] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 362.990474] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 362.998167] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 363.005416] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 363.012669] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 363.019918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 363.027169] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000032 07:08:26 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000140)=0x7fff) read(r0, &(0x7f0000000200)=""/143, 0x8f) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f000000d000), &(0x7f0000001000)=0xfea6) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105517, &(0x7f0000001000)) 07:08:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1000000000000}, [{}]}, 0x58) [ 363.048061] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:26 executing program 3 (fault-call:8 fault-nth:51): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:26 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, 0xffffffffffffffff) 07:08:26 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1200, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x80fe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:26 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000631100000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:26 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x1b, &(0x7f0000000100)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f00000000c0)=0x0) r2 = getpgrp(r1) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x400000000000000}, [{}]}, 0x58) 07:08:26 executing program 1: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, r0) 07:08:26 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 363.193832] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 363.223928] FAULT_INJECTION: forcing a failure. [ 363.223928] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 363.235813] CPU: 0 PID: 24583 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 363.244219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.253570] Call Trace: [ 363.256154] dump_stack+0x1c9/0x2b4 [ 363.259771] ? dump_stack_print_info.cold.2+0x52/0x52 [ 363.264963] should_fail.cold.4+0xa/0x11 [ 363.269023] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 363.274115] ? percpu_ref_tryget_live+0x15b/0x440 [ 363.278969] ? mem_cgroup_id_get_many+0x160/0x160 [ 363.283795] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 363.288624] ? lock_acquire+0x1e4/0x540 [ 363.292593] ? percpu_ref_put_many+0x119/0x240 [ 363.297159] ? lock_downgrade+0x8f0/0x8f0 [ 363.301311] ? lock_release+0xa30/0xa30 [ 363.305270] ? __kernel_text_address+0xd/0x40 [ 363.309756] ? lock_acquire+0x1e4/0x540 [ 363.313717] ? fs_reclaim_acquire+0x20/0x20 [ 363.318024] ? lock_downgrade+0x8f0/0x8f0 [ 363.322157] ? check_same_owner+0x340/0x340 [ 363.326470] ? save_stack+0x43/0xd0 [ 363.330080] ? kasan_kmalloc+0xc4/0xe0 [ 363.333951] ? rcu_note_context_switch+0x730/0x730 [ 363.338869] __alloc_pages_nodemask+0x36e/0xdb0 [ 363.343533] ? lock_downgrade+0x8f0/0x8f0 [ 363.347664] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 363.352665] ? mem_cgroup_handle_over_high+0x130/0x130 [ 363.357922] ? fs_reclaim_acquire+0x20/0x20 [ 363.362230] ? percpu_ref_put_many+0x131/0x240 [ 363.366796] ? mem_cgroup_id_get_online+0x310/0x310 [ 363.371797] ? kasan_unpoison_shadow+0x35/0x50 [ 363.376365] ? kasan_kmalloc+0xc4/0xe0 [ 363.380243] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 363.385866] alloc_pages_current+0x10c/0x210 [ 363.390259] __get_free_pages+0xc/0x40 [ 363.394143] mmu_topup_memory_caches+0x1f8/0x3a0 [ 363.398885] kvm_mmu_load+0x21/0x10e0 [ 363.402679] ? rcu_note_context_switch+0x730/0x730 [ 363.407591] vcpu_enter_guest+0x3aa6/0x6090 [ 363.411906] ? kasan_check_write+0x14/0x20 [ 363.416127] ? __mutex_lock+0x6c4/0x1680 [ 363.420181] ? kvm_set_msr_common+0x26a0/0x26a0 [ 363.424834] ? cpuacct_charge+0x30a/0x5d0 [ 363.428964] ? vmx_vcpu_load+0xadf/0xff0 [ 363.433024] ? trace_hardirqs_on+0x10/0x10 [ 363.437243] ? vmx_vcpu_reset+0x1040/0x1040 [ 363.441547] ? update_curr+0x4e7/0xc00 [ 363.445422] ? find_get_entries_tag+0x1410/0x1410 [ 363.450248] ? __account_cfs_rq_runtime+0x770/0x770 [ 363.455264] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.460785] ? lock_acquire+0x1e4/0x540 [ 363.464753] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 363.469755] ? lock_release+0xa30/0xa30 [ 363.473710] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 363.478971] ? kvm_arch_dev_ioctl+0x610/0x610 [ 363.483454] ? preempt_notifier_dec+0x20/0x20 [ 363.487937] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 363.492778] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 363.497781] kvm_vcpu_ioctl+0x7b8/0x1300 [ 363.501828] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 363.507537] ? lock_acquire+0x1e4/0x540 [ 363.511494] ? __fget+0x4ac/0x740 [ 363.514944] ? lock_downgrade+0x8f0/0x8f0 [ 363.519088] ? lock_release+0xa30/0xa30 [ 363.523044] ? pid_task+0x115/0x200 [ 363.526654] ? find_vpid+0xf0/0xf0 [ 363.530179] ? __f_unlock_pos+0x19/0x20 [ 363.534135] ? __fget+0x4d5/0x740 [ 363.537574] ? ksys_dup3+0x690/0x690 [ 363.541273] ? kasan_check_write+0x14/0x20 [ 363.545491] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 363.551018] ? perf_trace_sys_exit+0x3f7/0x650 [ 363.555592] ? vfs_write+0x2f3/0x560 [ 363.559290] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 363.564981] do_vfs_ioctl+0x1de/0x1720 [ 363.568854] ? fsnotify_first_mark+0x350/0x350 [ 363.573439] ? __fsnotify_parent+0xcc/0x420 [ 363.577743] ? ioctl_preallocate+0x300/0x300 [ 363.582135] ? __fget_light+0x2f7/0x440 [ 363.586093] ? fget_raw+0x20/0x20 [ 363.589534] ? __sb_end_write+0xac/0xe0 [ 363.593495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 363.599028] ? syscall_slow_exit_work+0x111/0x500 [ 363.603854] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 363.608511] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 363.613958] ? security_file_ioctl+0x94/0xc0 [ 363.618349] ksys_ioctl+0xa9/0xd0 [ 363.621784] __x64_sys_ioctl+0x73/0xb0 [ 363.625653] do_syscall_64+0x1b9/0x820 [ 363.629523] ? syscall_slow_exit_work+0x500/0x500 [ 363.634359] ? syscall_return_slowpath+0x5e0/0x5e0 [ 363.639280] ? syscall_return_slowpath+0x31d/0x5e0 [ 363.644200] ? prepare_exit_to_usermode+0x291/0x3b0 [ 363.649202] ? perf_trace_sys_enter+0xb10/0xb10 [ 363.653855] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 363.658683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 363.663854] RIP: 0033:0x455ba9 [ 363.667026] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 363.686203] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:08:27 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1400, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:27 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080520, r1}, &(0x7f0000000040)={0xfffffffffffffffc}) ptrace$getenv(0x4201, r1, 0x0, &(0x7f0000000080)) 07:08:27 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000280d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 363.693895] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 363.701146] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 363.708409] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 363.715665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 363.722917] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000033 07:08:27 executing program 1: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, r0) 07:08:27 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1f000000}, [{}]}, 0x58) [ 363.798998] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:27 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000140)=0x7fff) read(r0, &(0x7f0000000200)=""/143, 0x8f) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f000000d000), &(0x7f0000001000)=0xfea6) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105517, &(0x7f0000001000)) 07:08:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:27 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x12, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:27 executing program 3 (fault-call:8 fault-nth:52): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:27 executing program 0: r0 = socket$inet6(0xa, 0x21000000000002, 0xffffffffffffffff) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$adsp(&(0x7f0000000440)='/dev/adsp#\x00', 0x4, 0x10000) ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f0000000480)={0x87c, 0x7, 0x0, [{0x3, 0x9, 0x1f, 0x9, 0x401, 0x1f, 0x9}, {0xe6, 0x1f, 0x1, 0x45b, 0x3, 0x7, 0x4}, {0x3, 0xfff, 0x8, 0x100000000, 0xffff, 0xffffffffe2921960, 0x80}, {0x1000, 0x2, 0x80000000, 0x6, 0x5, 0x7fffffff, 0x2}, {0x0, 0xff, 0x9, 0x9, 0x9, 0xf461, 0x3}, {0x1, 0xffffffffffffffc1, 0x6, 0x3, 0x3, 0x5, 0xfffffffffffffff8}, {0x80000001, 0x13, 0x9, 0x1, 0x5, 0xfff, 0xcf7b}]}) ioctl(r0, 0x0, &(0x7f0000000340)="c2b76409aaeae2521e98c8fda60e6fdfc8295463266bad948ea4a48362b3283f45623c05383571e7349efae4258da0c1ecbbfc6664c90ba7a9193ca1b8f0ae413d63847685a35d04ebcf3d2b9b5d285e71f6ef8ffcb558c8822495dd11") r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net\x00') ioctl$sock_inet_SIOCDELRT(r2, 0x890c, &(0x7f00000002c0)={0xfff, {0x2, 0x4e24}, {0x2, 0x4e22, @multicast1=0xe0000001}, {0x2, 0x4e21, @multicast2=0xe0000002}, 0x22, 0x0, 0x9, 0x0, 0x80000000, &(0x7f0000000200)='dummy0\x00', 0x7, 0x6}) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x40482, 0x0) ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r3, 0x800455d1, &(0x7f0000000240)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r0, 0x29, 0x41, &(0x7f0000000080)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) ioctl$KVM_SMI(r2, 0xaeb7) getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000003c0), &(0x7f0000000400)=0x4) r4 = getpgrp(0x0) ioctl$PIO_FONTX(r3, 0x4b6c, &(0x7f0000000680)="422f445d7c213269a3b20c686ddbd44aa066a434fad9f337bbd10edeb5a373633711b54d0182d9bf0fa0dadfaf5b6003b970cf95a63f694c3304c9972cdb590d15278859c7ce1baa4d5a016cecddbd1c091575bca493302f3eb736cd3911fa2422b16460c4941eb371aa6507f31a05f89031adb88ef002") capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:27 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000fffff0000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:27 executing program 1: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, r0) 07:08:27 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1500}, [{}]}, 0x58) [ 363.968238] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 364.004245] FAULT_INJECTION: forcing a failure. [ 364.004245] name fail_page_alloc, interval 1, probability 0, space 0, times 0 07:08:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xb80b]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:27 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, r0) [ 364.016156] CPU: 1 PID: 24631 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 364.024560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.033913] Call Trace: [ 364.036511] dump_stack+0x1c9/0x2b4 [ 364.040150] ? dump_stack_print_info.cold.2+0x52/0x52 [ 364.045353] should_fail.cold.4+0xa/0x11 [ 364.049427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 364.054540] ? percpu_ref_tryget_live+0x15b/0x440 [ 364.059391] ? mem_cgroup_id_get_many+0x160/0x160 [ 364.064241] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 364.069073] ? lock_acquire+0x1e4/0x540 [ 364.073032] ? percpu_ref_put_many+0x119/0x240 [ 364.077598] ? lock_downgrade+0x8f0/0x8f0 [ 364.081732] ? lock_release+0xa30/0xa30 [ 364.085691] ? __kernel_text_address+0xd/0x40 [ 364.090183] ? lock_acquire+0x1e4/0x540 [ 364.094146] ? fs_reclaim_acquire+0x20/0x20 [ 364.098453] ? lock_downgrade+0x8f0/0x8f0 [ 364.102595] ? check_same_owner+0x340/0x340 [ 364.106912] ? save_stack+0x43/0xd0 [ 364.110546] ? kasan_kmalloc+0xc4/0xe0 [ 364.114425] ? rcu_note_context_switch+0x730/0x730 [ 364.119342] __alloc_pages_nodemask+0x36e/0xdb0 [ 364.123997] ? lock_downgrade+0x8f0/0x8f0 [ 364.128133] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 364.133149] ? mem_cgroup_handle_over_high+0x130/0x130 [ 364.138408] ? fs_reclaim_acquire+0x20/0x20 [ 364.142713] ? percpu_ref_put_many+0x131/0x240 [ 364.148581] ? mem_cgroup_id_get_online+0x310/0x310 [ 364.153582] ? kasan_unpoison_shadow+0x35/0x50 [ 364.158151] ? kasan_kmalloc+0xc4/0xe0 [ 364.162031] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 364.167557] alloc_pages_current+0x10c/0x210 [ 364.171953] __get_free_pages+0xc/0x40 [ 364.175824] mmu_topup_memory_caches+0x1f8/0x3a0 [ 364.180568] kvm_mmu_load+0x21/0x10e0 [ 364.184353] ? rcu_note_context_switch+0x730/0x730 [ 364.189265] ? filemap_map_pages+0xca2/0x1990 [ 364.193748] vcpu_enter_guest+0x3aa6/0x6090 [ 364.198057] ? kasan_check_write+0x14/0x20 [ 364.202289] ? __mutex_lock+0x6c4/0x1680 [ 364.206350] ? kvm_set_msr_common+0x26a0/0x26a0 [ 364.211016] ? lock_acquire+0x1e4/0x540 [ 364.214975] ? vmx_vcpu_load+0xadf/0xff0 [ 364.219024] ? trace_hardirqs_on+0x10/0x10 [ 364.223254] ? vmx_vcpu_reset+0x1040/0x1040 [ 364.227560] ? find_get_entries_tag+0x1410/0x1410 [ 364.232393] ? lock_acquire+0x1e4/0x540 [ 364.236350] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 364.241353] ? lock_release+0xa30/0xa30 [ 364.245310] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 364.250569] ? kvm_arch_dev_ioctl+0x610/0x610 [ 364.255045] ? preempt_notifier_dec+0x20/0x20 [ 364.259528] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 364.264376] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 364.269392] kvm_vcpu_ioctl+0x7b8/0x1300 [ 364.273449] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 364.279148] ? lock_acquire+0x1e4/0x540 [ 364.283115] ? __fget+0x4ac/0x740 [ 364.286552] ? lock_downgrade+0x8f0/0x8f0 [ 364.290684] ? lock_release+0xa30/0xa30 [ 364.294639] ? pid_task+0x115/0x200 [ 364.298248] ? find_vpid+0xf0/0xf0 [ 364.301784] ? __f_unlock_pos+0x19/0x20 [ 364.305741] ? __fget+0x4d5/0x740 [ 364.309190] ? ksys_dup3+0x690/0x690 [ 364.312893] ? kasan_check_write+0x14/0x20 [ 364.317113] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 364.322637] ? perf_trace_sys_exit+0x3f7/0x650 [ 364.327200] ? vfs_write+0x2f3/0x560 [ 364.330903] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 364.336598] do_vfs_ioctl+0x1de/0x1720 [ 364.340470] ? fsnotify_first_mark+0x350/0x350 [ 364.345034] ? __fsnotify_parent+0xcc/0x420 [ 364.349339] ? ioctl_preallocate+0x300/0x300 [ 364.353731] ? __fget_light+0x2f7/0x440 [ 364.357698] ? fget_raw+0x20/0x20 [ 364.361134] ? __sb_end_write+0xac/0xe0 [ 364.365096] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 364.370615] ? syscall_slow_exit_work+0x111/0x500 [ 364.375451] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 364.380106] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 364.385540] ? security_file_ioctl+0x94/0xc0 [ 364.389940] ksys_ioctl+0xa9/0xd0 [ 364.393377] __x64_sys_ioctl+0x73/0xb0 [ 364.397249] do_syscall_64+0x1b9/0x820 [ 364.401120] ? finish_task_switch+0x1d3/0x870 [ 364.405597] ? syscall_return_slowpath+0x5e0/0x5e0 [ 364.410521] ? syscall_return_slowpath+0x31d/0x5e0 [ 364.415435] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 364.420436] ? prepare_exit_to_usermode+0x291/0x3b0 [ 364.425436] ? perf_trace_sys_enter+0xb10/0xb10 [ 364.430099] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 364.434938] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 364.440110] RIP: 0033:0x455ba9 [ 364.443276] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 364.462442] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:08:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x16}, [{}]}, 0x58) 07:08:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x300000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x3]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 364.470136] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 364.477387] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 364.484646] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 364.491899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 364.499151] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000034 07:08:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000006800000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:28 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, r0) 07:08:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x400000000000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:28 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000140)=0x7fff) read(r0, &(0x7f0000000200)=""/143, 0x8f) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f000000d000), &(0x7f0000001000)=0xfea6) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105517, &(0x7f0000001000)) 07:08:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1100}, [{}]}, 0x58) 07:08:28 executing program 0: r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x2, 0x40) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x60, r1, 0x2, 0x70bd2c, 0x25dfdbfe, {0x2}, [@IPVS_CMD_ATTR_SERVICE={0x44, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast=0xffffffff}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2c}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local={0xac, 0x14, 0x14, 0xaa}}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3ff}]}, 0x60}, 0x1, 0x0, 0x0, 0x800}, 0x800) r2 = socket$inet6(0xa, 0x1000000000002, 0x3) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000006c00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x600000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:28 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r1 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r1, r0) 07:08:28 executing program 3 (fault-call:8 fault-nth:53): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x3000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 364.863885] FAULT_INJECTION: forcing a failure. [ 364.863885] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 364.875782] CPU: 1 PID: 24703 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 364.884194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 364.893548] Call Trace: [ 364.896143] dump_stack+0x1c9/0x2b4 [ 364.899778] ? dump_stack_print_info.cold.2+0x52/0x52 [ 364.904987] should_fail.cold.4+0xa/0x11 [ 364.909059] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 364.914168] ? percpu_ref_tryget_live+0x15b/0x440 [ 364.919170] ? mem_cgroup_id_get_many+0x160/0x160 [ 364.924022] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 364.928875] ? lock_acquire+0x1e4/0x540 [ 364.932856] ? percpu_ref_put_many+0x119/0x240 [ 364.937445] ? lock_downgrade+0x8f0/0x8f0 [ 364.941603] ? lock_release+0xa30/0xa30 [ 364.945581] ? __kernel_text_address+0xd/0x40 [ 364.950070] ? lock_acquire+0x1e4/0x540 [ 364.954039] ? fs_reclaim_acquire+0x20/0x20 [ 364.958347] ? lock_downgrade+0x8f0/0x8f0 [ 364.962484] ? check_same_owner+0x340/0x340 [ 364.966791] ? save_stack+0x43/0xd0 [ 364.970407] ? kasan_kmalloc+0xc4/0xe0 [ 364.974280] ? rcu_note_context_switch+0x730/0x730 [ 364.979208] __alloc_pages_nodemask+0x36e/0xdb0 [ 364.983879] ? lock_downgrade+0x8f0/0x8f0 [ 364.988018] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 364.993022] ? mem_cgroup_handle_over_high+0x130/0x130 [ 364.998281] ? fs_reclaim_acquire+0x20/0x20 [ 365.002589] ? percpu_ref_put_many+0x131/0x240 [ 365.007152] ? mem_cgroup_id_get_online+0x310/0x310 [ 365.012210] ? kasan_unpoison_shadow+0x35/0x50 [ 365.016781] ? kasan_kmalloc+0xc4/0xe0 [ 365.020660] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 365.026185] alloc_pages_current+0x10c/0x210 [ 365.030580] __get_free_pages+0xc/0x40 [ 365.034455] mmu_topup_memory_caches+0x1f8/0x3a0 [ 365.039207] kvm_mmu_load+0x21/0x10e0 [ 365.042992] ? rcu_note_context_switch+0x730/0x730 [ 365.047917] ? filemap_map_pages+0xca2/0x1990 [ 365.052397] vcpu_enter_guest+0x3aa6/0x6090 [ 365.056705] ? kasan_check_write+0x14/0x20 [ 365.060922] ? __mutex_lock+0x6c4/0x1680 [ 365.064966] ? kvm_set_msr_common+0x26a0/0x26a0 [ 365.069616] ? lock_acquire+0x1e4/0x540 [ 365.073588] ? vmx_vcpu_load+0xadf/0xff0 [ 365.077634] ? trace_hardirqs_on+0x10/0x10 [ 365.081850] ? vmx_vcpu_reset+0x1040/0x1040 [ 365.086155] ? find_get_entries_tag+0x1410/0x1410 [ 365.090987] ? lock_acquire+0x1e4/0x540 [ 365.094945] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 365.099945] ? lock_release+0xa30/0xa30 [ 365.103901] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 365.109162] ? kvm_arch_dev_ioctl+0x610/0x610 [ 365.113639] ? preempt_notifier_dec+0x20/0x20 [ 365.118119] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 365.122943] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 365.127945] kvm_vcpu_ioctl+0x7b8/0x1300 [ 365.132002] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 365.137715] ? lock_acquire+0x1e4/0x540 [ 365.141682] ? __fget+0x4ac/0x740 [ 365.145131] ? lock_downgrade+0x8f0/0x8f0 [ 365.149263] ? lock_release+0xa30/0xa30 [ 365.153219] ? pid_task+0x115/0x200 [ 365.156829] ? find_vpid+0xf0/0xf0 [ 365.160515] ? __f_unlock_pos+0x19/0x20 [ 365.164471] ? __fget+0x4d5/0x740 [ 365.167907] ? ksys_dup3+0x690/0x690 [ 365.171607] ? kasan_check_write+0x14/0x20 [ 365.175825] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 365.180734] ? fsnotify+0xbac/0x14e0 [ 365.184441] ? vfs_write+0x2f3/0x560 [ 365.188140] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 365.193842] do_vfs_ioctl+0x1de/0x1720 [ 365.197712] ? fsnotify_first_mark+0x350/0x350 [ 365.202275] ? __fsnotify_parent+0xcc/0x420 [ 365.206579] ? ioctl_preallocate+0x300/0x300 [ 365.210968] ? __fget_light+0x2f7/0x440 [ 365.214926] ? fget_raw+0x20/0x20 [ 365.218362] ? __sb_end_write+0xac/0xe0 [ 365.222319] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 365.227852] ? fput+0x130/0x1a0 [ 365.231114] ? ksys_write+0x1ae/0x260 [ 365.234898] ? security_file_ioctl+0x94/0xc0 [ 365.239302] ksys_ioctl+0xa9/0xd0 [ 365.242749] __x64_sys_ioctl+0x73/0xb0 [ 365.246620] do_syscall_64+0x1b9/0x820 [ 365.250490] ? finish_task_switch+0x1d3/0x870 [ 365.254967] ? syscall_return_slowpath+0x5e0/0x5e0 [ 365.259880] ? syscall_return_slowpath+0x31d/0x5e0 [ 365.264813] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 365.269824] ? prepare_exit_to_usermode+0x291/0x3b0 [ 365.274823] ? perf_trace_sys_enter+0xb10/0xb10 [ 365.279476] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.284303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.289486] RIP: 0033:0x455ba9 [ 365.292652] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:28 executing program 1: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:28 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000004003000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:28 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x14000000, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x300}, [{}]}, 0x58) [ 365.311821] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 365.319511] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 365.326763] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 365.334020] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 365.341283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 365.348532] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000035 07:08:29 executing program 3 (fault-call:8 fault-nth:54): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000030d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 365.469723] FAULT_INJECTION: forcing a failure. [ 365.469723] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 365.481612] CPU: 1 PID: 24737 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 365.490019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 365.499370] Call Trace: [ 365.501968] dump_stack+0x1c9/0x2b4 [ 365.505610] ? dump_stack_print_info.cold.2+0x52/0x52 [ 365.510816] should_fail.cold.4+0xa/0x11 [ 365.514886] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 365.519995] ? percpu_ref_tryget_live+0x15b/0x440 [ 365.524847] ? mem_cgroup_id_get_many+0x160/0x160 [ 365.529695] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 365.534550] ? lock_acquire+0x1e4/0x540 [ 365.538534] ? percpu_ref_put_many+0x119/0x240 [ 365.543125] ? lock_downgrade+0x8f0/0x8f0 [ 365.547276] ? lock_release+0xa30/0xa30 [ 365.551256] ? __kernel_text_address+0xd/0x40 [ 365.555769] ? lock_acquire+0x1e4/0x540 [ 365.559757] ? fs_reclaim_acquire+0x20/0x20 [ 365.564094] ? lock_downgrade+0x8f0/0x8f0 [ 365.568253] ? check_same_owner+0x340/0x340 [ 365.572582] ? save_stack+0x43/0xd0 [ 365.576225] ? kasan_kmalloc+0xc4/0xe0 [ 365.580122] ? rcu_note_context_switch+0x730/0x730 [ 365.585078] __alloc_pages_nodemask+0x36e/0xdb0 [ 365.589762] ? lock_downgrade+0x8f0/0x8f0 [ 365.593920] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 365.598936] ? mem_cgroup_handle_over_high+0x130/0x130 [ 365.604197] ? fs_reclaim_acquire+0x20/0x20 [ 365.608508] ? lock_downgrade+0x8f0/0x8f0 [ 365.612653] ? percpu_ref_put_many+0x131/0x240 [ 365.617220] ? mem_cgroup_id_get_online+0x310/0x310 [ 365.622236] ? kasan_unpoison_shadow+0x35/0x50 [ 365.626802] ? kasan_kmalloc+0xc4/0xe0 [ 365.630691] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 365.636216] alloc_pages_current+0x10c/0x210 [ 365.640608] __get_free_pages+0xc/0x40 [ 365.644487] mmu_topup_memory_caches+0x1f8/0x3a0 [ 365.649231] kvm_mmu_load+0x21/0x10e0 [ 365.653020] ? vcpu_enter_guest+0x145b/0x6090 [ 365.657514] vcpu_enter_guest+0x3aa6/0x6090 [ 365.661835] ? kasan_check_write+0x14/0x20 [ 365.666072] ? __mutex_lock+0x6c4/0x1680 07:08:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) clock_settime(0x0, &(0x7f0000000040)={r1, r2+30000000}) 07:08:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x4}, [{}]}, 0x58) [ 365.670133] ? kvm_set_msr_common+0x26a0/0x26a0 [ 365.674809] ? lock_acquire+0x1e4/0x540 [ 365.678804] ? vmx_vcpu_load+0xadf/0xff0 [ 365.682868] ? trace_hardirqs_on+0x10/0x10 [ 365.687102] ? vmx_vcpu_reset+0x1040/0x1040 [ 365.691426] ? find_get_entries_tag+0x1410/0x1410 [ 365.696281] ? lock_acquire+0x1e4/0x540 [ 365.700257] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 365.705269] ? lock_release+0xa30/0xa30 [ 365.709228] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 365.714492] ? kvm_arch_dev_ioctl+0x610/0x610 [ 365.718971] ? preempt_notifier_dec+0x20/0x20 [ 365.723454] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 365.728283] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 365.733293] kvm_vcpu_ioctl+0x7b8/0x1300 [ 365.737352] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 365.743051] ? lock_acquire+0x1e4/0x540 [ 365.747008] ? __fget+0x4ac/0x740 [ 365.750451] ? lock_downgrade+0x8f0/0x8f0 [ 365.754584] ? lock_release+0xa30/0xa30 [ 365.758541] ? pid_task+0x115/0x200 [ 365.762151] ? find_vpid+0xf0/0xf0 [ 365.765674] ? __f_unlock_pos+0x19/0x20 [ 365.769632] ? __fget+0x4d5/0x740 [ 365.773067] ? ksys_dup3+0x690/0x690 [ 365.776769] ? kasan_check_write+0x14/0x20 [ 365.780988] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 365.786510] ? perf_trace_sys_exit+0x3f7/0x650 [ 365.791075] ? vfs_write+0x2f3/0x560 [ 365.794774] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 365.800467] do_vfs_ioctl+0x1de/0x1720 [ 365.804337] ? fsnotify_first_mark+0x350/0x350 [ 365.808900] ? __fsnotify_parent+0xcc/0x420 [ 365.813217] ? ioctl_preallocate+0x300/0x300 [ 365.817608] ? __fget_light+0x2f7/0x440 [ 365.821565] ? fget_raw+0x20/0x20 [ 365.825019] ? __sb_end_write+0xac/0xe0 [ 365.828981] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 365.834502] ? syscall_slow_exit_work+0x111/0x500 [ 365.839326] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 365.843978] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 365.849412] ? security_file_ioctl+0x94/0xc0 [ 365.853802] ksys_ioctl+0xa9/0xd0 [ 365.857238] __x64_sys_ioctl+0x73/0xb0 [ 365.861110] do_syscall_64+0x1b9/0x820 [ 365.864978] ? finish_task_switch+0x1d3/0x870 [ 365.869455] ? syscall_return_slowpath+0x5e0/0x5e0 [ 365.874380] ? syscall_return_slowpath+0x31d/0x5e0 [ 365.879292] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 365.884293] ? prepare_exit_to_usermode+0x291/0x3b0 [ 365.889291] ? perf_trace_sys_enter+0xb10/0xb10 [ 365.893942] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 365.898771] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 365.903941] RIP: 0033:0x455ba9 07:08:29 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = dup(r0) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000200)={0x81, 0x7, 0x2000}, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x41, 0x0) getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r3, 0x84, 0x12, &(0x7f0000000100), &(0x7f00000001c0)=0x4) capget(&(0x7f0000000080)={0x20080522, r2}, &(0x7f0000000040)) r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x48000, 0x0) ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x400, 0x3f, 0x0, 0x5, 0x16, 0x10, "0fc15e4f892f561d83a39da4d27469d975f74160ccb5d8eb84afd53739dd9b25d754e623980ebf21b23bf69bc9477b3fed1ba9b1119b27071a3d40d6b934d808", "5a5abcbdcfc832f0edc7716cd056829ccf64200212f93d8de33d908e62934dbe804a4ea45b0af46224fa7e74290519cb5c7405e5da7951b6c5cb1ec943d525a3", "8f98ff5e855635ba416c2a33919e7d49a93153f81ab6a2f505dea61835fb3bdb", [0x6, 0x30d3b97]}) 07:08:29 executing program 1: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x600]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000017e0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:29 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0xffffff7f, 0x0, 0x0, 0x20}, [{}]}, 0x58) [ 365.907111] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 365.926291] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 365.933992] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 365.941247] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 365.948496] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 365.955758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 365.963012] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000036 07:08:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x4000000}, [{}]}, 0x58) 07:08:29 executing program 3 (fault-call:8 fault-nth:55): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000) write$vnet(r1, &(0x7f00000018c0)={0x1, {&(0x7f0000001640)=""/211, 0xd3, &(0x7f0000001800)=""/130, 0x0, 0x2}}, 0x68) [ 366.018784] nla_parse: 4 callbacks suppressed [ 366.018792] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x5000000}, [{}]}, 0x58) 07:08:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x300]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:29 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x1500, 0x0, 0x0, 0x20}, [{}]}, 0x58) 07:08:29 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:29 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000010d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:29 executing program 1: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:29 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfe80]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 366.187667] FAULT_INJECTION: forcing a failure. [ 366.187667] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 366.188953] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 366.199553] CPU: 1 PID: 24787 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 366.216318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.225667] Call Trace: [ 366.228267] dump_stack+0x1c9/0x2b4 [ 366.231902] ? dump_stack_print_info.cold.2+0x52/0x52 [ 366.237102] should_fail.cold.4+0xa/0x11 [ 366.241171] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 366.246281] ? percpu_ref_tryget_live+0x15b/0x440 [ 366.251131] ? mem_cgroup_id_get_many+0x160/0x160 [ 366.255986] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 366.260839] ? lock_acquire+0x1e4/0x540 [ 366.264807] ? percpu_ref_put_many+0x119/0x240 [ 366.269381] ? lock_downgrade+0x8f0/0x8f0 [ 366.273517] ? lock_release+0xa30/0xa30 [ 366.277479] ? __kernel_text_address+0xd/0x40 [ 366.281962] ? lock_acquire+0x1e4/0x540 [ 366.285920] ? fs_reclaim_acquire+0x20/0x20 [ 366.290228] ? lock_downgrade+0x8f0/0x8f0 [ 366.294361] ? check_same_owner+0x340/0x340 [ 366.298665] ? save_stack+0x43/0xd0 [ 366.302277] ? kasan_kmalloc+0xc4/0xe0 [ 366.306146] ? rcu_note_context_switch+0x730/0x730 [ 366.311063] __alloc_pages_nodemask+0x36e/0xdb0 [ 366.315717] ? lock_downgrade+0x8f0/0x8f0 [ 366.319851] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 366.324851] ? mem_cgroup_handle_over_high+0x130/0x130 [ 366.330109] ? fs_reclaim_acquire+0x20/0x20 [ 366.334415] ? lock_downgrade+0x8f0/0x8f0 [ 366.338548] ? percpu_ref_put_many+0x131/0x240 [ 366.343114] ? mem_cgroup_id_get_online+0x310/0x310 [ 366.348125] ? kasan_unpoison_shadow+0x35/0x50 [ 366.352706] ? kasan_kmalloc+0xc4/0xe0 [ 366.356582] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 366.362104] alloc_pages_current+0x10c/0x210 [ 366.366495] __get_free_pages+0xc/0x40 [ 366.370368] mmu_topup_memory_caches+0x1f8/0x3a0 [ 366.375114] kvm_mmu_load+0x21/0x10e0 [ 366.378908] ? rcu_note_context_switch+0x730/0x730 [ 366.383820] ? filemap_map_pages+0xca2/0x1990 [ 366.388317] vcpu_enter_guest+0x3aa6/0x6090 [ 366.392643] ? kasan_check_write+0x14/0x20 [ 366.396863] ? __mutex_lock+0x6c4/0x1680 [ 366.400910] ? kvm_set_msr_common+0x26a0/0x26a0 [ 366.405563] ? lock_acquire+0x1e4/0x540 [ 366.409522] ? vmx_vcpu_load+0xadf/0xff0 [ 366.413565] ? trace_hardirqs_on+0x10/0x10 [ 366.417792] ? vmx_vcpu_reset+0x1040/0x1040 [ 366.422098] ? find_get_entries_tag+0x1410/0x1410 [ 366.426930] ? lock_acquire+0x1e4/0x540 [ 366.430886] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 366.435886] ? lock_release+0xa30/0xa30 [ 366.439843] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 366.445121] ? kvm_arch_dev_ioctl+0x610/0x610 [ 366.449615] ? preempt_notifier_dec+0x20/0x20 [ 366.454096] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 366.458923] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 366.463966] kvm_vcpu_ioctl+0x7b8/0x1300 [ 366.468018] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 366.473719] ? lock_acquire+0x1e4/0x540 [ 366.477693] ? __fget+0x4ac/0x740 [ 366.481128] ? lock_downgrade+0x8f0/0x8f0 [ 366.485261] ? lock_release+0xa30/0xa30 [ 366.489221] ? pid_task+0x115/0x200 [ 366.492831] ? find_vpid+0xf0/0xf0 [ 366.496355] ? __f_unlock_pos+0x19/0x20 [ 366.500311] ? __fget+0x4d5/0x740 [ 366.503751] ? ksys_dup3+0x690/0x690 [ 366.507450] ? kasan_check_write+0x14/0x20 [ 366.511672] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 366.516594] ? fsnotify+0xbac/0x14e0 [ 366.520297] ? vfs_write+0x2f3/0x560 [ 366.523996] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 366.529704] do_vfs_ioctl+0x1de/0x1720 [ 366.533574] ? fsnotify_first_mark+0x350/0x350 [ 366.538146] ? __fsnotify_parent+0xcc/0x420 [ 366.542465] ? ioctl_preallocate+0x300/0x300 [ 366.546854] ? __fget_light+0x2f7/0x440 [ 366.550810] ? fget_raw+0x20/0x20 [ 366.554254] ? __sb_end_write+0xac/0xe0 [ 366.558215] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 366.563734] ? fput+0x130/0x1a0 [ 366.566996] ? ksys_write+0x1ae/0x260 [ 366.570784] ? security_file_ioctl+0x94/0xc0 [ 366.575186] ksys_ioctl+0xa9/0xd0 [ 366.578627] __x64_sys_ioctl+0x73/0xb0 [ 366.582501] do_syscall_64+0x1b9/0x820 [ 366.586370] ? finish_task_switch+0x1d3/0x870 [ 366.590983] ? syscall_return_slowpath+0x5e0/0x5e0 [ 366.595910] ? syscall_return_slowpath+0x31d/0x5e0 [ 366.600823] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 366.605836] ? prepare_exit_to_usermode+0x291/0x3b0 [ 366.610863] ? perf_trace_sys_enter+0xb10/0xb10 [ 366.615520] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 366.620356] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 366.625527] RIP: 0033:0x455ba9 [ 366.628705] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 366.647873] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 366.655573] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 366.662824] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 366.670995] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 