6beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:37 executing program 1: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:37 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d0700000000000000000050000000000000101000"/101, 0x65, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:37 executing program 4: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:37 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, 0x0, 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:37 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, 0x0, 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:37 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:37 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:37 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:37 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 222.155671] audit: type=1804 audit(1606963297.582:92): pid=14896 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir177764330/syzkaller.xXB3hz/249/cgroup.controllers" dev="sda1" ino=16001 res=1 [ 222.187561] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. [ 222.270020] audit: type=1804 audit(1606963297.652:93): pid=14895 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir142164100/syzkaller.XIRTbt/166/cgroup.controllers" dev="sda1" ino=16050 res=1 [ 222.279466] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 222.316300] print_req_error: I/O error, dev loop2, sector 0 [ 222.368556] audit: type=1804 audit(1606963297.792:94): pid=14932 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/204/cgroup.controllers" dev="sda1" ino=16395 res=1 02:41:40 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:40 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0), 0x0) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:40 executing program 2: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:40 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000000000000000500000000000001010000000000000000000000000000000000000000000000000010000000000d00000000000000600000000000000010000000000000000100000001000000010000000100000610000000400000000000000000000000000000000000000000000004503000000000000000000000001", 0xca, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:40 executing program 1: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:40 executing program 3: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:40 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:40 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:40 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) [ 225.070147] BTRFS: device fsid f90cac8b-044b-4fa8-8bee-4b8d3da88dc2 devid 1 transid 7 /dev/loop4 [ 225.135617] BTRFS error (device loop4): superblock checksum mismatch 02:41:40 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 225.223475] BTRFS error (device loop4): open_ctree failed [ 225.251918] audit: type=1804 audit(1606963300.672:95): pid=14987 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.2" name="/root/syzkaller-testdir576090104/syzkaller.mg9Cov/239/cgroup.controllers" dev="sda1" ino=16443 res=1 02:41:40 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 225.336724] audit: type=1804 audit(1606963300.682:96): pid=14963 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir142164100/syzkaller.XIRTbt/167/cgroup.controllers" dev="sda1" ino=16438 res=1 02:41:40 executing program 4: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 225.455556] audit: type=1804 audit(1606963300.742:97): pid=14975 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/206/cgroup.controllers" dev="sda1" ino=16442 res=1 02:41:43 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:43 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f00000001c0)}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:43 executing program 4: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a300000000008000340000000011400000011001b"], 0x1}}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x100000300) 02:41:43 executing program 1: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a300000000008000340000000011400000011001b"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000300) 02:41:43 executing program 2: socket$inet_tcp(0x2, 0x1, 0x0) perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x400, 0x100}}) 02:41:43 executing program 3 (fault-call:6 fault-nth:0): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:43 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f00000001c0)}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:43 executing program 4 (fault-call:3 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:43 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x0, &(0x7f00000001c0)}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:43 executing program 3 (fault-call:6 fault-nth:1): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) [ 228.158817] audit: type=1804 audit(1606963303.582:98): pid=15020 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/207/cgroup.controllers" dev="sda1" ino=16452 res=1 02:41:43 executing program 4 (fault-call:3 fault-nth:1): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:43 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x14, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 228.159932] FAULT_INJECTION: forcing a failure. [ 228.159932] name failslab, interval 1, probability 0, space 0, times 1 [ 228.159943] CPU: 0 PID: 15020 Comm: syz-executor.3 Not tainted 4.14.210-syzkaller #0 [ 228.159949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.159952] Call Trace: [ 228.159966] dump_stack+0x1b2/0x283 [ 228.159980] should_fail.cold+0x10a/0x154 [ 228.159994] should_failslab+0xd6/0x130 [ 228.160006] kmem_cache_alloc_trace+0x29a/0x3d0 [ 228.160020] alloc_pipe_info+0xaa/0x3c0 [ 228.160032] splice_direct_to_actor+0x580/0x730 [ 228.160043] ? common_file_perm+0x3ee/0x580 [ 228.160052] ? generic_pipe_buf_nosteal+0x10/0x10 [ 228.160064] ? do_splice_to+0x140/0x140 [ 228.160076] ? rw_verify_area+0xe1/0x2a0 [ 228.160087] do_splice_direct+0x164/0x210 [ 228.160098] ? splice_direct_to_actor+0x730/0x730 [ 228.160112] ? rw_verify_area+0xe1/0x2a0 [ 228.160123] do_sendfile+0x47f/0xb30 [ 228.160138] ? do_compat_writev+0x180/0x180 [ 228.160155] SyS_sendfile64+0xff/0x110 [ 228.160165] ? SyS_sendfile+0x130/0x130 [ 228.160174] ? do_syscall_64+0x4c/0x640 [ 228.160184] ? SyS_sendfile+0x130/0x130 [ 228.160192] do_syscall_64+0x1d5/0x640 [ 228.160206] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 228.160214] RIP: 0033:0x45deb9 [ 228.160219] RSP: 002b:00007f6621a95c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 228.160229] RAX: ffffffffffffffda RBX: 0000000000028040 RCX: 000000000045deb9 [ 228.160234] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 228.160240] RBP: 00007f6621a95ca0 R08: 0000000000000000 R09: 0000000000000000 [ 228.160245] R10: 0000000100000300 R11: 0000000000000246 R12: 0000000000000000 [ 228.160250] R13: 00007ffe0ffae38f R14: 00007f6621a969c0 R15: 000000000119bf2c [ 228.228977] FAULT_INJECTION: forcing a failure. [ 228.228977] name failslab, interval 1, probability 0, space 0, times 0 [ 228.228988] CPU: 1 PID: 15038 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 228.228995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.228998] Call Trace: [ 228.229012] dump_stack+0x1b2/0x283 [ 228.229027] should_fail.cold+0x10a/0x154 [ 228.229041] should_failslab+0xd6/0x130 [ 228.229052] __kmalloc+0x2c1/0x400 [ 228.229061] ? SyS_memfd_create+0xbc/0x3c0 [ 228.229072] SyS_memfd_create+0xbc/0x3c0 [ 228.229081] ? shmem_fcntl+0x120/0x120 [ 228.229090] ? SyS_clock_settime+0x1a0/0x1a0 [ 228.229100] ? do_syscall_64+0x4c/0x640 [ 228.229107] ? shmem_fcntl+0x120/0x120 [ 228.229117] do_syscall_64+0x1d5/0x640 [ 228.229131] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 228.229138] RIP: 0033:0x45deb9 [ 228.229143] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 228.229153] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045deb9 [ 228.229158] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c2927 [ 228.229163] RBP: 0000000000020000 R08: 0000000020000218 R09: 0000000000000000 [ 228.229168] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000001 [ 228.229173] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 228.287814] FAULT_INJECTION: forcing a failure. [ 228.287814] name failslab, interval 1, probability 0, space 0, times 0 [ 228.287825] CPU: 0 PID: 15048 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 228.287831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.287835] Call Trace: [ 228.287848] dump_stack+0x1b2/0x283 [ 228.287863] should_fail.cold+0x10a/0x154 [ 228.287878] should_failslab+0xd6/0x130 [ 228.287890] kmem_cache_alloc+0x28e/0x3c0 [ 228.287903] __d_alloc+0x2a/0xa20 [ 228.287914] ? lock_downgrade+0x740/0x740 [ 228.287926] __shmem_file_setup.part.0+0xcb/0x3c0 [ 228.287936] ? shmem_create+0x30/0x30 [ 228.287944] ? __alloc_fd+0x1be/0x490 [ 228.287959] SyS_memfd_create+0x1fc/0x3c0 [ 228.287969] ? shmem_fcntl+0x120/0x120 [ 228.287977] ? SyS_clock_settime+0x1a0/0x1a0 [ 228.287987] ? do_syscall_64+0x4c/0x640 [ 228.287995] ? shmem_fcntl+0x120/0x120 [ 228.288006] do_syscall_64+0x1d5/0x640 [ 228.288021] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 228.288028] RIP: 0033:0x45deb9 [ 228.288033] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 228.288044] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045deb9 [ 228.288049] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c2927 [ 228.288054] RBP: 0000000000020000 R08: 0000000020000218 R09: 0000000000000000 [ 228.288059] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000001 [ 228.288063] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 228.363641] audit: type=1804 audit(1606963303.792:99): pid=15050 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/208/cgroup.controllers" dev="sda1" ino=16439 res=1 [ 228.371427] FAULT_INJECTION: forcing a failure. [ 228.371427] name failslab, interval 1, probability 0, space 0, times 0 [ 228.371439] CPU: 1 PID: 15046 Comm: syz-executor.3 Not tainted 4.14.210-syzkaller #0 [ 228.371445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 228.371449] Call Trace: [ 228.371461] dump_stack+0x1b2/0x283 [ 228.371475] should_fail.cold+0x10a/0x154 [ 228.371488] should_failslab+0xd6/0x130 [ 228.860475] __kmalloc+0x2c1/0x400 [ 228.864007] ? alloc_pipe_info+0x140/0x3c0 [ 228.868222] alloc_pipe_info+0x140/0x3c0 [ 228.872261] splice_direct_to_actor+0x580/0x730 [ 228.876907] ? common_file_perm+0x3ee/0x580 [ 228.881203] ? generic_pipe_buf_nosteal+0x10/0x10 [ 228.886030] ? do_splice_to+0x140/0x140 [ 228.889991] ? rw_verify_area+0xe1/0x2a0 [ 228.894029] do_splice_direct+0x164/0x210 [ 228.898164] ? splice_direct_to_actor+0x730/0x730 [ 228.903002] ? rw_verify_area+0xe1/0x2a0 [ 228.907042] do_sendfile+0x47f/0xb30 [ 228.910749] ? do_compat_writev+0x180/0x180 [ 228.915050] SyS_sendfile64+0xff/0x110 [ 228.918929] ? SyS_sendfile+0x130/0x130 [ 228.922877] ? do_syscall_64+0x4c/0x640 [ 228.926828] ? SyS_sendfile+0x130/0x130 [ 228.930792] do_syscall_64+0x1d5/0x640 [ 228.934662] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 228.939826] RIP: 0033:0x45deb9 [ 228.942996] RSP: 002b:00007f6621a95c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 228.950677] RAX: ffffffffffffffda RBX: 0000000000028040 RCX: 000000000045deb9 [ 228.957941] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 228.965188] RBP: 00007f6621a95ca0 R08: 0000000000000000 R09: 0000000000000000 [ 228.972447] R10: 0000000100000300 R11: 0000000000000246 R12: 0000000000000001 [ 228.979701] R13: 00007ffe0ffae38f R14: 00007f6621a969c0 R15: 000000000119bf2c 02:41:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:46 executing program 1 (fault-call:4 fault-nth:0): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:46 executing program 4 (fault-call:3 fault-nth:2): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:46 executing program 2 (fault-call:1 fault-nth:0): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:41:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x14, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:46 executing program 3 (fault-call:6 fault-nth:2): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x14, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:46 executing program 4 (fault-call:3 fault-nth:3): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 231.152016] FAULT_INJECTION: forcing a failure. [ 231.152016] name failslab, interval 1, probability 0, space 0, times 0 02:41:46 executing program 1 (fault-call:4 fault-nth:1): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:46 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x1e, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc10"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 231.152029] CPU: 0 PID: 15068 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 231.152035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:41:46 executing program 4 (fault-call:3 fault-nth:4): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:46 executing program 1 (fault-call:4 fault-nth:2): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 231.152038] Call Trace: [ 231.152052] dump_stack+0x1b2/0x283 [ 231.152066] should_fail.cold+0x10a/0x154 [ 231.152081] should_failslab+0xd6/0x130 [ 231.152092] __kmalloc_track_caller+0x2bc/0x400 [ 231.152100] ? strndup_user+0x5b/0xf0 [ 231.152111] memdup_user+0x22/0xa0 [ 231.152120] strndup_user+0x5b/0xf0 [ 231.152129] ? copy_mnt_ns+0xa30/0xa30 [ 231.152139] SyS_mount+0x68/0x120 [ 231.152148] ? copy_mnt_ns+0xa30/0xa30 [ 231.152159] do_syscall_64+0x1d5/0x640 [ 231.152174] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.152181] RIP: 0033:0x45deb9 [ 231.152186] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 231.152195] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 231.152201] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 231.152206] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 231.152211] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000000 [ 231.152216] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 231.154323] FAULT_INJECTION: forcing a failure. [ 231.154323] name failslab, interval 1, probability 0, space 0, times 0 [ 231.154334] CPU: 0 PID: 15072 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 231.154339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.154342] Call Trace: [ 231.154355] dump_stack+0x1b2/0x283 [ 231.154371] should_fail.cold+0x10a/0x154 [ 231.154384] should_failslab+0xd6/0x130 [ 231.154396] kmem_cache_alloc+0x28e/0x3c0 [ 231.154405] ? shmem_destroy_callback+0xa0/0xa0 [ 231.154420] shmem_alloc_inode+0x18/0x40 [ 231.154429] ? shmem_destroy_callback+0xa0/0xa0 [ 231.154438] alloc_inode+0x5d/0x170 [ 231.154446] new_inode+0x1d/0xf0 [ 231.154455] shmem_get_inode+0x8b/0x890 [ 231.154468] __shmem_file_setup.part.0+0x104/0x3c0 [ 231.154476] ? shmem_create+0x30/0x30 [ 231.154483] ? __alloc_fd+0x1be/0x490 [ 231.154496] SyS_memfd_create+0x1fc/0x3c0 [ 231.154505] ? shmem_fcntl+0x120/0x120 [ 231.154513] ? SyS_clock_settime+0x1a0/0x1a0 [ 231.154522] ? do_syscall_64+0x4c/0x640 [ 231.154530] ? shmem_fcntl+0x120/0x120 [ 231.154540] do_syscall_64+0x1d5/0x640 [ 231.154555] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.154562] RIP: 0033:0x45deb9 [ 231.154567] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 231.154576] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045deb9 [ 231.154582] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c2927 [ 231.154586] RBP: 0000000000020000 R08: 0000000020000218 R09: 0000000000000000 [ 231.154592] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000001 [ 231.154597] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 231.155841] FAULT_INJECTION: forcing a failure. [ 231.155841] name failslab, interval 1, probability 0, space 0, times 0 [ 231.155870] CPU: 1 PID: 15071 Comm: syz-executor.2 Not tainted 4.14.210-syzkaller #0 [ 231.155876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.155879] Call Trace: [ 231.155890] dump_stack+0x1b2/0x283 [ 231.155904] should_fail.cold+0x10a/0x154 [ 231.155924] should_failslab+0xd6/0x130 [ 231.155936] __kmalloc+0x2c1/0x400 [ 231.155945] ? set_selection+0x93e/0xf90 [ 231.155957] set_selection+0x93e/0xf90 [ 231.155970] ? gsmld_config.constprop.0+0x470/0xf90 [ 231.155978] ? gsmld_config.constprop.0+0x470/0xf90 [ 231.155990] tioclinux+0xeb/0x490 [ 231.155998] vt_ioctl+0x11bd/0x1d50 [ 231.156007] ? _copy_to_user+0x50/0xd0 [ 231.156017] ? vt_waitactive+0x2f0/0x2f0 [ 231.156027] ? _copy_from_user+0x96/0x100 [ 231.156040] ? get_pid_task+0x91/0x130 [ 231.156050] ? tty_jobctrl_ioctl+0x3f/0xe60 [ 231.156057] ? vt_waitactive+0x2f0/0x2f0 [ 231.156068] tty_ioctl+0x50f/0x13c0 [ 231.156077] ? tty_fasync+0x2c0/0x2c0 [ 231.156086] ? proc_fail_nth_write+0x7b/0x180 [ 231.156094] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 231.156104] ? trace_hardirqs_on+0x10/0x10 [ 231.156115] ? fsnotify+0x974/0x11b0 [ 231.156122] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 231.156129] ? debug_check_no_obj_freed+0x2c0/0x674 [ 231.156138] ? SyS_write+0x1b7/0x210 [ 231.156149] ? tty_fasync+0x2c0/0x2c0 [ 231.156159] do_vfs_ioctl+0x75a/0xff0 [ 231.156170] ? ioctl_preallocate+0x1a0/0x1a0 [ 231.156177] ? lock_downgrade+0x740/0x740 [ 231.156189] ? __fget+0x225/0x360 [ 231.156199] ? do_vfs_ioctl+0xff0/0xff0 [ 231.156209] ? security_file_ioctl+0x83/0xb0 [ 231.156219] SyS_ioctl+0x7f/0xb0 [ 231.156227] ? do_vfs_ioctl+0xff0/0xff0 [ 231.156237] do_syscall_64+0x1d5/0x640 [ 231.156253] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.156260] RIP: 0033:0x45deb9 [ 231.156265] RSP: 002b:00007fb54ca55c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 231.156275] RAX: ffffffffffffffda RBX: 0000000000019900 RCX: 000000000045deb9 [ 231.156280] RDX: 0000000020000000 RSI: 000000000000541c RDI: 0000000000000003 [ 231.156286] RBP: 00007fb54ca55ca0 R08: 0000000000000000 R09: 0000000000000000 [ 231.156291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 231.156297] R13: 00007ffe1c728eef R14: 00007fb54ca569c0 R15: 000000000119bf2c [ 231.156313] selection: kmalloc() failed [ 231.220846] audit: type=1804 audit(1606963306.643:100): pid=15073 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/209/cgroup.controllers" dev="sda1" ino=16472 res=1 [ 231.221879] FAULT_INJECTION: forcing a failure. [ 231.221879] name failslab, interval 1, probability 0, space 0, times 0 [ 231.221964] CPU: 1 PID: 15073 Comm: syz-executor.3 Not tainted 4.14.210-syzkaller #0 [ 231.221970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.221974] Call Trace: [ 231.221988] dump_stack+0x1b2/0x283 [ 231.222002] should_fail.cold+0x10a/0x154 [ 231.222016] should_failslab+0xd6/0x130 [ 231.222029] kmem_cache_alloc+0x28e/0x3c0 [ 231.222044] ext4_init_io_end+0x23/0x100 [ 231.222053] ext4_writepages+0xf5d/0x32a0 [ 231.222066] ? deref_stack_reg+0x124/0x1a0 [ 231.222088] ? static_obj+0x50/0x50 [ 231.222099] ? kernel_text_address+0xbd/0xf0 [ 231.222109] ? ext4_mark_inode_dirty+0x7a0/0x7a0 [ 231.222119] ? __lock_acquire+0x5fc/0x3f20 [ 231.222140] ? trace_hardirqs_on+0x10/0x10 [ 231.222148] ? trace_hardirqs_on+0x10/0x10 [ 231.222156] ? deref_stack_reg+0x124/0x1a0 [ 231.222165] ? deref_stack_reg+0x124/0x1a0 [ 231.222175] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 231.222185] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 231.222195] ? trace_hardirqs_on+0x10/0x10 [ 231.222207] ? unwind_next_frame+0xe54/0x17d0 [ 231.222219] ? __lock_acquire+0x5fc/0x3f20 [ 231.222230] ? ext4_mark_inode_dirty+0x7a0/0x7a0 [ 231.222238] do_writepages+0xc3/0x240 [ 231.222251] ? page_writeback_cpu_online+0x10/0x10 [ 231.222260] ? lock_acquire+0x170/0x3f0 [ 231.222270] ? do_raw_spin_unlock+0x164/0x220 [ 231.222281] ? _raw_spin_unlock+0x29/0x40 [ 231.222291] ? wbc_attach_and_unlock_inode+0x5e8/0x8d0 [ 231.222302] __filemap_fdatawrite_range+0x236/0x310 [ 231.222317] ? replace_page_cache_page+0x700/0x700 [ 231.222325] ? depot_save_stack+0x10d/0x3e3 [ 231.222340] ? lock_acquire+0x170/0x3f0 [ 231.222351] filemap_write_and_wait_range+0x39/0xb0 [ 231.222362] generic_file_read_iter+0xe68/0x21c0 [ 231.222374] ? trace_hardirqs_on+0x10/0x10 [ 231.222384] ? aa_path_link+0x3a0/0x3a0 [ 231.222391] ? aa_file_perm+0x2dd/0xab0 [ 231.222398] ? fsnotify+0x974/0x11b0 [ 231.222412] ext4_file_read_iter+0x14b/0x330 [ 231.222425] generic_file_splice_read+0x3a7/0x5c0 [ 231.222437] ? add_to_pipe+0x350/0x350 [ 231.222458] ? rw_verify_area+0xe1/0x2a0 [ 231.222467] ? add_to_pipe+0x350/0x350 [ 231.222476] do_splice_to+0xfb/0x140 [ 231.222489] splice_direct_to_actor+0x207/0x730 [ 231.222499] ? common_file_perm+0x3ee/0x580 [ 231.222510] ? generic_pipe_buf_nosteal+0x10/0x10 [ 231.222523] ? do_splice_to+0x140/0x140 [ 231.222533] ? rw_verify_area+0xe1/0x2a0 [ 231.222545] do_splice_direct+0x164/0x210 [ 231.222557] ? splice_direct_to_actor+0x730/0x730 [ 231.222573] ? rw_verify_area+0xe1/0x2a0 [ 231.222584] do_sendfile+0x47f/0xb30 [ 231.222601] ? do_compat_writev+0x180/0x180 [ 231.222619] SyS_sendfile64+0xff/0x110 [ 231.222629] ? SyS_sendfile+0x130/0x130 [ 231.222639] ? do_syscall_64+0x4c/0x640 [ 231.222649] ? SyS_sendfile+0x130/0x130 [ 231.222659] do_syscall_64+0x1d5/0x640 [ 231.222675] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.222684] RIP: 0033:0x45deb9 [ 231.222689] RSP: 002b:00007f6621a95c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 231.222699] RAX: ffffffffffffffda RBX: 0000000000028040 RCX: 000000000045deb9 [ 231.222705] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 231.222710] RBP: 00007f6621a95ca0 R08: 0000000000000000 R09: 0000000000000000 [ 231.222716] R10: 0000000100000300 R11: 0000000000000246 R12: 0000000000000002 [ 231.222722] R13: 00007ffe0ffae38f R14: 00007f6621a969c0 R15: 000000000119bf2c [ 231.242696] FAULT_INJECTION: forcing a failure. [ 231.242696] name failslab, interval 1, probability 0, space 0, times 0 [ 231.242707] CPU: 0 PID: 15088 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 231.242712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.242715] Call Trace: [ 231.242729] dump_stack+0x1b2/0x283 [ 231.242745] should_fail.cold+0x10a/0x154 [ 231.242758] should_failslab+0xd6/0x130 [ 231.242770] kmem_cache_alloc+0x28e/0x3c0 [ 231.242785] get_empty_filp+0x86/0x3e0 [ 231.242795] alloc_file+0x23/0x440 [ 231.242808] __shmem_file_setup.part.0+0x198/0x3c0 [ 231.242817] ? shmem_create+0x30/0x30 [ 231.242825] ? __alloc_fd+0x1be/0x490 [ 231.242841] SyS_memfd_create+0x1fc/0x3c0 [ 231.242849] ? shmem_fcntl+0x120/0x120 [ 231.242857] ? SyS_clock_settime+0x1a0/0x1a0 [ 231.242867] ? do_syscall_64+0x4c/0x640 [ 231.242875] ? shmem_fcntl+0x120/0x120 [ 231.242885] do_syscall_64+0x1d5/0x640 [ 231.242901] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.242908] RIP: 0033:0x45deb9 [ 231.242913] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 231.242922] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045deb9 [ 231.242928] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c2927 [ 231.242933] RBP: 0000000000020000 R08: 0000000020000218 R09: 0000000000000000 [ 231.242938] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000001 [ 231.242943] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 231.273862] FAULT_INJECTION: forcing a failure. [ 231.273862] name failslab, interval 1, probability 0, space 0, times 0 [ 231.273873] CPU: 0 PID: 15089 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 231.273879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.273883] Call Trace: [ 231.273896] dump_stack+0x1b2/0x283 [ 231.273910] should_fail.cold+0x10a/0x154 [ 231.273925] should_failslab+0xd6/0x130 [ 231.273937] kmem_cache_alloc+0x28e/0x3c0 [ 231.273949] getname_flags+0xc8/0x550 [ 231.273961] user_path_at_empty+0x2a/0x50 [ 231.273973] do_mount+0x118/0x2a00 [ 231.273984] ? lock_acquire+0x170/0x3f0 [ 231.273993] ? lock_downgrade+0x740/0x740 [ 231.274005] ? copy_mount_string+0x40/0x40 [ 231.274025] ? __might_fault+0x177/0x1b0 [ 231.274037] ? _copy_from_user+0x96/0x100 [ 231.274049] ? copy_mount_options+0x1fa/0x2f0 [ 231.274058] ? copy_mnt_ns+0xa30/0xa30 [ 231.274070] SyS_mount+0xa8/0x120 [ 231.274078] ? copy_mnt_ns+0xa30/0xa30 [ 231.274090] do_syscall_64+0x1d5/0x640 [ 231.274104] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.274111] RIP: 0033:0x45deb9 [ 231.274116] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 231.274126] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 231.274131] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 231.274136] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 231.274140] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000001 [ 231.274145] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 231.317528] FAULT_INJECTION: forcing a failure. [ 231.317528] name failslab, interval 1, probability 0, space 0, times 0 [ 231.317540] CPU: 0 PID: 15099 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 231.317546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.317549] Call Trace: [ 231.317564] dump_stack+0x1b2/0x283 [ 231.317579] should_fail.cold+0x10a/0x154 [ 231.317594] should_failslab+0xd6/0x130 [ 231.317607] kmem_cache_alloc_trace+0x29a/0x3d0 [ 231.317623] apparmor_file_alloc_security+0x129/0x800 [ 231.317643] security_file_alloc+0x66/0xa0 [ 231.317653] ? selinux_is_enabled+0x5/0x50 [ 231.317665] get_empty_filp+0x15c/0x3e0 [ 231.317676] alloc_file+0x23/0x440 [ 231.317689] __shmem_file_setup.part.0+0x198/0x3c0 [ 231.317699] ? shmem_create+0x30/0x30 [ 231.317707] ? __alloc_fd+0x1be/0x490 [ 231.317723] SyS_memfd_create+0x1fc/0x3c0 [ 231.317733] ? shmem_fcntl+0x120/0x120 [ 231.317742] ? SyS_clock_settime+0x1a0/0x1a0 [ 231.317752] ? do_syscall_64+0x4c/0x640 [ 231.317760] ? shmem_fcntl+0x120/0x120 [ 231.317770] do_syscall_64+0x1d5/0x640 [ 231.317791] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.317799] RIP: 0033:0x45deb9 [ 231.317805] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 231.317814] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 000000000045deb9 [ 231.317820] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004c2927 [ 231.317825] RBP: 0000000000020000 R08: 0000000020000218 R09: 0000000000000000 [ 231.317830] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000001 [ 231.317840] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 231.363800] FAULT_INJECTION: forcing a failure. [ 231.363800] name failslab, interval 1, probability 0, space 0, times 0 [ 231.363813] CPU: 0 PID: 15103 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 231.363818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 231.363821] Call Trace: [ 231.363834] dump_stack+0x1b2/0x283 [ 231.363852] should_fail.cold+0x10a/0x154 [ 231.363870] should_failslab+0xd6/0x130 [ 231.363882] kmem_cache_alloc+0x28e/0x3c0 [ 231.363893] getname_kernel+0x4e/0x340 [ 231.363903] kern_path+0x1b/0x40 [ 231.363914] do_mount+0xb78/0x2a00 [ 231.363925] ? lock_acquire+0x170/0x3f0 [ 231.363933] ? lock_downgrade+0x740/0x740 [ 231.363946] ? copy_mount_string+0x40/0x40 [ 231.363961] ? __might_fault+0x177/0x1b0 [ 231.363972] ? _copy_from_user+0x96/0x100 [ 231.363984] ? copy_mount_options+0x1fa/0x2f0 [ 231.363993] ? copy_mnt_ns+0xa30/0xa30 [ 231.364004] SyS_mount+0xa8/0x120 [ 231.364012] ? copy_mnt_ns+0xa30/0xa30 [ 231.364023] do_syscall_64+0x1d5/0x640 [ 231.364039] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 231.364046] RIP: 0033:0x45deb9 [ 231.364051] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 231.364060] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 231.364066] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 231.364071] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 231.364076] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000002 [ 231.364082] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c 02:41:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x1e, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc10"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:49 executing program 4 (fault-call:3 fault-nth:5): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:49 executing program 1 (fault-call:4 fault-nth:3): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:49 executing program 3 (fault-call:6 fault-nth:3): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:49 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d2, &(0x7f00000000c0)={0x4, &(0x7f0000000040)=[{@fixed}, {@fixed}, {}, {@fixed}]}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 234.158887] FAULT_INJECTION: forcing a failure. [ 234.158887] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 234.173061] CPU: 0 PID: 15116 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 234.180993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.190345] Call Trace: [ 234.192931] dump_stack+0x1b2/0x283 [ 234.196563] should_fail.cold+0x10a/0x154 [ 234.200716] __alloc_pages_nodemask+0x22c/0x2720 [ 234.205470] ? __lock_acquire+0x5fc/0x3f20 [ 234.209712] ? static_obj+0x50/0x50 [ 234.213332] ? trace_hardirqs_on+0x10/0x10 [ 234.217565] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 234.222404] ? __lock_acquire+0x5fc/0x3f20 [ 234.226640] ? __lock_acquire+0x5fc/0x3f20 [ 234.230874] ? __lock_acquire+0x5fc/0x3f20 [ 234.235113] alloc_pages_vma+0xd2/0x6d0 [ 234.239089] shmem_alloc_page+0xe0/0x180 [ 234.243148] ? shmem_swapin+0x180/0x180 [ 234.246542] FAULT_INJECTION: forcing a failure. [ 234.246542] name failslab, interval 1, probability 0, space 0, times 0 02:41:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x1e, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc10"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x23, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 234.247117] ? __radix_tree_lookup+0x1b5/0x2e0 [ 234.263177] ? find_get_entry+0x312/0x630 [ 234.263192] ? check_preemption_disabled+0x35/0x240 02:41:49 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x23, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 234.263208] ? __vm_enough_memory+0x261/0x520 02:41:49 executing program 1 (fault-call:4 fault-nth:4): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:49 executing program 4 (fault-call:3 fault-nth:6): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 234.263220] shmem_alloc_and_acct_page+0x126/0x620 [ 234.263231] ? simple_xattr_get+0xe5/0x160 [ 234.263253] shmem_getpage_gfp+0x302/0x2810 02:41:49 executing program 1 (fault-call:4 fault-nth:5): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 234.263269] ? simple_xattr_get+0xe5/0x160 [ 234.263278] ? shmem_alloc_and_acct_page+0x620/0x620 [ 234.263310] shmem_write_begin+0xeb/0x190 [ 234.263324] generic_perform_write+0x1c9/0x420 [ 234.263339] ? filemap_page_mkwrite+0x2d0/0x2d0 [ 234.263349] ? current_time+0xb0/0xb0 [ 234.263358] ? lock_acquire+0x170/0x3f0 [ 234.263370] __generic_file_write_iter+0x227/0x590 [ 234.263384] generic_file_write_iter+0x36f/0x650 [ 234.263400] __vfs_write+0x44c/0x630 [ 234.263410] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 234.263419] ? kernel_read+0x110/0x110 [ 234.263440] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 234.263453] vfs_write+0x17f/0x4d0 [ 234.263466] SyS_pwrite64+0x116/0x140 [ 234.263476] ? SyS_pread64+0x140/0x140 [ 234.263484] ? fput+0xb/0x140 [ 234.263492] ? do_syscall_64+0x4c/0x640 [ 234.263501] ? SyS_pread64+0x140/0x140 [ 234.263512] do_syscall_64+0x1d5/0x640 [ 234.263529] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 234.263537] RIP: 0033:0x417a17 [ 234.263542] RSP: 002b:00007fe4267c9a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 234.263553] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000417a17 [ 234.263558] RDX: 000000000000004c RSI: 0000000020010000 RDI: 0000000000000006 [ 234.263563] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 234.263569] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000001 [ 234.263574] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000210 [ 234.298652] CPU: 1 PID: 15129 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 234.298659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.298663] Call Trace: [ 234.298677] dump_stack+0x1b2/0x283 [ 234.298693] should_fail.cold+0x10a/0x154 [ 234.298708] should_failslab+0xd6/0x130 [ 234.298720] kmem_cache_alloc+0x28e/0x3c0 [ 234.298731] getname_kernel+0x4e/0x340 [ 234.298740] kern_path+0x1b/0x40 [ 234.298749] do_mount+0xb78/0x2a00 [ 234.298760] ? lock_acquire+0x170/0x3f0 [ 234.298767] ? lock_downgrade+0x740/0x740 [ 234.298779] ? copy_mount_string+0x40/0x40 [ 234.298790] ? __might_fault+0x177/0x1b0 [ 234.298800] ? _copy_from_user+0x96/0x100 [ 234.298811] ? copy_mount_options+0x1fa/0x2f0 [ 234.298819] ? copy_mnt_ns+0xa30/0xa30 [ 234.298831] SyS_mount+0xa8/0x120 [ 234.298839] ? copy_mnt_ns+0xa30/0xa30 [ 234.298850] do_syscall_64+0x1d5/0x640 [ 234.298864] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 234.298872] RIP: 0033:0x45deb9 [ 234.298877] RSP: 002b:00007fbecc253c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 234.298887] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 234.298893] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 234.298899] RBP: 00007fbecc253ca0 R08: 0000000000000000 R09: 0000000000000000 [ 234.298904] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000003 [ 234.298909] R13: 00007fff46134daf R14: 00007fbecc2549c0 R15: 000000000119bfd4 [ 234.320947] audit: type=1804 audit(1606963309.743:101): pid=15117 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/210/cgroup.controllers" dev="sda1" ino=16485 res=1 [ 234.334768] FAULT_INJECTION: forcing a failure. [ 234.334768] name failslab, interval 1, probability 0, space 0, times 0 [ 234.334779] CPU: 1 PID: 15117 Comm: syz-executor.3 Not tainted 4.14.210-syzkaller #0 [ 234.334785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.334789] Call Trace: [ 234.334802] dump_stack+0x1b2/0x283 [ 234.334817] should_fail.cold+0x10a/0x154 [ 234.334832] should_failslab+0xd6/0x130 [ 234.334845] kmem_cache_alloc+0x28e/0x3c0 [ 234.334858] ext4_init_io_end+0x23/0x100 [ 234.334868] ext4_writepages+0x1008/0x32a0 [ 234.334892] ? static_obj+0x50/0x50 [ 234.334903] ? kernel_text_address+0xbd/0xf0 [ 234.334913] ? ext4_mark_inode_dirty+0x7a0/0x7a0 [ 234.334922] ? __lock_acquire+0x5fc/0x3f20 [ 234.334942] ? trace_hardirqs_on+0x10/0x10 [ 234.334949] ? trace_hardirqs_on+0x10/0x10 [ 234.334958] ? deref_stack_reg+0x124/0x1a0 [ 234.334966] ? deref_stack_reg+0x124/0x1a0 [ 234.334977] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 234.334986] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 234.334995] ? trace_hardirqs_on+0x10/0x10 [ 234.335006] ? unwind_next_frame+0xe54/0x17d0 [ 234.335018] ? __lock_acquire+0x5fc/0x3f20 [ 234.335028] ? ext4_mark_inode_dirty+0x7a0/0x7a0 [ 234.335036] do_writepages+0xc3/0x240 [ 234.335048] ? page_writeback_cpu_online+0x10/0x10 [ 234.335057] ? lock_acquire+0x170/0x3f0 [ 234.335067] ? do_raw_spin_unlock+0x164/0x220 [ 234.335077] ? _raw_spin_unlock+0x29/0x40 [ 234.335088] ? wbc_attach_and_unlock_inode+0x5e8/0x8d0 [ 234.335100] __filemap_fdatawrite_range+0x236/0x310 [ 234.335110] ? replace_page_cache_page+0x700/0x700 [ 234.335119] ? depot_save_stack+0x10d/0x3e3 [ 234.335133] ? lock_acquire+0x170/0x3f0 [ 234.335146] filemap_write_and_wait_range+0x39/0xb0 [ 234.335156] generic_file_read_iter+0xe68/0x21c0 [ 234.335169] ? trace_hardirqs_on+0x10/0x10 [ 234.335191] ? aa_path_link+0x3a0/0x3a0 [ 234.335199] ? aa_file_perm+0x2dd/0xab0 [ 234.335207] ? fsnotify+0x974/0x11b0 [ 234.335222] ext4_file_read_iter+0x14b/0x330 [ 234.335235] generic_file_splice_read+0x3a7/0x5c0 [ 234.335246] ? add_to_pipe+0x350/0x350 [ 234.335267] ? rw_verify_area+0xe1/0x2a0 [ 234.335276] ? add_to_pipe+0x350/0x350 [ 234.335286] do_splice_to+0xfb/0x140 [ 234.335299] splice_direct_to_actor+0x207/0x730 [ 234.335308] ? common_file_perm+0x3ee/0x580 [ 234.335319] ? generic_pipe_buf_nosteal+0x10/0x10 [ 234.335330] ? do_splice_to+0x140/0x140 [ 234.335340] ? rw_verify_area+0xe1/0x2a0 [ 234.335352] do_splice_direct+0x164/0x210 [ 234.335362] ? splice_direct_to_actor+0x730/0x730 [ 234.335377] ? rw_verify_area+0xe1/0x2a0 [ 234.335387] do_sendfile+0x47f/0xb30 [ 234.335403] ? do_compat_writev+0x180/0x180 [ 234.335418] SyS_sendfile64+0xff/0x110 [ 234.335427] ? SyS_sendfile+0x130/0x130 [ 234.335436] ? do_syscall_64+0x4c/0x640 [ 234.335445] ? SyS_sendfile+0x130/0x130 [ 234.335454] do_syscall_64+0x1d5/0x640 [ 234.335469] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 234.335476] RIP: 0033:0x45deb9 [ 234.335481] RSP: 002b:00007f6621a95c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 234.335491] RAX: ffffffffffffffda RBX: 0000000000028040 RCX: 000000000045deb9 [ 234.335495] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 234.335501] RBP: 00007f6621a95ca0 R08: 0000000000000000 R09: 0000000000000000 [ 234.335506] R10: 0000000100000300 R11: 0000000000000246 R12: 0000000000000003 [ 234.335512] R13: 00007ffe0ffae38f R14: 00007f6621a969c0 R15: 000000000119bf2c [ 234.399436] FAULT_INJECTION: forcing a failure. [ 234.399436] name failslab, interval 1, probability 0, space 0, times 0 [ 234.399478] CPU: 0 PID: 15150 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 234.399484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.399487] Call Trace: [ 234.399500] dump_stack+0x1b2/0x283 [ 234.399514] should_fail.cold+0x10a/0x154 [ 234.399527] should_failslab+0xd6/0x130 [ 234.399539] __kmalloc_track_caller+0x2bc/0x400 [ 234.399547] ? kstrdup_const+0x35/0x60 [ 234.399555] ? lock_downgrade+0x740/0x740 [ 234.399564] kstrdup+0x36/0x70 [ 234.399574] kstrdup_const+0x35/0x60 [ 234.399584] alloc_vfsmnt+0xe0/0x7f0 [ 234.399594] clone_mnt+0x6c/0xff0 [ 234.399602] ? kfree+0x1f0/0x250 [ 234.399615] copy_tree+0xd6/0xa20 [ 234.399631] do_mount+0x1c6e/0x2a00 [ 234.399641] ? lock_acquire+0x170/0x3f0 [ 234.399650] ? lock_downgrade+0x740/0x740 [ 234.399662] ? copy_mount_string+0x40/0x40 [ 234.399680] ? __might_fault+0x177/0x1b0 [ 234.399691] ? _copy_from_user+0x96/0x100 [ 234.399703] ? copy_mnt_ns+0xa30/0xa30 [ 234.399714] SyS_mount+0xa8/0x120 [ 234.399722] ? copy_mnt_ns+0xa30/0xa30 [ 234.399733] do_syscall_64+0x1d5/0x640 [ 234.399749] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 234.399756] RIP: 0033:0x45deb9 [ 234.399761] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 234.399771] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 234.399777] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 234.399782] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 234.399787] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000004 [ 234.399793] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 234.414247] FAULT_INJECTION: forcing a failure. [ 234.414247] name failslab, interval 1, probability 0, space 0, times 0 [ 234.414303] CPU: 1 PID: 15153 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 234.414309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.414312] Call Trace: [ 234.414326] dump_stack+0x1b2/0x283 [ 234.414340] should_fail.cold+0x10a/0x154 [ 234.414353] should_failslab+0xd6/0x130 [ 234.414365] kmem_cache_alloc+0x40/0x3c0 [ 234.414379] radix_tree_node_alloc.constprop.0+0x1b0/0x2f0 [ 234.414392] __radix_tree_create+0x323/0x4b0 [ 234.414408] __radix_tree_insert+0x98/0x4f0 [ 234.414422] ? __radix_tree_create+0x4b0/0x4b0 [ 234.414430] ? shmem_add_to_page_cache+0x1e7/0x730 [ 234.414445] shmem_add_to_page_cache+0x503/0x730 [ 234.414456] ? shmem_recalc_inode+0x2f0/0x2f0 [ 234.414466] ? __radix_tree_preload+0x1c3/0x250 [ 234.414481] shmem_getpage_gfp+0x115b/0x2810 [ 234.414498] ? simple_xattr_get+0xe5/0x160 [ 234.414507] ? shmem_alloc_and_acct_page+0x620/0x620 [ 234.414523] shmem_write_begin+0xeb/0x190 [ 234.414536] generic_perform_write+0x1c9/0x420 [ 234.414553] ? filemap_page_mkwrite+0x2d0/0x2d0 [ 234.414562] ? current_time+0xb0/0xb0 [ 234.414571] ? lock_acquire+0x170/0x3f0 [ 234.414583] __generic_file_write_iter+0x227/0x590 [ 234.414597] generic_file_write_iter+0x36f/0x650 [ 234.414612] __vfs_write+0x44c/0x630 [ 234.414627] ? do_truncate+0x129/0x1a0 [ 234.414636] ? kernel_read+0x110/0x110 [ 234.414657] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 234.414669] vfs_write+0x17f/0x4d0 [ 234.414680] SyS_pwrite64+0x116/0x140 [ 234.414689] ? SyS_pread64+0x140/0x140 [ 234.414697] ? fput+0xb/0x140 [ 234.414706] ? do_syscall_64+0x4c/0x640 [ 234.414715] ? SyS_pread64+0x140/0x140 [ 234.414726] do_syscall_64+0x1d5/0x640 [ 234.414741] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 234.414749] RIP: 0033:0x417a17 [ 234.414754] RSP: 002b:00007fe4267c9a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 234.414764] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000417a17 [ 234.414770] RDX: 000000000000004c RSI: 0000000020010000 RDI: 0000000000000006 [ 234.414775] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 234.414780] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000001 [ 234.414785] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000210 [ 234.511673] FAULT_INJECTION: forcing a failure. [ 234.511673] name failslab, interval 1, probability 0, space 0, times 0 [ 234.511684] CPU: 1 PID: 15161 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 234.511690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 234.511693] Call Trace: [ 234.511706] dump_stack+0x1b2/0x283 [ 234.511720] should_fail.cold+0x10a/0x154 [ 234.511734] should_failslab+0xd6/0x130 [ 234.511746] kmem_cache_alloc+0x28e/0x3c0 [ 234.511758] alloc_vfsmnt+0x23/0x7f0 [ 234.511769] clone_mnt+0x6c/0xff0 [ 234.511777] ? kfree+0x1f0/0x250 [ 234.511791] copy_tree+0xd6/0xa20 [ 234.511809] do_mount+0x1c6e/0x2a00 [ 234.511820] ? lock_acquire+0x170/0x3f0 [ 234.511828] ? lock_downgrade+0x740/0x740 [ 234.511840] ? copy_mount_string+0x40/0x40 [ 234.511852] ? __might_fault+0x177/0x1b0 [ 234.511863] ? _copy_from_user+0x96/0x100 [ 234.511875] ? copy_mnt_ns+0xa30/0xa30 [ 234.511887] SyS_mount+0xa8/0x120 [ 234.511895] ? copy_mnt_ns+0xa30/0xa30 [ 234.511906] do_syscall_64+0x1d5/0x640 [ 234.511922] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 234.511935] RIP: 0033:0x45deb9 [ 234.511941] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 234.511950] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 234.511955] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 234.511960] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 234.511965] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000005 [ 234.511969] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c 02:41:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000340)}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:52 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x23, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:52 executing program 4 (fault-call:3 fault-nth:7): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:52 executing program 1 (fault-call:4 fault-nth:6): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:52 executing program 3 (fault-call:6 fault-nth:4): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:41:52 executing program 2: bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x7, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000700000000000000e300007e3108e1959f9b7ea949c89b7cd72200467207cda5afe760874b3a34aa0386000069ce49b6e329ebe32c38db8c0b7f", @ANYRES32, @ANYBLOB="00000000a8000000850000003a0000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x4, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000000c0)={0x2, 0x3}, 0x8, 0x10, &(0x7f0000000100)={0x2, 0x10, 0x2, 0x3}, 0x10}, 0x78) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 237.203616] FAULT_INJECTION: forcing a failure. [ 237.203616] name failslab, interval 1, probability 0, space 0, times 0 [ 237.231079] FAULT_INJECTION: forcing a failure. [ 237.231079] name failslab, interval 1, probability 0, space 0, times 0 [ 237.232012] CPU: 1 PID: 15177 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 237.250161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.259505] Call Trace: [ 237.262091] dump_stack+0x1b2/0x283 [ 237.265720] should_fail.cold+0x10a/0x154 [ 237.269874] should_failslab+0xd6/0x130 [ 237.273852] __kmalloc_track_caller+0x2bc/0x400 [ 237.278513] ? kstrdup_const+0x35/0x60 [ 237.282391] ? lock_downgrade+0x740/0x740 [ 237.286534] kstrdup+0x36/0x70 [ 237.289717] kstrdup_const+0x35/0x60 [ 237.293431] alloc_vfsmnt+0xe0/0x7f0 [ 237.297143] clone_mnt+0x6c/0xff0 [ 237.300594] ? kfree+0x1f0/0x250 [ 237.303962] copy_tree+0xd6/0xa20 [ 237.307422] do_mount+0x1c6e/0x2a00 [ 237.311055] ? lock_acquire+0x170/0x3f0 [ 237.315030] ? lock_downgrade+0x740/0x740 [ 237.319176] ? copy_mount_string+0x40/0x40 [ 237.323416] ? __might_fault+0x177/0x1b0 [ 237.327483] ? _copy_from_user+0x96/0x100 [ 237.331632] ? copy_mnt_ns+0xa30/0xa30 [ 237.335517] SyS_mount+0xa8/0x120 [ 237.338966] ? copy_mnt_ns+0xa30/0xa30 [ 237.342851] do_syscall_64+0x1d5/0x640 [ 237.346734] entry_SYSCALL_64_after_hwframe+0x46/0xbb 02:41:52 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x26, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sysvipc/sem\x00', 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000080)={&(0x7f0000000040)=[0x3c, 0x1, 0xffff8000], 0x55, 0x800, 0x0, 0xffffffffffffffff}) getpeername$unix(r2, &(0x7f00000000c0), &(0x7f0000000140)=0x6e) [ 237.351910] RIP: 0033:0x45deb9 [ 237.355092] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 237.362791] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 237.370047] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 237.377314] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 237.384582] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000006 [ 237.391842] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 237.421700] CPU: 0 PID: 15180 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 237.429629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.429633] Call Trace: [ 237.429649] dump_stack+0x1b2/0x283 [ 237.429663] should_fail.cold+0x10a/0x154 [ 237.429676] should_failslab+0xd6/0x130 [ 237.429688] kmem_cache_alloc+0x28e/0x3c0 [ 237.429699] getname_flags+0xc8/0x550 [ 237.429712] do_sys_open+0x1ce/0x410 [ 237.429723] ? filp_open+0x60/0x60 [ 237.429732] ? SyS_pwrite64+0xca/0x140 [ 237.429740] ? fput+0xb/0x140 [ 237.429749] ? do_syscall_64+0x4c/0x640 [ 237.429760] ? do_sys_open+0x410/0x410 [ 237.460011] FAULT_INJECTION: forcing a failure. [ 237.460011] name failslab, interval 1, probability 0, space 0, times 0 [ 237.461279] do_syscall_64+0x1d5/0x640 [ 237.461301] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 237.461309] RIP: 0033:0x4179b1 [ 237.506723] RSP: 002b:00007fe4267c9a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 237.506732] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004179b1 [ 237.506741] RDX: 000000000000004c RSI: 0000000000000002 RDI: 00007fe4267c9ae0 [ 237.528937] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 237.536192] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000001 [ 237.543448] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 237.550739] CPU: 1 PID: 15197 Comm: syz-executor.3 Not tainted 4.14.210-syzkaller #0 [ 237.551303] audit: type=1804 audit(1606963312.883:102): pid=15197 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/211/cgroup.controllers" dev="sda1" ino=16502 res=1 [ 237.558615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 237.558619] Call Trace: [ 237.558633] dump_stack+0x1b2/0x283 [ 237.558647] should_fail.cold+0x10a/0x154 [ 237.600678] should_failslab+0xd6/0x130 [ 237.604652] __kmalloc+0x2c1/0x400 [ 237.608188] ? ext4_find_extent+0x879/0xbc0 [ 237.612510] ext4_find_extent+0x879/0xbc0 [ 237.616660] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 237.622106] ext4_ext_map_blocks+0x19a/0x6b10 [ 237.626600] ? __lock_acquire+0x5fc/0x3f20 [ 237.630837] ? __lock_acquire+0x5fc/0x3f20 [ 237.635070] ? mem_cgroup_uncharge+0xd0/0xd0 [ 237.639472] ? trace_hardirqs_on+0x10/0x10 [ 237.643704] ? find_get_pages_tag+0x4d4/0x940 [ 237.648194] ? ext4_find_delalloc_cluster+0x180/0x180 [ 237.653384] ? release_pages+0x828/0xbf0 [ 237.657443] ? __filemap_fdatawrite_range+0x236/0x310 [ 237.662629] ? filemap_write_and_wait_range+0x39/0xb0 [ 237.667819] ? ext4_es_lookup_extent+0x321/0xac0 02:41:53 executing program 4 (fault-call:3 fault-nth:8): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:53 executing program 1 (fault-call:4 fault-nth:7): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:53 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x26, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:53 executing program 2: r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8983, &(0x7f0000000000)) madvise(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0xb) syz_open_dev$tty1(0xc, 0x4, 0x1) [ 237.672576] ? lock_acquire+0x170/0x3f0 [ 237.676551] ? lock_acquire+0x170/0x3f0 [ 237.680525] ? ext4_map_blocks+0x623/0x1730 [ 237.684864] ext4_map_blocks+0x675/0x1730 [ 237.689014] ? ext4_issue_zeroout+0x150/0x150 [ 237.693514] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 237.698962] ext4_writepages+0x19c2/0x32a0 [ 237.703209] ? static_obj+0x50/0x50 [ 237.706836] ? ext4_mark_inode_dirty+0x7a0/0x7a0 [ 237.711592] ? __lock_acquire+0x5fc/0x3f20 [ 237.713012] FAULT_INJECTION: forcing a failure. [ 237.713012] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 237.715829] ? trace_hardirqs_on+0x10/0x10 [ 237.731815] ? __lock_acquire+0x1/0x3f20 [ 237.735857] ? deref_stack_reg+0x124/0x1a0 [ 237.740068] ? deref_stack_reg+0x124/0x1a0 [ 237.744285] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 237.750150] ? __read_once_size_nocheck.constprop.0+0x10/0x10 [ 237.756019] ? trace_hardirqs_on+0x10/0x10 [ 237.760232] ? unwind_next_frame+0xe54/0x17d0 [ 237.764709] ? __lock_acquire+0x5fc/0x3f20 [ 237.768923] ? ext4_mark_inode_dirty+0x7a0/0x7a0 [ 237.773657] do_writepages+0xc3/0x240 [ 237.777440] ? page_writeback_cpu_online+0x10/0x10 [ 237.782346] ? lock_acquire+0x170/0x3f0 [ 237.786298] ? do_raw_spin_unlock+0x164/0x220 [ 237.790774] ? _raw_spin_unlock+0x29/0x40 [ 237.794901] ? wbc_attach_and_unlock_inode+0x5e8/0x8d0 [ 237.800159] __filemap_fdatawrite_range+0x236/0x310 [ 237.805155] ? replace_page_cache_page+0x700/0x700 [ 237.810063] ? depot_save_stack+0x10d/0x3e3 [ 237.814368] ? lock_acquire+0x170/0x3f0 [ 237.818322] filemap_write_and_wait_range+0x39/0xb0 [ 237.823317] generic_file_read_iter+0xe68/0x21c0 [ 237.828052] ? trace_hardirqs_on+0x10/0x10 [ 237.832265] ? aa_path_link+0x3a0/0x3a0 [ 237.836226] ? aa_file_perm+0x2dd/0xab0 [ 237.840176] ? fsnotify+0x974/0x11b0 [ 237.843871] ext4_file_read_iter+0x14b/0x330 [ 237.848258] generic_file_splice_read+0x3a7/0x5c0 [ 237.853084] ? add_to_pipe+0x350/0x350 [ 237.856957] ? rw_verify_area+0xe1/0x2a0 [ 237.860999] ? add_to_pipe+0x350/0x350 [ 237.864864] do_splice_to+0xfb/0x140 [ 237.868556] splice_direct_to_actor+0x207/0x730 [ 237.873202] ? common_file_perm+0x3ee/0x580 [ 237.877503] ? generic_pipe_buf_nosteal+0x10/0x10 [ 237.882323] ? do_splice_to+0x140/0x140 [ 237.886286] ? rw_verify_area+0xe1/0x2a0 [ 237.890327] do_splice_direct+0x164/0x210 [ 237.894462] ? splice_direct_to_actor+0x730/0x730 [ 237.899288] ? rw_verify_area+0xe1/0x2a0 [ 237.903328] do_sendfile+0x47f/0xb30 [ 237.907036] ? do_compat_writev+0x180/0x180 [ 237.911339] SyS_sendfile64+0xff/0x110 [ 237.915208] ? SyS_sendfile+0x130/0x130 [ 237.919159] ? do_syscall_64+0x4c/0x640 [ 237.923110] ? SyS_sendfile+0x130/0x130 [ 237.927064] do_syscall_64+0x1d5/0x640 [ 237.930940] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 237.936119] RIP: 0033:0x45deb9 [ 237.939287] RSP: 002b:00007f6621a74c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 237.946975] RAX: ffffffffffffffda RBX: 0000000000028040 RCX: 000000000045deb9 [ 237.954224] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005 [ 237.961472] RBP: 00007f6621a74ca0 R08: 0000000000000000 R09: 0000000000000000 [ 237.968719] R10: 0000000100000300 R11: 0000000000000246 R12: 0000000000000004 [ 237.975971] R13: 00007ffe0ffae38f R14: 00007f6621a759c0 R15: 000000000119bfd4 [ 237.983234] CPU: 0 PID: 15213 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 237.991116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.000471] Call Trace: [ 238.003058] dump_stack+0x1b2/0x283 [ 238.006685] should_fail.cold+0x10a/0x154 [ 238.010831] __alloc_pages_nodemask+0x22c/0x2720 [ 238.015586] ? __lock_acquire+0x5fc/0x3f20 [ 238.019826] ? generic_file_write_iter+0x37a/0x650 [ 238.024751] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 238.029585] ? trace_hardirqs_on+0x10/0x10 [ 238.033814] ? lock_downgrade+0x740/0x740 [ 238.037963] ? up_write+0x17/0x60 [ 238.041410] ? generic_file_write_iter+0x2f8/0x650 [ 238.046341] cache_grow_begin+0x8f/0x420 [ 238.050402] cache_alloc_refill+0x273/0x350 [ 238.054721] kmem_cache_alloc+0x333/0x3c0 [ 238.058868] getname_flags+0xc8/0x550 [ 238.062667] do_sys_open+0x1ce/0x410 [ 238.066379] ? filp_open+0x60/0x60 [ 238.068878] FAULT_INJECTION: forcing a failure. [ 238.068878] name failslab, interval 1, probability 0, space 0, times 0 [ 238.069915] ? SyS_pwrite64+0xca/0x140 [ 238.084965] ? fput+0xb/0x140 [ 238.088091] ? do_syscall_64+0x4c/0x640 [ 238.092052] ? do_sys_open+0x410/0x410 [ 238.095939] do_syscall_64+0x1d5/0x640 [ 238.099857] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 238.108423] RIP: 0033:0x4179b1 [ 238.111598] RSP: 002b:00007fe4267c9a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 238.120086] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004179b1 [ 238.127346] RDX: 000000000000004c RSI: 0000000000000002 RDI: 00007fe4267c9ae0 [ 238.134600] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 238.141856] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000001 [ 238.149129] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 238.156396] CPU: 1 PID: 15212 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 238.164318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 238.173674] Call Trace: [ 238.176264] dump_stack+0x1b2/0x283 [ 238.179898] should_fail.cold+0x10a/0x154 [ 238.184054] should_failslab+0xd6/0x130 [ 238.188028] kmem_cache_alloc+0x28e/0x3c0 [ 238.192175] alloc_vfsmnt+0x23/0x7f0 [ 238.196583] clone_mnt+0x6c/0xff0 [ 238.200035] ? is_subdir+0x223/0x38a [ 238.203776] copy_tree+0x33e/0xa20 [ 238.207321] do_mount+0x1c6e/0x2a00 [ 238.211304] ? lock_acquire+0x170/0x3f0 [ 238.216232] ? lock_downgrade+0x740/0x740 [ 238.220380] ? copy_mount_string+0x40/0x40 [ 238.224618] ? __might_fault+0x177/0x1b0 [ 238.228681] ? _copy_from_user+0x96/0x100 [ 238.232832] ? copy_mnt_ns+0xa30/0xa30 [ 238.236719] SyS_mount+0xa8/0x120 [ 238.240177] ? copy_mnt_ns+0xa30/0xa30 [ 238.244065] do_syscall_64+0x1d5/0x640 [ 238.247967] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 238.253151] RIP: 0033:0x45deb9 [ 238.256354] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 238.264063] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 238.271758] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 238.279029] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 238.286302] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000007 [ 238.293553] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c 02:41:55 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000340)}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:55 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x26, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:55 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) r5 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$BTRFS_IOC_DEFRAG_RANGE(r5, 0x40309410, &(0x7f0000000000)={0x63, 0x9, 0x1, 0x6, 0x0, [0x1, 0x6, 0xffff, 0x9]}) 02:41:55 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000040)={0x3, 0x0, [0x3ff, 0x7ff, 0x9, 0x9, 0xb4, 0x8, 0x4, 0x6]}) socket(0x2, 0x5, 0xbcb0) ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f00000000c0)) semctl$GETNCNT(0xffffffffffffffff, 0x2, 0xe, &(0x7f0000000100)=""/157) 02:41:55 executing program 1 (fault-call:4 fault-nth:8): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:55 executing program 4 (fault-call:3 fault-nth:9): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:55 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 240.269037] FAULT_INJECTION: forcing a failure. [ 240.269037] name failslab, interval 1, probability 0, space 0, times 0 [ 240.283684] FAULT_INJECTION: forcing a failure. [ 240.283684] name failslab, interval 1, probability 0, space 0, times 0 [ 240.299709] CPU: 0 PID: 15247 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 240.307615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.316967] Call Trace: [ 240.319558] dump_stack+0x1b2/0x283 [ 240.323191] should_fail.cold+0x10a/0x154 [ 240.328299] should_failslab+0xd6/0x130 [ 240.332278] kmem_cache_alloc+0x28e/0x3c0 [ 240.336428] get_empty_filp+0x86/0x3e0 [ 240.340314] path_openat+0x84/0x2970 [ 240.343105] audit: type=1804 audit(1606963315.764:103): pid=15245 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/212/cgroup.controllers" dev="sda1" ino=16527 res=1 [ 240.344031] ? generic_file_write_iter+0x37a/0x650 [ 240.371337] ? path_lookupat+0x780/0x780 [ 240.375408] ? trace_hardirqs_on+0x10/0x10 [ 240.380344] do_filp_open+0x179/0x3c0 [ 240.384141] ? may_open_dev+0xe0/0xe0 [ 240.385179] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 240.388041] ? __alloc_fd+0x1be/0x490 [ 240.388059] ? lock_downgrade+0x740/0x740 [ 240.404555] ? do_raw_spin_unlock+0x164/0x220 [ 240.409048] ? _raw_spin_unlock+0x29/0x40 [ 240.413190] ? __alloc_fd+0x1be/0x490 [ 240.417005] do_sys_open+0x296/0x410 [ 240.420712] ? filp_open+0x60/0x60 [ 240.424249] ? SyS_pwrite64+0xca/0x140 [ 240.428131] ? fput+0xb/0x140 [ 240.431233] ? do_syscall_64+0x4c/0x640 [ 240.435229] ? do_sys_open+0x410/0x410 [ 240.439127] do_syscall_64+0x1d5/0x640 [ 240.443011] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 240.448186] RIP: 0033:0x4179b1 [ 240.451362] RSP: 002b:00007fe4267c9a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 240.459225] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004179b1 02:41:55 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = dup2(r0, r0) ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000040)=0x9) [ 240.467605] RDX: 000000000000004c RSI: 0000000000000002 RDI: 00007fe4267c9ae0 [ 240.474857] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 240.482222] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000001 [ 240.489482] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:41:55 executing program 4 (fault-call:3 fault-nth:10): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 240.521504] CPU: 1 PID: 15243 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 240.529431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.539125] Call Trace: [ 240.539140] dump_stack+0x1b2/0x283 [ 240.539155] should_fail.cold+0x10a/0x154 [ 240.539169] should_failslab+0xd6/0x130 [ 240.539182] __kmalloc_track_caller+0x2bc/0x400 [ 240.539191] ? kstrdup_const+0x35/0x60 [ 240.539200] ? lock_downgrade+0x740/0x740 [ 240.539211] kstrdup+0x36/0x70 02:41:56 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 240.539220] kstrdup_const+0x35/0x60 [ 240.539231] alloc_vfsmnt+0xe0/0x7f0 [ 240.539241] clone_mnt+0x6c/0xff0 [ 240.539253] copy_tree+0x33e/0xa20 [ 240.539268] do_mount+0x1c6e/0x2a00 [ 240.587514] ? lock_acquire+0x170/0x3f0 [ 240.587522] ? lock_downgrade+0x740/0x740 [ 240.587536] ? copy_mount_string+0x40/0x40 [ 240.599886] ? __might_fault+0x177/0x1b0 [ 240.603973] ? _copy_from_user+0x96/0x100 [ 240.608159] ? copy_mnt_ns+0xa30/0xa30 [ 240.612084] SyS_mount+0xa8/0x120 [ 240.613127] FAULT_INJECTION: forcing a failure. 02:41:56 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$MON_IOCT_RING_SIZE(0xffffffffffffffff, 0x9204, 0xb442f) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 240.613127] name failslab, interval 1, probability 0, space 0, times 0 [ 240.615537] ? copy_mnt_ns+0xa30/0xa30 [ 240.615551] do_syscall_64+0x1d5/0x640 [ 240.615570] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 240.615577] RIP: 0033:0x45deb9 [ 240.615588] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 240.650564] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 240.657856] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 02:41:56 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x27, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 240.665735] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 240.673109] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000008 [ 240.673115] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 240.706412] CPU: 0 PID: 15270 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 240.706421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 240.706425] Call Trace: [ 240.706441] dump_stack+0x1b2/0x283 [ 240.706457] should_fail.cold+0x10a/0x154 [ 240.706473] should_failslab+0xd6/0x130 [ 240.706487] kmem_cache_alloc_trace+0x29a/0x3d0 [ 240.706501] apparmor_file_alloc_security+0x129/0x800 [ 240.706517] security_file_alloc+0x66/0xa0 [ 240.706529] ? selinux_is_enabled+0x5/0x50 [ 240.706540] get_empty_filp+0x15c/0x3e0 [ 240.706549] path_openat+0x84/0x2970 [ 240.706563] ? generic_file_write_iter+0x37a/0x650 [ 240.706575] ? path_lookupat+0x780/0x780 [ 240.706585] ? trace_hardirqs_on+0x10/0x10 [ 240.706601] do_filp_open+0x179/0x3c0 [ 240.706610] ? may_open_dev+0xe0/0xe0 [ 240.706620] ? __alloc_fd+0x1be/0x490 [ 240.706642] ? lock_downgrade+0x740/0x740 [ 240.706657] ? do_raw_spin_unlock+0x164/0x220 [ 240.706669] ? _raw_spin_unlock+0x29/0x40 [ 240.706678] ? __alloc_fd+0x1be/0x490 [ 240.706694] do_sys_open+0x296/0x410 [ 240.706705] ? filp_open+0x60/0x60 [ 240.706713] ? SyS_pwrite64+0xca/0x140 [ 240.706723] ? fput+0xb/0x140 [ 240.706733] ? do_syscall_64+0x4c/0x640 [ 240.706742] ? do_sys_open+0x410/0x410 [ 240.706752] do_syscall_64+0x1d5/0x640 [ 240.706767] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 240.706774] RIP: 0033:0x4179b1 [ 240.706780] RSP: 002b:00007fe4267c9a20 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 240.706790] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004179b1 [ 240.706795] RDX: 000000000000004c RSI: 0000000000000002 RDI: 00007fe4267c9ae0 [ 240.706801] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 240.706806] R10: 0000000000010000 R11: 0000000000000293 R12: 0000000000000001 [ 240.706812] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:41:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000340)}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:41:58 executing program 1 (fault-call:4 fault-nth:9): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:41:58 executing program 4 (fault-call:3 fault-nth:11): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:41:58 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:58 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a0100000000000000000000000000090001007379385518b6328d85f660dd8cfeea72d3197a3000ad000038000000120a0102000000000000750000000000040204800900020002000000000000861a5cb6d27451a2dddb6845768eeddabb696d608511d99418069cf6631ac3f68a2347f30d22752dcdd0295de1632a485becc18e6c17d14918c061cb85f58b086d399e966964de8bd7e09081e09a95902149e3573597130dbc18250586c8edfd2d3839f38563c3a5ddfc830e62ea6d60264cc1202d65fecb525f811e630f0f2f9c5c2391527dda6f96dc4ac483f81347bc9a1c5ff326628dc93d9c55e06f05e2488e68e9909a038a130cea8320c33bc3397764dd879e38fb31634b8a9dccafba4c7a45b41421093335fe2e394f6a2a06a46763fcab414fc0121caccc61aa6aa9c2b5914bb062c649c98a0a2dc541578fb545f8400c6bb7183e3ce33a810f4729f89c2a4602fdcd12632a0ce80fa54590940a1c0734fce066334503140e9c0efc015d1c5f811cdbab6a4c6d814d95c42181ec7c66266f1cfff5a9bb12afff7541f122000000000000000000"], 0x1}}, 0x0) ioctl$KVM_S390_INTERRUPT_CPU(0xffffffffffffffff, 0x4010ae94, &(0x7f0000000300)={0x1, 0x0, 0x3}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.upper\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="00fb630e088b23072464b8895962b63613703dcb7b078da902489660891bed93d1a61458c83615843216cc7a58fc07d90c651ce2c31a420578067686058bf24fe3ea380448cd9ae522e19d3b5b248c0cbe844fe479364fed7dcf42cc5f7758cafe89a8"], 0x63, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bsg\x00', 0x400, 0x0) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r3, 0x84, 0xc, &(0x7f00000002c0)=0x3, 0x4) r4 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000140)={0x0, 'veth0\x00', {0x2}, 0x4}) sendfile(r2, r1, 0x0, 0x100000300) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r3, 0x28, 0x1, &(0x7f0000000100)=0x6, 0x8) 02:41:58 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) 02:41:58 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x0, 0x2}}) [ 243.295037] FAULT_INJECTION: forcing a failure. [ 243.295037] name failslab, interval 1, probability 0, space 0, times 0 [ 243.300475] FAULT_INJECTION: forcing a failure. [ 243.300475] name failslab, interval 1, probability 0, space 0, times 0 [ 243.324877] CPU: 1 PID: 15298 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 243.332807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.342166] Call Trace: [ 243.344792] dump_stack+0x1b2/0x283 [ 243.348428] should_fail.cold+0x10a/0x154 [ 243.352602] should_failslab+0xd6/0x130 [ 243.356581] kmem_cache_alloc+0x28e/0x3c0 [ 243.360735] alloc_vfsmnt+0x23/0x7f0 [ 243.364457] clone_mnt+0x6c/0xff0 [ 243.367941] copy_tree+0x33e/0xa20 [ 243.371489] do_mount+0x1c6e/0x2a00 [ 243.375111] ? lock_acquire+0x170/0x3f0 [ 243.379077] ? lock_downgrade+0x740/0x740 [ 243.383509] ? copy_mount_string+0x40/0x40 [ 243.387744] ? __might_fault+0x177/0x1b0 [ 243.391805] ? _copy_from_user+0x96/0x100 [ 243.396038] ? copy_mnt_ns+0xa30/0xa30 [ 243.399928] SyS_mount+0xa8/0x120 [ 243.403382] ? copy_mnt_ns+0xa30/0xa30 [ 243.407273] do_syscall_64+0x1d5/0x640 [ 243.411183] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 243.416377] RIP: 0033:0x45deb9 [ 243.419553] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 243.427251] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 243.434518] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 243.441777] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 243.449042] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000009 [ 243.456332] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 243.466420] CPU: 0 PID: 15301 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 243.474751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.484100] Call Trace: [ 243.486693] dump_stack+0x1b2/0x283 [ 243.490325] should_fail.cold+0x10a/0x154 [ 243.494482] should_failslab+0xd6/0x130 [ 243.499327] kmem_cache_alloc_trace+0x29a/0x3d0 [ 243.503995] ? loop_get_status64+0x100/0x100 [ 243.508405] __kthread_create_on_node+0xbe/0x3a0 [ 243.514291] ? kthread_park+0x130/0x130 [ 243.518316] ? __fget+0x1fe/0x360 [ 243.521789] ? loop_get_status64+0x100/0x100 [ 243.526201] kthread_create_on_node+0xa8/0xd0 [ 243.531050] ? __kthread_create_on_node+0x3a0/0x3a0 [ 243.536595] ? __lockdep_init_map+0x100/0x560 [ 243.541622] ? __lockdep_init_map+0x100/0x560 [ 243.546128] lo_ioctl+0xcd9/0x1cd0 [ 243.549709] ? loop_set_status64+0xe0/0xe0 [ 243.553948] blkdev_ioctl+0x540/0x1830 [ 243.557837] ? blkpg_ioctl+0x8d0/0x8d0 [ 243.561724] ? trace_hardirqs_on+0x10/0x10 [ 243.565961] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 243.571070] ? debug_check_no_obj_freed+0x2c0/0x674 [ 243.576095] block_ioctl+0xd9/0x120 [ 243.579723] ? blkdev_fallocate+0x3a0/0x3a0 [ 243.584043] do_vfs_ioctl+0x75a/0xff0 [ 243.587847] ? ioctl_preallocate+0x1a0/0x1a0 [ 243.593120] ? lock_downgrade+0x740/0x740 [ 243.599546] ? __fget+0x225/0x360 [ 243.602998] ? do_vfs_ioctl+0xff0/0xff0 [ 243.606972] ? security_file_ioctl+0x83/0xb0 [ 243.611418] SyS_ioctl+0x7f/0xb0 [ 243.614784] ? do_vfs_ioctl+0xff0/0xff0 [ 243.619191] do_syscall_64+0x1d5/0x640 [ 243.623169] entry_SYSCALL_64_after_hwframe+0x46/0xbb 02:41:59 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:59 executing program 2: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) syz_open_procfs(0x0, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) sendmsg(r0, &(0x7f0000004600)={0x0, 0xffffff7c, &(0x7f0000000240)=[{&(0x7f0000000140)="24000000150007031dfffd946fa2830002200a0009000000741d8568201ba3a20400ff7e280000002500ff1803abf53e21bca91d5384d97f9d22a839ddb89e4b34947fd7cb91d34e2009a05f", 0x4c}], 0x1}, 0x0) r3 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 243.624683] audit: type=1804 audit(1606963318.894:104): pid=15316 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/213/cgroup.controllers" dev="sda1" ino=16535 res=1 [ 243.629406] RIP: 0033:0x45dd27 [ 243.629412] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 243.629422] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 243.629428] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 243.629434] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 02:41:59 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 243.629439] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 243.629444] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:41:59 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:41:59 executing program 1 (fault-call:4 fault-nth:10): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 243.739719] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 243.773877] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 243.855886] FAULT_INJECTION: forcing a failure. [ 243.855886] name failslab, interval 1, probability 0, space 0, times 0 [ 243.888560] CPU: 0 PID: 15335 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 243.896484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 243.905839] Call Trace: [ 243.908428] dump_stack+0x1b2/0x283 [ 243.912061] should_fail.cold+0x10a/0x154 [ 243.916216] should_failslab+0xd6/0x130 [ 243.920208] __kmalloc_track_caller+0x2bc/0x400 [ 243.924871] ? kstrdup_const+0x35/0x60 [ 243.928753] ? lock_downgrade+0x740/0x740 [ 243.932899] kstrdup+0x36/0x70 [ 243.936127] kstrdup_const+0x35/0x60 [ 243.939839] alloc_vfsmnt+0xe0/0x7f0 [ 243.945939] clone_mnt+0x6c/0xff0 [ 243.949402] copy_tree+0x33e/0xa20 [ 243.955997] do_mount+0x1c6e/0x2a00 [ 243.960266] ? lock_acquire+0x170/0x3f0 [ 243.964420] ? lock_downgrade+0x740/0x740 [ 243.969179] ? copy_mount_string+0x40/0x40 [ 243.973411] ? __might_fault+0x177/0x1b0 [ 243.977750] ? _copy_from_user+0x96/0x100 [ 243.981878] ? copy_mnt_ns+0xa30/0xa30 [ 243.985771] SyS_mount+0xa8/0x120 [ 243.989731] ? copy_mnt_ns+0xa30/0xa30 [ 243.996305] do_syscall_64+0x1d5/0x640 [ 244.001416] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 244.006598] RIP: 0033:0x45deb9 [ 244.009763] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 244.017448] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 244.024710] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 244.031973] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 244.039225] R10: 0000000000005010 R11: 0000000000000246 R12: 000000000000000a [ 244.046473] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 245.781141] Bluetooth: hci1 command 0x0406 tx timeout [ 245.786702] Bluetooth: hci4 command 0x0406 tx timeout [ 245.790770] Bluetooth: hci2 command 0x0406 tx timeout [ 245.793130] Bluetooth: hci3 command 0x0406 tx timeout [ 245.797368] Bluetooth: hci0 command 0x0406 tx timeout [ 245.807621] Bluetooth: hci5 command 0x0406 tx timeout 02:42:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x33, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd8268"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:01 executing program 4 (fault-call:3 fault-nth:12): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:01 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) pipe(&(0x7f0000000340)={0xffffffffffffffff}) ioctl$CHAR_RAW_GETSIZE(r1, 0x1260, &(0x7f0000000300)) r2 = socket(0x2, 0x2, 0x0) ioctl$sock_SIOCDELRT(r2, 0x890b, &(0x7f0000000580)={0x0, @in={0x2, 0x0, @empty=0xc301}, @l2tp={0x2, 0x0, @remote, 0x1}, @rc={0x1f, @fixed={[], 0xc}}, 0x5, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x7f, 0xfcfffffffffffffd}) r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000080)='NLBL_MGMT\x00') sendmsg$NLBL_MGMT_C_VERSION(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYRES16=r3, @ANYBLOB="080600010100fddb00000000000006000300000014000500fe800000deffffba08000c00020000000600000800ffffffff08000c0003000000089523656ed3e644860000000000000000003e0b2118c87bb948f5cb3ffa6425668efa085e9132ee3a05bddc70a9b61895a5f6f2e706ab0282cd7b3a5fc9805b84f5b776dfbe4762c65d748d745e8dec4e7c1ad85d2b5d5899df413569b6ca687882957d45e4535e6122f718ecc93c50e8b627925a6906bea94498288583e4155de35d70e1b8347adc273e334814ac0b848d6b7196db42901457f32dcbcb1eab73791c0a646f1dc2210f03c1ca7466c15b8acb65b0682ec2801d"], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x400d4) sendmsg$NLBL_MGMT_C_REMOVEDEF(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="b561906c000000132743f75e61b0434cc6a20022c0232884914b7c9c03c6d3baeababdb1", @ANYRES16=r3, @ANYBLOB="100025bd7000ffdbdf250500000006000b0004000000080007007f00000114000600fe8000000000000000000000000000bb080007006401010008000c000200000006000b000600000008000c000100000008000c000200000008000c0000000000"], 0x68}, 0x1, 0x0, 0x0, 0xc0}, 0x1) sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x38, r3, 0x2, 0x70bd28, 0x25dfdbff, {}, [@NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x2}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @remote}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @loopback}]}, 0x38}}, 0x440c1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:01 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="a535dfe0503e3bc5006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000180000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000300) 02:42:01 executing program 1 (fault-call:4 fault-nth:11): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:01 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$kcm(0x29, 0x7, 0x0) recvfrom(r1, &(0x7f0000000040)=""/4096, 0x1000, 0x22000, &(0x7f0000001040)=@generic={0x18, "e8e196cb934a73539834e1a1806a47e6afd448e7c32413a4589bac1c5e7376c12bdcf1b6a8d358b81b95a54a2fb4b49fa99964c2ab4864e5bdebd8b2e23d8e10bf2c10c973a43f869ed815abbded54ced55d09d70e648fb85ab6b07f99e0818126c1441847b5e235e355aa2808e608fa4dcb4828dcc528e7a2ad73f0465a"}, 0x80) [ 246.315515] FAULT_INJECTION: forcing a failure. [ 246.315515] name failslab, interval 1, probability 0, space 0, times 0 [ 246.352370] FAULT_INJECTION: forcing a failure. [ 246.352370] name failslab, interval 1, probability 0, space 0, times 0 [ 246.376075] CPU: 1 PID: 15352 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 246.383997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.393353] Call Trace: [ 246.395949] dump_stack+0x1b2/0x283 [ 246.399583] should_fail.cold+0x10a/0x154 [ 246.403768] should_failslab+0xd6/0x130 [ 246.407750] kmem_cache_alloc+0x28e/0x3c0 [ 246.411908] alloc_vfsmnt+0x23/0x7f0 [ 246.415628] clone_mnt+0x6c/0xff0 [ 246.419088] copy_tree+0x33e/0xa20 [ 246.422634] do_mount+0x1c6e/0x2a00 02:42:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:01 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cpu.stat\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x1) sendfile(r2, r1, 0x0, 0x100000300) [ 246.426259] ? lock_acquire+0x170/0x3f0 [ 246.430236] ? lock_downgrade+0x740/0x740 [ 246.434392] ? copy_mount_string+0x40/0x40 [ 246.438626] ? __might_fault+0x177/0x1b0 [ 246.442693] ? _copy_from_user+0x96/0x100 [ 246.446842] ? copy_mnt_ns+0xa30/0xa30 [ 246.450739] SyS_mount+0xa8/0x120 02:42:01 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:01 executing program 1 (fault-call:4 fault-nth:12): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:01 executing program 4 (fault-call:3 fault-nth:13): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 246.450748] ? copy_mnt_ns+0xa30/0xa30 [ 246.450760] do_syscall_64+0x1d5/0x640 [ 246.450776] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 246.450783] RIP: 0033:0x45deb9 [ 246.450787] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 246.450795] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 246.450801] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 246.450805] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 246.450809] R10: 0000000000005010 R11: 0000000000000246 R12: 000000000000000b [ 246.450814] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 246.461030] CPU: 1 PID: 15357 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 246.461037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.461041] Call Trace: [ 246.461055] dump_stack+0x1b2/0x283 [ 246.461071] should_fail.cold+0x10a/0x154 [ 246.461087] should_failslab+0xd6/0x130 [ 246.461099] kmem_cache_alloc+0x28e/0x3c0 [ 246.461112] __kernfs_new_node+0x6f/0x470 [ 246.461127] kernfs_create_dir_ns+0x8c/0x200 [ 246.461141] internal_create_group+0xe9/0x710 [ 246.461156] lo_ioctl+0x1137/0x1cd0 [ 246.461170] ? loop_set_status64+0xe0/0xe0 [ 246.461182] blkdev_ioctl+0x540/0x1830 [ 246.461191] ? blkpg_ioctl+0x8d0/0x8d0 [ 246.461201] ? trace_hardirqs_on+0x10/0x10 [ 246.461214] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 246.461224] ? debug_check_no_obj_freed+0x2c0/0x674 [ 246.461239] block_ioctl+0xd9/0x120 [ 246.461249] ? blkdev_fallocate+0x3a0/0x3a0 [ 246.461259] do_vfs_ioctl+0x75a/0xff0 [ 246.461272] ? ioctl_preallocate+0x1a0/0x1a0 [ 246.461279] ? lock_downgrade+0x740/0x740 [ 246.461293] ? __fget+0x225/0x360 [ 246.461303] ? do_vfs_ioctl+0xff0/0xff0 [ 246.461313] ? security_file_ioctl+0x83/0xb0 [ 246.461324] SyS_ioctl+0x7f/0xb0 [ 246.461332] ? do_vfs_ioctl+0xff0/0xff0 [ 246.461343] do_syscall_64+0x1d5/0x640 [ 246.461356] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 246.461363] RIP: 0033:0x45dd27 [ 246.461368] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.461378] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 246.461383] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 246.461387] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 246.461393] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 246.461398] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 246.586336] FAULT_INJECTION: forcing a failure. [ 246.586336] name failslab, interval 1, probability 0, space 0, times 0 [ 246.586413] CPU: 1 PID: 15389 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 246.586419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.586423] Call Trace: [ 246.586436] dump_stack+0x1b2/0x283 [ 246.586451] should_fail.cold+0x10a/0x154 [ 246.586467] should_failslab+0xd6/0x130 [ 246.586479] kmem_cache_alloc+0x40/0x3c0 [ 246.586492] radix_tree_node_alloc.constprop.0+0x1b0/0x2f0 [ 246.586505] idr_get_free_cmn+0x595/0x8d0 [ 246.586522] idr_alloc_cmn+0xe8/0x1e0 [ 246.586533] ? __fprop_inc_percpu_max+0x1d0/0x1d0 [ 246.586544] ? lock_downgrade+0x740/0x740 [ 246.586558] idr_alloc_cyclic+0xc2/0x1d0 [ 246.586570] ? idr_alloc_cmn+0x1e0/0x1e0 [ 246.586579] ? __radix_tree_preload+0x1c3/0x250 [ 246.586592] __kernfs_new_node+0xaf/0x470 [ 246.586605] kernfs_create_dir_ns+0x8c/0x200 [ 246.586617] internal_create_group+0xe9/0x710 [ 246.586631] lo_ioctl+0x1137/0x1cd0 [ 246.586646] ? loop_set_status64+0xe0/0xe0 [ 246.586665] blkdev_ioctl+0x540/0x1830 [ 246.586676] ? blkpg_ioctl+0x8d0/0x8d0 [ 246.603200] print_req_error: I/O error, dev loop4, sector 0 [ 246.608812] ? trace_hardirqs_on+0x10/0x10 [ 246.636339] print_req_error: I/O error, dev loop4, sector 0 [ 246.640974] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 246.640987] ? debug_check_no_obj_freed+0x2c0/0x674 [ 246.641002] block_ioctl+0xd9/0x120 [ 246.641012] ? blkdev_fallocate+0x3a0/0x3a0 [ 246.643582] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.647188] do_vfs_ioctl+0x75a/0xff0 [ 246.654516] print_req_error: I/O error, dev loop4, sector 0 [ 246.655305] ? ioctl_preallocate+0x1a0/0x1a0 [ 246.655315] ? lock_downgrade+0x740/0x740 [ 246.655329] ? __fget+0x225/0x360 [ 246.655338] ? do_vfs_ioctl+0xff0/0xff0 [ 246.659469] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.663595] ? security_file_ioctl+0x83/0xb0 [ 246.663604] SyS_ioctl+0x7f/0xb0 [ 246.663612] ? do_vfs_ioctl+0xff0/0xff0 [ 246.663623] do_syscall_64+0x1d5/0x640 [ 246.663639] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 246.670416] print_req_error: I/O error, dev loop4, sector 0 [ 246.672492] RIP: 0033:0x45dd27 [ 246.672497] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 246.672507] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 246.672512] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 246.672518] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 246.672524] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 246.672529] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 246.703283] FAULT_INJECTION: forcing a failure. [ 246.703283] name failslab, interval 1, probability 0, space 0, times 0 [ 246.703868] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.718256] CPU: 1 PID: 15390 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 246.719685] print_req_error: I/O error, dev loop4, sector 0 [ 246.723674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 246.723679] Call Trace: [ 246.723696] dump_stack+0x1b2/0x283 [ 246.723711] should_fail.cold+0x10a/0x154 [ 246.723724] should_failslab+0xd6/0x130 [ 246.723736] __kmalloc_track_caller+0x2bc/0x400 [ 246.723745] ? kstrdup_const+0x35/0x60 [ 246.723754] ? lock_downgrade+0x740/0x740 [ 246.723764] kstrdup+0x36/0x70 [ 246.723774] kstrdup_const+0x35/0x60 [ 246.723784] alloc_vfsmnt+0xe0/0x7f0 [ 246.723795] clone_mnt+0x6c/0xff0 [ 246.723809] copy_tree+0x33e/0xa20 [ 246.723827] do_mount+0x1c6e/0x2a00 [ 246.723837] ? lock_acquire+0x170/0x3f0 [ 246.723845] ? lock_downgrade+0x740/0x740 [ 246.723857] ? copy_mount_string+0x40/0x40 [ 246.723869] ? __might_fault+0x177/0x1b0 [ 246.723879] ? _copy_from_user+0x96/0x100 [ 246.723891] ? copy_mnt_ns+0xa30/0xa30 [ 246.723902] SyS_mount+0xa8/0x120 [ 246.723910] ? copy_mnt_ns+0xa30/0xa30 [ 246.723921] do_syscall_64+0x1d5/0x640 [ 246.723935] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 246.727396] Buffer I/O error on dev loop4, logical block 0, async page read [ 246.731367] RIP: 0033:0x45deb9 [ 246.731372] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 246.731382] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 246.731387] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 246.731392] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 246.731400] R10: 0000000000005010 R11: 0000000000000246 R12: 000000000000000c [ 246.736202] print_req_error: I/O error, dev loop4, sector 0 [ 246.739405] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 246.743390] Buffer I/O error on dev loop4, logical block 0, async page read 02:42:04 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x33, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd8268"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:04 executing program 3: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r0], 0x1}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) r6 = open(&(0x7f0000000180)='./file0\x00', 0x60200, 0x1) ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000002c0)={&(0x7f00000001c0)=[0x10001, 0x29e3, 0x3], 0x3, 0x14b, 0x5, 0x3, 0x6, 0x0, 0x8000, {0x8, 0x1, 0x2, 0x81, 0x800, 0x0, 0x40, 0x400, 0x7ff, 0x1, 0x1ff, 0x5, 0x40, 0x1, "39e4c843db48ae6c6e8b2c15bd63aa303f03e7eb75a02a6ea9451ebe7989d08c"}}) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r7 = socket$inet_udplite(0x2, 0x2, 0x88) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r8, 0x1d, 0x1, 0x4, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) ioctl$NS_GET_USERNS(r5, 0xb701, 0x0) 02:42:04 executing program 1 (fault-call:4 fault-nth:13): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:04 executing program 4 (fault-call:3 fault-nth:14): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:04 executing program 2: r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x200, 0x0) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000140)='mptcp_pm\x00') r2 = socket$netlink(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001000250800000000000000000a000000", @ANYRES32=r4, @ANYBLOB="000080000000000008000a000d"], 0x28}}, 0x0) syz_mount_image$sysv(&(0x7f0000000180)='sysv\x00', &(0x7f00000001c0)='./file0\x00', 0xab4, 0x1, &(0x7f0000000340)=[{&(0x7f0000000240)="e5c0b9ec86efb3e53233271f4d69a4734c29bab152cdb3857d467e2d48c8d516236179cc48a07ffb75933bd6259c7b1248d045deff3b1e2883d2e26313b9b9b1f1c80b40e8dd80230ba670843a8ec3968fc1715866ab8d5ab8b77e2845aea7f2b7cb28df98b12daa864849f3b2f6dc5f59ce21274ff0fd88a79eb331b1a9676a039ba1e059c0c57d7783af6e56b2e8ae90d706385403a0d6257fe7691503d9c15c2ffaac1595aa01d08bbfe9df7fe39e38b5d77e771d6520993b4ed3f75bbef637a8d6fc", 0xc4, 0x9}], 0x1800000, &(0x7f0000000380)={[{'/dev/ubi_ctrl\x00'}, {'mptcp_pm\x00'}, {'-'}, {'/dev/ubi_ctrl\x00'}, {':\xdb%.'