366.678248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 07:08:30 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:30 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x2}, [{}]}, 0x58) 07:08:30 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1400, 0x0, 0x20}, [{}]}, 0x58) [ 366.685501] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000037 07:08:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x700]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 366.726444] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:30 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000007e0100000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:30 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1500000000000000}, [{}]}, 0x58) 07:08:30 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)) getpid() r1 = fcntl$getown(r0, 0x9) r2 = getpgrp(r1) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000100)={0xffffffff}, 0x111, 0x1005}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f00000002c0)={0x14, 0x88, 0xfa00, {r4, 0x0, 0x0, @in6={0xa, 0x4e20, 0xfa, @dev={0xfe, 0x80, [], 0x1d}, 0x6}}}, 0x90) [ 366.769812] REISERFS (device loop5): using ordered data mode [ 366.775706] reiserfs: using flush barriers [ 366.802085] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:30 executing program 3 (fault-call:8 fault-nth:56): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:30 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x300, 0x0, 0x20}, [{}]}, 0x58) 07:08:30 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf401000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:30 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000680d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:30 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x12000000}, [{}]}, 0x58) [ 366.843699] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 366.873627] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:30 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:30 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r0}, &(0x7f0000000040)) 07:08:30 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x12, 0x0, 0x20}, [{}]}, 0x58) [ 366.951463] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 366.960952] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 366.994899] FAULT_INJECTION: forcing a failure. [ 366.994899] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 367.006798] CPU: 0 PID: 24875 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 367.015221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.024575] Call Trace: [ 367.027159] dump_stack+0x1c9/0x2b4 [ 367.030777] ? dump_stack_print_info.cold.2+0x52/0x52 [ 367.035958] should_fail.cold.4+0xa/0x11 [ 367.040006] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 367.045096] ? percpu_ref_tryget_live+0x15b/0x440 [ 367.049944] ? mem_cgroup_id_get_many+0x160/0x160 [ 367.054769] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 367.059598] ? lock_acquire+0x1e4/0x540 [ 367.063554] ? percpu_ref_put_many+0x119/0x240 [ 367.068126] ? lock_downgrade+0x8f0/0x8f0 [ 367.072271] ? lock_release+0xa30/0xa30 [ 367.076233] ? __kernel_text_address+0xd/0x40 [ 367.080714] ? lock_acquire+0x1e4/0x540 [ 367.084673] ? fs_reclaim_acquire+0x20/0x20 [ 367.088980] ? lock_downgrade+0x8f0/0x8f0 [ 367.093112] ? check_same_owner+0x340/0x340 [ 367.097421] ? save_stack+0x43/0xd0 [ 367.101032] ? kasan_kmalloc+0xc4/0xe0 [ 367.104905] ? rcu_note_context_switch+0x730/0x730 [ 367.109821] __alloc_pages_nodemask+0x36e/0xdb0 [ 367.114473] ? lock_downgrade+0x8f0/0x8f0 [ 367.118607] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 367.123609] ? mem_cgroup_handle_over_high+0x130/0x130 [ 367.128871] ? fs_reclaim_acquire+0x20/0x20 [ 367.133193] ? percpu_ref_put_many+0x131/0x240 [ 367.137761] ? mem_cgroup_id_get_online+0x310/0x310 [ 367.142762] ? kasan_unpoison_shadow+0x35/0x50 [ 367.147326] ? kasan_kmalloc+0xc4/0xe0 [ 367.151201] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 367.156733] alloc_pages_current+0x10c/0x210 [ 367.161132] __get_free_pages+0xc/0x40 [ 367.165005] mmu_topup_memory_caches+0x1f8/0x3a0 [ 367.169752] kvm_mmu_load+0x21/0x10e0 [ 367.173536] ? rcu_note_context_switch+0x730/0x730 [ 367.178448] ? filemap_map_pages+0xca2/0x1990 [ 367.182929] vcpu_enter_guest+0x3aa6/0x6090 [ 367.187236] ? kasan_check_write+0x14/0x20 [ 367.191455] ? __mutex_lock+0x6c4/0x1680 [ 367.195503] ? kvm_set_msr_common+0x26a0/0x26a0 [ 367.200154] ? lock_acquire+0x1e4/0x540 [ 367.204137] ? vmx_vcpu_load+0xadf/0xff0 [ 367.208183] ? trace_hardirqs_on+0x10/0x10 [ 367.212402] ? vmx_vcpu_reset+0x1040/0x1040 [ 367.216707] ? find_get_entries_tag+0x1410/0x1410 [ 367.221541] ? lock_acquire+0x1e4/0x540 [ 367.225512] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 367.230524] ? lock_release+0xa30/0xa30 [ 367.234485] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 367.239747] ? kvm_arch_dev_ioctl+0x610/0x610 [ 367.244224] ? preempt_notifier_dec+0x20/0x20 [ 367.248704] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 367.253539] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 367.258543] kvm_vcpu_ioctl+0x7b8/0x1300 [ 367.262590] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 367.268291] ? lock_acquire+0x1e4/0x540 [ 367.272258] ? __fget+0x4ac/0x740 [ 367.275694] ? lock_downgrade+0x8f0/0x8f0 [ 367.279825] ? lock_release+0xa30/0xa30 [ 367.283794] ? pid_task+0x115/0x200 [ 367.287403] ? find_vpid+0xf0/0xf0 [ 367.290926] ? __f_unlock_pos+0x19/0x20 [ 367.294883] ? __fget+0x4d5/0x740 [ 367.298319] ? ksys_dup3+0x690/0x690 [ 367.302023] ? kasan_check_write+0x14/0x20 [ 367.306241] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 367.311154] ? fsnotify+0xbac/0x14e0 [ 367.314864] ? vfs_write+0x2f3/0x560 [ 367.318564] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 367.324255] do_vfs_ioctl+0x1de/0x1720 [ 367.328129] ? fsnotify_first_mark+0x350/0x350 [ 367.332691] ? __fsnotify_parent+0xcc/0x420 [ 367.336995] ? ioctl_preallocate+0x300/0x300 [ 367.341385] ? __fget_light+0x2f7/0x440 [ 367.345340] ? fget_raw+0x20/0x20 [ 367.348776] ? __sb_end_write+0xac/0xe0 [ 367.352735] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 367.358253] ? fput+0x130/0x1a0 [ 367.361516] ? ksys_write+0x1ae/0x260 [ 367.365312] ? security_file_ioctl+0x94/0xc0 [ 367.369718] ksys_ioctl+0xa9/0xd0 [ 367.373156] __x64_sys_ioctl+0x73/0xb0 [ 367.377028] do_syscall_64+0x1b9/0x820 [ 367.380902] ? syscall_return_slowpath+0x5e0/0x5e0 [ 367.385814] ? syscall_return_slowpath+0x31d/0x5e0 [ 367.390727] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 367.395726] ? prepare_exit_to_usermode+0x291/0x3b0 [ 367.400726] ? perf_trace_sys_enter+0xb10/0xb10 [ 367.405391] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 367.410218] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 367.415388] RIP: 0033:0x455ba9 [ 367.418573] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 367.437739] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 367.446473] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 367.453725] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 367.460991] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 367.468254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 367.475503] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000038 [ 367.488396] REISERFS (device loop5): using ordered data mode 07:08:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xa00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 367.494294] reiserfs: using flush barriers [ 367.510796] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000004800000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:31 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x11000000}, [{}]}, 0x58) 07:08:31 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) capget(&(0x7f0000000080)={0x19980330, r1}, &(0x7f00000000c0)={0x9, 0xff, 0x8000, 0x9, 0x8001}) [ 367.558957] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:31 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x100000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:31 executing program 3 (fault-call:8 fault-nth:57): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xfec0000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:31 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) [ 367.639495] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 367.700437] FAULT_INJECTION: forcing a failure. [ 367.700437] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 367.701097] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 367.712375] CPU: 0 PID: 24912 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 367.712392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.722447] REISERFS (device loop5): using ordered data mode [ 367.729170] Call Trace: [ 367.729199] dump_stack+0x1c9/0x2b4 [ 367.729219] ? dump_stack_print_info.cold.2+0x52/0x52 [ 367.729240] should_fail.cold.4+0xa/0x11 [ 367.729260] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 367.738621] reiserfs: using flush barriers [ 367.744398] ? percpu_ref_tryget_live+0x15b/0x440 [ 367.744412] ? mem_cgroup_id_get_many+0x160/0x160 [ 367.744428] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 367.783619] ? lock_acquire+0x1e4/0x540 [ 367.787596] ? percpu_ref_put_many+0x119/0x240 [ 367.792185] ? lock_downgrade+0x8f0/0x8f0 [ 367.792445] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 367.796332] ? lock_release+0xa30/0xa30 [ 367.796349] ? __kernel_text_address+0xd/0x40 [ 367.796367] ? lock_acquire+0x1e4/0x540 [ 367.796384] ? fs_reclaim_acquire+0x20/0x20 [ 367.821928] ? lock_downgrade+0x8f0/0x8f0 [ 367.826090] ? check_same_owner+0x340/0x340 [ 367.830407] ? save_stack+0x43/0xd0 [ 367.834020] ? kasan_kmalloc+0xc4/0xe0 [ 367.837891] ? rcu_note_context_switch+0x730/0x730 [ 367.842811] __alloc_pages_nodemask+0x36e/0xdb0 [ 367.847465] ? lock_downgrade+0x8f0/0x8f0 [ 367.851598] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 367.856599] ? mem_cgroup_handle_over_high+0x130/0x130 [ 367.861859] ? fs_reclaim_acquire+0x20/0x20 [ 367.866177] ? percpu_ref_put_many+0x131/0x240 [ 367.870744] ? mem_cgroup_id_get_online+0x310/0x310 [ 367.876179] ? kasan_unpoison_shadow+0x35/0x50 [ 367.880746] ? kasan_kmalloc+0xc4/0xe0 [ 367.884620] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 367.890142] alloc_pages_current+0x10c/0x210 [ 367.894534] __get_free_pages+0xc/0x40 [ 367.898405] mmu_topup_memory_caches+0x1f8/0x3a0 [ 367.903147] kvm_mmu_load+0x21/0x10e0 [ 367.906930] ? rcu_note_context_switch+0x730/0x730 [ 367.911845] ? filemap_map_pages+0xca2/0x1990 [ 367.916329] vcpu_enter_guest+0x3aa6/0x6090 [ 367.920636] ? kasan_check_write+0x14/0x20 [ 367.924866] ? __mutex_lock+0x6c4/0x1680 [ 367.928912] ? kvm_set_msr_common+0x26a0/0x26a0 [ 367.933567] ? vmx_vcpu_load+0xadf/0xff0 [ 367.937612] ? trace_hardirqs_on+0x10/0x10 [ 367.941830] ? vmx_vcpu_reset+0x1040/0x1040 [ 367.946145] ? find_get_entries_tag+0x1410/0x1410 [ 367.950973] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 367.956494] ? __perf_event_task_sched_out+0x2f0/0x1a60 [ 367.961851] ? lock_acquire+0x1e4/0x540 [ 367.965812] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 367.970813] ? lock_release+0xa30/0xa30 [ 367.974769] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 367.980030] ? kvm_arch_dev_ioctl+0x610/0x610 [ 367.984512] ? preempt_notifier_dec+0x20/0x20 [ 367.988996] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 367.993845] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 367.998849] kvm_vcpu_ioctl+0x7b8/0x1300 [ 368.002894] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 368.008592] ? lock_acquire+0x1e4/0x540 [ 368.012549] ? __fget+0x4ac/0x740 [ 368.015985] ? lock_downgrade+0x8f0/0x8f0 [ 368.020120] ? lock_release+0xa30/0xa30 [ 368.024078] ? pid_task+0x115/0x200 [ 368.027689] ? find_vpid+0xf0/0xf0 [ 368.031214] ? __f_unlock_pos+0x19/0x20 [ 368.035182] ? __fget+0x4d5/0x740 [ 368.038621] ? ksys_dup3+0x690/0x690 [ 368.042328] ? kasan_check_write+0x14/0x20 [ 368.046548] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 368.051474] ? fsnotify+0xbac/0x14e0 [ 368.055192] ? vfs_write+0x2f3/0x560 [ 368.058891] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 368.064583] do_vfs_ioctl+0x1de/0x1720 [ 368.068454] ? fsnotify_first_mark+0x350/0x350 [ 368.073042] ? __fsnotify_parent+0xcc/0x420 [ 368.077358] ? ioctl_preallocate+0x300/0x300 [ 368.081867] ? __fget_light+0x2f7/0x440 [ 368.085826] ? fget_raw+0x20/0x20 [ 368.089266] ? __sb_end_write+0xac/0xe0 [ 368.093229] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 368.098757] ? fput+0x130/0x1a0 [ 368.102025] ? ksys_write+0x1ae/0x260 [ 368.105815] ? security_file_ioctl+0x94/0xc0 [ 368.110206] ksys_ioctl+0xa9/0xd0 [ 368.113644] __x64_sys_ioctl+0x73/0xb0 [ 368.117531] do_syscall_64+0x1b9/0x820 [ 368.121402] ? finish_task_switch+0x1d3/0x870 [ 368.125879] ? syscall_return_slowpath+0x5e0/0x5e0 [ 368.130796] ? syscall_return_slowpath+0x31d/0x5e0 [ 368.135706] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 368.140706] ? prepare_exit_to_usermode+0x291/0x3b0 [ 368.145706] ? perf_trace_sys_enter+0xb10/0xb10 [ 368.150360] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.155187] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.160367] RIP: 0033:0x455ba9 [ 368.163536] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.182704] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 368.190403] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 07:08:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x9000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x11000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:31 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) shutdown(r0, 0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:31 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x5000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:31 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x14000000}, [{}]}, 0x58) 07:08:31 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1f00000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:31 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 368.197655] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 368.204918] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 368.212169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 368.219419] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000039 [ 368.232585] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:31 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000480000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xff000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:32 executing program 3 (fault-call:8 fault-nth:58): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:32 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f00000000c0)={@mcast2, 0x0}, &(0x7f0000000100)=0x14) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000001c0)={r2, @empty, @multicast2=0xe0000002}, 0xc) 07:08:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1400}, [{}]}, 0x58) 07:08:32 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 368.351202] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:32 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x16000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000680000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xf401]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 368.475301] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 368.482289] FAULT_INJECTION: forcing a failure. [ 368.482289] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 368.495626] CPU: 1 PID: 24977 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 368.499256] REISERFS (device loop5): using ordered data mode [ 368.504025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 368.504031] Call Trace: [ 368.504060] dump_stack+0x1c9/0x2b4 [ 368.504085] ? dump_stack_print_info.cold.2+0x52/0x52 [ 368.509870] reiserfs: using flush barriers [ 368.519216] should_fail.cold.4+0xa/0x11 [ 368.519235] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 368.519255] ? percpu_ref_tryget_live+0x15b/0x440 [ 368.524144] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 368.525437] ? mem_cgroup_id_get_many+0x160/0x160 [ 368.525452] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 368.525476] ? lock_acquire+0x1e4/0x540 [ 368.571199] ? percpu_ref_put_many+0x119/0x240 [ 368.575767] ? lock_downgrade+0x8f0/0x8f0 [ 368.579900] ? lock_release+0xa30/0xa30 [ 368.583858] ? __kernel_text_address+0xd/0x40 [ 368.588341] ? lock_acquire+0x1e4/0x540 [ 368.592299] ? fs_reclaim_acquire+0x20/0x20 [ 368.596614] ? lock_downgrade+0x8f0/0x8f0 [ 368.600748] ? check_same_owner+0x340/0x340 [ 368.605052] ? save_stack+0x43/0xd0 [ 368.608660] ? kasan_kmalloc+0xc4/0xe0 [ 368.612530] ? rcu_note_context_switch+0x730/0x730 [ 368.617445] __alloc_pages_nodemask+0x36e/0xdb0 [ 368.622099] ? lock_downgrade+0x8f0/0x8f0 [ 368.626245] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 368.631245] ? mem_cgroup_handle_over_high+0x130/0x130 [ 368.636502] ? fs_reclaim_acquire+0x20/0x20 [ 368.640808] ? percpu_ref_put_many+0x131/0x240 [ 368.645372] ? mem_cgroup_id_get_online+0x310/0x310 [ 368.650372] ? kasan_unpoison_shadow+0x35/0x50 [ 368.654939] ? kasan_kmalloc+0xc4/0xe0 [ 368.658826] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 368.664348] alloc_pages_current+0x10c/0x210 [ 368.668742] __get_free_pages+0xc/0x40 [ 368.673166] mmu_topup_memory_caches+0x1f8/0x3a0 [ 368.677910] kvm_mmu_load+0x21/0x10e0 [ 368.681693] ? kvm_cpu_has_injectable_intr+0x11/0x1f0 [ 368.686867] ? write_comp_data+0x70/0x70 [ 368.690914] vcpu_enter_guest+0x3aa6/0x6090 [ 368.695221] ? kasan_check_write+0x14/0x20 [ 368.699453] ? __mutex_lock+0x6c4/0x1680 [ 368.703509] ? kvm_set_msr_common+0x26a0/0x26a0 [ 368.708161] ? lock_acquire+0x1e4/0x540 [ 368.712122] ? vmx_vcpu_load+0xadf/0xff0 [ 368.716176] ? trace_hardirqs_on+0x10/0x10 [ 368.720399] ? vmx_vcpu_reset+0x1040/0x1040 [ 368.724707] ? find_get_entries_tag+0x1410/0x1410 [ 368.729539] ? lock_acquire+0x1e4/0x540 [ 368.733509] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 368.738512] ? lock_release+0xa30/0xa30 [ 368.742487] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 368.747748] ? kvm_arch_dev_ioctl+0x610/0x610 [ 368.752226] ? preempt_notifier_dec+0x20/0x20 [ 368.756706] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 368.761530] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 368.766535] kvm_vcpu_ioctl+0x7b8/0x1300 [ 368.770581] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 368.776278] ? lock_acquire+0x1e4/0x540 [ 368.780234] ? __fget+0x4ac/0x740 [ 368.783672] ? lock_downgrade+0x8f0/0x8f0 [ 368.787814] ? lock_release+0xa30/0xa30 [ 368.791772] ? pid_task+0x115/0x200 [ 368.795381] ? find_vpid+0xf0/0xf0 [ 368.798916] ? __f_unlock_pos+0x19/0x20 [ 368.802875] ? __fget+0x4d5/0x740 [ 368.806313] ? ksys_dup3+0x690/0x690 [ 368.810021] ? kasan_check_write+0x14/0x20 [ 368.814241] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 368.819166] ? fsnotify+0xbac/0x14e0 [ 368.822860] ? vfs_write+0x2f3/0x560 [ 368.826561] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 368.832252] do_vfs_ioctl+0x1de/0x1720 [ 368.836120] ? fsnotify_first_mark+0x350/0x350 [ 368.840696] ? __fsnotify_parent+0xcc/0x420 [ 368.845003] ? ioctl_preallocate+0x300/0x300 [ 368.849401] ? __fget_light+0x2f7/0x440 [ 368.853357] ? fget_raw+0x20/0x20 [ 368.856793] ? __sb_end_write+0xac/0xe0 [ 368.860764] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 368.866282] ? fput+0x130/0x1a0 [ 368.869546] ? ksys_write+0x1ae/0x260 [ 368.873332] ? security_file_ioctl+0x94/0xc0 [ 368.877739] ksys_ioctl+0xa9/0xd0 [ 368.881176] __x64_sys_ioctl+0x73/0xb0 [ 368.885047] do_syscall_64+0x1b9/0x820 [ 368.888920] ? finish_task_switch+0x1d3/0x870 [ 368.893401] ? syscall_return_slowpath+0x5e0/0x5e0 [ 368.898324] ? syscall_return_slowpath+0x31d/0x5e0 [ 368.903237] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 368.908237] ? prepare_exit_to_usermode+0x291/0x3b0 [ 368.913236] ? perf_trace_sys_enter+0xb10/0xb10 [ 368.917891] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 368.922733] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 368.927902] RIP: 0033:0x455ba9 [ 368.931072] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 368.950233] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 368.957922] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 368.965185] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 07:08:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x12}, [{}]}, 0x58) 07:08:32 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x400000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 368.972434] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 368.979687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 368.986951] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000003a 07:08:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x300000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x200000000000000}, [{}]}, 0x58) 07:08:32 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x15000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 369.055367] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:32 executing program 3 (fault-call:8 fault-nth:59): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000002800000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1200}, [{}]}, 0x58) 07:08:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 369.182421] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:32 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:32 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0xe00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:32 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x3f000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:32 executing program 0: r0 = socket$inet6(0xa, 0x1000000000005, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x800) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000100)={0x10, 0x0, &(0x7f00000000c0)=[@increfs={0x40046304, 0x3}, @release={0x40046306, 0x1}], 0x5f, 0x0, &(0x7f00000001c0)="5301ef883aec88c6ff75fe056ca78832b904facd0ef8596288e6ec552d73c075d9832c3541c1bc3263f0c182aecffdaae3d91cfeac3cf3a815067ef5ce1106ad24a626a7e43bab3fb83dad591026a02b6e4fb72c5838964a44847ce3227f3e"}) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:32 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000340000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:32 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x14}, [{}]}, 0x58) [ 369.227315] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:33 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x2, 0x0, 0x20}, [{}]}, 0x58) 07:08:33 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 369.298422] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 369.334495] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:33 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:33 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000017e00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 369.382875] REISERFS (device loop5): using ordered data mode [ 369.388774] reiserfs: using flush barriers [ 369.436089] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 369.452917] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 369.465218] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 369.560281] FAULT_INJECTION: forcing a failure. [ 369.560281] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 369.572186] CPU: 0 PID: 25087 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 369.580584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 369.589916] Call Trace: [ 369.592487] dump_stack+0x1c9/0x2b4 [ 369.596101] ? dump_stack_print_info.cold.2+0x52/0x52 [ 369.601287] should_fail.cold.4+0xa/0x11 [ 369.605331] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 369.610418] ? percpu_ref_tryget_live+0x15b/0x440 [ 369.615248] ? mem_cgroup_id_get_many+0x160/0x160 [ 369.620080] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 369.624908] ? lock_acquire+0x1e4/0x540 [ 369.628861] ? percpu_ref_put_many+0x119/0x240 [ 369.633422] ? lock_downgrade+0x8f0/0x8f0 [ 369.637550] ? lock_release+0xa30/0xa30 [ 369.641503] ? __kernel_text_address+0xd/0x40 [ 369.645981] ? lock_acquire+0x1e4/0x540 [ 369.649934] ? fs_reclaim_acquire+0x20/0x20 [ 369.654253] ? lock_downgrade+0x8f0/0x8f0 [ 369.658383] ? check_same_owner+0x340/0x340 [ 369.662687] ? save_stack+0x43/0xd0 [ 369.666296] ? kasan_kmalloc+0xc4/0xe0 [ 369.670167] ? rcu_note_context_switch+0x730/0x730 [ 369.675104] __alloc_pages_nodemask+0x36e/0xdb0 [ 369.679760] ? lock_downgrade+0x8f0/0x8f0 [ 369.683888] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 369.688900] ? mem_cgroup_handle_over_high+0x130/0x130 [ 369.694163] ? fs_reclaim_acquire+0x20/0x20 [ 369.698466] ? percpu_ref_put_many+0x131/0x240 [ 369.703032] ? mem_cgroup_id_get_online+0x310/0x310 [ 369.708039] ? kasan_unpoison_shadow+0x35/0x50 [ 369.712600] ? kasan_kmalloc+0xc4/0xe0 [ 369.716469] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 369.721991] alloc_pages_current+0x10c/0x210 [ 369.726394] __get_free_pages+0xc/0x40 [ 369.730265] mmu_topup_memory_caches+0x1f8/0x3a0 [ 369.735006] kvm_mmu_load+0x21/0x10e0 [ 369.738794] ? kasan_check_write+0x14/0x20 [ 369.743013] ? do_raw_spin_lock+0xc1/0x200 [ 369.747242] vcpu_enter_guest+0x3aa6/0x6090 [ 369.751554] ? kvm_set_msr_common+0x26a0/0x26a0 [ 369.756201] ? cpuacct_charge+0x30a/0x5d0 [ 369.760340] ? vmx_vcpu_load+0xadf/0xff0 [ 369.764381] ? trace_hardirqs_on+0x10/0x10 [ 369.768608] ? vmx_vcpu_reset+0x1040/0x1040 [ 369.772908] ? update_curr+0x4e7/0xc00 [ 369.776775] ? find_get_entries_tag+0x1410/0x1410 [ 369.781595] ? __account_cfs_rq_runtime+0x770/0x770 [ 369.786602] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 369.792124] ? lock_acquire+0x1e4/0x540 [ 369.796078] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 369.801084] ? lock_release+0xa30/0xa30 [ 369.805049] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 369.810323] ? kvm_arch_dev_ioctl+0x610/0x610 [ 369.814812] ? preempt_notifier_dec+0x20/0x20 [ 369.819288] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 369.824121] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 369.829119] kvm_vcpu_ioctl+0x7b8/0x1300 [ 369.833164] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 369.838857] ? lock_acquire+0x1e4/0x540 [ 369.842822] ? __fget+0x4ac/0x740 [ 369.846259] ? lock_downgrade+0x8f0/0x8f0 [ 369.850402] ? lock_release+0xa30/0xa30 [ 369.854358] ? pid_task+0x115/0x200 [ 369.857966] ? find_vpid+0xf0/0xf0 [ 369.861488] ? __f_unlock_pos+0x19/0x20 [ 369.865443] ? __fget+0x4d5/0x740 [ 369.868880] ? ksys_dup3+0x690/0x690 [ 369.872573] ? kasan_check_write+0x14/0x20 [ 369.876790] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 369.881697] ? fsnotify+0xbac/0x14e0 [ 369.885397] ? vfs_write+0x2f3/0x560 [ 369.889096] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 369.894785] do_vfs_ioctl+0x1de/0x1720 [ 369.898657] ? fsnotify_first_mark+0x350/0x350 [ 369.903224] ? __fsnotify_parent+0xcc/0x420 [ 369.907525] ? ioctl_preallocate+0x300/0x300 [ 369.911916] ? __fget_light+0x2f7/0x440 [ 369.915890] ? fget_raw+0x20/0x20 [ 369.919345] ? __sb_end_write+0xac/0xe0 [ 369.923302] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 369.928830] ? fput+0x130/0x1a0 [ 369.932089] ? ksys_write+0x1ae/0x260 [ 369.935876] ? security_file_ioctl+0x94/0xc0 [ 369.940267] ksys_ioctl+0xa9/0xd0 [ 369.943709] __x64_sys_ioctl+0x73/0xb0 [ 369.947578] do_syscall_64+0x1b9/0x820 [ 369.951446] ? syscall_slow_exit_work+0x500/0x500 [ 369.956270] ? syscall_return_slowpath+0x5e0/0x5e0 [ 369.961179] ? syscall_return_slowpath+0x31d/0x5e0 [ 369.966088] ? prepare_exit_to_usermode+0x291/0x3b0 [ 369.971083] ? perf_trace_sys_enter+0xb10/0xb10 [ 369.975729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 369.980554] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 369.985731] RIP: 0033:0x455ba9 [ 369.988896] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:33 executing program 3 (fault-call:8 fault-nth:60): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:33 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x5}, [{}]}, 0x58) 07:08:33 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000080)={'dummy0\x00', {0x2, 0x4e20, @loopback=0x7f000001}}) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)={0x8}) 07:08:33 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x14, 0x0, 0x20}, [{}]}, 0x58) 07:08:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:33 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:33 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000007a00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:33 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) [ 370.008035] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 370.015725] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 370.022974] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 370.030230] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 370.037475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 370.044735] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000003b 07:08:33 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfc000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:33 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x11}, [{}]}, 0x58) 07:08:33 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000d8f103000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:33 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:33 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1500000000000000, 0x0, 0x20}, [{}]}, 0x58) [ 370.125736] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 370.184533] FAULT_INJECTION: forcing a failure. [ 370.184533] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 370.192156] REISERFS (device loop5): using ordered data mode [ 370.196478] CPU: 1 PID: 25115 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 370.202217] reiserfs: using flush barriers [ 370.210588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.210593] Call Trace: [ 370.210618] dump_stack+0x1c9/0x2b4 [ 370.210642] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.235597] should_fail.cold.4+0xa/0x11 [ 370.235618] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.244768] ? percpu_ref_tryget_live+0x15b/0x440 [ 370.244785] ? mem_cgroup_id_get_many+0x160/0x160 [ 370.244796] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 370.244814] ? lock_acquire+0x1e4/0x540 [ 370.263227] ? percpu_ref_put_many+0x119/0x240 [ 370.267818] ? lock_downgrade+0x8f0/0x8f0 [ 370.271973] ? lock_release+0xa30/0xa30 [ 370.275933] ? __kernel_text_address+0xd/0x40 [ 370.280416] ? lock_acquire+0x1e4/0x540 [ 370.284391] ? fs_reclaim_acquire+0x20/0x20 [ 370.288706] ? lock_downgrade+0x8f0/0x8f0 [ 370.292841] ? check_same_owner+0x340/0x340 [ 370.297147] ? save_stack+0x43/0xd0 [ 370.300759] ? kasan_kmalloc+0xc4/0xe0 [ 370.304634] ? rcu_note_context_switch+0x730/0x730 [ 370.309550] __alloc_pages_nodemask+0x36e/0xdb0 [ 370.314214] ? lock_downgrade+0x8f0/0x8f0 [ 370.318349] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 370.323448] ? mem_cgroup_handle_over_high+0x130/0x130 [ 370.328705] ? fs_reclaim_acquire+0x20/0x20 [ 370.333014] ? lock_downgrade+0x8f0/0x8f0 [ 370.337147] ? percpu_ref_put_many+0x131/0x240 [ 370.341713] ? mem_cgroup_id_get_online+0x310/0x310 [ 370.346715] ? kasan_unpoison_shadow+0x35/0x50 [ 370.351367] ? kasan_kmalloc+0xc4/0xe0 [ 370.355242] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 370.360774] alloc_pages_current+0x10c/0x210 [ 370.365169] __get_free_pages+0xc/0x40 [ 370.369044] mmu_topup_memory_caches+0x1f8/0x3a0 [ 370.373786] kvm_mmu_load+0x21/0x10e0 [ 370.377570] ? rcu_note_context_switch+0x730/0x730 [ 370.382502] ? filemap_map_pages+0xca2/0x1990 [ 370.386984] vcpu_enter_guest+0x3aa6/0x6090 [ 370.391293] ? kasan_check_write+0x14/0x20 [ 370.395511] ? __mutex_lock+0x6c4/0x1680 [ 370.399556] ? kvm_set_msr_common+0x26a0/0x26a0 [ 370.404210] ? lock_acquire+0x1e4/0x540 [ 370.408179] ? vmx_vcpu_load+0xadf/0xff0 [ 370.412223] ? trace_hardirqs_on+0x10/0x10 [ 370.416440] ? vmx_vcpu_reset+0x1040/0x1040 [ 370.420745] ? find_get_entries_tag+0x1410/0x1410 [ 370.425577] ? lock_acquire+0x1e4/0x540 [ 370.429544] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 370.434546] ? lock_release+0xa30/0xa30 [ 370.438504] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 370.443767] ? kvm_arch_dev_ioctl+0x610/0x610 [ 370.448255] ? preempt_notifier_dec+0x20/0x20 [ 370.452754] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 370.457581] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 370.462584] kvm_vcpu_ioctl+0x7b8/0x1300 [ 370.466629] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 370.472330] ? lock_acquire+0x1e4/0x540 [ 370.476295] ? __fget+0x4ac/0x740 [ 370.479737] ? lock_downgrade+0x8f0/0x8f0 [ 370.483871] ? lock_release+0xa30/0xa30 [ 370.487828] ? pid_task+0x115/0x200 [ 370.491441] ? find_vpid+0xf0/0xf0 [ 370.494963] ? __f_unlock_pos+0x19/0x20 [ 370.498920] ? __fget+0x4d5/0x740 [ 370.502358] ? ksys_dup3+0x690/0x690 [ 370.506060] ? kasan_check_write+0x14/0x20 [ 370.510279] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 370.515189] ? fsnotify+0xbac/0x14e0 [ 370.518885] ? vfs_write+0x2f3/0x560 [ 370.522589] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 370.528283] do_vfs_ioctl+0x1de/0x1720 [ 370.532167] ? fsnotify_first_mark+0x350/0x350 [ 370.536730] ? __fsnotify_parent+0xcc/0x420 [ 370.541033] ? ioctl_preallocate+0x300/0x300 [ 370.545422] ? __fget_light+0x2f7/0x440 [ 370.549377] ? fget_raw+0x20/0x20 [ 370.552816] ? __sb_end_write+0xac/0xe0 [ 370.556776] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 370.562293] ? fput+0x130/0x1a0 [ 370.565558] ? ksys_write+0x1ae/0x260 [ 370.569354] ? security_file_ioctl+0x94/0xc0 [ 370.573744] ksys_ioctl+0xa9/0xd0 [ 370.577193] __x64_sys_ioctl+0x73/0xb0 [ 370.581066] do_syscall_64+0x1b9/0x820 [ 370.584946] ? finish_task_switch+0x1d3/0x870 [ 370.589426] ? syscall_return_slowpath+0x5e0/0x5e0 [ 370.594340] ? syscall_return_slowpath+0x31d/0x5e0 [ 370.599253] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 370.604251] ? prepare_exit_to_usermode+0x291/0x3b0 [ 370.609251] ? perf_trace_sys_enter+0xb10/0xb10 [ 370.613905] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.618733] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 370.623903] RIP: 0033:0x455ba9 [ 370.627070] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 370.646232] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 370.653931] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 370.661974] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 370.669225] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 370.676986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 07:08:34 executing program 0: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x88) ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f0000000100)=""/17) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x40}, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) [ 370.684241] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000003c 07:08:34 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf401]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:34 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000300000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 370.727685] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 370.743922] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:34 executing program 3 (fault-call:8 fault-nth:61): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x100000000000000}, [{}]}, 0x58) 07:08:34 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x300000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:34 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:34 