}], [{@obj_user={'obj_user', 0x3d, '['}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@subj_user={'subj_user', 0x3d, '#:]'}}, {@dont_hash='dont_hash'}, {@smackfsdef={'smackfsdef', 0x3d, '('}}]}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x48, r1, 0x0, 0x8000000, 0x25dfdbf9, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r4}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x1}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000814}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000480)={'syztnl2\x00', &(0x7f0000000400)={'ip6tnl0\x00', r4, 0x2f, 0x6, 0x5, 0x1, 0x8, @local, @loopback, 0x80, 0x7800, 0x0, 0x8001}}) sendmsg$MPTCP_PM_CMD_GET_LIMITS(r0, &(0x7f0000001140)={&(0x7f0000001080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x28, r1, 0x100, 0x70bd2a, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r5}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40000}, 0x4810) sendmsg$NL80211_CMD_SET_BEACON(r0, &(0x7f0000000700)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000006c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="6c010000d38290d58187013a90aab3c43ad137400a2cee9f20f3bddf41e62df4bccbf276eb32f7e99e015a210fd220b9f7b3ea6a6b7622f9a576a98f008671822a89c988f3d6000ef3323976c6032114d7b58605ec20e7f077eb9cf7b3fc40a0b16c80004449133f7b61086c0a998aa55e154bfab3a9ce559e175804de747e24dba3e70ab11dad75f36943177048b2ef0524ac4566b7115e0d515b00a44020babadacca2d9c763d2553c4f74267bc42fb7448ee7d24f7813280d7f771d5f3e70ccf94734e8fcf99675f14bcd4ea48ec3db006440534b2e89c49b9adc099855c9ac804505d64aa4be2dd33d6102fa8beb240000d8a56a5e23c48ae1eeda66aaddf5150b0ffb55d81865702d3e3dd8d2eee0d7", @ANYRES16=0x0, @ANYBLOB="00042dbd7000ffdbdf250e00000008000300", @ANYRES32=0x0, @ANYBLOB="86000f00dd7ac68489c925f218f850b693dc3ca3456628310b1097befb3d0e9403eac8c505bb0fbe58aa78020fdf00482e58741d232874fcca061fa52f6ea2feee30983d970b5ee1a453c009c4b38ce59609b4b67a02b4d4c60a0c673eedc9e04e228fa89b4fd679916707420933bef623ea02399eebbe997e4adcce56c418f23e01003e010300000c002a007506000000003f0090000f002d1a080007050000000000000000001f00190000000003010000007f030146832540024c080211000000040000000802110000010800000007000000ffffffffffff0100000076060400240006002d1a0004020180000000000000810080001f000000000305000000068c10220c5023dc9b0879afbd7f9941eb3fabbd06ffffffffffff72060303030303032a000f002d1a40001909000000000000001f0005001e000000010007000000020104ec0401e0060200000000"], 0x16c}, 0x1, 0x0, 0x0, 0x40000}, 0x10) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) r7 = socket$inet_udplite(0x2, 0x2, 0x88) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$EVIOCGID(r8, 0x80084502, &(0x7f0000002180)=""/4101) socket$inet_udplite(0x2, 0x2, 0x88) r9 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x20000000400200) ioctl$TIOCL_SETSEL(r9, 0x541c, &(0x7f0000001040)={0x2, {0x3, 0x9, 0xffff, 0x1000}}) [ 249.358382] FAULT_INJECTION: forcing a failure. [ 249.358382] name failslab, interval 1, probability 0, space 0, times 0 [ 249.370187] FAULT_INJECTION: forcing a failure. [ 249.370187] name failslab, interval 1, probability 0, space 0, times 0 [ 249.383967] CPU: 1 PID: 15417 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 249.391858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.401205] Call Trace: [ 249.403362] VFS: unable to find oldfs superblock on device loop2 [ 249.403788] dump_stack+0x1b2/0x283 [ 249.403803] should_fail.cold+0x10a/0x154 [ 249.417821] should_failslab+0xd6/0x130 [ 249.421797] kmem_cache_alloc+0x28e/0x3c0 [ 249.425970] __kernfs_new_node+0x6f/0x470 [ 249.430118] kernfs_new_node+0x7b/0xe0 [ 249.434009] __kernfs_create_file+0x3d/0x320 [ 249.438419] sysfs_add_file_mode_ns+0x1e1/0x450 [ 249.443089] ? kernfs_create_dir_ns+0x171/0x200 [ 249.447756] internal_create_group+0x22b/0x710 [ 249.452338] lo_ioctl+0x1137/0x1cd0 02:42:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 249.455963] ? loop_set_status64+0xe0/0xe0 [ 249.460195] blkdev_ioctl+0x540/0x1830 [ 249.464079] ? blkpg_ioctl+0x8d0/0x8d0 [ 249.467959] ? trace_hardirqs_on+0x10/0x10 [ 249.472191] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 249.477290] ? debug_check_no_obj_freed+0x2c0/0x674 [ 249.482681] block_ioctl+0xd9/0x120 02:42:04 executing program 1 (fault-call:4 fault-nth:14): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:04 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 249.482691] ? blkdev_fallocate+0x3a0/0x3a0 [ 249.482701] do_vfs_ioctl+0x75a/0xff0 [ 249.482712] ? ioctl_preallocate+0x1a0/0x1a0 [ 249.482719] ? lock_downgrade+0x740/0x740 [ 249.482730] ? __fget+0x225/0x360 [ 249.482738] ? do_vfs_ioctl+0xff0/0xff0 [ 249.482749] ? security_file_ioctl+0x83/0xb0 [ 249.482759] SyS_ioctl+0x7f/0xb0 [ 249.482766] ? do_vfs_ioctl+0xff0/0xff0 [ 249.482777] do_syscall_64+0x1d5/0x640 [ 249.482792] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 249.482800] RIP: 0033:0x45dd27 [ 249.482804] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 249.482814] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 249.482819] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 249.482824] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 249.482829] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 02:42:05 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:05 executing program 4 (fault-call:3 fault-nth:15): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 249.482833] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 249.497547] CPU: 1 PID: 15414 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 249.497554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.497557] Call Trace: [ 249.497571] dump_stack+0x1b2/0x283 [ 249.497584] should_fail.cold+0x10a/0x154 [ 249.497597] should_failslab+0xd6/0x130 [ 249.497609] kmem_cache_alloc+0x28e/0x3c0 [ 249.497621] alloc_vfsmnt+0x23/0x7f0 [ 249.497632] clone_mnt+0x6c/0xff0 [ 249.497645] copy_tree+0x33e/0xa20 [ 249.497661] do_mount+0x1c6e/0x2a00 [ 249.497672] ? lock_acquire+0x170/0x3f0 [ 249.497681] ? lock_downgrade+0x740/0x740 [ 249.497692] ? copy_mount_string+0x40/0x40 [ 249.497716] ? __might_fault+0x177/0x1b0 [ 249.497726] ? _copy_from_user+0x96/0x100 [ 249.497736] ? copy_mnt_ns+0xa30/0xa30 [ 249.497745] SyS_mount+0xa8/0x120 [ 249.497753] ? copy_mnt_ns+0xa30/0xa30 [ 249.497763] do_syscall_64+0x1d5/0x640 [ 249.497777] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 249.497785] RIP: 0033:0x45deb9 [ 249.497790] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 249.497800] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 249.497805] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 249.497810] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 249.497815] R10: 0000000000005010 R11: 0000000000000246 R12: 000000000000000d [ 249.497819] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 249.529271] audit: type=1804 audit(1606963324.955:105): pid=15416 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/216/cgroup.controllers" dev="sda1" ino=16574 res=1 [ 249.595538] FAULT_INJECTION: forcing a failure. [ 249.595538] name failslab, interval 1, probability 0, space 0, times 0 [ 249.640916] VFS: unable to find oldfs superblock on device loop2 [ 249.699278] CPU: 1 PID: 15446 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 249.865669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 249.865673] Call Trace: [ 249.865690] dump_stack+0x1b2/0x283 [ 249.865704] should_fail.cold+0x10a/0x154 [ 249.885363] should_failslab+0xd6/0x130 [ 249.889317] __kmalloc_track_caller+0x2bc/0x400 [ 249.893963] ? kstrdup_const+0x35/0x60 [ 249.897825] ? lock_downgrade+0x740/0x740 [ 249.901950] kstrdup+0x36/0x70 [ 249.905131] kstrdup_const+0x35/0x60 [ 249.908832] alloc_vfsmnt+0xe0/0x7f0 [ 249.912524] clone_mnt+0x6c/0xff0 [ 249.915957] copy_tree+0x33e/0xa20 [ 249.919476] do_mount+0x1c6e/0x2a00 [ 249.923080] ? lock_acquire+0x170/0x3f0 [ 249.927027] ? lock_downgrade+0x740/0x740 [ 249.931153] ? copy_mount_string+0x40/0x40 [ 249.935378] ? __might_fault+0x177/0x1b0 [ 249.939415] ? _copy_from_user+0x96/0x100 [ 249.943541] ? copy_mnt_ns+0xa30/0xa30 [ 249.947405] SyS_mount+0xa8/0x120 [ 249.950832] ? copy_mnt_ns+0xa30/0xa30 [ 249.954696] do_syscall_64+0x1d5/0x640 [ 249.958564] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 249.963732] RIP: 0033:0x45deb9 [ 249.966901] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 249.974595] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 249.981840] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 249.989084] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 249.996334] R10: 0000000000005010 R11: 0000000000000246 R12: 000000000000000e [ 250.003581] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 250.069864] FAULT_INJECTION: forcing a failure. [ 250.069864] name failslab, interval 1, probability 0, space 0, times 0 [ 250.085980] CPU: 1 PID: 15460 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 250.093894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 250.103242] Call Trace: [ 250.105833] dump_stack+0x1b2/0x283 [ 250.109464] should_fail.cold+0x10a/0x154 [ 250.113614] should_failslab+0xd6/0x130 [ 250.117580] kmem_cache_alloc+0x28e/0x3c0 [ 250.121719] __kernfs_new_node+0x6f/0x470 [ 250.125843] kernfs_new_node+0x7b/0xe0 [ 250.129717] __kernfs_create_file+0x3d/0x320 [ 250.134102] sysfs_add_file_mode_ns+0x1e1/0x450 [ 250.138745] ? kernfs_create_dir_ns+0x171/0x200 [ 250.143402] internal_create_group+0x22b/0x710 [ 250.147962] lo_ioctl+0x1137/0x1cd0 [ 250.151566] ? loop_set_status64+0xe0/0xe0 [ 250.155776] blkdev_ioctl+0x540/0x1830 [ 250.159651] ? blkpg_ioctl+0x8d0/0x8d0 [ 250.163528] ? trace_hardirqs_on+0x10/0x10 [ 250.167738] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 250.172815] ? debug_check_no_obj_freed+0x2c0/0x674 [ 250.177808] block_ioctl+0xd9/0x120 [ 250.181409] ? blkdev_fallocate+0x3a0/0x3a0 [ 250.185717] do_vfs_ioctl+0x75a/0xff0 [ 250.189492] ? ioctl_preallocate+0x1a0/0x1a0 [ 250.193891] ? lock_downgrade+0x740/0x740 [ 250.198027] ? __fget+0x225/0x360 [ 250.201454] ? do_vfs_ioctl+0xff0/0xff0 [ 250.205403] ? security_file_ioctl+0x83/0xb0 [ 250.209786] SyS_ioctl+0x7f/0xb0 [ 250.213127] ? do_vfs_ioctl+0xff0/0xff0 [ 250.217078] do_syscall_64+0x1d5/0x640 [ 250.220944] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 250.226106] RIP: 0033:0x45dd27 [ 250.229270] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 250.236954] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 250.244209] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 250.251453] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 250.258708] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 250.265953] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 250.291245] audit: type=1804 audit(1606963325.725:106): pid=15433 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/216/cgroup.controllers" dev="sda1" ino=16574 res=1 [ 250.361014] print_req_error: I/O error, dev loop4, sector 0 02:42:07 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000540)='/proc/sys/net/ipv4/vs/sync_refresh_period\x00', 0x2, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000000580), 0x4) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) socketpair(0x1e, 0xa, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$llc(r2, &(0x7f0000000400)={0x1a, 0x322, 0x8, 0x1, 0x5, 0x20, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x10) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x7, 0x0, 0x4}}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) mq_timedreceive(r0, &(0x7f0000000040), 0x0, 0x7, &(0x7f00000000c0)={r3, r4+60000000}) munlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000) 02:42:07 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x33, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd8268"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:07 executing program 1 (fault-call:4 fault-nth:15): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:07 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:42:07 executing program 4 (fault-call:3 fault-nth:16): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:07 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:07 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:07 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/mice\x00', 0x200) ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, &(0x7f0000000080)) r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x52000, 0x0) connect$bt_l2cap(r2, &(0x7f0000000100)={0x1f, 0x0, @any, 0x81, 0x1}, 0xe) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 252.387178] FAULT_INJECTION: forcing a failure. [ 252.387178] name failslab, interval 1, probability 0, space 0, times 0 [ 252.404687] FAULT_INJECTION: forcing a failure. [ 252.404687] name failslab, interval 1, probability 0, space 0, times 0 [ 252.430932] CPU: 1 PID: 15486 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 252.438833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.448183] Call Trace: [ 252.450771] dump_stack+0x1b2/0x283 [ 252.454403] should_fail.cold+0x10a/0x154 [ 252.458557] should_failslab+0xd6/0x130 [ 252.462534] kmem_cache_alloc+0x28e/0x3c0 [ 252.466682] __kernfs_new_node+0x6f/0x470 [ 252.470833] kernfs_new_node+0x7b/0xe0 [ 252.474726] __kernfs_create_file+0x3d/0x320 [ 252.479167] sysfs_add_file_mode_ns+0x1e1/0x450 02:42:07 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = syz_open_dev$vim2m(&(0x7f0000000000)='/dev/video#\x00', 0x8, 0x2) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f00000002c0)="5f181e54c19d2475eeef4b473072f9a62feab1c6827d70d0cf1004ab1fdb60a255673e7806488a83891795fefced13519296e129d1838223ae685b68600467a1c61fc1a511ba130e1a19a14ba7f7066dae54b8d6adf143a5c9ef4a9fced07f790173cc64a583313a9e808c971562102c3fed3eb20f731d1d2fe510f8f74c46006495ec0e400569d8df7d892dfc59600d6cfc7127ac6e1c212d901682b015c646b4034ccfa13d4ac161dd8e1770c02c28fe5222abdfa2799fa8a1107ae9f01ce79e50f7f3229e2c0d477ddccae2e6adbbadad06c7d27f17162c19cb97167f47b536f68dd402a6e3cc96ee10ab85556b5996478ac79e6e934b7f83cd02c18652b3") mmap(&(0x7f000070b000/0x3000)=nil, 0x3000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000000c0)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000180)=0x14) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) [ 252.483834] ? kernfs_create_dir_ns+0x171/0x200 [ 252.488503] internal_create_group+0x22b/0x710 [ 252.493089] lo_ioctl+0x1137/0x1cd0 [ 252.496726] ? loop_set_status64+0xe0/0xe0 [ 252.500971] blkdev_ioctl+0x540/0x1830 [ 252.504868] ? blkpg_ioctl+0x8d0/0x8d0 [ 252.508767] ? trace_hardirqs_on+0x10/0x10 [ 252.513009] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 252.518118] ? debug_check_no_obj_freed+0x2c0/0x674 [ 252.523139] block_ioctl+0xd9/0x120 [ 252.526765] ? blkdev_fallocate+0x3a0/0x3a0 [ 252.531098] do_vfs_ioctl+0x75a/0xff0 [ 252.534902] ? ioctl_preallocate+0x1a0/0x1a0 [ 252.539310] ? lock_downgrade+0x740/0x740 [ 252.543461] ? __fget+0x225/0x360 [ 252.546912] ? do_vfs_ioctl+0xff0/0xff0 [ 252.550885] ? security_file_ioctl+0x83/0xb0 [ 252.555296] SyS_ioctl+0x7f/0xb0 [ 252.558656] ? do_vfs_ioctl+0xff0/0xff0 [ 252.562627] do_syscall_64+0x1d5/0x640 [ 252.566518] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 252.571698] RIP: 0033:0x45dd27 [ 252.574879] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 252.582583] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 252.589849] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 252.597116] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 252.604379] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 252.611644] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 252.620476] CPU: 1 PID: 15488 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 252.628360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.637709] Call Trace: [ 252.640301] dump_stack+0x1b2/0x283 [ 252.643933] should_fail.cold+0x10a/0x154 [ 252.648084] should_failslab+0xd6/0x130 [ 252.652058] kmem_cache_alloc+0x28e/0x3c0 [ 252.656206] alloc_vfsmnt+0x23/0x7f0 [ 252.659922] clone_mnt+0x6c/0xff0 [ 252.663377] copy_tree+0x33e/0xa20 [ 252.666927] do_mount+0x1c6e/0x2a00 [ 252.670561] ? lock_acquire+0x170/0x3f0 [ 252.674546] ? lock_downgrade+0x740/0x740 [ 252.678696] ? copy_mount_string+0x40/0x40 [ 252.682928] ? __might_fault+0x177/0x1b0 [ 252.686988] ? _copy_from_user+0x96/0x100 [ 252.688203] audit: type=1804 audit(1606963328.055:107): pid=15511 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/218/cgroup.controllers" dev="sda1" ino=16002 res=1 [ 252.691150] ? copy_mnt_ns+0xa30/0xa30 [ 252.691167] SyS_mount+0xa8/0x120 [ 252.691176] ? copy_mnt_ns+0xa30/0xa30 [ 252.691187] do_syscall_64+0x1d5/0x640 [ 252.691202] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 252.691212] RIP: 0033:0x45deb9 02:42:08 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 252.737003] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 252.744707] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 252.751964] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 252.759233] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 252.766483] R10: 0000000000005010 R11: 0000000000000246 R12: 000000000000000f [ 252.773741] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c 02:42:08 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x800, 0x0, 0x2, 0x2}}) ioctl$TCGETS2(0xffffffffffffffff, 0x802c542a, &(0x7f0000000040)) 02:42:08 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r1, 0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r2, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$binfmt_script(r4, &(0x7f00000004c0)=ANY=[@ANYBLOB="a7a39d3c5307bd20028e005e8cf109fda0", @ANYRES64=r0, @ANYRESDEC=r3, @ANYRES64=r4, @ANYRESHEX=r2, @ANYRESDEC=r0, @ANYBLOB="1ab41154ec09078cfb167c5a43974206723f3b2e3255e4907375dcf78ac5d5b94214866c18c349ce0247a67ac7820c98ccc8d5b34cdf28dd2b3d7e94bc63a88883f0a08cc0ecdc9b3bc391143fd3027e3bdd324831a498481c7448", @ANYBLOB="38f3c798e36f02174df25b436e9eb5b30767a435b3e026ec339260e40bea506e01aa5d63ea2b96409217f068cf6698902c5deb0201fe09b8f91c2bbdf83d3094b045c606c88b617eda5d5d6f52325dabf25bfa84b90af9fa0105d103cc87916a2fd10129af6b2505c745f99b8d68fe9ae6df45678de84545f98d6f2e9b001d6659604e2deef63e30651c270ddfc2c552bcdc15aa19e04f6cb8aa0353c6937426e9b3cde2eb8e45ef73757a15c2", @ANYBLOB="22dc4a66fb42c6e6b03677acddfed7b367111676eb5a0a93f839f7b1eed3f8c87dc7a126ff49ca819c49e33f14485ed0d812825a2c15dc65e47077fe4aa5bb00273135b7b380eefdede38f4ecf72c2a1253b4783c6598af0f4993fc58278cc6d85409c956066548b457d0138e51e9a4dfdc635bee0966c68", @ANYRES32=r1], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r6, r5, 0x0, 0x100000300) 02:42:08 executing program 4 (fault-call:3 fault-nth:17): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 252.899648] FAULT_INJECTION: forcing a failure. [ 252.899648] name failslab, interval 1, probability 0, space 0, times 0 [ 252.923297] CPU: 0 PID: 15527 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 252.931210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 252.940563] Call Trace: [ 252.943159] dump_stack+0x1b2/0x283 [ 252.946791] should_fail.cold+0x10a/0x154 [ 252.950945] should_failslab+0xd6/0x130 [ 252.954922] kmem_cache_alloc+0x28e/0x3c0 [ 252.955352] print_req_error: I/O error, dev loop4, sector 0 [ 252.959065] __kernfs_new_node+0x6f/0x470 [ 252.967099] print_req_error: I/O error, dev loop4, sector 0 [ 252.968892] kernfs_new_node+0x7b/0xe0 [ 252.968904] __kernfs_create_file+0x3d/0x320 [ 252.974673] Buffer I/O error on dev loop4, logical block 0, async page read [ 252.978459] sysfs_add_file_mode_ns+0x1e1/0x450 [ 252.991536] print_req_error: I/O error, dev loop4, sector 0 [ 252.994575] ? kernfs_create_dir_ns+0x171/0x200 [ 252.994587] internal_create_group+0x22b/0x710 [ 253.000383] Buffer I/O error on dev loop4, logical block 0, async page read [ 253.004939] lo_ioctl+0x1137/0x1cd0 [ 253.014946] print_req_error: I/O error, dev loop4, sector 0 [ 253.016596] ? loop_set_status64+0xe0/0xe0 [ 253.016610] blkdev_ioctl+0x540/0x1830 [ 253.020347] Buffer I/O error on dev loop4, logical block 0, async page read [ 253.025949] ? blkpg_ioctl+0x8d0/0x8d0 [ 253.031512] print_req_error: I/O error, dev loop4, sector 0 [ 253.034026] ? trace_hardirqs_on+0x10/0x10 [ 253.034041] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 253.041173] Buffer I/O error on dev loop4, logical block 0, async page read [ 253.044983] ? debug_check_no_obj_freed+0x2c0/0x674 [ 253.051037] print_req_error: I/O error, dev loop4, sector 0 [ 253.054972] block_ioctl+0xd9/0x120 [ 253.054982] ? blkdev_fallocate+0x3a0/0x3a0 [ 253.060102] Buffer I/O error on dev loop4, logical block 0, async page read [ 253.067138] do_vfs_ioctl+0x75a/0xff0 [ 253.072392] print_req_error: I/O error, dev loop4, sector 0 [ 253.077816] ? ioctl_preallocate+0x1a0/0x1a0 [ 253.077824] ? lock_downgrade+0x740/0x740 [ 253.077837] ? __fget+0x225/0x360 [ 253.081477] Buffer I/O error on dev loop4, logical block 0, async page read [ 253.085758] ? do_vfs_ioctl+0xff0/0xff0 [ 253.093128] print_req_error: I/O error, dev loop4, sector 24 [ 253.096612] ? security_file_ioctl+0x83/0xb0 [ 253.096624] SyS_ioctl+0x7f/0xb0 [ 253.102350] Buffer I/O error on dev loop4, logical block 3, async page read [ 253.106703] ? do_vfs_ioctl+0xff0/0xff0 [ 253.149857] do_syscall_64+0x1d5/0x640 [ 253.153750] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 253.158931] RIP: 0033:0x45dd27 [ 253.162110] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 253.169809] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 253.177073] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 253.184338] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 253.191600] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 253.199025] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:10 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x4d, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:10 executing program 1 (fault-call:4 fault-nth:16): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:10 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:10 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$P9_RWRITE(r1, &(0x7f0000000080)={0xb, 0x77, 0x1, 0x7}, 0xb) ioctl$BLKGETSIZE(0xffffffffffffffff, 0x1260, &(0x7f0000000000)) 02:42:10 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000ae79ccdd0ef756c9c118ff9eb01000000000000000000000000000900010073797a3000000000380000e4120a010200000000000000000000000004000480090002003c40d402000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x2000, 0x0) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000400)={{&(0x7f0000000380)={'Accelerator\x00', {&(0x7f00000002c0)=@adf_str={@bank={'Bank', '1', 'CoreAffinity\x00'}, {"3af87f763f2d61400f8b3029f66794776cb89b6ad31f245394956a74ee4791d6f1b0fddc58207ad8990c2ac2358d12c566c478466189a573a1c39fcff2849528"}}}, {&(0x7f00000001c0)={'GENERAL\x00'}}}}, 0x3f}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[], 0x208e24b) r2 = socket$rds(0x15, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) fsetxattr$security_capability(r1, &(0x7f0000000000)='security.capability\x00', &(0x7f00000000c0)=@v2={0x2000000, [{0x9, 0x8e1a}, {0xff, 0x3}]}, 0x14, 0x3) r3 = openat$cgroup_ro(r1, &(0x7f0000000180)='cpuset.effective_cpus\x00', 0xb00000000065808, 0x0) io_setup(0x5, &(0x7f0000000100)=0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) io_submit(r4, 0x3, &(0x7f0000001740)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3, 0xffff, r5, &(0x7f00000004c0)="f6c0d6665cacc98671800c09ac9d4be18e295f0d02389db706b68e5d60e9e695e2bbb1dc01c82d3d7f031f4dade56228c3026a4c500d330dab92020dbc59d10d766eac5b20fed93fbeecf71ba80dda4b4ec43d07c7f8693417f43d4838dc656ff5fe3ae07d63f51ff02685261943ae35c1f60e1133bb06f437a70881fdb0a654d80e0e931b6cfc4b14f3e5023a62b69e0cb28e3f3a26e8d8d64061a75826bf7852201c92e9db3eb7d623491151b15ae02acefcccf7040dc929e935c1d955e17ff39aee6a7ccc4ad0e02bb155032daeeeff4031e548c7f8557be55097a9160303c9e5e5a1", 0xe4, 0x4, 0x0, 0x3, r1}, &(0x7f00000015c0)={0x0, 0x0, 0x0, 0x1, 0x100, 0xffffffffffffffff, &(0x7f00000005c0)="8bd384bc4254cc9fec75e98955ec33c00e9cd73231309f14af54df9a564e1c0894179eb2c8a98b99b2bc0beba465d638ea86d0f4387058881419a901c28057695053598034d58b7877110d87db29fd2508a7d265bb0409de26eabf4eb29729cfe0bac4e8b325b39eafcdca40162bbad0f2f05a580e6fbac604daa5fcc54b3445f71e6f32ad331c81150252859989395b8b9c90c015d969d9d28e107e434c699b349987372f1f4537acf65c05e695c9b78d255b1669784132cdf465b6b226e04605dc05469022f03d64d291f4be15fd3f3a2d1c7601622a7e77fc2836485bfdf3be6a95e004c4f38d5b9ee4849ef7c4f2fbde899dbe6a1fa02cab6e0ab71f97a8bea3742c96595bd3aeb54072e1f29c18e018577a8dc420b7655ab505a4fd1ebd866699ef5e617d02b8268414370b6c0552fdca5ed2542b2ff21ce9e437182ec9bc5cb5b4ebf946bee5c1e22f72438c6016ed9e3a0f5d35987aafaec58e92b75b86f28d684877b5e6e0ee18fccdb6b6777dc61decabb68fffeebc01d8eba92dc78d4cc168ce7d1b15e702b3e4bab24350ed04f9bb81717124480e6b879d8ec782936801ffb614144a5636842f6e69d190b47848bcf9252e566a67fd513c8e9e4ab53eccafee7886d44d3af1b0caa60ce2806892a35342b12f788bba69caff76a49861ed95c9227fbd67533ae00d6ba50e456fc5750ad2c0c08460acaeae872c85cc51bf089159598a1df8f53eeae3d0edabec51632cd78b411c76ae96eec74233c1f61b5b4473a9c203d40a267af51b49b667e0f2aed3af13e30a481610d4f3dd3de529b0f3c5491340dc94a74db50a55dc06ccf276ca33390ae6209792766f18349aaae08fdbfd210e643804b1c253c6f75e25bf98e88c653ac0886e4beabf4b8f1b78e596374f41bcfaa8a63ec2e1184e5d40fad82706302f90037664111b93a346852d910ce9e835569647b09bb4cf2966cdbd04bff23a34158436c69738b14b7860fbe2acc4dd2435a7137cf75e903b0f97db1fa93f8aaff236b6fcffeb0301f09b3fd670c4c731ca1053f3045a02402821036e32fb514b78d17d2c7607daa7cca7f49550096cb6e1669244773fbaab27672980d28b277f83afa865cb29d6c9b033e2861c15ef13ad6a6dabeb077d61de6d1dbd6ff121be2b0a528278e8d9b34b47e5b7a1600ab1c78fe60dd4c6efbbc682e71b136576bfaee74bc6e55ec9f95133634cd19ee2ef4b5901892f8f4f308b1538a5b093627cc46adc01d07fd92c914d832016eb448bbfd5c07ab8ef1148597a4b3ac266415ea5dedfbe6c8b9e7504112cf31fe5ebf111bf75baf17231814281948bc6a56498e31b24da68f63bc2b6ce1535b9a6d3294c1252ec7c0fb57869650cb172acb29a260e93bdaabfecddfd7866583bbe268c62d7f1683f4fd908faac1cb147940cd69d51aee2ba86ee6a4227d817827c5187d0a740e6fe07bb52ef89a01ac3a674d4b432a320e2c2f5f878d756a107a7d96170337a4f71aeaa3e5c538725374b8d7bce17356c228f9fde4f74363f3c2c5974f80c18be28862d4978c152b77861e56b5d763e6d3a5a92407bce1441749d836eb4edd12f97d209b54ab45f3ad712ba589de147c9cc6350464be759ab4e72963686ebe4d21c1936400c84fb56cf29ce4fd3d5e5946e952df671096d1083d5a71ef24c2b95c9c268a541f687f72759f0d211a952ec2909a6cc2b23107088e8b4c8d1e8cde62d2eee99e77667fec11fe194b1bb5d3cabc89ed0f04efb4301b469ad42cd4c559ec20d4a1ef7508d5f6beeb690d93c0383d3f31f8d273d299a30ca636ce50249968ab05537ff2b970abdb1670c066dd71fb05334b3ea6b4ddea1cbaa7bc7ae9a7f73fe048f54f7ffe09256cc982630793b75af9ad99c2af7e9ff7d588c220a39c724cfc8ff52e2693a8e77d14676398ec5022efaf06d56a2c1e518c6d1f0bab6adf406baa8a44fe6cd9c1d061e5d539d586d9cbae92d3b7c4fc72668c20a8c32d049c42fb368a4c89d7031c241d96d5dbaf6cd8287f23b9db6dada95deb9e3ba5a5d51f37959258175fa9455053e1310f393bbb9d8a442599509483b2c1333827b793932e164c8c003ea647932ade99d66065a7fe66a967de906aba06a7236152bbd10f74b3b89bdaa42120e8b228cb8e13d38125b4aeb70724b5d007606932d76b55436a021b203ceffc8ae7f90bf6a3fd14c67234d35e53edee6fe795ef3eae7d528bc9ac09cddfa913cf1b80e8458596c50fb7cf5ac33be071fb9a3898e6fc9147da946f54d728cf6d51aaa3a04c5c0b58e11f0d76a65e68b154779865d379681551e839187194936b9ccf974119c78a2ed7f92fe46568ea6fe8d3a98adc54b02acf80d705272c7dd42f480f877afc2702713a3eaa8e1f5f7e52ace599796e3e73f4643daa9b4ff9c46380c1d271e15ed9eccc18d9a9a1ff9684943d76daae3fc49066e37df1a6c5062e51c74ddffe5ccbf85193b0f17339a21eb64178006b79c476704e2c166a7b7557e765006a4ab58b38201b84b0d935160055bb7b7557a49e27908e34113c9631d6fa9c9f3bd371c828059b1913aec83c799964c77ec992e6a33dd8a4bf6051f7398bad79a9fb385a6180b96049d91633e7ebf0464231b67b66ef3cd820b9facbeaf92e08d1243bc330ad1841ee8a2575941ffac839b4f710ac6111c6f752297f2224ee75e7ce7e9b60909eede65bb14e03594a70f910f77a77cd389fd27e8e47396b46a11e83afa9d859438683b724536ce168b313ed3913827668553e26f6cc82ba007e85d9912e230b3997c6a9918621728c6d3d5131ba74671107467363c0086a79774c6177fb63233a9b32fe292b924f0a9a7ad49a9fb73eebe04ac87645d63c4d2743afd841fcf5940807740824d3438590a6102fc4c2cdb263ac10728a765436ec8abe93502ba1e4b3dd71d129e4a83dd4b6e36714f64e52272952551fcfa4780eaddf3f3ae519e740835fdb0c0dd0af0edc65cc47df1549454afe0a471c9a14bbd4561537a12b9de3ef557fcac34b5260e03c897f2d42b8388ede76a05d8d2bf17c36d9cd82e144601ad5309966b8042d245520fa650caa5ccd8f6f7069844190069fd6072247280bcbb2e079d172043dadafdb8a4e37be2aaf431475fe0081b50f2f462a328ffd1eb3a6d85b442b1fe3f7fdeee3065c13bb3c5a053e55b8c39624c77009a3945b767020e34ca3b1f545cbfc8c477c4a2851c7b0c2487391c6758691e70bd9e5d969ff9a36c8f2cbd5b6858223cca62a903f4801486ba595160781f4ea0c80eba76c159bb7072eb3cb118aba8323b71f2fe66a9277ff7bbbe60dc303bf6f7699ff439a530473c6012c787a1793a5bb2345fdab0ec522f362d1194981f10467eaaa0a1e70041a9cc8159a1388e43cd83f5faf20858746c56fea8e345204b184c85bdbe7470ae049c2549abb0f2d7cfb5b9603d07cdc6a150431ae285caf828b1e7cf435e3b3576c59ca83d1cd1b3cf65f2f48b5c67ecb630f7ad561d9731c275689aca4d4b8a895f8d8cb6a063ff29b4446e460ed160a703290f7a266994f83954a0a16fda81887a039cca72c31f7d6ec342de4fe681cb7ea6303d97ba66490cfd0ac08ec043f39dc44ea62cfa56972424b1790f666c972f34a6b8016b046c7dfc256e8e98779ee21f24358b3bf6e7391f2edef796bbf71982b177302a5e646f1aa62d483ce1a4e864650e25da376ae527a3a1c10a8dab003287028425990ab4f2b4d71b323a866790387396946b3d22a5e462a910a8a7ed3a49048a6d91feecce33d10f1af7bfef3349171ab66faffd6ef752e4c56da94b1d0f269fa4a0296e2ac2953ab78da4ab4030e13e4947ea7c453b7e2302adff17105aed9e704bc6884430e9e25914206c5605b11eb58a05eef9f087b1b851635b1ea450233c3b2e3efb461c9a1768cc2846fb55cd350fe5c3df21799866e019cc930405c8d23543efee80fe0c578498ecc1800b3a4f5f4ac5eea8fff2d62023fbb815419b8f9d7f96f610ebe7941aae492d732597f09b692eb9b0eb0fe17dd32b1c8270ad8cd62f2cf18630ed2c60f7166ede7140f4a22307f437213a6cc31ac150bdcf2c9698d6c77cc79c452d99b9685b9bdf24c1f0fbb3b7e735eba2ec93d8c80858c2375d7af799663e1d198293e49e53f5acbca902f1ea35dcf98e12b27d50107a5310add84ef2a89d822b01cebb13a4b1a0daff525ecd0572828de6c4d1bdd4c8004f90c6941ce7237f64ac798070b2927be23ecebc8336384257c56a1e15394ad169ced68aacb764f860bced88a5ca5542fb0cf1e79e384dea61b8b80f4328801fc65dc0cc92227fb5cddda6b674d020d77ba29b36e37adc65f80eb4909a179ea26c12d4b25fb8f54b7d6080b0886fb5a49ab852c4053c1fbd473b1ed859a8998f2ce8d5bece5a1fc5906af7d6c8e6f533cc0944f36fcfd6176ef8df9d47ab762ca63eae2012b5c5e27d6061df10f6e9c9832ebdfa79f5d603b1c5c9ee0f149c4a292e6ef8d82576cd6341cfb3fcfd9493b81e979926775ed5d9109b15951683200b21181d97177d19da33fa17e35e35558a7a9300f29369a810d70101421529d73ae4b34513a520a4bc144e5509306b5d6c8cb26c797f9033270b99b4ca753c000de12a9def5546523917b59d682c54014119cc4582fe9c2a6609080a98cc6af9e2257a1caa347304770564f83f2467ca67b0da050810468262ccf4b710626f9122412adf66cd5d357a197b0b954b36542c7101cea2e76aad9ce0bc9f55d992f1e0c8f74d0a22d63625136464d3ae76cf9e12acb4df48f286a6a9378bdbceaec86910f833736ddc2e9c07e4a11e52e6c58bf1039dc911a79c03a15b1af45192796702c5b30b64dc6a1e600ff76135ac8ce6935c27a9c434584b366ceb366dab206ae84b882057648b35d02609f4065677c22f280d54b952eadcf5f44bd4b28bcced604210c78fd89742ca405d9c2239eac736976b2d4891c29150ec165e62f2a2bbe6834bd2b89ca9b5baef3707bf21f8a910d214d2cc4ed464eb9505ade28064ae1a67beed2081c82b34c51baf4a6d44f8358348211cb700eb3cd621cd0825b65a2e44f7ed2b8fab2edc4c6569a2dd52cff1fdad169e0fb4fbe4389045e01ca02303fcad8507e0ca698a696169ab1c8efdd2b09586580c38efdd23a78c54ce3c2c5edf3ed75ffdbf634d5fab5cfca52a6a0446dcad50d3d43c50977eb9bcf452d860a36255be5c24fc8352e489a9f62c31b9c6cbef2a2224a63c38689ffbc4d875bc512b81c889c4c2430d34d22ca1782aafdbba57f76ed383156e6eb56b32fdb671503ac21a9ccf4a3dd40441be7c0efaaa5bbc059d928a5c0bb84f72386d6318352e7091a315f4046104e914f2f5aac15280a9c3318d76ba51d0854d8be02d19c22d6a2c50e529075f027864e3380adf421a5a5256c8919f2d350830d821a729ac7a96ed41c174143991e051386691420d9abe767d5fb7b7c89117daa5a2eb33fa8eed035cf148cbb081a0bd99e15db9ef487eab223146d47295022dd4a4feb378ee5acaf95d843d53d663cbf41f35ec0764e74e1ee15f8b58046f0dcc8dc86c95e4adaa0a854deeb75b2dcaef1121c4d92e464ac06bf905b822a7bd1c9bd6f52807d0edc66147370aa10c1615ca62ea21703073744f306ef9cee80281f40b8923e24f2833250adb68b68cc09c30beeeb90e194c69b69f70a658c855d337e310bf5d6620e207b0eb6c021a841fc553f6755cd734c6fb612a704c3b57c01360930dda", 0x1000, 0xd7, 0x0, 0x1, r3}, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x1, 0x800, r2, &(0x7f0000001600)="0150ef4243da2178c5596d7612271571a7ff98d7fc9e4cfb060e61b95131563460b62f833dfe907721ae359f2dea5d7b9a8d444c9b199d3436c00f7681f948c11475a36bf0aa796431fe5213dec9103cd8bd6e12eb1e5db96a43fa4cbabf80312648a10de7903424c086b44d2a8ad5846e1a8c53daaa99a9a5be8d29fafe50255bb12e61e452f7c1c95f48907133b37dcda52be4a8ac5f0fcf00909ffb08615b73e66f49b4ef091e921c64d7a98eb323c28be1724c00699dd78b4d904206aeed24d4a21648", 0xc5, 0x0, 0x0, 0x1, r1}]) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r6, r3, 0x0, 0x100000300) 02:42:10 executing program 4 (fault-call:3 fault-nth:18): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:10 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) migrate_pages(0x0, 0x100, &(0x7f0000000040)=0x4, &(0x7f0000000080)=0x1f) [ 255.385362] QAT: Device 63 not found [ 255.401206] FAULT_INJECTION: forcing a failure. [ 255.401206] name failslab, interval 1, probability 0, space 0, times 0 [ 255.429255] CPU: 1 PID: 15553 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 255.437162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.446518] Call Trace: [ 255.449106] dump_stack+0x1b2/0x283 [ 255.452738] should_fail.cold+0x10a/0x154 [ 255.456890] should_failslab+0xd6/0x130 [ 255.460877] kmem_cache_alloc+0x28e/0x3c0 02:42:10 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 255.460891] __kernfs_new_node+0x6f/0x470 02:42:10 executing program 1 (fault-call:4 fault-nth:17): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 255.460903] kernfs_new_node+0x7b/0xe0 02:42:10 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:11 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a30000000b538000000120a010200000000000000000000000004000480090002fc3fd8b54f1130be0002000000000000000900010073797a"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) [ 255.460915] __kernfs_create_file+0x3d/0x320 [ 255.460926] sysfs_add_file_mode_ns+0x1e1/0x450 [ 255.460942] ? kernfs_create_dir_ns+0x171/0x200 02:42:11 executing program 1 (fault-call:4 fault-nth:18): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 255.460954] internal_create_group+0x22b/0x710 [ 255.460969] lo_ioctl+0x1137/0x1cd0 [ 255.460981] ? loop_set_status64+0xe0/0xe0 [ 255.460994] blkdev_ioctl+0x540/0x1830 [ 255.461003] ? blkpg_ioctl+0x8d0/0x8d0 [ 255.461013] ? trace_hardirqs_on+0x10/0x10 [ 255.461026] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 255.461036] ? debug_check_no_obj_freed+0x2c0/0x674 [ 255.461051] block_ioctl+0xd9/0x120 [ 255.461060] ? blkdev_fallocate+0x3a0/0x3a0 [ 255.461070] do_vfs_ioctl+0x75a/0xff0 [ 255.461082] ? ioctl_preallocate+0x1a0/0x1a0 [ 255.461089] ? lock_downgrade+0x740/0x740 [ 255.461103] ? __fget+0x225/0x360 [ 255.461113] ? do_vfs_ioctl+0xff0/0xff0 [ 255.461123] ? security_file_ioctl+0x83/0xb0 [ 255.461134] SyS_ioctl+0x7f/0xb0 [ 255.461142] ? do_vfs_ioctl+0xff0/0xff0 [ 255.461154] do_syscall_64+0x1d5/0x640 [ 255.461168] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 255.461175] RIP: 0033:0x45dd27 [ 255.461180] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 255.461190] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 255.461195] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 255.461200] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 255.461205] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 255.461210] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 255.478565] FAULT_INJECTION: forcing a failure. [ 255.478565] name failslab, interval 1, probability 0, space 0, times 0 [ 255.478577] CPU: 1 PID: 15556 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 255.478583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.478586] Call Trace: [ 255.478600] dump_stack+0x1b2/0x283 [ 255.478615] should_fail.cold+0x10a/0x154 [ 255.478630] should_failslab+0xd6/0x130 [ 255.478643] kmem_cache_alloc+0x28e/0x3c0 [ 255.478656] alloc_vfsmnt+0x23/0x7f0 [ 255.478675] clone_mnt+0x6c/0xff0 [ 255.478686] ? is_subdir+0x223/0x38a [ 255.478700] copy_tree+0x33e/0xa20 [ 255.478718] do_mount+0x1c6e/0x2a00 [ 255.478730] ? lock_acquire+0x170/0x3f0 [ 255.478739] ? lock_downgrade+0x740/0x740 [ 255.478751] ? copy_mount_string+0x40/0x40 [ 255.478763] ? __might_fault+0x177/0x1b0 [ 255.478774] ? _copy_from_user+0x96/0x100 [ 255.478787] ? copy_mnt_ns+0xa30/0xa30 [ 255.478798] SyS_mount+0xa8/0x120 [ 255.478807] ? copy_mnt_ns+0xa30/0xa30 [ 255.478818] do_syscall_64+0x1d5/0x640 [ 255.478834] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 255.478841] RIP: 0033:0x45deb9 [ 255.478846] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 255.478856] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 255.478862] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 255.478868] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 255.478873] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000010 [ 255.478879] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 255.490784] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 255.492592] QAT: Device 63 not found [ 255.575012] FAULT_INJECTION: forcing a failure. [ 255.575012] name failslab, interval 1, probability 0, space 0, times 0 [ 255.575024] CPU: 1 PID: 15580 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 255.575029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 255.575038] Call Trace: [ 255.575052] dump_stack+0x1b2/0x283 [ 255.575066] should_fail.cold+0x10a/0x154 [ 255.575080] should_failslab+0xd6/0x130 [ 255.575092] kmem_cache_alloc+0x28e/0x3c0 [ 255.575104] alloc_vfsmnt+0x23/0x7f0 [ 255.575115] clone_mnt+0x6c/0xff0 [ 255.575125] ? is_subdir+0x223/0x38a [ 255.575138] copy_tree+0x33e/0xa20 [ 255.575155] do_mount+0x1c6e/0x2a00 [ 255.575166] ? lock_acquire+0x170/0x3f0 [ 255.575175] ? lock_downgrade+0x740/0x740 [ 255.575187] ? copy_mount_string+0x40/0x40 [ 255.575198] ? __might_fault+0x177/0x1b0 [ 255.575209] ? _copy_from_user+0x96/0x100 [ 255.575221] ? copy_mnt_ns+0xa30/0xa30 [ 255.575232] SyS_mount+0xa8/0x120 [ 255.575241] ? copy_mnt_ns+0xa30/0xa30 [ 255.575252] do_syscall_64+0x1d5/0x640 [ 255.575267] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 255.575275] RIP: 0033:0x45deb9 [ 255.575280] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 255.575290] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 255.575295] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 255.575301] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 255.575306] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000011 [ 255.575312] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 255.671597] FAULT_INJECTION: forcing a failure. [ 255.671597] name failslab, interval 1, probability 0, space 0, times 0 [ 255.733953] audit: type=1804 audit(1606963331.155:108): pid=15593 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/221/cgroup.controllers" dev="sda1" ino=16210 res=1 [ 255.738340] CPU: 1 PID: 15590 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 256.130497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 256.130502] Call Trace: [ 256.130520] dump_stack+0x1b2/0x283 [ 256.130534] should_fail.cold+0x10a/0x154 [ 256.150227] should_failslab+0xd6/0x130 [ 256.154196] __kmalloc_track_caller+0x2bc/0x400 [ 256.158842] ? kstrdup_const+0x35/0x60 [ 256.162714] ? lock_downgrade+0x740/0x740 [ 256.166848] kstrdup+0x36/0x70 [ 256.170019] kstrdup_const+0x35/0x60 [ 256.173746] alloc_vfsmnt+0xe0/0x7f0 [ 256.177462] clone_mnt+0x6c/0xff0 [ 256.180905] ? is_subdir+0x223/0x38a [ 256.184632] copy_tree+0x33e/0xa20 [ 256.188154] do_mount+0x1c6e/0x2a00 [ 256.191758] ? lock_acquire+0x170/0x3f0 [ 256.195731] ? lock_downgrade+0x740/0x740 [ 256.199868] ? copy_mount_string+0x40/0x40 [ 256.204093] ? __might_fault+0x177/0x1b0 [ 256.208132] ? _copy_from_user+0x96/0x100 [ 256.212259] ? copy_mnt_ns+0xa30/0xa30 [ 256.216125] SyS_mount+0xa8/0x120 [ 256.219562] ? copy_mnt_ns+0xa30/0xa30 [ 256.223437] do_syscall_64+0x1d5/0x640 [ 256.227313] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 256.232479] RIP: 0033:0x45deb9 [ 256.235643] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 256.243328] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 256.250574] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 256.257842] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 256.265091] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000012 [ 256.272340] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c [ 256.318079] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. 