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x40000000) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000002c0)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@local}}, &(0x7f0000000080)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000003c0)={{{@in=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f00000000c0)=0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@rand_addr=0x10000, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4e20, 0x10000, 0x4e23, 0x400, 0x2, 0x80, 0xa0, 0x2e, r1, r2}, {0x3ff, 0x6, 0x47a1f0c4, 0xd9d, 0x6, 0x10001, 0x2, 0x111d}, {0x3, 0x2, 0x4, 0x4}, 0x7a, 0x6e6bbc, 0x2, 0x0, 0x0, 0x2}, {{@in=@multicast2=0xe0000002, 0x4d5, 0x32}, 0x2, @in=@broadcast=0xffffffff, 0x3505, 0x2, 0x2, 0x1f, 0x7, 0x6, 0xffffffff00000000}}, 0xe8) r3 = getpgrp(0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x200000, 0x0) r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x800, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f00000005c0)={{{@in6=@remote, @in6=@local}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000200)=0xe8) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:34 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000116300000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1200000000000000}, [{}]}, 0x58) [ 370.901293] FAULT_INJECTION: forcing a failure. [ 370.901293] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 370.913186] CPU: 1 PID: 25164 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 370.921593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.930964] Call Trace: [ 370.933564] dump_stack+0x1c9/0x2b4 [ 370.937204] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.942414] should_fail.cold.4+0xa/0x11 [ 370.946478] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 370.951572] ? percpu_ref_tryget_live+0x15b/0x440 [ 370.956402] ? mem_cgroup_id_get_many+0x160/0x160 [ 370.961237] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 370.966068] ? lock_acquire+0x1e4/0x540 [ 370.970025] ? percpu_ref_put_many+0x119/0x240 [ 370.974599] ? lock_downgrade+0x8f0/0x8f0 [ 370.978731] ? lock_release+0xa30/0xa30 [ 370.982687] ? __kernel_text_address+0xd/0x40 [ 370.987168] ? lock_acquire+0x1e4/0x540 [ 370.991124] ? fs_reclaim_acquire+0x20/0x20 [ 370.995429] ? lock_downgrade+0x8f0/0x8f0 [ 370.999562] ? check_same_owner+0x340/0x340 [ 371.003866] ? save_stack+0x43/0xd0 [ 371.007475] ? kasan_kmalloc+0xc4/0xe0 [ 371.011355] ? rcu_note_context_switch+0x730/0x730 [ 371.016298] __alloc_pages_nodemask+0x36e/0xdb0 [ 371.020951] ? lock_downgrade+0x8f0/0x8f0 [ 371.025101] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 371.030105] ? mem_cgroup_handle_over_high+0x130/0x130 [ 371.035363] ? fs_reclaim_acquire+0x20/0x20 [ 371.039668] ? retint_kernel+0x10/0x10 [ 371.043544] ? percpu_ref_put_many+0x131/0x240 [ 371.048127] ? mem_cgroup_id_get_online+0x310/0x310 [ 371.053132] ? kasan_unpoison_shadow+0x35/0x50 [ 371.057699] ? kasan_kmalloc+0xc4/0xe0 [ 371.061573] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 371.067095] alloc_pages_current+0x10c/0x210 [ 371.071836] __get_free_pages+0xc/0x40 [ 371.075706] mmu_topup_memory_caches+0x1f8/0x3a0 [ 371.080446] kvm_mmu_load+0x21/0x10e0 [ 371.084229] ? rcu_note_context_switch+0x730/0x730 [ 371.089141] ? filemap_map_pages+0xca2/0x1990 [ 371.093624] vcpu_enter_guest+0x3aa6/0x6090 [ 371.097929] ? kasan_check_write+0x14/0x20 [ 371.102147] ? __mutex_lock+0x6c4/0x1680 [ 371.106192] ? kvm_set_msr_common+0x26a0/0x26a0 [ 371.110844] ? lock_acquire+0x1e4/0x540 [ 371.114801] ? vmx_vcpu_load+0xadf/0xff0 [ 371.118847] ? trace_hardirqs_on+0x10/0x10 [ 371.123064] ? vmx_vcpu_reset+0x1040/0x1040 [ 371.127372] ? find_get_entries_tag+0x1410/0x1410 [ 371.132204] ? lock_acquire+0x1e4/0x540 [ 371.136165] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 371.141166] ? lock_release+0xa30/0xa30 [ 371.145121] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 371.150381] ? kvm_arch_dev_ioctl+0x610/0x610 [ 371.154858] ? preempt_notifier_dec+0x20/0x20 [ 371.159339] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 371.164161] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 371.169167] kvm_vcpu_ioctl+0x7b8/0x1300 [ 371.173214] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 371.178912] ? lock_acquire+0x1e4/0x540 [ 371.182866] ? __fget+0x4ac/0x740 [ 371.186301] ? lock_downgrade+0x8f0/0x8f0 [ 371.190431] ? lock_release+0xa30/0xa30 [ 371.194390] ? pid_task+0x115/0x200 [ 371.198000] ? find_vpid+0xf0/0xf0 [ 371.201528] ? __f_unlock_pos+0x19/0x20 [ 371.205485] ? __fget+0x4d5/0x740 [ 371.208922] ? ksys_dup3+0x690/0x690 [ 371.212622] ? kasan_check_write+0x14/0x20 [ 371.216842] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 371.221754] ? fsnotify+0xbac/0x14e0 [ 371.225452] ? vfs_write+0x2f3/0x560 [ 371.229150] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 371.234844] do_vfs_ioctl+0x1de/0x1720 [ 371.238715] ? fsnotify_first_mark+0x350/0x350 [ 371.243296] ? __fsnotify_parent+0xcc/0x420 [ 371.247601] ? ioctl_preallocate+0x300/0x300 [ 371.251992] ? __fget_light+0x2f7/0x440 [ 371.255950] ? fget_raw+0x20/0x20 [ 371.259389] ? __sb_end_write+0xac/0xe0 [ 371.263350] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 371.268870] ? fput+0x130/0x1a0 [ 371.272133] ? ksys_write+0x1ae/0x260 [ 371.275920] ? security_file_ioctl+0x94/0xc0 [ 371.280312] ksys_ioctl+0xa9/0xd0 [ 371.283925] __x64_sys_ioctl+0x73/0xb0 [ 371.287798] do_syscall_64+0x1b9/0x820 [ 371.291668] ? syscall_return_slowpath+0x5e0/0x5e0 [ 371.296579] ? syscall_return_slowpath+0x31d/0x5e0 [ 371.301492] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 371.306492] ? prepare_exit_to_usermode+0x291/0x3b0 [ 371.311492] ? perf_trace_sys_enter+0xb10/0xb10 [ 371.316147] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.320975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 371.326145] RIP: 0033:0x455ba9 [ 371.329316] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:35 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x2000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfc00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000006800000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) fchmodat(r0, &(0x7f0000000380)='./file0\x00', 0x8) ioctl(r0, 0x8916, &(0x7f0000000080)="3f00000200000000000000") r1 = pkey_alloc(0x0, 0x2) pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1000001, r1) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000000c0)=0x1, 0x4) r2 = pkey_alloc(0x0, 0x3) pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3, r2) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000100)=0x0) get_robust_list(r3, &(0x7f0000000300)=&(0x7f00000002c0)={&(0x7f0000000200)={&(0x7f00000001c0)}, 0x0, &(0x7f0000000280)={&(0x7f0000000240)}}, &(0x7f0000000340)=0x18) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f00000003c0)={'veth0_to_team\x00', {0x2, 0x4e24, @broadcast=0xffffffff}}) [ 371.348481] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 371.356170] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 371.363419] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 371.370669] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 371.377928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 371.385192] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000003d [ 371.422820] nla_parse: 4 callbacks suppressed [ 371.422828] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 371.457644] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x500}, [{}]}, 0x58) 07:08:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000003000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x500, 0x0, 0x20}, [{}]}, 0x58) 07:08:35 executing program 3 (fault-call:8 fault-nth:62): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x4000, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={0xffffffff}, 0x13f, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000000380)={0x14, 0x88, 0xfa00, {r3, 0x0, 0x0, @in6={0xa, 0x4e21, 0x0, @loopback={0x0, 0x1}, 0x3}}}, 0x90) r4 = socket(0x3, 0xa, 0xa784) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r4, 0x111, 0x3, 0x0, 0x4) r5 = getpgrp(0x0) capget(&(0x7f0000000440)={0x20080522, r5}, &(0x7f0000000040)={0x0, 0x4, 0x100000, 0x7ff, 0x0, 0xd1}) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000240)=0x0) perf_event_open(&(0x7f00000001c0)={0x2, 0x70, 0x4, 0x3, 0x3, 0x36, 0x0, 0x9, 0x45, 0x4, 0x2d2a1a8a, 0x4, 0x80, 0x9f, 0x4, 0x6, 0x6e, 0x128, 0x5, 0x7, 0xe2c, 0x10000000000, 0x7, 0x8001, 0xfff, 0x4, 0x22c3, 0x200, 0x1ff, 0x7, 0x2, 0x98c6, 0x80000001, 0x5, 0x7, 0xffff, 0x8, 0x4, 0x0, 0x75bd, 0x1, @perf_bp={&(0x7f00000000c0), 0x4}, 0x2006, 0x7f, 0xf6, 0x0, 0xfffffffffffffffe, 0x4, 0x100}, r6, 0x5, r1, 0x2) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f0000000100)=0xb) [ 371.470769] REISERFS (device loop5): using ordered data mode [ 371.476667] reiserfs: using flush barriers [ 371.482782] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:35 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 371.537833] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 371.567712] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffff1f0000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 371.607210] FAULT_INJECTION: forcing a failure. [ 371.607210] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 371.619130] CPU: 0 PID: 25208 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 371.627538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.636896] Call Trace: [ 371.639503] dump_stack+0x1c9/0x2b4 [ 371.643142] ? dump_stack_print_info.cold.2+0x52/0x52 [ 371.648327] should_fail.cold.4+0xa/0x11 [ 371.652382] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 371.657492] ? percpu_ref_tryget_live+0x15b/0x440 [ 371.662325] ? mem_cgroup_id_get_many+0x160/0x160 [ 371.667154] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 371.671987] ? lock_acquire+0x1e4/0x540 [ 371.675946] ? percpu_ref_put_many+0x119/0x240 [ 371.680523] ? lock_downgrade+0x8f0/0x8f0 [ 371.684659] ? lock_release+0xa30/0xa30 [ 371.688615] ? __kernel_text_address+0xd/0x40 [ 371.693094] ? lock_acquire+0x1e4/0x540 [ 371.697061] ? fs_reclaim_acquire+0x20/0x20 [ 371.701367] ? lock_downgrade+0x8f0/0x8f0 [ 371.705503] ? check_same_owner+0x340/0x340 [ 371.709809] ? save_stack+0x43/0xd0 [ 371.713419] ? kasan_kmalloc+0xc4/0xe0 [ 371.717292] ? rcu_note_context_switch+0x730/0x730 [ 371.722221] __alloc_pages_nodemask+0x36e/0xdb0 [ 371.726873] ? lock_downgrade+0x8f0/0x8f0 [ 371.731008] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 371.736013] ? mem_cgroup_handle_over_high+0x130/0x130 [ 371.741270] ? fs_reclaim_acquire+0x20/0x20 [ 371.745578] ? percpu_ref_put_many+0x131/0x240 [ 371.750140] ? mem_cgroup_id_get_online+0x310/0x310 [ 371.755139] ? kasan_unpoison_shadow+0x35/0x50 [ 371.759703] ? kasan_kmalloc+0xc4/0xe0 [ 371.763581] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 371.769103] alloc_pages_current+0x10c/0x210 [ 371.773497] __get_free_pages+0xc/0x40 [ 371.777369] mmu_topup_memory_caches+0x1f8/0x3a0 [ 371.782109] kvm_mmu_load+0x21/0x10e0 [ 371.785893] ? rcu_note_context_switch+0x730/0x730 [ 371.790804] ? filemap_map_pages+0xca2/0x1990 [ 371.795284] vcpu_enter_guest+0x3aa6/0x6090 [ 371.799600] ? kasan_check_write+0x14/0x20 [ 371.803831] ? __mutex_lock+0x6c4/0x1680 [ 371.807887] ? kvm_set_msr_common+0x26a0/0x26a0 [ 371.812541] ? lock_acquire+0x1e4/0x540 [ 371.816501] ? vmx_vcpu_load+0xadf/0xff0 [ 371.820544] ? trace_hardirqs_on+0x10/0x10 [ 371.824761] ? vmx_vcpu_reset+0x1040/0x1040 [ 371.829065] ? find_get_entries_tag+0x1410/0x1410 [ 371.833898] ? lock_acquire+0x1e4/0x540 [ 371.837857] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 371.842859] ? lock_release+0xa30/0xa30 [ 371.846814] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 371.852074] ? kvm_arch_dev_ioctl+0x610/0x610 [ 371.856552] ? preempt_notifier_dec+0x20/0x20 [ 371.861054] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 371.865882] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 371.870884] kvm_vcpu_ioctl+0x7b8/0x1300 [ 371.874929] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 371.880636] ? lock_acquire+0x1e4/0x540 [ 371.884591] ? __fget+0x4ac/0x740 [ 371.888031] ? lock_downgrade+0x8f0/0x8f0 [ 371.892173] ? lock_release+0xa30/0xa30 [ 371.896129] ? pid_task+0x115/0x200 [ 371.899737] ? find_vpid+0xf0/0xf0 [ 371.903259] ? __f_unlock_pos+0x19/0x20 [ 371.907231] ? __fget+0x4d5/0x740 [ 371.910668] ? ksys_dup3+0x690/0x690 [ 371.914368] ? kasan_check_write+0x14/0x20 [ 371.918587] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 371.924110] ? perf_trace_sys_exit+0x3f7/0x650 [ 371.928671] ? vfs_write+0x2f3/0x560 [ 371.932384] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 371.938079] do_vfs_ioctl+0x1de/0x1720 [ 371.941958] ? fsnotify_first_mark+0x350/0x350 [ 371.946524] ? __fsnotify_parent+0xcc/0x420 [ 371.950827] ? ioctl_preallocate+0x300/0x300 [ 371.955215] ? __fget_light+0x2f7/0x440 [ 371.959259] ? fget_raw+0x20/0x20 [ 371.962701] ? __sb_end_write+0xac/0xe0 [ 371.966660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.972191] ? syscall_slow_exit_work+0x111/0x500 [ 371.977020] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 371.981671] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 371.987120] ? security_file_ioctl+0x94/0xc0 [ 371.991512] ksys_ioctl+0xa9/0xd0 [ 371.994950] __x64_sys_ioctl+0x73/0xb0 [ 371.998833] do_syscall_64+0x1b9/0x820 [ 372.002719] ? syscall_slow_exit_work+0x500/0x500 [ 372.007544] ? syscall_return_slowpath+0x5e0/0x5e0 [ 372.012458] ? syscall_return_slowpath+0x31d/0x5e0 [ 372.017371] ? prepare_exit_to_usermode+0x291/0x3b0 [ 372.022369] ? perf_trace_sys_enter+0xb10/0xb10 [ 372.027033] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 372.031861] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 372.037030] RIP: 0033:0x455ba9 [ 372.040208] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x3}, [{}]}, 0x58) 07:08:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1200, 0x0, 0x20}, [{}]}, 0x58) [ 372.059394] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 372.067085] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 372.074337] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 372.081590] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 372.088840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 372.096092] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000003e 07:08:35 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:35 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000006c000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000001c0)=[@in={0x2, 0x4e20, @broadcast=0xffffffff}, @in6={0xa, 0x4e23, 0x6, @remote={0xfe, 0x80, [], 0xbb}, 0x10001}, @in={0x2, 0x4e23, @loopback=0x7f000001}], 0x3c) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000100)=@req={0x28, &(0x7f00000000c0)={'bond0\x00', @ifru_data=&(0x7f0000000080)="0a6669d127d165cbfe4a7cbd6776491bffb287a3ed8cadfc48b33262ed4c89e2"}}) 07:08:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x500]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1600}, [{}]}, 0x58) 07:08:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1600, 0x0, 0x20}, [{}]}, 0x58) [ 372.197639] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 372.215324] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 372.229389] REISERFS (device loop5): using ordered data mode [ 372.235260] reiserfs: using flush barriers 07:08:35 executing program 0: r0 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x4, 0x8000) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@loopback}}, &(0x7f0000000100)=0xe8) ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f00000001c0)={r1, 0x81, 0x9, 0x1, 0x401, 0x8, 0x3}) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x7, 0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:35 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:35 executing program 3 (fault-call:8 fault-nth:63): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe803]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:35 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x15, 0x0, 0x20}, [{}]}, 0x58) [ 372.300222] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000006000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1f00}, [{}]}, 0x58) [ 372.360133] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x400000, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000000c0)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}, &(0x7f0000000100)=0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x4, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xfa01, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x7000, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffff9c, 0x0) r2 = openat$md(0xffffffffffffff9c, &(0x7f0000000200)='/dev/md0\x00', 0x40, 0x0) r3 = getpgrp(0x0) r4 = getgid() lstat(&(0x7f0000000640)='./file0\x00', &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f00000007c0)=[0x0]) getresgid(&(0x7f0000000800), &(0x7f0000000840), &(0x7f0000000880)=0x0) getgroups(0x4, &(0x7f00000008c0)=[0xee01, 0xee00, 0xee00, 0xffffffffffffffff]) fstat(r2, &(0x7f0000000b80)) getresgid(&(0x7f0000000900), &(0x7f0000000940), &(0x7f0000000980)=0x0) getresgid(&(0x7f00000009c0), &(0x7f0000000a00), &(0x7f0000000a40)=0x0) r12 = getgid() getresgid(&(0x7f0000000a80), &(0x7f0000000ac0), &(0x7f0000000b00)=0x0) getpid() setgroups(0xa, &(0x7f0000000b40)=[r4, r5, r6, r7, r8, r9, r10, r11, r12, r13]) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f00000001c0)={'syzkaller1\x00', {0x2, 0x4e20, @multicast2=0xe0000002}}) vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000000240)="615626f09eee47b97e1ca1ec", 0xc}, {&(0x7f00000002c0)="6da58dd25844f5545fb3a5e394d817cf6cbe0d615bee05b0dabce6716e0be9816aeb8aa69deec4712710569f0e13e2ade7ec90f4154549803659bbd7c20ae09a10fdd9cba66649d657a910c5f3a97075d6541d4a6f1d3b1f8ba5cb6bb0bf65babbdd8684795065f9e36cac153542c57e98e0c0886c0a437aa2ee3c87e7811c34e0c55ae0258448142a08bbf8d1bd7e9883b3dfb7ce175ab39a3cf24778353dd4c7d0a05df74577994e27834bd7376f8fb430e22119687d79eb45261b", 0xbc}, {&(0x7f0000000380)="b22fb864a9177e22b48aa2f2446886af86905b8165ff981e31c06eb22d1560edd3ee3685175539af7857d8288edd8ce9aa805ddfbad294db2b280b47c64d3e31a95ede790f24d83a3dfbe7d62a5db65e52257f340139534109e8a8cc0508804e0681cc09835c6cc258d7d8ab22b26fb887a7e8e134a5a65076685eb4be53e7c146449a3376738f70341e5e10e9930c862f79b4eab96bc3a788cd", 0x9a}, {&(0x7f0000000440)="14313efac8c299ae5d8b8e69a79db01c464f82038e9477f8f83b52f411e6028b15d9ea9957ac4e9cb9c3905dd938238e18f3f74eb0ded4c0b87ac0d30882cd30779d591c867cbabf9a7920fd92e2f2c94e275bc484fc75a1ea6c5fc31cfaca4d1bff78351844078b14b98c756eed3b8ac4bd4196", 0x74}, {&(0x7f00000004c0)="4356375ff0a2e29d198c2761ab060e3c649ef46a1bee", 0x16}, {&(0x7f0000000500)="a783fdc0080d4e5895a6fde69c922c05d099ab03557cb0cbe718e2385666d9d5cd66b010754119701329cbc447ec3053e2d58a40923a5c04b1f92ed746a8c2878e616798c670fedbed73d0804e0a158bc65c906fb94e04e5b1edf6abec48a409b61c471b1ff7800e50fc8a9c642d5e7bd8dc2d8a8083429d1e42bc12afb8fce8", 0x80}, {&(0x7f0000000580)="58a90a56c93580a610b97a941a815a978eb45a6b85f97f019e962a166639f7592a23edcc473e99df90cf09", 0x2b}], 0x7, 0x6) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:36 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x200000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 372.401537] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:36 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000004800000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1400000000000000}, [{}]}, 0x58) 07:08:36 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x3000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfcff]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 372.510780] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 372.529174] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 372.534263] REISERFS (device loop5): using ordered data mode [ 372.543556] reiserfs: using flush barriers 07:08:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:36 executing program 0: r0 = socket$inet6(0xa, 0x40000400003, 0xff) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x40100, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f00000000c0)={0x1, 0x8001, 0x7ff, 0x5, 0x1}) bind$vsock_dgram(r1, &(0x7f0000000100)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x80000000000002, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f00000001c0)) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000006311000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 372.568771] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 372.587848] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 372.677490] FAULT_INJECTION: forcing a failure. [ 372.677490] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 372.689386] CPU: 0 PID: 25292 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 372.697793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 372.707147] Call Trace: [ 372.709746] dump_stack+0x1c9/0x2b4 [ 372.713385] ? dump_stack_print_info.cold.2+0x52/0x52 [ 372.718581] should_fail.cold.4+0xa/0x11 [ 372.722635] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 372.727722] ? percpu_ref_tryget_live+0x15b/0x440 [ 372.732551] ? mem_cgroup_id_get_many+0x160/0x160 [ 372.737398] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 372.742228] ? lock_acquire+0x1e4/0x540 [ 372.746187] ? percpu_ref_put_many+0x119/0x240 [ 372.750752] ? lock_downgrade+0x8f0/0x8f0 [ 372.754885] ? lock_release+0xa30/0xa30 [ 372.758843] ? __kernel_text_address+0xd/0x40 [ 372.763324] ? lock_acquire+0x1e4/0x540 [ 372.767282] ? fs_reclaim_acquire+0x20/0x20 [ 372.771588] ? lock_downgrade+0x8f0/0x8f0 [ 372.775726] ? check_same_owner+0x340/0x340 [ 372.780032] ? save_stack+0x43/0xd0 [ 372.783642] ? kasan_kmalloc+0xc4/0xe0 [ 372.787533] ? rcu_note_context_switch+0x730/0x730 [ 372.792460] __alloc_pages_nodemask+0x36e/0xdb0 [ 372.797113] ? lock_downgrade+0x8f0/0x8f0 [ 372.801256] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 372.806267] ? mem_cgroup_handle_over_high+0x130/0x130 [ 372.811536] ? fs_reclaim_acquire+0x20/0x20 [ 372.815853] ? percpu_ref_put_many+0x131/0x240 [ 372.820420] ? mem_cgroup_id_get_online+0x310/0x310 [ 372.825441] ? kasan_unpoison_shadow+0x35/0x50 [ 372.830014] ? kasan_kmalloc+0xc4/0xe0 [ 372.833888] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 372.840033] alloc_pages_current+0x10c/0x210 [ 372.844430] __get_free_pages+0xc/0x40 [ 372.848301] mmu_topup_memory_caches+0x1f8/0x3a0 [ 372.853045] kvm_mmu_load+0x21/0x10e0 [ 372.856829] ? kasan_check_write+0x14/0x20 [ 372.861047] ? do_raw_spin_lock+0xc1/0x200 [ 372.865266] vcpu_enter_guest+0x3aa6/0x6090 [ 372.869586] ? kvm_set_msr_common+0x26a0/0x26a0 [ 372.874243] ? lock_acquire+0x1e4/0x540 [ 372.878200] ? vmx_vcpu_load+0xadf/0xff0 [ 372.882242] ? trace_hardirqs_on+0x10/0x10 [ 372.886471] ? vmx_vcpu_reset+0x1040/0x1040 [ 372.890781] ? find_get_entries_tag+0x1410/0x1410 [ 372.895618] ? lock_acquire+0x1e4/0x540 [ 372.899574] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 372.904577] ? lock_release+0xa30/0xa30 [ 372.908535] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 372.913794] ? kvm_arch_dev_ioctl+0x610/0x610 [ 372.918271] ? preempt_notifier_dec+0x20/0x20 [ 372.922750] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 372.927573] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 372.932576] kvm_vcpu_ioctl+0x7b8/0x1300 [ 372.936625] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 372.942323] ? lock_acquire+0x1e4/0x540 [ 372.946279] ? __fget+0x4ac/0x740 [ 372.949727] ? lock_downgrade+0x8f0/0x8f0 [ 372.953858] ? lock_release+0xa30/0xa30 [ 372.957813] ? pid_task+0x115/0x200 [ 372.961432] ? find_vpid+0xf0/0xf0 [ 372.964955] ? __f_unlock_pos+0x19/0x20 [ 372.968929] ? __fget+0x4d5/0x740 [ 372.972368] ? ksys_dup3+0x690/0x690 [ 372.976069] ? kasan_check_write+0x14/0x20 [ 372.980287] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 372.985818] ? perf_trace_sys_exit+0x3f7/0x650 [ 372.990381] ? vfs_write+0x2f3/0x560 [ 372.994131] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 372.999824] do_vfs_ioctl+0x1de/0x1720 [ 373.003696] ? fsnotify_first_mark+0x350/0x350 [ 373.008271] ? __fsnotify_parent+0xcc/0x420 [ 373.012585] ? ioctl_preallocate+0x300/0x300 [ 373.016982] ? __fget_light+0x2f7/0x440 [ 373.020937] ? fget_raw+0x20/0x20 [ 373.024374] ? __sb_end_write+0xac/0xe0 [ 373.028335] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 373.033853] ? syscall_slow_exit_work+0x111/0x500 [ 373.038678] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 373.043330] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 373.048765] ? security_file_ioctl+0x94/0xc0 [ 373.053156] ksys_ioctl+0xa9/0xd0 [ 373.056611] __x64_sys_ioctl+0x73/0xb0 [ 373.060485] do_syscall_64+0x1b9/0x820 [ 373.064357] ? finish_task_switch+0x1d3/0x870 [ 373.068835] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.073760] ? syscall_return_slowpath+0x31d/0x5e0 [ 373.078675] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.083676] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.088676] ? perf_trace_sys_enter+0xb10/0xb10 [ 373.093330] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.098159] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.103329] RIP: 0033:0x455ba9 [ 373.106501] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.125671] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 373.133363] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 373.140617] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 373.147867] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 373.155127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 373.162378] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 000000000000003f 07:08:36 executing program 3 (fault-call:8 fault-nth:64): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1600000000000000}, [{}]}, 0x58) 07:08:36 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x4000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:36 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) ptrace$pokeuser(0x6, r1, 0x8, 0x0) 07:08:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000005000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 373.177306] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfc]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:36 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x16, 0x0, 0x20}, [{}]}, 0x58) [ 373.242175] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 373.273296] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000007000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 373.329651] REISERFS (device loop5): using ordered data mode [ 373.335533] reiserfs: using flush barriers [ 373.339519] FAULT_INJECTION: forcing a failure. [ 373.339519] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 373.351653] CPU: 0 PID: 25368 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 373.360056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 373.369402] Call Trace: [ 373.371987] dump_stack+0x1c9/0x2b4 [ 373.375612] ? dump_stack_print_info.cold.2+0x52/0x52 [ 373.380792] should_fail.cold.4+0xa/0x11 [ 373.384863] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 373.389953] ? percpu_ref_tryget_live+0x15b/0x440 [ 373.394791] ? mem_cgroup_id_get_many+0x160/0x160 [ 373.399619] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 373.404448] ? lock_acquire+0x1e4/0x540 [ 373.408406] ? percpu_ref_put_many+0x119/0x240 [ 373.412974] ? lock_downgrade+0x8f0/0x8f0 [ 373.417109] ? lock_release+0xa30/0xa30 [ 373.421070] ? __kernel_text_address+0xd/0x40 [ 373.425551] ? lock_acquire+0x1e4/0x540 [ 373.429533] ? fs_reclaim_acquire+0x20/0x20 [ 373.433839] ? lock_downgrade+0x8f0/0x8f0 [ 373.438148] ? check_same_owner+0x340/0x340 [ 373.442453] ? save_stack+0x43/0xd0 [ 373.446067] ? kasan_kmalloc+0xc4/0xe0 [ 373.449939] ? rcu_note_context_switch+0x730/0x730 [ 373.454857] __alloc_pages_nodemask+0x36e/0xdb0 [ 373.459524] ? lock_downgrade+0x8f0/0x8f0 [ 373.463658] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 373.468662] ? mem_cgroup_handle_over_high+0x130/0x130 [ 373.473933] ? fs_reclaim_acquire+0x20/0x20 [ 373.478242] ? percpu_ref_put_many+0x131/0x240 [ 373.482805] ? mem_cgroup_id_get_online+0x310/0x310 [ 373.487806] ? kasan_unpoison_shadow+0x35/0x50 [ 373.492384] ? kasan_kmalloc+0xc4/0xe0 [ 373.496259] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 373.501791] alloc_pages_current+0x10c/0x210 [ 373.506186] __get_free_pages+0xc/0x40 [ 373.510058] mmu_topup_memory_caches+0x1f8/0x3a0 [ 373.514801] kvm_mmu_load+0x21/0x10e0 [ 373.518587] ? rcu_note_context_switch+0x730/0x730 [ 373.523502] ? filemap_map_pages+0xca2/0x1990 [ 373.527984] vcpu_enter_guest+0x3aa6/0x6090 [ 373.532292] ? kasan_check_write+0x14/0x20 [ 373.536510] ? __mutex_lock+0x6c4/0x1680 [ 373.540558] ? kvm_set_msr_common+0x26a0/0x26a0 [ 373.545211] ? lock_acquire+0x1e4/0x540 [ 373.549169] ? vmx_vcpu_load+0xadf/0xff0 [ 373.553213] ? trace_hardirqs_on+0x10/0x10 [ 373.557430] ? vmx_vcpu_reset+0x1040/0x1040 [ 373.561737] ? find_get_entries_tag+0x1410/0x1410 [ 373.566572] ? lock_acquire+0x1e4/0x540 [ 373.570527] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 373.575532] ? lock_release+0xa30/0xa30 [ 373.579490] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 373.584749] ? kvm_arch_dev_ioctl+0x610/0x610 [ 373.589224] ? preempt_notifier_dec+0x20/0x20 [ 373.593706] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 373.598531] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 373.603553] kvm_vcpu_ioctl+0x7b8/0x1300 [ 373.607609] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 373.613307] ? lock_acquire+0x1e4/0x540 [ 373.617262] ? __fget+0x4ac/0x740 [ 373.620698] ? lock_downgrade+0x8f0/0x8f0 [ 373.624831] ? lock_release+0xa30/0xa30 [ 373.628789] ? pid_task+0x115/0x200 [ 373.632401] ? find_vpid+0xf0/0xf0 [ 373.635926] ? __f_unlock_pos+0x19/0x20 [ 373.639883] ? __fget+0x4d5/0x740 [ 373.643321] ? ksys_dup3+0x690/0x690 [ 373.647032] ? kasan_check_write+0x14/0x20 [ 373.651254] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 373.656167] ? fsnotify+0xbac/0x14e0 [ 373.659864] ? vfs_write+0x2f3/0x560 [ 373.663566] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 373.669259] do_vfs_ioctl+0x1de/0x1720 [ 373.673131] ? fsnotify_first_mark+0x350/0x350 [ 373.677694] ? __fsnotify_parent+0xcc/0x420 [ 373.681998] ? ioctl_preallocate+0x300/0x300 [ 373.686393] ? __fget_light+0x2f7/0x440 [ 373.690359] ? fget_raw+0x20/0x20 [ 373.693797] ? __sb_end_write+0xac/0xe0 [ 373.697756] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 373.703274] ? fput+0x130/0x1a0 [ 373.706535] ? ksys_write+0x1ae/0x260 [ 373.710324] ? security_file_ioctl+0x94/0xc0 [ 373.714716] ksys_ioctl+0xa9/0xd0 [ 373.718152] __x64_sys_ioctl+0x73/0xb0 [ 373.722026] do_syscall_64+0x1b9/0x820 [ 373.725896] ? finish_task_switch+0x1d3/0x870 [ 373.730375] ? syscall_return_slowpath+0x5e0/0x5e0 [ 373.735286] ? syscall_return_slowpath+0x31d/0x5e0 [ 373.740197] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 373.745198] ? prepare_exit_to_usermode+0x291/0x3b0 [ 373.750197] ? perf_trace_sys_enter+0xb10/0xb10 [ 373.754850] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 373.759677] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 373.764847] RIP: 0033:0x455ba9 07:08:37 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x15000000}, [{}]}, 0x58) [ 373.768017] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 373.787199] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 373.794900] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 373.802151] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 373.809401] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 373.816652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 373.823907] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000040 07:08:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x80fe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 373.840952] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 373.865535] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:37 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x3, 0x0, 0x20}, [{}]}, 0x58) 07:08:37 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x3000000}, [{}]}, 0x58) [ 373.891356] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:37 executing program 3 (fault-call:8 fault-nth:65): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfe80000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:37 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:37 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:37 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0xffffff7f00000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:37 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1100000000000000}, [{}]}, 0x58) 07:08:37 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:37 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000f000000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff00000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 374.048893] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:37 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 374.101747] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 374.121340] REISERFS (device loop5): using ordered data mode [ 374.127216] reiserfs: using flush barriers [ 374.135880] FAULT_INJECTION: forcing a failure. [ 374.135880] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 374.147755] CPU: 1 PID: 25426 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 374.156171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.165525] Call Trace: [ 374.168108] dump_stack+0x1c9/0x2b4 [ 374.171733] ? dump_stack_print_info.cold.2+0x52/0x52 [ 374.176915] should_fail.cold.4+0xa/0x11 [ 374.180985] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 374.186091] ? percpu_ref_tryget_live+0x15b/0x440 [ 374.190917] ? mem_cgroup_id_get_many+0x160/0x160 [ 374.195741] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 374.200582] ? lock_acquire+0x1e4/0x540 [ 374.204539] ? percpu_ref_put_many+0x119/0x240 [ 374.209107] ? lock_downgrade+0x8f0/0x8f0 [ 374.213250] ? lock_release+0xa30/0xa30 [ 374.217208] ? __kernel_text_address+0xd/0x40 [ 374.221692] ? lock_acquire+0x1e4/0x540 [ 374.225663] ? fs_reclaim_acquire+0x20/0x20 [ 374.229971] ? lock_downgrade+0x8f0/0x8f0 [ 374.234108] ? check_same_owner+0x340/0x340 [ 374.238414] ? save_stack+0x43/0xd0 [ 374.242027] ? kasan_kmalloc+0xc4/0xe0 [ 374.245899] ? rcu_note_context_switch+0x730/0x730 [ 374.250824] __alloc_pages_nodemask+0x36e/0xdb0 [ 374.255479] ? lock_downgrade+0x8f0/0x8f0 [ 374.259635] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 374.264637] ? mem_cgroup_handle_over_high+0x130/0x130 [ 374.269916] ? fs_reclaim_acquire+0x20/0x20 [ 374.274224] ? percpu_ref_put_many+0x131/0x240 [ 374.278790] ? mem_cgroup_id_get_online+0x310/0x310 [ 374.283792] ? kasan_unpoison_shadow+0x35/0x50 [ 374.288359] ? kasan_kmalloc+0xc4/0xe0 [ 374.292236] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 374.297758] alloc_pages_current+0x10c/0x210 [ 374.302151] __get_free_pages+0xc/0x40 [ 374.306031] mmu_topup_memory_caches+0x1f8/0x3a0 [ 374.310771] kvm_mmu_load+0x21/0x10e0 [ 374.314555] ? rcu_note_context_switch+0x730/0x730 [ 374.319467] ? filemap_map_pages+0xca2/0x1990 [ 374.323949] vcpu_enter_guest+0x3aa6/0x6090 [ 374.328257] ? kasan_check_write+0x14/0x20 [ 374.332478] ? __mutex_lock+0x6c4/0x1680 [ 374.336526] ? kvm_set_msr_common+0x26a0/0x26a0 [ 374.341178] ? lock_acquire+0x1e4/0x540 [ 374.345136] ? vmx_vcpu_load+0xadf/0xff0 [ 374.349181] ? trace_hardirqs_on+0x10/0x10 [ 374.353397] ? vmx_vcpu_reset+0x1040/0x1040 [ 374.357704] ? find_get_entries_tag+0x1410/0x1410 [ 374.362537] ? lock_acquire+0x1e4/0x540 [ 374.366494] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 374.371495] ? lock_release+0xa30/0xa30 [ 374.375453] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 374.380714] ? kvm_arch_dev_ioctl+0x610/0x610 [ 374.385191] ? preempt_notifier_dec+0x20/0x20 [ 374.389675] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 374.394526] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 374.399551] kvm_vcpu_ioctl+0x7b8/0x1300 [ 374.403597] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 374.409295] ? lock_acquire+0x1e4/0x540 [ 374.413263] ? __fget+0x4ac/0x740 [ 374.416704] ? lock_downgrade+0x8f0/0x8f0 [ 374.420837] ? lock_release+0xa30/0xa30 [ 374.424792] ? pid_task+0x115/0x200 [ 374.428401] ? find_vpid+0xf0/0xf0 [ 374.431925] ? __f_unlock_pos+0x19/0x20 [ 374.435885] ? __fget+0x4d5/0x740 [ 374.439323] ? ksys_dup3+0x690/0x690 [ 374.443028] ? kasan_check_write+0x14/0x20 [ 374.447251] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 374.452772] ? perf_trace_sys_exit+0x3f7/0x650 [ 374.457333] ? vfs_write+0x2f3/0x560 [ 374.461036] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 374.466739] do_vfs_ioctl+0x1de/0x1720 [ 374.470612] ? fsnotify_first_mark+0x350/0x350 [ 374.475176] ? __fsnotify_parent+0xcc/0x420 [ 374.479483] ? ioctl_preallocate+0x300/0x300 [ 374.483888] ? __fget_light+0x2f7/0x440 [ 374.487861] ? fget_raw+0x20/0x20 [ 374.491296] ? __sb_end_write+0xac/0xe0 [ 374.495254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 374.500774] ? syscall_slow_exit_work+0x111/0x500 [ 374.505598] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 374.510253] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 374.515686] ? security_file_ioctl+0x94/0xc0 [ 374.520077] ksys_ioctl+0xa9/0xd0 [ 374.523514] __x64_sys_ioctl+0x73/0xb0 [ 374.527384] do_syscall_64+0x1b9/0x820 [ 374.531253] ? finish_task_switch+0x1d3/0x870 [ 374.535730] ? syscall_return_slowpath+0x5e0/0x5e0 [ 374.540647] ? syscall_return_slowpath+0x31d/0x5e0 [ 374.545559] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 374.550558] ? prepare_exit_to_usermode+0x291/0x3b0 [ 374.555556] ? perf_trace_sys_enter+0xb10/0xb10 [ 374.560207] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 374.565044] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 374.570214] RIP: 0033:0x455ba9 [ 374.573383] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 374.592550] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 07:08:38 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x12000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:38 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 374.600239] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 374.607491] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 374.614740] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 374.621992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 374.629245] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000041 07:08:38 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) epoll_create1(0x80000) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:38 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1400000000000000}, [{}]}, 0x58) [ 374.649398] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 374.660786] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:38 executing program 3 (fault-call:8 fault-nth:66): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:38 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x0, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:38 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000017e000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:38 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:38 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x100000000000000}, [{}]}, 0x58) 07:08:38 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:38 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1500, 0x0, 0x20}, [{}]}, 0x58) 07:08:38 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0xa40, 0x0) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000000c0)=0x8, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:38 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x0, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 374.786574] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 374.864534] FAULT_INJECTION: forcing a failure. [ 374.864534] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 374.876406] CPU: 1 PID: 25464 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 374.884820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 374.894176] Call Trace: [ 374.896766] dump_stack+0x1c9/0x2b4 [ 374.900384] ? dump_stack_print_info.cold.2+0x52/0x52 [ 374.905568] should_fail.cold.4+0xa/0x11 [ 374.909618] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 374.914710] ? percpu_ref_tryget_live+0x15b/0x440 [ 374.919541] ? mem_cgroup_id_get_many+0x160/0x160 [ 374.924367] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 374.929196] ? lock_acquire+0x1e4/0x540 [ 374.933153] ? percpu_ref_put_many+0x119/0x240 [ 374.937724] ? lock_downgrade+0x8f0/0x8f0 [ 374.941858] ? lock_release+0xa30/0xa30 [ 374.945817] ? __kernel_text_address+0xd/0x40 [ 374.950298] ? lock_acquire+0x1e4/0x540 [ 374.954257] ? fs_reclaim_acquire+0x20/0x20 [ 374.958561] ? lock_downgrade+0x8f0/0x8f0 [ 374.962693] ? check_same_owner+0x340/0x340 [ 374.967001] ? save_stack+0x43/0xd0 [ 374.970617] ? kasan_kmalloc+0xc4/0xe0 [ 374.974489] ? rcu_note_context_switch+0x730/0x730 [ 374.979420] __alloc_pages_nodemask+0x36e/0xdb0 [ 374.984077] ? lock_downgrade+0x8f0/0x8f0 [ 374.988210] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 374.993213] ? mem_cgroup_handle_over_high+0x130/0x130 [ 374.998488] ? fs_reclaim_acquire+0x20/0x20 [ 375.002794] ? lock_downgrade+0x8f0/0x8f0 [ 375.006931] ? percpu_ref_put_many+0x131/0x240 [ 375.011498] ? mem_cgroup_id_get_online+0x310/0x310 [ 375.016504] ? kasan_unpoison_shadow+0x35/0x50 [ 375.021071] ? kasan_kmalloc+0xc4/0xe0 [ 375.024949] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 375.030487] alloc_pages_current+0x10c/0x210 [ 375.034883] __get_free_pages+0xc/0x40 [ 375.038764] mmu_topup_memory_caches+0x1f8/0x3a0 [ 375.043506] kvm_mmu_load+0x21/0x10e0 [ 375.047648] ? rcu_note_context_switch+0x730/0x730 [ 375.052559] ? filemap_map_pages+0xca2/0x1990 [ 375.057045] vcpu_enter_guest+0x3aa6/0x6090 [ 375.061353] ? kasan_check_write+0x14/0x20 [ 375.065578] ? __mutex_lock+0x6c4/0x1680 [ 375.069624] ? kvm_set_msr_common+0x26a0/0x26a0 [ 375.074276] ? lock_acquire+0x1e4/0x540 [ 375.078233] ? vmx_vcpu_load+0xadf/0xff0 [ 375.082280] ? trace_hardirqs_on+0x10/0x10 [ 375.086499] ? vmx_vcpu_reset+0x1040/0x1040 [ 375.090802] ? find_get_entries_tag+0x1410/0x1410 [ 375.095633] ? lock_acquire+0x1e4/0x540 [ 375.099591] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 375.104592] ? lock_release+0xa30/0xa30 [ 375.108547] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 375.113806] ? kvm_arch_dev_ioctl+0x610/0x610 [ 375.118282] ? preempt_notifier_dec+0x20/0x20 [ 375.122762] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 375.127598] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 375.132601] kvm_vcpu_ioctl+0x7b8/0x1300 [ 375.136649] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 375.142348] ? lock_acquire+0x1e4/0x540 [ 375.146306] ? __fget+0x4ac/0x740 [ 375.149742] ? lock_downgrade+0x8f0/0x8f0 [ 375.153874] ? lock_release+0xa30/0xa30 [ 375.157831] ? pid_task+0x115/0x200 [ 375.161441] ? find_vpid+0xf0/0xf0 [ 375.164976] ? __f_unlock_pos+0x19/0x20 [ 375.169025] ? __fget+0x4d5/0x740 [ 375.172462] ? ksys_dup3+0x690/0x690 [ 375.176161] ? kasan_check_write+0x14/0x20 [ 375.180380] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 375.185294] ? fsnotify+0xbac/0x14e0 [ 375.188993] ? vfs_write+0x2f3/0x560 [ 375.192694] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 375.198387] do_vfs_ioctl+0x1de/0x1720 [ 375.202257] ? fsnotify_first_mark+0x350/0x350 [ 375.206820] ? __fsnotify_parent+0xcc/0x420 [ 375.211123] ? ioctl_preallocate+0x300/0x300 [ 375.215515] ? __fget_light+0x2f7/0x440 [ 375.219474] ? fget_raw+0x20/0x20 [ 375.222917] ? __sb_end_write+0xac/0xe0 [ 375.226878] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 375.232399] ? fput+0x130/0x1a0 [ 375.235663] ? ksys_write+0x1ae/0x260 [ 375.239448] ? security_file_ioctl+0x94/0xc0 [ 375.243839] ksys_ioctl+0xa9/0xd0 [ 375.247275] __x64_sys_ioctl+0x73/0xb0 [ 375.251158] do_syscall_64+0x1b9/0x820 [ 375.255031] ? finish_task_switch+0x1d3/0x870 [ 375.259511] ? syscall_return_slowpath+0x5e0/0x5e0 [ 375.264435] ? syscall_return_slowpath+0x31d/0x5e0 [ 375.269355] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 375.274379] ? prepare_exit_to_usermode+0x291/0x3b0 [ 375.279378] ? perf_trace_sys_enter+0xb10/0xb10 [ 375.284035] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 375.288864] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 375.294034] RIP: 0033:0x455ba9 [ 375.297202] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:08:39 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000300000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:39 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x5, 0x0, 0x20}, [{}]}, 0x58) [ 375.316370] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 375.324060] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 375.331312] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 375.338565] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 375.345818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 375.353069] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000042 07:08:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfe80]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x200000000000000}, [{}]}, 0x58) 07:08:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = gettid() getpriority(0x3, r1) r2 = syz_open_dev$dspn(&(0x7f0000000080)='/dev/dsp#\x00', 0x9, 0x280) getsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f00000000c0), &(0x7f0000000100)=0x4) r3 = getpgrp(r1) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)={0xff}) 07:08:39 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000048000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:39 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1400000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:39 executing program 3 (fault-call:8 fault-nth:67): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 375.444809] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 375.479528] REISERFS (device loop5): using ordered data mode [ 375.485479] reiserfs: using flush barriers 07:08:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x400000000000000}, [{}]}, 0x58) 07:08:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) fchmod(r0, 0x100) [ 375.533093] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:39 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000068000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 375.590852] FAULT_INJECTION: forcing a failure. [ 375.590852] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 375.602755] CPU: 1 PID: 25521 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 375.611166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 375.620519] Call Trace: [ 375.623123] dump_stack+0x1c9/0x2b4 [ 375.626755] ? dump_stack_print_info.cold.2+0x52/0x52 [ 375.631936] should_fail.cold.4+0xa/0x11 [ 375.635984] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 375.641098] ? percpu_ref_tryget_live+0x15b/0x440 [ 375.645927] ? mem_cgroup_id_get_many+0x160/0x160 [ 375.650763] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 375.655603] ? lock_acquire+0x1e4/0x540 [ 375.659561] ? percpu_ref_put_many+0x119/0x240 [ 375.664126] ? lock_downgrade+0x8f0/0x8f0 [ 375.668257] ? lock_release+0xa30/0xa30 [ 375.672216] ? __kernel_text_address+0xd/0x40 [ 375.676696] ? lock_acquire+0x1e4/0x540 [ 375.680652] ? fs_reclaim_acquire+0x20/0x20 [ 375.684956] ? lock_downgrade+0x8f0/0x8f0 [ 375.689092] ? check_same_owner+0x340/0x340 [ 375.693399] ? save_stack+0x43/0xd0 [ 375.697016] ? kasan_kmalloc+0xc4/0xe0 [ 375.700895] ? rcu_note_context_switch+0x730/0x730 [ 375.705816] __alloc_pages_nodemask+0x36e/0xdb0 [ 375.710474] ? lock_downgrade+0x8f0/0x8f0 [ 375.714609] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 375.719612] ? mem_cgroup_handle_over_high+0x130/0x130 [ 375.724873] ? fs_reclaim_acquire+0x20/0x20 [ 375.729180] ? percpu_ref_put_many+0x131/0x240 [ 375.733747] ? mem_cgroup_id_get_online+0x310/0x310 [ 375.738752] ? kasan_unpoison_shadow+0x35/0x50 [ 375.743323] ? kasan_kmalloc+0xc4/0xe0 [ 375.747198] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 375.752722] alloc_pages_current+0x10c/0x210 [ 375.757115] __get_free_pages+0xc/0x40 [ 375.760991] mmu_topup_memory_caches+0x1f8/0x3a0 [ 375.765736] kvm_mmu_load+0x21/0x10e0 [ 375.769521] ? rcu_note_context_switch+0x730/0x730 [ 375.774433] ? filemap_map_pages+0xca2/0x1990 [ 375.778915] vcpu_enter_guest+0x3aa6/0x6090 [ 375.783222] ? kasan_check_write+0x14/0x20 [ 375.787441] ? __mutex_lock+0x6c4/0x1680 [ 375.791491] ? kvm_set_msr_common+0x26a0/0x26a0 [ 375.796143] ? lock_acquire+0x1e4/0x540 [ 375.800104] ? vmx_vcpu_load+0xadf/0xff0 [ 375.804159] ? trace_hardirqs_on+0x10/0x10 [ 375.808377] ? vmx_vcpu_reset+0x1040/0x1040 [ 375.812681] ? find_get_entries_tag+0x1410/0x1410 [ 375.817512] ? lock_acquire+0x1e4/0x540 [ 375.821470] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 375.826475] ? lock_release+0xa30/0xa30 [ 375.830434] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 375.835692] ? kvm_arch_dev_ioctl+0x610/0x610 [ 375.840181] ? preempt_notifier_dec+0x20/0x20 [ 375.844661] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 375.849485] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 375.854499] kvm_vcpu_ioctl+0x7b8/0x1300 [ 375.858545] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 375.864243] ? lock_acquire+0x1e4/0x540 [ 375.868198] ? __fget+0x4ac/0x740 [ 375.871634] ? lock_downgrade+0x8f0/0x8f0 [ 375.875765] ? lock_release+0xa30/0xa30 [ 375.879720] ? pid_task+0x115/0x200 [ 375.883330] ? find_vpid+0xf0/0xf0 [ 375.886860] ? __f_unlock_pos+0x19/0x20 [ 375.890817] ? __fget+0x4d5/0x740 [ 375.894264] ? ksys_dup3+0x690/0x690 [ 375.897963] ? kasan_check_write+0x14/0x20 [ 375.902193] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 375.907714] ? perf_trace_sys_exit+0x3f7/0x650 [ 375.912277] ? vfs_write+0x2f3/0x560 [ 375.915975] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 375.921679] do_vfs_ioctl+0x1de/0x1720 [ 375.925562] ? fsnotify_first_mark+0x350/0x350 [ 375.930128] ? __fsnotify_parent+0xcc/0x420 [ 375.934432] ? ioctl_preallocate+0x300/0x300 [ 375.938821] ? __fget_light+0x2f7/0x440 [ 375.942870] ? fget_raw+0x20/0x20 [ 375.946309] ? __sb_end_write+0xac/0xe0 [ 375.950267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 375.955786] ? syscall_slow_exit_work+0x111/0x500 [ 375.960614] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 375.965266] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 375.970701] ? security_file_ioctl+0x94/0xc0 [ 375.975090] ksys_ioctl+0xa9/0xd0 [ 375.978527] __x64_sys_ioctl+0x73/0xb0 [ 375.982401] do_syscall_64+0x1b9/0x820 [ 375.986271] ? finish_task_switch+0x1d3/0x870 [ 375.990748] ? syscall_return_slowpath+0x5e0/0x5e0 [ 375.995660] ? syscall_return_slowpath+0x31d/0x5e0 [ 376.000572] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 376.005571] ? prepare_exit_to_usermode+0x291/0x3b0 [ 376.010572] ? perf_trace_sys_enter+0xb10/0xb10 [ 376.015224] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.020054] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.025226] RIP: 0033:0x455ba9 [ 376.028405] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 376.047581] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.055280] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 376.062530] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 376.069779] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 376.077032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 376.084286] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000043 [ 376.093581] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:39 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:39 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0) fchdir(r1) mkdir(&(0x7f0000001340)='./file0\x00', 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) read(r3, &(0x7f0000000240)=""/109, 0x6d) unlinkat(r1, &(0x7f00000007c0)='./file0\x00', 0x200) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:39 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000004c000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:39 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1100000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x300}, [{}]}, 0x58) 07:08:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf4010000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:39 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x5000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:39 executing program 3 (fault-call:8 fault-nth:68): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x11}, [{}]}, 0x58) 07:08:39 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000400000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb80b0000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:39 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x0, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 376.254742] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1f00000000000000}, [{}]}, 0x58) 07:08:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3, 0x0) write$vnet(r1, &(0x7f00000002c0)={0x1, {&(0x7f00000001c0)=""/143, 0x8f, &(0x7f00000000c0)=""/8, 0x3}}, 0x68) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000100)=0x6) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) [ 376.316897] REISERFS (device loop5): using ordered data mode [ 376.322807] reiserfs: using flush barriers [ 376.369912] FAULT_INJECTION: forcing a failure. [ 376.369912] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 376.373795] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 376.381781] CPU: 1 PID: 25587 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 376.381796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.408351] Call Trace: [ 376.410954] dump_stack+0x1c9/0x2b4 [ 376.414580] ? dump_stack_print_info.cold.2+0x52/0x52 [ 376.419756] should_fail.cold.4+0xa/0x11 [ 376.423805] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 376.428891] ? percpu_ref_tryget_live+0x15b/0x440 [ 376.433718] ? mem_cgroup_id_get_many+0x160/0x160 [ 376.438543] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 376.443371] ? lock_acquire+0x1e4/0x540 [ 376.447329] ? percpu_ref_put_many+0x119/0x240 [ 376.451910] ? lock_downgrade+0x8f0/0x8f0 [ 376.456053] ? lock_release+0xa30/0xa30 [ 376.460015] ? __kernel_text_address+0xd/0x40 [ 376.464498] ? lock_acquire+0x1e4/0x540 [ 376.468456] ? fs_reclaim_acquire+0x20/0x20 [ 376.472761] ? lock_downgrade+0x8f0/0x8f0 [ 376.476893] ? check_same_owner+0x340/0x340 [ 376.481198] ? save_stack+0x43/0xd0 [ 376.484809] ? kasan_kmalloc+0xc4/0xe0 [ 376.488680] ? rcu_note_context_switch+0x730/0x730 [ 376.493598] __alloc_pages_nodemask+0x36e/0xdb0 [ 376.498251] ? lock_downgrade+0x8f0/0x8f0 [ 376.502384] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 376.507383] ? mem_cgroup_handle_over_high+0x130/0x130 [ 376.512643] ? fs_reclaim_acquire+0x20/0x20 [ 376.516946] ? lock_downgrade+0x8f0/0x8f0 [ 376.521078] ? percpu_ref_put_many+0x131/0x240 [ 376.525641] ? mem_cgroup_id_get_online+0x310/0x310 [ 376.530646] ? kasan_unpoison_shadow+0x35/0x50 [ 376.535229] ? kasan_kmalloc+0xc4/0xe0 [ 376.539101] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 376.544620] alloc_pages_current+0x10c/0x210 [ 376.549016] __get_free_pages+0xc/0x40 [ 376.552901] mmu_topup_memory_caches+0x1f8/0x3a0 [ 376.557651] kvm_mmu_load+0x21/0x10e0 [ 376.561433] ? rcu_note_context_switch+0x730/0x730 [ 376.566349] ? filemap_map_pages+0xca2/0x1990 [ 376.570833] vcpu_enter_guest+0x3aa6/0x6090 [ 376.575149] ? kasan_check_write+0x14/0x20 [ 376.579368] ? __mutex_lock+0x6c4/0x1680 [ 376.583415] ? kvm_set_msr_common+0x26a0/0x26a0 [ 376.588069] ? lock_acquire+0x1e4/0x540 [ 376.592030] ? vmx_vcpu_load+0xadf/0xff0 [ 376.596082] ? trace_hardirqs_on+0x10/0x10 [ 376.600300] ? vmx_vcpu_reset+0x1040/0x1040 [ 376.604619] ? find_get_entries_tag+0x1410/0x1410 [ 376.609453] ? lock_acquire+0x1e4/0x540 [ 376.613409] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 376.618407] ? lock_release+0xa30/0xa30 [ 376.622365] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 376.627626] ? kvm_arch_dev_ioctl+0x610/0x610 [ 376.632127] ? preempt_notifier_dec+0x20/0x20 [ 376.636609] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 376.641433] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 376.646437] kvm_vcpu_ioctl+0x7b8/0x1300 [ 376.650488] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 376.656194] ? lock_acquire+0x1e4/0x540 [ 376.660149] ? __fget+0x4ac/0x740 [ 376.663584] ? lock_downgrade+0x8f0/0x8f0 [ 376.667716] ? lock_release+0xa30/0xa30 [ 376.672247] ? pid_task+0x115/0x200 [ 376.675858] ? find_vpid+0xf0/0xf0 [ 376.679385] ? __f_unlock_pos+0x19/0x20 [ 376.683342] ? __fget+0x4d5/0x740 [ 376.686782] ? ksys_dup3+0x690/0x690 [ 376.690482] ? kasan_check_write+0x14/0x20 [ 376.694698] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 376.699607] ? fsnotify+0xbac/0x14e0 [ 376.703302] ? vfs_write+0x2f3/0x560 [ 376.707001] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 376.712698] do_vfs_ioctl+0x1de/0x1720 [ 376.716568] ? fsnotify_first_mark+0x350/0x350 [ 376.721131] ? __fsnotify_parent+0xcc/0x420 [ 376.725434] ? ioctl_preallocate+0x300/0x300 [ 376.729825] ? __fget_light+0x2f7/0x440 [ 376.733784] ? fget_raw+0x20/0x20 [ 376.737221] ? __sb_end_write+0xac/0xe0 [ 376.741181] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 376.746697] ? fput+0x130/0x1a0 [ 376.749960] ? ksys_write+0x1ae/0x260 [ 376.753744] ? security_file_ioctl+0x94/0xc0 [ 376.758145] ksys_ioctl+0xa9/0xd0 [ 376.761592] __x64_sys_ioctl+0x73/0xb0 [ 376.765465] do_syscall_64+0x1b9/0x820 [ 376.769334] ? finish_task_switch+0x1d3/0x870 [ 376.773813] ? syscall_return_slowpath+0x5e0/0x5e0 [ 376.778726] ? syscall_return_slowpath+0x31d/0x5e0 [ 376.783636] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 376.788636] ? prepare_exit_to_usermode+0x291/0x3b0 [ 376.793647] ? perf_trace_sys_enter+0xb10/0xb10 [ 376.798298] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.803127] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 376.808298] RIP: 0033:0x455ba9 [ 376.811465] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 376.830624] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 376.838318] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 376.845569] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 376.852817] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 376.860068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 07:08:40 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 376.867335] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000044 [ 376.876313] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:40 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:40 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000001163000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x4, 0x0, 0x20}, [{}]}, 0x58) 07:08:40 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x0, &(0x7f0000c91000)=ANY=[], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x5000000}, [{}]}, 0x58) 07:08:40 executing program 3 (fault-call:8 fault-nth:69): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:40 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:40 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) [ 376.995618] nla_parse: 5 callbacks suppressed [ 376.995625] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:40 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb80b000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x500}, [{}]}, 0x58) 07:08:40 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x0, &(0x7f0000c91000)=ANY=[@ANYBLOB], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1600000000000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:40 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000007e01000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:40 executing program 0: r0 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x0, 0x20100) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000ffb000/0x4000)=nil, 0x4000}, &(0x7f0000000200)=0x10) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f00000000c0)={0x1, 0x3, 0xfffffffffffff800, 0x1000}, 0x10) r3 = getpgrp(0x0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1200}, [{}]}, 0x58) 07:08:40 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x1, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) [ 377.142702] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 377.159861] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 377.168687] REISERFS (device loop5): using ordered data mode [ 377.174619] reiserfs: using flush barriers [ 377.223821] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 377.236681] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 377.271578] FAULT_INJECTION: forcing a failure. [ 377.271578] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 377.283560] CPU: 0 PID: 25653 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 377.291961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.301316] Call Trace: [ 377.303913] dump_stack+0x1c9/0x2b4 [ 377.307555] ? dump_stack_print_info.cold.2+0x52/0x52 [ 377.312761] should_fail.cold.4+0xa/0x11 [ 377.316835] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 377.317874] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 377.321948] ? percpu_ref_tryget_live+0x15b/0x440 [ 377.321977] ? mem_cgroup_id_get_many+0x160/0x160 [ 377.340064] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 377.340086] ? lock_acquire+0x1e4/0x540 [ 377.340099] ? percpu_ref_put_many+0x119/0x240 [ 377.340113] ? lock_downgrade+0x8f0/0x8f0 [ 377.340128] ? lock_release+0xa30/0xa30 [ 377.340141] ? __kernel_text_address+0xd/0x40 [ 377.340157] ? lock_acquire+0x1e4/0x540 07:08:40 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x3f00, 0x0, 0x20}, [{}]}, 0x58) 07:08:40 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:40 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000002800000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1f00}, [{}]}, 0x58) [ 377.340169] ? fs_reclaim_acquire+0x20/0x20 [ 377.340181] ? lock_downgrade+0x8f0/0x8f0 [ 377.340196] ? check_same_owner+0x340/0x340 [ 377.340209] ? save_stack+0x43/0xd0 [ 377.340226] ? kasan_kmalloc+0xc4/0xe0 [ 377.340243] ? rcu_note_context_switch+0x730/0x730 [ 377.340263] __alloc_pages_nodemask+0x36e/0xdb0 [ 377.340279] ? lock_downgrade+0x8f0/0x8f0 [ 377.340299] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 377.340316] ? mem_cgroup_handle_over_high+0x130/0x130 [ 377.340328] ? fs_reclaim_acquire+0x20/0x20 [ 377.340343] ? percpu_ref_put_many+0x131/0x240 [ 377.340355] ? mem_cgroup_id_get_online+0x310/0x310 [ 377.340368] ? kasan_unpoison_shadow+0x35/0x50 [ 377.340382] ? kasan_kmalloc+0xc4/0xe0 [ 377.340400] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 377.340413] alloc_pages_current+0x10c/0x210 [ 377.340426] __get_free_pages+0xc/0x40 [ 377.340438] mmu_topup_memory_caches+0x1f8/0x3a0 [ 377.340455] kvm_mmu_load+0x21/0x10e0 [ 377.454484] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 377.455312] ? rcu_note_context_switch+0x730/0x730 [ 377.455329] ? filemap_map_pages+0xca2/0x1990 [ 377.455345] vcpu_enter_guest+0x3aa6/0x6090 [ 377.455364] ? kasan_check_write+0x14/0x20 [ 377.459260] REISERFS (device loop5): using ordered data mode [ 377.467532] ? __mutex_lock+0x6c4/0x1680 [ 377.467553] ? kvm_set_msr_common+0x26a0/0x26a0 [ 377.467567] ? lock_acquire+0x1e4/0x540 [ 377.467585] ? vmx_vcpu_load+0xadf/0xff0 [ 377.472495] reiserfs: using flush barriers [ 377.476967] ? trace_hardirqs_on+0x10/0x10 [ 377.476984] ? vmx_vcpu_reset+0x1040/0x1040 [ 377.483478] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 377.485498] ? find_get_entries_tag+0x1410/0x1410 [ 377.485522] ? lock_acquire+0x1e4/0x540 [ 377.485538] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 377.543245] ? lock_release+0xa30/0xa30 [ 377.543255] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 377.543267] ? kvm_arch_dev_ioctl+0x610/0x610 [ 377.543277] ? preempt_notifier_dec+0x20/0x20 [ 377.543291] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 377.543301] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 377.543315] kvm_vcpu_ioctl+0x7b8/0x1300 [ 377.543327] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 377.543341] ? lock_acquire+0x1e4/0x540 [ 377.543351] ? __fget+0x4ac/0x740 [ 377.543361] ? lock_downgrade+0x8f0/0x8f0 [ 377.543372] ? lock_release+0xa30/0xa30 [ 377.543382] ? pid_task+0x115/0x200 [ 377.543392] ? find_vpid+0xf0/0xf0 [ 377.543402] ? __f_unlock_pos+0x19/0x20 [ 377.543412] ? __fget+0x4d5/0x740 [ 377.543423] ? ksys_dup3+0x690/0x690 [ 377.543437] ? kasan_check_write+0x14/0x20 [ 377.543449] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 377.543457] ? fsnotify+0xbac/0x14e0 [ 377.543466] ? vfs_write+0x2f3/0x560 [ 377.543478] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 377.543487] do_vfs_ioctl+0x1de/0x1720 [ 377.543496] ? fsnotify_first_mark+0x350/0x350 [ 377.543504] ? __fsnotify_parent+0xcc/0x420 [ 377.543514] ? ioctl_preallocate+0x300/0x300 [ 377.543522] ? __fget_light+0x2f7/0x440 [ 377.543531] ? fget_raw+0x20/0x20 [ 377.543541] ? __sb_end_write+0xac/0xe0 [ 377.543555] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.543563] ? fput+0x130/0x1a0 [ 377.543573] ? ksys_write+0x1ae/0x260 [ 377.543585] ? security_file_ioctl+0x94/0xc0 [ 377.543594] ksys_ioctl+0xa9/0xd0 [ 377.543604] __x64_sys_ioctl+0x73/0xb0 [ 377.543616] do_syscall_64+0x1b9/0x820 [ 377.543625] ? syscall_slow_exit_work+0x500/0x500 [ 377.543636] ? syscall_return_slowpath+0x5e0/0x5e0 [ 377.543647] ? syscall_return_slowpath+0x31d/0x5e0 [ 377.543658] ? prepare_exit_to_usermode+0x291/0x3b0 [ 377.543668] ? perf_trace_sys_enter+0xb10/0xb10 [ 377.543679] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.543690] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 377.543698] RIP: 0033:0x455ba9 [ 377.543701] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 377.543860] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 377.543870] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 07:08:41 executing program 3 (fault-call:8 fault-nth:70): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffff1f00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:41 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = dup3(r0, r0, 0x80000) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f00000000c0)=ANY=[@ANYBLOB="0900006faef0800005004f0000000000cc07000081000000fffbffff"]) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x5}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x1000000000) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:41 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x2, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000007400000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:41 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1f00, 0x0, 0x20}, [{}]}, 0x58) 07:08:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x16000000}, [{}]}, 0x58) [ 377.543876] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 377.543882] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 377.543887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 377.543893] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000045 [ 377.545598] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:41 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) [ 377.828854] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000500000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:41 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x14000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:41 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x2, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:41 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x0, 0x0) mkdirat(r2, &(0x7f00000000c0)='./file0\x00', 0x2) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x3000000}, [{}]}, 0x58) [ 377.958961] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 377.959748] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 377.983181] FAULT_INJECTION: forcing a failure. [ 377.983181] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 377.995132] CPU: 0 PID: 25723 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 378.003566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.003577] Call Trace: [ 378.015517] dump_stack+0x1c9/0x2b4 [ 378.019195] ? dump_stack_print_info.cold.2+0x52/0x52 [ 378.024399] should_fail.cold.4+0xa/0x11 [ 378.028490] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 378.033604] ? percpu_ref_tryget_live+0x15b/0x440 [ 378.038450] ? mem_cgroup_id_get_many+0x160/0x160 [ 378.043293] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 378.048132] ? lock_acquire+0x1e4/0x540 [ 378.052099] ? percpu_ref_put_many+0x119/0x240 [ 378.056671] ? lock_downgrade+0x8f0/0x8f0 [ 378.060809] ? lock_release+0xa30/0xa30 [ 378.064768] ? __kernel_text_address+0xd/0x40 [ 378.069250] ? lock_acquire+0x1e4/0x540 [ 378.073223] ? fs_reclaim_acquire+0x20/0x20 [ 378.077528] ? lock_downgrade+0x8f0/0x8f0 [ 378.081664] ? check_same_owner+0x340/0x340 [ 378.085972] ? save_stack+0x43/0xd0 [ 378.089593] ? kasan_kmalloc+0xc4/0xe0 [ 378.093463] ? rcu_note_context_switch+0x730/0x730 [ 378.098389] __alloc_pages_nodemask+0x36e/0xdb0 [ 378.103042] ? lock_downgrade+0x8f0/0x8f0 [ 378.107177] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 378.112177] ? mem_cgroup_handle_over_high+0x130/0x130 [ 378.117434] ? fs_reclaim_acquire+0x20/0x20 [ 378.121739] ? percpu_ref_put_many+0x131/0x240 [ 378.126307] ? mem_cgroup_id_get_online+0x310/0x310 [ 378.131305] ? kasan_unpoison_shadow+0x35/0x50 [ 378.135870] ? kasan_kmalloc+0xc4/0xe0 [ 378.139742] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 378.145262] alloc_pages_current+0x10c/0x210 [ 378.149653] __get_free_pages+0xc/0x40 [ 378.153524] mmu_topup_memory_caches+0x1f8/0x3a0 [ 378.158268] kvm_mmu_load+0x21/0x10e0 [ 378.162053] ? rcu_note_context_switch+0x730/0x730 [ 378.166975] ? filemap_map_pages+0xca2/0x1990 [ 378.171457] vcpu_enter_guest+0x3aa6/0x6090 [ 378.175765] ? kasan_check_write+0x14/0x20 [ 378.179984] ? __mutex_lock+0x6c4/0x1680 [ 378.184032] ? kvm_set_msr_common+0x26a0/0x26a0 [ 378.188685] ? lock_acquire+0x1e4/0x540 [ 378.192642] ? vmx_vcpu_load+0xadf/0xff0 [ 378.196686] ? trace_hardirqs_on+0x10/0x10 [ 378.200903] ? vmx_vcpu_reset+0x1040/0x1040 [ 378.205207] ? find_get_entries_tag+0x1410/0x1410 [ 378.210042] ? lock_acquire+0x1e4/0x540 [ 378.213999] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 378.219015] ? lock_release+0xa30/0xa30 [ 378.222970] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 378.228231] ? kvm_arch_dev_ioctl+0x610/0x610 [ 378.232706] ? preempt_notifier_dec+0x20/0x20 [ 378.237186] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 378.242025] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 378.247030] kvm_vcpu_ioctl+0x7b8/0x1300 [ 378.251076] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 378.256783] ? lock_acquire+0x1e4/0x540 [ 378.260739] ? __fget+0x4ac/0x740 [ 378.264185] ? lock_downgrade+0x8f0/0x8f0 [ 378.268330] ? lock_release+0xa30/0xa30 [ 378.272298] ? pid_task+0x115/0x200 [ 378.275912] ? find_vpid+0xf0/0xf0 [ 378.279436] ? __f_unlock_pos+0x19/0x20 [ 378.283394] ? __fget+0x4d5/0x740 [ 378.286829] ? ksys_dup3+0x690/0x690 [ 378.290527] ? kasan_check_write+0x14/0x20 [ 378.294746] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 378.299668] ? fsnotify+0xbac/0x14e0 [ 378.303364] ? vfs_write+0x2f3/0x560 [ 378.307062] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 378.312754] do_vfs_ioctl+0x1de/0x1720 [ 378.316623] ? fsnotify_first_mark+0x350/0x350 [ 378.321188] ? __fsnotify_parent+0xcc/0x420 [ 378.325492] ? ioctl_preallocate+0x300/0x300 [ 378.329892] ? __fget_light+0x2f7/0x440 [ 378.333849] ? fget_raw+0x20/0x20 [ 378.337286] ? __sb_end_write+0xac/0xe0 [ 378.341256] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 378.346775] ? fput+0x130/0x1a0 [ 378.350055] ? ksys_write+0x1ae/0x260 [ 378.353849] ? security_file_ioctl+0x94/0xc0 [ 378.358239] ksys_ioctl+0xa9/0xd0 [ 378.361677] __x64_sys_ioctl+0x73/0xb0 [ 378.365548] do_syscall_64+0x1b9/0x820 [ 378.369416] ? finish_task_switch+0x1d3/0x870 [ 378.373892] ? syscall_return_slowpath+0x5e0/0x5e0 [ 378.378803] ? syscall_return_slowpath+0x31d/0x5e0 [ 378.383717] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 378.388717] ? prepare_exit_to_usermode+0x291/0x3b0 [ 378.393716] ? perf_trace_sys_enter+0xb10/0xb10 [ 378.398367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.403205] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 378.408394] RIP: 0033:0x455ba9 [ 378.411560] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 378.430726] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 378.438416] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 378.445676] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 378.452938] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfec0]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:42 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x3f00000000000000, 0x0, 0x20}, [{}]}, 0x58) [ 378.460189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 378.467440] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000046 [ 378.536846] REISERFS (device loop5): using ordered data mode [ 378.542786] reiserfs: using flush barriers [ 378.567713] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:42 executing program 3 (fault-call:8 fault-nth:71): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x2, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f000000270000000000220095000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:42 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000600000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:42 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1500}, [{}]}, 0x58) 07:08:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x600]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:42 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x500000000000000, 0x0, 0x20}, [{}]}, 0x58) [ 378.587808] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:42 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000400)="025cc83d6d345f8f762070a6e7ea090da12fc2420d5e88c09f41d7c99be65fb8613c047c1653aeed75e8e25ef2fc46ed611a42f98ad4005539a9bc4205303a1953d9f0c67d94342ffcb267feb877869c06adb637b610e5190871e1187550") r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x80000, 0x0) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000480)={0x8, {0x2, 0x4e22, @multicast2=0xe0000002}, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e22, @rand_addr=0xf6c}, 0x8, 0x1, 0xce8, 0x0, 0xd6e, &(0x7f0000000380)='syzkaller1\x00', 0xea, 0x5, 0x3ff}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) r3 = accept(r0, &(0x7f0000000080)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000100)=0x80) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x56}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000002c0)={r4, @in6={{0xa, 0x4e21, 0x1, @local={0xfe, 0x80, [], 0xaa}, 0xffffffffffffff81}}, 0xffffffff, 0xfffffffffffffffc, 0x3, 0x3f, 0x41}, &(0x7f0000000240)=0x98) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) [ 378.630303] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x0, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, r1) 07:08:42 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xc0fe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:42 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x14000000}, [{}]}, 0x58) 07:08:42 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000200000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:42 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1f000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(0xffffffffffffffff, r1) 07:08:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:42 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) prctl$seccomp(0x16, 0x2, &(0x7f00000000c0)={0x3, &(0x7f0000000080)=[{0x1, 0x0, 0x7, 0x5}, {0x8, 0xfffffffffffffffe, 0x4686, 0x8}, {0xffffffffffffff68, 0x1f, 0x3, 0x1}]}) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) semget$private(0x0, 0x2, 0x2) [ 378.788320] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 378.790136] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 378.842495] REISERFS (device loop5): using ordered data mode [ 378.848425] reiserfs: using flush barriers [ 378.890200] FAULT_INJECTION: forcing a failure. [ 378.890200] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 378.902080] CPU: 1 PID: 25821 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 378.910489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.919843] Call Trace: [ 378.922443] dump_stack+0x1c9/0x2b4 [ 378.925049] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 378.926079] ? dump_stack_print_info.cold.2+0x52/0x52 [ 378.926106] should_fail.cold.4+0xa/0x11 [ 378.944166] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 378.949255] ? percpu_ref_tryget_live+0x15b/0x440 [ 378.954111] ? mem_cgroup_id_get_many+0x160/0x160 [ 378.958945] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 378.963775] ? lock_acquire+0x1e4/0x540 [ 378.967733] ? percpu_ref_put_many+0x119/0x240 [ 378.972310] ? lock_downgrade+0x8f0/0x8f0 [ 378.976444] ? lock_release+0xa30/0xa30 [ 378.980406] ? __kernel_text_address+0xd/0x40 [ 378.984888] ? lock_acquire+0x1e4/0x540 [ 378.988846] ? fs_reclaim_acquire+0x20/0x20 [ 378.993151] ? lock_downgrade+0x8f0/0x8f0 [ 378.997282] ? check_same_owner+0x340/0x340 [ 379.001590] ? save_stack+0x43/0xd0 [ 379.005199] ? kasan_kmalloc+0xc4/0xe0 [ 379.009070] ? rcu_note_context_switch+0x730/0x730 [ 379.014001] __alloc_pages_nodemask+0x36e/0xdb0 [ 379.018668] ? lock_downgrade+0x8f0/0x8f0 [ 379.022810] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 379.027812] ? mem_cgroup_handle_over_high+0x130/0x130 [ 379.033070] ? fs_reclaim_acquire+0x20/0x20 [ 379.037376] ? percpu_ref_put_many+0x131/0x240 [ 379.041941] ? mem_cgroup_id_get_online+0x310/0x310 [ 379.046940] ? kasan_unpoison_shadow+0x35/0x50 [ 379.051505] ? kasan_kmalloc+0xc4/0xe0 [ 379.055388] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 379.061090] alloc_pages_current+0x10c/0x210 [ 379.065484] __get_free_pages+0xc/0x40 [ 379.069355] mmu_topup_memory_caches+0x1f8/0x3a0 [ 379.074099] kvm_mmu_load+0x21/0x10e0 [ 379.077882] ? rcu_note_context_switch+0x730/0x730 [ 379.082808] ? filemap_map_pages+0xca2/0x1990 [ 379.087289] vcpu_enter_guest+0x3aa6/0x6090 [ 379.091596] ? kasan_check_write+0x14/0x20 [ 379.095817] ? __mutex_lock+0x6c4/0x1680 [ 379.099862] ? kvm_set_msr_common+0x26a0/0x26a0 [ 379.104513] ? lock_acquire+0x1e4/0x540 [ 379.108472] ? vmx_vcpu_load+0xadf/0xff0 [ 379.112516] ? trace_hardirqs_on+0x10/0x10 [ 379.116745] ? vmx_vcpu_reset+0x1040/0x1040 [ 379.121051] ? find_get_entries_tag+0x1410/0x1410 [ 379.125884] ? lock_acquire+0x1e4/0x540 [ 379.129841] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 379.135286] ? lock_release+0xa30/0xa30 [ 379.139244] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 379.144503] ? kvm_arch_dev_ioctl+0x610/0x610 [ 379.148989] ? preempt_notifier_dec+0x20/0x20 [ 379.153472] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 379.158298] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 379.163302] kvm_vcpu_ioctl+0x7b8/0x1300 [ 379.167349] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 379.173049] ? lock_acquire+0x1e4/0x540 [ 379.177005] ? __fget+0x4ac/0x740 [ 379.180450] ? lock_downgrade+0x8f0/0x8f0 [ 379.184584] ? lock_release+0xa30/0xa30 [ 379.188540] ? pid_task+0x115/0x200 [ 379.192164] ? find_vpid+0xf0/0xf0 [ 379.195776] ? __f_unlock_pos+0x19/0x20 [ 379.199744] ? __fget+0x4d5/0x740 [ 379.203181] ? ksys_dup3+0x690/0x690 [ 379.206890] ? kasan_check_write+0x14/0x20 [ 379.211109] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.216718] ? perf_trace_sys_exit+0x3f7/0x650 [ 379.221281] ? vfs_write+0x2f3/0x560 [ 379.225002] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 379.230703] do_vfs_ioctl+0x1de/0x1720 [ 379.234687] ? fsnotify_first_mark+0x350/0x350 [ 379.239252] ? __fsnotify_parent+0xcc/0x420 [ 379.243562] ? ioctl_preallocate+0x300/0x300 [ 379.247953] ? __fget_light+0x2f7/0x440 [ 379.251911] ? fget_raw+0x20/0x20 [ 379.255349] ? __sb_end_write+0xac/0xe0 [ 379.259310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.264829] ? syscall_slow_exit_work+0x111/0x500 [ 379.269654] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 379.274307] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 379.279744] ? security_file_ioctl+0x94/0xc0 [ 379.284136] ksys_ioctl+0xa9/0xd0 [ 379.287582] __x64_sys_ioctl+0x73/0xb0 [ 379.291455] do_syscall_64+0x1b9/0x820 [ 379.295327] ? finish_task_switch+0x1d3/0x870 [ 379.299804] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.304739] ? syscall_return_slowpath+0x31d/0x5e0 [ 379.309662] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.314663] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.319674] ? perf_trace_sys_enter+0xb10/0xb10 [ 379.324451] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.329281] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 379.334598] RIP: 0033:0x455ba9 [ 379.337764] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.357082] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 379.364780] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 379.372034] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 379.379288] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 07:08:43 executing program 3 (fault-call:8 fault-nth:72): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2}, [{}]}, 0x58) 07:08:43 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x11000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:43 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xf, 0x4, 0x4, 0x9}, 0x11) r2 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xe, 0x3, &(0x7f0000c91000)=ANY=[@ANYBLOB="850000002f00000027000000000022009500000000000000"], &(0x7f0000000000)="f4206cd55d3174fccd51d063ca3dda5cbf5a01cc7ea92c43b604ffc53727d2d60f55ddeb757cf36a8457125ab48bcbcce4011a423df186cc8d8e6e9a66b1a0a6035a2fc0578cf5aad8b3a24a9c646a37eb26c6212ffc9658f152194b880765d169d550beb059984a10c2", 0x1, 0x99, &(0x7f000000d000)=""/153}, 0x48) dup2(r2, 0xffffffffffffffff) 07:08:43 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000006c00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f00000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xd, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0xfffffffffffffffe, 0x0, 0x9c1a, 0xfffffffffffffffe, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x3) mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000001) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0xfd, 0x400000) r2 = creat(&(0x7f0000000080)='./file0\x00', 0x20) ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000000c0)) 07:08:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) [ 379.386539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 379.393793] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000047 [ 379.407990] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe803000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 379.475647] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:43 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1100, 0x0, 0x20}, [{}]}, 0x58) 07:08:43 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000074000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 379.529909] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 379.563123] FAULT_INJECTION: forcing a failure. [ 379.563123] name fail_page_alloc, interval 1, probability 0, space 0, times 0 07:08:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x3}, [{}]}, 0x58) 07:08:43 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00') clock_settime(0x7, &(0x7f0000000100)={0x77359400}) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x5) readahead(r0, 0x7, 0x7) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000140)="71dc74c0096681def70cded45b149bfe97df10c7dbeef397dfac36dde8b0631a729eaae1955e7dd45aba5d96797e27ddf4af0ceeb1d0a6849b6c3f950b17e797dd3642b0f9b527b023704ea32ca48b0ad5f48b819aea0c7899df62d2c912a7a41eb2ecb9e956f268d5754b949d00d17221baf52aac508759eba9dba51eb8f837ef83175c644ea341b3d36629a84958baec8592a801dbabda9380d5342fade9847e92e7146082cf3f5178e36c1cd6a682bcc753d0383a807368b66979ee4128f1da93906ec0c7c11e812acd6fc8f6977764e52c33ae9bf7ea28f4c19d857ab4c91c4eca37fca3189cf113361f6599b47a61") ioctl$BLKSECDISCARD(0xffffffffffffffff, 0x127d, &(0x7f0000000080)) r1 = getpid() ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0xd7d) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000380)={0xffffffffffffffff}) syz_open_dev$usbmon(&(0x7f0000000300)='/dev/usbmon#\x00', 0xffffffffffffffff, 0x141) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000700)={{{@in=@broadcast, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000000400)=0xe8) syz_fuse_mount(&(0x7f00000003c0)='./file0\x00', 0xa000, r3, 0x0, 0x0, 0x2002) fcntl$notify(0xffffffffffffffff, 0x402, 0x5) socket$inet(0x2, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_aout(r2, &(0x7f0000000600)=ANY=[], 0x0) unshare(0x40000000) ioctl$TIOCSSOFTCAR(0xffffffffffffffff, 0x541a, &(0x7f0000000340)=0x6) r4 = socket$inet_tcp(0x2, 0x1, 0x0) sched_getparam(r1, &(0x7f0000000240)) pwritev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000440)="3723339c9e46fcc759b50ca2fac74693cb0b58bf128cda2d1c0be362459e0d734b324cdb94e6b7e8587d837a8f176ccbc95738588bf395f5b86a21bac6f00b8acb12f34489dfd6b1c3ec2b317faa53145cdba8beee7802210a60c5e37a938a30527564c65321ebab3fdaa17d51b57da384ce15f4f777654f49495409794a8b69f99fffef", 0x84}], 0x1, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/uinput\x00', 0x402000, 0x0) ioctl$sock_ifreq(r4, 0x8923, &(0x7f0000000100)={'tunl0\x00', @ifru_settings={0x1, 0x0, @sync=&(0x7f0000000140)}}) [ 379.575060] CPU: 1 PID: 25854 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 379.583498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 379.592864] Call Trace: [ 379.595464] dump_stack+0x1c9/0x2b4 [ 379.599109] ? dump_stack_print_info.cold.2+0x52/0x52 [ 379.600837] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 379.604316] should_fail.cold.4+0xa/0x11 [ 379.604335] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 379.604360] ? percpu_ref_tryget_live+0x15b/0x440 [ 379.626699] ? mem_cgroup_id_get_many+0x160/0x160 [ 379.626713] ? get_mem_cgroup_from_mm+0x1ea/0x440 07:08:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:43 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x11, 0x0, 0x20}, [{}]}, 0x58) 07:08:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000080)={0x20080522, r1}, &(0x7f0000000040)) [ 379.626730] ? lock_acquire+0x1e4/0x540 [ 379.626742] ? percpu_ref_put_many+0x119/0x240 [ 379.626754] ? lock_downgrade+0x8f0/0x8f0 [ 379.626767] ? lock_release+0xa30/0xa30 [ 379.626780] ? __kernel_text_address+0xd/0x40 [ 379.626792] ? lock_acquire+0x1e4/0x540 [ 379.626802] ? fs_reclaim_acquire+0x20/0x20 [ 379.626813] ? lock_downgrade+0x8f0/0x8f0 [ 379.626825] ? check_same_owner+0x340/0x340 [ 379.626836] ? save_stack+0x43/0xd0 [ 379.626845] ? kasan_kmalloc+0xc4/0xe0 07:08:43 executing program 3 (fault-call:8 fault-nth:73): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x14}, [{}]}, 0x58) 07:08:43 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000028000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:43 executing program 0: r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff) name_to_handle_at(r0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)={0x8a, 0x657, "b46f9a51d633cb4d9517ebd575553eb87befed45609be6773d9cf6123e2fb3ee32e08141f9b1dcb23d11a9161c2d8a54bd9f91e28eb30dcda550be2013072fbf8dab432247c2cd7c03d290280e2b3a3f8720753eef5bcdd322ff5981ee6bce0ae289524a9b7577aa1ff8330e46c7cdc79c32749dda783e5185d35b97e3088d7d56f2"}, &(0x7f0000000280), 0x1400) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$mouse(&(0x7f0000000080)='/dev/input/mouse#\x00', 0x2, 0x84c0) capget(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@ipv4={[], [], @broadcast}, @in6=@remote}}, {{@in=@rand_addr}, 0x0, @in=@dev}}, &(0x7f00000000c0)=0x451) 07:08:43 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1200000000000000, 0x0, 0x20}, [{}]}, 0x58) [ 379.626856] ? rcu_note_context_switch+0x730/0x730 [ 379.626870] __alloc_pages_nodemask+0x36e/0xdb0 07:08:43 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000007a000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 379.626881] ? lock_downgrade+0x8f0/0x8f0 [ 379.626893] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 379.626904] ? lock_acquire+0x1e4/0x540 [ 379.626915] ? lock_downgrade+0x8f0/0x8f0 [ 379.626927] ? percpu_ref_put_many+0x131/0x240 07:08:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1100000000000000}, [{}]}, 0x58) 07:08:43 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:43 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0xffffff7f, 0x0, 0x20}, [{}]}, 0x58) [ 379.626935] ? do_raw_spin_unlock+0xa7/0x2f0 [ 379.626945] ? mem_cgroup_id_get_online+0x310/0x310 [ 379.626956] ? kasan_unpoison_shadow+0x35/0x50 [ 379.626966] ? kasan_kmalloc+0xc4/0xe0 07:08:43 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000007a00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 379.626980] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 379.626990] alloc_pages_current+0x10c/0x210 [ 379.627001] __get_free_pages+0xc/0x40 [ 379.627017] mmu_topup_memory_caches+0x1f8/0x3a0 [ 379.627030] kvm_mmu_load+0x21/0x10e0 [ 379.627040] ? rcu_note_context_switch+0x730/0x730 [ 379.627051] ? filemap_map_pages+0xca2/0x1990 [ 379.627064] vcpu_enter_guest+0x3aa6/0x6090 [ 379.627074] ? kasan_check_write+0x14/0x20 [ 379.627086] ? __mutex_lock+0x6c4/0x1680 [ 379.627098] ? kvm_set_msr_common+0x26a0/0x26a0 [ 379.627108] ? lock_acquire+0x1e4/0x540 [ 379.627119] ? vmx_vcpu_load+0xadf/0xff0 [ 379.627130] ? trace_hardirqs_on+0x10/0x10 [ 379.627140] ? vmx_vcpu_reset+0x1040/0x1040 [ 379.627151] ? find_get_entries_tag+0x1410/0x1410 [ 379.627169] ? lock_acquire+0x1e4/0x540 [ 379.627178] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 379.627190] ? lock_release+0xa30/0xa30 [ 379.627199] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 379.627210] ? kvm_arch_dev_ioctl+0x610/0x610 [ 379.627218] ? preempt_notifier_dec+0x20/0x20 [ 379.627231] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 379.627241] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 379.627256] kvm_vcpu_ioctl+0x7b8/0x1300 [ 379.627268] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 379.627283] ? lock_acquire+0x1e4/0x540 [ 379.627292] ? __fget+0x4ac/0x740 [ 379.627302] ? lock_downgrade+0x8f0/0x8f0 [ 379.627314] ? lock_release+0xa30/0xa30 [ 379.627323] ? pid_task+0x115/0x200 [ 379.627333] ? find_vpid+0xf0/0xf0 [ 379.627344] ? __f_unlock_pos+0x19/0x20 [ 379.627354] ? __fget+0x4d5/0x740 [ 379.627364] ? ksys_dup3+0x690/0x690 [ 379.627377] ? kasan_check_write+0x14/0x20 [ 379.627389] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 379.627400] ? perf_trace_sys_exit+0x3f7/0x650 [ 379.627408] ? vfs_write+0x2f3/0x560 [ 379.627420] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 379.627429] do_vfs_ioctl+0x1de/0x1720 [ 379.627440] ? fsnotify_first_mark+0x350/0x350 [ 379.627449] ? __fsnotify_parent+0xcc/0x420 [ 379.627459] ? ioctl_preallocate+0x300/0x300 [ 379.627467] ? __fget_light+0x2f7/0x440 [ 379.627476] ? fget_raw+0x20/0x20 [ 379.627487] ? __sb_end_write+0xac/0xe0 [ 379.627499] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 379.627509] ? syscall_slow_exit_work+0x111/0x500 [ 379.627523] ? lockdep_sys_exit_thunk+0x2e/0x2e [ 379.627534] ? tracehook_report_syscall_exit+0x2f0/0x2f0 [ 379.627546] ? security_file_ioctl+0x94/0xc0 [ 379.627555] ksys_ioctl+0xa9/0xd0 [ 379.627565] __x64_sys_ioctl+0x73/0xb0 [ 379.627575] do_syscall_64+0x1b9/0x820 [ 379.627584] ? finish_task_switch+0x1d3/0x870 [ 379.627594] ? syscall_return_slowpath+0x5e0/0x5e0 [ 379.627605] ? syscall_return_slowpath+0x31d/0x5e0 [ 379.627615] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 379.627626] ? prepare_exit_to_usermode+0x291/0x3b0 [ 379.627636] ? perf_trace_sys_enter+0xb10/0xb10 [ 379.627646] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 379.627659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 379.627666] RIP: 0033:0x455ba9 [ 379.627669] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 379.627826] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 379.627836] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 379.627842] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 379.627848] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 379.627854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 379.627859] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000048 [ 379.633387] REISERFS (device loop5): using ordered data mode [ 379.633392] reiserfs: using flush barriers [ 379.633991] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 379.635676] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 379.740599] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 379.740635] REISERFS (device loop5): using ordered data mode [ 379.740641] reiserfs: using flush barriers [ 379.741300] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 379.741640] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 379.887314] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 379.903161] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 379.903208] REISERFS (device loop5): using ordered data mode [ 379.903211] reiserfs: using flush barriers [ 379.903852] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 379.904240] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 380.085427] IPVS: ftp: loaded support on port[0] = 21 [ 380.571892] FAULT_INJECTION: forcing a failure. [ 380.571892] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 380.583763] CPU: 0 PID: 25924 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 380.592163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.601511] Call Trace: [ 380.604106] dump_stack+0x1c9/0x2b4 [ 380.607744] ? dump_stack_print_info.cold.2+0x52/0x52 [ 380.612946] should_fail.cold.4+0xa/0x11 [ 380.617013] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 380.622120] ? percpu_ref_tryget_live+0x15b/0x440 [ 380.626974] ? mem_cgroup_id_get_many+0x160/0x160 [ 380.631813] ? get_mem_cgroup_from_mm+0x1ea/0x440 [ 380.636658] ? lock_acquire+0x1e4/0x540 [ 380.640628] ? percpu_ref_put_many+0x119/0x240 [ 380.644187] IPVS: ftp: loaded support on port[0] = 21 [ 380.645229] ? lock_downgrade+0x8f0/0x8f0 [ 380.645249] ? lock_release+0xa30/0xa30 [ 380.645267] ? __kernel_text_address+0xd/0x40 [ 380.663028] ? lock_acquire+0x1e4/0x540 [ 380.667006] ? fs_reclaim_acquire+0x20/0x20 [ 380.671333] ? lock_downgrade+0x8f0/0x8f0 [ 380.675484] ? check_same_owner+0x340/0x340 [ 380.679811] ? save_stack+0x43/0xd0 [ 380.683438] ? kasan_kmalloc+0xc4/0xe0 [ 380.687349] ? rcu_note_context_switch+0x730/0x730 [ 380.692286] __alloc_pages_nodemask+0x36e/0xdb0 [ 380.696957] ? lock_downgrade+0x8f0/0x8f0 [ 380.701111] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 380.706133] ? mem_cgroup_handle_over_high+0x130/0x130 [ 380.711405] ? fs_reclaim_acquire+0x20/0x20 [ 380.715729] ? percpu_ref_put_many+0x131/0x240 [ 380.720306] ? mem_cgroup_id_get_online+0x310/0x310 [ 380.725319] ? kasan_unpoison_shadow+0x35/0x50 [ 380.729901] ? kasan_kmalloc+0xc4/0xe0 [ 380.733790] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 380.739324] alloc_pages_current+0x10c/0x210 [ 380.743819] __get_free_pages+0xc/0x40 [ 380.747705] mmu_topup_memory_caches+0x1f8/0x3a0 [ 380.752463] kvm_mmu_load+0x21/0x10e0 [ 380.756262] ? rcu_note_context_switch+0x730/0x730 [ 380.761186] ? filemap_map_pages+0xca2/0x1990 [ 380.765679] vcpu_enter_guest+0x3aa6/0x6090 [ 380.769997] ? kasan_check_write+0x14/0x20 [ 380.774226] ? __mutex_lock+0x6c4/0x1680 [ 380.778283] ? kvm_set_msr_common+0x26a0/0x26a0 [ 380.782953] ? lock_acquire+0x1e4/0x540 [ 380.786927] ? vmx_vcpu_load+0xadf/0xff0 [ 380.790984] ? trace_hardirqs_on+0x10/0x10 [ 380.795217] ? vmx_vcpu_reset+0x1040/0x1040 [ 380.799537] ? find_get_entries_tag+0x1410/0x1410 [ 380.804385] ? lock_acquire+0x1e4/0x540 [ 380.808354] ? kvm_arch_vcpu_ioctl_run+0x234/0x1690 [ 380.813370] ? lock_release+0xa30/0xa30 [ 380.817339] ? kvm_arch_vcpu_ioctl_set_fpu+0x340/0x340 [ 380.822615] ? kvm_arch_dev_ioctl+0x610/0x610 [ 380.827108] ? preempt_notifier_dec+0x20/0x20 [ 380.831607] kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 380.836946] ? kvm_arch_vcpu_ioctl_run+0x33e/0x1690 [ 380.841965] kvm_vcpu_ioctl+0x7b8/0x1300 [ 380.846028] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 380.851742] ? lock_acquire+0x1e4/0x540 [ 380.855715] ? __fget+0x4ac/0x740 [ 380.859165] ? lock_downgrade+0x8f0/0x8f0 [ 380.863311] ? lock_release+0xa30/0xa30 [ 380.867286] ? pid_task+0x115/0x200 [ 380.870909] ? find_vpid+0xf0/0xf0 [ 380.874450] ? __f_unlock_pos+0x19/0x20 [ 380.878439] ? __fget+0x4d5/0x740 [ 380.881889] ? ksys_dup3+0x690/0x690 [ 380.885611] ? kasan_check_write+0x14/0x20 [ 380.889845] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 380.894773] ? fsnotify+0xbac/0x14e0 [ 380.898481] ? vfs_write+0x2f3/0x560 [ 380.902197] ? kvm_uevent_notify_change.part.32+0x440/0x440 [ 380.907911] do_vfs_ioctl+0x1de/0x1720 [ 380.911799] ? fsnotify_first_mark+0x350/0x350 [ 380.916377] ? __fsnotify_parent+0xcc/0x420 [ 380.920694] ? ioctl_preallocate+0x300/0x300 [ 380.925100] ? __fget_light+0x2f7/0x440 [ 380.929071] ? fget_raw+0x20/0x20 [ 380.932523] ? __sb_end_write+0xac/0xe0 [ 380.936499] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 380.942034] ? fput+0x130/0x1a0 [ 380.945312] ? ksys_write+0x1ae/0x260 [ 380.949114] ? security_file_ioctl+0x94/0xc0 [ 380.953526] ksys_ioctl+0xa9/0xd0 [ 380.956978] __x64_sys_ioctl+0x73/0xb0 [ 380.960867] do_syscall_64+0x1b9/0x820 [ 380.964754] ? finish_task_switch+0x1d3/0x870 [ 380.969251] ? syscall_return_slowpath+0x5e0/0x5e0 [ 380.974178] ? syscall_return_slowpath+0x31d/0x5e0 [ 380.979109] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 380.984120] ? prepare_exit_to_usermode+0x291/0x3b0 [ 380.989150] ? perf_trace_sys_enter+0xb10/0xb10 [ 380.993820] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.998666] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 381.003848] RIP: 0033:0x455ba9 [ 381.007024] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 381.026283] RSP: 002b:00007f2d94f80c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 381.033990] RAX: ffffffffffffffda RBX: 00007f2d94f816d4 RCX: 0000000000455ba9 [ 381.041254] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000016 [ 381.048517] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 381.055805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 381.063076] R13: 00000000004bdd70 R14: 00000000004cc310 R15: 0000000000000049 07:08:44 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000700000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:44 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x6, 0x802) openat(r2, &(0x7f00000000c0)='./file0\x00', 0x100, 0x8) 07:08:44 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:44 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x1000000, 0x0, 0x20}, [{}]}, 0x58) 07:08:44 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1000000000000}, [{}]}, 0x58) 07:08:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) 07:08:44 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af300200f5abfb9845f9e19859c9693206f2c60b0000000719e1d66e970123d893d974e5b9c3285677b2139823e5500c92ab5b94da3a7de19f063bb765b02bd5b660fb7fa898c6f5c6369c3f363068d10af833f6475bbe8b7967255b177607ba100f6c4654718232dbda64aa1f69cf9ab5b3ea3ed63452b7ebd37c9dae664e322e08ad8f6029fe8fd0b34c7117480471aeca0a3fc9eceb28509ca8a83e4f8b85131808bc5cfb4cc24e1901769c084c082712b470666b6dddf74ced693973ba1ded8b") fcntl$setstatus(r0, 0x4, 0x6800) pread64(r0, &(0x7f0000003c00)=""/4096, 0xffffff4b, 0x0) 07:08:44 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x12000000, 0x20}, [{}]}, 0x58) [ 381.188040] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 381.209302] REISERFS (device loop5): using ordered data mode [ 381.215197] reiserfs: using flush barriers [ 381.221437] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:44 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000004c00000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:44 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf401000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:44 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x12000000}, [{}]}, 0x58) 07:08:44 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3, 0x800) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f00000004c0)=""/215) r1 = socket$inet6(0xa, 0x1000000000004, 0x7) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x100, 0x0) openat$cgroup(r2, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = getpgrp(0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000001c0)={{0x6, 0xffffffffffffffc1}, 'port1\x00', 0x2, 0x2, 0x4, 0x80, 0x800, 0xffffffff, 0x81, 0x0, 0x1, 0x7}) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)={0x0, 0x1, 0x8}) [ 381.238986] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:44 executing program 1: 07:08:45 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1200, 0x20}, [{}]}, 0x58) 07:08:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x11000000}, [{}]}, 0x58) 07:08:45 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:45 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000f0000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:45 executing program 1: 07:08:45 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) r2 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x5, 0x210000) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) 07:08:45 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1600, 0x20}, [{}]}, 0x58) [ 381.477312] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 381.559622] REISERFS (device loop5): using ordered data mode [ 381.565610] reiserfs: using flush barriers [ 381.584706] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3e8]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:45 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast2=0xe0000002}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f0000000080), 0x6b, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000000c0)=0xa00, 0x4) sendto$inet(r0, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e399aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0201c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x81, &(0x7f0000000180)={0x2, 0x0, @rand_addr}, 0x10) sendto$inet(r0, &(0x7f0000000040)='L', 0x1, 0x0, &(0x7f0000000200)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f0000000240)="94", 0x1, 0x0, &(0x7f0000000000)={0x2}, 0x10) 07:08:45 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000068000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:45 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1500, 0x20}, [{}]}, 0x58) 07:08:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1000000}, [{}]}, 0x58) 07:08:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x8004ae98, 0x0) 07:08:45 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) capget(&(0x7f00000000c0)={0x19980330, r1}, &(0x7f0000000100)={0x6, 0xa82c, 0x6e001bba, 0x6, 0x7}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) [ 381.614624] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xff00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:45 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000002000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2000000}, [{}]}, 0x58) 07:08:45 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:45 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3f00000000000000, 0x20}, [{}]}, 0x58) 07:08:45 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000080)={0xffff, 0x0, 0x0, 0x1}) 07:08:45 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000740d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1600}, [{}]}, 0x58) 07:08:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x5452, 0x0) 07:08:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfcff000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 381.842638] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 381.896727] REISERFS (device loop5): using ordered data mode [ 381.902625] reiserfs: using flush barriers [ 381.958449] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 381.996420] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)) 07:08:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4000000, 0x20}, [{}]}, 0x58) 07:08:46 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000070d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:46 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpgrp(0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x1, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r0, 0xaead) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r0, 0x4008ae48, &(0x7f00000000c0)) 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x5}, [{}]}, 0x58) 07:08:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffff]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:46 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xc018ae85, 0x0) 07:08:46 executing program 1: gettid() perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0x71}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$team(&(0x7f00000006c0)='team\x00') 07:08:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8915, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000080)=0x0) sched_setscheduler(r1, 0x0, &(0x7f00000000c0)=0x40) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@dev, @in6=@dev}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) [ 382.672182] nla_parse: 9 callbacks suppressed [ 382.672190] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 382.691744] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x5, 0x20}, [{}]}, 0x58) 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x4000000}, [{}]}, 0x58) [ 382.739231] REISERFS (device loop5): using ordered data mode [ 382.745279] reiserfs: using flush barriers 07:08:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:46 executing program 1: 07:08:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1500000000000000, 0x20}, [{}]}, 0x58) 07:08:46 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000060d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x20, &(0x7f00000001c0)="0a5cc83d6d345f8f762070c858ee0fd14a4e275b995c7e876e84f75c9c0cd5495511fc0dfaf7d7a75170ea92f697a2fdc82fae139dd38eff64df0f9da5fc5416761c2399f599c6c0ab7c18ee1c21a2c621c9223334d60600000000b209968291e965a1aba0e52881d5aecd1e1d9ff4f68e4b4f736929edcb1ff485ccbfe636c03214ad16b2") pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r4 = fcntl$getown(r0, 0x9) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000840)={{{@in6, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in=@loopback}}, &(0x7f0000000940)=0xe8) r6 = getgid() r7 = getpgid(0xffffffffffffffff) r8 = geteuid() getresgid(&(0x7f0000001180)=0x0, &(0x7f00000011c0), &(0x7f0000001200)) r10 = getpgrp(0xffffffffffffffff) lstat(&(0x7f0000001240)='./file0\x00', &(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001300)='./file0\x00', &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r13 = fcntl$getown(r1, 0x9) r14 = geteuid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000013c0)={0x0, 0x0, 0x0}, &(0x7f0000001400)=0xc) r16 = getpgid(0xffffffffffffffff) r17 = getuid() getgroups(0x2, &(0x7f0000001440)=[0x0, 0xee00]) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000001480)=0x0) getresuid(&(0x7f00000014c0), &(0x7f0000001500), &(0x7f0000001540)=0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001580)={0x0, 0x0, 0x0}, &(0x7f00000015c0)=0xc) sendmmsg$unix(r1, &(0x7f00000016c0)=[{&(0x7f00000003c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000440)="95ae08f2dd7a59292107d7a5993eb897063557926a7fe4b2a1ba1e23ac2c16073a13fdec875d20f319eb47f22cefd5f94e", 0x31}, {&(0x7f0000000480)="af07784bfa26493dfe45a415f3", 0xd}, {&(0x7f00000004c0)="0c3c9f1eaa4ccb8cd6441d8d54caf77e4ce0f3c07a46208992d0bb7fa0b6b905b6367f68cc60628d4c1bee096b33d4ac8355677550d7c26576a7e7d8589d9965c2034f0f6bae3c9f0f5716fb878c5103b510ae76cf3c11ea92a9416f1cdbf5700338c2677be48eb9de38f54e5dddf03b8a57a666092ce47d23b329c0505680b681fdc427eab57a945d3bd2feae5f4e2de85372aa831896a812d5cc455284df368cdb95b323a466db5b25079a9a1e6c6ebc14e25b22dc99e1647bb19885f873397e389625f512aac23a6b552552cfc71840f1587f26fa0e4989ac53665dd536fb2be5ddbaf34edc8e863d1832f9d5ee71d430003574d2", 0xf6}, {&(0x7f00000005c0)="2680da6c0e012ed99a1297f48afc632c85843bce23001ccabc2e407f8ca7f9e24f29ed5b68605cdbcbcef956eca896d4834ebfbf8d81ffe8d22ad190dc20057a8cc69e1526265a1d591f60f4ea10d208f19b7473ddff7039c4ad8a5c932a2ed11cfbfaa2594b9e8a0f78e43b2018184740be43165dd043e8bc002c2685d337d8a7b388e0c7934d22fd3558956700d399cb7fd8833df06a7150094e19ce3029eeb6d272c44ef938c8c21fff7be87da0f2bf0bd842e5f1e9083c2280c8e75b91ef6e979acb617bd75511c287ddf41483190e1904b02a2c", 0xd6}, {&(0x7f00000006c0)="ae7dc7b2430be7771041bc1767ab6ec579ee66771ef76592a5e36be1aef165496131f5e44e40", 0x26}, {&(0x7f0000000700)="b6103a91a1127b8d360db9e7348e77650ca518b5bea4b946a69dd475c8468be449362401ffb9ae24bd9aa89aa8aeaed087e867a6f26f95b46e364dde088d62b4f82f7bd6c7c894fdd45988f183f50b4c6db9b5730f74bf67cd6197acee115a0f073640896639f67c7564cb34a95eb604153a894f6d51c9eb6a03385e8141a1aa18fc3ee4cd17d6fa1f3b69f986e86184f496bcf3139b40d17865aba96c", 0x9d}], 0x6, &(0x7f00000017c0)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="00000000280000000000000001000000f0ffffff7a55b7", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x78, 0x40000}, {&(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000c00)=[{&(0x7f0000000a80)="8fb59f77677229be668e27f124f7e41988b51c05c3beaad5af0d8137a21869dbc3ce6fdce1be3e9dad32dd377e3dc3c9887209c54f9e5c77d1c7d1ee151519ce94b6f8377ddb4fc47c296ac19a4bf1412ce41ce9f1106174abb639692ed58efcc419cc32cd4725c4743e4e597a645522a8523edf94420564898304b3aab6e358dba240062d0396f1afc92d95b963592506181624f9d7bccc65cd00a824f1cb45198c63ed4b92ace21a6db999f1d85995b93e3257e5b525353192101adafffdabe3f6ddec35406f2745ef2a0d66bdacb6e7d041a9f1df17d8c561c41eee6c250fd0e44fbc23af43ad8b", 0xe9}, {&(0x7f0000000b80)="b597054d9192dd725d26a4bc1645711c3432738c73e292ac551725a78e64af7e9b761767806730a75e8240b50eaf50966414a5c0cc7519a48b9c5d8a0c51876393fa29f65df047e77ef5e56f68ca55598cb546ef06d470ea1a070cb5c422408c4adc7c8c38c5f9489e1be9bdfdb5e172cbf28f2f3f", 0x75}], 0x2, 0x0, 0x0, 0x40}, {&(0x7f0000000c40)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000fc0)=[{&(0x7f0000000cc0)="e5fde4692e84f5f74eda1d6933378716b844051d37a7c24e53508b068a72c8ef95a98861457d9bcb074261b369cd0e5474ae8394facad402ade24f3b25d9d0a70105bc57d9d586fb898448a7134e398d263e8c6f270f867ea533a60a9afbf327bf8fdc790eda94109f1b2ef8887b59a530c4e4f09c5be35a5866acf731684353e0a35648cbc7ed1a42aeb9bbf827b4107ed6dded9a9e91d54b2d557eb2ccf122e51ff82e629d570c0ce71e79cf624360fd36d2ea113dd7649ea26d438a8acbee8255325e08e80f4b23bb003683edb4b6cf3a7612ae7e7e", 0xd7}, {&(0x7f0000000dc0)="f858c474b59dfd47772c7afb97a43674661ced6570b01044a7238cddd296c3d7a9b8f59edb4492a5025111085ee687dfc38092fa185f981683ab1746650232ba18629073f98726732f16ccef25bdd76822e542ffc2efa43e5a", 0x59}, {&(0x7f0000000e40)="cb0717e7bd486e45d052bf1eb5e8593acd63f8aa91a9a6680857a717ccc57afaa5324feb50ab2d9be5f3e27c938ac70f74dbb93c62fd0f484ba029f6bdb13fa6a6a393f869c522460ead743161fc29b2f04480d4269e7f395a1fb4d500c2bec40265b9c573d867f8ee4f0d6936b4076ffdb57890d2f6104b5b9f0232910d64e7586f0414b8c3ceefbb79542378d6fc34ae302c448aae72519247ad7b322fe029d3bd801598b44ddea9e0135973e67fe82f", 0xb1}, {&(0x7f0000000f00)="f18cccdaeb70cacdc3a5d5dcdcf9960dbc9df5cd4c95c4f3f1c55356732342e73c83a41fd1992a78a21cb154d8749b58107e3db3c779790e45077e4d0070d31b4822c0edd27b8d0193dc375156593a023a64a0e8de8b9dded8613c0f072497faa717fcca45c7a34cecbfb96f807e3ddae0665534e2e7e12f8d15b12ea87f9a299ec66e1461d26c0a9bc198a8ffb7362a0d8dee049aba138fbea046128524416f9a3acb798c141d01e8dfe591247cc546", 0xb0}], 0x4, &(0x7f0000001000)=[@rights={0x20, 0x1, 0x1, [r0, r0, r1, r0]}], 0x20, 0x40000}, {&(0x7f0000001040)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001140)=[{&(0x7f00000010c0)="1ec47801ab474ec7c1c16e8672c1ed7fa430e6bc576a141e85e85dc7988f918a84aa37a5a4bad59b8d1f8978acf1c1d8c3c45270", 0x34}, {&(0x7f0000001100)="5df1922f50d3", 0x6}], 0x2, &(0x7f0000001600)=[@cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @cred={0x20, 0x1, 0x2, r16, r17, r18}, @cred={0x20, 0x1, 0x2, r19, r20, r21}], 0xa0, 0x4000}], 0x4, 0x44) keyctl$describe(0x6, r3, &(0x7f0000000340)=""/21, 0x15) gettid() r22 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r22, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r23 = socket$inet(0x10, 0x3, 0x0) getsockopt$sock_int(r23, 0x1, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4) r24 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() getpgrp(0xffffffffffffffff) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000280)={'veth0_to_bond\x00', 0xc0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) r25 = getpid() r26 = getpgrp(r25) finit_module(r24, &(0x7f0000000380)=':+wlan1selfvmnet1:%security\x00', 0x3) ioctl$VT_DISALLOCATE(r2, 0x5608) capget(&(0x7f0000000000)={0x20080522, r26}, &(0x7f0000000040)) 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x500000000000000}, [{}]}, 0x58) [ 382.833707] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 382.846090] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x4048ae9b, 0x0) 07:08:46 executing program 1: 07:08:46 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) [ 382.913152] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1600000000000000}, [{}]}, 0x58) 07:08:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1f00000000000000, 0x20}, [{}]}, 0x58) 07:08:46 executing program 1: 07:08:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl(r0, 0x8912, &(0x7f00000001c0)=' p') perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) bind$rds(r1, &(0x7f0000000200)={0x2, 0x4e23, @rand_addr=0x1}, 0x10) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) socket$vsock_stream(0x28, 0x1, 0x0) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x80, 0x0) ioctl$EVIOCSABS0(r3, 0x401845c0, &(0x7f00000000c0)={0x4, 0x5, 0x7, 0x5, 0xffffffffffff8005, 0x6}) 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x300000000000000}, [{}]}, 0x58) 07:08:46 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000f00d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 383.034551] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 383.095512] REISERFS (device loop5): using ordered data mode [ 383.101407] reiserfs: using flush barriers 07:08:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x400000000000000, 0x20}, [{}]}, 0x58) 07:08:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x4004ae99, 0x0) 07:08:46 executing program 1: [ 383.141603] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 383.147560] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1f000000}, [{}]}, 0x58) 07:08:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = msgget(0x1, 0x100) msgctl$IPC_RMID(r1, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$setlease(r0, 0x400, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x40, 0x0) ioctl$VT_RESIZE(r2, 0x5609, &(0x7f00000000c0)={0x6, 0x5, 0xfffffffffffffff8}) r3 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r3}, &(0x7f0000000040)) 07:08:46 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:46 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000007000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 383.222443] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:46 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x20, &(0x7f00000001c0)="0a5cc83d6d345f8f762070c858ee0fd14a4e275b995c7e876e84f75c9c0cd5495511fc0dfaf7d7a75170ea92f697a2fdc82fae139dd38eff64df0f9da5fc5416761c2399f599c6c0ab7c18ee1c21a2c621c9223334d60600000000b209968291e965a1aba0e52881d5aecd1e1d9ff4f68e4b4f736929edcb1ff485ccbfe636c03214ad16b2") pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffe) r4 = fcntl$getown(r0, 0x9) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000840)={{{@in6, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in=@loopback}}, &(0x7f0000000940)=0xe8) r6 = getgid() r7 = getpgid(0xffffffffffffffff) r8 = geteuid() getresgid(&(0x7f0000001180)=0x0, &(0x7f00000011c0), &(0x7f0000001200)) r10 = getpgrp(0xffffffffffffffff) lstat(&(0x7f0000001240)='./file0\x00', &(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000001300)='./file0\x00', &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r13 = fcntl$getown(r1, 0x9) r14 = geteuid() getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000013c0)={0x0, 0x0, 0x0}, &(0x7f0000001400)=0xc) r16 = getpgid(0xffffffffffffffff) r17 = getuid() getgroups(0x2, &(0x7f0000001440)=[0x0, 0xee00]) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000001480)=0x0) getresuid(&(0x7f00000014c0), &(0x7f0000001500), &(0x7f0000001540)=0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001580)={0x0, 0x0, 0x0}, &(0x7f00000015c0)=0xc) sendmmsg$unix(r1, &(0x7f00000016c0)=[{&(0x7f00000003c0)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000007c0)=[{&(0x7f0000000440)="95ae08f2dd7a59292107d7a5993eb897063557926a7fe4b2a1ba1e23ac2c16073a13fdec875d20f319eb47f22cefd5f94e", 0x31}, {&(0x7f0000000480)="af07784bfa26493dfe45a415f3", 0xd}, {&(0x7f00000004c0)="0c3c9f1eaa4ccb8cd6441d8d54caf77e4ce0f3c07a46208992d0bb7fa0b6b905b6367f68cc60628d4c1bee096b33d4ac8355677550d7c26576a7e7d8589d9965c2034f0f6bae3c9f0f5716fb878c5103b510ae76cf3c11ea92a9416f1cdbf5700338c2677be48eb9de38f54e5dddf03b8a57a666092ce47d23b329c0505680b681fdc427eab57a945d3bd2feae5f4e2de85372aa831896a812d5cc455284df368cdb95b323a466db5b25079a9a1e6c6ebc14e25b22dc99e1647bb19885f873397e389625f512aac23a6b552552cfc71840f1587f26fa0e4989ac53665dd536fb2be5ddbaf34edc8e863d1832f9d5ee71d430003574d2", 0xf6}, {&(0x7f00000005c0)="2680da6c0e012ed99a1297f48afc632c85843bce23001ccabc2e407f8ca7f9e24f29ed5b68605cdbcbcef956eca896d4834ebfbf8d81ffe8d22ad190dc20057a8cc69e1526265a1d591f60f4ea10d208f19b7473ddff7039c4ad8a5c932a2ed11cfbfaa2594b9e8a0f78e43b2018184740be43165dd043e8bc002c2685d337d8a7b388e0c7934d22fd3558956700d399cb7fd8833df06a7150094e19ce3029eeb6d272c44ef938c8c21fff7be87da0f2bf0bd842e5f1e9083c2280c8e75b91ef6e979acb617bd75511c287ddf41483190e1904b02a2c", 0xd6}, {&(0x7f00000006c0)="ae7dc7b2430be7771041bc1767ab6ec579ee66771ef76592a5e36be1aef165496131f5e44e40", 0x26}, {&(0x7f0000000700)="b6103a91a1127b8d360db9e7348e77650ca518b5bea4b946a69dd475c8468be449362401ffb9ae24bd9aa89aa8aeaed087e867a6f26f95b46e364dde088d62b4f82f7bd6c7c894fdd45988f183f50b4c6db9b5730f74bf67cd6197acee115a0f073640896639f67c7564cb34a95eb604153a894f6d51c9eb6a03385e8141a1aa18fc3ee4cd17d6fa1f3b69f986e86184f496bcf3139b40d17865aba96c", 0x9d}], 0x6, &(0x7f00000017c0)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="00000000280000000000000001000000f0ffffff7a55b7", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r2, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0x78, 0x40000}, {&(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000c00)=[{&(0x7f0000000a80)="8fb59f77677229be668e27f124f7e41988b51c05c3beaad5af0d8137a21869dbc3ce6fdce1be3e9dad32dd377e3dc3c9887209c54f9e5c77d1c7d1ee151519ce94b6f8377ddb4fc47c296ac19a4bf1412ce41ce9f1106174abb639692ed58efcc419cc32cd4725c4743e4e597a645522a8523edf94420564898304b3aab6e358dba240062d0396f1afc92d95b963592506181624f9d7bccc65cd00a824f1cb45198c63ed4b92ace21a6db999f1d85995b93e3257e5b525353192101adafffdabe3f6ddec35406f2745ef2a0d66bdacb6e7d041a9f1df17d8c561c41eee6c250fd0e44fbc23af43ad8b", 0xe9}, {&(0x7f0000000b80)="b597054d9192dd725d26a4bc1645711c3432738c73e292ac551725a78e64af7e9b761767806730a75e8240b50eaf50966414a5c0cc7519a48b9c5d8a0c51876393fa29f65df047e77ef5e56f68ca55598cb546ef06d470ea1a070cb5c422408c4adc7c8c38c5f9489e1be9bdfdb5e172cbf28f2f3f", 0x75}], 0x2, 0x0, 0x0, 0x40}, {&(0x7f0000000c40)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000fc0)=[{&(0x7f0000000cc0)="e5fde4692e84f5f74eda1d6933378716b844051d37a7c24e53508b068a72c8ef95a98861457d9bcb074261b369cd0e5474ae8394facad402ade24f3b25d9d0a70105bc57d9d586fb898448a7134e398d263e8c6f270f867ea533a60a9afbf327bf8fdc790eda94109f1b2ef8887b59a530c4e4f09c5be35a5866acf731684353e0a35648cbc7ed1a42aeb9bbf827b4107ed6dded9a9e91d54b2d557eb2ccf122e51ff82e629d570c0ce71e79cf624360fd36d2ea113dd7649ea26d438a8acbee8255325e08e80f4b23bb003683edb4b6cf3a7612ae7e7e", 0xd7}, {&(0x7f0000000dc0)="f858c474b59dfd47772c7afb97a43674661ced6570b01044a7238cddd296c3d7a9b8f59edb4492a5025111085ee687dfc38092fa185f981683ab1746650232ba18629073f98726732f16ccef25bdd76822e542ffc2efa43e5a", 0x59}, {&(0x7f0000000e40)="cb0717e7bd486e45d052bf1eb5e8593acd63f8aa91a9a6680857a717ccc57afaa5324feb50ab2d9be5f3e27c938ac70f74dbb93c62fd0f484ba029f6bdb13fa6a6a393f869c522460ead743161fc29b2f04480d4269e7f395a1fb4d500c2bec40265b9c573d867f8ee4f0d6936b4076ffdb57890d2f6104b5b9f0232910d64e7586f0414b8c3ceefbb79542378d6fc34ae302c448aae72519247ad7b322fe029d3bd801598b44ddea9e0135973e67fe82f", 0xb1}, {&(0x7f0000000f00)="f18cccdaeb70cacdc3a5d5dcdcf9960dbc9df5cd4c95c4f3f1c55356732342e73c83a41fd1992a78a21cb154d8749b58107e3db3c779790e45077e4d0070d31b4822c0edd27b8d0193dc375156593a023a64a0e8de8b9dded8613c0f072497faa717fcca45c7a34cecbfb96f807e3ddae0665534e2e7e12f8d15b12ea87f9a299ec66e1461d26c0a9bc198a8ffb7362a0d8dee049aba138fbea046128524416f9a3acb798c141d01e8dfe591247cc546", 0xb0}], 0x4, &(0x7f0000001000)=[@rights={0x20, 0x1, 0x1, [r0, r0, r1, r0]}], 0x20, 0x40000}, {&(0x7f0000001040)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001140)=[{&(0x7f00000010c0)="1ec47801ab474ec7c1c16e8672c1ed7fa430e6bc576a141e85e85dc7988f918a84aa37a5a4bad59b8d1f8978acf1c1d8c3c45270", 0x34}, {&(0x7f0000001100)="5df1922f50d3", 0x6}], 0x2, &(0x7f0000001600)=[@cred={0x20, 0x1, 0x2, r7, r8, r9}, @cred={0x20, 0x1, 0x2, r10, r11, r12}, @cred={0x20, 0x1, 0x2, r13, r14, r15}, @cred={0x20, 0x1, 0x2, r16, r17, r18}, @cred={0x20, 0x1, 0x2, r19, r20, r21}], 0xa0, 0x4000}], 0x4, 0x44) keyctl$describe(0x6, r3, &(0x7f0000000340)=""/21, 0x15) gettid() r22 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r22, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r23 = socket$inet(0x10, 0x3, 0x0) getsockopt$sock_int(r23, 0x1, 0x10, &(0x7f0000000000), &(0x7f0000000040)=0x4) r24 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getpid() getpgrp(0xffffffffffffffff) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000280)={'veth0_to_bond\x00', 0xc0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) r25 = getpid() r26 = getpgrp(r25) finit_module(r24, &(0x7f0000000380)=':+wlan1selfvmnet1:%security\x00', 0x3) ioctl$VT_DISALLOCATE(r2, 0x5608) capget(&(0x7f0000000000)={0x20080522, r26}, &(0x7f0000000040)) 07:08:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1100}, [{}]}, 0x58) 07:08:46 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1100000000000000, 0x20}, [{}]}, 0x58) 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:47 executing program 0: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) [ 383.326178] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1400}, [{}]}, 0x58) 07:08:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000006c0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x11000000, 0x20}, [{}]}, 0x58) 07:08:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x41a0ae8d, 0x0) [ 383.427794] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x900]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x16}, [{}]}, 0x58) [ 383.492061] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 383.521156] REISERFS (device loop5): using ordered data mode [ 383.524388] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 383.527119] reiserfs: using flush barriers 07:08:47 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x6, &(0x7f00000004c0)=[{&(0x7f00000002c0)="8485396f86ef21b4e3df42e706c7256412368c7c233d1d26fbcf822b8a2387586a75e90371ecd1081aa7918673466eea6a653f53041d1702f4da74f5f47b55ec46ba47492d2396429aca153f3588e5fa8fbb5c7d2261e968d9f5fd4f8b9700d5a28469a5f3045ed1a15f637a095ab6f49619ed81962cfe408da81d571908bfcd22255ffc86165fcadb0c7dfc3635550db43ea9e7d646d6cf5c1afdf1ac94a7a1b4a0aac4f9b33fc26b8e638ed7e70bff555940281c9e0b69290584939fa4f97767691cbc429e50f3c165", 0xca, 0x8a}, {&(0x7f0000000080)="a7d7cf58360f1b1610e5231daf0c3bb79802601cf9bc", 0x16, 0x100}, {&(0x7f00000000c0)="0d1e0cb825d83f631e89338464f58e3e6efd94ffdbc776bf", 0x18, 0x1}, {&(0x7f00000001c0)="48adc362127598b2d2cac52cbe1623bd985e8471be01ecfc137b05ddcc3c6e1e9edc102a3fd47722d949607f15ba2be404debd027078139b39ebc24025e53b78ee560174d19c2f168de97064cef485b40af70946986ce3d38313d9d9b96bfa27e8de231d96132c3fa08a1cfff5774031a1ecb467e9ecd4201f2e6e34d6d8ec97c807537ed3de61e2f4d275052280fad3fd79da9fd78626087a2811d60a07d3f8bf801998bbec5e79", 0xa8, 0x20}, {&(0x7f00000003c0)="ab0a66163771087be027cf1f31d96fcfc3e15d134d1878500abec1e477e426c4d4da96bf4668cfadcea6b0a7aaaa9475c1f2f67bcbcf77a314506b76e14599be35b5d946673583147de25f989e8f72d3abab6c2dcfbbaf4efa8e1072c706a931b2717bdfd79959d8dc80b99e19e9d71e2dd818220d2157c1291ebc", 0x7b, 0x7}, {&(0x7f0000000440)="47da4683335db142db228b518d7e91ee6a4d47d0a6be60205a5a3da00015224373dc3ae3578c50ca70c8b24cd4bcaa191d2e95c3bca901fa7fe25b05448f818053530d2008fffe47bb31ad8669beaf1b0b52f4baed0aeb221309e22aca5441840fc19a", 0x63, 0x5f}], 0x100000, &(0x7f0000000100)={[{@mode={'mode', 0x3d, [0x31, 0x37]}, 0x2c}, {@dmode={'dmode', 0x3d, [0x3f]}, 0x2c}, {@hide='hide', 0x2c}, {@uid={'uid', 0x3d, [0x33, 0x38, 0x3f, 0x0]}, 0x2c}, {@unhide='unhide', 0x2c}, {@utf8='utf8', 0x2c}, {@norock='norock', 0x2c}, {@norock='norock', 0x2c}]}) getpgrp(0x0) 07:08:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x2, 0x20}, [{}]}, 0x58) [ 383.567648] REISERFS (device loop1): using ordered data mode [ 383.573621] reiserfs: using flush barriers [ 383.596650] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 383.626832] REISERFS warning (device loop1): sh-458 journal_init_dev: cannot init journal device 'unknown-block(9,8)': -16 [ 383.638219] REISERFS warning (device loop1): sh-462 journal_init: unable to initialize journal device [ 383.650626] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 383.659277] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:47 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000003000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xc0045877, 0x0) 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x4}, [{}]}, 0x58) 07:08:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x4, 0x20}, [{}]}, 0x58) 07:08:47 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, r1, 0x0) setpgid(r2, r2) socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='\x00', 0xffffffffffffff9c}, 0x10) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000100)={0x1, 0xf002}) openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x90000, 0x0) 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xf00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 383.785398] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, r1, 0x0) setpgid(r2, r2) socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='\x00', 0xffffffffffffff9c}, 0x10) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000100)={0x1, 0xf002}) openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x90000, 0x0) 07:08:47 executing program 0: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0) ioctl$EVIOCGID(r0, 0x80084502, &(0x7f00000000c0)=""/43) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x80000001, &(0x7f0000000440)="025cc83d6d345f8f7620705e1b909c86c9709254099e8ead97afb8bd7c005dae987462e128b8234c1b0000000000005e90fd45e1972ad947a83a4668b25a5000d90dc36cce8844d6e4542ec86543429885839237f7168ee09596ddcc7eb2250f50d3cda300cd6c232dd77a20be00a1468b77ffb4b64ec619bd9b0df74da8266159626263bf02a06b9591dc38866645cd8c8754c036989e417418b1c97921e45b7f9d1152a1eab539a7d6e3a1b3cb1c21897f74f802e583892eb93c8a379df7fa68c32f48472c0cea5bce4be6ad880953e5ded52eb670a08fbf2d21c19b0eee71e1db38ccfea71b433c2ddb20dd086b4da99e3122f42fdd8887b674bf66eac348e1ffa9483f403d742631056c96894d01c8ec06a6321b0aa23edb06fe9fa29668354d78140c18b8f2fd330b1764fa4b5710d03f0dcb7019a567b9f78b2bda9c68dbb0461d2f45c8bb4da42a54653535d0397e498a408219af") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1100, 0x20}, [{}]}, 0x58) 07:08:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000063110d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x40030000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x12}, [{}]}, 0x58) [ 383.869727] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 383.900238] REISERFS (device loop5): using ordered data mode [ 383.906203] reiserfs: using flush barriers [ 383.913901] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 383.916643] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, r1, 0x0) setpgid(r2, r2) socket$inet6_udp(0xa, 0x2, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='\x00', 0xffffffffffffff9c}, 0x10) ioctl$KVM_ARM_SET_DEVICE_ADDR(r3, 0x4010aeab, &(0x7f0000000100)={0x1, 0xf002}) openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcs\x00', 0x90000, 0x0) 07:08:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x4020940d, 0x0) 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1500000000000000}, [{}]}, 0x58) [ 384.017144] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:47 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000074000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1400, 0x20}, [{}]}, 0x58) 07:08:47 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) lseek(r0, 0x0, 0x6) setsockopt(r0, 0x4a, 0x1, &(0x7f0000000080)="24b8e0b25f90b9bae0556e9e547b993bdd76a0b2f37827ba29bed1e7094c3ff0203331a6dc11f61936db1fd6aad2dc5ecd19bf444257f5139994bd", 0x3b) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) read(r0, &(0x7f00000002c0)=""/245, 0xf5) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)={0xfffffffffffffffc, 0x800000, 0x200}) 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x1200000000000000}, [{}]}, 0x58) 07:08:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x8138ae83, 0x0) [ 384.142944] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:47 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:47 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x300, 0x20}, [{}]}, 0x58) 07:08:47 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000007a0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 384.197139] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 384.212926] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal [ 384.231259] REISERFS (device loop1): using ordered data mode [ 384.237144] reiserfs: using flush barriers 07:08:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x15}, [{}]}, 0x58) [ 384.259382] REISERFS (device loop5): using ordered data mode [ 384.265268] reiserfs: using flush barriers [ 384.277328] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 384.298495] REISERFS warning (device loop1): sh-459 journal_init: unable to read journal header 07:08:48 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x15000000, 0x20}, [{}]}, 0x58) [ 384.300663] REISERFS warning (device loop5): sh-458 journal_init_dev: cannot init journal device 'unknown-block(9,8)': -16 [ 384.318630] REISERFS warning (device loop5): sh-462 journal_init: unable to initialize journal device [ 384.319205] REISERFS warning (device loop1): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 384.343352] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000030d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1f4]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x15000000}, [{}]}, 0x58) [ 384.430507] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:48 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080520, r1}, &(0x7f0000000040)={0xfffffffffffffffc}) ptrace$getenv(0x4201, r1, 0x0, &(0x7f0000000080)) 07:08:48 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x500, 0x20}, [{}]}, 0x58) 07:08:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x5460, 0x0) 07:08:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xbb8]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 384.574288] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 384.585989] REISERFS (device loop5): using ordered data mode [ 384.591896] reiserfs: using flush barriers [ 384.624498] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 384.640498] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:48 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x18200, 0x0) ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f00000000c0)) r2 = getpgrp(0x0) capget(&(0x7f0000000100)={0x20080522, r2}, &(0x7f0000000040)) 07:08:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1100}, [{}]}, 0x58) 07:08:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000017e0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080520, r1}, &(0x7f0000000040)={0xfffffffffffffffc}) ptrace$getenv(0x4201, r1, 0x0, &(0x7f0000000080)) 07:08:48 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x500000000000000, 0x20}, [{}]}, 0x58) 07:08:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff7f]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xc020660b, 0x0) 07:08:48 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080520, r1}, &(0x7f0000000040)={0xfffffffffffffffc}) ptrace$getenv(0x4201, r1, 0x0, &(0x7f0000000080)) [ 385.129398] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 385.142688] REISERFS (device loop5): using ordered data mode [ 385.148696] reiserfs: using flush barriers 07:08:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfec00000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x15}, [{}]}, 0x58) 07:08:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000f0000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:48 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x100000000000000, 0x20}, [{}]}, 0x58) 07:08:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080520, r1}, &(0x7f0000000040)={0xfffffffffffffffc}) ptrace$getenv(0x4201, r1, 0x0, &(0x7f0000000080)) 07:08:48 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff80, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x4}) [ 385.220230] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x2, 0x0) 07:08:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x11}, [{}]}, 0x58) 07:08:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080520, r1}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:48 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:48 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000004c0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 385.282888] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:48 executing program 0: r0 = socket$inet6(0xa, 0x1000000000009, 0x8081) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x300000000000000, 0x20}, [{}]}, 0x58) 07:08:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1f00000000000000}, [{}]}, 0x58) 07:08:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendto$inet6(r0, &(0x7f0000000080)="cce55e9e51a4c98af78115c04d113d7e672f68d7ab5ab63ec52476443bc83f212623fb25a83bd0d37cb714caa541a1dc0d1951841b9fe1dad56c6e1979b186d2eda83b59685c5bd3c61ca5c7cc85ae5023cb5a5f8340247cc7668392973209a37439ec7936da0139a052a0b33e92bf9f865c01f2b723e6b795485c5ae143ad", 0x7f, 0x10, &(0x7f0000000100)={0xa, 0x4e23, 0x4, @empty, 0xfffffffffffffff7}, 0x1c) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/autofs\x00', 0x100fc, 0x0) connect$bt_rfcomm(r2, &(0x7f0000000200)={0x1f, {0x5, 0x7, 0x400, 0x100000000, 0x100000001, 0x4}, 0x5}, 0xffffff45) ioctl$EVIOCGSND(r2, 0x8040451a, &(0x7f00000002c0)=""/232) 07:08:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000006c000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1200000000000000, 0x20}, [{}]}, 0x58) [ 385.511628] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x5421, 0x0) 07:08:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 385.560429] REISERFS (device loop5): using ordered data mode [ 385.566306] reiserfs: using flush barriers 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000006000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1500}, [{}]}, 0x58) 07:08:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = dup2(0xffffffffffffff9c, r0) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000080)=0x5, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080522}, &(0x7f0000000040)) [ 385.608654] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header 07:08:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3000000, 0x20}, [{}]}, 0x58) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1600}, [{}]}, 0x58) [ 385.668452] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x400000000000000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x80040, 0x0) unlinkat(r3, &(0x7f0000000100)='./file0\x00', 0x200) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r3, 0x84, 0x74, &(0x7f0000000380)=""/208, &(0x7f0000000480)=0xd0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000340)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x80, r4, 0x2, 0x70bd28, 0x25dfdbfd, {0x5}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x81}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x14f7}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x9}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x1}, 0x4000001) getsockopt$kcm_KCM_RECV_DISABLE(r3, 0x119, 0x1, &(0x7f00000000c0), 0x4) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000004000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3, 0x20}, [{}]}, 0x58) 07:08:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x500}, [{}]}, 0x58) 07:08:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x4004ae8b, 0x0) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000011630d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x581080, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x1, 0x40, 0x1, 0x7e, 0x9, 0x9, 0x3, 0x8000000000, 0x1, 0x2, 0x416e9d3b, 0x2}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000340)=0x100) r2 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) [ 385.839694] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal 07:08:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:49 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x14}, [{}]}, 0x58) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000028000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x12, 0x20}, [{}]}, 0x58) [ 385.914111] REISERFS (device loop5): using ordered data mode [ 385.920026] reiserfs: using flush barriers [ 385.940947] REISERFS warning (device loop5): sh-459 journal_init: unable to read journal header [ 385.952703] REISERFS warning (device loop5): sh-2022 reiserfs_fill_super: unable to initialize journal space 07:08:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x890f, &(0x7f00000000c0)="08b4524c1c227007675f0973bf2a51332b73b43a305fa7f8b63dd90396bb42aa09e617c27fd1552c8bc32c8d880ce6c57edd991a1f659f0724d56af10c350672e90efa6de63f9ae11be43b") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x800000000, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)) getpgrp(0xffffffffffffffff) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000001c0)) ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000200)) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000240)) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000280)=0x0) r2 = getpgrp(r1) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x5000000, 0x20}, [{}]}, 0x58) 07:08:49 executing program 1: socket$inet6(0xa, 0x1000000000002, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000280d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1600000000000000}, [{}]}, 0x58) 07:08:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x4090ae82, 0x0) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x100000000000000}, [{}]}, 0x58) [ 386.183042] REISERFS (device loop5): found reiserfs format "3.5" with non-standard journal [ 386.191559] REISERFS warning (device loop5): reiserfs_fill_super: Filesystem cannot be mounted because it is bigger than the device [ 386.203654] REISERFS warning (device loop5): reiserfs_fill_super: You may need to run fsck or increase size of your LVM partition 07:08:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) timer_create(0x2, &(0x7f0000000240)={0x0, 0x1, 0x5, @thr={&(0x7f0000000080)="116d962da77f204e76924aaf058bcf599686f6b92cf735a2be8504cc12b882e94f4f7d723efa0fec656b3b4d90458bafcaaa5ee77fb63d58da2b74fbd215ca135f7516aae4308672fbfc737a2cc143121b1bddb8b53dd3c437847ef81dc416eab61088ed794d7cb1bb57c950666ba82dfa21e3395ddb5acb11aafc3093dbbab32b", &(0x7f00000001c0)="19be87706019907d536e2408140eafc26450583f55d61e3444e3c32169341041bfbd746e8c56294e66695f18cc15b66fbfbc9012b7c586d13245697c83f89162d1eee8902fd6f1600a23f9203f5e23b35f8230002d59dc7ed29fae49d21a0029b6d76e5ba37b"}}, &(0x7f00000002c0)=0x0) timer_delete(r2) 07:08:49 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000680d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1200}, [{}]}, 0x58) 07:08:49 executing program 1: socket$inet6(0xa, 0x1000000000002, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x16000000, 0x20}, [{}]}, 0x58) [ 386.203671] REISERFS warning (device loop5): reiserfs_fill_super: Or may be you forgot to reboot after fdisk when it told you to 07:08:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000013900)) 07:08:49 executing program 1: socket$inet6(0xa, 0x1000000000002, 0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:49 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000005000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x300}, [{}]}, 0x58) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgid(0xffffffffffffffff) r2 = getpgrp(r1) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3f00, 0x20}, [{}]}, 0x58) 07:08:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x8090ae81, 0x0) 07:08:50 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000004c000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 386.421641] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x300000000000000}, [{}]}, 0x58) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = getpid() getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x0, 0x1, 0x80000001, 0x0, 0xffffffffffffff00}, &(0x7f0000000240)=0x98) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000380)={r2, 0x4}, &(0x7f00000003c0)=0x8) r3 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x400, 0x400000) openat$cgroup_ro(r3, &(0x7f0000000200)='io.stat\x00', 0x0, 0x0) sched_setparam(r1, &(0x7f0000000080)=0xfffffffffffffeff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x740) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100)={0x1, 0x3, 0x6, 0x81}, 0x14) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:50 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000013900)) 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x16, 0x20}, [{}]}, 0x58) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfe800000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000007e010d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1100000000000000}, [{}]}, 0x58) 07:08:50 executing program 1: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = getpid() getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x0, 0x1, 0x80000001, 0x0, 0xffffffffffffff00}, &(0x7f0000000240)=0x98) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000380)={r2, 0x4}, &(0x7f00000003c0)=0x8) r3 = syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x400, 0x400000) openat$cgroup_ro(r3, &(0x7f0000000200)='io.stat\x00', 0x0, 0x0) sched_setparam(r1, &(0x7f0000000080)=0xfffffffffffffeff) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(r1, 0x8, &(0x7f00000000c0)=0x740) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000100)={0x1, 0x3, 0x6, 0x81}, 0x14) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) [ 386.644536] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1600000000000000, 0x20}, [{}]}, 0x58) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1400000000000000}, [{}]}, 0x58) 07:08:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xc0189436, 0x0) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x1fffff]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000013900)) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000480d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)=0x1, 0x4) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='/dev/snd/pcmC#D#c\x00', r2}, 0x10) r3 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x100000000, 0x82) llistxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=""/47, 0x2f) mq_notify(r3, &(0x7f00000001c0)={0x0, 0x24, 0x4, @thr={&(0x7f00000000c0)="14ceafe83985db1a8fd8d4f12a0b1f2194bc46f0dffa", &(0x7f0000000100)="66d7259cf17f5473c5333bb61370c609b2166210a0f89f454f"}}) ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f00000002c0)={0x0, 0x0, 0x561, &(0x7f0000000240)=0x200}) 07:08:50 executing program 1: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1400000000000000, 0x20}, [{}]}, 0x58) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4000000}, [{}]}, 0x58) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000050d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 386.845352] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240), 0x0, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x104]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1000000, 0x20}, [{}]}, 0x58) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000200)=0x1, 0x4) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/net/pfkey\x00', 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000380)='/dev/snd/pcmC#D#c\x00', r2}, 0x10) r3 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x100000000, 0x82) llistxattr(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)=""/47, 0x2f) mq_notify(r3, &(0x7f00000001c0)={0x0, 0x24, 0x4, @thr={&(0x7f00000000c0)="14ceafe83985db1a8fd8d4f12a0b1f2194bc46f0dffa", &(0x7f0000000100)="66d7259cf17f5473c5333bb61370c609b2166210a0f89f454f"}}) ioctl$KVM_HAS_DEVICE_ATTR(r3, 0x4018aee3, &(0x7f00000002c0)={0x0, 0x0, 0x561, &(0x7f0000000240)=0x200}) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a00090000000600000000007a000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:50 executing program 1: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x5451, 0x0) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1f00}, [{}]}, 0x58) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = gettid() r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x7, 0x400) setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0xf16, 0x4) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x400000) read$eventfd(r3, &(0x7f00000000c0), 0x8) fcntl$setown(r0, 0x8, r1) socket$bt_hidp(0x1f, 0x3, 0x6) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) [ 387.047666] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x2000000, 0x20}, [{}]}, 0x58) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000048000d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x2}, [{}]}, 0x58) 07:08:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240), 0x0, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:50 executing program 1: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x3f000000, 0x20}, [{}]}, 0x58) 07:08:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x4138ae84, 0x0) 07:08:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f00000002c0)=""/242, &(0x7f0000000080)=0xf2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") munlockall() r1 = dup3(r0, r0, 0x80000) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000001c0)={0x28, 0x3, 0x9, 0x1e, 0x3, 0x80000001, 0x1, 0x10f, 0x1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f00000000c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000100)={r2}) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x200000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lseek(r3, 0x1e, 0x4) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1f000000}, [{}]}, 0x58) 07:08:50 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000006c0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 387.228648] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:50 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:50 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfcff0000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f00000002c0)=""/242, &(0x7f0000000080)=0xf2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") munlockall() r1 = dup3(r0, r0, 0x80000) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000001c0)={0x28, 0x3, 0x9, 0x1e, 0x3, 0x80000001, 0x1, 0x10f, 0x1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f00000000c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000100)={r2}) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x200000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lseek(r3, 0x1e, 0x4) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x14, 0x20}, [{}]}, 0x58) 07:08:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240), 0x0, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x3000000}, [{}]}, 0x58) 07:08:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000007a0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x40049409, 0x0) 07:08:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet6_dccp_buf(r0, 0x21, 0xe, &(0x7f00000002c0)=""/242, &(0x7f0000000080)=0xf2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") munlockall() r1 = dup3(r0, r0, 0x80000) ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f00000001c0)={0x28, 0x3, 0x9, 0x1e, 0x3, 0x80000001, 0x1, 0x10f, 0x1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, &(0x7f00000000c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r1, 0xc018620b, &(0x7f0000000100)={r2}) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x200000000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) lseek(r3, 0x1e, 0x4) r4 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r4}, &(0x7f0000000040)) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x200000000000000, 0x20}, [{}]}, 0x58) [ 387.456652] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f", 0x1f, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4}, [{}]}, 0x58) 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000060d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x2, @loopback={0x0, 0x1}, 0x8001}, 0x1c) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x200, 0x0) ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000100)=""/49) r2 = getpgrp(0x0) prctl$void(0x3) capget(&(0x7f0000000000)={0x20080522, r2}, &(0x7f0000000040)) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0xffffff7f00000000, 0x20}, [{}]}, 0x58) 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) [ 387.615701] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000020d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x400000000000000}, [{}]}, 0x58) 07:08:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f", 0x1f, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x81a0ae8c, 0x0) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1f000000, 0x20}, [{}]}, 0x58) 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) [ 387.726960] nla_parse: 20 callbacks suppressed [ 387.726968] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x14000000}, [{}]}, 0x58) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 387.823236] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 387.843034] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x14000000, 0x20}, [{}]}, 0x58) 07:08:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000480d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f", 0x1f, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 387.948965] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0xffffff7f, 0x20}, [{}]}, 0x58) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 387.996158] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 388.006059] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x2000000}, [{}]}, 0x58) 07:08:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xc0045878, 0x0) 07:08:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000280d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010", 0x2e, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1f00, 0x20}, [{}]}, 0x58) [ 388.145636] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x12}, [{}]}, 0x58) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400300]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 388.187054] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:51 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:51 executing program 0: socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 388.234061] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0x5450, 0x0) 07:08:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x200000000000000}, [{}]}, 0x58) 07:08:51 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000050d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:51 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x15, 0x20}, [{}]}, 0x58) 07:08:51 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb80b]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010", 0x2e, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) [ 388.335552] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 388.366356] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:52 executing program 0: socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x500000000000000}, [{}]}, 0x58) 07:08:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x11, 0x20}, [{}]}, 0x58) 07:08:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000070d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 388.440197] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010", 0x2e, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1200000000000000}, [{}]}, 0x58) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x1100000000000000) [ 388.532074] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 388.542229] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x2}, [{}]}, 0x58) 07:08:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x401000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 0: socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000680d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) [ 388.629600] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb005265", 0x36, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1000000000000}, [{}]}, 0x58) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1f000000}, [{}]}, 0x58) [ 388.739145] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 388.744793] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. [ 388.775687] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:52 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x12000000}, [{}]}, 0x58) 07:08:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000740d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb005265", 0x36, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0xc00000000000000) [ 388.866875] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1500000000000000}, [{}]}, 0x58) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) [ 388.924632] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x12000000}, [{}]}, 0x58) [ 388.975407] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a0009000000060000000000004c0d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1000000}, [{}]}, 0x58) [ 389.038940] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb005265", 0x36, 0x10000}], 0x0, &(0x7f0000013900)) [ 389.090372] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfec0000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x5}, [{}]}, 0x58) 07:08:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x80ffff) 07:08:52 executing program 0: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x5000000}, [{}]}, 0x58) 07:08:52 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000030d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x2}, [{}]}, 0x58) 07:08:52 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) [ 389.235962] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 389.258465] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:52 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x1400}, [{}]}, 0x58) 07:08:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572", 0x3a, 0x10000}], 0x0, &(0x7f0000013900)) [ 389.321248] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x18000000) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x500000000000000}, [{}]}, 0x58) 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xe8030000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000040d00ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x3}, [{}]}, 0x58) [ 389.426650] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 389.458723] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:53 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1100000000000000}, [{}]}, 0x58) 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x5}, [{}]}, 0x58) [ 389.527117] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'. 07:08:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572", 0x3a, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x29) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x200000000000000}, [{}]}, 0x58) 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x700]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x16}, [{}]}, 0x58) 07:08:53 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d7aff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 389.638469] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 389.667845] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572", 0x3a, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d07ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x14000000}, [{}]}, 0x58) 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x15000000}, [{}]}, 0x58) 07:08:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x100000000000000) [ 389.860791] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 389.878855] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d06ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfc00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x11000000}, [{}]}, 0x58) 07:08:53 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x2000000}, [{}]}, 0x58) 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb005265497345723346", 0x3c, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d4cff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 390.019892] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4010000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x16000000}, [{}]}, 0x58) 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x3f000000}, [{}]}, 0x58) 07:08:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x200000000000000) [ 390.079398] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d02ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0xa00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb005265497345723346", 0x3c, 0x10000}], 0x0, &(0x7f0000013900)) [ 390.177393] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:53 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000)={0x20080520}, &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x5}, [{}]}, 0x58) 07:08:53 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:53 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1200}, [{}]}, 0x58) 07:08:53 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d28ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe803]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000), &(0x7f0000000040)={0xfffffffffffffffc}) 07:08:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x1100) [ 390.322473] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 390.323528] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d6cff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1600}, [{}]}, 0x58) 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x3}, [{}]}, 0x58) 07:08:54 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb005265497345723346", 0x3c, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf401]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d68ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) capget(&(0x7f0000000000), &(0x7f0000000040)) 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x300000000000000}, [{}]}, 0x58) 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1f00}, [{}]}, 0x58) 07:08:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0xf) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 390.562204] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 [ 390.589496] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d03ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)) recvmsg(r1, &(0x7f0000000240)={&(0x7f00000001c0)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000001700)=[{&(0x7f0000000100)=""/29, 0x1d}, {&(0x7f00000002c0)=""/112, 0x70}, {&(0x7f0000000340)=""/189, 0xbd}, {&(0x7f0000000400)=""/216, 0xd8}, {&(0x7f0000000500)=""/155, 0x9b}, {&(0x7f00000005c0)=""/122, 0x7a}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/181, 0xb5}], 0x8, &(0x7f0000001780)=""/216, 0xd8, 0x1b99}, 0x40000000) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f00000018c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="1e0000003eaebbf9a4fe49eb7364742728ad095394ec5a8e43dee1b9ad83e9f574dee64b302c6e2a9ee1c803538630326df0"], &(0x7f00000019c0)=0x26) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000001a80)={0x0, 0x7fffffff}, &(0x7f0000001ac0)=0x8) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000001b00)={0x0, 0x1}, &(0x7f0000001b40)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000001bc0)=@assoc_value={r3, 0xb1}, &(0x7f0000001a40)=0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000001900), &(0x7f0000001940)=0x8) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)) getpgid(0x0) r4 = getpid() r5 = getpgrp(r4) capget(&(0x7f0000000000)={0x20080522, r5}, &(0x7f0000000040)) unlink(&(0x7f0000001880)='./file0\x00') 07:08:54 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d}], 0x0, &(0x7f0000013900)) 07:08:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x12000000}, [{}]}, 0x58) 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x14}, [{}]}, 0x58) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3e8]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = getpgrp(0x0) capget(&(0x7f0000000000)={0x20080522, r1}, &(0x7f0000000040)) rt_tgsigqueueinfo(r1, r1, 0x12, &(0x7f0000000080)={0x16, 0x100000001, 0x7}) [ 390.737225] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 390.745110] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x5000000}, [{}]}, 0x58) 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d04ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x11}, [{}]}, 0x58) 07:08:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x5) 07:08:54 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d}], 0x0, &(0x7f0000013900)) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11}, [{}]}, 0x58) 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d48ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 390.930668] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 390.959864] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x400000000000000}, [{}]}, 0x58) 07:08:54 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfec0]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x4}, [{}]}, 0x58) 07:08:54 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d}], 0x0, &(0x7f0000013900)) 07:08:54 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x200000000000000}, [{}]}, 0x58) [ 391.097172] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d74ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0xc) 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x100000000000000}, [{}]}, 0x58) 07:08:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 391.195427] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11000000}, [{}]}, 0x58) 07:08:54 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) socket$inet6(0xa, 0x1000000000002, 0x0) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:54 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:54 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d05ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x15000000}, [{}]}, 0x58) [ 391.293293] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:55 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e0f0000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x1000000}, [{}]}, 0x58) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) socket$inet6(0xa, 0x1000000000002, 0x0) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:55 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1500}, [{}]}, 0x58) 07:08:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x7000000) 07:08:55 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) socket$inet6(0xa, 0x1000000000002, 0x0) read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:55 executing program 5 (fault-call:2 fault-nth:0): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) [ 391.519778] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) socket$inet6(0xa, 0x1000000000002, 0x0) read(r0, &(0x7f0000000000)=""/151, 0x97) [ 391.562479] FAULT_INJECTION: forcing a failure. [ 391.562479] name failslab, interval 1, probability 0, space 0, times 0 [ 391.573778] CPU: 0 PID: 27927 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 391.582184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.591538] Call Trace: [ 391.594142] dump_stack+0x1c9/0x2b4 [ 391.597782] ? dump_stack_print_info.cold.2+0x52/0x52 [ 391.603000] ? get_pid_task+0xd8/0x1a0 [ 391.606898] should_fail.cold.4+0xa/0x11 [ 391.610969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.611386] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 391.616520] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 391.616550] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 391.632235] ? lock_downgrade+0x8f0/0x8f0 [ 391.636377] ? proc_fail_nth_write+0x9e/0x210 [ 391.640859] ? proc_cwd_link+0x1d0/0x1d0 [ 391.644937] ? lock_acquire+0x1e4/0x540 [ 391.648904] ? lock_acquire+0x1e4/0x540 [ 391.652863] ? fs_reclaim_acquire+0x20/0x20 [ 391.657186] ? lock_downgrade+0x8f0/0x8f0 [ 391.661321] ? check_same_owner+0x340/0x340 [ 391.665637] ? rcu_note_context_switch+0x730/0x730 [ 391.670552] __should_failslab+0x124/0x180 [ 391.674772] should_failslab+0x9/0x14 [ 391.678554] __kmalloc+0x2c8/0x760 [ 391.682078] ? strncpy_from_user+0x510/0x510 [ 391.686471] ? fput+0x130/0x1a0 [ 391.689737] ? __x64_sys_memfd_create+0x142/0x4f0 [ 391.694564] __x64_sys_memfd_create+0x142/0x4f0 [ 391.699219] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 391.704737] ? memfd_fcntl+0x1e80/0x1e80 [ 391.708795] do_syscall_64+0x1b9/0x820 [ 391.712675] ? finish_task_switch+0x1d3/0x870 [ 391.717155] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.722081] ? syscall_return_slowpath+0x31d/0x5e0 [ 391.726993] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 391.731995] ? prepare_exit_to_usermode+0x291/0x3b0 [ 391.736996] ? perf_trace_sys_enter+0xb10/0xb10 [ 391.741652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.746493] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 391.751661] RIP: 0033:0x455ba9 [ 391.754827] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 391.774016] RSP: 002b:00007f0dfbd5fa88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 391.781708] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455ba9 [ 391.788960] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004ba7f0 [ 391.796210] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 391.803463] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000014 07:08:55 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e100000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb80b000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x3000000}, [{}]}, 0x58) [ 391.810713] R13: 00000000004c23e3 R14: 00000000004d39c0 R15: 0000000000000000 07:08:55 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0xffffff7f00000000}, [{}]}, 0x58) 07:08:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) ioctl(0xffffffffffffffff, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:55 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e140000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe80]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2}, [{}]}, 0x58) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) ioctl(0xffffffffffffffff, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:55 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x5000000}, [{}]}, 0x58) [ 391.957422] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0xffff0f00) 07:08:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x500000000000000}, [{}]}, 0x58) 07:08:55 executing program 5 (fault-call:2 fault-nth:1): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:55 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e281163001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) ioctl(0xffffffffffffffff, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:55 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x3f00}, [{}]}, 0x58) [ 392.102659] FAULT_INJECTION: forcing a failure. [ 392.102659] name failslab, interval 1, probability 0, space 0, times 0 [ 392.114007] CPU: 0 PID: 27987 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 392.122414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.131766] Call Trace: [ 392.132730] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 392.134361] dump_stack+0x1c9/0x2b4 [ 392.134379] ? dump_stack_print_info.cold.2+0x52/0x52 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) [ 392.134400] ? trace_hardirqs_on+0x10/0x10 [ 392.153213] should_fail.cold.4+0xa/0x11 [ 392.157286] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 392.162396] ? trace_hardirqs_on+0x10/0x10 [ 392.166649] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 392.171672] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 392.176448] ? lock_acquire+0x1e4/0x540 [ 392.180430] ? is_bpf_text_address+0xae/0x170 [ 392.184937] ? lock_downgrade+0x8f0/0x8f0 [ 392.189090] ? lock_acquire+0x1e4/0x540 [ 392.193068] ? fs_reclaim_acquire+0x20/0x20 [ 392.197403] ? lock_downgrade+0x8f0/0x8f0 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) [ 392.201559] ? check_same_owner+0x340/0x340 [ 392.205890] ? rcu_note_context_switch+0x730/0x730 [ 392.210833] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 392.215863] __should_failslab+0x124/0x180 [ 392.220112] should_failslab+0x9/0x14 [ 392.223949] kmem_cache_alloc+0x2af/0x760 [ 392.228110] ? lock_acquire+0x1e4/0x540 [ 392.232092] __d_alloc+0xc8/0xd50 [ 392.235554] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 392.240572] ? do_raw_spin_unlock+0xa7/0x2f0 [ 392.244981] ? do_raw_spin_trylock+0x1c0/0x1c0 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) [ 392.249656] ? kasan_check_write+0x14/0x20 [ 392.253893] ? do_raw_spin_lock+0xc1/0x200 [ 392.258140] ? _raw_spin_unlock+0x22/0x30 [ 392.262287] ? __alloc_fd+0x34e/0x710 [ 392.266091] ? exit_files+0xb0/0xb0 [ 392.269722] d_alloc_pseudo+0x1d/0x30 [ 392.273524] __shmem_file_setup+0x1f3/0x700 [ 392.277846] ? check_same_owner+0x340/0x340 [ 392.282171] ? shmem_fill_super+0xa50/0xa50 [ 392.286495] ? get_unused_fd_flags+0x122/0x1a0 [ 392.291100] ? __alloc_fd+0x710/0x710 [ 392.294905] shmem_file_setup+0x2f/0x40 [ 392.298891] __x64_sys_memfd_create+0x2af/0x4f0 07:08:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfe800000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:55 executing program 1: readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(0xffffffffffffffff, &(0x7f0000000000)=""/151, 0x97) [ 392.303565] ? memfd_fcntl+0x1e80/0x1e80 [ 392.307633] do_syscall_64+0x1b9/0x820 [ 392.311523] ? finish_task_switch+0x1d3/0x870 [ 392.316023] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.320963] ? syscall_return_slowpath+0x31d/0x5e0 [ 392.325894] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 392.330917] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.335938] ? perf_trace_sys_enter+0xb10/0xb10 [ 392.340612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.345457] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.350646] RIP: 0033:0x455ba9 07:08:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 392.353829] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 392.373093] RSP: 002b:00007f0dfbd5fa88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 392.380807] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455ba9 [ 392.388079] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004ba7f0 [ 392.395348] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 392.402622] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000014 [ 392.409891] R13: 00000000004c23e3 R14: 00000000004d39c0 R15: 0000000000000001 07:08:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x300) 07:08:56 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e28017e001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:56 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x1600000000000000}, [{}]}, 0x58) 07:08:56 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:56 executing program 5 (fault-call:2 fault-nth:2): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:56 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1400}, [{}]}, 0x58) 07:08:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e287400001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 392.559979] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:56 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:56 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x12}, [{}]}, 0x58) 07:08:56 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x1000000000000}, [{}]}, 0x58) 07:08:56 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) [ 392.717870] FAULT_INJECTION: forcing a failure. [ 392.717870] name failslab, interval 1, probability 0, space 0, times 0 [ 392.729270] CPU: 0 PID: 28085 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 392.737671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.747009] Call Trace: [ 392.749587] dump_stack+0x1c9/0x2b4 [ 392.753220] ? dump_stack_print_info.cold.2+0x52/0x52 [ 392.758395] ? is_bpf_text_address+0xd7/0x170 [ 392.762878] ? kernel_text_address+0x79/0xf0 [ 392.767270] should_fail.cold.4+0xa/0x11 [ 392.771315] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 392.776407] ? save_stack+0xa9/0xd0 [ 392.780020] ? save_stack+0x43/0xd0 [ 392.783632] ? kasan_kmalloc+0xc4/0xe0 [ 392.787501] ? kasan_slab_alloc+0x12/0x20 [ 392.791633] ? kmem_cache_alloc+0x12e/0x760 [ 392.795936] ? __d_alloc+0xc8/0xd50 [ 392.799547] ? d_alloc_pseudo+0x1d/0x30 [ 392.803517] ? __shmem_file_setup+0x1f3/0x700 [ 392.807992] ? shmem_file_setup+0x2f/0x40 [ 392.812126] ? __x64_sys_memfd_create+0x2af/0x4f0 [ 392.816956] ? do_syscall_64+0x1b9/0x820 [ 392.821014] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.826362] ? lock_acquire+0x1e4/0x540 [ 392.830320] ? lock_acquire+0x1e4/0x540 [ 392.834276] ? fs_reclaim_acquire+0x20/0x20 [ 392.839044] ? lock_downgrade+0x8f0/0x8f0 [ 392.843181] ? check_same_owner+0x340/0x340 [ 392.847487] ? rcu_note_context_switch+0x730/0x730 [ 392.852401] __should_failslab+0x124/0x180 [ 392.856620] should_failslab+0x9/0x14 [ 392.860404] kmem_cache_alloc+0x2af/0x760 [ 392.864534] ? kasan_slab_alloc+0x12/0x20 [ 392.868666] ? kmem_cache_alloc+0x2fc/0x760 [ 392.872970] ? shmem_destroy_callback+0xc0/0xc0 [ 392.877621] shmem_alloc_inode+0x1b/0x40 [ 392.881668] alloc_inode+0x63/0x190 [ 392.885292] new_inode_pseudo+0x71/0x1a0 [ 392.889335] ? prune_icache_sb+0x1b0/0x1b0 [ 392.893553] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 392.898553] new_inode+0x1c/0x40 [ 392.901901] shmem_get_inode+0xf1/0x910 [ 392.905862] ? do_raw_spin_lock+0xc1/0x200 [ 392.910081] ? shmem_encode_fh+0x340/0x340 [ 392.914299] ? _raw_spin_unlock+0x22/0x30 [ 392.918428] ? __alloc_fd+0x34e/0x710 [ 392.922213] ? exit_files+0xb0/0xb0 [ 392.925839] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.931381] __shmem_file_setup+0x259/0x700 [ 392.935687] ? check_same_owner+0x340/0x340 [ 392.940001] ? shmem_fill_super+0xa50/0xa50 [ 392.944318] ? get_unused_fd_flags+0x122/0x1a0 [ 392.948883] ? __alloc_fd+0x710/0x710 [ 392.952666] shmem_file_setup+0x2f/0x40 [ 392.956625] __x64_sys_memfd_create+0x2af/0x4f0 [ 392.961278] ? memfd_fcntl+0x1e80/0x1e80 [ 392.965325] do_syscall_64+0x1b9/0x820 [ 392.969197] ? syscall_slow_exit_work+0x500/0x500 [ 392.974023] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.978938] ? syscall_return_slowpath+0x31d/0x5e0 [ 392.983854] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.988855] ? perf_trace_sys_enter+0xb10/0xb10 [ 392.993507] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.998333] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.003516] RIP: 0033:0x455ba9 [ 393.006682] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 393.025856] RSP: 002b:00007f0dfbd5fa88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 393.033546] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455ba9 [ 393.040809] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004ba7f0 [ 393.048060] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 393.055310] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000014 07:08:56 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:56 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x4000000}, [{}]}, 0x58) [ 393.062569] R13: 00000000004c23e3 R14: 00000000004d39c0 R15: 0000000000000002 [ 393.072274] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0xffff8000) 07:08:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280600001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfcff000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:56 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x16}, [{}]}, 0x58) 07:08:56 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200), 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:56 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x400000000000000}, [{}]}, 0x58) 07:08:56 executing program 5 (fault-call:2 fault-nth:3): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:56 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280200001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:56 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x15}, [{}]}, 0x58) 07:08:56 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200), 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) [ 393.235601] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 393.263485] FAULT_INJECTION: forcing a failure. [ 393.263485] name failslab, interval 1, probability 0, space 0, times 0 [ 393.274777] CPU: 0 PID: 28136 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 07:08:56 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e28007a001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 393.283183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.292547] Call Trace: [ 393.292579] dump_stack+0x1c9/0x2b4 [ 393.298767] ? dump_stack_print_info.cold.2+0x52/0x52 [ 393.303967] ? save_stack+0xa9/0xd0 [ 393.307602] should_fail.cold.4+0xa/0x11 [ 393.311668] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 