02:42:13 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x4d, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:13 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:13 executing program 4 (fault-call:3 fault-nth:19): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:13 executing program 1 (fault-call:4 fault-nth:19): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:13 executing program 3: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRESOCT=r0], 0x1}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r2 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0xffffffff, 0x420000) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) recvfrom$netrom(r4, &(0x7f0000000180)=""/179, 0xb3, 0x12002, &(0x7f00000002c0)={{0x3, @default, 0x7}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) ioctl$SIOCPNADDRESOURCE(r2, 0x89e0, &(0x7f00000000c0)=0x101) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r6, r5, 0x0, 0x100000300) 02:42:13 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ocfs2_control\x00', 0x105201, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000001c0)={0x5, 0x4759}) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x314}}) r2 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x5) ioctl$VT_WAITACTIVE(r2, 0x5607) sendmsg$NLBL_CIPSOV4_C_REMOVE(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x70, 0x0, 0x200, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x44, 0x8, 0x0, 0x1, [{0x24, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x174b21a9}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x3ca6bc5a}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7b9ecac2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x2407c5b1}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x7e59b555}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x64}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x22}]}]}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}]}, 0x70}, 0x1, 0x0, 0x0, 0x20000804}, 0x40) setsockopt$ALG_SET_AEAD_AUTHSIZE(0xffffffffffffffff, 0x117, 0x5, 0x0, 0x3) 02:42:13 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x2, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = accept4$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000180)=0x14, 0x0) listen(r1, 0xe7ae) ioctl$FS_IOC_GETFLAGS(r4, 0x80086601, &(0x7f0000000140)) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$KVM_SET_DEBUGREGS(r1, 0x4080aea2, &(0x7f0000000080)={[0xd000, 0xf000, 0x4000, 0x4000], 0x76b, 0x24, 0x2}) read$FUSE(r1, &(0x7f00000001c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_LSEEK(r1, &(0x7f0000002200)={0x18, 0xffffffffffffffda, r5, {0x5}}, 0x18) 02:42:13 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 258.452895] FAULT_INJECTION: forcing a failure. [ 258.452895] name failslab, interval 1, probability 0, space 0, times 0 [ 258.479406] FAULT_INJECTION: forcing a failure. [ 258.479406] name failslab, interval 1, probability 0, space 0, times 0 [ 258.513214] CPU: 1 PID: 15614 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 258.521136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.530485] Call Trace: [ 258.533070] dump_stack+0x1b2/0x283 [ 258.536707] should_fail.cold+0x10a/0x154 [ 258.539981] audit: type=1804 audit(1606963333.936:109): pid=15615 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/222/cgroup.controllers" dev="sda1" ino=16602 res=1 [ 258.540859] should_failslab+0xd6/0x130 [ 258.540871] kmem_cache_alloc_trace+0x29a/0x3d0 [ 258.540885] ? dev_uevent_filter+0xd0/0xd0 [ 258.576112] kobject_uevent_env+0x20c/0xf40 [ 258.580438] ? internal_create_group+0x48f/0x710 [ 258.585197] lo_ioctl+0x11a6/0x1cd0 [ 258.588828] ? loop_set_status64+0xe0/0xe0 [ 258.593060] blkdev_ioctl+0x540/0x1830 [ 258.596935] ? blkpg_ioctl+0x8d0/0x8d0 [ 258.600804] ? trace_hardirqs_on+0x10/0x10 [ 258.605024] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 258.610108] ? debug_check_no_obj_freed+0x2c0/0x674 [ 258.615106] block_ioctl+0xd9/0x120 [ 258.618712] ? blkdev_fallocate+0x3a0/0x3a0 [ 258.623014] do_vfs_ioctl+0x75a/0xff0 [ 258.626795] ? ioctl_preallocate+0x1a0/0x1a0 [ 258.631186] ? lock_downgrade+0x740/0x740 [ 258.635322] ? __fget+0x225/0x360 [ 258.638756] ? do_vfs_ioctl+0xff0/0xff0 [ 258.642712] ? security_file_ioctl+0x83/0xb0 [ 258.647099] SyS_ioctl+0x7f/0xb0 [ 258.650444] ? do_vfs_ioctl+0xff0/0xff0 [ 258.654399] do_syscall_64+0x1d5/0x640 [ 258.658364] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 258.663534] RIP: 0033:0x45dd27 [ 258.666702] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.674498] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 258.681762] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 258.689021] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 258.696276] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 258.703526] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 258.710828] CPU: 0 PID: 15610 Comm: syz-executor.1 Not tainted 4.14.210-syzkaller #0 [ 258.718717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 258.728071] Call Trace: [ 258.730665] dump_stack+0x1b2/0x283 [ 258.734293] should_fail.cold+0x10a/0x154 [ 258.738441] should_failslab+0xd6/0x130 [ 258.742445] __kmalloc_track_caller+0x2bc/0x400 [ 258.747104] ? kstrdup_const+0x35/0x60 [ 258.750975] ? lock_downgrade+0x740/0x740 [ 258.755138] kstrdup+0x36/0x70 [ 258.758312] kstrdup_const+0x35/0x60 [ 258.762006] alloc_vfsmnt+0xe0/0x7f0 [ 258.765698] clone_mnt+0x6c/0xff0 [ 258.769136] copy_tree+0x33e/0xa20 [ 258.772672] do_mount+0x1c6e/0x2a00 [ 258.776279] ? lock_acquire+0x170/0x3f0 [ 258.780231] ? lock_downgrade+0x740/0x740 [ 258.784359] ? copy_mount_string+0x40/0x40 [ 258.788571] ? __might_fault+0x177/0x1b0 [ 258.792612] ? _copy_from_user+0x96/0x100 [ 258.796738] ? copy_mnt_ns+0xa30/0xa30 [ 258.800603] SyS_mount+0xa8/0x120 [ 258.804033] ? copy_mnt_ns+0xa30/0xa30 [ 258.807899] do_syscall_64+0x1d5/0x640 02:42:14 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 258.811770] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 258.816939] RIP: 0033:0x45deb9 [ 258.820104] RSP: 002b:00007fbecc274c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 258.827788] RAX: ffffffffffffffda RBX: 0000000000021800 RCX: 000000000045deb9 [ 258.835036] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000020000080 [ 258.842284] RBP: 00007fbecc274ca0 R08: 0000000000000000 R09: 0000000000000000 [ 258.849546] R10: 0000000000005010 R11: 0000000000000246 R12: 0000000000000013 [ 258.856795] R13: 00007fff46134daf R14: 00007fbecc2759c0 R15: 000000000119bf2c 02:42:14 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x3, 0x1000, 0x0, 0x3f, 0x4}}) 02:42:14 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:14 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:16 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x4d, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:16 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:16 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:16 executing program 1 (fault-call:4 fault-nth:20): r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:16 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:42:16 executing program 4 (fault-call:3 fault-nth:20): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:16 executing program 2: mknod(&(0x7f0000000040)='./file0\x00', 0x200, 0x0) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 261.468201] FAULT_INJECTION: forcing a failure. [ 261.468201] name failslab, interval 1, probability 0, space 0, times 0 [ 261.480155] CPU: 0 PID: 15670 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 261.488051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 261.497412] Call Trace: [ 261.500002] dump_stack+0x1b2/0x283 [ 261.503637] should_fail.cold+0x10a/0x154 [ 261.507793] should_failslab+0xd6/0x130 [ 261.511888] kmem_cache_alloc_trace+0x29a/0x3d0 [ 261.516563] ? dev_uevent_filter+0xd0/0xd0 [ 261.520798] kobject_uevent_env+0x20c/0xf40 [ 261.525123] ? internal_create_group+0x48f/0x710 [ 261.529883] lo_ioctl+0x11a6/0x1cd0 [ 261.533516] ? loop_set_status64+0xe0/0xe0 [ 261.537885] blkdev_ioctl+0x540/0x1830 [ 261.541778] ? blkpg_ioctl+0x8d0/0x8d0 [ 261.545666] ? trace_hardirqs_on+0x10/0x10 [ 261.549903] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 261.555015] ? debug_check_no_obj_freed+0x2c0/0x674 [ 261.560037] block_ioctl+0xd9/0x120 [ 261.563666] ? blkdev_fallocate+0x3a0/0x3a0 [ 261.567991] do_vfs_ioctl+0x75a/0xff0 [ 261.571795] ? ioctl_preallocate+0x1a0/0x1a0 [ 261.576201] ? lock_downgrade+0x740/0x740 [ 261.580359] ? __fget+0x225/0x360 [ 261.583815] ? do_vfs_ioctl+0xff0/0xff0 [ 261.587783] ? security_file_ioctl+0x83/0xb0 [ 261.592196] SyS_ioctl+0x7f/0xb0 [ 261.595559] ? do_vfs_ioctl+0xff0/0xff0 [ 261.599546] do_syscall_64+0x1d5/0x640 [ 261.603446] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 261.608630] RIP: 0033:0x45dd27 02:42:16 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:17 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) fsync(r0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:17 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 261.611832] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 261.619536] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 261.626802] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 261.634077] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 02:42:17 executing program 1: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f00000001c0)=@gcm_256={{0x303}, "81b7055d80f54e3d", "ca1e95816eb1e9d095aa8c5ac62c23286d28dae3f80ffdc2544d3260f15a4593", "570dccac", "1956803f64e42f66"}, 0x38) r1 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r1, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r1, 0x0) write$FUSE_NOTIFY_POLL(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x1, 0x0, {0xffffffffffffff75}}, 0x18) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000002100a8036396c57972e518d369d85b8c15909e2056d1a7819bb6819e957ab53621f0fbef27560dadcb78fada64bf53d9374b2c7679e4f3e002548b3551c44878c7472bdef8be4f76770ee059bd8270896e835f70806e2ce5cd52e5fa3963a0e6c7532f36b769e78e8742000030b6075d2bf0f7d13a4b0bc5f29eb72598fc5ec4a3a544c22a58069ac28cf8a839a31084539a69bd7e0ca91da7a04ddfd4f4a9b7fd3c4b77265eed4b9c3b97864a368b4d83ca124fec91fa70e895903516a6305693d4d3794a1ec93f340a3bf7cde13ae016e1cc7a39acc0cd13455c370d7ff8367517f57165acea4463813748d2d1e9abf6ce1fcbcc75f5f3058af4aaf93d03ac16df5f482b9c5ad525"], &(0x7f0000000040)='./file0\x00', 0x0, 0x87010, 0x0) r2 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x8000, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000180)={0x1c, 0x0, &(0x7f0000000100)=[@release, @increfs_done={0x40106308, 0x3}], 0x3b, 0x0, &(0x7f0000000140)="9f259de8581588965df5191da3c96a206fce6597bdd4e7abd8d69e054c2d6dbcfcb62f736a6f7c286f9f81efc1a8014069fa65873355200c3d667b"}) [ 261.634083] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 02:42:17 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 261.634089] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 261.653505] audit: type=1804 audit(1606963337.076:110): pid=15676 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/223/cgroup.controllers" dev="sda1" ino=16622 res=1 [ 261.811108] audit: type=1804 audit(1606963337.226:111): pid=15684 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/223/cgroup.controllers" dev="sda1" ino=16622 res=1 02:42:19 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000040)) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f0000000000)) ioctl$RNDGETENTCNT(0xffffffffffffffff, 0x80045200, &(0x7f00000000c0)) mount(&(0x7f00000005c0)=ANY=[@ANYBLOB="9b1b1eb3900960ef45ed532536c1f9c88725f1bf4f4369e349748613f1b576d412cb8b9c9a7579ea75d636a30b9d11cc8fcb8751ce48d6aaa45ca2dcb7c0961a36a49eaa7843761bf3edc83cbd71712fe755bcc935f767246112af06435b12bfbf75a3832ed4a3ffe032103301ccd04bc0d138f27f84a5ecd3946e2110055760d7b9a798b7e55e90a328e85cf054c8c787c57ed3ff29d1793c9324b0ac8b59000000000000000000001b058ef5f8ca6528d257072fd7392500a0e09d96ae067438214db559d735f15921e61ef41bae3f567c24be12663fc4b33fe0d0abdbc57c4abf7bdc05488f287b5d2af69217e8dfd8c933b9e1a4351ee4cbc4a72791039004f4793fa699fe109cbefba6d2ca2b598db689150a4917b1211e94d3bc384a1ecea39d4ebe5e7cebc7995a4352e3c65372a9c54dadb1ecf7ce4e0054f5d42eb95719d0416f319cbbd07dd68b66fda8790300db7b4f7fc2d2a2e6eeb3e7b92cc8a1706dd853959562685e3238e717850fcf76591603140420fcad75b727b2a191a499962f8cedbf1b8b301c9b2d3aeb2e738341e00da0b27f21cd21880bcba76f372b2e2160c05560c91bbe9dee676b0800523cb1c9ee2718c9904f11ac5a1b4a20905c3b9fdfe07971730df4160813d2fb42f5f1f3fbb9f5d465a18e78c960bbb1c2752a8700700294d9beca321b3bfdce08a0901f06e12aacf69420b78f70dfb8292b42bb16e21410e5c23a7d980bfe1176d94e6269f544ef9ddb19d3027fd2"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:19 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:19 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x5a, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb96"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:19 executing program 2: ioctl$CHAR_RAW_ROSET(0xffffffffffffffff, 0x125d, &(0x7f0000000040)=0x1000) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000080)) 02:42:19 executing program 4 (fault-call:3 fault-nth:21): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:19 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) mmap(&(0x7f00003d1000/0x5000)=nil, 0x5000, 0x2, 0x28011, r1, 0x8000000) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) 02:42:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:20 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = semget$private(0x0, 0x6, 0x0) semctl$IPC_INFO(r1, 0x3, 0x3, &(0x7f00000004c0)=""/163) semctl$IPC_RMID(r1, 0x0, 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 264.566648] FAULT_INJECTION: forcing a failure. [ 264.566648] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 264.578482] CPU: 0 PID: 15725 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 264.586363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 264.595715] Call Trace: [ 264.598302] dump_stack+0x1b2/0x283 [ 264.601930] should_fail.cold+0x10a/0x154 [ 264.606073] ? __lock_acquire+0x5fc/0x3f20 [ 264.610306] __alloc_pages_nodemask+0x22c/0x2720 02:42:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 264.615067] ? __lock_acquire+0x5fc/0x3f20 [ 264.619302] ? kernfs_activate+0x2a/0x180 [ 264.623448] ? __mutex_lock+0x360/0x1310 [ 264.627505] ? kernfs_add_one+0x4c/0x3a0 [ 264.631565] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 264.636399] ? kernfs_add_one+0x2e5/0x3a0 [ 264.640541] ? trace_hardirqs_on+0x10/0x10 [ 264.644778] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 264.650236] ? __mutex_unlock_slowpath+0x75/0x770 [ 264.655082] cache_grow_begin+0x8f/0x420 [ 264.659144] cache_alloc_refill+0x273/0x350 02:42:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd", 0x44}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:20 executing program 2: r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x0, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000080), &(0x7f00000000c0)=0xc) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x1c, 0x1}}) [ 264.663463] kmem_cache_alloc_trace+0x340/0x3d0 [ 264.668127] ? dev_uevent_filter+0xd0/0xd0 [ 264.672356] kobject_uevent_env+0x20c/0xf40 [ 264.676679] ? internal_create_group+0x48f/0x710 [ 264.681437] lo_ioctl+0x11a6/0x1cd0 [ 264.685070] ? loop_set_status64+0xe0/0xe0 [ 264.689388] blkdev_ioctl+0x540/0x1830 [ 264.693271] ? blkpg_ioctl+0x8d0/0x8d0 [ 264.697159] ? trace_hardirqs_on+0x10/0x10 [ 264.701396] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 264.706500] ? debug_check_no_obj_freed+0x2c0/0x674 [ 264.711528] block_ioctl+0xd9/0x120 02:42:20 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 264.715154] ? blkdev_fallocate+0x3a0/0x3a0 [ 264.719476] do_vfs_ioctl+0x75a/0xff0 [ 264.723277] ? ioctl_preallocate+0x1a0/0x1a0 [ 264.727685] ? lock_downgrade+0x740/0x740 [ 264.731834] ? __fget+0x225/0x360 [ 264.735284] ? do_vfs_ioctl+0xff0/0xff0 [ 264.739255] ? security_file_ioctl+0x83/0xb0 [ 264.743665] SyS_ioctl+0x7f/0xb0 [ 264.747021] ? do_vfs_ioctl+0xff0/0xff0 [ 264.750993] do_syscall_64+0x1d5/0x640 [ 264.754886] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 264.760083] RIP: 0033:0x45dd27 [ 264.763268] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 264.770972] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 264.778236] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 264.785503] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 264.792770] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 264.800039] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 264.978631] audit: type=1804 audit(1606963340.396:112): pid=15757 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/224/cgroup.controllers" dev="sda1" ino=16644 res=1 02:42:22 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x5a, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb96"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:22 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:22 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x10000, 0x0) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000280)='SMC_PNETID\x00') sendmsg$SMC_PNETID_FLUSH(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000580)={&(0x7f0000000600)=ANY=[@ANYBLOB="00eaffffffffff03e10000", @ANYRES16=r2, @ANYBLOB="010027bd7000fbdbdf25040000000900030073797a30000000000900030073797a320000000005000400020000000900010073797a3200000000140002000000000000000000000000000000000005000400020000000900010073797a32000000001400020064756d6d793000"/118], 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmsg$SMC_PNETID_GET(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x88, r2, 0x400, 0x70bd28, 0x25dfdbfc, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'team_slave_1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x88}, 0x1, 0x0, 0x0, 0x10}, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:22 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000005, 0x10010, r0, 0x800000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x18, r2, 0xfcc57734cd1352d3, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}]}, 0x18}}, 0x0) sendmsg$IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x20, r2, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2e}]}]}, 0x20}}, 0x5079e0ef42620984) ioctl$SIOCAX25DELFWD(0xffffffffffffffff, 0x89eb, &(0x7f0000000140)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast}) mount(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x5010, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$BTRFS_IOC_DEFRAG_RANGE(r4, 0x40309410, 0x0) 02:42:22 executing program 3: accept4$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, &(0x7f00000000c0)=0x10, 0x80000) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f00000002c0)={[], 0x0, 0xffff, 0x5, 0x0, 0x118, 0x2, 0x3000, [], 0x3}) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, 0x0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) keyctl$set_timeout(0xf, 0x0, 0x100000000) sendfile(r4, r3, 0x0, 0x100000300) 02:42:22 executing program 4 (fault-call:3 fault-nth:22): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:23 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x4, 0x180) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x44000, 0x0) connect$tipc(r1, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x3, {{0x41, 0x3}, 0x1}}, 0x10) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:23 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, 0xfffffffffffffffd) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000340)=@nat={'nat\x00', 0x1b, 0x5, 0x5a0, 0x120, 0x350, 0xffffffff, 0x0, 0x210, 0x4d0, 0x4d0, 0xffffffff, 0x4d0, 0x4d0, 0x5, 0x0, {[{{@uncond, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@ah={{0x30, 'ah\x00'}}]}, @unspec=@DNAT1={0x48, 'DNAT\x00', 0x1, {0x0, @ipv6=@mcast1, @ipv6=@mcast2, @gre_key}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@multicast1, @ipv4=@dev, @icmp_id, @gre_key}}}, {{@ipv6={@dev, @loopback, [], [], 'veth0_to_bond\x00', 'veth0_to_bond\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@common=@mh={{0x28, 'mh\x00'}, {"5188"}}, @common=@icmp6={{0x28, 'icmp6\x00'}, {0x0, '$\x00'}}]}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@broadcast, @ipv6=@mcast2, @port, @gre_key}}}, {{@uncond, 0x0, 0x138, 0x180, 0x0, {}, [@common=@dst={{0x48, 'dst\x00'}}, @common=@dst={{0x48, 'dst\x00'}}]}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0x0, @ipv6=@loopback, @ipv4, @icmp_id, @icmp_id}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x600) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f00000000c0)=ANY=[@ANYBLOB="f280ef844bdb75b0c5c5a95da1210fa8bf2ab9a046f1916e1aa488563d455f9967c3ccf4056e6aaad77b541d51fb515f3102df27f7c3b467040db415380628f2d2d5ab41522f794374d803dfb7e138b66203e9b53f7235eb1081c7539370f18ec7"], &(0x7f0000000080)='.', 0x0, 0x15010, 0x0) [ 267.601870] FAULT_INJECTION: forcing a failure. [ 267.601870] name failslab, interval 1, probability 0, space 0, times 0 [ 267.633352] CPU: 0 PID: 15790 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 02:42:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 267.641727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:42:23 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 267.641760] Call Trace: [ 267.641775] dump_stack+0x1b2/0x283 [ 267.641791] should_fail.cold+0x10a/0x154 [ 267.641806] should_failslab+0xd6/0x130 02:42:23 executing program 4 (fault-call:3 fault-nth:23): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 267.641819] kmem_cache_alloc_node_trace+0x25a/0x400 [ 267.641835] __kmalloc_node_track_caller+0x38/0x70 [ 267.641847] __alloc_skb+0x96/0x510 [ 267.641860] kobject_uevent_env+0x882/0xf40 [ 267.641880] lo_ioctl+0x11a6/0x1cd0 [ 267.641893] ? loop_set_status64+0xe0/0xe0 [ 267.641906] blkdev_ioctl+0x540/0x1830 [ 267.641918] ? blkpg_ioctl+0x8d0/0x8d0 [ 267.641928] ? trace_hardirqs_on+0x10/0x10 [ 267.641941] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 267.641950] ? debug_check_no_obj_freed+0x2c0/0x674 [ 267.641965] block_ioctl+0xd9/0x120 [ 267.641974] ? blkdev_fallocate+0x3a0/0x3a0 [ 267.641984] do_vfs_ioctl+0x75a/0xff0 [ 267.641996] ? ioctl_preallocate+0x1a0/0x1a0 [ 267.642003] ? lock_downgrade+0x740/0x740 [ 267.642016] ? __fget+0x225/0x360 [ 267.642025] ? do_vfs_ioctl+0xff0/0xff0 [ 267.642035] ? security_file_ioctl+0x83/0xb0 [ 267.642046] SyS_ioctl+0x7f/0xb0 [ 267.642054] ? do_vfs_ioctl+0xff0/0xff0 [ 267.642064] do_syscall_64+0x1d5/0x640 [ 267.642078] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 267.642086] RIP: 0033:0x45dd27 [ 267.642091] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 267.642101] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 267.642106] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 267.642111] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 267.642116] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 267.642121] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 267.658470] audit: type=1804 audit(1606963343.076:113): pid=15791 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/225/cgroup.controllers" dev="sda1" ino=16639 res=1 [ 267.812448] FAULT_INJECTION: forcing a failure. [ 267.812448] name failslab, interval 1, probability 0, space 0, times 0 [ 267.812461] CPU: 0 PID: 15827 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 267.812467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 267.812471] Call Trace: [ 267.812484] dump_stack+0x1b2/0x283 [ 267.812499] should_fail.cold+0x10a/0x154 [ 267.812514] should_failslab+0xd6/0x130 [ 267.812528] kmem_cache_alloc_node+0x263/0x410 [ 267.812543] __alloc_skb+0x5c/0x510 [ 267.812557] kobject_uevent_env+0x882/0xf40 [ 267.812576] lo_ioctl+0x11a6/0x1cd0 [ 267.812589] ? loop_set_status64+0xe0/0xe0 [ 267.812602] blkdev_ioctl+0x540/0x1830 [ 267.812612] ? blkpg_ioctl+0x8d0/0x8d0 [ 267.812622] ? trace_hardirqs_on+0x10/0x10 [ 267.812635] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 267.812646] ? debug_check_no_obj_freed+0x2c0/0x674 [ 267.812661] block_ioctl+0xd9/0x120 [ 267.812670] ? blkdev_fallocate+0x3a0/0x3a0 [ 267.812680] do_vfs_ioctl+0x75a/0xff0 [ 267.812692] ? ioctl_preallocate+0x1a0/0x1a0 [ 267.812700] ? lock_downgrade+0x740/0x740 [ 267.812713] ? __fget+0x225/0x360 [ 267.812723] ? do_vfs_ioctl+0xff0/0xff0 [ 267.812732] ? security_file_ioctl+0x83/0xb0 [ 267.812743] SyS_ioctl+0x7f/0xb0 [ 267.812750] ? do_vfs_ioctl+0xff0/0xff0 [ 267.812761] do_syscall_64+0x1d5/0x640 [ 267.812777] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 267.812785] RIP: 0033:0x45dd27 [ 267.812790] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 267.812801] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 267.812806] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 267.812811] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 267.812816] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 267.812821] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:25 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x4001fd) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_tracing={0x1a, 0x6, &(0x7f0000000180)=@raw=[@call={0x85, 0x0, 0x0, 0x99}, @map={0x18, 0xa, 0x1, 0x0, 0x1}, @generic={0x1f, 0x2, 0x4, 0x9, 0x20}, @exit, @ldst={0x1, 0x1, 0x1, 0x6, 0x4, 0x30, 0x4}], &(0x7f00000001c0)='GPL\x00', 0x7f, 0xfe, &(0x7f00000004c0)=""/254, 0x41100, 0x17, [], 0x0, 0x17, r1, 0x8, &(0x7f0000000240)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000000280)={0x2, 0x2, 0x3, 0x5}, 0x10, 0x14a6b, r3}, 0x78) r4 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r4, &(0x7f0000002000)='/', 0x1) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x6, 0x40000003, 0x0, 0x8000, 0x4, 0x4, 0x3, 0xfffffff7, 0x4, 0x5], 0xa, 0x40800}) sendfile(r4, r4, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r4, 0x0) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="7fdcc99d80842d89887d2622fb4bae2246ddc9e57c405f460f727d4c153d304e4e5d99b65fe98eb65dee4fd246270308c805ec2c35281760063a85eb403a449265acef1e2b7ec47daff7797dd4e70a9caa8e791480c308c30a6d3afa3ad8d78589b05ec16a5815f7cee20d2a88e5e2c21e2e77820eca315f8f8ccd48f4fe7004fc0e17bde5e20e37f389f430b8ae8c6b48d14e71a39b66a21f1b9ca614d117457947eb54629de811d49240b0b442ac77e8b36852301deed9a477a9df367213c7aa44d31d5ec224b7c0b4a49ae8d4b4479693e99e762b580ecc01ecae294881839770e8cfbae908d82a6f70d5de3a0a23a9309104c1ea37738efd2c657c01cff42ed3fc555ea0df4d3c359f7d0398c43c7a054451228ff7e8d1fa76a6cb74412f1efeee29cd7bef20ef"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x1, 0x0) ioctl$vim2m_VIDIOC_STREAMON(r7, 0x40045612, &(0x7f0000000100)=0x3) openat$cgroup_freezer_state(r6, &(0x7f0000000640)='freezer.state\x00', 0x2, 0x0) 02:42:25 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x5a, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb96"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:25 executing program 4 (fault-call:3 fault-nth:24): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:25 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:25 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$bt_sco_SCO_OPTIONS(r2, 0x11, 0x1, &(0x7f0000000040)=""/85, &(0x7f00000000c0)=0x55) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:25 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001880)={&(0x7f00000016c0)={0x20, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}]}]}, 0x20}}, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r4, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x1c}}, 0x4000010) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, r6, 0x221, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, r6, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040895}, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r8, r7, 0x0, 0x100000300) 02:42:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 270.602511] FAULT_INJECTION: forcing a failure. [ 270.602511] name failslab, interval 1, probability 0, space 0, times 0 [ 270.629848] CPU: 1 PID: 15852 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 270.637758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 270.647113] Call Trace: [ 270.649704] dump_stack+0x1b2/0x283 [ 270.653333] should_fail.cold+0x10a/0x154 [ 270.657482] should_failslab+0xd6/0x130 [ 270.661455] kmem_cache_alloc_node_trace+0x25a/0x400 [ 270.666685] __kmalloc_node_track_caller+0x38/0x70 [ 270.671613] __alloc_skb+0x96/0x510 [ 270.675241] kobject_uevent_env+0x882/0xf40 [ 270.679565] lo_ioctl+0x11a6/0x1cd0 [ 270.683189] ? loop_set_status64+0xe0/0xe0 [ 270.687423] blkdev_ioctl+0x540/0x1830 [ 270.691307] ? blkpg_ioctl+0x8d0/0x8d0 [ 270.695191] ? trace_hardirqs_on+0x10/0x10 [ 270.699431] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 270.704534] ? debug_check_no_obj_freed+0x2c0/0x674 [ 270.709557] block_ioctl+0xd9/0x120 [ 270.713180] ? blkdev_fallocate+0x3a0/0x3a0 [ 270.717496] do_vfs_ioctl+0x75a/0xff0 [ 270.721295] ? ioctl_preallocate+0x1a0/0x1a0 [ 270.725694] ? lock_downgrade+0x740/0x740 [ 270.729841] ? __fget+0x225/0x360 [ 270.733290] ? do_vfs_ioctl+0xff0/0xff0 [ 270.737263] ? security_file_ioctl+0x83/0xb0 [ 270.741667] SyS_ioctl+0x7f/0xb0 [ 270.745026] ? do_vfs_ioctl+0xff0/0xff0 [ 270.748995] do_syscall_64+0x1d5/0x640 [ 270.753005] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 270.758207] RIP: 0033:0x45dd27 [ 270.761388] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 270.769090] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 270.776355] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 270.783625] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 270.790892] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 02:42:26 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7fff, 0x200) ioctl$CHAR_RAW_PBSZGET(r1, 0x127b, &(0x7f0000000040)) mount(&(0x7f00000000c0)=ANY=[@ANYBLOB="c0a44078d9d48168f3b2497ffd83468c6b3204bfe1ce631bd8157875a6ead5ec0f00c3decff3734e543a2eb85d870a88d752"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:26 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r2, 0xc0bc5310, &(0x7f0000000200)) openat$nullb(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/nullb0\x00', 0x400d41, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x300, 0x2c) ioctl$int_in(r3, 0x5421, &(0x7f00000001c0)=0x9c) r4 = accept4$phonet_pipe(r2, &(0x7f00000002c0), &(0x7f0000000300)=0x10, 0x80800) getsockopt$IP_VS_SO_GET_INFO(r4, 0x0, 0x481, &(0x7f0000000340), &(0x7f0000000380)=0xc) sendmsg$L2TP_CMD_NOOP(r3, &(0x7f0000000180)={&(0x7f0000000080), 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x44, 0x0, 0x4, 0x70bd28, 0x25dfdbfe, {}, [@L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x4}, @L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e23}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0x1}, @L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x6}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x4000) fcntl$getflags(r0, 0xb) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x0, 0x2}}) 02:42:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 270.798156] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 270.805864] audit: type=1804 audit(1606963346.057:114): pid=15851 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/226/cgroup.controllers" dev="sda1" ino=16673 res=1 02:42:26 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0xffffffffffffffff, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:26 executing program 2: r0 = syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000180)='./file0\x00', 0x1, 0x3, &(0x7f0000000400)=[{&(0x7f00000001c0)="e573b3850b92c6f67172c979282375e0e0378fb64947eb9f9a3a2801b20c4333", 0x20, 0x100}, {&(0x7f0000000200)="a5873601cd76840bac005bfec6286003f18bbb9a388dbe02150ad74e3ad54ea40fb1438c9e2d81c9172074f121b9617309ed8c26fdf49859a8ca800656d6a6c7ef86220584e42dee7273fc3f0b7592fb1babd5eee2c7b1d0aab4bded1e5a859ab5281e032c93fe76ed204f963025f557198d8b6c014acddce91c60aa33755ce94218ed6863b0619bfbfa9e4919556c1ec06069886ec44b295379b60ff4d48588ee9423b77dce1f89566a3ec77a435d0af175ba93fc758f849bdd8281071528baab4742cd164352386a", 0xc9, 0xef0}, {&(0x7f0000000300)="4f27eccf7865b8535797a7da59488f6ac158cb721005ffecada9097f18978718cc94f184a64160fbe9989180e33b8b7c7c2d7e121f5289c1a06b893e623d44c18c2051e76db7c6d2bfacf9247a46e4d5d7f938474097193efd028c996050e851e65590783ae0bef8fb25fbf35a2c81256b44e4a271be377e515971f9fa0f25866b36a5dca9c94f60f3f6c5ae871f79aa45e3124043f506f0d7f5a7cac31a3515f0ee285325e18e9e72fb31224cfbf5066d9974e2d6711fb9163921afe678bb1302ea8b95c8158c5b", 0xc8, 0x59}], 0x80a, &(0x7f0000000480)={[{@rodir='rodir'}, {@fat=@nfs='nfs'}, {@nonumtail='nnonumtail=1'}, {@uni_xlateno='uni_xlate=0'}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {@shortname_win95='shortname=win95'}], [{@seclabel='seclabel'}]}) ioctl$BTRFS_IOC_START_SYNC(0xffffffffffffffff, 0x80089418, &(0x7f0000000500)=0x0) ioctl$BTRFS_IOC_RM_DEV_V2(0xffffffffffffffff, 0x5000943a, &(0x7f0000000540)={{r0}, r1, 0xa, @unused=[0xfffffffffffffff7, 0x9, 0x263d8000, 0x9], @name="9edbec2651dceac3dee1c11f411621876620ea94a9742a3946649e6252959a5c25b30b582f644defd72cce18e980351d759e50391813fa5f6931f2090360ef1a1dbbf41c25d1c3f9fe0b29ca11745c3671afc9960840e6c5952e822d3432af77d890f5a2ccd680eb3a9f82462754e1bbb188a9244e261c56c8a013db14e3d2a215564ecc552aad434bd9755ec1b31e6ff26a455580bf2b5da52b3a881b036131ce8ba0f12610ede0e89f6c9bc197e61879073b12cc67b06f3c896d3b8e66db17f1ad9d40969c7e43eb26faabfc408845b9c797e8e8fb7ae0c8b9dbd4030a9b6520f1232d1d2f7d4a5e76cf57ec6925d216da285837470e03347b8e642520351126121016659ebd02572648c8515b771873f4462aeecc2048cdcf567bb23d8cb10b02fd6d15b08953f4f2ace12f69d9ec948fcb92ea06125622a1789668106c0495db56a390afbad4b8b2c15dca5c2b622a22bae0c9cfdb431295924296a566e0ddb30fc480a0d266a8d1b9ffa961b0c1972b1ab743385fbe4e78e444d247a5c828684f7ce4fa1f41d10f85e9b20d1c1ae2ac708cca57b746a39cc2c644174496aad2293e51a5bb1eb7d1ad5ff460e703a28cc21f437f81e6dbf8c5f306f83dc3c242579c06c22c5ff65c02188072781c5ae7b48d178b434807065b109cea68dc6a9a56355be42d9c2cc4aee1419d7e7d3b9211dd4456502d30d732e35ad7f4ba9b2c67849214887dc59a1b11798b4138faa9bb8e3a23f02fd4e41f5cbd989e51900d46107fd93ec095156760cc4a8294b8d875f9760426bd0a5e76b355a0e4b81b4e7df94b801ccd841d3f29082e0d2b9bf531008d0d7ef2885d4c9f06c346ca3d16490cbdb492b924d3b5d459b82ccd01c748b938abda19cb46330c9443bed575a284491b912736ea1c91cdc407651b6778a1688fde5a8972c4188849a22839d5d6c9955e8d51b552cd66d33ba04eb6467369317e386a504c39fee192a3d7c094982f8ff5c36bbb865d3eec47e7b3ee4c6c67a5c22219f5ff0a3716fc53148e72a9b409b8c4cf8f227c641dc4ba5a5a47b0f0d6f58741d2c7674ccae4a3ce4d08db8337ed323638cd9d72f37a40ef6ec2d73e33eb4284c40632d5a97754a232e697e9522bb866db55cf901b9c46dd581827f52f0cf9ba067970e96b6a67afa385dc069228f34e8534dab6631c7a73fa9343a6b4405a8450491282654a3e40343dac0c979f4b10d619d0259efa7edcbabe834138d8ddfd5f887b4f6812e56a38cffe345d6ac2fece0b782863766e30526541356e502ee749d863b3f9de300bfaf6bd1b321749b3123b3321e3e57504525c90b7926439d1634ae510fd79a1812b6a5638e9d2509f13220638a84342656fecae4f73c75481b9346aa11034edafdb579ce84ba0e263eb0484f3ea24186df73be2367e616f0b732ce543a9350951042d70ee417bb0a5f8a475c6402bcca671dacbfac6b76f191130929078ebb804b1b1197344f618a17a20094a551bf071fd199a2501de6e016de1b1df2c06042248f36e5d51133996e7ca28522b08e9e4eb3596b94be979217f5c66bd103a11350e26fac739c9c9d749ea6424fcf18b763addf93a46ba8f7ae4bb382ce23799cf6dc70594c012169d9375f0db1bb29479221045f7aa62907f082c812b7d045a274ba1e33a80ef6cfb6c67188dbc28ec5ca7f028bda840963b3b6f88d328a72b3f4169a69c7447f6f2f53700ba69b5a66f82f2b2107195ac696a5a5512cdec0118da1170f86b04ef8b6cd6c538651899081653f904772afa6cd6af1d0d3c8c4c5243ce0478940cb2245e4093b97e4983bf977896a16d7ae601f232a25658e3038d3b09095aef8a222b9f6f6f7ed7609fa7501d19bf3567100ea184582046a82f7fe4a7cda3ddc6adfe23ea46cea3e7615f6af9e34553d8550c5d4e17f336ced736edc6b9cea77d1fb2ee1cce5a3851297ff7e6652eb37c4d8dde7bbf0d9c5094be5cd2c74b65fe216acfb44b54c82914f1e894bd34a1bacd1d17045f5b46826137fffe17d7209eb015b4e3e2e548f87854bb8f48987bdb74bd447fea7dd7fa68209954fdbf5cf4506c550c9527cea783e6fec5aade755144567b718668cc4e20de3e8127107a33937a74e382b9893c1c537e1b46df4899eb3964cf89be16962494fed46e2c1bc1dd0da80ad101f3b1909faed48597dccddd166f4451903320cbaf2aeeb18073bd19f923f96a4a999b487279e9597c22440bdb5f091180b3c5107affec05646018cafb12267842455e1627bac6dd4c054cd2202a092def04ac38668cdae825c0037e4eb0d215581f02754910b8c17f85169631e380ac4746f055db311159aa25cc1ec8aee8c615298dc292d8f7f7c829d4ff8e4c8193785acd4c5de457f20e48db50b4e840568b642f674d6d96b862c09ac02f721aa1f31f5a2e867bb557816144b3bda8a9a3e66e6371a3fd928e437aeb6e35278d38785e6776f0ad035a6bf08cefd7cc6b4ca11a61c843ef8479d2720bb39ca7f60e00bde36368f46156c7cfb59458a07c5c46e602f2cc852692176db2fd187c30ddf9a81ff0d2085470f9dfd3bfd34d6fffba46d9904ea1dcfe221520278453790b38369ab42384eae2c48011d078b1244176984ccd27cdf8f07d8f5a84a1aa3034b4ce92b059f5bf3e7158b8713061bdc2ac39876cd0de237c559fa705708053296e3b2290b0531a13b109a74236a152ff84a7e598a6f84ad18f1135dac04d07090cbd590ca639a59bd58fd6d32379934f375fbc2cb657c89c45e69de7ae03ff348c593b66551326645fe0e04cae4c4075da4449da256ce1e40bfeafd2913968b73f370221ce75c5ddf4429b563eea73e101a173595e856a38fb25bda906db2cc793237c99c842065b9a702320677f8adc57f835381ef83dfad1a34373d9d78bfa34404f228c2082e6ef0bbe1f52251257aca12c05ef98b333e54b23293a44d3d8cb0966b8cfcfc9ec7956a99b9c67d532947453ee323fcbc92b5d6c4a35483be3580dbde1ccfb3c250c3e6c672cab7c3127655e315f2d7a561b3f35cee175b24ef5cd043696be90a4f012b9a12869eb9ec30a8495099aac9736f61582a13fb2d2b249b75f9793feaf31a7dc30ede6c5494e6bd480c66d16f2a02261f7fe2da68253e49822b8913fed5d4965eb98811957538fcf85770ed5a6e97676122f2ff888bccb9a240b37c68b09d71c77817aff7de0cdf994f9c56d8e07c9422aa3bf7deb3cceedd03eb6787980d77572914731b72bc28bc9065efa691c3430529282217efbb126bcb3d44fbe5c1656011b837a716997b2f2201eafc660db7af446df5d8ab513171db2f3f21e24723afbf6a69175f22dd1a9a753489b5f840a45439376d6ef78d8bce394959399e0f2c4ebb2a581c95aff8966f38d5392be3b85e45d8976d94656313ab49e7435eefe091c51746c94cf5d52d873bdb3b9103a3df4a17523d55dbea819f37c701848c78e33c581296bff17de2d90837c3e8c2b7ddb1d1b7a18e11c2d7686ac884a58939258bbef53bcdb516800dc0d948d044ed56becaa8793761f7fd8922187b090b8acb3822f7d30a163411d5508559c3eb2dcc588830b3b3ad9a0ce9f61421ddd9d66a3360fb54bf8fba3280652be601dbe2376917bbe106729e0dd2cc25a49fd81df9fd3f8fbc3448b4c2994b85abc0be8e73a833abaa96cb88067e5fca409fc31b8debac05f2b286d76a31d2bee43e21b41d6226d24986fc69aebaeaee20c82a472c5cd6fcdcf24b0f6b4208e6736dd54cc9c76acd9c2197d8baae9da7d5f51dd8daaf6b53517054c46c9ede784bf5918394ef0294076fb872c21a160360963abd6a4cad30a97294cf1e7e5bda7ce8493fdd66fa9d93628e1e3da69b590bbaaf35828574e42df77127c5bf0ddc7c7802775070a0ae520c012e7279080fda746a5773f568a6d92180b291a8429577ec51359ec6554e2c6e801fad41c043afc786f9fc38ad2d2770fbba00de49101647ed59b9349b96399e31ab43467f4af07c50857a48fe9ce4edfeca0eeb3d3acd0c00fb10f975cb4c65d689784ef20c232d9836a6239011b87a200b246d473036e4b26d5775ba6fc2d18f9ab2c1b96abc6b954ad8808d999e72439cdf8e617cb173dd537f5e64c6a7ff6e164cb03dfea7d8cde6f4f16e81670740b9eaa59b03a58d945246d08806b492e23fe39bc0c0bf6f9540fdfe0651c6d48a42e7f6a3dbfba14a8ee691ba0c3826fe530857d785788c0497eaf7bf0723436b148d768bd484ff630d8b5b2ce288936a84d30fa6413b6c68944c67c779eb57e13eb5be4443a0ee2839a18b57a60cb50c1251c97f541a04554471f6e8ebfe1ddc62f8b589842c628f54bbdde04ebb3933d3126b96ddc5af8102d57839d753eea4c1a9042fc82b4569a74434f177d446d5fc533103a833d896dc2333e158c562a9f86ec8c44bc00e5b548f2e5453c556143ce51a71691e10bb1c90c8710f1f529bc22b17fdaf7c984dccb3e03c7ea00100416fabb4061c8981c740bede20fae0b420af9845e9cf6667418f389d1918229f57384a7feb9368a9223df2e67ab94b6a5c61c64ab4fee113a2b314d04fe8b34e290dd2e4c49415f866dbcd8e96fe73366995014e5ae34dc8ce6f55c55b28cb2c25c31b1e51c9a2d84dace6be8e52dd57d723b187e246ccf00d834efbced993cab358dbb1b4d9db9b82865ecbf11891842a90ada3fc3c633422bb6c948c5e7c3c1a19840e853edb9801ea30b21e462c60f99210381355c826d18386168be3651d273ab103fa4c85acddacbcebca99550977a495c68b84950e359288720db74582573a2f0c64135708479d2c5b7bc4b100150b3e3a97b0fb6a64413c5eaaad50fddf18aa62fe2bcd2dc815a27d215c9edb1f2c9cd671121d7492b0c67a1a96d17a2c6f91946917579d0d652f4a4593482dc3b47f8aa6c045d5f0a7f852b95c48e61d2e1b310710842bec3330be6ec22c401da76f4fa648616977b5408436865c997329d30ff623b134cdbfcde72c52797506cb5e1eb3df6df52f2e34fd6311450d4b62e4724751dc1dedfb8990b2a353e6b2ba0ca7ad66245a8224406af42816f48c7268232c88310b1f2a6a73c7cfb990b98095689384a1d9236d17133aa1b0b134093861637fbe6c63394af001e3c4a3c2d58ef4a4d864cf5e68f452f88fa5775b4123f9d08fe9d9803c8b74602b93b87b0cb3b338d692abb4157d7b06b4f8941270921bf03731fe4fdc7b03b2994212a6d348628e338574720d072a4178329b2e4020450a49a8e9a7c6921f3f8d30c9d8e533ed547762bc1c3bb9730faba78512ee35e898c77b6266b91907720be81b01352bcaadaf6e50dfdc6faf5e7fd26dbfc95b755c2fca38ba2693617f274a8d390b6fcccf5c9af2c3f65ce70f4ef1c0ad514b39b22c8880231204bfb6ae8ba17f11bda97128758ec102dbd97975e18cf485aed14bb35e9b265fb2d769775e70899dc0b3167a510f6a74ffc59c82fbdf53d49ef722465cff860a1b9566180987d4f5812aa8206fbbefa23509d9a5ae87fcae8743de7073e755ad24e57b9a03c007f8e5102643b41c84fcc107c2ec57bdc20f1b48e2046e9495e4d78bb12315f22632b8a561b86e0371c5e306f727a6795d67d742bf03e063112ef8d1c3a671aa4fc416abc99f57de8c3048afd6850f87f407f1a7f0bb8fba4948873"}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0xff}}) r3 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80000, 0x9) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000100)={0x7fff, 0x0, 0x3ff, 0x2c, 0xd, "55f2759b4452497941a0b4e4bb26c7191d2fa7"}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) ptrace$peekuser(0x3, r4, 0xe79) 02:42:26 executing program 4 (fault-call:3 fault-nth:25): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 270.986895] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value [ 270.993715] FAULT_INJECTION: forcing a failure. [ 270.993715] name failslab, interval 1, probability 0, space 0, times 0 [ 270.996761] print_req_error: I/O error, dev loop4, sector 0 [ 271.017132] print_req_error: I/O error, dev loop4, sector 0 [ 271.020173] CPU: 0 PID: 15890 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 271.022968] Buffer I/O error on dev loop4, logical block 0, async page read [ 271.030710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 271.030714] Call Trace: [ 271.030731] dump_stack+0x1b2/0x283 [ 271.030747] should_fail.cold+0x10a/0x154 [ 271.030762] should_failslab+0xd6/0x130 [ 271.030774] kmem_cache_alloc_node+0x263/0x410 [ 271.030787] __alloc_skb+0x5c/0x510 [ 271.030801] kobject_uevent_env+0x882/0xf40 [ 271.030819] lo_ioctl+0x11a6/0x1cd0 [ 271.041391] print_req_error: I/O error, dev loop4, sector 0 [ 271.047233] ? loop_set_status64+0xe0/0xe0 [ 271.049841] Buffer I/O error on dev loop4, logical block 0, async page read [ 271.053395] blkdev_ioctl+0x540/0x1830 [ 271.057609] print_req_error: I/O error, dev loop4, sector 0 [ 271.061463] ? blkpg_ioctl+0x8d0/0x8d0 [ 271.061474] ? trace_hardirqs_on+0x10/0x10 [ 271.061487] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 271.061497] ? debug_check_no_obj_freed+0x2c0/0x674 [ 271.061513] block_ioctl+0xd9/0x120 [ 271.061521] ? blkdev_fallocate+0x3a0/0x3a0 [ 271.061531] do_vfs_ioctl+0x75a/0xff0 [ 271.061543] ? ioctl_preallocate+0x1a0/0x1a0 [ 271.061551] ? lock_downgrade+0x740/0x740 [ 271.061565] ? __fget+0x225/0x360 [ 271.061574] ? do_vfs_ioctl+0xff0/0xff0 [ 271.061584] ? security_file_ioctl+0x83/0xb0 [ 271.061594] SyS_ioctl+0x7f/0xb0 [ 271.061602] ? do_vfs_ioctl+0xff0/0xff0 [ 271.061613] do_syscall_64+0x1d5/0x640 [ 271.061628] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 271.061636] RIP: 0033:0x45dd27 [ 271.061643] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 [ 271.066201] Buffer I/O error on dev loop4, logical block 0, async page read [ 271.069800] ORIG_RAX: 0000000000000010 [ 271.069806] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 271.069811] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 271.069816] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 271.069821] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 271.069826] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 271.259755] print_req_error: I/O error, dev loop2, sector 0 [ 271.270082] FAT-fs (loop2): Unrecognized mount option "nnonumtail=1" or missing value [ 271.387494] audit: type=1804 audit(1606963346.807:115): pid=15909 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/226/cgroup.controllers" dev="sda1" ino=16673 res=1 [ 271.410449] audit: type=1804 audit(1606963346.807:116): pid=15910 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/226/cgroup.controllers" dev="sda1" ino=16673 res=1 02:42:29 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x60, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5a"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:29 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:29 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendfile(r0, r2, &(0x7f0000000040)=0x400, 0x1) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x2, 0x0) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f00000000c0)={0x2, {0x3, 0xfffd, 0x3, 0x0, 0x400, 0x3}}) sync_file_range(r2, 0x2, 0x4, 0x0) 02:42:29 executing program 4 (fault-call:3 fault-nth:26): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:29 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e23, @private=0xa010101}, 0x10) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = inotify_init1(0x800) ioctl$BTRFS_IOC_RM_DEV(r3, 0x5000940b, &(0x7f00000002c0)={{r0}, "134e289b201e1a85f53085f91f84a309ee9c7faff7aa54536b7a7b4ac2980544a88672cd14748251bb3c57fe0c301cded120ee5de3795c60f34c3af8cfacb08fbdbf98208525de17c82014af92ab871a5252f5190e5e3f602f03e22f86eb254a8a0cf9c37cad8399cbb7a61b8aad79975cf3306db9026a02256b4aa6a179970b4aafb6b64e864392287347d1e5e0dae07c21b127950ffe5bb29b0177c7c94d60a1e3deb6c2e4bbd44f926c7471b7a040c600de78903b4826937372ad615cd41f0e383f9309bcf1e1bacc87bdbff49dcb5390daf57487fee844fd1670929ee0137337341fd0b15e21fdfa3bf00ac965027b931fe4f70adac89af300e2de9ea6901597d0e40a09ca2e0748853d8f798ff9d84fefd1a302172f4b219d65fbb6580ca0b385867eecbfdc162c0eb096c2319ca5c69f4e58b4a1458a7876c3e8b0f8ed91d872631a0f74ac23bf7d6bffa2bc7894d0cbf44311bb026b8d2605cba0eb595bd43b9a69a061fabcd80058ee931305abdbf8e7bf04a7ba68aebbbedf9a664697a025b82304a3cc34b308459486a7c4fe9a56161242ecf0ab85ab2241850b1adadada04a84adf31bb23b47c021aad5f0689e5854fea9608aca070c98a1373f068852789110b37e707d15b8e75a02fecc82f993b74124b515cdd67ef4df0347333b68def7f542f08f975d8efce2dd60473832ec7cd8580608762bdb4a90d001f1cb5bcd6e7f06273f27844b1122a46d039144980e9860ef4b8089bcc67bf47561aa3dcb3d920f80f9b50be782c8e3896fe03f94aeab67ccf37d7e7135f6a29c2dc8f4675d12ec4aaa8295d444bfaa94d0a6776f29ace39aedae66b520ff228cfc6bc6ceb135d97b133f08646896faadaf5db843245bef4cd743723c3f1f3d8bb8b1ea90c5b425562f7bfacc8effb78386685fe0832806497186eabd7f14415648396bbdc3bf15ab411bf353ecdc99f5e6cd0f3e963e8ab0e349e523b682864386bff4c6232d38461c053bcfa7604abcfe498f2e08b7c0d5d525278fc080cab7a9b7fe6e7c1b8a473c4a3af4dd027d0b194e4de23fe7eafe1a4fbeca0b81b8d78e75139f0ab8959d0f2f4d72f6c494ec71ffa2d4d123016f6e76526a50de649550879a7523dda68c9c040c65ac1048a9be6f598513ad8093d0cb1c150170ca1abcd3323cafc48d77aca72c8f1dcc56da556fb743e7fabf65f9ea80b3be2f18abee4db4b81fc65fd41f66024fbcc9fec011eb68d0fee2b8de3d2d05581fce17b4a8d7b61031f049a0bf983e7b98522907d822a6d02c0fd88dfda6d839578e7e90a10d9e91918a62c885695d9ab7aaebca9354e8bfeeef6f3c54137c500deb922fb32a76b5d8ac4e267e735f741cf7b2d101464e60c66d98eec107c119c94dd4a4270095116e52f4841115b970c82afd1a914f295f929aea850f970c6f0d2dc42ab8b6fe9866edeaf6b055977efba667a9301cdd689da4191067062bd6143df39b64c47843f584a171ec842f39c463dd21185a2b41b64882bc4a6272f134bf677bd5274e418a66ae103b2e5a08f7ded11142ffcfbf14f7da85fdc872671ffdde4895b13d25b2fe21fe9d7e3591e6529c2c4d22e5b34070b59b54a922d8bba13f507a4fb6a6730e63a28349148810f35777a4d87c64cb99cd4d1e2e0964723afe56c0dc99f3e3085a7300837b1cf902235f47187cc84e75255076fc2e7e99ea27d8366a13a9e5b85a726b5c87e4e70889318d6b7dab01b7f92579f0af9e834a737b82fbe70424ebb3c85abbd4401980d15b1c86e1183964ac660b0bd32895098135440cfcfd0ea8463b9102fae93b9713aae7b7e594c6e19ece40a5794e0171e9fe6934e2f095d5ea351592c5c3465eeae1e4f3f2710bb66a86a70403ffca8f1b86e916b8976d409fcf0685574003b1ba70ca23097e397564b85fe9e8559aa0a65f86669eca67aa94d9b54b4b793ba4da404848861e58c46d8064efe896705af7eca3e7a81990f70d419f510edef9045aedcfc3d4da53f392347d9f5e1608eb0e045ae7152c39591169e44aad1730c90553c6881071fe927e446d8147394c11be019cfbd08c8e9e4934c6893bdb3888ba39c3af4b128cae8687af70b497a30ebd3209338bafab5b68a8bda87c37f0bc424b9e39cc0313fd79b16f32f53bde88118258ab2872a2ac2d21df68969ac370d4249a3cbcdbec7de49a5f1d52f8d4cdc6c6d56e6dce3115181d41a0199635b442eb34a7a5a96e3eb4bb4cd6ac9f112b0311e27a1560d3f03a8b9c5084cc2ab799bcc612664b3257c59f6612e4647dc7dc7327c8bb605c146c250de768e40bf249e67c63cf2c7e80bafbefd1115fa72f404f04b08c8b92fa464a149429acfa5d7c1046cf395e6223b347a41252338e608020050e155f40f213cd62c7a845f4e9fc51041a962a1403ef0f3266b1cd050f11ab0503bdd36020910bc293232d9be83e0b3482bf110d3429addde961f78c77d924897a45be10f04119d0b408d58b0a86620a85a84749689876d6b70cee72ef131328383daf1b6e708a44ea5fee3df1e7589ac56366f7c7fca42dfde72074fb490a8eadd6a29446f04ff6d6f239f16dff443243097f763a3a820de13eacd0a92fd5d72babca9521f70f671116c61ff2761fa8d3924ec5706645876f8919d5abfcedc9c31f74f378835692510c200b8162b43b1d5d8251fae2bcda87356a65f5f0a31b5f64650268c5c08ea59467be9201253307318831fd80ed5e1883e43c15d46526ff66a6aef1e2c9cd0b6255e538d15a430e8c4ec4a5aa63a75b2d32f6ab3982b792e4fdc4a8ed945a7ddfed71ef4f59e39b120697cda105fbab29a37883d4e1e2dc9c40180a85c90edcb85afbd755a8f85e5499b1b334bea92eda01b0990ed1492fa1d1905ad28cc183de3db77832d99b38aa2c4189b2ee1b8c139bffec0374446b51f1f540fcb32d59c91fb93f350cb9c9c063412adeafb0ab6ea538be900877bdf2b4caded2f82a7a292f5922f4be1fa32ecfc81ee366326c4cf55e2174decac14634faf2a235be2dfa5c8aa9d0871a86af0be2d812e273e559e0fdc2583822a8db9e976a08245cf41d6b1eb8d1354ab108c293b71402973b34b582c1a3f3af586805887c891d4de2e4aeabd5d2aa878d4aa8fe648148dcb17fd02dc1bc09130e7ee86330dab85b103f29354091b5e686cf638e7f94cd656bdd870cb22e540a6016b500de17c59a15582400f4941bb12c3afe63cb5229eb611036bb8c076ab70dad958bc57097865174deebacfa12fbdf49b5e57f6a04e37340e33cc91337ed590c1a4cd28575713ea9af842de747f6f38c6f362efedaac8f4155979253be86ff87d1639234af63b970f9afcf20aa9e1ff54c1d5355b9bf37689c1e7c361ce64d424a2e38992840824a7af7358a1fa42e283e0ce796c023955e7f47d3b46f34f1293342e31809b9662f4b5efd069a7b3c1851c8d1fc06159b90fe143e8eb850f68badf48ac68b23bdf154a808d14cc731973d85fec2008cd6fcba5a98b39c6da6f23e2181cb23a9e8d17b618075e7267080d0e345fda54f807a951f25f3ad054aebc1cc5440237309d39c191de7615b3bf858b281cb75de2e098439d569cb1b17c2d9f056852f354dc7057f9cd65a79335c724b363927e2a3846b7a252fa1a5e0dd1e6ec303b482c350b2d28c1306c2ff5fa3e7fdd88120aae22233590fda1493439479bbe7fdb754ea4d3cfd3b4c0cdb8949849850edce3dcb3192bea079da3ff19596ffe0174d9d6510044155d155907993c3d116a4a4642e3a66faa9de8b06102d8f09aab429fcb507ae8cd06e28f5547a6e1182d8b5281b6809fef58e487de0d330abca26803ebafa1118fcae6b8fb643bcd7f108e770b34f862cd79c1e1d7692202834702e772377543b2fde130ca2e50644643f18f3d9cf3dc9b8a880020f283aeb7a5aa95cfb994df05b4e6e1e1d7f88d066e75eb7bf565dbd1196b9c34180d53b9f1958c2cca55a1c7fe14855c0c14e81af61d0a52de4c73ba5e968f82bbfb315ee844821ccc9ac1bdb163865446b9e03806920504a6d74f0d02d66e9a46071ffc3729678dee316d774b0f65f91b75fcbd5c36ec79ba5c93457e259ba71050f053fd73f431cb6de8cc19c4923f5d70500f4c38a8e80a1d92789332a51bac676595697e35e13b2684e32a0d20765464c7dd447437b424c9a024b675db0d6b81c92b0f6923621bb273aa993ae4dba0e368655895de8cac9664735e2ebadc9e48c45f0319b21ebaa85003c8bca365b7379b6f868158cf67b5b189a54df4c4fe5d82e4e2da5384f28bc445433d49853d7fa36f18fe63a5b0fd7dcb8bc34f9bc120a4f5b8a95500c675f3f09e8d850f0c78f973c1be0457d274e1db8dd984a83f24309a5495aa2209f654d12cc69e9c90f05a0cb2e04c2b6ebffafb8e051143710bfde270362f3fc537b6c523b696f3256e24d659190affd18c870928fd8c929820de4eb1b1125cd1b329f9ed125a63cbc3b383d128ac3ae96ec0e3e678d2632649a18c58796eb41532dfc2e5c3289f592c44eda7742c570471b7818574415abef02346b8bac2db87f39d54e4842e6fa6b506d707f346d67b469c7a473d39fd350fe169d9316c2f8df1abc188b7365318dc5a2eaa4a5c96c52953eeeb781ea63da8d247b1254ca8494f83b76c35a23c6adf76b070355b0905927b1c2acb1b57b8473c45d71bea1246c28c47b143beb3d68e9fb4842fb48af829436db17f65ee320efb4176a9303ccd1526dfbcbea4b3f9a36b748ce3d24616e692de5a2ce691203ea700b748af05c04dc4aee26fe7e93bfe126b585bb225a4a108d030bfeaaf007828166ce646d4557253861ead5a99a6813bd46bbc04f0a8446d888f7c94155ffd229cc7534479d5aa2c71466dcc191c0682a81e5e7e148c643fe199535d6ea779287c170e011b8871e80291ea6d5dd0baae807da4347d381b391b79802b3ec09608044bfc2411436313b63fd97c966e851f2ea28219764d206a3ef42dd3e2bb7e71c3ace02b97bc490d7dfb0cef730b048516bbe8da7172e973392d47420ebd330b851a939777bc783c14560fa6bb3b20ad95dab5a897a9ab35eb766c205dfc9beea3ce364e6f32492c0c2955e51d26ce7d82c2ce7898f17f9fcc2cb182a2107b884e4fdf67c5d2da2cd51ba4b12311c3adc0fe1aed60023e195071310ba80adff4ca15ad5c789b9891a65db5cff727faecead4703d1948374de15fa35699bed71c8f6915de0de6fc169a4e2e192506b90ad57c137fb338cfa6ba7758b13d251ae9f2df4e9d434b43296298304783ddcc508295210ed2a7107b10001d7d067dae095f328f0105316214272ed4e4f6027419da2cf7360d800446f92e123da3df101277a710372ea92de34f011ccd2c0eff6b1838d937300873cb92f23d66ad632f4b3dd17ec462640f3e58bd5bb7e8c4c40b1378606912be58f28451900cdccb1c8a86c646e53688546cbda3acc0383956c999ee2acc14988537188447fb22c5f8152fa80f77c2e774370b01cfeded82872cf883abe96c574df756a037fb6a6b4e0885dce82d34238f86ca9330e5e237aa9479faca3755a2df054326c2a30205233b639305ad0b2e6f170aa003564f3d294ca8733b5cf4f478da70c635bf3964aebac11d2c194001fd7d882a5e42ec3c3785414e917342e554135a2282e048fc05e2bc68dbf66445fb9799be5bb72487b882741b367fa94a9eeaa4a4c3ea43f42410e12e71710cb8ac758d67fb2b5aaa62b830d525"}) sendfile(r2, r1, 0x0, 0x100000300) 02:42:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:29 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TIOCMSET(r0, 0x5418, &(0x7f0000000040)=0x136e7d2d) ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x41007701, &(0x7f0000000080)='\x00') [ 273.635922] FAULT_INJECTION: forcing a failure. [ 273.635922] name failslab, interval 1, probability 0, space 0, times 0 02:42:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:29 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f00000000c0)="005ec8a6ecb7efa4236158d01c092fc0d10989b4f729bb24c68f2668feadd0fc037c8eeca0c39cb77a1447b05c85c28fdf9e1496b63d19b96499a35c1a40a3c6485f017322698dcd12d59df442032e3782e6b10f2bdd41876accfaea3dd7c09135415ae0e96d3fc54c54c8eb9acfe9610358f5411be4f08a5033be49e8960547440da052bbda8b923475a69e0756b02c4127", 0x92) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 273.686098] CPU: 0 PID: 15924 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 273.694021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:42:29 executing program 4 (fault-call:3 fault-nth:27): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 273.694026] Call Trace: [ 273.694041] dump_stack+0x1b2/0x283 [ 273.694057] should_fail.cold+0x10a/0x154 02:42:29 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 273.694072] should_failslab+0xd6/0x130 [ 273.694084] kmem_cache_alloc_node+0x263/0x410 [ 273.694099] __alloc_skb+0x5c/0x510 [ 273.694111] kobject_uevent_env+0x882/0xf40 [ 273.694129] lo_ioctl+0x11a6/0x1cd0 [ 273.694142] ? loop_set_status64+0xe0/0xe0 [ 273.694154] blkdev_ioctl+0x540/0x1830 [ 273.694164] ? blkpg_ioctl+0x8d0/0x8d0 [ 273.694175] ? trace_hardirqs_on+0x10/0x10 [ 273.694189] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 273.694200] ? debug_check_no_obj_freed+0x2c0/0x674 [ 273.694213] block_ioctl+0xd9/0x120 [ 273.694222] ? blkdev_fallocate+0x3a0/0x3a0 [ 273.694232] do_vfs_ioctl+0x75a/0xff0 [ 273.694243] ? ioctl_preallocate+0x1a0/0x1a0 [ 273.694250] ? lock_downgrade+0x740/0x740 [ 273.694263] ? __fget+0x225/0x360 [ 273.694273] ? do_vfs_ioctl+0xff0/0xff0 [ 273.694283] ? security_file_ioctl+0x83/0xb0 [ 273.694293] SyS_ioctl+0x7f/0xb0 [ 273.694301] ? do_vfs_ioctl+0xff0/0xff0 [ 273.694311] do_syscall_64+0x1d5/0x640 [ 273.694326] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 273.694333] RIP: 0033:0x45dd27 [ 273.694338] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.694347] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 273.694352] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 273.694357] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 273.694362] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 273.694367] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 273.754467] audit: type=1804 audit(1606963349.177:117): pid=15925 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/227/cgroup.controllers" dev="sda1" ino=16387 res=1 [ 273.856539] FAULT_INJECTION: forcing a failure. [ 273.856539] name failslab, interval 1, probability 0, space 0, times 0 [ 273.856550] CPU: 1 PID: 15955 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 273.856555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 273.856559] Call Trace: [ 273.856573] dump_stack+0x1b2/0x283 [ 273.856589] should_fail.cold+0x10a/0x154 [ 273.856604] should_failslab+0xd6/0x130 [ 273.856617] kmem_cache_alloc_node+0x263/0x410 [ 273.856631] __alloc_skb+0x5c/0x510 [ 273.856644] kobject_uevent_env+0x882/0xf40 [ 273.856663] lo_ioctl+0x11a6/0x1cd0 [ 273.856677] ? loop_set_status64+0xe0/0xe0 [ 273.856689] blkdev_ioctl+0x540/0x1830 [ 273.856699] ? blkpg_ioctl+0x8d0/0x8d0 [ 273.856709] ? trace_hardirqs_on+0x10/0x10 [ 273.856722] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 273.856734] ? debug_check_no_obj_freed+0x2c0/0x674 [ 273.856749] block_ioctl+0xd9/0x120 [ 273.856757] ? blkdev_fallocate+0x3a0/0x3a0 [ 273.856768] do_vfs_ioctl+0x75a/0xff0 [ 273.856780] ? ioctl_preallocate+0x1a0/0x1a0 [ 273.856788] ? lock_downgrade+0x740/0x740 [ 273.856801] ? __fget+0x225/0x360 [ 273.856811] ? do_vfs_ioctl+0xff0/0xff0 [ 273.856821] ? security_file_ioctl+0x83/0xb0 [ 273.856832] SyS_ioctl+0x7f/0xb0 [ 273.856839] ? do_vfs_ioctl+0xff0/0xff0 [ 273.856850] do_syscall_64+0x1d5/0x640 [ 273.856865] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 273.856872] RIP: 0033:0x45dd27 [ 273.856877] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.856887] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 273.856893] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 273.856898] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 273.856904] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 273.856909] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:32 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x60, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5a"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:32 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="322b898839559bb86c981742d4e9edf0ee6eb5364aa06e66f0da76eabf81e9b9ebe1a02cedf0668da061b5b1ab1fa9a51cf58eb9492e52bb5e7a9a0fbaa3ebde225f3917353dd1ce3450997fdc2597d79d05c73c5eeb71006a14c631f77fce0b0f37fd59d6bd0ab5f5ba2360e34ef68a19ea84f14ab1d85b343991cf3da4b4c5d6591660894f9fc46a173e7b65b1b8fe3ce25df5c2d29138ca1f945db22230b409003ad36e2358bbfdc565a33e3c273125aa16b601722c3414cf228f9b78a9fc0e5610134624bed41d3e9e2272d34cbbf2dfe22480051449ebb746604500a19793c6ba2d6b195b6d01c6063e6c96e8e8b0d937cfdaf6d0f047fb05fc4c6e94642ff1e809c0c3a95d60cd37846ab1d08592ae2bce6fb8ad2ea5b60a159ccca99fd5f9a1b8fbb1a43c6e80c20f5eb477e98b645cdd0b62796c42a879bc8af2"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:32 executing program 4 (fault-call:3 fault-nth:28): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:32 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f0000000040)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000001100)='/dev/full\x00', 0x2, 0x0) ioctl$TIOCL_UNBLANKSCREEN(r2, 0x541c, &(0x7f0000001140)) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000080)={0x0, 0x1000, "5025036ac8958df0f877585b8b7a2c7405e26eaac8a02e74b0832918d8e5e6fb333fc2241ad2877a95a50e40fa9e31dd31bb96a6b474a4ecd2a0414b941a5cf5e340e9c6155c063ea5707c4e4e56e6c9c50e43ae62470cac5a551a221d29b04d79134851a23b2cff6982547082255ea8f05269976e237c77f0f99235542e35278d5c49cf0d612206054f5036cb61293bc6437738b9c05576c312d28255ced9c03cfb12680ff8dfd09b186efc07eb5cae787ff5e3d212920a5e9718217ace359bcbc5528c5c44b13fa0b5ef8135c0c20baa0c9448969f26a548cc1be2ef32874693f94758b9a4d56ae743bcf59dcf139cb8d236abb04b963a75bf0fb9e1225a6c6b646562ae77ec0a02c2f861744647395175e682751a9d15dddc76faa48dfec7f7867a99659f8e26b537fec1467f6c94650cb5bb78a417ec64410923104c3ba481bafe6addc94e407143451b8695eeb20376b6f041f37c1c4486e4f16f38cf79619dabef85c2db36b255ef6ce22ce9e296e969bf7427b498281fce5b93e744e79022946743d217c29897599c78fcf8399f49eacaf6a1d6c8eae15bed4428e3bf3a9b197b3b83ce3d37ab1e705ff2bb62f2f2e9d5d4a36ff852c88243ea59f36ea8d8fd448b466b8c07b651fc2abd6ed7fddb9b741e314ade125bf3f9394c31098ff5a39632c59b4a8b986b535dff1b6981428a613604ae214619f798e2a1c63f98640730151b4570a20965dde79d11a87e667aa5f371fa15e27939ea4d3500920842c906dd67f0ae29b66d0f06236f0995db102426142c5e522226c424ca6d8e85b57a7b55125f9b03d0ea3b2d66383fa0726a32f2504a28ce82ba138179213fd806e17e86cfe374939ce26f6b9cacd55cd0477490b3368cbadc6dc751c8281d22590e8391fba24a3d3660c9fac4c476a327c948dbe7bfea62dae2edb6d4f2dc7a89100027fddf7b396730a9442af2a8ce7e497cc34730289251ce3c990f4034753b438c1101a2d87aa73905684801e4c011706b6807be5b8599eba52a60e4fb3447aaa9d54137502d6291bf5b6388f74d072d5c57883b5f5d5e1ac02236c0576593ab9a5a15d44a39b515ff833f4f3fbf8d48da42a725a307ba2ae0ac1c38dc6dd0f3d7e9a4b09acbd2fb6fab1041ab9f9c8b60a6030c387a44985c428e6a0302dd34cac8fb7e13a10f18c39337662661bc612ac6eb4cd45a1289cb5d87d3a4a405d419aade5a4debc6e42e5ac9b272b5be89569924e4c1500a9787fd6963a45bd76aad131edaecc3b89db446be5d8e2ad7158627a9e7068c465a701635694530a292a7122927312da7f56883a586f553307a51f3a31924021d58a0e214a35445796dcf3e9f7ee27e81bdb06883f2d71ddffab8b3c699cbf84903ccecac3092075478b33e7fc956f3df3564a1239a83441f11a14aab0922328950d5e73e23c293678268df25c5730a7bce79b3de98b34a4e69803dc90d2713bbf8005877adf817bcd2d320ae332d5a58b6559d1af336b7094411083483c2f5becc35bbdd1ad1a04233bd25424e98d0e698f65c5df7ec468d3e6acf771cc52c99a7fb645a77ff8a68ec76460c5befdec0f070686f2f510a1eaac88aa5f43dc624b132645b5cbab57ec566bd89d20e78bd199eab6d73f87f6cfb90c1407c2c0fe97dc27eb44de343a5536a988744ebd7768187d74f7509b89bd584f75d52f5b3e7bb77e1a4e55efb34af0120d718acc1e58cc33c8ee900258cedfe83742b39bfec480f7991a015302b628bb35511d6025813fd91b023d3b9d09d549afe692c30d5cdec3893ff140d541f399e2a27428962329400dae6f140dce346b0104e58c4d8b76889f3130eee8dda7b81e0a288cf4cc061495a5b6e0a87283adadf09b9c645fee1b58115277d62b21a524085b124877d279944d567d8ce9f8b4661a1abf6eba7bb2c1cb55d80f1289980a3c1567b42982b3ab499368dd2422f1e6caf63a909a09d8da14b9d22fef6946d3a3fbf10c2945c42a507fb5740df6b6acac24d52101a5c2c167175d6b337c48c40531e3b28ad11f9e5daae9fa4cf1955e55b9efd6042df0faaf3190e8cb47f6352aa3dbc9816164094179a1d858a4825059968b6586c8a2d9f3245d78f3a011c5d61eff15ca08fced61fcbec46b28a349b5b9d1d5cc92933faf654754b77b07dc22f96d4263e5092bf89534587a613dcb74e295fe20214a9a42e2b6baeab21e52ff2ccd9828920ec7cca31eee8458e421aac9bd2d219ad0e79ec62c2833b67b9a435fc98fca9a0044f055a468f03fdc65c63b73a745c6565bc0668cf5b367fb00bd4ab27c5655b99c5cfffabea7266628dcbd4127442f1a2e8acb1f35fa563dd529909bc605e3db780d703a66610ffc9f0fc347dddf7503a5d77a83e8afe05aeb9629333eb0676b92402b703141e063ba90680b7e323126b70e465178c1b1626b1d43a5feed1ab4e3ffcfe38b9553e25579071626dcb7a729c4fcd19e2eb47d2f7131126d0f617f8a098b2b2d21ffb41998970d96e1f1f441cb9627040b04a11788633149fe4a178a803aeef4ad06f0dd0b8e37e909d20f5771e8587f588c6eaf4640f0feca53ea392a453b858ac2e961168b2b9229202b18d92fb5d5073f9e353f1aef3e5cfab5d314ca53360d7d56622d166d266e9e233046412af65c8a228ed9eed196d095c3f4bad4745b2a1e78fff639984df2eef4eacd4be8c8665f34705169a21d3d58b4cfd56b6391c998042e70b604fba4113becda855665981633f4ea221bbfb0490940fc44f76dd1544664f64597edba633936e8182a92cad9eaafc0081c2500e5ec605a771375abb3a82d5147e43ff8b5e4c9adc1ffc2e4dc2786417a133f6ca0e207998a60df84e561294456622412d232e69166e66e997ac3c95b7c599867f18041ecb5807405a062f6d178493567ff34c6cc2123ba3ca33c2b80d747c94a6deb40d113b0a113eaecb845d1b687b77d3ded6d87be2f25ac98cf7005a0e59b260d9d1587e410fdba8943ff10f0abd0e03a55385c2f1aa10549896b9a68d10b67ba1bd57aa9a5578a5597717fecf1b82b3016d7718f6f0d3871682cc3d1b0e001b6c19dec2a6d214a70ef3a0e86d3a80e305386019397483532578e4a45df95a4663c428eee5695747bfa305dc9518606a4c9a7893abad5cc6503bfb8c1fe43640f8636d2d6c1b92102c76d012f50542b04672b69ad1ddbd988d1cdfd0dea13d43df249e83850c2d17b37599947e2b46046b9722d6310cfdfc0f7428795128b7e64730201a8384f0d25642156fa9bc98eb89e983e2e4235680b704a877736502cd32486afacb90e2ef8a522a6fe2470f187b04da2a1ef65910a6de9583ec5f936f7477898a4e02ee9c621668dac92e78f67c9233c8bff259ed211b7205aeee5e87aca902750dc11a1d24507938362b30acf2bf42de9f231b6399be8626ea75592546a5c12f71a21f6a997f348560ae10b2a8fe153b131accf8fa00a194ce3de6dd1552de9379104ae976f7deb60a46db8e4ac7d6d754ad0c7f345d901f4a9f759fb6fae2bd464d95ebc5b4d4806b4ed385eccd21fab3d20fd9154311f1e5cb918eae9c29efb66b5eff7f987d2e8a20b5fc11877a04dd066f6d655596559083bbda132fe798b34751634c74cea754f85c4b55c8b3ca4631239ace56c4d8c0b71a5ef0315bbb3ca05ed955cb82eb76ffc44f680f67672818525b54a1f45e65ac552f9214abe8236d4c6ba5eb45b7c41982c2d88be5ef74e6af2b3119db016049477d1548eb3b0919f8895a38a0065c2de2aaf36ebb3d18d8f4dcd532c5f6ccdd09e5b904fb4cf0ded1e7e8f7d9efa2614838fc1e21a322cb6cac6299d943de120ee983007d574aeec36137ec0fac51dc408b319a14d03e8965e280309d6cc7c1c17d4ba271702ccd5266f64b5b5f3acc52760d2d12d8ae1ad4ac6d92f1f08e6c693f9fcb8fc8cdc87a1ecdb52b7e2c65ae97c70fb563643abe8477633ddb27e56619c039765f6e354d2f106b322c6ef0ed08748cc39246100ea19f4700ee8b8b3855aec3f520e6d9414f119f68b9de036860d1a7cc2c99f938ebf6359c618db442a3740693ed73563005d0ed367289abb0c0c7b4eadcf420695ce0ce6496e07cffc9f2f9a5697464b8056d478984bef934d067992ad05f5f99b08d03af136b5efb14f35d6986cdfbc77f2f00a1a73edbf685ea942f19424aef77c67e7ac64e36d0bdaf85a970a51167cec2ca73a27157098b7cb7c93c49a4dbe47ca9f1bd9baf63ed35330f229158a78a33fa68d497f76db43c8d8011934831ec247d7246d494f2981cce5d837bcd846d2ba217519e9f1e123db406a2e39ac1751e6e4af9bb1243c3e9a6a22f73ae24357b561a48210373b0e19711ca0d7ab5828ca18a7ccbe390a40257490adfdbfbd45573c76c3c5f102422d0bda9f2f6b3579222914e84709217fdfa978297f7f9b8847463268143b0542bee0a71f4e3c3965b6742c7f64586c4f0ae4d9e244584b5d0af75b88e3dc85592a5c4ec9a97ff875b3220493cd9582502c2556770bd39ef7b10ee261230ae63245bc4919f20561c20235e0754930b8899957c52868fb594620b363fdfd1f8a94895741d56553c99e89dccd4ebb8d51fd367f2d255422d361d1cb04eeb7d5a575bf07028fa86357dbcf9f035b1a1dd27b838da71ef652f19e3fe6d15a71dcceeb73d71804fe779e60705e5f664ac89a112ba0b5091a6fbf8612e1b9bd6fc9e745efe76e0b9d991a46519c2e10ae380bf5253073d9860e0accee800c5481e5a9dd1142ff724b4876966476356d8a69fb0efb1998b726c14800dbea0beb333075926b35dfbbd567b701bc14f8b0ce75c718da14e79a64212d4018d93b1b7e44dfb50b44093ae32e723fdd19d0044c692771888c6aac6dce71027c4ecfe4da43929ccceefee60a8a8302417717bdb55d4226ab84938e8cf2627095796e7b30454d23d84727172f0ec9663c6a116bcdf9beba3edfee9820f5aaae071228acd20893cb8fe375132eef2bb39cd301cade6924eb4c5773e24c205657d5ea02e10a726c7bce7511dbbdedcf5975ec4bb4b78da7b7360ad1791b7b53bb17ba7564e6d380558dcf755f56d8b78a253ebb64b3ae9d3a76e2008396064c49eceee59d97897bd4cd3649b85c94c052a412ed5593ab7766c2f98aac5a822b20b7d9901f5f7b8dc64f6547c2533e233ef57b85bd1f6f7f000c8e2d1a9e18cf7c6360a718e7f983d089e6c5bf35cc59f758c095f944888505299be1f6eaa063c96c53eda5f55ebb547d631b8a079347a32b812716fdfbb3724635187e55a602ca4883ef3be8ba9ff1175293d1cab65818e4c1e8d2c39c945808a2296b7f7a6bd45d87f305484342d9167da99808296b6dc00bb5f6426458bff0e65a80e6bde6dcc28f3424c5b49b7a97957175e7ade2689db65f4c21c30c05c393ad8ad71733e00cd9ea38d44222210e87e046cce509dd97d50930f238d0c6d4bae4c9723a4a89552a1d634a59145c418961b8e6fde21bd8f039ffbb69f50f527445400b5e330039756d6f226296fb4ddafe8913e8e2ab7f173feae7f99cb977047e523212b43610af38f586f6b55ef76a99bab3a86f211891714540f3fea900fdc04bbd40893887651527eefe659658190e3d4f6136d84fa1b1781fe05db66e161a425b5f94138d377c6a47639e2ea825e0edd61ca7ceef3134bda1bfd37a15feed0802e80670f21fdd6717a3419fac11ed1c99e1aa38ee2d8c3f7e6fb4cb65711a0756893bd7ac8ff08049d50115aeefcc6"}, &(0x7f00000010c0)=0x1008) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:32 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a01020000f1bfb65c000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0xffffffffffffffff}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000850}, 0x4) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) r3 = memfd_create(&(0x7f0000000000)='cgroup.controllers\x00', 0x0) r4 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyprintk\x00', 0x410440, 0x0) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x8000, 0x0) poll(&(0x7f00000001c0)=[{r2, 0x6002}, {r3, 0x2043}, {r4, 0x2}, {r1, 0x60}, {r5, 0x4a}, {r1, 0x20}, {r1, 0x1ce2d10b7c0004ea}], 0x7, 0x7) 02:42:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(0x0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 276.680377] FAULT_INJECTION: forcing a failure. [ 276.680377] name failslab, interval 1, probability 0, space 0, times 0 [ 276.708776] audit: type=1804 audit(1606963352.137:118): pid=15980 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/228/cgroup.controllers" dev="sda1" ino=16702 res=1 [ 276.722456] CPU: 0 PID: 15985 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 276.739063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 276.748413] Call Trace: [ 276.751000] dump_stack+0x1b2/0x283 [ 276.754666] should_fail.cold+0x10a/0x154 [ 276.758928] should_failslab+0xd6/0x130 [ 276.762903] kmem_cache_alloc_node+0x263/0x410 [ 276.767487] __alloc_skb+0x5c/0x510 [ 276.771114] kobject_uevent_env+0x882/0xf40 [ 276.775442] lo_ioctl+0x11a6/0x1cd0 [ 276.779072] ? loop_set_status64+0xe0/0xe0 [ 276.783310] blkdev_ioctl+0x540/0x1830 [ 276.787194] ? blkpg_ioctl+0x8d0/0x8d0 [ 276.791077] ? trace_hardirqs_on+0x10/0x10 [ 276.795320] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 276.800430] ? debug_check_no_obj_freed+0x2c0/0x674 [ 276.805446] block_ioctl+0xd9/0x120 [ 276.809072] ? blkdev_fallocate+0x3a0/0x3a0 [ 276.813393] do_vfs_ioctl+0x75a/0xff0 [ 276.817191] ? ioctl_preallocate+0x1a0/0x1a0 [ 276.821596] ? lock_downgrade+0x740/0x740 [ 276.825743] ? __fget+0x225/0x360 02:42:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:32 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvme-fabrics\x00', 0x602002, 0x0) getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000040)=0x1, &(0x7f00000000c0)=0x4) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:32 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x541c, &(0x7f00000001c0)) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x1, @sliced={0x800, [0x200, 0x100, 0xffff, 0x2000, 0x9, 0x1, 0x3e7, 0xc155, 0x8000, 0xdf, 0x8e2, 0x400, 0x1, 0x4, 0x5, 0x81, 0xf8, 0x101, 0x9, 0xfffb, 0x0, 0x20, 0x9, 0x114, 0x20, 0x200, 0x40, 0x7, 0x3, 0x3f, 0x9, 0x1, 0x9, 0x1, 0x3f, 0x20, 0x3d4, 0x7, 0x12, 0x4, 0x8001, 0x200, 0x7, 0xffff, 0x3f, 0x8, 0x80, 0x3f], 0x10000}}) write$sysctl(0xffffffffffffffff, &(0x7f0000000140)='2\x00', 0x2) openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x137801, 0x0) 02:42:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:32 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 276.829192] ? do_vfs_ioctl+0xff0/0xff0 [ 276.833165] ? security_file_ioctl+0x83/0xb0 [ 276.837573] SyS_ioctl+0x7f/0xb0 [ 276.840937] ? do_vfs_ioctl+0xff0/0xff0 [ 276.844909] do_syscall_64+0x1d5/0x640 [ 276.848798] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 276.853983] RIP: 0033:0x45dd27 [ 276.857162] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 276.864865] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 276.872188] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 276.872193] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 276.872198] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 276.872203] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:35 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x60, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5a"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:35 executing program 1: r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm_plock\x00', 0x111500, 0x0) ioctl$FIGETBSZ(r0, 0x2, &(0x7f00000000c0)) r1 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r1, &(0x7f0000002000)='/', 0x1) sendfile(r1, r1, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r1, 0x0) mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x5010, 0x0) r2 = socket$inet_sctp(0x2, 0x6, 0x84) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r2, 0x84, 0x4, &(0x7f00000001c0), &(0x7f0000000240)=0x4) r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nvram\x00', 0x2000, 0x0) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000140), &(0x7f0000000180)=0x4) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nvram\x00', 0x100, 0x0) getsockopt$CAN_RAW_JOIN_FILTERS(r4, 0x65, 0x6, &(0x7f0000000600), &(0x7f0000000640)=0x4) 02:42:35 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) fcntl$getownex(r0, 0x10, &(0x7f0000000080)) ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000040)=0x6) r1 = signalfd(r0, &(0x7f0000000100)={[0x7]}, 0x8) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f0000000180)={&(0x7f0000000140)=[0x5, 0x3f, 0x764c, 0x7fff, 0x100, 0xa2, 0xfffffff7, 0x6], 0x8, 0x100000}) openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/6lowpan_enable\x00', 0x2, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:35 executing program 4 (fault-call:3 fault-nth:29): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:35 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) sysfs$3(0x3) r1 = epoll_create1(0x80000) epoll_pwait(r1, &(0x7f0000000000)=[{}], 0x1, 0x7fffffff, &(0x7f00000000c0)={[0x9102]}, 0x8) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0xfa7, 0x10000) write$P9_RMKDIR(r3, &(0x7f00000001c0)={0x14, 0x49, 0x1, {0x8, 0x3, 0x3}}, 0x14) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r2, 0x0, 0x100000300) 02:42:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xffffffffffffffff, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 279.692875] FAULT_INJECTION: forcing a failure. [ 279.692875] name failslab, interval 1, probability 0, space 0, times 0 02:42:35 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x0, 0x10, 0x70bd25, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x6}]}, 0x24}}, 0x80) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 279.734007] CPU: 0 PID: 16041 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 279.741918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 279.751268] Call Trace: [ 279.753857] dump_stack+0x1b2/0x283 [ 279.757491] should_fail.cold+0x10a/0x154 [ 279.761645] should_failslab+0xd6/0x130 [ 279.765621] kmem_cache_alloc_node+0x263/0x410 [ 279.770205] __alloc_skb+0x5c/0x510 [ 279.773834] kobject_uevent_env+0x882/0xf40 [ 279.778162] lo_ioctl+0x11a6/0x1cd0 02:42:35 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000000)={0x0, 0x9}, 0x8) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) fadvise64(r0, 0x0, 0xc78, 0x4) 02:42:35 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) [ 279.781791] ? loop_set_status64+0xe0/0xe0 [ 279.786023] blkdev_ioctl+0x540/0x1830 [ 279.789909] ? blkpg_ioctl+0x8d0/0x8d0 [ 279.793793] ? trace_hardirqs_on+0x10/0x10 [ 279.798033] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 279.803131] ? debug_check_no_obj_freed+0x2c0/0x674 [ 279.808152] block_ioctl+0xd9/0x120 [ 279.811777] ? blkdev_fallocate+0x3a0/0x3a0 [ 279.816094] do_vfs_ioctl+0x75a/0xff0 [ 279.819891] ? ioctl_preallocate+0x1a0/0x1a0 [ 279.824298] ? lock_downgrade+0x740/0x740 [ 279.828448] ? __fget+0x225/0x360 [ 279.831900] ? do_vfs_ioctl+0xff0/0xff0 [ 279.835873] ? security_file_ioctl+0x83/0xb0 [ 279.840285] SyS_ioctl+0x7f/0xb0 [ 279.843654] ? do_vfs_ioctl+0xff0/0xff0 [ 279.847627] do_syscall_64+0x1d5/0x640 [ 279.851519] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 279.856701] RIP: 0033:0x45dd27 [ 279.859881] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 279.867592] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 279.868384] audit: type=1804 audit(1606963355.297:119): pid=16061 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/229/cgroup.controllers" dev="sda1" ino=16718 res=1 [ 279.874857] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 279.874863] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 279.874869] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 279.874875] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:38 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x2) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0xd) 02:42:38 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x63, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611b"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:38 executing program 1: openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x200300, 0x0) r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0x3, 0x181002) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="ffd6680691e66602dff00ef10744ae035af924049b9fdbb29ed22225c4e2f6dbe0b34869f27a4df1a65892785a9ca06a74c3de7a58291d15327c5935d82c20a2c9295544bf5873e9bb9ce60386416b714504583c6115e8"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000ff9000/0x5000)=nil, &(0x7f0000ffd000/0x3000)=nil, 0x5000, 0x1}) 02:42:38 executing program 4 (fault-call:3 fault-nth:30): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:38 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r1, 0xc01864c6, &(0x7f00000000c0)={&(0x7f0000000000)=[0x7fff, 0x38, 0x401, 0x0], 0x4, 0x100000, 0x0, 0xffffffffffffffff}) getsockopt$netrom_NETROM_T1(r2, 0x103, 0x1, &(0x7f0000000180), &(0x7f00000001c0)=0x4) socket$inet6(0xa, 0x6, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r1, 0x0, 0x100000300) [ 282.674365] FAULT_INJECTION: forcing a failure. [ 282.674365] name failslab, interval 1, probability 0, space 0, times 0 [ 282.691914] print_req_error: I/O error, dev loop4, sector 0 [ 282.701219] CPU: 0 PID: 16098 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 282.709242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 282.718611] Call Trace: 02:42:38 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x2}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, r3, 0x221, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_MPATH(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x200, 0x70bd25, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x1, 0x38}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x20004000}, 0x40) r4 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$TIOCMIWAIT(r4, 0x545c, 0x0) [ 282.718628] dump_stack+0x1b2/0x283 [ 282.718644] should_fail.cold+0x10a/0x154 [ 282.718658] should_failslab+0xd6/0x130 [ 282.718672] kmem_cache_alloc_node_trace+0x25a/0x400 [ 282.718688] __kmalloc_node_track_caller+0x38/0x70 [ 282.718700] __alloc_skb+0x96/0x510 [ 282.718714] kobject_uevent_env+0x882/0xf40 [ 282.718731] lo_ioctl+0x11a6/0x1cd0 [ 282.718744] ? loop_set_status64+0xe0/0xe0 [ 282.758768] blkdev_ioctl+0x540/0x1830 [ 282.762655] ? blkpg_ioctl+0x8d0/0x8d0 [ 282.766542] ? trace_hardirqs_on+0x10/0x10 02:42:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, 0x0) r3 = gettid() tkill(r3, 0xd) [ 282.770777] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 282.775876] ? debug_check_no_obj_freed+0x2c0/0x674 [ 282.780902] block_ioctl+0xd9/0x120 [ 282.784534] ? blkdev_fallocate+0x3a0/0x3a0 [ 282.788889] do_vfs_ioctl+0x75a/0xff0 [ 282.788905] ? ioctl_preallocate+0x1a0/0x1a0 [ 282.797135] ? lock_downgrade+0x740/0x740 [ 282.797149] ? __fget+0x225/0x360 [ 282.797161] ? do_vfs_ioctl+0xff0/0xff0 [ 282.808696] ? security_file_ioctl+0x83/0xb0 [ 282.813108] SyS_ioctl+0x7f/0xb0 [ 282.816472] ? do_vfs_ioctl+0xff0/0xff0 [ 282.820446] do_syscall_64+0x1d5/0x640 02:42:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, 0x0) r3 = gettid() tkill(r3, 0xd) 02:42:38 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/mice\x00', 0x458a00) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCSWINSZ(r3, 0x5414, &(0x7f0000000080)={0xf3, 0x9, 0x4, 0x5}) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$USBDEVFS_RELEASEINTERFACE(r1, 0x80045510, &(0x7f00000000c0)=0x80000000) r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$KVM_GET_DEBUGREGS(0xffffffffffffffff, 0x8080aea1, &(0x7f0000000100)) ioctl$KDSKBLED(r4, 0x4b65, 0x7fb) 02:42:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, 0x0) r3 = gettid() tkill(r3, 0xd) [ 282.824338] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 282.829521] RIP: 0033:0x45dd27 [ 282.832702] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 282.840410] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 282.847670] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 282.854947] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 282.862223] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 02:42:38 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000000)=@sack_info={0x0, 0xfffff801, 0xffffffff}, 0xc) 02:42:38 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) gettid() tkill(0x0, 0xd) [ 282.869486] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 282.880805] print_req_error: I/O error, dev loop4, sector 0 [ 282.886568] Buffer I/O error on dev loop4, logical block 0, async page read [ 282.893957] print_req_error: I/O error, dev loop4, sector 0 [ 282.893966] Buffer I/O error on dev loop4, logical block 0, async page read [ 282.894036] print_req_error: I/O error, dev loop4, sector 0 [ 282.894043] Buffer I/O error on dev loop4, logical block 0, async page read [ 282.894109] print_req_error: I/O error, dev loop4, sector 0 02:42:38 executing program 4 (fault-call:3 fault-nth:31): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 282.894116] Buffer I/O error on dev loop4, logical block 0, async page read [ 282.894174] print_req_error: I/O error, dev loop4, sector 0 [ 282.894180] Buffer I/O error on dev loop4, logical block 0, async page read [ 282.894246] print_req_error: I/O error, dev loop4, sector 0 [ 282.894252] Buffer I/O error on dev loop4, logical block 0, async page read [ 282.894354] print_req_error: I/O error, dev loop4, sector 24 [ 282.894360] Buffer I/O error on dev loop4, logical block 3, async page read [ 282.897517] audit: type=1804 audit(1606963358.318:120): pid=16125 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/230/cgroup.controllers" dev="sda1" ino=15985 res=1 [ 283.042174] FAULT_INJECTION: forcing a failure. [ 283.042174] name failslab, interval 1, probability 0, space 0, times 0 [ 283.042221] CPU: 0 PID: 16147 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 283.042227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 283.042231] Call Trace: [ 283.042245] dump_stack+0x1b2/0x283 [ 283.042261] should_fail.cold+0x10a/0x154 [ 283.042280] should_failslab+0xd6/0x130 [ 283.042295] kmem_cache_alloc_node_trace+0x25a/0x400 [ 283.042310] __kmalloc_node_track_caller+0x38/0x70 [ 283.042322] __alloc_skb+0x96/0x510 [ 283.042335] kobject_uevent_env+0x882/0xf40 [ 283.042354] lo_ioctl+0x11a6/0x1cd0 [ 283.042366] ? loop_set_status64+0xe0/0xe0 [ 283.042378] blkdev_ioctl+0x540/0x1830 [ 283.042388] ? blkpg_ioctl+0x8d0/0x8d0 [ 283.042399] ? trace_hardirqs_on+0x10/0x10 [ 283.042412] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 283.042422] ? debug_check_no_obj_freed+0x2c0/0x674 [ 283.042436] block_ioctl+0xd9/0x120 [ 283.042444] ? blkdev_fallocate+0x3a0/0x3a0 [ 283.042454] do_vfs_ioctl+0x75a/0xff0 [ 283.042466] ? ioctl_preallocate+0x1a0/0x1a0 [ 283.042474] ? lock_downgrade+0x740/0x740 [ 283.042488] ? __fget+0x225/0x360 [ 283.042497] ? do_vfs_ioctl+0xff0/0xff0 [ 283.042507] ? security_file_ioctl+0x83/0xb0 [ 283.042516] SyS_ioctl+0x7f/0xb0 [ 283.042522] ? do_vfs_ioctl+0xff0/0xff0 [ 283.042533] do_syscall_64+0x1d5/0x640 [ 283.042547] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 283.042553] RIP: 0033:0x45dd27 [ 283.042558] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 283.042568] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 283.042573] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 283.042578] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 283.042583] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 283.042588] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:41 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x63, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611b"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:41 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) r2 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x2, 0x0) dup2(r1, r2) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000300) 02:42:41 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x0, @dev}]}, &(0x7f0000000600)=0x10) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000300)={r5, @in={{0x2, 0x0, @loopback=0xac141400}}}, &(0x7f00000000c0)=0x90) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f0000000000)={r5, 0x2, 0x7}, 0x8) 02:42:41 executing program 4 (fault-call:3 fault-nth:32): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:41 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) socket$inet_smc(0x2b, 0x1, 0x0) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc2604110, &(0x7f0000000040)={0x6, [[0xfffffffc, 0x80000001, 0x5, 0x9, 0x6, 0x20, 0xeb9, 0x1ff00], [0x0, 0xd4, 0x0, 0xe, 0xfe, 0xb92, 0x3, 0x8], [0x6, 0x4092, 0x6, 0x6, 0x1000, 0x3, 0x41, 0x4]], [], [{0x3, 0xa6, 0x1, 0x1, 0x0, 0x1}, {0x3ff, 0xfffffff7, 0x0, 0x0, 0x0, 0x1}, {0x3f, 0xfff, 0x0, 0x1}, {0x0, 0xfffffff9, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x5, 0x1}, {0x6, 0x6, 0x1}, {0x4, 0x5, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0x10000, 0x1, 0x1, 0x1}, {0x7, 0x2, 0x0, 0x1}, {0xd6a, 0x1, 0x0, 0x0, 0x1, 0x1}, {0x800, 0x80000000, 0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}], [], 0x83f}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 285.744107] FAULT_INJECTION: forcing a failure. [ 285.744107] name failslab, interval 1, probability 0, space 0, times 0 [ 285.765389] CPU: 1 PID: 16168 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 285.773298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 285.782646] Call Trace: [ 285.785245] dump_stack+0x1b2/0x283 [ 285.788877] should_fail.cold+0x10a/0x154 [ 285.793028] should_failslab+0xd6/0x130 [ 285.797001] kmem_cache_alloc_node+0x263/0x410 [ 285.801610] __alloc_skb+0x5c/0x510 [ 285.805239] kobject_uevent_env+0x882/0xf40 [ 285.809563] lo_ioctl+0x11a6/0x1cd0 [ 285.813190] ? loop_set_status64+0xe0/0xe0 [ 285.817434] blkdev_ioctl+0x540/0x1830 [ 285.821322] ? blkpg_ioctl+0x8d0/0x8d0 [ 285.825207] ? trace_hardirqs_on+0x10/0x10 [ 285.829437] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 285.834540] ? debug_check_no_obj_freed+0x2c0/0x674 [ 285.839556] block_ioctl+0xd9/0x120 [ 285.843179] ? blkdev_fallocate+0x3a0/0x3a0 [ 285.847497] do_vfs_ioctl+0x75a/0xff0 [ 285.851305] ? ioctl_preallocate+0x1a0/0x1a0 [ 285.855707] ? lock_downgrade+0x740/0x740 [ 285.859853] ? __fget+0x225/0x360 [ 285.863302] ? do_vfs_ioctl+0xff0/0xff0 [ 285.867273] ? security_file_ioctl+0x83/0xb0 [ 285.871679] SyS_ioctl+0x7f/0xb0 [ 285.875040] ? do_vfs_ioctl+0xff0/0xff0 [ 285.879014] do_syscall_64+0x1d5/0x640 [ 285.882903] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 285.888087] RIP: 0033:0x45dd27 [ 285.891267] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 285.898972] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 285.906234] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 285.906639] audit: type=1804 audit(1606963361.188:121): pid=16179 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/231/cgroup.controllers" dev="sda1" ino=16164 res=1 [ 285.913492] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 02:42:41 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) gettid() tkill(0x0, 0xd) 02:42:41 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TCXONC(r0, 0x540a, 0x0) [ 285.913497] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 285.913502] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 02:42:41 executing program 4 (fault-call:3 fault-nth:33): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:41 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x100, 0x0) ioctl$VHOST_SET_VRING_ENDIAN(r2, 0x4008af13, &(0x7f0000000200)={0x1, 0x8}) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00') sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000002800)=ANY=[@ANYBLOB="2c000000adc5d152d9f965f028e21f92a23fc9537c99a3b7b820d71f3674d822dc27e519f5d118bbb930ea3a33e6f8571a8f0b372691ab487a01c569b716a7eafa84ff3c5ba9d8b5dfd9fedf1a635c4040c1c0540aa6352241fd", @ANYRES16=r3, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r1, @ANYBLOB="10005a800c000080060001002400000055507893a3bf2e0eac613ebb84e5f538e61304b03bd024965480b4c9c9f479e77d2981757150616f429da9a00ee21387fbdb328ed158bc4746c4c2b46561584094f3a37cd09295a379314cb2b28f30fea2326e153eee5a3a0b1d22b706694947377e1820377aa3c7f06282a5e038c81670e6e7d40218f8232d0358dc028665e5160cc9c7ac3b69a289123edfb208"], 0x2c}}, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x9c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x2}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x8}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x6}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x81}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x6e5}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x3a}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xad}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x171b}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x400}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x18}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x8}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x2c}]}, 0x9c}, 0x1, 0x0, 0x0, 0xc0}, 0x40000) ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000300)={0x1, {0x7, 0x6, 0xfffffffd, 0x8001}, {0xfff, 0x7, 0x4, 0x7fff}, {0x8, 0x1000}}) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 286.099926] FAULT_INJECTION: forcing a failure. [ 286.099926] name failslab, interval 1, probability 0, space 0, times 0 [ 286.111976] CPU: 1 PID: 16200 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 