393.316783] ? __put_user_ns+0x60/0x60 [ 393.320676] ? current_time+0x72/0x1b0 [ 393.324570] ? lock_downgrade+0x8f0/0x8f0 [ 393.328721] ? kasan_check_write+0x14/0x20 07:08:57 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280007001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:57 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f4]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 393.332959] ? __lockdep_init_map+0x105/0x590 [ 393.337466] ? lock_acquire+0x1e4/0x540 [ 393.341450] ? fs_reclaim_acquire+0x20/0x20 [ 393.345782] ? lock_downgrade+0x8f0/0x8f0 [ 393.349939] ? check_same_owner+0x340/0x340 [ 393.354876] ? rcu_note_context_switch+0x730/0x730 [ 393.359812] ? kasan_check_read+0x11/0x20 [ 393.363970] __should_failslab+0x124/0x180 [ 393.368212] should_failslab+0x9/0x14 [ 393.372024] kmem_cache_alloc+0x2af/0x760 [ 393.376183] ? _raw_spin_unlock+0x22/0x30 [ 393.380333] ? __d_instantiate+0x522/0x750 [ 393.384574] __get_empty_filp+0x11b/0x620 [ 393.388725] ? d_instantiate+0x79/0xa0 [ 393.392619] ? proc_nr_files+0x60/0x60 [ 393.396509] ? do_raw_spin_lock+0xc1/0x200 [ 393.400751] ? kasan_check_read+0x11/0x20 [ 393.404906] ? do_raw_spin_unlock+0xa7/0x2f0 [ 393.409319] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 393.413905] ? kasan_check_write+0x14/0x20 [ 393.418579] ? do_raw_spin_lock+0xc1/0x200 [ 393.422824] alloc_file+0x29/0x3e0 [ 393.426395] ? clear_nlink.part.10+0x65/0x80 [ 393.430805] __shmem_file_setup+0x313/0x700 [ 393.435136] ? check_same_owner+0x340/0x340 [ 393.439459] ? shmem_fill_super+0xa50/0xa50 [ 393.443786] ? get_unused_fd_flags+0x122/0x1a0 [ 393.448368] ? __alloc_fd+0x710/0x710 [ 393.452180] shmem_file_setup+0x2f/0x40 [ 393.456142] __x64_sys_memfd_create+0x2af/0x4f0 [ 393.460798] ? memfd_fcntl+0x1e80/0x1e80 [ 393.464870] do_syscall_64+0x1b9/0x820 [ 393.468749] ? syscall_return_slowpath+0x5e0/0x5e0 [ 393.473675] ? syscall_return_slowpath+0x31d/0x5e0 [ 393.478599] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 393.483598] ? prepare_exit_to_usermode+0x291/0x3b0 [ 393.488598] ? perf_trace_sys_enter+0xb10/0xb10 [ 393.493260] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.498090] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.503261] RIP: 0033:0x455ba9 [ 393.506428] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 393.525593] RSP: 002b:00007f0dfbd5fa88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 393.533282] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455ba9 [ 393.540543] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004ba7f0 [ 393.547794] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 393.555067] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000014 [ 393.562328] R13: 00000000004c23e3 R14: 00000000004d39c0 R15: 0000000000000003 07:08:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x2) 07:08:57 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280700001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:57 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:57 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200), 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:57 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x14000000}, [{}]}, 0x58) 07:08:57 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1500000000000000}, [{}]}, 0x58) 07:08:57 executing program 5 (fault-call:2 fault-nth:4): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:57 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:57 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x0, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:57 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280006001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:57 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x16000000}, [{}]}, 0x58) [ 393.690537] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:57 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2000000}, [{}]}, 0x58) 07:08:57 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 393.768447] FAULT_INJECTION: forcing a failure. [ 393.768447] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 393.780360] CPU: 0 PID: 28193 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 393.788762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.798114] Call Trace: [ 393.800689] dump_stack+0x1c9/0x2b4 [ 393.804301] ? dump_stack_print_info.cold.2+0x52/0x52 [ 393.809474] ? unwind_get_return_address+0x61/0xa0 [ 393.814391] ? __save_stack_trace+0x8d/0xf0 [ 393.818712] should_fail.cold.4+0xa/0x11 [ 393.822760] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 393.827850] ? lock_acquire+0x1e4/0x540 [ 393.831818] ? find_get_entry+0xa6d/0x1120 [ 393.836038] ? lock_downgrade+0x8f0/0x8f0 [ 393.840180] ? trace_hardirqs_on+0x10/0x10 [ 393.844400] ? lock_release+0xa30/0xa30 [ 393.848363] ? do_filp_open+0x255/0x380 [ 393.852324] ? trace_hardirqs_on+0x10/0x10 [ 393.856543] ? percpu_ref_put_many+0x119/0x240 [ 393.861114] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.866635] ? lock_acquire+0x1e4/0x540 [ 393.870600] ? fs_reclaim_acquire+0x20/0x20 [ 393.874920] ? lock_downgrade+0x8f0/0x8f0 [ 393.879054] ? check_same_owner+0x340/0x340 [ 393.883371] ? rcu_note_context_switch+0x730/0x730 [ 393.888287] __alloc_pages_nodemask+0x36e/0xdb0 [ 393.892939] ? kasan_check_read+0x11/0x20 [ 393.897070] ? rcu_is_watching+0x8c/0x150 [ 393.901203] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 393.906203] ? trace_hardirqs_on+0x10/0x10 [ 393.910422] ? is_bpf_text_address+0xd7/0x170 [ 393.914913] ? kernel_text_address+0x79/0xf0 [ 393.919319] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 393.924320] ? percpu_counter_add_batch+0xf2/0x150 [ 393.929238] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 393.934237] ? __vm_enough_memory+0x590/0x980 [ 393.938720] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 393.944240] alloc_pages_vma+0xdd/0x540 [ 393.948204] shmem_alloc_page+0xa8/0x190 [ 393.952246] ? shmem_swapin+0x230/0x230 [ 393.956225] shmem_alloc_and_acct_page+0x1f1/0x820 [ 393.961139] ? shmem_getattr+0x2c0/0x2c0 [ 393.965193] ? mem_cgroup_id_get_many+0x160/0x160 [ 393.970023] ? lock_release+0xa30/0xa30 [ 393.973979] ? __wake_up_common_lock+0x1d0/0x330 [ 393.978718] shmem_getpage_gfp+0x6ea/0x3ec0 [ 393.983042] ? shmem_writepage+0x13a0/0x13a0 [ 393.987433] ? __unlock_page_memcg+0x72/0x100 [ 393.991909] ? unlock_page_memcg+0x2c/0x40 [ 393.996141] ? page_add_new_anon_rmap+0x870/0x870 [ 394.000967] ? trace_hardirqs_on+0x10/0x10 [ 394.005196] ? trace_hardirqs_on+0x10/0x10 [ 394.009414] ? trace_hardirqs_on+0x10/0x10 [ 394.013633] ? trace_hardirqs_on+0x10/0x10 [ 394.017850] ? lock_acquire+0x1e4/0x540 [ 394.021808] ? alloc_set_pte+0x1133/0x1790 [ 394.026035] ? trace_hardirqs_on+0x10/0x10 [ 394.030253] ? lock_release+0xa30/0xa30 [ 394.034223] ? xas_descend+0x20c/0x5f0 [ 394.038097] ? trace_hardirqs_on+0x10/0x10 [ 394.042315] ? trace_hardirqs_on+0x10/0x10 [ 394.046544] ? trace_hardirqs_on+0x10/0x10 [ 394.050764] ? trace_hardirqs_on+0x10/0x10 [ 394.054994] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 394.060007] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 394.064753] ? trace_hardirqs_on+0x10/0x10 [ 394.068985] ? lock_acquire+0x1e4/0x540 [ 394.072943] ? is_bpf_text_address+0xae/0x170 [ 394.077423] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 394.082427] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 394.087171] ? trace_hardirqs_on+0x10/0x10 [ 394.091399] ? lock_downgrade+0x8f0/0x8f0 [ 394.095542] ? trace_hardirqs_on+0x10/0x10 [ 394.099767] ? lock_acquire+0x1e4/0x540 [ 394.103724] ? simple_xattr_get+0x106/0x180 [ 394.108035] ? current_time+0x72/0x1b0 [ 394.111916] ? lock_downgrade+0x8f0/0x8f0 [ 394.116049] ? kasan_check_read+0x11/0x20 [ 394.120181] ? lock_release+0xa30/0xa30 [ 394.124147] ? kasan_check_write+0x14/0x20 [ 394.128364] ? do_raw_spin_lock+0xc1/0x200 [ 394.132595] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.138117] ? iov_iter_fault_in_readable+0x23d/0x460 [ 394.143290] ? copy_page_from_iter+0x890/0x890 [ 394.147854] ? __sanitizer_cov_trace_cmp4+0x10/0x20 [ 394.152853] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 394.158028] shmem_write_begin+0x10a/0x1e0 [ 394.162260] generic_perform_write+0x3ae/0x6c0 [ 394.166831] ? add_page_wait_queue+0x2c0/0x2c0 [ 394.171396] ? file_update_time+0xe4/0x640 [ 394.175618] ? current_time+0x1b0/0x1b0 [ 394.179581] ? down_write+0x8f/0x130 [ 394.183278] __generic_file_write_iter+0x26e/0x630 [ 394.188193] generic_file_write_iter+0x438/0x870 [ 394.192935] ? __generic_file_write_iter+0x630/0x630 [ 394.198023] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.203554] ? iov_iter_init+0xc9/0x1f0 [ 394.207513] __vfs_write+0x6c6/0x9f0 [ 394.211212] ? kernel_read+0x120/0x120 [ 394.215083] ? lock_release+0xa30/0xa30 [ 394.219040] ? check_same_owner+0x340/0x340 [ 394.223343] ? __fget_light+0x2f7/0x440 [ 394.227298] ? fget_raw+0x20/0x20 [ 394.230736] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.236270] ? __sb_start_write+0x17f/0x300 [ 394.240576] vfs_write+0x1fc/0x560 [ 394.244100] ksys_pwrite64+0x181/0x1b0 [ 394.247980] ? __ia32_sys_pread64+0xf0/0xf0 [ 394.252287] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 394.257816] ? fput+0x130/0x1a0 [ 394.261082] ? do_sys_ftruncate+0x44e/0x560 [ 394.265388] __x64_sys_pwrite64+0x97/0xf0 [ 394.269520] do_syscall_64+0x1b9/0x820 [ 394.273387] ? finish_task_switch+0x1d3/0x870 [ 394.277864] ? syscall_return_slowpath+0x5e0/0x5e0 [ 394.282776] ? syscall_return_slowpath+0x31d/0x5e0 [ 394.287700] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 394.292700] ? prepare_exit_to_usermode+0x291/0x3b0 [ 394.297700] ? perf_trace_sys_enter+0xb10/0xb10 [ 394.302353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.307182] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 394.312352] RIP: 0033:0x40fe67 [ 394.315531] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 394.334704] RSP: 002b:00007f0dfbd5fa80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 394.342394] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 000000000040fe67 [ 394.349654] RDX: 000000000000003d RSI: 0000000020000240 RDI: 0000000000000015 [ 394.356903] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001 [ 394.364156] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000015 07:08:58 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280003001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 394.371406] R13: 0000000000000001 R14: 00000000004d39c0 R15: 0000000000000004 07:08:58 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x0, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:58 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x1000000) 07:08:58 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x4000000}, [{}]}, 0x58) 07:08:58 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x1600}, [{}]}, 0x58) 07:08:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280000000f00ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 394.435275] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 394.474741] REISERFS warning (device loop5): sh-2021 reiserfs_fill_super: can not find reiserfs on loop5 07:08:58 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:58 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@sb={'sb', 0x3d, [0x0, 0x0, 0x33, 0x38, 0x32, 0x35, 0x3f]}, 0x2c}, {@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:58 executing program 5 (fault-call:2 fault-nth:5): r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000240)="00080000ec0500006d8a2b001200040008090000b90200000001000084811f4ce10000001e000000000000000010ec0302e5fb00526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000013900)) 07:08:58 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x0, 0x0) ioctl(r1, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:58 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x1400}, [{}]}, 0x58) 07:08:58 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x500}, [{}]}, 0x58) 07:08:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e286311001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 394.656343] FAULT_INJECTION: forcing a failure. [ 394.656343] name failslab, interval 1, probability 0, space 0, times 0 [ 394.667583] CPU: 0 PID: 28265 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 394.675986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.685339] Call Trace: [ 394.687943] dump_stack+0x1c9/0x2b4 [ 394.691577] ? dump_stack_print_info.cold.2+0x52/0x52 [ 394.696767] should_fail.cold.4+0xa/0x11 [ 394.700837] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 394.705933] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 394.710938] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 394.715678] ? lock_acquire+0x1e4/0x540 [ 394.719638] ? is_bpf_text_address+0xae/0x170 [ 394.724116] ? lock_downgrade+0x8f0/0x8f0 [ 394.728248] ? lock_release+0xa30/0xa30 [ 394.732236] ? trace_hardirqs_on+0x10/0x10 [ 394.736456] ? kasan_check_read+0x11/0x20 [ 394.740598] ? rcu_is_watching+0x8c/0x150 [ 394.744730] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 394.749387] ? trace_hardirqs_on+0x10/0x10 [ 394.753605] ? unwind_get_return_address+0x61/0xa0 [ 394.758517] ? __save_stack_trace+0x8d/0xf0 [ 394.762832] __should_failslab+0x124/0x180 [ 394.767060] should_failslab+0x9/0x14 [ 394.770853] kmem_cache_alloc+0x47/0x760 [ 394.774898] ? trace_hardirqs_on+0x10/0x10 [ 394.779119] xas_alloc+0x38a/0x490 [ 394.782643] ? minmax_running_min+0x690/0x690 [ 394.787121] ? trace_hardirqs_on+0x10/0x10 [ 394.791337] ? percpu_ref_put_many+0x119/0x240 [ 394.795904] xas_create+0x3ae/0x1150 [ 394.799601] ? fs_reclaim_acquire+0x20/0x20 [ 394.803910] ? xas_descend+0x5f0/0x5f0 [ 394.807785] ? lock_acquire+0x1e4/0x540 [ 394.811742] ? percpu_ref_tryget_live+0x143/0x440 [ 394.816568] ? lock_downgrade+0x8f0/0x8f0 [ 394.820703] ? lock_release+0xa30/0xa30 [ 394.824659] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 394.829483] ? kasan_check_read+0x11/0x20 [ 394.833612] ? trace_hardirqs_on+0xd/0x10 [ 394.838094] ? try_charge+0xbc2/0x1680 [ 394.841966] xas_store+0xce/0x1720 [ 394.845490] ? xas_find_tagged+0x1440/0x1440 [ 394.849884] ? lock_acquire+0x1e4/0x540 [ 394.853852] ? shmem_add_to_page_cache+0x8b9/0x1450 [ 394.858851] ? xa_find_after+0x9a0/0x9a0 [ 394.862894] ? percpu_ref_put_many+0x119/0x240 [ 394.867470] ? lock_downgrade+0x8f0/0x8f0 [ 394.871602] ? xas_find_conflict+0x360/0x8d0 [ 394.875994] ? kasan_check_write+0x14/0x20 [ 394.880223] ? do_raw_spin_lock+0xc1/0x200 [ 394.884443] shmem_add_to_page_cache+0x98e/0x1450 [ 394.889271] ? shmem_write_end+0x9a0/0x9a0 [ 394.893509] ? mem_cgroup_try_charge+0x548/0xa70 [ 394.898247] ? mem_cgroup_protected+0xa60/0xa60 [ 394.902905] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.908428] ? shmem_alloc_and_acct_page+0x31a/0x820 [ 394.913515] ? shmem_getattr+0x2c0/0x2c0 [ 394.917560] ? mem_cgroup_id_get_many+0x160/0x160 [ 394.922387] ? lock_release+0xa30/0xa30 [ 394.926341] ? __wake_up_common_lock+0x1d0/0x330 [ 394.931090] shmem_getpage_gfp+0xaad/0x3ec0 [ 394.935400] ? shmem_writepage+0x13a0/0x13a0 [ 394.939801] ? __unlock_page_memcg+0x72/0x100 [ 394.944278] ? unlock_page_memcg+0x2c/0x40 [ 394.948497] ? page_add_new_anon_rmap+0x870/0x870 [ 394.953325] ? trace_hardirqs_on+0x10/0x10 [ 394.957544] ? trace_hardirqs_on+0x10/0x10 [ 394.961764] ? trace_hardirqs_on+0x10/0x10 [ 394.965984] ? trace_hardirqs_on+0x10/0x10 [ 394.970202] ? lock_acquire+0x1e4/0x540 [ 394.974178] ? alloc_set_pte+0x1133/0x1790 [ 394.978398] ? trace_hardirqs_on+0x10/0x10 [ 394.982615] ? lock_release+0xa30/0xa30 [ 394.986572] ? xas_descend+0x20c/0x5f0 [ 394.990442] ? trace_hardirqs_on+0x10/0x10 [ 394.994689] ? trace_hardirqs_on+0x10/0x10 [ 394.998920] ? trace_hardirqs_on+0x10/0x10 [ 395.003136] ? trace_hardirqs_on+0x10/0x10 [ 395.007354] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 395.012354] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 395.017095] ? trace_hardirqs_on+0x10/0x10 [ 395.021312] ? lock_acquire+0x1e4/0x540 [ 395.025265] ? is_bpf_text_address+0xae/0x170 [ 395.029746] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 395.034746] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 395.039486] ? trace_hardirqs_on+0x10/0x10 [ 395.043704] ? lock_downgrade+0x8f0/0x8f0 [ 395.047835] ? trace_hardirqs_on+0x10/0x10 [ 395.052056] ? lock_acquire+0x1e4/0x540 [ 395.056025] ? simple_xattr_get+0x106/0x180 [ 395.060331] ? current_time+0x72/0x1b0 [ 395.064200] ? lock_downgrade+0x8f0/0x8f0 [ 395.068329] ? kasan_check_read+0x11/0x20 [ 395.072464] ? lock_release+0xa30/0xa30 [ 395.076432] ? kasan_check_write+0x14/0x20 [ 395.080656] ? do_raw_spin_lock+0xc1/0x200 [ 395.084888] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.090409] ? iov_iter_fault_in_readable+0x23d/0x460 [ 395.095581] ? copy_page_from_iter+0x890/0x890 [ 395.100146] ? __sanitizer_cov_trace_cmp4+0x10/0x20 [ 395.105306] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 395.110480] shmem_write_begin+0x10a/0x1e0 [ 395.114701] generic_perform_write+0x3ae/0x6c0 [ 395.119268] ? add_page_wait_queue+0x2c0/0x2c0 [ 395.123833] ? file_update_time+0xe4/0x640 [ 395.128052] ? current_time+0x1b0/0x1b0 [ 395.132017] ? down_write+0x8f/0x130 [ 395.135716] __generic_file_write_iter+0x26e/0x630 [ 395.140640] generic_file_write_iter+0x438/0x870 [ 395.145390] ? __generic_file_write_iter+0x630/0x630 [ 395.150481] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.156020] ? iov_iter_init+0xc9/0x1f0 [ 395.159978] __vfs_write+0x6c6/0x9f0 [ 395.163679] ? kernel_read+0x120/0x120 [ 395.167548] ? lock_release+0xa30/0xa30 [ 395.171504] ? check_same_owner+0x340/0x340 [ 395.175806] ? __fget_light+0x2f7/0x440 [ 395.179762] ? fget_raw+0x20/0x20 [ 395.183203] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.188721] ? __sb_start_write+0x17f/0x300 [ 395.193038] vfs_write+0x1fc/0x560 [ 395.196565] ksys_pwrite64+0x181/0x1b0 [ 395.200435] ? __ia32_sys_pread64+0xf0/0xf0 [ 395.204738] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 395.210266] ? fput+0x130/0x1a0 [ 395.213531] ? do_sys_ftruncate+0x44e/0x560 [ 395.217845] __x64_sys_pwrite64+0x97/0xf0 [ 395.221978] do_syscall_64+0x1b9/0x820 [ 395.225850] ? finish_task_switch+0x1d3/0x870 [ 395.230339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 395.235252] ? syscall_return_slowpath+0x31d/0x5e0 [ 395.240175] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 395.245184] ? prepare_exit_to_usermode+0x291/0x3b0 [ 395.250193] ? perf_trace_sys_enter+0xb10/0xb10 [ 395.254856] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.259683] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.264855] RIP: 0033:0x40fe67 [ 395.268023] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 395.287200] RSP: 002b:00007f0dfbd5fa80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 395.294889] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 000000000040fe67 [ 395.302140] RDX: 000000000000003d RSI: 0000000020000240 RDI: 0000000000000015 07:08:58 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e282800001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:58 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) [ 395.309393] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001 [ 395.316644] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000015 [ 395.323912] R13: 0000000000000001 R14: 00000000004d39c0 R15: 0000000000000005 07:08:59 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280074001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) 07:08:59 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x14}, [{}]}, 0x58) [ 395.361166] EXT4-fs (loop0): VFS: Can't find ext4 filesystem 07:08:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0xffff0f0000000000) 07:08:59 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x9) write$binfmt_elf32(r1, &(0x7f0000000340)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000004, 0x200000004, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x20, 0x1400000000000000}, [{}]}, 0x58) 07:08:59 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000003c0)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x100000000805, 0x0) sendmsg$inet_sctp(r1, &(0x7f0000000580)={&(0x7f00000000c0)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00]}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000400)='o', 0x1}], 0x1, &(0x7f0000000540)}, 0x0) 07:08:59 executing program 1: r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/igmp\x00') readv(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/136, 0x88}], 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") read(r0, &(0x7f0000000000)=""/151, 0x97) 07:08:59 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f00000015c0), 0x0, &(0x7f0000001680)={[{@data_journal='data=journal', 0x2c}, {@journal_ioprio={'journal_ioprio', 0x3d, [0x37, 0x33, 0x3b, 0x35, 0x0]}, 0x2c}, {@init_itable_val={'init_itable', 0x3d, [0x0, 0x3d, 0x3f, 0x3d, 0x37, 0x3f, 0x38, 0x31]}, 0x2c}]}) 07:08:59 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="24000000290007031dfffd946fa2830020200a000900000006000000000000000d00ff7e280000006300ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47a6268e3406cf055d90f15a3", 0x4c}], 0x1}, 0x0) [ 395.566926] EXT4-fs (loop0): VFS: Can't find ext4 filesystem [ 431.163250] list_add corruption. prev->next should be next (ffff8801dae26708), but was 0000000000000000. (prev=ffff8801dae26740). [ 431.175184] ------------[ cut here ]------------ [ 431.179916] kernel BUG at lib/list_debug.c:28! [ 431.184494] invalid opcode: 0000 [#1] SMP KASAN [ 431.189146] CPU: 0 PID: 28265 Comm: syz-executor5 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 431.197537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 431.206883] RIP: 0010:__list_add_valid.cold.0+0x23/0x25 [ 431.212317] Code: e8 9f 72 57 fe eb 97 48 89 d9 48 c7 c7 60 80 1a 88 e8 72 b8 ff fd 0f 0b 48 89 f1 48 c7 c7 20 81 1a 88 48 89 de e8 5e b8 ff fd <0f> 0b 4c 89 e2 48 89 de 48 c7 c7 60 82 1a 88 e8 4a b8 ff fd 0f 0b [ 431.231453] RSP: 0018:ffff8801dae079c0 EFLAGS: 00010086 [ 431.236795] RAX: 0000000000000075 RBX: ffff8801dae26708 RCX: 0000000000000000 [ 431.244045] RDX: 0000000000000000 RSI: ffffffff81634381 RDI: 0000000000000001 [ 431.251292] RBP: ffff8801dae079d8 R08: ffff8801c67f8100 R09: ffffed003b5c4fc0 [ 431.258538] R10: ffffed003b5c4fc0 R11: ffff8801dae27e07 R12: ffff8801dae26740 [ 431.265784] R13: ffff8801dae07ab8 R14: ffff8801dae26740 R15: 0000000000000001 [ 431.273036] FS: 00007f0dfbd60700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 431.281254] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 431.287114] CR2: 00007fbbe3b0a518 CR3: 0000000008e6a000 CR4: 00000000001406f0 [ 431.294372] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 431.301618] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 431.308862] Call Trace: [ 431.311433] [ 431.313568] ? cpu_stop_queue_work+0x114/0x460 [ 431.318182] cpu_stop_queue_work+0x248/0x460 [ 431.322569] ? cpu_stop_park+0x160/0x160 [ 431.326609] ? trace_hardirqs_off+0xd/0x10 [ 431.330834] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 431.335919] ? kasan_check_read+0x11/0x20 [ 431.340046] ? do_raw_spin_unlock+0xa7/0x2f0 [ 431.344433] ? touch_softlockup_watchdog+0x30/0x30 [ 431.349340] stop_one_cpu_nowait+0xd3/0x100 [ 431.353656] watchdog_timer_fn+0x93/0x2e0 [ 431.357784] __hrtimer_run_queues+0x3eb/0x10c0 [ 431.362345] ? softlockup_fn+0x30/0x30 [ 431.366225] ? hrtimer_start_range_ns+0xd20/0xd20 [ 431.371051] ? pvclock_read_flags+0x160/0x160 [ 431.375526] ? kvm_clock_read+0x25/0x30 [ 431.379479] ? kvm_clock_read+0x25/0x30 [ 431.383433] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 431.388430] ? ktime_get_update_offsets_now+0x3db/0x5d0 [ 431.393773] ? do_timer+0x50/0x50 [ 431.397215] ? kasan_check_read+0x11/0x20 [ 431.401342] ? rcu_nmi_exit+0xe0/0x2d0 [ 431.405219] ? do_raw_spin_lock+0xc1/0x200 [ 431.409434] hrtimer_interrupt+0x2f3/0x750 [ 431.413665] smp_apic_timer_interrupt+0x165/0x730 [ 431.418484] ? smp_call_function_single_interrupt+0x660/0x660 [ 431.424350] ? _raw_spin_unlock+0x22/0x30 [ 431.428474] ? handle_edge_irq+0x330/0x870 [ 431.432689] ? task_prio+0x50/0x50 [ 431.436217] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 431.441058] apic_timer_interrupt+0xf/0x20 [ 431.445266] [ 431.447569] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0xc/0x20 [ 431.453596] Code: f2 89 fe bf 05 00 00 00 48 89 e5 48 8b 4d 08 e8 6a fe ff ff 5d c3 0f 1f 84 00 00 00 00 00 55 48 89 f2 48 89 fe bf 07 00 00 00 <48> 89 e5 48 8b 4d 08 e8 48 fe ff ff 5d c3 66 0f 1f 44 00 00 55 48 [ 431.472712] RSP: 0018:ffff8801ae65dc38 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13 [ 431.480399] RAX: ffff8801a7c5b042 RBX: ffff8801a7c5b042 RCX: ffffffff8799bf20 [ 431.487660] RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000007 [ 431.494908] RBP: ffff8801ae65dc80 R08: ffff8801c67f8100 R09: fffff94000d9f41e [ 431.502156] R10: fffff94000d9f41e R11: ffffea0006cfa0f7 R12: 0000000000000002 [ 431.509462] R13: ffff8801ae65de80 R14: dffffc0000000000 R15: 0000000000000000 [ 431.516734] ? xas_start+0x3a0/0x740 [ 431.520427] ? xas_load+0x38/0x1e0 [ 431.523955] xas_find+0x69b/0x8f0 [ 431.527388] ? xa_set_tag+0x40/0x40 [ 431.530995] ? xas_find+0x6/0x8f0 [ 431.534486] find_get_entries+0x973/0x1410 [ 431.538703] ? filemap_fault+0x2220/0x2220 [ 431.542916] ? free_unref_page_commit.isra.87+0x610/0x610 [ 431.548436] ? trace_hardirqs_on+0x10/0x10 [ 431.552662] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.558178] ? kernel_poison_pages+0x136/0x220 [ 431.562748] ? kasan_unpoison_shadow+0x35/0x50 [ 431.567309] ? kasan_alloc_pages+0x38/0x40 [ 431.571520] ? get_page_from_freelist+0xfe4/0x4620 [ 431.576427] ? __update_load_avg_se.isra.35+0x630/0x990 [ 431.581773] ? __update_load_avg_blocked_se.isra.34+0x460/0x460 [ 431.587809] ? __update_load_avg_cfs_rq.isra.36+0x435/0x590 [ 431.593497] ? update_load_avg+0x2de/0x2590 [ 431.597800] ? attach_entity_load_avg+0x860/0x860 [ 431.602621] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 431.607186] shmem_undo_range+0x38e/0x29a0 [ 431.611421] ? trace_hardirqs_on+0x10/0x10 [ 431.615637] ? shmem_get_link+0x690/0x690 [ 431.619762] ? lock_acquire+0x1e4/0x540 [ 431.623717] ? rb_erase+0x3550/0x3550 [ 431.627504] ? trace_hardirqs_on+0xd/0x10 [ 431.631645] ? __page_frag_cache_drain+0x1f0/0x1f0 [ 431.636554] ? percpu_ref_put_many+0x131/0x240 [ 431.641114] ? trace_hardirqs_on+0x10/0x10 [ 431.645328] ? page_counter_cancel+0x4d/0x60 [ 431.649736] ? trace_hardirqs_on+0x10/0x10 [ 431.653964] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 431.658703] ? __anon_vma_interval_tree_augment_rotate+0x1ac/0x220 [ 431.665001] ? lock_acquire+0x1e4/0x540 [ 431.668963] ? debug_check_no_obj_freed+0x30b/0x595 [ 431.673957] ? lock_downgrade+0x8f0/0x8f0 [ 431.678084] ? check_memory_region+0xfe/0x1b0 [ 431.682557] ? kasan_check_read+0x11/0x20 [ 431.686701] ? do_raw_spin_unlock+0xa7/0x2f0 [ 431.691088] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 431.695647] ? kasan_check_write+0x14/0x20 [ 431.699856] ? do_raw_spin_lock+0xc1/0x200 [ 431.704070] ? trace_hardirqs_on+0xd/0x10 [ 431.708200] ? free_unref_page_commit.isra.87+0x1ac/0x610 [ 431.713718] ? drain_local_pages_wq+0x20/0x20 [ 431.718192] ? free_obj_work+0xbb0/0xbb0 [ 431.722231] ? lock_acquire+0x1e4/0x540 [ 431.726185] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.731703] ? kernel_poison_pages+0x136/0x220 [ 431.736264] ? trace_hardirqs_on+0xd/0x10 [ 431.740403] ? trace_hardirqs_on+0x10/0x10 [ 431.744617] ? trace_hardirqs_on+0x10/0x10 [ 431.748830] ? __page_frag_cache_drain+0x1f0/0x1f0 [ 431.753738] ? percpu_ref_put_many+0x131/0x240 [ 431.758297] ? mem_cgroup_id_get_online+0x310/0x310 [ 431.763293] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 431.768807] ? trace_hardirqs_on+0x10/0x10 [ 431.773030] ? trace_hardirqs_on+0x10/0x10 [ 431.777358] shmem_truncate_range+0x27/0xa0 [ 431.781669] shmem_evict_inode+0x3b2/0xcb0 [ 431.785886] ? shmem_truncate_range+0xa0/0xa0 [ 431.790360] ? release_pages+0x7cf/0x14e0 [ 431.794486] ? lock_acquire+0x1e4/0x540 [ 431.798439] ? inode_wait_for_writeback+0x2f/0x40 [ 431.803263] ? lock_downgrade+0x8f0/0x8f0 [ 431.807390] ? evict+0x468/0x990 [ 431.810735] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 431.816251] ? __inode_wait_for_writeback+0x2cf/0x380 [ 431.821420] ? kasan_check_read+0x11/0x20 [ 431.825543] ? do_raw_spin_unlock+0xa7/0x2f0 [ 431.829930] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 431.834497] ? kasan_check_write+0x14/0x20 [ 431.838711] ? do_raw_spin_lock+0xc1/0x200 [ 431.842925] ? shmem_truncate_range+0xa0/0xa0 [ 431.847408] evict+0x4ae/0x990 [ 431.850582] ? destroy_inode+0x200/0x200 [ 431.854620] ? do_raw_spin_lock+0xc1/0x200 [ 431.858833] ? lock_downgrade+0x8f0/0x8f0 [ 431.862959] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 431.868477] ? kasan_check_read+0x11/0x20 [ 431.872611] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 431.877175] iput+0x635/0xaa0 [ 431.880262] ? fsnotify_final_mark_destroy+0xc0/0xc0 [ 431.885344] ? inode_add_lru+0x2a0/0x2a0 [ 431.889384] ? fsnotify_destroy_marks+0x2e7/0x5c0 [ 431.894203] ? kasan_check_read+0x11/0x20 [ 431.898325] ? do_raw_spin_unlock+0xa7/0x2f0 [ 431.902722] ? fsnotify_clear_marks_by_group+0x640/0x640 [ 431.908154] ? debug_object_active_state+0x2f5/0x4d0 [ 431.913248] dentry_unlink_inode+0x4ae/0x640 [ 431.917636] ? kasan_check_read+0x11/0x20 [ 431.921763] ? d_lru_add+0x120/0x120 [ 431.925458] ? kasan_check_write+0x14/0x20 [ 431.929671] ? do_raw_spin_lock+0xc1/0x200 [ 431.933884] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 431.939410] ? lockref_mark_dead+0xef/0x170 [ 431.943722] ? lockref_get_not_dead+0x90/0x90 [ 431.948202] ? lock_acquire+0x1e4/0x540 [ 431.952156] __dentry_kill+0x44c/0x7a0 [ 431.956031] ? d_drop+0x70/0x70 [ 431.959290] ? do_raw_spin_lock+0x200/0x200 [ 431.963590] ? lock_release+0xa30/0xa30 [ 431.967540] ? check_same_owner+0x340/0x340 [ 431.971841] dentry_kill+0xc9/0x5a0 [ 431.975456] dput.part.26+0x66b/0x7a0 [ 431.979236] ? shrink_dcache_sb+0x350/0x350 [ 431.983537] ? rcu_note_context_switch+0x730/0x730 [ 431.988449] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 431.993448] dput+0x15/0x20 [ 431.996358] __fput+0x558/0x930 [ 431.999615] ? fput+0x1a0/0x1a0 [ 432.002874] ? kasan_check_write+0x14/0x20 [ 432.007088] ? do_raw_spin_lock+0xc1/0x200 [ 432.011310] ____fput+0x15/0x20 [ 432.014569] task_work_run+0x1ec/0x2a0 [ 432.018437] ? task_work_cancel+0x250/0x250 [ 432.022741] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 432.028254] ? switch_task_namespaces+0xa2/0xd0 [ 432.032902] do_exit+0x1b08/0x2750 [ 432.036425] ? mm_update_next_owner+0x9a0/0x9a0 [ 432.041076] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.046593] ? __set_page_dirty_no_writeback+0x14a/0x290 [ 432.052028] ? do_writepages+0x1a0/0x1a0 [ 432.056069] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 432.061066] ? do_writepages+0x1a0/0x1a0 [ 432.065106] ? set_page_dirty+0x36f/0x6f0 [ 432.069232] ? __writepage+0xe0/0xe0 [ 432.072925] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.078494] ? balance_dirty_pages_ratelimited+0x1f7/0x2200 [ 432.084190] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 432.088925] ? trace_hardirqs_on+0x10/0x10 [ 432.093138] ? balance_dirty_pages+0x37b0/0x37b0 [ 432.097873] ? unlock_page+0x1d1/0x2c0 [ 432.101739] ? wake_up_page_bit+0x5b0/0x5b0 [ 432.106044] ? shmem_write_end+0x374/0x9a0 [ 432.110258] ? shmem_unused_huge_scan+0x180/0x180 [ 432.115080] ? current_time+0x72/0x1b0 [ 432.118946] ? lock_downgrade+0x8f0/0x8f0 [ 432.123075] ? kasan_check_write+0x14/0x20 [ 432.127297] ? copyin+0xb7/0x100 [ 432.130643] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.136158] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 432.141151] ? iov_iter_advance+0x2ec/0x14e0 [ 432.145549] ? memset+0x31/0x40 [ 432.148807] ? __dequeue_signal+0xf9/0x7d0 [ 432.153030] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.158546] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.164061] ? recalc_sigpending_tsk+0x180/0x180 [ 432.168795] ? get_signal+0x918/0x1970 [ 432.172672] ? lock_downgrade+0x8f0/0x8f0 [ 432.176799] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.182317] do_group_exit+0x177/0x440 [ 432.186183] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 432.190742] ? __ia32_sys_exit+0x50/0x50 [ 432.194782] ? kasan_check_write+0x14/0x20 [ 432.198994] ? do_raw_spin_lock+0xc1/0x200 [ 432.203230] get_signal+0x88e/0x1970 [ 432.206922] ? ptrace_notify+0x130/0x130 [ 432.210962] ? up_read+0x110/0x110 [ 432.214479] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.220010] ? __generic_file_write_iter+0x1bd/0x630 [ 432.225099] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.230613] ? generic_file_write_iter+0x4a3/0x870 [ 432.235532] ? __generic_file_write_iter+0x630/0x630 [ 432.240615] do_signal+0x9c/0x21c0 [ 432.244132] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 432.249647] ? __vfs_write+0x11f/0x9f0 [ 432.253511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 432.259029] ? fsnotify+0xbac/0x14e0 [ 432.262723] ? setup_sigcontext+0x7d0/0x7d0 [ 432.267031] ? fsnotify_first_mark+0x350/0x350 [ 432.271593] ? fget_raw+0x20/0x20 [ 432.275030] ? fsnotify+0x14e0/0x14e0 [ 432.278812] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 432.284337] ? fput+0x130/0x1a0 [ 432.287597] exit_to_usermode_loop+0x2e0/0x370 [ 432.292159] ? syscall_slow_exit_work+0x500/0x500 [ 432.296980] ? do_sys_ftruncate+0x44e/0x560 [ 432.301281] do_syscall_64+0x6be/0x820 [ 432.305146] ? finish_task_switch+0x1d3/0x870 [ 432.309620] ? syscall_return_slowpath+0x5e0/0x5e0 [ 432.314525] ? syscall_return_slowpath+0x31d/0x5e0 [ 432.319435] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 432.324430] ? prepare_exit_to_usermode+0x291/0x3b0 [ 432.329426] ? perf_trace_sys_enter+0xb10/0xb10 [ 432.334073] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 432.338897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 432.344063] RIP: 0033:0x40fe67 [ 432.347227] Code: Bad RIP value. [ 432.350589] RSP: 002b:00007f0dfbd5fa80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 432.358274] RAX: 000000000000003d RBX: 0000000020000210 RCX: 000000000040fe67 [ 432.365521] RDX: 000000000000003d RSI: 0000000020000240 RDI: 0000000000000015 [ 432.372769] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001 [ 432.380019] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000015 [ 432.387269] R13: 0000000000000001 R14: 00000000004d39c0 R15: 0000000000000005 [ 432.394530] Modules linked in: [ 432.397715] Dumping ftrace buffer: [ 432.401229] (ftrace buffer empty) [ 432.404924] ---[ end trace d0d0c0214e3e6d47 ]--- [ 432.409669] RIP: 0010:__list_add_valid.cold.0+0x23/0x25 [ 432.415003] Code: e8 9f 72 57 fe eb 97 48 89 d9 48 c7 c7 60 80 1a 88 e8 72 b8 ff fd 0f 0b 48 89 f1 48 c7 c7 20 81 1a 88 48 89 de e8 5e b8 ff fd <0f> 0b 4c 89 e2 48 89 de 48 c7 c7 60 82 1a 88 e8 4a b8 ff fd 0f 0b [ 432.434142] RSP: 0018:ffff8801dae079c0 EFLAGS: 00010086 [ 432.439485] RAX: 0000000000000075 RBX: ffff8801dae26708 RCX: 0000000000000000 [ 432.446733] RDX: 0000000000000000 RSI: ffffffff81634381 RDI: 0000000000000001 [ 432.453978] RBP: ffff8801dae079d8 R08: ffff8801c67f8100 R09: ffffed003b5c4fc0 [ 432.461234] R10: ffffed003b5c4fc0 R11: ffff8801dae27e07 R12: ffff8801dae26740 [ 432.468493] R13: ffff8801dae07ab8 R14: ffff8801dae26740 R15: 0000000000000001 [ 432.475746] FS: 00007f0dfbd60700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 432.483949] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 432.489822] CR2: 000000000040fe3d CR3: 0000000008e6a000 CR4: 00000000001406f0 [ 432.497072] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 432.504321] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 432.511577] Kernel panic - not syncing: Fatal exception in interrupt [ 432.518491] Dumping ftrace buffer: [ 432.522011] (ftrace buffer empty) [ 432.525699] Kernel Offset: disabled [ 432.529301] Rebooting in 86400 seconds..