286.114464] print_req_error: I/O error, dev loop4, sector 0 [ 286.119881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 286.119885] Call Trace: [ 286.119902] dump_stack+0x1b2/0x283 [ 286.119917] should_fail.cold+0x10a/0x154 [ 286.119937] should_failslab+0xd6/0x130 [ 286.119949] kmem_cache_alloc_node_trace+0x25a/0x400 [ 286.119962] __kmalloc_node_track_caller+0x38/0x70 [ 286.119976] __alloc_skb+0x96/0x510 [ 286.119989] kobject_uevent_env+0x882/0xf40 [ 286.120009] lo_ioctl+0x11a6/0x1cd0 [ 286.120022] ? loop_set_status64+0xe0/0xe0 [ 286.120034] blkdev_ioctl+0x540/0x1830 [ 286.120045] ? blkpg_ioctl+0x8d0/0x8d0 [ 286.120055] ? trace_hardirqs_on+0x10/0x10 [ 286.120067] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 286.120075] ? debug_check_no_obj_freed+0x2c0/0x674 [ 286.120088] block_ioctl+0xd9/0x120 [ 286.136706] print_req_error: I/O error, dev loop4, sector 0 [ 286.137698] ? blkdev_fallocate+0x3a0/0x3a0 [ 286.137711] do_vfs_ioctl+0x75a/0xff0 [ 286.137723] ? ioctl_preallocate+0x1a0/0x1a0 [ 286.137732] ? lock_downgrade+0x740/0x740 [ 286.137745] ? __fget+0x225/0x360 [ 286.141353] Buffer I/O error on dev loop4, logical block 0, async page read [ 286.145476] ? do_vfs_ioctl+0xff0/0xff0 [ 286.149869] Buffer I/O error on dev loop4, logical block 0, async page read [ 286.154508] ? security_file_ioctl+0x83/0xb0 [ 286.154521] SyS_ioctl+0x7f/0xb0 [ 286.154529] ? do_vfs_ioctl+0xff0/0xff0 [ 286.154541] do_syscall_64+0x1d5/0x640 [ 286.159841] Buffer I/O error on dev loop4, logical block 0, async page read [ 286.163065] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 286.163074] RIP: 0033:0x45dd27 [ 286.163079] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 286.163090] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 286.290761] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 02:42:41 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r0, 0x89f7, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000180)={'syztnl2\x00', 0x0, 0x0, 0x4, 0x0, 0x1ff, 0x8, @private2={0xfc, 0x2, [], 0x1}, @empty, 0x3b, 0x7, 0x200, 0x63}}) sendmsg$BATADV_CMD_SET_VLAN(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x4c, 0x0, 0x10, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x2}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x3}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x8000) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000300) 02:42:41 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000080)={0x6, 'veth1_to_hsr\x00', {0x8001}, 0x1}) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x6}}) [ 286.290766] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 286.290775] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 286.312556] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 286.317261] audit: type=1804 audit(1606963361.548:122): pid=16207 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/232/cgroup.controllers" dev="sda1" ino=16164 res=1 02:42:41 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(0xffffffffffffffff) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) fsetxattr(r3, &(0x7f0000000080)=@random={'user.', '\x8e\x00\x00'}, &(0x7f0000000c00)='\x00', 0x1, 0x2) r4 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYRESHEX=r4], 0xb60) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0xfffc, 0x0, 0x0, 0x2}}) r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000c80)='/dev/ubi_ctrl\x00', 0x801, 0x0) dup2(r1, r5) [ 286.657360] audit: type=1804 audit(1606963362.078:123): pid=16208 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/232/cgroup.controllers" dev="sda1" ino=16164 res=1 02:42:44 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x63, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611b"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:44 executing program 4 (fault-call:3 fault-nth:34): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:44 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000000100)) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280)='devlink\x00') sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0xac, r2, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x1}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x8e, 0x2}}]}, 0xac}, 0x1, 0x0, 0x0, 0x800}, 0x48040) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) accept$nfc_llcp(r3, &(0x7f0000000040), &(0x7f00000000c0)=0x60) 02:42:44 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc21\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="eaf1ffb980780e18120da89833d763edbe41b75ca9f241236b739d0bbab1a35135197bef69727968a29d33202befb484496b"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:44 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0) ioctl$BTRFS_IOC_SPACE_INFO(r3, 0xc0109414, &(0x7f00000002c0)={0xf78, 0x6de7, [[], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], []]}) sendfile(r2, r1, 0x0, 0x100000300) [ 288.775101] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 288.790303] FAULT_INJECTION: forcing a failure. [ 288.790303] name failslab, interval 1, probability 0, space 0, times 0 [ 288.817544] print_req_error: 6 callbacks suppressed [ 288.817550] print_req_error: I/O error, dev loop4, sector 0 [ 288.829384] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 288.840691] CPU: 1 PID: 16245 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 288.846567] audit: type=1804 audit(1606963364.268:124): pid=16247 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/233/cgroup.controllers" dev="sda1" ino=16449 res=1 [ 288.848577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 288.848582] Call Trace: [ 288.848597] dump_stack+0x1b2/0x283 [ 288.848612] should_fail.cold+0x10a/0x154 [ 288.848627] should_failslab+0xd6/0x130 [ 288.848640] kmem_cache_alloc_node_trace+0x25a/0x400 [ 288.848654] __kmalloc_node_track_caller+0x38/0x70 [ 288.848665] __alloc_skb+0x96/0x510 [ 288.848683] kobject_uevent_env+0x882/0xf40 [ 288.848702] lo_ioctl+0x11a6/0x1cd0 [ 288.848717] ? loop_set_status64+0xe0/0xe0 [ 288.848731] blkdev_ioctl+0x540/0x1830 [ 288.848743] ? blkpg_ioctl+0x8d0/0x8d0 [ 288.891737] print_req_error: I/O error, dev loop4, sector 0 [ 288.894742] ? trace_hardirqs_on+0x10/0x10 [ 288.894758] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 288.894770] ? debug_check_no_obj_freed+0x2c0/0x674 [ 288.899908] buffer_io_error: 4 callbacks suppressed [ 288.899913] Buffer I/O error on dev loop4, logical block 0, async page read [ 288.904762] block_ioctl+0xd9/0x120 [ 288.917553] print_req_error: I/O error, dev loop4, sector 0 [ 288.920486] ? blkdev_fallocate+0x3a0/0x3a0 [ 288.920499] do_vfs_ioctl+0x75a/0xff0 [ 288.924377] Buffer I/O error on dev loop4, logical block 0, async page read [ 288.928235] ? ioctl_preallocate+0x1a0/0x1a0 [ 288.928243] ? lock_downgrade+0x740/0x740 [ 288.928257] ? __fget+0x225/0x360 [ 288.928266] ? do_vfs_ioctl+0xff0/0xff0 [ 288.928277] ? security_file_ioctl+0x83/0xb0 [ 288.928287] SyS_ioctl+0x7f/0xb0 [ 288.928295] ? do_vfs_ioctl+0xff0/0xff0 [ 288.928307] do_syscall_64+0x1d5/0x640 [ 288.928323] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 288.928332] RIP: 0033:0x45dd27 02:42:44 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) gettid() tkill(0x0, 0xd) 02:42:44 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, 0xffffffffffffffff, 0x0) getsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000000), &(0x7f0000000040)=0x4) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r1, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x7b4edbfe915b7b46, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) prlimit64(0x0, 0x0, &(0x7f0000000280)={0xc}, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3, 0x0, 0x3, 0x0, 0xffffffff}, 0x0) syz_mount_image$msdos(&(0x7f00000002c0)='msdos\x00', &(0x7f00000003c0)='./file1\x00', 0xffffffff, 0x1, &(0x7f0000000080)=[{&(0x7f00000000c0)}], 0x0, &(0x7f00000004c0)=ANY=[]) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1013c1, 0x0) sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0) open$dir(&(0x7f0000000380)='./file0\x00', 0x0, 0x0) write$9p(r2, &(0x7f0000001400)="3b27a4b46ee92b4a59073c369a5e19f9db153c4fdbc76aa2a4bb9f3e5e1aa197a9e97d1016c01813792e50c2692c175aad715d110a892949ccc6e2e54c2d5c8f0b7932b69797f217168b0c1feb128ae34f0daf487a70b5c117acd43725fe17993634f1695dabd7f998cd55e9d5bd911e86aa7a4ad75a574bb96951d6018b25d942a9544bca1ebb0e8d10c092cdcb85797673972099e4041aaf8d636f66cb1103ef2050ad28fabaed33d6927889d97f4b5ce0de71d3fd832980f4f088d0d824e20549b4bbd906ffa51ce9de54d779eb4de462faac20a3ab0ed9934373ca22cea5454f4c2a740cd461e39956bb5f98df2aebc60cf32623adbffbcc378fa7250b6a3fc863dadcf6d4f8b855c4e70f0796eee6218445dad2811dd6b540ff52efa2f167dd9c1b8b016268d37db430983fefc0645d20614c8df2eb0872c58e09664e672b0b6a9970fec199257e1c606ec3e364c66a0f4d258c74accd43b987c756d602fd8787fed3aa43fd8d84e9656d4a413fa9a423bc54b873583d6d497005e54712fafc71384988d80134fbf84f53fdd74b354848006b8b5b67e7cc5a472475d3ae545ca1fcf7628b873e31ba83a98a7ad5b0cfbe9711b517a9a1388ad0efa2a3b4e22152021d631b731e2e100a9831111db7acce948bb5deeea260463c140ac929e77c58402776caf85d4569a75dde2f64c4491508afb541ed9b2c81fc95c06706235f383e31cf662c95b1e49cfd94871e22720a41535756e419b271276941692bd023dd9c9dbec4f7db1e5c00d8b3be7b8e826a6aadd001edd0dfeb00f8048442b5c48456fd642e629dcb2ff55592665ff491cd832672ce4d999da186db2c3a1f8b6b1f7d3750d7cdb3097954e6e14fb2183ad662c63d4ce8b82dc2487f0fe2ea2827b53a7c6dcced878d2fb29c1d3ff583570e7bc172d1a5c716e0447cb08ce3c468ffdf975da372f3f3eb455aaf5822bc04a51b6cad24a2331369df81c123b009a2381b42e9aeb077", 0x2c9) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), 0x0) sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000700)=ANY=[@ANYBLOB="81000100daed63da0754faf47557719a8276fecca74da060a5f0d07abd844ac11f1ba20a00e490428363b961a1dbe967834e62fff3dfbec00688203665e137b4de9641f46887a0ecbe4d5269cc2dd9c9e0f07386b09a3048731c51ea210264d247bcdfa4351f8136683b5a5b519bc3fbd37ec67536e8ab699210865ecd01930f73dff3c350d449e4aece668201006b424fc072afefcd5e6febc7d1aa0001d705", @ANYRES16=0x0, @ANYBLOB="010028bd7000fcdbdf25040000000c000180080006000100000008000200050000003c00018014000400fe8000000000000000000000000000aa060001000a00000017000200040000001400040000000000000000000000000000000000080003000000000024000180080006000400000008000700756f66fc2b773ef96a57a01860e41348ca099f209c2c97e9c3e17733302dad4d8cc2a0677785b4c79cee5bc5fae429b2d0a7fb09c2e5ac202be4872770e0573c8eb4f17ac96b2696dab0522f8025043a962f5196e0546d3c72975c9b30cb04502c2e", @ANYRES32=0x0, @ANYBLOB="060001000000000005000200000000000800030001000000"], 0x98}}, 0x0) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) getsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f00000004c0), &(0x7f0000000500)=0x14) setresuid(0x0, 0x0, 0x0) 02:42:44 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x65, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd716"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:44 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540)='nl80211\x00') sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000600)={&(0x7f0000000580)={0x70, r2, 0x20, 0x70bd26, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7, 0x7b}}}}, [@mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "3b07963d6cd52a1a950f7eb91011db59de4cf547316d7cb1"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}], @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x70}}, 0x10) sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000480)={&(0x7f0000000300)={0x170, 0x0, 0x800, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @mon_options=[@NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "32de54405ee712afd77302eaf4b6456b9cd1153a00a10a27"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MNTR_FLAGS={0x24, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "5f09a5a93666f3f53b5f72ee1032efc02a3f79fa4bf886dc"}], @NL80211_ATTR_MESH_ID={0xa}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x24, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @device_b}, @NL80211_ATTR_MNTR_FLAGS={0x14, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x20, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}]}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa}, @NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}, @NL80211_MNTR_FLAG_COOK_FRAMES={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_COOK_FRAMES={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "76d085eb70ed7dc7f1a342cffd0da12a7f13e053713e3dfb"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "ab46d4b06fc9ddd163bb5969b9d5c341f5f55b399ed2d38b"}]]}, 0x170}, 0x1, 0x0, 0x0, 0x20000000}, 0x1) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x4, 0x1, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x8000) r3 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r3) setsockopt$IP_VS_SO_SET_STOPDAEMON(r3, 0x0, 0x48c, &(0x7f0000000680)={0x0, 'veth1_to_hsr\x00', 0x1}, 0x18) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r4, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) fcntl$F_SET_FILE_RW_HINT(r4, 0x40e, &(0x7f0000000040)=0x4) setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendfile(r4, r0, &(0x7f0000000180)=0x7, 0x3) [ 288.943591] print_req_error: I/O error, dev loop4, sector 0 [ 288.948389] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 288.948401] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 288.948406] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 288.948410] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 288.948415] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 288.948420] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 289.076267] Buffer I/O error on dev loop4, logical block 0, async page read [ 289.102812] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. 02:42:44 executing program 4 (fault-call:3 fault-nth:35): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:44 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 289.184336] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. [ 289.208529] FAULT_INJECTION: forcing a failure. [ 289.208529] name failslab, interval 1, probability 0, space 0, times 0 02:42:44 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x6, 0x12000) ioctl$DRM_IOCTL_MODE_GETENCODER(r1, 0xc01464a6, &(0x7f0000000040)={0x367b}) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f00000000c0)='./file0\x00', 0x0, 0x5010, 0x0) [ 289.233297] CPU: 1 PID: 16286 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 289.241202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.250552] Call Trace: [ 289.253146] dump_stack+0x1b2/0x283 [ 289.256776] should_fail.cold+0x10a/0x154 [ 289.260925] should_failslab+0xd6/0x130 [ 289.264909] kmem_cache_alloc_trace+0x29a/0x3d0 [ 289.264920] ? kobject_create.cold+0x1f/0x1f [ 289.264934] call_usermodehelper_setup+0x73/0x2e0 [ 289.264946] kobject_uevent_env+0xc28/0xf40 [ 289.264964] lo_ioctl+0x11a6/0x1cd0 [ 289.264976] ? loop_set_status64+0xe0/0xe0 [ 289.264990] blkdev_ioctl+0x540/0x1830 [ 289.265000] ? blkpg_ioctl+0x8d0/0x8d0 [ 289.265010] ? trace_hardirqs_on+0x10/0x10 [ 289.265023] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 289.265035] ? debug_check_no_obj_freed+0x2c0/0x674 [ 289.265050] block_ioctl+0xd9/0x120 [ 289.265058] ? blkdev_fallocate+0x3a0/0x3a0 [ 289.265068] do_vfs_ioctl+0x75a/0xff0 [ 289.265080] ? ioctl_preallocate+0x1a0/0x1a0 [ 289.265088] ? lock_downgrade+0x740/0x740 [ 289.265102] ? __fget+0x225/0x360 [ 289.265111] ? do_vfs_ioctl+0xff0/0xff0 [ 289.265122] ? security_file_ioctl+0x83/0xb0 [ 289.265131] SyS_ioctl+0x7f/0xb0 [ 289.265138] ? do_vfs_ioctl+0xff0/0xff0 [ 289.265149] do_syscall_64+0x1d5/0x640 02:42:44 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x6165}}) 02:42:44 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r5, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x21}]}, 0x20}}, 0x800) [ 289.265164] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 289.265172] RIP: 0033:0x45dd27 [ 289.265177] RSP: 002b:00007fe4267c9a28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 289.265187] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045dd27 [ 289.265192] RDX: 0000000000000006 RSI: 0000000000004c00 RDI: 0000000000000007 [ 289.265197] RBP: 0000000000000000 R08: 0000000020000218 R09: 0000000000000000 [ 289.265203] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000001 [ 289.265207] R13: 0000000000000006 R14: 0000000000000006 R15: 0000000020000228 [ 289.267353] print_req_error: I/O error, dev loop4, sector 0 [ 289.267442] print_req_error: I/O error, dev loop4, sector 0 [ 289.267450] Buffer I/O error on dev loop4, logical block 0, async page read [ 289.277500] print_req_error: I/O error, dev loop4, sector 0 [ 289.277509] Buffer I/O error on dev loop4, logical block 0, async page read [ 289.277585] print_req_error: I/O error, dev loop4, sector 0 [ 289.277592] Buffer I/O error on dev loop4, logical block 0, async page read 02:42:44 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x0, @dev}]}, &(0x7f0000000600)=0x10) r2 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="00e40000", @ANYRES32=0x0], &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000300)={r3, @in6={{0xa, 0x4e21, 0x8, @remote, 0x6}}}, &(0x7f00000000c0)=0x90) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000000)={0x7, 0x208, 0x0, 0x6, r3}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 289.277668] print_req_error: I/O error, dev loop4, sector 0 [ 289.277674] Buffer I/O error on dev loop4, logical block 0, async page read [ 289.277741] print_req_error: I/O error, dev loop4, sector 0 [ 289.277747] Buffer I/O error on dev loop4, logical block 0, async page read [ 289.277814] Buffer I/O error on dev loop4, logical block 0, async page read [ 289.277913] Buffer I/O error on dev loop4, logical block 3, async page read 02:42:45 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x4}}) r1 = syz_mount_image$hfsplus(&(0x7f0000000040)='hfsplus\x00', &(0x7f0000000080)='./file0\x00', 0x7fffffff, 0x1, &(0x7f00000001c0)=[{&(0x7f00000000c0)="dae61bf6e9e7be910b94ec44328f50cf374e462d8f58245c3d8e7c41e3efd74597734ac0fb088a729511a0ed4fb04d639d44d35bf97d4d1239a16367653548cfe025366caed34f5303a5f0d15e4229b77de226f28a1c098cd92196afd368abf1738cdcbe5810e434642f80b7120e7098d269b3f0054b7d7cb0dbae7ff5ca22e6fed9dabaf9916091e94c6ca668c7d98a1f21820c2d991887c96734ef0cb4ba3755662386f2e5a26f2ec42c54fe4fee9606f42a60a050c6f2f27bec64c3c37d3249", 0xc1, 0x49}], 0x8000, &(0x7f0000000200)={[], [{@smackfsdef={'smackfsdef'}}]}) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f0000000300)) [ 289.300804] audit: type=1804 audit(1606963364.728:125): pid=16258 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/233/cgroup.controllers" dev="sda1" ino=16449 res=1 [ 289.302854] audit: type=1804 audit(1606963364.728:126): pid=16247 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/233/cgroup.controllers" dev="sda1" ino=16449 res=1 02:42:45 executing program 4 (fault-call:3 fault-nth:36): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 289.620414] hfsplus: unable to parse mount options [ 289.633100] audit: type=1804 audit(1606963365.058:127): pid=16311 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/234/cgroup.controllers" dev="sda1" ino=16449 res=1 [ 289.698171] FAULT_INJECTION: forcing a failure. [ 289.698171] name failslab, interval 1, probability 0, space 0, times 0 [ 289.716794] CPU: 1 PID: 16328 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 289.724693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 289.734031] Call Trace: [ 289.736600] dump_stack+0x1b2/0x283 [ 289.740220] should_fail.cold+0x10a/0x154 [ 289.744356] should_failslab+0xd6/0x130 [ 289.748311] kmem_cache_alloc+0x28e/0x3c0 [ 289.752474] getname_flags+0xc8/0x550 [ 289.756253] SyS_mkdirat+0x83/0x270 [ 289.759864] ? SyS_mknod+0x30/0x30 [ 289.763424] ? fput+0xb/0x140 [ 289.766510] ? do_syscall_64+0x4c/0x640 [ 289.770463] ? SyS_mkdirat+0x270/0x270 [ 289.774326] do_syscall_64+0x1d5/0x640 [ 289.778227] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 289.783408] RIP: 0033:0x45d2d7 [ 289.786582] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 289.794269] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 289.801518] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 289.808764] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 289.816010] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 289.823257] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 290.068778] audit: type=1804 audit(1606963365.498:128): pid=16335 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/234/cgroup.controllers" dev="sda1" ino=16449 res=1 02:42:47 executing program 4 (fault-call:3 fault-nth:37): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:47 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f0000000040)={0x11, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'rr\x00', 0x20, 0x7, 0x20}, 0x2c) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x2801, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205649, &(0x7f0000000140)={0x50000, 0x2e3, 0x101, 0xffffffffffffffff, 0x0, &(0x7f0000000100)={0x990969, 0x4, [], @p_u16=&(0x7f00000000c0)=0x4c}}) r3 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 292.070235] FAULT_INJECTION: forcing a failure. [ 292.070235] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 292.082071] CPU: 1 PID: 16344 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 292.089951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.099298] Call Trace: [ 292.101865] dump_stack+0x1b2/0x283 [ 292.105472] should_fail.cold+0x10a/0x154 [ 292.109598] ? lock_downgrade+0x740/0x740 [ 292.113724] __alloc_pages_nodemask+0x22c/0x2720 [ 292.118492] ? __lock_acquire+0x5fc/0x3f20 [ 292.122704] ? lo_ioctl+0x8ae/0x1cd0 [ 292.126392] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 292.131208] ? trace_hardirqs_on+0x10/0x10 [ 292.135437] ? blkpg_ioctl+0x8d0/0x8d0 [ 292.139301] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 292.144052] ? check_preemption_disabled+0x35/0x240 [ 292.149042] ? retint_kernel+0x2d/0x2d [ 292.152904] cache_grow_begin+0x8f/0x420 [ 292.156942] cache_alloc_refill+0x273/0x350 [ 292.161241] kmem_cache_alloc+0x333/0x3c0 [ 292.165365] getname_flags+0xc8/0x550 [ 292.169170] SyS_mkdirat+0x83/0x270 [ 292.172772] ? SyS_mknod+0x30/0x30 [ 292.176305] ? fput+0xb/0x140 [ 292.179408] ? do_syscall_64+0x4c/0x640 [ 292.183361] ? SyS_mkdirat+0x270/0x270 [ 292.187224] do_syscall_64+0x1d5/0x640 [ 292.191090] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 292.196252] RIP: 0033:0x45d2d7 [ 292.199421] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 292.207103] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 02:42:47 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x65, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd716"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:47 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900030073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r1, 0x0, 0x0) write$binfmt_script(r0, &(0x7f0000000000)=ANY=[@ANYRESDEC=r1, @ANYRESHEX], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) 02:42:47 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0x0) 02:42:47 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$phonet_pipe(0x23, 0x5, 0x2) write(r1, &(0x7f0000000000)="d9270a6c2780f0aaab23da6d5ed0460d862f8bb6c92a1a228091592ee1d4164b26b4895f3b397ca719857af007e427be8ab5e108b2bcee27f2a3440395cfdd5d123f0b3b07702b84eece9ecffbdf87c31090f69a4edbd6d17f40f4e9e7dd37bdc29c1ee008e4c3", 0x67) 02:42:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0) [ 292.214349] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 292.221593] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 292.228839] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 292.236081] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:42:47 executing program 4 (fault-call:3 fault-nth:38): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0xfffc}}) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x10) 02:42:47 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="5800000000020104000000000000000002000000240002801400018008000100e000000108000200ac1e009118000340000000000500060000000000180001800c00028005000100000000000000018000000100ac1414bb0000020064010100"], 0x58}}, 0x0) clock_adjtime(0x2, &(0x7f00000001c0)={0x401, 0xfffffffffffffff9, 0x8, 0x5, 0x63, 0x9, 0x8, 0x18000000000, 0x9, 0x401, 0x0, 0x80, 0x2, 0x56cdf5ab, 0x2, 0x8, 0x6, 0x4, 0x27, 0x5f9, 0x80, 0x800, 0x3, 0xcc, 0x2400000, 0x4}) r4 = dup2(r2, r3) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000040)="d536b7885d7c35df8c8f6eea80adac55cdc8b497d6a8d3f13b14a58bbfdc9daa2e69ef4b9efcc6d4aef6e4b941c1ab0949b435e3243452ab986ca1219a22684908e67adb98f4f4e1b4a653563e106065659c01aaf4fc718ffde55f28691e9adcaf46c812df81d8ecc96d05b0408130f25f2574cce890208add48ea21d4ff805c9db366adabbf488f26ca6d8f3e211fb53b2f97174ce74259621c5b5cb408550580e743f30a2ad9f9497363ec7a9a37fa4e60762718bee60b2983856f018a6812f9f4d4c821f67fa58a04bc5f994b211c8b") ioctl$TIOCSBRK(r0, 0x5427) rt_sigreturn() getsockopt$IP6T_SO_GET_INFO(r4, 0x29, 0x40, &(0x7f00000002c0)={'nat\x00'}, &(0x7f0000000340)=0x54) [ 292.369841] FAULT_INJECTION: forcing a failure. [ 292.369841] name failslab, interval 1, probability 0, space 0, times 0 02:42:47 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000080)='.', 0x0, 0x4014, 0x0) setsockopt$RDS_CANCEL_SENT_TO(0xffffffffffffffff, 0x114, 0x1, &(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10) [ 292.401043] audit: type=1804 audit(1606963367.818:129): pid=16364 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/235/cgroup.controllers" dev="sda1" ino=16147 res=1 [ 292.448539] CPU: 0 PID: 16376 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 292.456445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.465796] Call Trace: [ 292.468390] dump_stack+0x1b2/0x283 [ 292.472018] should_fail.cold+0x10a/0x154 [ 292.476171] should_failslab+0xd6/0x130 [ 292.480148] kmem_cache_alloc+0x28e/0x3c0 [ 292.484298] ? ext4_sync_fs+0x7e0/0x7e0 [ 292.488270] ext4_alloc_inode+0x1a/0x640 [ 292.492327] ? ext4_sync_fs+0x7e0/0x7e0 [ 292.496298] alloc_inode+0x5d/0x170 [ 292.499936] new_inode+0x1d/0xf0 [ 292.503300] __ext4_new_inode+0x360/0x4eb0 [ 292.507879] ? kmem_cache_free+0x7c/0x2b0 [ 292.512026] ? putname+0xcd/0x110 [ 292.515480] ? SyS_mkdirat+0x95/0x270 [ 292.516685] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.2'. [ 292.519276] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 292.519295] ? ext4_free_inode+0x1460/0x1460 02:42:48 executing program 1: r0 = gettid() wait4(r0, 0x0, 0x8, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) process_vm_writev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/144, 0x90}, {}], 0x2, &(0x7f0000000780)=[{&(0x7f0000000380)=""/142, 0x8e}, {&(0x7f0000000440)=""/200, 0xc8}, {&(0x7f0000000180)=""/59, 0x3b}, {&(0x7f0000000240)=""/119, 0x77}, {&(0x7f0000000540)=""/243, 0xf3}, {&(0x7f0000000640)=""/94, 0x5e}, {&(0x7f00000001c0)}, {&(0x7f00000006c0)=""/159, 0x9f}], 0x8, 0x0) r1 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r1, &(0x7f0000002000)="9c", 0x1) ioctl$CHAR_RAW_ROGET(0xffffffffffffffff, 0x125e, &(0x7f0000000000)) sendfile(r1, r1, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r1, 0x0) mount(&(0x7f0000000800)=ANY=[@ANYBLOB="37ae2120d20fe91218e94630d2bf965e2545cace26dbbf23b19e4088d17f40ebad1b8b5a0f093258d6c3ee683105a2aa37258fc9ffe3af5f05f40b4f365a1a91bf1be163c069127198e3bb84e36d46a0876d32108f1d3df35930b6fb5436ff70232fe92830721639fa2cbf64cd7e91e1b02f7c25202ec7111b203c5dda540e3de7ab6ea7150c3b77c120e0d4863291d604a4bcb2acda93179dd584832740fb8738ec"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 292.537636] ? lock_downgrade+0x740/0x740 02:42:48 executing program 4 (fault-call:3 fault-nth:39): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 292.537654] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 292.537665] ? dquot_initialize_needed+0x240/0x240 [ 292.537682] ext4_mkdir+0x2e4/0xbd0 [ 292.537699] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 292.537712] ? security_inode_mkdir+0xca/0x100 [ 292.537724] vfs_mkdir+0x463/0x6e0 [ 292.537734] SyS_mkdirat+0x1fd/0x270 02:42:48 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x101000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, r3, 0x221, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r3, 0x8, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3, 0x30}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x80d0}, 0x2018090) [ 292.537742] ? SyS_mknod+0x30/0x30 [ 292.537752] ? do_syscall_64+0x4c/0x640 [ 292.537759] ? SyS_mkdirat+0x270/0x270 [ 292.537769] do_syscall_64+0x1d5/0x640 [ 292.537783] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 292.537791] RIP: 0033:0x45d2d7 [ 292.537796] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 292.537806] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 292.537812] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 292.537817] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 292.537823] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 292.537828] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 292.608716] FAULT_INJECTION: forcing a failure. [ 292.608716] name failslab, interval 1, probability 0, space 0, times 0 [ 292.608785] CPU: 0 PID: 16400 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 292.608791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 292.608794] Call Trace: [ 292.608808] dump_stack+0x1b2/0x283 [ 292.608823] should_fail.cold+0x10a/0x154 [ 292.608836] should_failslab+0xd6/0x130 [ 292.608848] __kmalloc+0x2c1/0x400 [ 292.608859] ? ext4_find_extent+0x879/0xbc0 [ 292.608870] ext4_find_extent+0x879/0xbc0 [ 292.608885] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 292.608896] ext4_ext_map_blocks+0x19a/0x6b10 [ 292.608907] ? __lock_acquire+0x5fc/0x3f20 [ 292.608919] ? __lock_acquire+0x5fc/0x3f20 [ 292.608933] ? mark_buffer_dirty+0x95/0x480 [ 292.608942] ? trace_hardirqs_on+0x10/0x10 [ 292.608951] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 292.608961] ? ext4_find_delalloc_cluster+0x180/0x180 [ 292.608970] ? trace_hardirqs_on+0x10/0x10 [ 292.608978] ? ext4_mark_iloc_dirty+0x1815/0x2690 [ 292.608999] ? ext4_es_lookup_extent+0x321/0xac0 [ 292.609011] ? lock_acquire+0x170/0x3f0 [ 292.609024] ? lock_acquire+0x170/0x3f0 [ 292.609033] ? ext4_map_blocks+0x29f/0x1730 [ 292.609049] ext4_map_blocks+0xb19/0x1730 [ 292.609066] ? ext4_issue_zeroout+0x150/0x150 [ 292.609074] ? __ext4_new_inode+0x27c/0x4eb0 [ 292.609091] ext4_getblk+0x98/0x3f0 [ 292.609102] ? ext4_iomap_begin+0x7f0/0x7f0 [ 292.609119] ext4_bread+0x6c/0x1a0 [ 292.609129] ? ext4_getblk+0x3f0/0x3f0 [ 292.609139] ? dquot_initialize_needed+0x240/0x240 [ 292.609152] ext4_append+0x143/0x350 [ 292.609165] ext4_mkdir+0x4c9/0xbd0 [ 292.609182] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 292.609195] ? security_inode_mkdir+0xca/0x100 [ 292.609207] vfs_mkdir+0x463/0x6e0 [ 292.609218] SyS_mkdirat+0x1fd/0x270 [ 292.609228] ? SyS_mknod+0x30/0x30 [ 292.609238] ? do_syscall_64+0x4c/0x640 [ 292.609246] ? SyS_mkdirat+0x270/0x270 [ 292.609257] do_syscall_64+0x1d5/0x640 [ 292.609272] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 292.609280] RIP: 0033:0x45d2d7 [ 292.609285] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 292.609295] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 292.609301] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 292.609307] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 292.609312] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 292.609317] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 292.632093] audit: type=1804 audit(1606963368.058:130): pid=16381 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/235/cgroup.controllers" dev="sda1" ino=16147 res=1 [ 292.985563] audit: type=1804 audit(1606963368.068:131): pid=16364 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/235/cgroup.controllers" dev="sda1" ino=16147 res=1 02:42:50 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x65, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd716"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:50 executing program 3: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r0, 0x0, 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r1, 0x0, 0x0) r2 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r2, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="5e1e490809211f3c3e5da98b3e374ff484d7d583ef9067b022a06cac9ebc29378f551af5bb4d9b2bd6cf6b1407135b669bb2f73b05af0d757e1414dfe18e8813a54e5389f6ebed7d0a0d894567d664116b2297983fa07662d941079d24712cc0d3777e9d27005752126aaaa980fb1cb06616429b2555537c937f3af802f5da5e018cbe484fd25a0ac42a", @ANYRESDEC=r1, @ANYRES16=r0, @ANYRES16=r2, @ANYRESHEX=r2], 0x1}}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, 0xffffffffffffffff, 0x0, 0x100000300) ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000000)=0x6) 02:42:50 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x74, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}]}, 0x74}}, 0x0) ioctl$F2FS_IOC_GET_FEATURES(r1, 0x8004f50c, &(0x7f0000000000)) ptrace$getregset(0x4204, 0xffffffffffffffff, 0x202, &(0x7f0000000280)={&(0x7f0000000180)=""/119, 0x77}) sendmsg$OSF_MSG_ADD(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x4bc, 0x0, 0x5, 0x801, 0x0, 0x0, {0xa, 0x0, 0x9}, [{{0x254, 0x1, {{0x3, 0x8}, 0x8, 0x3f, 0x2, 0x6, 0xe, 'syz1\x00', "9af863479c9f56588b2c2acf6d28f995460e83467725f4ee2f7f42ea2e03f7a5", "543505608c4515af5099f8486441e1a4e6cace751d03f9c9239be2e08a5c75ff", [{0x6c6, 0x1, {0x1, 0x8}}, {0x2000, 0x1ff, {0x2, 0x7}}, {0x2, 0x9, {0x2, 0x59}}, {0x3cca, 0x100, {0x3, 0x71}}, {0x9, 0x977, {0x2, 0x1000}}, {0x1, 0xe13a, {0x3, 0x8}}, {0x4, 0x7, {0x1, 0xee0}}, {0x7, 0x0, {0x2, 0x4}}, {0x8, 0x7, {0x3, 0x8000}}, {0x400, 0x4, {0x0, 0x9}}, {0x2, 0x9, {0x2, 0x7}}, {0x8001, 0x7ac3, {0x2}}, {0x4, 0x40, {0x1}}, {0x33c8, 0x5}, {0x7, 0x6, {0x3, 0x9}}, {0x7, 0x8, {0x0, 0x40}}, {0xfc01, 0x7fff, {0x1, 0xd9b}}, {0x7ff, 0x7, {0x1, 0x80}}, {0xf3c, 0x2f5, {0x2, 0x7fffffff}}, {0xd884, 0xfff, {0x3, 0x161}}, {0x80, 0x0, {0x1, 0x9}}, {0xa83, 0x81, {0x0, 0x7fffffff}}, {0x9, 0x4, {0x1, 0x3fb}}, {0xfe7c, 0x36, {0x2, 0xfffffff9}}, {0x8, 0x1, {0x3, 0xf9}}, {0x89, 0x4, {0x0, 0x3}}, {0x0, 0x329, {0x3, 0x1000000}}, {0x81, 0x3, {0x1, 0x2}}, {0xfffe, 0xfff, {0x1, 0x2}}, {0x1, 0x1, {0x0, 0xff}}, {0xfff, 0xfaad, {0x2, 0x20}}, {0xffc0, 0x9, {0x2, 0x4}}, {0x7ff, 0x788, {0x0, 0x4}}, {0x1, 0x3, {0x3, 0x5}}, {0x2, 0x80, {0x3, 0x401}}, {0x72e8, 0x1000, {0x2, 0x2}}, {0x6, 0xffff, {0x1, 0x3}}, {0x100, 0x3, {0x2, 0x5015}}, {0xa81, 0x8, {0x1, 0x5}}, {0x1f, 0x8000, {0x0, 0xffffffff}}]}}}, {{0x254, 0x1, {{0x2, 0x8001}, 0x20, 0x40, 0x81, 0x800, 0x81e, 'syz1\x00', "8a92a5ccaebe115d54953f9f2f872679b6f9f382b497c6e9b2741f6dbc1de61f", "0d08bee4932a0ae5711964e4846c512de83e7b1cf42b79ae49ac0a80df436f44", [{0x27, 0x1, {0x2, 0xb8b}}, {0x2, 0x81, {0x1, 0x6}}, {0xbe, 0x6, {0x2, 0xffffffff}}, {0x594, 0x4, {0x3}}, {0x7ff, 0x1f, {0x1, 0x2}}, {0x3, 0x7dbf}, {0x2, 0x8001, {0x2, 0xfde}}, {0x1000, 0x0, {0x2, 0x2075}}, {0xe48, 0x7f, {0x1, 0xfff}}, {0xc5c, 0xc55, {0x2, 0xfd}}, {0x752, 0x5, {0x2, 0x7}}, {0x4, 0x8, {0x0, 0xb96f}}, {0xbf, 0x6, {0x2, 0x4}}, {0x0, 0x4, {0x2, 0x7}}, {0xde, 0x2, {0x2, 0x3}}, {0xff, 0x1ff, {0x2, 0xabc}}, {0x8, 0xfa47, {0x0, 0xfffffff8}}, {0x5, 0x5, {0x0, 0x7}}, {0x9, 0x91, {0x3, 0x9}}, {0x80, 0x7, {0x3, 0x20}}, {0x1, 0x0, {0x1, 0x94}}, {0x2, 0x4, {0x0, 0x7}}, {0xc0, 0x401, {0x3, 0x2}}, {0x992, 0x101, {0x1, 0x4}}, {0x81, 0xcd7, {0x1, 0x7}}, {0xfffc, 0x8000, {0x1, 0x4}}, {0x2, 0x4d54, {0x3, 0x7e9}}, {0xa47, 0x1, {0x0, 0x61d}}, {0x0, 0x4, {0x0, 0x101}}, {0x8000, 0xfff, {0x1, 0x1}}, {0x3f, 0x5, {0x1, 0x7fffffff}}, {0x7f, 0x1ff, {0x3, 0x9}}, {0x2, 0x200, {0x0, 0x1}}, {0x8, 0xfffe, {0x3, 0x6}}, {0x5, 0x1, {0x3, 0xffffffff}}, {0x7f38, 0x8000, {0x2, 0x4}}, {0x81, 0x2, {0x0, 0x2}}, {0x4, 0x7, {0x1, 0x4b}}, {0x6d, 0x100, {0x1, 0x6}}, {0x9b79, 0x3, {0x3, 0x200}}]}}}]}, 0x4bc}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000) 02:42:50 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) r0 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0xfffd}}) 02:42:50 executing program 4 (fault-call:3 fault-nth:40): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:50 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0x0) 02:42:50 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)=0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 295.332376] FAULT_INJECTION: forcing a failure. [ 295.332376] name failslab, interval 1, probability 0, space 0, times 0 [ 295.391306] CPU: 1 PID: 16425 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 295.399226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:42:50 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) stat(&(0x7f0000002480)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$SIOCAX25GETUID(r2, 0x89e0, &(0x7f00000000c0)={0x3, @bcast, r3}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0xfe251000) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$SNDCTL_TMR_METRONOME(r6, 0x40045407) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) writev(r1, &(0x7f0000000200)=[{&(0x7f00000002c0)="4639e91865858f54cd09b878cf88f7bf2d7b0a5a33bcc4b7f69b5d5a584497e7dfd8b85146a020a3fe4e79447496e4c8fce73a64cbd8e6d94a4f4236f8d25c341ca79aa96a6cb42fbcbd5e95988fad0444b71a2136622d0fc0af6c815ef7f44e56add9a0c9ee36571988008d748610ec010bf62681406ee9a6f0eb7bd96b6d830f0cc4dbb8f6a62d07fef469c238e46ae56f41de328da648033de8af7e4e8560", 0xa0}, {&(0x7f0000000380)="e3c0586e88ea12796f0ee441e171482a8f4c3a04fd86a943b551a2c4f951d654e7f5b52b26f0c40b95b7dfd3d15fe870c13c0a5ff00a2dbed3f660be94e4ad317ce16e952e09bdb953f7f42906bc63cd7bb8fda2befc46d2ad52c6e5ca837bdd245504f1257dda5350bcdb9be6e92da65d59ce67870688b9ab81bd85b9c5296bbef32d5f3946bb5015f46c79e507bd87edcb735a52e606224dc62d7a09eef59aed3e75ec10071fb1a9dc61dfbe278e0f8ef9cd84b04f1e70532f4efd2b4fff351c4c5f91a2638eb23ad6b5ebe0a3936945fa6df69bf8cf269aea52ec7dd71b3eb5a64e6df915ca0faa16f886a33fc8391192af00f6e4b3fa7bd80f19e654971cec2a5bd3b53aa04cbccf8e87675dd8200d286446e2abed8506c76bd30da07727302c054a6294c07e527aeb2c66a67736dd14cb64fa3ead35080185f02ed99de56604b9d77e7558900d3de613118e7690194117e096cfadedd888b27ddca0be85aa66a5d63617cc5efc07cd80aacbb344b1d368818940e686c654dac4eb6b7a7494ca14ef9d4edc6420878eb6d7c8bb94e6b6fc8b69cd4c0117aa598ae2495beb88d95605d7c8cda91102ae14961eb28d77cd1a45823a619eaf2e6d0226f710a67413892251b9079640dc270d2ba7595a68d91117883ec0e90b7e6d9ccbb95be4b0e61b10f5e971149a31ce1ae864127f098d8d27b8495700087c732da34ada71a47d46debcb44249930a85135e9d6eb8534f586a9465a622aab3c4dcde143778e9fc5fbb5f6bac7af98dd758d518969da8719aeef0527f3c57bee86e3c736b53efd3bbf96bf83217f740e5efd59e1b7b18f4aa01dbbb5e070e5cc246da4f065a5171afa0caa8491dfcbcca93ef25cb4dd2e56ba35ddf5a82b09fccc7d1801f9a3966fe8e724d4c7c3ea527ab23d3dc3cb19e2a04f9ca0caf5b8045239a85f93875544b2a9527869ff90cd45f464516d6a3857b15011d9a7bfcd7e7799711fcd6e27cbe40c35c8eb15b8aca53eb539e6e00437b1128da72b318fd61e0d35412184d96394a5e438ed6dd77f852a4894149b023406df6fc0cbfdac8acd809deffffbd7f799d2fd8fa01dc695c32543159686b7202f62edb259678e108b1625dd28b05b2e0face2317e1f85f9fa57f727d7c7356f2fab42f9146654b7a542ff0574b44f7df9404ba62295250458bae04ad7ce59ed3b1dd1ff2aeef065acc446dba08a573c8603c7c081ad79ce429a4b3701482b5b7914bb82e4fe46790d733664cfc79d72fcd371d5eadfd9bcc326e49b7fcae05cbf9cc2083557dc4955585c1b842406a76a97a515a1aec419357b1111513798c35e2fa43145e27ab89b10005cbc13d495cb22cce7c9683ca5791444a56adaa4bfd4880a9e35406354eb5bf66c832391432185f053f923ba7b339a88fe9f9ce4921a218aa44a5813602db9b0074c92306291735c4a51dc189dc42f6bc6b77ccd8c4fbd89076aa30496c822965d8ce7bf49454af357165729fef3358bbb73a6416ca68388f0c235f65fc6b5edb572d628e67e8e325432c78346563b9426f60d9d11e97de5cbb6ba6c57de8d5887651fa2b7d9066206885b8751ab869b3260d57fdde5cc5e39eb2ce9b79c23ddb2b5a11e17017fdf73327ddbcbf65f0ca04f56d14c51f20b759b66ce50a08a5d99da6d06afe37f1ff377b9663b36bf4a13cd037eb6c5164d9596976af886ea6b86b6784282cff8b4360101bf13f79d7cb539ea6a8edba9287512c364f91291264e58f14a9da7096cd2522f92de172899ba279d064192ce26cb49a1281ca4ebea2c75e4e1a73b6c99e493eb156964921b2d7184f9e1b2a35cf3fa2f5a9037354f3934ef38b1887586642d134fa9d58d6c7d3d812f606bd2f21e88963d480c3886bd404d09d6128acc665ea9a57b8a1f59f250851a2fb5de4f0e51ef4240c6f41b8412ddf526e4e6fd95d97d402f8d21a2ff0e2c4fc21ab6b8cb6e067c1267c153b3e2bc038f8ac7fddc497126e40f935bb589eb103db24468f3e98725711ef55471548ec4ca9cada83e1ac06b270b80d52558244a41bdc56e4ad2682f02ff7d9aea9e244ff4ca8ce6df430065ad82d2117cded1c3cba78b8b9934578abc973df23c7cc75d67624d7f0354ec70382ff73c9619395e0a2a7901923a2e68f83673341dee3e4460d947e3d86a1dca5d87c5fd4b541eb83fd6df9defd71e93b07964eec741562ac5148f9b166c36c4c3a48beaaa13d99f1d399313bbb480783b05cbe9ef90ced440f66c26eb32331160e28537264a34df14079d3f06ce7219d3253a26969480f7aba3122890da7a7d067032bad300e05a44e46dee6838ee141842237f2fe6cd75851d1e0ddf1288057f57f38cc76a3428ba1313c8c0124fd0fda9fd48ce9ba2d18ebbf4a8abbb7ccd8baca31c5a8ef190be4872695ee8872849a464183a44faec23582fcbe6a669c9ca898aaffbc01e0225b118c6c1fc2cc7f1d16094d71decf8d53b870ebe071013811ba3de31935e13bf597dc31a6a233d20b27d8106f31fe931794a7c895b90699fb77086f1215cf5098726dd7a6fd5065147e34cb3b3a6a188388b159ef186329b4df61a18a1abe4f66e3d04add9d12fd764caca33ab6e674616a67575db576e9f539f76117ca700771f1d27709c6a4fb65cccb1ad0b2bdc0a809181d2e1e3db7e653067982b9e72aa5ef01612c0250aa44bbf6befb239a1d2ca7ad21b8b7887f995be90bcb1063dd1580f2c96754fd001b7eea0cd14641a3b44df7a1769c7cb5b0cf3ef9953b5d2976d0af30a8afdbd847fc8373f2874188595460842dc38a6a56b5753266684cd06da00eb29fd228c319bed4e92a7d39d8cfdbef500432310c7852d261eb22e2abb19a47ae8353c812276701532c06818b05d01bbeddac54a38b197a2e93b4d61a706d7955ef17a93591d426b25257141bf966df6108ac572992359602b9587625903b41449f67c42c9c9402296e00f134743ed30698a5a094fde9150d37cf96881cf2848af94444fa51297ad544fb117e9bef2f5919e66b7c77c5a1815cbc36ba2ea1e7158e1859454d35407a8fe46638739fa16725984f8bf3026697fb95146eb75de2696ac03a38db58f9e318b8557343d8efa6ed986b0b296ef04faf1e38811c873d64899739af095339a842a4b5185a985abdd84f7f43dc72a9b381f82c90cf383ae3120f050f8c8ea8749f3dc19da14e7e00db1f2a1d42518b4a8d6c08da090b67f07401410cac4cdfbb1c193bce6afc240265502c83dc592ca942451166122c6509465031efeacc9c1f7d41760b9c6c2ce3bc8bb452ce3cd3e3b332796f2c85d3fe24d42b75409b8207e088e5cadd002622b6a09fd6e6d9781c5e4f3ce6cc517079a8cc78acbcd5fa853f3563ad1dc3ba194300dd40725a998dea134caaf008c7d6566a4b7ffbac90ddbbc6d4b942dffbd62ef1410e24afd6cb954d34cd1b44e97f053896c6d89fa6a04de10a76d81eb4401ee1a93071d2b911ae89c0c665164ff96c9293d1d8f589c0026ddfe08b34a46c82c64f1f030fccbc6129cf5b085bfa86c029fac4fed231a5d61c1558387c5af39b9a8e9e6a769a7384031ad71e9318e555d820459b2d5e5c90cf10bc2701addd8cf1b6f2dcea4674f67a42b19e1a2ccdb14128747f60cc1f3184cd6bba73b093cdd1ba88a460fe0288c911e3abab1fcbb6e44fcd11a225fe60ec0a494b1cd5d83055e1a4c712fd6e2ac333976524afa9767eb3c73de82ca422e0da42b7e70f4e26fd7003c537048d39154fd31b9618aa31ed356f14980cebe4ff2e4510cf6acf82ae93ddb592ae493632eb64f584249a3df31ddea227d845cb8682a80bee4a8225a6cd93afeeaddd70e46a26685ca8ae8463dbfb59eca8fe0dbf075bb5947068dfd80f0b967a76e57d38280e82734a3385dc0b9c5443895ca1c76142faa9c31f1e10b4eec7656a2c3aeb8acdb51ae5c4b3d6d369f7645ab22cd9765eaf0e3a057dc1e449b38c7c0e7bc9512c4465653675c6a0c04515928918ac929c49f8d8051d308505e728134e175d159da3f557c2a2d2e047164cd49e404967b3322aabfaebe002911f9cecb36b68c61454b20d4ad971628df1a7cd1a8765919e938a2615f9a2018f206a926fea3346ed6e1df1569e57ed5acf625781cfaf20ec40477ad435e64003abe87cbf1d5e6f5bcbe4cd8ea3ae23d37937998ed11bfdc8651ba7da3bddc904b71a433795076d4ef97c68f34f9d528969aa73ed13d39187e92376ebae62a34d55f37a93125969f7647d6ac7d22a580bb7275732ab51f26bed7d497824c6ea2f4c2b0e1fa9d5947c87e429c857b5d68d8d6d05b80e446163eb695b04a55d06453cb175083bec9fdb75ff08a6971192bc3e3c4d7e7b5aaadc61e8d2e8fcc4e5a3cf12d2f4b2e7079bf8437e982e18f584d718cdea6a2db54d19fee9f25d31714bbdb1c058a15a2185474a0f01d30b269ebe7df97d827b24ee15018f9a3c90643e77371cc494c9162fb9c057d757221681efec89c3f3b89f01611fb0be2859df91bace65df4be193cc975f1330b984b451a6d1e6dcac28a7ba78a1bcfee48452ebe577a5c35105b262ec14c51d59eea407ece4be6517704a243609ca8ef0bfa018c16d37ad0262a7ac1e02cea7d8e4d1b8e661de5f92419f7ac6ce4ced7566080d9d65708d6597b6e7ef1218876c42a48c562570daa52c7ea06bd1674e6e2448857b3b4b759c796bcabf9318df6781586031e5b082c84348556fe568e77ea71d2936b522cab7a4682c4fab1c57c408613ae7596e73bb142a0244bb639da8e306bce9424508d5f5fa6a67ffc29cc9319a68af1763ec3117b9d19481508dc2b755da2a3b8c7447d4a868537b380560dc50a9540ac135702766602891c57408dc28fea9033ba021085543f7b8e1539108a0f6de8e6da529b294c6f6435afe11bb16d3ee92845244733cfc6c86eb967046114392b3912d28e3a346ec1329bfc05b7ec4717e53a8995e5db842276069e6dd19707a19ef065d234fe7f498d7048d18e87ca06221fcbd019d6a5f945def9c9839814537f442a962601b0296ed546536475ca69a5c05e2137b771cd3c5b6ebc1aeb230ef285e492d0154ee357fc6420bcead53ac78c2db323aadd2daac3a12d6b2d4508ee7ce1ba90f56aa9924401eae37ad65f67818485090b1e76d83bb527e709329eefa534d3658e5d4c30368f9d076d71a24209fd9d1f22ed09c27e89f5574931777ba08cff1b10951256335c9467f20bb26fe731d78c25ea4a729f48cfd60001677eda6ced6556e41e0ab3f8402545da79fe60e004b38db1006452d0a3759d551e71007cd696151fefc202826d485897bae7725f63f135d0744ea81e2d7dc6eb1fb4246603860bed7f2e688c3c66fd43fe0f83ae7f1f0e64607c99089416a8e4e873ecd2465bc150b1b924174ef831ff9eafa46475cc54d30c8b44742093d334165ff74752c38b181e762b5768cd9701f679c2bc1f1da1f57bcdd58aa13c3b50e320b0b047aac007b1ec721a11ae44f3ac11c4d65d190ff69c3219083c33a8ed3d6d01e44c6f0fc834ebcf2e09b04eccf746496cdb8001879eca26be95130a8bdcaa6e8e2212662133984a68fbc7fab49394171ac381d00b56d7d273d2a8067792999ba87477a07190745d2d792b949425b7fc29bc841bd6e047c74701f6b03750b8c1825b91ccd5d609308e55f118310dd5c57db76d2b5cc36018004777dd9933ce3e84c5c9f3beeccb8f35d0ad58671ec9c634fb57b5777b946779163bc4e62ac8522ec7c", 0x1000}, {&(0x7f0000001380)="a105db4b9f155821d2d983406061289bf7b10287853216d38a172329eba2b1605a8774a2c0ceafb2940e99d3d3e57ad8e15149938ffc54890e6ef94f10d8ceb82ec06b70939064172f2ec90da1e40c94d90e63bada9c29862e03c6afc6ed9396571786c7ca1fe12830dcb332bf3e0dd04805a8b38e4d34dbf8d3aec4ce0def4ef8b3e476b8fe8454358c821b1dcff93cc073967d4291cf3a31075d1abb8fc89ad9ae9bd675d8e65df241e20a18f961749dc297514826e3383cafcdf9f4ae1680726c7644e6f7862896ab65ea18e7ed698548335d59f329facae62c488c8024da306bcbc68497390092b001600fba43e318c144f1bd0aebfd5f936a3aa424bd3822f9ca7ae5c164ed49ba866d2558c7ed6fce1013a575664031daa7eca1b16025bc1fd8d70d0eaec44aaf0e623c48a9f54bdb694b7f2e80abf5db6ed23392bd6dbe6a140f03643c34824956ea3ff71fd581bf49acdb21deeb56fd522ec9b7f027271a82523dfa951481754b2275131e5b4a9e598f05fe614728a452e06a70c0f532fe7b348dff6d9c7723959f9eee64ab2b505ef83a6d0db7604190fdc81d4b1803e214b16191cb90567e6d2fabbaf98bbb6a325e1103abbc2e1186a9fb157db03190a2335634f5589cd37c85f90c270322dd56c8758fb450cf7f8e87107bfb26ed2bd8efdd053c623c3c9265668d35915757a9f547eb11629a4c3848db16d44b28ea99d7ab074c477d212e327c6192c1b59669eae6e937707a62e03f8af2b5288177b46f252885449d88b61ebf577e96263d234f55e7a2eba833fc6b02783776ae3e38732005a06d47592b244e8b0a77b336fb78cc51c6e8baa536d2a12621c0db5d0ae9c23442b1c5d93db290f153e7d92aa2078553cd202ca59e37c5267379e2bf411a5eb4b1f655c17825c5e549a1467c910b31e2897c0b7172a5776da6936b96c1f1889f853de5294e32e1d4b22426679cef4e8b18fa941c2e331c3e5051a24131fc7ef22cdb99e24345e708e5c6b5d94431818b0fee2c4b974b93e85a20b607540ec7fae3eadd519aab560ab7bb9a84a91a80ad3f6e6a99564ef52e280f40f32d1ece2d4904a47c5651423d8b720ec03ce1fd8e3f89f74b1b23e193e2052d2cdb50e16c11cd1cdf4cf926785b3a70b4d50e634e23502acad1429ee331ae02f104a8e78ee7349ca9930b26455c4f38f330f67e0c03ff00b294cf490bc42c707eb0e039303f10a340135b2b6914908feb70b05e2874748b6dc6df64f0170f06b101af16341818cf3a07db806e1cbf544c0ac048de60a6d2c493acb88352080b5b8b946f6d160bc5615bb29c97422852b5439c12678adb3b385818e9d2fcda3ea8b9daeae49f9a6fdf3fa3473b999bf0fbd136fbdf395480ebc2aeb6a7fe18c4300dd131ee278711c1ea3639f894867014008f7cd4b1432b6e4e62c9a122bb9eaf350bac4b3d95ecd7c80108eeb9e37a72513f2279ea77152a255267c0edbc02b0f39215f3e7dc5c74d01530089605e284f450df96bce14caa675d74229e496648a3b213a0b0608cbd2f37d0d3758906abe74b93f9f08181d5f26f21fa90843ad1cadbfdcb5480212ee51031dccc79c3da6896ca71a1b973847f9d4de0919607435b95d8e46d12fd418b8536e2873d4c2a015696b81fc14ccca50954b7e5cbfe8dc02bc5e94ba800fde8e137c2fa053f07d357e63656d1b1fb34fdd9bd571e855d9e05d0551850b478ebe90a3cb9d504e0b03e2db804cb3f0e1704cabab47b5a31152febacd58f16f8108894ff494594563b3fb3ba6a32f8846662a3df8b001c3206892e0112976d7aa030377cc548223a9e8396c446d2b21b0be53f593f5b25ac6fd0314f558359596f0d5a4c86a29546e2751d25e21327f4bf64fd8a284d0c3793bb4ac3809932e756bd672cde39cd0f62245f520e1bf9e30b2466f8e3b57d34c9b579dcfd95fed82735acac6c9e4576b2c86a3d544ccb3c52c6a414e1faa69e2b4a03dc3ebd99bf7ea615a91b024adc51bee4fc3498dcce8429696891892f50d2e9e47dedbc6be0d7cc4fb0071dbe2e843e38c9e94b5a94cd32edfcef6a84efe80d882646fa12c4565f67ed4ee709f50dfc2e45c9a4be7b584fd9214cc0870690c77246d1d30647ea9773e77a09c764f25e0e4c53a753aaa4c90be60855a020ebaaadcac62f94543603f9e607deb55fce18f0b8dc4dcfc5928a02335604f1db158968355fb5b2f2be5221d9f43057f7e36aaf6ba3d56e1b0826b459654bd3a317136345acf3d4122bf95c921099620dc60f90fc07ac0781491f5f89e87ce8031a0e709de8faf2c2e514131fdc5d28ce73ec2f645413bf232a8ef699696f4f3909c8bc5119b1c09c5182ce3b19c37e9aef0be0bfbd8b68001cf3c8b4f3814bee8f645e955cc1550c0655fddef29735169c66e2d5ff6e915e4ff9c6df3541ee890982098d4a0b7a3fa5ff0eb976b245ec86b27e2ae0b97e9261a440f883562a648be6e09b57c6e649018f32615e99ea885d267f92071da0ac513f4f58b278968790b84859f454a53c8cdc8b06ec475c7478d2e1039b772bc8510fc151048d3b54659f6d090991c6bbae9cc7bc085be4a11a43416c019fc4c9f6880dd5544e616d27ce1785fbbace7fa49d26fe9efaa20fe3cbcece78a4773b75cfd8e7922dcb6896f410a3947526a8b2819c25d20ab78787b0d3b66f9b16fea8256d537b0209979fa53b84e8ad6d2f3084da7d3cfeb532ae26ed9e6441a680014f0df78826fa11563ace6059f072bebe841fa7edc191ae13eeb66cb056a560316c4ee0946fcbffcc1643e06afd46b993fca6337e7bb8a15274bf5ed91548cc054913efb41c5170368a8ebde77979fc38774e5bfbce337c2270e2153334946b736af8c3eb8eeabc7142a46d4f73fd7778a0f0567671a71bc6c98131a54ee8726e79d97a707137458201f828fdae3b8128b8fd0f380e82495193e537adc70c1f0a88bd137c8f6175688d89134007e7af606a7087de1cb353cb351b6b2d4e647349af842e533e1a8eba909594fd0cf8ae3e6eb5e0c5488d9a8086adedf0633ab932b5b4f229c3e6cc10efe6336c218dd451c9fe6283d2f9ec024e10df5a57c97656e5dd40c910a2cd46116c99923954d1795de21d90ea33c021e637d60c6171bbdd1d0e0823d6c4acbd838c9f67a3188a74448c2b3ebd3e3febfc7a97f42a20704789950fa2cdb4c1690ec5d90f99b2994ed4842cb332b6417b16494b484f7a96f0012b42dd46bdc2e181053ed788409ac07049ea5b20a587235417a4dce1d14d713f80269765fab19dcf56cb3c1f8d8d717c324f2db65dbef7002bd9e17c409d2668b1806563720e2f322f3cfd93110eaf3dea1cad6618bf9be8209131e0b338eeafc3230075a4440c148f0fbfd28af04fd4b67176b0b393609b93310b29d54abdffc0ba6d019cf239ee8fb67eb71fe956f971bc4e0e65010f525be7d331eb835d5e9e53b1e53f21bb1ad40c9929d66d137ce37c3a6b1f859814dfe43d0974c9a05245744b5c53c9b53189cb4b3309243c7942e012da5d4c5d9139fb3a7da1c1afe298072d4855dde426806245615a51f52207d20d580062e856ad2a1bb519b4e95bcb0d52ae440c7c4a77a33bba0d381a10a819036ff5d0b197edb5947ce971070e51de5a271f719d663582a1239a64491772ffa14f064c255d2d2fe185ec93d7856be76b7f26944886be13525b79781475c4ac4f99df957e1147627192fe8478a700d5aa97238a0140566f042e582cd9df053994a7906a0d8d45345da845f96a294f26e2adf5359459c391df47abfd02ba0ff8c8f04aed851e253d7e8bd72972140ded4cb083ce8e99669cefbae04beecde67d6f65390b56d686025afe9c1f1d97aa37ba55fad9152ea8ddf136b7b23756320bbdd8f6d450621e7a2f86ed3bd9f16c6ba4f9a76e3b44c4a51dc752f28aae441cda2735582cf506dbb90ed8b037d362d0e2b026467454f03f636f869311cb795cf8856f66f3b3208404ad76eb552818ccefc81bb2533d375558ad075eb69339909b98660b6d17fe29adc294e1eedf2615cd55106f5bea363dc9941e3b675cb11f1a22c0a2aa92d20663ccf1697a40b7a1f30c5bc01683501febb22dbff5c2925cf64f1e46de18e43250d57cc96b5a059d9e8f582d3a63598254eb35b7759c787ddd3f6bed36bf33a50d1fe5d166b43b755c3bff7a1fb45b23d18f9986665c30ba54646f1fb7ae2a977ca3f2cffbb1f0e6f213a9451fe6e646d5e5efecf4d40821e86ee85b74a960b406c68075b1f810a00c59cb2fc2e0189d324e7043344baeba790afab6c1972c97d7084baf512901f6011a48f0720101a004907cec2c1b4f9c3b0236bf5a54392d49d73827e55640c5b84b4f24977d7e6cb70dd1b36597092aa64d1579438d3871d2f96fb6404f9a67d8f0764a32ee79438b07148a03f5b2346ecdb8f9c6081551f2e3480897336a03cd5e2f3cec22350ec071050c79235abb10e8dc0c580438e59bd42434ce47a0ec8315c1bcad139b8656ea3ac5e0de59a6eda5dc7d8b67933a07417e0d3ce184e4fc03d3b473f4d285008798f9472a608a0e3bd17d8c6717cdb5d013122d6731db5278ef705f0d1d2fc6d4cfccae01ea858e837eb7d3651b44ee1ade591544faeacedda37cb5383b40fcb2c4832fc1f1d9905747504ee81d96290978e2574239fa6bfdd8884f27341b51b754397d37a7705b3b269fc7f9035b9ea0b09a83d7520af136dc4bed03322a6401896f7d1861fd9eae1f9f86b6f7adf3a449aba4d103ae244ebb51bd0833563824ecf964856b758e0d49a33f38ca335263b84b5e66c694e494132c4db64878c0797659d4118f62893cc422f00da63abb375c5a3491ef4a842c9a30498f599193a333dac707d73c85e9212fd3ab3d4848eacb29a406f427fcfe153768c1a45cce267ce669ed009e07bda57e4645fa3652f1f0133affcb549669fce801dc86037fe28f08d5bfc3272b71bfcd8944406e04429d3a27b39e8914e6b1b81a2ce86f2f24d154f68dc1d82a3acad93be8dd4860e1832a376b364d158fd26705aa0bef25c38fde3e88fc8d5fda1c90377abeb0be44864fea6e1e998405804585ae3fd8418d8da46e8cf83a78da9150f54eb738f0e4763b688db86e5769dee2809e5429fc63e87ef6528c7db81e047ce9e9a00a5e83d43e23667b6d8fd6febba440d8cec3cf50e466ad0301971a536e8186e4914ff8a05bb015d648add9605ca06e7a5d488deac2f23ebc96979aa5debd82002b8b025a732a626fb02dfb33531e4deec8505c74cf1e563a62f4b4f7db407d13973f172f1319d3f1cdfc36fa92a17c53bba757fe6a3695bbdc3c737555ec3ac222d8a3165d5076ac463ded2d6ce124ca97583e077d19805a8b2ff0643c20ae67f0b0ae310e357a72bddcfeee3ecd0e6dddd0f9dbcb5598f54489e60d5ece1d77c1bf39d6bc4670634e054e4a7c9d55a984858e113450d5f3ac1d03bc54aba0f22df21fe6a2e86977c7181c564689308fb4eab567a6fc596749c69fb92dca9e357d3374453fc02f4df77a90a754a41d05f1c1b3bd5175cad6d7a8b575c6b5a79c766f7369d3bcb9b8f43873664171b3b04893d9681d74121374f6cd79e613971c6d0291398f93f5ece0e453eb63e6f0d8395077fcbff996d7fdbe769e728be880402c08a8d235e4eb1ff608e1449189f5d310b5710425a8367b0ac159ea9f47b60ff203b233fc26df4009d7a3bfe545cb55c50b7ede6527b231305e1c00181e6d13812468ac840da8568944", 0x1000}, {&(0x7f0000002380)="c40a35172d949bfc3618797b827d3583c844c0cfc00c16ca21ec8cae86ce0e3b5520f6a34f42ab7c0a988fc0c51cd4c1dec3adc622c938e8ef5e0793cebbd68094102252c474dd2fa942a101e3f5922e6679ef956ee09f1133a67cd99806bfd8d68d5b40c25384c7bdbdadd29620dece62cdc3364802a7bf94645bdc29fbfb74f480dd04fc17d860b4f431cfc9c45c8f29eba12d0914d0aa2c816addd5aff98567c119d0ea102fe22073a4ffe9d0d44c86fa37bd24b51f25750367d4bc3243b364b7430f7ced0e8038e6833a4a7662cb761a45ccb0112119fbf0e4546a1ef9591aa5fe9dddc5a471b8bc77daaeb66041e57156581f7ea841d5d8e02d63", 0xfd}], 0x4) sendfile(r7, r4, 0x0, 0x100000300) 02:42:50 executing program 1: r0 = memfd_create(&(0x7f0000000540)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\a\xc6\xa3\xeaT\x89\xc5,:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xff\xff\xff\xff<\xcfi\x02=1\xac\xd5\x02\xbf\xf3z\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12\xc6N\xac\xf43\xd0d\xee\x13Q\xa9\xa2\xd1\x9c\xef\x1b\xb7\x82QZ\aQ\xbc&\x1f\xfe\x88on\x02\xb3\xe7\xa0,\xd2\xdc\x0fd0\x1c\xdb\x9c\xd6\x19\xad#\bO\xa3M\xe9\x04\xe2\xd7P)\x98\xef\x8b\x11 \xc5N\\0\x12g\xc5c]t\x12\xf0\xafo\xc6\xc3ya\xa00\x897\x13\xbc\xef\x06\xc2N\xbcP-\xe3\x86\xed!\xfa\xe0\x88\xf4\x9b\xa5JVt\xf7\xc5\xf82\xf2H\xd1\xf4\x88\x91\xe2\xf3\xc4<8uT\xd5\x17\xa1\x1f&\xbf)\xa3\xbb\xbc3=\xc2\xedV\xd3\x9aB\xef\xcd\x1f6nk\xef\xcb\xa8\xa5+Js2\x96w\xb5\xe5\xc7\xa4w\xc9\xdc\xfd_\xb8\x8b\xbb\xca\x14m\xb1U9\xacs\x9b\xbe\xadN\x05\xa9\xe7\x01zS\x80\x1a\x06\xcd>\xd71>F\x93', 0x5) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x11, r0, 0xfffff000) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 295.408588] Call Trace: [ 295.408604] dump_stack+0x1b2/0x283 [ 295.408619] should_fail.cold+0x10a/0x154 [ 295.408639] should_failslab+0xd6/0x130 02:42:50 executing program 4 (fault-call:3 fault-nth:41): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 295.408652] kmem_cache_alloc+0x28e/0x3c0 [ 295.408664] ? ext4_sync_fs+0x7e0/0x7e0 [ 295.408675] ext4_alloc_inode+0x1a/0x640 [ 295.408686] ? ext4_sync_fs+0x7e0/0x7e0 [ 295.408694] alloc_inode+0x5d/0x170 [ 295.408702] new_inode+0x1d/0xf0 [ 295.408713] __ext4_new_inode+0x360/0x4eb0 [ 295.408723] ? kmem_cache_free+0x7c/0x2b0 [ 295.408730] ? putname+0xcd/0x110 [ 295.408738] ? SyS_mkdirat+0x95/0x270 02:42:51 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r0, &(0x7f0000005580)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0, 0x0) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040)='devlink\x00') sendmsg$DEVLINK_CMD_SB_POOL_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)={0x14, r1, 0x701}, 0x14}}, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x1, 0x0) sendmsg$DEVLINK_CMD_RELOAD(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000600)={0x14c, r1, 0x10, 0x70bd29, 0x25dfdbfe, {}, [{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r2}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x4}}, {@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}, {@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x3}}]}, 0x14c}, 0x1, 0x0, 0x0, 0x4044}, 0x0) r3 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r3, &(0x7f0000002000)='/', 0x1) sendfile(r3, r3, &(0x7f0000000200)=0xffffffff, 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r3, 0x0) setsockopt$inet_tcp_TLS_RX(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000000)=@gcm_128={{0x303}, "7ae8c39abb1de096", "611d9ac6ad3eb85fec44efe1c613da8e", "21b9da11", "63a3e9d1c85eae97"}, 0x28) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="b8d20e0c792c67eed6ea1ae5ca2f3b0c5d62a8975c429de962561ceaaf6e3973324defa8db37200d93a675efb08ab5fa3bff5d0fa6ff7663355e0f9b3578a1a3216a726dfe8fbfa6b45aa33f0d6dd724e6c600000400000000000000000000000000008ad8d084c4e79ef5fa796b395eac249fc2019a2daf5b290336cb6a54e2519cf88c6b48ee87a11c36ff939a10b0002207f4fe5c0750641c37a8f177b803eca8eee5505517ccaf06fb00673c0f0e554ff8f02ffb38f82659b27eb62d3248440a2c4992a399e655362cc24187e01de1e32928b32adf530ba4b8cb668491b5752d3f0cb51f84f1dda9edabfb60892089ebcb044043011265bb5830e1459a3260b5a89a97337fc57d5d94091099620f373865554991ec2eb0e9723f613c025d251c845cfd7ce698e9d2230b9955ead3f611185a13de07641211440fc1d8eeb070736029129d7951bf5502292c294bd21ca033d4398f9d0163bd1d011e797d6f2095eb0c0b39f8392624f57859d49561970aa921a13504fd9e2ff557296da823895863dcb52d871cbf2bfa271de01497943b4e85432358e65c686917a62984417d32afa41ba5d15757a51bf5baa9a99fab83ff95440876261f4416deb7e468bb17f32f6c7796b5c535771f2393abab89ffa937a77b5454e69437714651f6cce0bb0c0959563528fb53e18e1e8e666d39d6ae21379fc2c477381400ccdbfa7e5539b6b3f1738fabd7b3d1f8e024659cc3e89aba67b955bf5498d148580c963ee64592af2d3226edba54f7148c2f3f36c1a22cc7a1dc3e946312646a8e899db39d51cb98fdbbfe33992cda58fec0ebf87d052b902c38f574afa669399622f60267077d44"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 295.408748] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 295.408766] ? ext4_free_inode+0x1460/0x1460 [ 295.408775] ? lock_downgrade+0x740/0x740 [ 295.408790] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 295.408801] ? dquot_initialize_needed+0x240/0x240 [ 295.408817] ext4_mkdir+0x2e4/0xbd0 [ 295.408836] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 295.408848] ? security_inode_mkdir+0xca/0x100 [ 295.408860] vfs_mkdir+0x463/0x6e0 [ 295.408871] SyS_mkdirat+0x1fd/0x270 [ 295.408881] ? SyS_mknod+0x30/0x30 [ 295.408891] ? do_syscall_64+0x4c/0x640 02:42:51 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) [ 295.408899] ? SyS_mkdirat+0x270/0x270 [ 295.408910] do_syscall_64+0x1d5/0x640 [ 295.408925] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 295.408932] RIP: 0033:0x45d2d7 [ 295.408937] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 295.408948] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 295.408954] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 295.408959] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 295.408965] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 295.408970] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 295.589428] FAULT_INJECTION: forcing a failure. [ 295.589428] name failslab, interval 1, probability 0, space 0, times 0 [ 295.720917] CPU: 1 PID: 16456 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 295.720923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 295.720926] Call Trace: [ 295.720938] dump_stack+0x1b2/0x283 [ 295.720953] should_fail.cold+0x10a/0x154 [ 295.748491] should_failslab+0xd6/0x130 [ 295.752473] kmem_cache_alloc+0x40/0x3c0 [ 295.756535] __es_insert_extent+0x338/0x1360 [ 295.760943] ? __es_shrink+0x8c0/0x8c0 [ 295.764832] ? lock_acquire+0x170/0x3f0 [ 295.768804] ? ext4_es_insert_extent+0x11f/0x530 [ 295.773561] ext4_es_insert_extent+0x1b9/0x530 [ 295.778148] ? ext4_es_find_delayed_extent_range+0x930/0x930 [ 295.783948] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 295.789410] ? ext4_es_find_delayed_extent_range+0x646/0x930 [ 295.795212] ext4_ext_map_blocks+0x1e2c/0x6b10 [ 295.799810] ? __lock_acquire+0x5fc/0x3f20 [ 295.804048] ? __lock_acquire+0x5fc/0x3f20 [ 295.808288] ? mark_buffer_dirty+0x95/0x480 [ 295.812612] ? trace_hardirqs_on+0x10/0x10 [ 295.816843] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 295.822291] ? ext4_find_delalloc_cluster+0x180/0x180 [ 295.827477] ? trace_hardirqs_on+0x10/0x10 [ 295.831713] ? ext4_mark_iloc_dirty+0x1815/0x2690 [ 295.836558] ? ext4_es_lookup_extent+0x321/0xac0 [ 295.841314] ? lock_acquire+0x170/0x3f0 [ 295.845290] ? lock_acquire+0x170/0x3f0 [ 295.849262] ? ext4_map_blocks+0x29f/0x1730 [ 295.853587] ext4_map_blocks+0xb19/0x1730 [ 295.857743] ? ext4_issue_zeroout+0x150/0x150 [ 295.862232] ? __ext4_new_inode+0x27c/0x4eb0 [ 295.866643] ext4_getblk+0x98/0x3f0 [ 295.870271] ? ext4_iomap_begin+0x7f0/0x7f0 [ 295.874593] ext4_bread+0x6c/0x1a0 [ 295.878135] ? ext4_getblk+0x3f0/0x3f0 [ 295.882020] ? dquot_initialize_needed+0x240/0x240 [ 295.886965] ext4_append+0x143/0x350 [ 295.890678] ext4_mkdir+0x4c9/0xbd0 [ 295.894307] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 295.898988] ? security_inode_mkdir+0xca/0x100 [ 295.903568] vfs_mkdir+0x463/0x6e0 [ 295.907110] SyS_mkdirat+0x1fd/0x270 [ 295.910819] ? SyS_mknod+0x30/0x30 [ 295.914353] ? do_syscall_64+0x4c/0x640 [ 295.918320] ? SyS_mkdirat+0x270/0x270 [ 295.922204] do_syscall_64+0x1d5/0x640 [ 295.926092] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 295.931271] RIP: 0033:0x45d2d7 [ 295.934451] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 295.942154] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 295.949416] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 295.956765] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 295.964377] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 295.971628] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 295.982709] audit: type=1804 audit(1606963371.159:132): pid=16474 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/238/cgroup.controllers" dev="sda1" ino=16748 res=1 02:42:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:53 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) mmap$snddsp_status(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x80010, 0xffffffffffffffff, 0x82000000) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:53 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r0, 0x0, 0x100000300) 02:42:53 executing program 4 (fault-call:3 fault-nth:42): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:53 executing program 1: utime(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x6, 0x65a}) r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000140)={0x1, 0x0, 0x1000, 0x3d, &(0x7f0000000080)="3055d2255899c2ef9c25750e47e0e0ae8e358ad214b69734924f9f4b20547f72f07ce4eb819ebac0a55ea608445ca7a333d7a1221afc582420dc824974", 0xce, 0x0, &(0x7f0000000580)="a3084561cb9bba0128528c954e3207d12670ec7e1ec2ec13047bf2b5bad605ba1638b9801bdd2cd2eacc916d9f60a27f7fb00a4e1c201bbaa166aa3a41866d07759edc7e67ab9e98aa3e6ff65cd3b99909101940a1711f84835baac97069ff3caf16fb2597f7e58b1c6dd45fc205b321960190b553ca56fb5747eea124996470d4015d676739469e2799d861e0903e433ed477003bb842eae5f82ab627fa419c9dd5c4b10043493ae17d27b0a50db7459ede2cbc0d2f635a65a54aff02fde2e8f7d0ccef38ffcaa9e2feceabfd2d"}) sendfile(0xffffffffffffffff, r0, &(0x7f0000000200), 0x83) mount(&(0x7f0000000480)=ANY=[@ANYBLOB="c7f0c0b3c8bba0ef0cf3db1906aeb91634674940e0ebb7655c9f15d682f83ab386d6ead8791c1b1a5b2c35c74b8d9100ae2b63bf9491459f08ba1086b5d026ad7fa34e3f3448a0ffafc6fcfa6ce7cf92205139fba74e40aa0da6c9dc88c6c738181d6eff1031939d7c3452df18bb5c74ffff00009f6f4d5a43302bc31c30f8bcb5576e0c1e24805f8bd2ff4a62121141fecf48dbc97e1465d1edb76df71036666107bb013db86d5dc0ef27139fb202af35326b03dad65c355b856ea5000e0aef389f2a0d7fae55703e2fa58b18db149bf7a619785583f9f6da67695c0e2bd0d10cd32ad11e7e1ad7d250e42f00a2537cde"], &(0x7f0000000100)='./file0\x00', 0x0, 0x5010, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000380)="ab3663e9630f5347a5f2153e78154a1bce2d9ac507ff63afe0f9d277b02665f09ddbafdd89e3edf9bac74211f859d18b8341ba20d19c0df921658099d9b7735d872d4a69df956c3458b496107176906b60bed3814c2767642e5788f15eae5dc994250aacdd974afa17a179e48cd2518317228080ae77632e9ca8ae3325e83eb9e30a6af8cd7ad29183c65ae2f511c31355ed521ff7809cb09cb19c9c5603b062bc5a3fee686e1e417f3d051ae6a06b38d7d66f5f4c49dfb38d93439709d1907d862c5284b4be00069568a648f7df6b7e8be55c1729a0f0e5313b568fa5f3ffaa83", 0xe1}, {&(0x7f0000000680)="017c1bdc6cfe7b377da505e8d02a98d183d92877dc794f98474fab3fbdc295e15ea89e2548d1ed4ee0b4f8df0aac30672c2a54566323fb8ba081a4ee38d9abebb314fed64280be550fc1974b5806a06667473bb1c0aa87f6dab4f9c0972a26b3a17f55242e88aec079c46ed9ba264321ecd7cf20ba2f9e6f8a8d91aac78cf49bcddab9671259bb4886f0f4fcd14f359161aebef77abaefb919d5725132de1f7bed9646f54eeee1aadb7329e8c68ad4478193410baaa03559f227a461908a3f3237b3dc10a08612de3cc5510ba6ec86020b9966dbf6d6ab11380a21cbc4a9d5b9c25f5b21b15cdc1ffe6a5d3bf1ed14eef8ed766dc4", 0xf5}], 0x2) ioctl$UI_SET_PHYS(r2, 0x4008556c, &(0x7f00000000c0)='syz0\x00') 02:42:53 executing program 5: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @ext={0x28, &(0x7f00000001c0)="0af25d55f7b2a323e75f447f18608b0d3d86097e75098dc31f124202cc1015189e5317880270fa17"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x17) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = gettid() tkill(r3, 0x0) [ 298.366652] FAULT_INJECTION: forcing a failure. [ 298.366652] name failslab, interval 1, probability 0, space 0, times 0 [ 298.377951] CPU: 0 PID: 16496 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 298.385830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.395180] Call Trace: [ 298.397771] dump_stack+0x1b2/0x283 [ 298.401399] should_fail.cold+0x10a/0x154 [ 298.405550] should_failslab+0xd6/0x130 [ 298.409528] kmem_cache_alloc+0x40/0x3c0 02:42:53 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:53 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={0xc4, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast1}}}]}, @CTA_EXPECT_MASTER={0x40, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x88}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x8, 0x2, @broadcast}}}]}, @CTA_EXPECT_MASTER={0x44, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00'}, {0x14, 0x4, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}}]}]}, 0xc4}}, 0x84) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x8010, r1, 0xce6fa000) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="f1a71ed9bcc4401d0d9fbb029c2cf38a84a69961505af509e0ba6e705226e038c2dfadc3b3215cedd0223335f8ee56dcc4f9fdbaf440e5cd42f716db4bc6e5a1492aa9cfaf8187c41f7d7fe7a223a47f8a45641ec9956135bd8e54dddc0134f1096af1d6eed1a7f991ee0139876bf018ca6a927e8efb7d17be93d67b5721d8293e09c7e7af490cf0ca358ad700b428a36fb1e03d9c020abb15a02c4eb68ff85dd395b3fe98414f800c92ff74927f17d6347db680a899d36e4670f7cf5d00"/205], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 298.413593] __es_insert_extent+0x338/0x1360 [ 298.417999] ? __es_shrink+0x8c0/0x8c0 [ 298.421888] ? lock_acquire+0x170/0x3f0 [ 298.425858] ? ext4_es_insert_extent+0x11f/0x530 [ 298.430621] ext4_es_insert_extent+0x1b9/0x530 [ 298.435205] ? ext4_es_find_delayed_extent_range+0x930/0x930 [ 298.441003] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 298.446454] ? ext4_es_find_delayed_extent_range+0x646/0x930 [ 298.452254] ext4_ext_map_blocks+0x1e2c/0x6b10 [ 298.456934] ? __lock_acquire+0x5fc/0x3f20 [ 298.461169] ? __lock_acquire+0x5fc/0x3f20 02:42:53 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0xe, 0x7}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000300) [ 298.465440] ? mark_buffer_dirty+0x95/0x480 [ 298.469764] ? trace_hardirqs_on+0x10/0x10 [ 298.473998] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 298.479363] ? ext4_find_delalloc_cluster+0x180/0x180 [ 298.484551] ? trace_hardirqs_on+0x10/0x10 [ 298.488785] ? ext4_mark_iloc_dirty+0x1815/0x2690 [ 298.493631] ? ext4_es_lookup_extent+0x321/0xac0 [ 298.498386] ? lock_acquire+0x170/0x3f0 [ 298.502357] ? lock_acquire+0x170/0x3f0 [ 298.506327] ? ext4_map_blocks+0x29f/0x1730 [ 298.510655] ext4_map_blocks+0xb19/0x1730 02:42:53 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200)=0xeb10, 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="84caec1d7463e6666b1b3aaa5bb10a6295d91811fe58479da46aa329870f497b3df51fc99d74a9f0b6f5ac3820da7a8ba03fe1c465fe7f6f4f66872b99ae05ab932d7af2b464632dbb0243e483e5ef71ef7265c97eb5fa8c3a44ef16b2e6c7dcf97ea71945b38ead261102550f30f2cb"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 298.514813] ? ext4_issue_zeroout+0x150/0x150 [ 298.519310] ? __ext4_new_inode+0x27c/0x4eb0 [ 298.523736] ext4_getblk+0x98/0x3f0 [ 298.527367] ? ext4_iomap_begin+0x7f0/0x7f0 [ 298.531700] ext4_bread+0x6c/0x1a0 [ 298.535243] ? ext4_getblk+0x3f0/0x3f0 [ 298.539129] ? dquot_initialize_needed+0x240/0x240 [ 298.544064] ext4_append+0x143/0x350 [ 298.547776] ext4_mkdir+0x4c9/0xbd0 [ 298.551408] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 298.556079] ? security_inode_mkdir+0xca/0x100 [ 298.560672] vfs_mkdir+0x463/0x6e0 [ 298.564211] SyS_mkdirat+0x1fd/0x270 [ 298.567921] ? SyS_mknod+0x30/0x30 [ 298.571465] ? do_syscall_64+0x4c/0x640 [ 298.575435] ? SyS_mkdirat+0x270/0x270 [ 298.579322] do_syscall_64+0x1d5/0x640 [ 298.583217] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 298.588401] RIP: 0033:0x45d2d7 [ 298.591586] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 298.599294] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 298.606558] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 02:42:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:54 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 298.611126] audit: type=1804 audit(1606963374.039:133): pid=16523 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/240/cgroup.controllers" dev="sda1" ino=16773 res=1 [ 298.613816] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 298.613822] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 298.613828] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:42:54 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) ioctl$int_in(0xffffffffffffffff, 0x5421, &(0x7f0000000040)=0x6000000000000) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f00000000c0)={0x0, 0x401}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000140)={r1, 0xf0fd, 0x9}, 0x8) ioctl$F2FS_IOC_PRECACHE_EXTENTS(r0, 0xf50f, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$USBDEVFS_DISCARDURB(r3, 0x550b, &(0x7f0000000000)=0x800) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 298.684215] netlink: 1698 bytes leftover after parsing attributes in process `syz-executor.3'. 02:42:54 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000040)=[@in={0x2, 0x0, @dev}]}, &(0x7f0000000600)=0x10) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000961fe4)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000300)={r5, @in={{0x2, 0x0, @loopback=0xac141400}}}, &(0x7f00000000c0)=0x90) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000180)={r5, 0xffffffff}, &(0x7f00000001c0)=0x8) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) openat$char_raw_ctl(0xffffffffffffff9c, &(0x7f0000000280)='/dev/raw/rawctl\x00', 0x400000, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080)='nl80211\x00') r7 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r7, 0x0, 0x0) sendmsg$NL80211_CMD_RADAR_DETECT(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYRESOCT, @ANYRES16=r6, @ANYBLOB="00042bbd7000fcdbdf255e0000000800a01601000014000008002700"/46], 0x34}, 0x1, 0x0, 0x0, 0x50}, 0x20000850) 02:42:54 executing program 4 (fault-call:3 fault-nth:43): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:54 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) add_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000100)=@filename='./file0\x00', &(0x7f0000001740)='./file0\x00', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000000)=0x1, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001800)={'dummy0\x00', 0x0}) sendmmsg$inet(r2, &(0x7f0000001900)=[{{&(0x7f0000000140)={0x2, 0x4e21, @broadcast}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000380)="af22eb0fba18c26b8f026c8befdae84ab7a2253eaa5a79172f4194c78280f4c139b6090b790c76634273a9557f2a608508e9715b449b857618de5c2ef78dc2f9b5889accbba0e6854b067c2fc86650c24c92042f40e89345151641d8c87c37f09451daec75904796884ac96f8e80e49aca42a50bae98b7a7b8213d1f93521085615366cf49456baca3c14130b4ec6415da17ed3d395a260712c616c0671474e719f83b79a5973d0fca4ae3e854e4f7816a94896914bbe85de6a0ef4c08", 0xbd}, {&(0x7f0000000440)="a619347dc103c9b9bb294bf7d0826436c890e902ee55e568654620a1c29ca4933c1ff1b587387dd8015f209e911aa293eef20c5f506a5efbdbca7bb67798422d59c347132509fa3d8f898faf130435ae8f5d2c58d931f2e933138712c4b4e6c5eb39f81c9b09aaa01402dd1497507abc31000dcaa77bca7f8fbcde8909bf1d01c72c8f8540d8eaa4c2ae1d491236c234c62f66ea14e55a497bee0fbbdad1516b6fd521e7eb2868bdfbb78f06600f0de74d7fd9ec844b8f75fd865bd7d9346459c4ae4035c043b536615494a8516eff5090211e53660778dcec1c93618d9cd383a99b00d1460f1acb577b3d29b801f1a927dbba759548a6e920c24efcd219c962cfc358357da2b3acd3b84714b0f253ff2ce087dda0c1844294c2dceea096c6d9bc75e552b6f6f969a86e06fd5c142f5c1e5dcd5a03e44b5830179923cf2c5b3baebf819603c3f9c673e4fa403677a234989d53acf7de060b400a991a1854bb123884fd5cdceb5532d046ec8ca1df49ed65d5d10203106d132c524332ef201e730071b792f80b15a03651252520aa343f0e207e60149de88352748a0e57bcf47156b23f2102d751ea4be879fe95c21b080d9514cc41643f97fe8f7e128754d1479e578a52f9fbafd1e9a6dbda0139ba6d42360985d146bace14bd838c361467b5d92beed9f34d8dc3e2684b5bc8dd5f1f16aecb40bad9552fe2985305a6f0f185fa01c83006dcde2f34ea32dd7db7b493a575cf06ce344a6bcd11d8da66c078b45393afd0230c6e2803d5f391da04aca1f0a9b21facdcfd0b2fbe2e6d12d0fb485559d672f141f415a31300ee07c6aec6cf38289651ec21e066623002bf8387494dcc1b14b0c098c2358c026a9c7d8b84a22286ecb2c254bb78f0e7ae284672850d568b583a80e96e724cf0d44c91b30c650cd107fc5707f06ab2079cbd62d78e035633a46a0eda770de1239e138d6b83ce830a1853f5c184fdd2fa3db27c88064206b1afd6ec055499dca3166202110347ac2132cdc37a3f8dc830e5991f3b819ad1bb4a5dbceb7d7d320796c3f8482ee5401603bf4d9608b1f124262c1948cef53896b769229650e7729fb315b4d83f05d3ee4d7b9552dcb68fc20b12e2107942e6ab8f4a846babc062b92949661008d671e616d79be85a459637802dae87563cf07bf92ec7a854876ce8e76f037923240fce6bbb982a15d7f110d307d1297d89276ea5390498f598ae76e0f41282b429d4aabcd635032c84117aa200635647f988743de2ac2bfc297fee43c358a390e3dbb08e3d85d919860c6fbf00a8cc62cbe6a2d5cbf51d7ad465f33e1460966f2c57022a83701a1b82a6fc3cf2ce9fa407cce0e703a82891caea5e9c1dfc6aeddc1308b4c043ff31a6dd0f923680751175fe3e1a3de363b190b3ed508fcd5f4aa11832d0e8463f3df107405e53b7699fe0246119da1038e2f02bf0b9e9482256640904d71ba9ba95e065842608e7fb76968f26e7482b673c829169c344cc4f53af4c6b7cd50452806944eeef3db11bea34c44bda63655fcac391f2ff5e8ccd9e04083135d284f68becda718fd761897425ec3fd44899c75eff09cf8d8abb65cef2592d3cda837066067189dda16cc7d547d9a5cdc8445d060277a255a7ad0447f1aca7211adfb85bba57ec0013bfa0f8eaba4da2cf329b7c2d86fa7786ae6e9b9bf37cf4c1ecd584dc0467b2c19ba9e43c476bb3eb1b334fa7841098b97e5242c78eb893aa5763a081b19887e38f827744676c4335aab1727e97b15c24ea8cda1e46063a7145d3ce639850abb3665c63a0d5bd9cdec2bd4d1f15a553ebbe3b3823eb3cb40e9b9536b5eb69a336714f645c15b9dac320fd5472847ce62819ea4223b8c1f4abc36af504b27702e3804ee9246b96c938c182cfb270dab1e886e0002a4ac80a28fa6d11bce7b71f19a75bc2d69abf9a5869d4ddfd8c8e8743afa08e481439bb6a9a767deec115e16f9b35a7b59ee977c0452f31c8bf9bd243b2759d472ef07d69b09fa39d39f8d0032f0340376ca5d6e8c3343fc7a33e5b048de3c507b925093afa47736e3d5a0249af2cf8c30a99b6f95ae16e3253e55cc44450d2b9e60342e8ee48b761222711fc10c54cca3bcc9a3fd6538d2070f45cdf86206552f5f6aac90ec3377fee56b204f04d57c1c01cd2308fbfa73356d6640b49d688baa300410df9de3ff41b5298228b63430403d3405d362d5f201488869fa05f2b7865c97a1dc352a4318117b2669e2b5f4161d3ffd70f74fba8f20306d042cbf002573b7e0f78fe73d7f3ce2d695126c0248b64a21b60dc5e3caca1a0673cfdbfccdb72db4313ffb54382b2966e3f26371d6efb82e6d1d6f80f57855aaebeeee4f4201abf7c13c69875b7afd8845e9caa62930853e2c87b62349039575cd0cd084969a1785adf4e211a393316bc8d0208b2468e6ea30159467d3ecbe4beae7d1f51f047743969c1e7e0bb3087c98b1a97ac5fb4cc8745f54b2f0477cebe0057b6f9725de67af8310ee40c70081c807e0a1fa098c5dc648bf0be7966dd61728ce84b3eb5debe06139cac9b0998ffb52e12d02556ec5d414886c405b40c1674cd2ad2bc977d98c1d7ae10b99b6b162118a493e5a9fe24cf35d03be3dd3b9df37849a6489c4544aaded893f89eb66c2da56bc5c0f41a41cdc51e897c47baeca48949ac613f723eb0969149a64fd711b7a05ad485b636fc40687139bf68dbb059824af0df63a74550c6dbab865a68dafca8134f8aea5380fee378095069975f645fc6f52a9e304e4fd93749ebaf53feb893a4a30803fae12fbd4cada8c077c65d1b4a1cec01f808197f470892203a80f35632bd3a6808ba689a89a77b8e74393f2961c69cdc1e7c26e8928528d47afec2418f239f4846a9ae38f8b223687496ff4685c445a9d2c024d7fa2e187caf8c8d6b4ff2e5f4ae389f7545f092f7cddc5088e8f9d4683edaa6f8aaa8ec16b01cdcc198669e57d754ec4ef71e05157bf136876b99898f720de707b4bf9295e22cea4b3a0ac21acdd40452122f6a5caa0043b55f0fc6010213200cba3adb15694550e88e4d80a29ca96b0fb6a5d12cef7770e219c09effd4f94ee499f25072cf79dcb9c4abc3df3ab6ba4b6eceaf8c2baba6ecaa6b8a09facb7f72ba6cd77ed2e98625835159cdb9912aae16e4ea8b178ffc77607f15e4460de0e400ce5f3f2fb6ec9439b9186ee7c9df128e9f8deccef96fd84a53d8f9e51b80011041565412d2d6e98cf5cef0bee6f8881d22bf7f314bcbca8af8c417a225f8cf5231e53925019808f9cc52b34dd4196b5538f9fd3b5d0aadbc403a592d18f98755012019c159f7e83447aea0ef84cff128ae1fbbd5b07493bb0ac384d1cf85fa32048f0e31fc6f41a60b314f6cd799d8c52e256ff754b9d29778bfa0d9d4e8a1ffad38035c5f2f55858565b25e435ba6d1bfefe72cde137aba4be4fe3a5e801a206f413d43118f1476fe699d23a32e1f207dd08c0fc3f2255f0c480824e59493df666d65f9585111b26a5fa44bc7919dfb37b4926a7773d0d1e591cc0b6927bbf7bc33c29dce2f564ce6354be08775521dc0373bf088383684191cc0b4388fbbbd15faf6c7cba28227d53e2c7ae3fff90a60abeeb376319cdeb693ff3e0ec02fd208d2127ee9df6f6d93fbbef9d1e2447cfbf25cff831de324e5cd4abc66536173e758347d2fb43d6af7a9421496b2832ed08f9553008359aed124cc1d156d627751839ab998f203b65a520a2e80077dad556d03a43043f505ecb5041090af9307ddabd5fb85bf09c57c6c6dd978492e9192a506e0ace8174f5aeda48d043c064fbdd69f0408a0abe058a3bb5226ac78392685bd2e7998faae008ddbab0baae3dfb213b2b8f90f2c2f212715dd2937a6c249c317653c0eb021796c61b86bd44bd7d74c1ed7ba60011d51872e757679de61c9e922390eb14817eae509452f6c0f446e3307b5cc41fde248f956766e84fe8a6da125a16db84cedb2df38f7f956b965e2de7dd7399bb5ee37834c9069bcd713bd94e9a17a613fef837742ccdab5e313dc3a2212ec17579d3d54b5149c78e20001d4272eec07fe9143f18f5e9498c3c58524a26729e90f4e7dc2e3b3159e8a8536d0b5e585627cfc7b72f52f264f59af928e92053d393cc1579f02d929fb04cc00dae63205327c4affd69a85d2009f2fb2ac6660d7951c5ffdfadc285df664b46e78ab50789c5bb5a4dd758bd721df7cc834b7ba9ebb3e06e04ff9b244e46f1104210a0772cca6a5efc200e9c5ca3754fb4c1f7795929336862ccaa41412a50bc6bf78fceb351a4d0250c28cf6919a4ea2062d34c9232746808809ad744e8c8c14fa43cba8f1a1092a501d3c0b016365f7d29b7ef27f6bb74d572aff899652f01a7449f54a096d9b80038fb6b825b494477f31b8d1d1ad2525cf57ca422cd3a44b182bab4b239c70b9fd08eea45836f7faf79bf3d06f2fd4cf6f6b725d8ea2247073d81899c6c7c6e17c00f17345709257484f9fc4f4d00ff73a6cc7116bcc54a2ee8e1523215e218fa25c692d8b6eec25355816e7439c74f342ea3138562e70bf47ff66e33043ee83c917f296bf6db538083243427b52b608ae0bf59255ce34e9ccd9e8fd93c12bbce55f8961d8ec4dbcd91d8fc77b9222125c9b7933f35bc9f9022ccc5face1ed242bb9cfe01a6163e166c3819d961673f0bea2e9396ecac1d45f35a6ccc3d227d45c331557572e3fa0c7b33ddad521c330402e4674b2c4ad280e38d88ca3a0e424ae0f96d3d56e293d384c04554c27bf22ae79063097867e7e6ab93f6919e9980b2e148636517142d753cdf7ed4805e56a10747672a2e2a399209909ab1d5de2b3076764c916f48503ee4b12b44eb5ff4a2d0d6aae4b592d2741eaca0004e454873a06467df57fa98fc4017a2d7abe9b7544b6f9e10f8b6fc04d63451ee5d4e06583a07fc9fc1bb49461ae294ff27ec1b0677c2c902044a486edeeb7a6bf77cd28fede3245ec0461c37cd21721395419cabfbe898565a4ed28a30c22c143c592f9ace26e79d2230d75606203617c0cdee8015416c645ced0dc8cb73b1ef94cba506549790a18eb93f68b19d3620bcab277ce0e77fac7683260aace2509807a10853129f311ab06bff94885cd6b20da2710ef5324a878e035e9b63537397099290fe53b6f97cbe52885ab9e82639160692115dc89d5c3de863c1a1e75e98e523035874c7f77d508d976359e8c8817d5aa39dd06f1fb1b070ef94ce3961c22ea3503d9e4c68f63dfa0ad58f9bb9cae290924de0448735099cbc1ba704d9dcaeb78997e325a51170786675c4033b54dbaa34fd1f5fd0d6c208c286d7a48ef17b85f3db159f07101b39cedd68cb3ac77cf6f0894c5f09d1141a7505192f5397f5be3bb2728eb14f351ca2280baf4665eb7b9d4e4de1bc5a842e35575c64534a56a90a8fff3ead534fb06d90ed0fab770af55695b5adbced94cd460cf73176623368697d7577050e614250c7d3a95a09ca38c6d21aa5de76c7500c12615e57a4c0efe52cabe343e0adcc19cac37d2ce4fe389e8b1ce74de628cb988ba526b4635b935c5542a33e003027e4df057f94b0a51837064cec1313c8231e7ae0d2b2f29fcf9594973dac66a454446465139e344e10ce47ce0145d15e25e0b669863d48547353839653a9ae593701e8fb25d96a3af55890df4a5fd33bba1a60065ec51132f6daab735bf1302f1247a747f2e97a416038d4b1b083bca2fdaddd7a08cb790cc56aa0edb42e51dbbd06c51ccc06ff71bd1", 0x1000}, {&(0x7f0000000180)="09fba063121786c6d8d93a3f1d3c7464a718e05cd744049e1638b2661af7242c", 0x20}], 0x3, &(0x7f0000001440)=[@ip_retopts={{0x30, 0x0, 0x7, {[@generic={0x44, 0xa, "53478e9fc8d33a10"}, @noop, @noop, @lsrr={0x83, 0x13, 0x2b, [@local, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x2a}, @multicast1]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0xe6}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x90}}, {{&(0x7f0000000240)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000000280)=[{&(0x7f0000001500)="b47610e73003d4cc25fb493663291b156179c51bd7b49a57e06c37fb7c796d7c794b0a500de8ac6d1c53a7a02efa7b7e8ba97c6ef1f21fec77df433d6709aae8fbf535ee684a14c23bfe786bcf8b3d049bece8d4e5ddd68d6c7a050c31d6458cee0426be694bb1a831da1a10eb715e0a9c5081da1adc7211aa6b1b6bdc33d7923c3be19af035ae574f937ee87c", 0x8d}, {&(0x7f00000015c0)="6a8b5b70b44f5bcc71210226cb6e58b97b2694dd8eee32717214396d8545be4c8e2df112a4cc50149e85beb7c657807b72ef899e466c19372cb1097a8a62e4272014ad9ef8286d4175d128bff6bd830d065b901f0381176c55cb73eecf6026695e1ccc17d3f6f491b6b87414b3c61f4ea0c67a6f738f490df9b2d99e5652b8b9f4d8ac977f085b441c0c0f6e43e064b0b6fe1d5288f85ef83f4ce238bda38f", 0x9f}], 0x2, &(0x7f0000001680)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x3}}], 0x18}}, {{&(0x7f00000016c0)={0x2, 0x4e21, @remote}, 0x10, &(0x7f0000001700)=[{&(0x7f0000002040)="a2c094cada6bfdc6225c152f31ae6ab4bc7548a23f00f7b8bfe33650a63d6c4549ac97bea8fd36f4dfe470bc17001f17b3bf8c6f9c1f5f5632c297ede0328ebe97bc866fbf4e797742cb3b67c18216d2299be9f13426ef070b3d3a350d3bb0f9c24400c9a5dca3cdcbd3450b8e5601884524f18574055de7f9c5ede33344f4a0efe7585069b499959df80d3203bbdf4855475b1c496cdae6dc2fa497182f7ec76948773c15343ad77c835ce7419aae5c78e5bf8436284a33d3ff3da11182e70ef823789cd191f6087b8c9608cf0552c3bb1de9d5cceceaef88394d0aaf15adddd568381a11e04c385d8160891c2dba8cd98882284bc7cd98e1cd06b47df1500949b82b5ab900e7b791c4871966e5c0f587cd992193d0ee4267b0118b4018df6d88899b43eb766320d4d545b015c21520e0a18c03f6a47ab0625b5dbcc6670d07c420dbdf163c4e59d2b04d416a4e2380de833466b2fdb683212bc7309cb0ea61e7ebd6e7699ff67a4510d9261ee2208dcf4fb07bcfb20e7a1358c149314cbf4c3aee55cca084f1ce4504613e650d5fd1120192c46bd591cd6c2f3448149dab14f7ac96ef9b32e965c37b9930f288e4ce2236ba993f3b00a83036fe827b1e289c8eea57d4bda3ae90f2208d6b922426b35e0cc1fe5b88574e88f6ff85916e4cbedcf3499bdf47774dd3af5a62b74e0dd64b17dd0942d1d709bb6b88bb1a3b303ca345dd4e9b39972dbf4a2c228194c447fddb6ee4cecdb4aed7e0644e93d659503f94c74cfb312640fb21a5e937d798e7c8cda5a7525ab94484858b43ce684a0d7ed8e1d9e62e611e3fb6522216cf0ae5aea5cc020f7f7a2a8b1ffc28ce71a4c641734e0fd2afc3d8df365bf8de0765a7d62f8d16e86158b65d7c6080638a276a3a660e597906a6ee5e8414d9495064720bc65df2ecffdb2390ddf24170f3cbf68e99715112e54cd498a897f6cb2a70d4b0e09dcb168a39f5a3fdb1a76ba382a61322005f76e309cb7c75418dd87da76ec0806fccda1a8aa755df03c0b086c4169ab75c2bb3f51df5469629024171b7a10538109308b92d537c784772913615771fc254f23e7da8548c1752c955c897a82163c91376e66c6a2cfcec3ea568a2bd6a75774076c5d5303b6ee93453e59a146d296a9339e621ae79492b54fee5b46d4f01e8b7889f9216c5e50fa77088f4239600002ca0b3c743ec466acf1467d9549dd9ff8503f7370bee1339630d8e672c93db94e1dfc0f12b89f0c19b11bd75ed317173798c4c822c8ba22d764278aa070cc66a05fdf3b60949bb40db4056572993e7a6732f3a58add3de1e5d909474aa7ac2ff234fc8696d0060d833a6b68b58c087c8076b0c047f067d23cf898c3151f6c39dcf12845d1c233ebe73da98c9e25c164c0f50cbe9cfacb61e69ce0f57d6182c7bc80044c28a257bde3da0ec86ae4e9c28abc5f21ef1cf15a83afb750538add95b932e3e25d88b8b9acee87e652692793887b625765f8aba677e62cc1b01c92c74d3c8ce135e263bf47aa29fa37707b7c449dab033f55ed3abe2a30cbbff852d0a2b885fa84e814ea029e3a1c49869744e9c6638e0868e1869eb63d9aed6300cbece53b7a50eec5361cd3a66dea7c15a2790130600ec4c2edaf972a9a53dbbd619c6d3459006b116e5fbde8d8629dfeda050345f12f6bf9cde56ab4b3b06ce60e9b5f3a965e4cdd006ecce345ab51dc8d2d2d313a148a35b59b73b0b5e62884e9db068c3c362fb66fd875ab1f76bb8051c16d5b872bca0381707c33e0ad5a9ba08380f2bef79ac9ef88f5c9a05e56f897e8eae4d185b32bc71a96711c0368feb683e35ffe7c2ee81bc14dd7d1c185aae39d277370aa24dcc18724b90ed25a6024512a141cccc3f8e7a170526e3b6b8265727c8e6c35af44f3d35ec5a41a9af184acd020804af6ea6463d19b983dac2d92048a830b33466d417f6f27b4ae6fc3287c582d3a20c837a570e530696184ca74c349429e7e17cd587b5b2d47b4cd02bee607634b47a367883d9df2717f43ea38ea165665c56ecc0be5684d2b11d2ae01a4003fba2fe3d2a6bf2bd84a0d9e0cee6ecac2bb553f70633137b3660ed91b1aab192c43f2a3965f66a74b0f98fd3fbc729fdeaf04e0428dd3f0004b80332230a1a0a8cc2bc77e114585e1b679ebc4f2e387368d8c258cbfb8823d1447fa86eadce5617ba18bb0bf01860f36981bd58f3d34b3a7eed3f125046a00ece12dcf87d4b56d5542de00c3ff30a15724a3cf31296de8b1078825df749275dfcfce334ee586b8b70e8d5d38dde2172098f46d8c310bf21f9d4c416e041b21ef131b41e6c4f86cd093fc000a3ff7458a1dd6034b93eeaf9322dc6eaf8b9db6f075f45c07b1402a7880e1c704f2a55564b83049575c911a92a134ee15a26e59a269c2249ce16010db4dea48deaa1f8486b1a91797d8078e4823017a616cfcc6c5ad0e59e9d39a45239a1a759d36d7a5add2148b842bdb793b18b59135e691419eeb566ecc19b6f8df1a265ea24bccd862e98f1d2733f791c8282585637bfa49a2136fea60521e1d84ca6925eb8cabd7d8661477a4180e1f85f5e7414c22b24be55f1cf5a095b970e9c79543c99aaf7977a8717f90f5304c891f466f814033115ea1b04452b21c1cd05bd177bec54e32c436c8561c29ca584e6a3a4477df5efe2a8987bae16f90fa7e4e855812bbdbecf364cdfeef0e4879070570cd973ef8f627d48dfa5465b7fb7c571bc4102fee0be25c0869de743fac6017c5e5aa63b859600fb9b4e6377d1155898b9941e74e06975e87542917647b5421bb3bb83dd1c422f674d183e00531bf105ab6eb46ad56285a67831d331628c34b6762f0e8641f5a6ae4d3719b8f26c0ee703dced3d902b0e2d58f48e2601cce3dd622341a88f7ea358790b12773b1c1abfacc449f54344740104e492b24c972c44acc67233001e6b1713f22cd445202299c46a7f37dc1e4d29ed96840646875da1a2317c99afb09bacaa221319dfc78509d57a50731e99b3a76b327d9f8a9a8f5d8912030f2627acecdb333019b4609ca2ae9460dde8596366f06e8262348d9423faa6c8cbcc8de213445d3a46b9dbbe51634ccc7d0402acba3bf23b24e6903048cfb48b295bddba08f475f553cf6baed750eb39c7ae8e2647d35f5e2299cbea1daf99d5d192d19a2907e292184451f4021b56bbf835bd1f8f9b065729f98549b8f0a42890d9dcc2ca67f346d6d8ea9b5127c65a63dd8d79ab43c2002a621c805cc95e03d2d8b7c83176270b8f34b6aa886b4dc439f1fa9835d1f68c8b5cbd4d3166c39315629d1559a0a21e37058638d49d7f33ed8dde40b3d055afe467f7ac7bac22d49350cad3b315ae32f3933829c28bc7ed4a20dd498c7e1e628d366249dd5f0d39f50e40cfb24d71535f78d74022bb41ddc18dac88f4661cb4121113be11b771c0849b3e4a32c0f9ca1971d007e9609351c0634614f90c53b03f0f4bd02549774ffd93ee1eb0ff6614fdf2eb4e47c3bb096e569e49406ab6129bd7b50f521ecde029aa5626a1f5ea586ec97db33f9fda5794a0c91d7a18f7c619a9b4a800db8e454b5ab305ff35e262d6e1bff705f9f3a2084eff9d48674f37419cda67f9accd01dffadd8814faa73ad140bbb439f1e7d2e33b4ea03e74089e524476d15e44ee2ae17b2061e64d10f6dfa74dc3f8a01b2d6878e7448d8a73d380c3393dae03ac0675e3348c8deae90da25175dfb058996064bf5ff82ca7a3d534bf77168ce5cc6f7dc8c436c29891969da95122f6a1a9037d398241d497df24a0f6a51bede82e74dddff8c49be693f0f93234ac827b36a89ca3e86737c9440011a1ce72aa1bdd2d0070fef2bf1c1f6c8f069455a6a09aea6e9747968ae27d069e988249d75ac7cb2f95028b24739acfc6fb7457bee77eaac9820dbc1710774d8dfb5ea1ade568a5232182dc62d7523e80f468050b4ca70c4a4d076d41f2710749671107c6ba841dfee5080891be5da206ac4bb2b7e5e595af6d21245c7359c9d49c2ad863d3c6b965b5d677a7210621e2a33879edb5ffe7609f9bb0fceca53af065f005b49cc8ab07453ab1ac81d04aac6b5f8a65745e10e3035ce0d04fea1470bed1d2a80f5b6c391b88906f53b2330aea6aff81d9aa06607761f908b9241df25bf68288ba34be651a4edbe276b51729272e79b96c1c1b02bc1fac95f0967858f0dfb059a54fc9f966769c7ce6fc389349ca90fe7109274ddeba8a71dd7fada3f25072b5b4da8ff9ae67f9e3fb36dc7e75d9a40519378858dc1ef7f14027ade1daba850e2fa7034607cc407d11da91be5d034701413728086a367ce8b587914eccc58e4f839ba5a0396bb76da7066ff935b559cb82c3f3749d2e497248d0f87abcbc9ed185c60e3f0694c21a46ccc79351506a783d2a5b592ed250909ee81fcb974b39557bfb4a4213a59be5df4f7b1baf5cf6ffa73ed0f907e28319fbb912e786d3583733763d0bc18b71da778abc552b730bc38fe13fa887bbc60477f1057781bcc94470048b8281d8474719b004c43f1fee23a3e89d364c5fdc66554936db6265dd7d657391fe3749ac977ffe38c9cecf9008f306b488585ea34420bc30f80b5f5776cbe086ef11157c2302731d56f41447145eb757c97bef3c91c31fd7d32491c68d338d156851a1b9dd853121df15863c0144d743a62f6e040ac211ec328cd0ad62de6e3899075df59908221798e3216b2ee96e093de7cff59aeaaea4077b7e8cb4934df288762853bc0d1896f3ee147a8550308f904dc3acd3929359c2f2f3fe50e1e34e7ddc0b3428e2dd6813349d5785fd8845974980e68d57e698e22db723b084c43cb6020f7441769ec0be32398b3e1cc826ab2ce5e8e433415e597f03d6de8a4847f47fff63e70b99d4a9b0faa97e4357642a1e32d534ec53a06ab544d38aeb4ff0e271fe0b5e37a0f6a23aedca51db7656955b1719fc81936ef69ba0789f636040d010e9cdf6f754c61b630be13120d141fd510a1d36471f66794c779d01491c1d721757d2b246da49ff029d4a33a94f90d287fd36aa73fd8912bfc5e0e2510ed0aa1dcbebeb06faa535fd1cce1e6b06bb175391ced318b5c50ae955d61f087967b8a4e1b2f1d1c72d1ae01f83a5ec1ba6cea76e1a94e4baf970ad7422a92d5376975d8e40beae2352b7c53af43f8709ecb8b358f4eab0742b34d8c2eddb21a2287e0301ee8e94c6dfcd978783a5747738dae54b82bd126e187c7bd00a11052b082d40ee002fb1fad5b0a9ea7c1409e5a275c7cf8f01cf2a656cf5e95025798e9978cfb917b484676f50c7ac447ac9bc49f7c5f417071749877d759324fec818811720ccf191863ee89969a7640881a208c78bd7ee45e8fccc48d72c4f5136ac53c3d5995237e64ce4a5983b9a41eae6536ad2f4be27fc7cb5ab64df1ab0a63b4ec81b3494b5a9abc757e24fcdd4e905972909c00f0ca737f3b095549299fff2f6cd2cd0b4d047350cb91e306934d76042e3a8e0727511a89a51aba7adb7330283f76f604b9fc5069a0ff7ea75678170faa606619903cf9a56de87739dd3adbfa3f316a9f2fc0cc70d0e5644f0d6492be0104df89bd83c39cd5a4c243b16f26700af02380890d5a9620790f5565a4195bc56f0ecc293c20bbdc7a3a73b5df757627e80fcf872df383e99094c6f4dadbe26e3f9b5476e9a1c4a9d07ea5dc83f06734b0739368ea5d808b9b600d141c7eec4adfd09b025d3e597689d4085ee51c89787c7eebff9dfbda57c4280aa93a89bd771f5aacd3e", 0x1000}], 0x1, &(0x7f0000001840)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x6}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @rand_addr=0x64010102, @multicast1}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r3, @remote, @remote}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x64}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6ab}}], 0xa0}}], 0x3, 0x48040) [ 298.807743] FAULT_INJECTION: forcing a failure. [ 298.807743] name failslab, interval 1, probability 0, space 0, times 0 [ 298.827594] CPU: 0 PID: 16549 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 298.835498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 298.844845] Call Trace: [ 298.847431] dump_stack+0x1b2/0x283 [ 298.851065] should_fail.cold+0x10a/0x154 [ 298.855215] should_failslab+0xd6/0x130 [ 298.859187] __kmalloc+0x2c1/0x400 [ 298.862726] ? ext4_find_extent+0x879/0xbc0 [ 298.867055] ext4_find_extent+0x879/0xbc0 [ 298.871206] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 298.876660] ext4_ext_map_blocks+0x19a/0x6b10 [ 298.881159] ? __lock_acquire+0x5fc/0x3f20 [ 298.885397] ? mark_buffer_dirty+0x95/0x480 [ 298.889719] ? trace_hardirqs_on+0x10/0x10 [ 298.893954] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 298.899318] ? ext4_find_delalloc_cluster+0x180/0x180 [ 298.904505] ? trace_hardirqs_on+0x10/0x10 [ 298.908734] ? ext4_mark_iloc_dirty+0x1815/0x2690 [ 298.913573] ? ext4_es_lookup_extent+0x321/0xac0 [ 298.918315] ? lock_acquire+0x170/0x3f0 [ 298.922270] ? lock_acquire+0x170/0x3f0 [ 298.926274] ? ext4_map_blocks+0x623/0x1730 [ 298.930583] ext4_map_blocks+0x675/0x1730 [ 298.934722] ? ext4_issue_zeroout+0x150/0x150 [ 298.939195] ? __ext4_new_inode+0x27c/0x4eb0 [ 298.943587] ext4_getblk+0x98/0x3f0 [ 298.947192] ? ext4_iomap_begin+0x7f0/0x7f0 [ 298.951537] ext4_bread+0x6c/0x1a0 [ 298.955072] ? ext4_getblk+0x3f0/0x3f0 [ 298.958934] ? dquot_initialize_needed+0x240/0x240 [ 298.963844] ext4_append+0x143/0x350 [ 298.967537] ext4_mkdir+0x4c9/0xbd0 [ 298.971146] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 298.975797] ? security_inode_mkdir+0xca/0x100 [ 298.980384] vfs_mkdir+0x463/0x6e0 [ 298.983924] SyS_mkdirat+0x1fd/0x270 [ 298.987616] ? SyS_mknod+0x30/0x30 [ 298.991141] ? do_syscall_64+0x4c/0x640 [ 298.995115] ? SyS_mkdirat+0x270/0x270 [ 298.998982] do_syscall_64+0x1d5/0x640 [ 299.002855] entry_SYSCALL_64_after_hwframe+0x46/0xbb 02:42:54 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) ioctl$KVM_SIGNAL_MSI(0xffffffffffffffff, 0x4020aea5, &(0x7f00000000c0)={0x0, 0x4000, 0x3, 0x6baa, 0xcd5e}) ioctl$VIDIOC_SUBDEV_S_EDID(0xffffffffffffffff, 0xc0285629, &(0x7f0000000040)={0x0, 0x2, 0x76, [], &(0x7f0000000000)=0xfa}) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) setsockopt$bt_BT_POWER(0xffffffffffffffff, 0x112, 0x9, &(0x7f0000000100)=0x4, 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$NL80211_CMD_SET_KEY(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x64, 0x0, 0x200, 0x70bd29, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_DATA_WEP104={0x11, 0x7, "8a4ed86599ebfc09a16aa0de8a"}, @NL80211_ATTR_KEY_DATA_WEP40={0x9, 0x7, "028315bc33"}, @NL80211_ATTR_KEY_SEQ={0x6, 0xa, "1832"}, @NL80211_ATTR_KEY_SEQ={0x11, 0xa, "fa983f1ccf0698fecea732de9d"}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0xc, 0x6e, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x40) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 299.008019] RIP: 0033:0x45d2d7 [ 299.011188] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 299.018890] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 299.026135] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 299.033383] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 299.040629] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 299.047875] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 299.064876] audit: type=1804 audit(1606963374.489:134): pid=16559 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/240/cgroup.controllers" dev="sda1" ino=16773 res=1 02:42:56 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/nf_conntrack\x00') ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000000c0)={0x0, 0x0, 0x2}) ioctl$DRM_IOCTL_AGP_BIND(r0, 0x40106436, &(0x7f0000000100)={r1, 0x380000}) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) connect$l2tp6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x1, @remote, 0x101, 0x2}, 0x20) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:42:56 executing program 4 (fault-call:3 fault-nth:44): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:56 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = getpid() sched_setscheduler(r1, 0x5, &(0x7f0000000380)) msgctl$IPC_SET(0xffffffffffffffff, 0x1, &(0x7f0000000240)={{0x0, 0x0, 0x0, 0xee00, 0x0, 0x1, 0x400}, 0x0, 0x0, 0x4, 0x2, 0xfffffffc, 0x9, 0x5, 0x22, 0x0, 0x4, r1}) write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000180)={0x90, 0x0, 0x0, {0x3, 0x3, 0x8, 0x8000000000000000, 0x10001, 0x8, {0x5, 0x6, 0x2000000000000000, 0x4, 0xde, 0xffffffff, 0xc0, 0x8001, 0x1ff, 0x2000, 0x82, 0xee00, 0x0, 0x6, 0x5}}}, 0x90) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='hugetlb.2MB.limit_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0) r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) r8 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r8) setsockopt$SO_TIMESTAMPING(r8, 0x1, 0x0, &(0x7f0000000000)=0x108, 0x4) sendfile(r7, r6, 0x0, 0x100000300) 02:42:56 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x10000, 0x40) ioctl$TCSBRKP(r1, 0x5425, 0x5) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:56 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x541c, &(0x7f00000001c0)) ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f0000000040)={0x1, @sliced={0x800, [0x200, 0x100, 0xffff, 0x2000, 0x9, 0x1, 0x3e7, 0xc155, 0x8000, 0xdf, 0x8e2, 0x400, 0x1, 0x4, 0x5, 0x81, 0xf8, 0x101, 0x9, 0xfffb, 0x0, 0x20, 0x9, 0x114, 0x20, 0x200, 0x40, 0x7, 0x3, 0x3f, 0x9, 0x1, 0x9, 0x1, 0x3f, 0x20, 0x3d4, 0x7, 0x12, 0x4, 0x8001, 0x200, 0x7, 0xffff, 0x3f, 0x8, 0x80, 0x3f], 0x10000}}) write$sysctl(0xffffffffffffffff, &(0x7f0000000140)='2\x00', 0x2) openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x137801, 0x0) 02:42:56 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000040)={'wg0\x00', {0x2, 0x0, @empty}}) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 301.373209] FAULT_INJECTION: forcing a failure. [ 301.373209] name failslab, interval 1, probability 0, space 0, times 0 [ 301.396444] CPU: 1 PID: 16582 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 301.404356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.413711] Call Trace: [ 301.416304] dump_stack+0x1b2/0x283 [ 301.419939] should_fail.cold+0x10a/0x154 [ 301.424094] should_failslab+0xd6/0x130 [ 301.428071] __kmalloc_track_caller+0x2bc/0x400 [ 301.432740] ? strndup_user+0x5b/0xf0 [ 301.436543] memdup_user+0x22/0xa0 [ 301.440084] strndup_user+0x5b/0xf0 [ 301.443710] ? copy_mnt_ns+0xa30/0xa30 [ 301.447596] SyS_mount+0x39/0x120 [ 301.451046] ? copy_mnt_ns+0xa30/0xa30 [ 301.454931] do_syscall_64+0x1d5/0x640 [ 301.458822] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 301.464008] RIP: 0033:0x46090a [ 301.467191] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 301.474913] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 301.474918] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 301.474927] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 301.496748] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 301.496754] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:42:57 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:42:57 executing program 5: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f00000000c0)="005ec8a6ecb7efa4236158d01c092fc0d10989b4f729bb24c68f2668feadd0fc037c8eeca0c39cb77a1447b05c85c28fdf9e1496b63d19b96499a35c1a40a3c6485f017322698dcd12d59df442032e3782e6b10f2bdd41876accfaea3dd7c09135415ae0e96d3fc54c54c8eb9acfe9610358f5411be4f08a5033be49e8960547440da052bbda8b923475a69e0756b02c4127", 0x92) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:57 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) 02:42:57 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="0f12f55a810de6b48c91dc535d0617f9c3a3100c67de22fd22965ded86ea20a55044d7902c59290d38cd13cbea6fb609bf49e36923153058f6a46b53341d45bae10923bc09b7b709b9f5caef72a0f241cd0400faa5de211e9a0a2b6958cc01cc5f45d92f51de483e20d70fa5b05cc03f06addbbf2f63e9cf2cf87ec4bce37223078137065ea72f60f0203cd9b975c64476bc761462614c3c64c822152e"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:42:57 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0xfffc}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VT_RESIZE(r2, 0x5609, &(0x7f0000000040)={0x5, 0xfff, 0x8}) 02:42:57 executing program 4 (fault-call:3 fault-nth:45): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:42:57 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000040)) 02:42:57 executing program 5: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x10000, 0x40) ioctl$TCSBRKP(r1, 0x5425, 0x5) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 301.745809] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. [ 301.752767] FAULT_INJECTION: forcing a failure. [ 301.752767] name failslab, interval 1, probability 0, space 0, times 0 02:42:57 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="9b36bbd0f6a77f9d9b45e05a06efa29747cd24fb58ab065237fa4ce58e7b702c9f77b2b582aa299f114bded6511fbffe7a778f19dfda3c27ce8f68fb1cef56ba2939196ab05edb6492976afd402883fe8b9ef954ef3e2416e79dd3b79eb5cced3eaebdf414b0bec5254d17f2c6fe094d825d90c235"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 301.795297] CPU: 1 PID: 16615 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 301.803228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 301.812578] Call Trace: [ 301.815175] dump_stack+0x1b2/0x283 [ 301.818806] should_fail.cold+0x10a/0x154 [ 301.822958] should_failslab+0xd6/0x130 [ 301.827303] __kmalloc+0x2c1/0x400 [ 301.827314] ? ext4_find_extent+0x879/0xbc0 [ 301.827325] ext4_find_extent+0x879/0xbc0 02:42:57 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = open(&(0x7f0000000040)='./file0\x00', 0x800, 0x94) r2 = semget(0x0, 0x2, 0x240) semctl$IPC_RMID(r2, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$RTC_RD_TIME(r4, 0x80247009, &(0x7f0000000100)) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x450800, 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="5c792ffb6cfd4b3a63283ef7eb1591dd97a9ee642554b963f48329b7424fa5b735bfd893dc9c489f865ccd5809bf345e3bf45c2d348b36bc84a190f0fae3065e156afbacc1eba68327de040d765a727f9f377e1872e7ef97217fea2a321aa4287d2b7697c8fc06a5601b42bf3a350afe982d3852559249e19a7bbf54d6d68552abd19c1aa0942872a5eec915d0eb6beb342531a94237361add4847c864b814c17e4ee2a3758daebd2982c21092d8d2152c3b24c4ea6eca144922d75e0d955cefbcaf03de175fe17295a7337bdf292095d9acfae54b89dd38f4aefb63bad82559fcb76b2ba70f19676ec5d9f6fe91845b2ec460c849e7ac0ee258e013a3c75169a37c46a6da3c31909329e9deb66439f37fba070b7022d1269271035fa3f3426b98818c86043e628246ed9b50d5ab5307d3546d7f81e9f459f3bea175116bf1a8266f4c78bad8c232"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000180)={0x3, 'veth1_to_bond\x00', {0x8}}) [ 301.827340] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 301.827351] ext4_ext_map_blocks+0x19a/0x6b10 02:42:57 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x30, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f00000001c0)={0x0, 0x0, [], [@jumbo={0xc2, 0x4, 0x560}]}, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x74, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6}]}]}, 0x74}, 0x1, 0x0, 0x0, 0xa35d16ecdeb88e23}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x7) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$VT_OPENQRY(r7, 0x5600, &(0x7f0000000000)) [ 301.827367] ? __lock_acquire+0x5fc/0x3f20 02:42:57 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) [ 301.827381] ? mark_buffer_dirty+0x95/0x480 [ 301.827390] ? trace_hardirqs_on+0x10/0x10 [ 301.827398] ? __ext4_handle_dirty_metadata+0x120/0x480 [ 301.827408] ? ext4_find_delalloc_cluster+0x180/0x180 [ 301.827416] ? trace_hardirqs_on+0x10/0x10 [ 301.827425] ? ext4_mark_iloc_dirty+0x1815/0x2690 [ 301.827438] ? ext4_es_lookup_extent+0x321/0xac0 [ 301.827449] ? lock_acquire+0x170/0x3f0 [ 301.827460] ? lock_acquire+0x170/0x3f0 [ 301.827469] ? ext4_map_blocks+0x623/0x1730 [ 301.827485] ext4_map_blocks+0x675/0x1730 [ 301.827500] ? ext4_issue_zeroout+0x150/0x150 [ 301.827508] ? __ext4_new_inode+0x27c/0x4eb0 [ 301.827525] ext4_getblk+0x98/0x3f0 [ 301.827536] ? ext4_iomap_begin+0x7f0/0x7f0 [ 301.827551] ext4_bread+0x6c/0x1a0 [ 301.827561] ? ext4_getblk+0x3f0/0x3f0 [ 301.827569] ? dquot_initialize_needed+0x240/0x240 [ 301.827582] ext4_append+0x143/0x350 [ 301.827594] ext4_mkdir+0x4c9/0xbd0 [ 301.827616] ? ext4_init_dot_dotdot+0x5a0/0x5a0 [ 301.827629] ? security_inode_mkdir+0xca/0x100 [ 301.827640] vfs_mkdir+0x463/0x6e0 [ 301.827651] SyS_mkdirat+0x1fd/0x270 [ 301.827661] ? SyS_mknod+0x30/0x30 [ 301.827670] ? do_syscall_64+0x4c/0x640 [ 301.827678] ? SyS_mkdirat+0x270/0x270 [ 301.827688] do_syscall_64+0x1d5/0x640 [ 301.827703] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 301.827711] RIP: 0033:0x45d2d7 [ 301.827715] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000213 ORIG_RAX: 0000000000000053 [ 301.827726] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000045d2d7 [ 301.827731] RDX: 0000000000000006 RSI: 00000000000001ff RDI: 0000000020000100 [ 301.827736] RBP: 00007fe4267c9ae0 R08: 0000000020000218 R09: 0000000000000000 [ 301.827742] R10: 0000000000010000 R11: 0000000000000213 R12: 0000000020000000 [ 301.827747] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 302.072331] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 302.259100] audit: type=1804 audit(1606963377.689:135): pid=16657 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/243/cgroup.controllers" dev="sda1" ino=16803 res=1 [ 302.361773] audit: type=1804 audit(1606963377.789:136): pid=16661 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/243/cgroup.controllers" dev="sda1" ino=16803 res=1 02:43:00 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:00 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) 02:43:00 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0xfffe}}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x8000, 0x0) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f00000000c0)=r1, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000080)='reno\x00', 0x5) 02:43:00 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x7d2, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}}}, 0x88) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x1000002ff) 02:43:00 executing program 4 (fault-call:3 fault-nth:46): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:00 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = dup(r0) ioctl$SNDCTL_DSP_GETOPTR(r1, 0x800c5012, &(0x7f0000000000)) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) fadvise64(r1, 0xf1, 0x0, 0x4) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="922875b002d7fb1773a6616e22fed2769101cfcaea1bec7934977d65e5b20321b33ac6cd6e3307a9f660ac5d9fbc3ac93636e138592e1554407cbce90a70e97fab0cc110ab6e0111aa0fb1fcc471db1dc2d977a262cc0106f9d41053276998d09b69fc31ce6abd248c6e8ca279ef644dbbdfe22877a808c7464e823704ba22666d791c"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$DRM_IOCTL_AGP_BIND(r1, 0x40106436, &(0x7f0000000040)={0x0, 0xffffffffffffff21}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) sendmsg$OSF_MSG_REMOVE(r3, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x1508, 0x1, 0x5, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [{{0x254, 0x1, {{0x1, 0x180000}, 0x18, 0xbc, 0xb18, 0x8a, 0x13, 'syz0\x00', "82124dbc8919427174792cbe793c43c9fa144ffd637c03cbae7cf1dc5fc70918", "511ba09c376bd198407d7eb25e226c56608e893a341df344955efc1b540cebbf", [{0x3, 0x0, {0x3, 0x6}}, {0x1000, 0x0, {0x3, 0xfe}}, {0x81, 0x2, {0x2, 0x39}}, {0x9, 0xffc1, {0x2}}, {0x8, 0x1, {0x1, 0x3ff}}, {0x0, 0x1, {0x2, 0x7fff}}, {0xbe, 0x9, {0x0, 0x5}}, {0x8000, 0x100, {0x3, 0x401}}, {0x72, 0x8994, {0x1, 0x4}}, {0x101, 0x3a, {0x0, 0x8}}, {0x2, 0x4, {0x3, 0x2}}, {0x1, 0x64, {0x1, 0x7}}, {0x3f, 0x9, {0x0, 0x8}}, {0xd354, 0x6, {0x2, 0x80000001}}, {0x5, 0x85, {0x1, 0x3}}, {0x7, 0x3, {0x0, 0x2}}, {0xc28, 0x9, {0x2, 0x7c}}, {0x6, 0x1ff, {0x0, 0x6}}, {0x1ff, 0x78, {0x2, 0x4}}, {0x1, 0x0, {0x3, 0x9}}, {0x6, 0x8, {0x2, 0x7e}}, {0x1, 0xbb29, {0x0, 0xffffff50}}, {0xee73, 0x5, {0x2, 0x1}}, {0x7fff, 0x5, {0x2, 0xfffffc00}}, {0xbd, 0x9, {0x0, 0x2}}, {0x24, 0x8000, {0x1, 0xf3f}}, {0x2, 0x4, {0x2, 0x3}}, {0x7, 0x8, {0x1, 0x1}}, {0x0, 0xc5, {0x1, 0x20}}, {0xe9b7, 0x4, {0x3, 0xeea}}, {0x8000, 0x4}, {0x0, 0x3, {0x2, 0x3}}, {0x66a, 0x800, {0x2, 0x3}}, {0x7, 0x4, {0x1, 0x8}}, {0x1, 0x5, {0x1, 0x9}}, {0x7, 0x3, {0x0, 0x6}}, {0x3, 0x1f, {0x1, 0x10000}}, {0x18e4, 0xf76, {0x2, 0x4}}, {0x0, 0x0, {0x1, 0x1}}, {0xfffe, 0xc5, {0x0, 0x4}}]}}}, {{0x254, 0x1, {{0x1, 0x5f82}, 0x1, 0x9, 0xfc00, 0x86b3, 0x1e, 'syz1\x00', "927403623ddc725894ff408ad5ee04e8d7a0bc80c42c0cd1bf0a11bd1fc542a9", "a0a6e2f7d91d46b18f129e516149a5d1f7d2bbe81e77182e049c38f43b473e9b", [{0x1, 0x8, {0x3, 0x7f}}, {0x4, 0x1, {0x3, 0x9}}, {0x1, 0x7f, {0x3, 0x3}}, {0x9, 0x400, {0x1, 0x100}}, {0x7f, 0xff, {0x0, 0x6}}, {0xa2b6, 0x6, {0x2, 0x1}}, {0x7, 0x0, {0x2, 0x5}}, {0x80, 0x0, {0x1, 0x7ff}}, {0xfeb8, 0x100, {0x2, 0x5}}, {0xffff, 0x9d84, {0x3, 0x401}}, {0x200, 0x9, {0x2, 0x20}}, {0x5, 0x3, {0x2, 0x4}}, {0x1, 0x0, {0x2, 0x7f}}, {0x4, 0x101, {0x0, 0x10000}}, {0x81, 0x5, {0x3, 0x9}}, {0x4, 0x101, {0x0, 0x3}}, {0x1f, 0x9, {0x1, 0x1}}, {0x0, 0x3, {0x2, 0x80000001}}, {0x0, 0x99c4, {0x2, 0x9}}, {0xfff8, 0x7, {0x0, 0xffff}}, {0x80, 0x1, {0x0, 0x8}}, {0x1, 0x7, {0x3, 0x7}}, {0x1f, 0x2, {0x0, 0x4}}, {0x1b0c, 0x6, {0x1, 0xfffffffd}}, {0x3, 0x3, {0x1, 0x5}}, {0x0, 0x0, {0x3, 0xf2c}}, {0xfff8, 0x0, {0x3, 0x1ff}}, {0x445c, 0x8, {0x1, 0x401}}, {0x8, 0xc2, {0x2, 0xfff}}, {0x4d, 0x159}, {0x9, 0x5, {0x3, 0x3}}, {0x8, 0x5, {0x1, 0xffffff3b}}, {0x9, 0x5, {0xa5a4612833b67e9c, 0x80000000}}, {0x8000, 0x5, {0x2, 0x3e36}}, {0x7, 0x0, {0x3, 0x3}}, {0x3, 0x9, {0x3, 0x5}}, {0x2, 0x0, {0x0, 0x8}}, {0x401, 0x8, {0x2}}, {0x9000, 0x40, {0x2, 0x87b8}}, {0x920f, 0x7, {0x0, 0x2ab}}]}}}, {{0x254, 0x1, {{0x1, 0x1000}, 0x5, 0x9f, 0x401, 0x7, 0x5, 'syz1\x00', "91cf1d2224830f2b409c5f09d57f13edcc514b7e3f6dd3842a1808075165b6f9", "7982ecac81e3a4944e8e2f504ac25049f3d1f67c3078d7c95762034637f447b3", [{0x80, 0xfff, {0x0, 0xfffffffb}}, {0x7, 0x7f, {0x0, 0x6}}, {0xa52c, 0x80, {0x0, 0x7}}, {0x6c04, 0x3, {0x2, 0xffffffff}}, {0x8, 0x2ad, {0x2, 0xb8}}, {0x0, 0x7340, {0x1, 0x1}}, {0x2, 0x2, {0x0, 0x1}}, {0x8, 0x6, {0x0, 0x7c8}}, {0xfffa, 0x3ff, {0x0, 0x200}}, {0xed, 0xb0, {0x2, 0x2}}, {0x40, 0x0, {0x3, 0xfffff2fd}}, {0xfffe, 0x3, {0x0, 0x3}}, {0x0, 0x2, {0x3, 0x4}}, {0x3f, 0x9, {0x1, 0x7}}, {0xffff, 0x0, {0x0, 0x9}}, {0x0, 0x2, {0x1, 0x7fff}}, {0xe7, 0x0, {0x2, 0x20}}, {0x3, 0x1f, {0x0, 0xfffff001}}, {0x6, 0x9, {0x1, 0x1}}, {0x4d88, 0x4, {0x2, 0x9}}, {0x5, 0x1, {0x0, 0x1000}}, {0x1, 0x479, {0x1, 0x8}}, {0x4, 0x8, {0x3, 0xda}}, {0x4, 0x8001, {0x2, 0x8}}, {0x3, 0xf45, {0x0, 0x8}}, {0x4, 0x6, {0x2, 0x4}}, {0x372, 0x0, {0x1a97d9c77279c7e, 0x3ff}}, {0x3, 0x5, {0x1, 0x5}}, {0x1ff, 0x0, {0x3, 0x5}}, {0x1, 0x84, {0x2, 0x2}}, {0x7ff, 0x0, {0x3, 0xc712}}, {0xfffc, 0x0, {0x2, 0x1f}}, {0xfff, 0x20, {0x0, 0x6}}, {0x4, 0xdec, {0x2, 0xfffffffa}}, {0x14, 0x5, {0x3, 0x7f97}}, {0x1, 0x5, {0x25a01808cc5cb519, 0x2}}, {0x2, 0x101, {0x0, 0x7}}, {0x2, 0x8001, {0x2, 0x8}}, {0x1, 0x0, {0x2, 0x80000001}}, {0x800, 0x20, {0x1, 0x6}}]}}}, {{0x254, 0x1, {{0x3, 0x8}, 0x6, 0x0, 0x6, 0x6, 0x1e, 'syz0\x00', "37e9e3a29250ffb4126ee37148fe2a9d04664fc9fb43117e5dd8bcb4df45e69d", "64dfda6da89a5e320bc1d9fc88a4a6aa8e4af37715c7cdef02f17446926539ce", [{0x8, 0x3, {0x2}}, {0x5, 0x200, {0x2}}, {0x2, 0x1, {0x2, 0x2608}}, {0x20, 0x9, {0x3}}, {0x8, 0x6, {0x1, 0x4}}, {0x800, 0x1000, {0x0, 0x6}}, {0x5, 0x5, {0x1, 0x646}}, {0x400, 0xd09, {0x0, 0x8001}}, {0xb07, 0x62bd, {0x3, 0x9}}, {0x4, 0x0, {0x2, 0x5}}, {0x2, 0x3, {0x3, 0x7f}}, {0x400, 0x8, {0x1, 0x1}}, {0xb781, 0x7f, {0x2, 0x6}}, {0x8, 0x3f, {0x3, 0x1}}, {0x9, 0xd802, {0x2, 0x5}}, {0x265, 0x0, {0x0, 0x1}}, {0x4, 0x401, {0x2, 0x67}}, {0x1f, 0x40, {0x2, 0x2}}, {0x7fff, 0x5, {0x3, 0x6}}, {0x6, 0x8, {0x0, 0x7fff}}, {0x4, 0x5a2, {0x3, 0x4}}, {0x4d4, 0x4cd3, {0x1, 0x541}}, {0x2, 0x9, {0x0, 0x6}}, {0x2, 0x523, {0x3}}, {0x9, 0x4, {0x1, 0x4}}, {0x101, 0x18, {0x3, 0xfffffffc}}, {0xc82, 0xef4, {0x3, 0xefd4}}, {0x1f, 0x3, {0x3, 0x5}}, {0xa1, 0x3ff, {0x0, 0x1000}}, {0x8, 0x6, {0x3, 0x2c1}}, {0x3, 0x8000, {0x2, 0x4}}, {0x8, 0x5, {0x1, 0x2}}, {0x1, 0x7, {0x0, 0x2}}, {0x400, 0x0, {0x2, 0x7}}, {0xe67, 0x1, {0x1, 0x5}}, {0x2, 0xfc01, {0x3, 0xffff}}, {0x7, 0x5, {0x3, 0x4b4c}}, {0x2, 0x9c, {0x2, 0xa8}}, {0x7, 0x8, {0x2, 0x6}}, {0x3, 0x5428, {0x3, 0x4}}]}}}, {{0x254, 0x1, {{0x3}, 0x40, 0x4, 0xffff, 0x1, 0xe, 'syz0\x00', "099d344080e14d4aef7cbeee88636b4e81f5dbfda235362adba64c1da24e8b1c", "6dbca4d5e34cc03d55a10bc75e635c30079adb50539df58cc514f3a74197f74c", [{0xa8a5, 0x6000, {0x2, 0x80}}, {0x400, 0x9, {0x2, 0x5c}}, {0x6, 0x8, {0x2d38901b41b92a8e, 0x6}}, {0x400, 0x0, {0x0, 0x7}}, {0x9, 0x2, {0x2, 0xfffffffb}}, {0x1, 0x94b, {0x2, 0x20}}, {0xe, 0xa278, {0x1, 0xffff}}, {0x4, 0x946, {0x0, 0x60000000}}, {0x4, 0x1, {0x0, 0x5}}, {0x7, 0x1000, {0x0, 0x10001}}, {0x5, 0x1, {0x1, 0x2}}, {0x4, 0xfbc2, {0x2, 0x4}}, {0x4, 0x6, {0x0, 0x6}}, {0x3f, 0x9, {0x3, 0x2}}, {0xfff7, 0x4, {0x2, 0x1}}, {0x8000, 0x7, {0x3, 0x81}}, {0x80, 0x100, {0x1, 0x7f}}, {0x8d, 0x3, {0x0, 0x1}}, {0x40, 0x80, {0x1, 0x5}}, {0xfe01, 0x0, {0x2, 0x1000}}, {0x9cd, 0x9, {0x0, 0x6}}, {0x7, 0x7, {0x3, 0x3}}, {0x7, 0x8, {0x0, 0x9}}, {0x6, 0x8f12, {0x0, 0x1f}}, {0x6, 0x45f8, {0x2, 0xae}}, {0xe097, 0x6, {0x2, 0x6}}, {0x6, 0xcf97}, {0x0, 0x2, {0x0, 0x7}}, {0x0, 0x3, {0x3, 0x7}}, {0x1428, 0xfffa, {0x1, 0x3}}, {0x2, 0x101, {0x2, 0x2}}, {0x100, 0x20, {0x0, 0x15b}}, {0x5, 0x2, {0x0, 0x6}}, {0x170b, 0x3, {0x1, 0x1}}, {0x2800, 0x7, {0x0, 0x101}}, {0x2, 0xfffa}, {0x79dc, 0x0, {0x1, 0x10001}}, {0x7f9b, 0x7, {0x3}}, {0x7, 0x380, {0x0, 0x1}}, {0x400, 0x17, {0x0, 0x1}}]}}}, {{0x254, 0x1, {{0x2, 0x8}, 0x1, 0x9, 0x6, 0x4, 0x22, 'syz1\x00', "b7a626bdeb0658e7b845c1dd4dbbb7f26e760946ade5a727ea2c4d3d987a6c98", "847d6762d3c5b233d9c2b8f7b6af1b96dfaaafb2abe077f060169b3150004c0c", [{0xffc1, 0x9, {0x1, 0x1}}, {0x101, 0x40, {0x0, 0x2b}}, {0x400, 0x8, {0x3, 0x4ffa}}, {0x6, 0x5, {0x1, 0x5}}, {0x7, 0x3, {0x0, 0x1}}, {0x1f, 0xffff, {0x2}}, {0x0, 0x5, {0x0, 0x7fffffff}}, {0x9, 0x3, {0x0, 0xfeb}}, {0x3, 0xfe00, {0x1, 0x81}}, {0x81, 0x8001, {0x2, 0xfffffffb}}, {0x20, 0x6, {0x0, 0xffff8001}}, {0x141, 0x4, {0x3, 0x9}}, {0x80, 0x94a5, {0x3}}, {0x3, 0x89, {0x3, 0x6}}, {0x40, 0x3, {0x2, 0x1}}, {0x521b, 0x101, {0x0, 0x5}}, {0x200, 0x2, {0x3, 0x4}}, {0x8, 0x706, {0x1, 0x390}}, {0xffff, 0x1, {0x3, 0x4a}}, {0x1, 0x0, {0x3, 0x6}}, {0x8, 0x47f, {0x2, 0x8}}, {0x400, 0xfbb0, {0x0, 0x40}}, {0x129b, 0x2262, {0x0, 0x8}}, {0xff, 0x5, {0x2, 0xffff}}, {0xffc, 0x8, {0x0, 0x8001}}, {0x8000, 0xda0, {0x2, 0x81}}, {0x2de3, 0x9, {0x0, 0x3f}}, {0x1, 0x3, {0x3}}, {0x8001, 0xecc, {0x1, 0x4}}, {0xef, 0x81, {0x3, 0x4}}, {0x1, 0x5, {0x3, 0x4}}, {0x800, 0xfff9, {0x1, 0x1}}, {0x6, 0x7, {0x1, 0x20}}, {0x1, 0x3, {0x2, 0x9}}, {0x200, 0x7, {0x2, 0x80000001}}, {0xff, 0x8000, {0x0, 0xffffffff}}, {0x80, 0xf9c, {0x3, 0x401}}, {0x0, 0x2, {0x0, 0x1f}}, {0x6, 0x8b0, {0x2, 0x81}}, {0x1, 0x800, {0x1, 0x4}}]}}}, {{0x254, 0x1, {{0x1, 0x8}, 0x1, 0xc2, 0x6, 0x8, 0x14, 'syz1\x00', "a38f49868b2284164d892801c35c59a5cbd584a2f71c0864a2e15bc47d64767b", "5128afa297d3b8d5d024dcc766a19c237dc9e2d2e164920cfdf41f5fcf085e04", [{0x100, 0x164, {0x2, 0x8c}}, {0x0, 0xfc01, {0x0, 0x1}}, {0x800, 0x200, {0x2, 0xb33}}, {0x102, 0xb81, {0x0, 0x8}}, {0x2, 0x5, {0x3, 0x3ff}}, {0x8, 0x6, {0x110a258f17fa1bee, 0x100}}, {0x2c, 0x7ff, {0x0, 0x19f}}, {0x8000, 0xfff, {0x2, 0x5}}, {0x219, 0x100, {0x3}}, {0x8, 0x3, {0x2, 0x9}}, {0x9, 0x20f, {0x1}}, {0x3, 0x0, {0x1, 0x543}}, {0x3, 0x6a, {0x3}}, {0x401, 0x5, {0x3}}, {0x4, 0x46, {0x2, 0x1}}, {0x2, 0x1ff, {0x1, 0x572}}, {0x6, 0x800, {0x3, 0xcfd}}, {0x4, 0x75ab, {0x3, 0x45b0f6a0}}, {0x40, 0x2, {0x0, 0xfff}}, {0x81e7, 0x0, {0x2, 0x2}}, {0x3, 0x81, {0x0, 0x40}}, {0x4, 0xffff, {0x3, 0x8}}, {0xd06, 0x80, {0x1, 0x403}}, {0xa2, 0x6, {0x3, 0x7}}, {0x0, 0x7c, {0x1, 0x200}}, {0x37, 0x7cce, {0x2, 0x1}}, {0x401, 0x101, {0x3, 0x81}}, {0x1ff, 0x7fff, {0x3, 0x99}}, {0x4, 0xff, {0x3}}, {0xd49, 0xb1de, {0x3, 0x5}}, {0x8001, 0x9, {0x0, 0xff}}, {0xffff, 0x7f, {0x0, 0x80000000}}, {0x3f, 0x6, {0x1, 0x63}}, {0x1c0, 0x100, {0x1, 0x1000}}, {0x3, 0x1ff, {0x3, 0x1f}}, {0x9, 0x5, {0x3, 0x8}}, {0x7fff, 0xf5}, {0xffff, 0x39df, {0x2, 0x7}}, {0x6, 0x1, {0x1, 0x925}}, {0xfe00, 0x8, {0x2, 0x4}}]}}}, {{0x254, 0x1, {{0x0, 0x5}, 0x3, 0x6, 0x4, 0x6, 0xd, 'syz1\x00', "b40c66bce59e214c89e5d26e597542be040ba4fd9854993168e15d4e357813dd", "f343cf6de27d88c251ec52c443cf8d33bca58d22083e5aed01b771d87895305f", [{0x0, 0x7fff, {0x3, 0x2}}, {0x0, 0x3, {0x2, 0xfffffffa}}, {0xffe0, 0x6e4b, {0x2, 0x7fff}}, {0x3f, 0x8, {0x2, 0x4de0}}, {0x9, 0x100, {0x3, 0x5}}, {0x1, 0x40, {0x1, 0xb8}}, {0x6, 0x4, {0x1, 0x1}}, {0x8, 0x1, {0x0, 0x81}}, {0x1, 0xffff, {0x3, 0x657f}}, {0x800, 0x3, {0x0, 0x1}}, {0x1, 0xf000, {0x0, 0x3}}, {0x0, 0x73, {0x2, 0x5}}, {0x5, 0x3, {0x1, 0x5880}}, {0x0, 0x31, {0x1, 0x400000}}, {0x3ff, 0xff01, {0x2, 0x10000}}, {0xfff, 0x40, {0x2}}, {0x1, 0x6, {0x1, 0x6}}, {0x7, 0x8, {0x0, 0x8001}}, {0x6, 0x3f, {0x1, 0x3}}, {0x4, 0x8, {0x2}}, {0x1ff, 0x6, {0x2, 0x154f}}, {0x6, 0x9, {0x0, 0x3ff}}, {0x5, 0x8, {0x0, 0x6}}, {0x8, 0x2, {0x3, 0x81}}, {0x4, 0x3, {0x0, 0x7}}, {0x30c0, 0xc4b, {0x2, 0xfffffffe}}, {0x2, 0x0, {0x0, 0xb4}}, {0x4, 0x7, {0x0, 0x20}}, {0x6, 0x6, {0x2, 0x400}}, {0x0, 0x2, {0x2, 0x6}}, {0x2cf2, 0x5, {0x2, 0x5}}, {0xf5b, 0xff, {0x1, 0x3}}, {0x3, 0xf7, {0x2, 0x9}}, {0x9, 0x7, {0x2, 0x5}}, {0x6, 0xdd3, {0x3, 0x7}}, {0x5, 0xf3c1, {0x1, 0x3ff}}, {0xe27, 0x5, {0x3, 0x8000}}, {0x3, 0x2, {0x0, 0x2}}, {0x454, 0x3, {0x2, 0x9}}, {0x800, 0x8, {0x0, 0x2}}]}}}, {{0x254, 0x1, {{0x0, 0xd1cf}, 0x9, 0x20, 0x1756, 0x7, 0x1a, 'syz1\x00', "0e152693a629f78337ac43e2a246b6e5837678b820afcefeb8d692ae456997cd", "219c6972311c28047fb80f71520fd8e567a2e9ca6389d9eafe6cd27b1ef19a1f", [{0x7fff, 0x401, {0x1, 0x6}}, {0x8, 0x76, {0x0, 0x8}}, {0x0, 0x3, {0x0, 0x3}}, {0x22d, 0x7, {0x1, 0x9}}, {0x4, 0x44f6, {0x2, 0x3}}, {0xffd8, 0x4, {0x2, 0x4}}, {0xffff, 0x4, {0x3, 0x8a3}}, {0x4, 0xffff, {0x3, 0x1}}, {0x9, 0x0, {0x2, 0x7fffffff}}, {0x7, 0x80, {0x3, 0x7cb}}, {0x0, 0x40, {0x3, 0x3}}, {0xb1, 0x1, {0x0, 0x5}}, {0x6, 0x6, {0x0, 0xfffffff9}}, {0x1f, 0x45, {0x0, 0x5}}, {0x2, 0x3bc6, {0x2, 0x284}}, {0x9, 0x9, {0x0, 0xd1}}, {0xf5f, 0x3f, {0x3, 0x81}}, {0x7f, 0x8001, {0x0, 0x80000001}}, {0x7, 0x3, {0x1, 0x5}}, {0x1, 0xc20, {0x3, 0x8}}, {0x57, 0x800, {0x2, 0x1000}}, {0x92, 0x7ff, {0x3, 0x3f}}, {0x9, 0x6, {0x3}}, {0x8001, 0x6d0, {0x0, 0xcf}}, {0x3a0, 0xd, {0x3, 0x2}}, {0xcc, 0x3, {0x3, 0x7fffffff}}, {0x7, 0x7, {0x2, 0x8}}, {0x1, 0xeadd, {0x2, 0x101}}, {0x46a2, 0x8, {0x3, 0xfffff5f2}}, {0x200, 0x3c, {0x1}}, {0x6, 0xb, {0x0, 0x5f}}, {0x7f, 0x7fff, {0x0, 0x101}}, {0x400, 0x5, {0x2, 0x9}}, {0xfffa, 0x3ff, {0x3, 0x6}}, {0x9, 0x4, {0x3, 0x81}}, {0x9, 0x6, {0x1, 0x7fffffff}}, {0x7f, 0x2, {0x3, 0x3f}}, {0x7f, 0x3, {0x2, 0xffffff0c}}, {0x3, 0x7ff, {0x2, 0x5}}, {0x5, 0x2, {0x1, 0xffffffff}}]}}}]}, 0x1508}, 0x1, 0x0, 0x0, 0x20000010}, 0x40040) 02:43:00 executing program 2: ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, {0x3, 0x0, 0x4}}) [ 304.800010] FAULT_INJECTION: forcing a failure. [ 304.800010] name failslab, interval 1, probability 0, space 0, times 0 [ 304.811611] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 304.831286] audit: type=1804 audit(1606963380.259:137): pid=16687 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/244/cgroup.controllers" dev="sda1" ino=16822 res=1 [ 304.867236] CPU: 0 PID: 16677 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 304.875144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 304.884490] Call Trace: [ 304.887079] dump_stack+0x1b2/0x283 [ 304.890714] should_fail.cold+0x10a/0x154 [ 304.894865] should_failslab+0xd6/0x130 [ 304.898839] __kmalloc_track_caller+0x2bc/0x400 [ 304.903507] ? strndup_user+0x5b/0xf0 [ 304.907303] memdup_user+0x22/0xa0 [ 304.910834] strndup_user+0x5b/0xf0 [ 304.914455] ? copy_mnt_ns+0xa30/0xa30 [ 304.918338] SyS_mount+0x39/0x120 [ 304.921790] ? copy_mnt_ns+0xa30/0xa30 [ 304.925671] do_syscall_64+0x1d5/0x640 [ 304.929556] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 304.934740] RIP: 0033:0x46090a [ 304.937921] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 02:43:00 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) [ 304.945640] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 304.952903] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 304.960166] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 304.967430] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 304.974693] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:00 executing program 4 (fault-call:3 fault-nth:47): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:00 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x11, r0, 0x1000) mount(&(0x7f0000000800)=ANY=[@ANYBLOB="9f839866706f8c0a68b46e7ac790d92a2c430844ddd2dc02bb03bca530c049206f7c5863cb57723759a9c97328759afc27c43a290392b260231be0db2b51be"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) pwritev2(r0, &(0x7f0000000740)=[{&(0x7f00000000c0)="145d472f5b4528153c0225fcdeaf33b9c89c87711eab29bd6e8b47fb8ea69ec707d516005daf88f1c76e39ec5b1cb2bd1058848e5c52f071dc3af8ead68734d4d4f4734b61d941acdc7c041f8385e3869c1d0fe2062ea82aae9d16128405302a3ceee1e483dac9608fe2d28f430f7220e4d822c26fa485361600b2c77cc96743ca57ac1c2b0a349819bebf920a2b229fc5e67f74888351fc133ee2ee182a7ea2979a419e835bee9816225c305a694fdecea537533ae75216d3e351098ee04cd780cc8647fc279026b958945de7fd8f51c63b5e472bf48d43a50fe4b91beaf893b7dae01f392c", 0xe6}, {&(0x7f0000000000)="f8e7f6bff4fd44d9384d0ad1f1287c31", 0x10}, {&(0x7f0000000380)="b328550be8142bdb1a2168241214f593f79450c24223ac7cb60d889680a7c93b9f42beca031b25fcd20d5eb6b39146604567c7baa645ee9c0390179cfcd10a3db178a372b2a0f908fe0329c274bfd1697093a86bebfc5585785fb956a19d998d865584cf83aab9dbf9eb6b14776ebfff9acc83ae4b266a3cb5ced5d1739d6ef4381a6322fd5f8acf0f253e51073155483748652bcc02c5c5604604bc5441b4a5f63ea22b5996", 0xa6}, {&(0x7f0000000440)="298a8896a1b722e5256e08ff5422b56f7729741ad0d5719dff8600507793781c0cbda0d9714923703bece9bb7796f005500faedbc602ceab7f68e208483e730e618b4e8fedb2d99d1331416283b06e1a8f4610dd6f96c5d5f6676ca72bb89af331a4318acba559a682a2a0aa67407a7e24b7033dbc02681b7b1b9820fefa5bdcf6f512c126818b58f2aca99c2a88f8df4a0bac6616b94a56117ed898795c2250664fe3ea18d3dc12b2fb947cd19eb7c97d782258859b99965b7abdc8332cb1caa174f558c799783cba0f4d6c0b1cd78722a9da9fbf694ea539948a846227", 0xde}, {&(0x7f0000000040)="c09d3fac8aca11ead7747a81ede62100971a8c001c2bcf6c1d39203f4e279fa2f2e0395861382ad9c53e4969795d0d86533825acb43b271650abf6e138a6", 0x3e}, {&(0x7f0000000540)="b856ec5f1980101f6bd9733a031ca243d4a18c38c6ecd77fb7416794c1fb39e8296d9a590dfacd1e2ec888bcc6f6605e9f8c71dccb041bb5c9dca42233c909275c333a9ff12f25d53611df7ef28245477715dbd53339f259236c31af3da20e4b715cd219ea65abcce1d37f4525506a399b21a5df9d75518564837d4ac2244cc01ba54e0c793f54565811e5832d1479e28096e9bf860468bde4a8a7acb9d932a28a374d19932ee61dbce075afe2be5337f49d220338bafb8413699108eee5e5d85d6ce61fafb56df43ad073ff2a5803dabc6e49ea3b42b4", 0xd7}, {&(0x7f00000001c0)="748aece94bc30bd95d6a8cbe78d7083675c5c68658", 0x15}, {&(0x7f0000000240)="d3e6e78eaea949e802447248789bcba7e5ab4f08aac49bd2611ded74650a4b56c5e09833e4321dca634249285af34b05f6d4700f51034bb9072cf408fff63c6b223f504c9cf878c51f679bef81e8f4404394c2f07223b51dff5991abf27d422d09ab3df0b62625ada5579afe3fe620e95fff456f26db159b0221b48eb2bd", 0x7e}, {&(0x7f0000000640)="a0c569ce8dd52a11f35487dcb8c989d47f7db0a792e8e834eb64526a5c9e8a3b14e26fa7c0fd83c980775eb8ab6d4b3b426509a708684ce9222bde9136df4639b6350f497e3ebadbd08cd8b465f91b1fad5b2b67a4203ef18ae839f0913f73", 0x5f}, {&(0x7f00000006c0)="c134468cb32c955091a7e6c4d54226fced3e48d85bb32c5469616e1b9175f700e73936a03b62278f67fb4e515c184b23a19dfb155405dacc94f2533b8a103350889c3548fef92a092c340249f7e08ff2820b59ad9eb84a644abf747f4b2222a4dd2c8b238b082ecb97fbe02f95cc5a692911da41e13e", 0x76}], 0xa, 0xffff8000, 0x3, 0x4) [ 305.015482] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. 02:43:00 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) [ 305.121366] FAULT_INJECTION: forcing a failure. [ 305.121366] name failslab, interval 1, probability 0, space 0, times 0 [ 305.142604] CPU: 0 PID: 16702 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 305.150515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 305.159932] Call Trace: [ 305.162524] dump_stack+0x1b2/0x283 [ 305.166156] should_fail.cold+0x10a/0x154 [ 305.170305] should_failslab+0xd6/0x130 [ 305.174281] kmem_cache_alloc_trace+0x29a/0x3d0 [ 305.178948] ? copy_mnt_ns+0xa30/0xa30 [ 305.182833] copy_mount_options+0x59/0x2f0 [ 305.184407] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 305.187059] ? copy_mnt_ns+0xa30/0xa30 [ 305.187069] SyS_mount+0x84/0x120 [ 305.187077] ? copy_mnt_ns+0xa30/0xa30 [ 305.187087] do_syscall_64+0x1d5/0x640 [ 305.187103] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 305.187110] RIP: 0033:0x46090a 02:43:00 executing program 2: r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000001440)='/dev/btrfs-control\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x0, &(0x7f0000002180)) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300)='ethtool\x00') sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, r1, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x3f}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x1}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x20}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x18000}, 0x10004881) sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x23, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1d}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x8000) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x5}}) socket$phonet(0x23, 0x2, 0x1) 02:43:00 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) [ 305.187118] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 305.226767] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 305.234034] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 305.241314] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 305.241321] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 305.241326] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 305.272375] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 305.341164] audit: type=1804 audit(1606963380.769:138): pid=16687 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/244/cgroup.controllers" dev="sda1" ino=16822 res=1 02:43:03 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:03 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="6d06860ceca569aa0925e605f51716eb45e5e29ff0ec735f51051f25b165a75df3c0b16d4fbf21aabfe9bd7cd605bbfd23830d06f17193e11bd2a6de956e2229a433b00dcb4eddb5aee11db535c29950cfb524908f5e037cb4e818d35bc344"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:03 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) 02:43:03 executing program 4 (fault-call:3 fault-nth:48): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:03 executing program 3: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRESDEC=r0], 0x1}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) 02:43:03 executing program 2: r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000002140)='./file0\x00', 0x2d8843f759b7f1ed, 0x1) sendmmsg(r0, &(0x7f0000003740)=[{{&(0x7f0000000040)=@rc={0x1f, @any, 0x40}, 0x80, &(0x7f0000001180)=[{&(0x7f00000000c0)="00ff3d336fb08d6114cadcd09cfb2b714fc0df73ab4c36efb4c3504d066ac07527a37752ba80a638e9fd8c275f477a3dffd20abc30861db7819a5a226f8c20e4fe5c075bcfafd133d96133496ed13731c25adbb896a15bb027246d963e244c75be17a31f5489151d5f154c4c5326900623589f235e3ba730099482c9ed54c59b477f3a45403d3f4e0a01caa99037c50962a0771877c093dadde37e865b355f25dca86a4d37ced06ab9215fc51fe7da9122baa28966aa53d4c44326925112cfd449466a23671d2369274b1f0aea536dbee83d1caaf4c576402dd9e79306edd8377014cdb08d959d4f728715089fcb8754e2ff7041c73372cd4311da3c6fc2aa082f14aa4630d3105fc3f795129fb0d3e96e9c62dab46535f42b1d4a5efbed531b0e99b1973f4e8f11ee17e33935b181631cb11e5166444230f9c30d262c12766e7afa346dddd3d8069dd9b01eb0d91135108d59092f96df45f3a11c3dc08b62f0be066afb25b6109dfed5bc7930c41d781ffcb8d0769ec2fe8c91ff1272e65d1f02b5a16ca5f255ceeb18dfbc353a4729d0baa76556db265649eec6e2788095161a30f3c909f0014d31979f2fb906ee4258e4f453240f3649c6c17362cd803ffd603a56b98c65125b90c49c7d892343b90f277baefb76590ad01b269e90aa6279c9d4a948ed87d4635466085aee533a385776d715f86643edfc6e8ecc5a88d02d9b6b0e44b3f65c36762a85af9b7aaf88cee91fdb3f5bcec7376d43ad07810c753075759c1f0c6c89379aaa3ef1e799f47190828dec7b73f9fbbf7aec710973f2f63906e69c40aea3596d3809b5253117d1ea41f599222e52e9d711384462e011354ec0c8babdf8f40fcf72b838ebfdb2b09e7a16485ba5c5604f22c3e3f139441b964e72501cd6abfb19b85e5aec245cf20c71d2f3c3aad769463a4e48551f4585d8157615270fffb77c3834b3afb15870f5e8896a64a129729f2dde53067bad5afb0349dc3a2d955e130dc6895d866255ff5eb5f433961cf0138d8ad24fbe8b39496cbceb3ac4640b9ac4b6d556b3c51940ec20088161b247d2ed648f4e7916e1c2c30fe4c8d1fd0e5c33adb3351af3e83df475ef07cb20799cbcd7c16b4ff9cf390c87f963c4f61257782e007440f5b24d206a61964d99621f2eb02cc91e09093e41102389cbe68011c819b7f85d55f2677bce1a0f0ef2b433aaa7cc5f2e602b7b3071c8aa81f1497fe9b1e8174c4fae9828752eefb124115a2d6da68c070c4b6235b965d76d94dd44885874645455f639e7b5b7934cd06f093fe571d15b9e57267a4fa5cbc948b01a65ea285a8b30d2dee2450df46c02a1d4b9f8c0159f705edbf00e407b029ffe2f185ea2707e9aaa12cc79e79e38b9275e257face67d8918f76c04a84a028134cfd0c2c419788f45e0aec29812910d53d17c3c376b6ccef50c09f61109cf9349e601a66a7e91d1fad515e81f1a1297be82be002ef2327a2e3ef781db02635ce4161a46fa05245e204ae707fd536d951139f509d863ed09c95b950ef136f9a1ff6b791c0466027580e1543a766777c7540fdd23a18825f9c000ac2fc57646841c3ae345217be8fd494b5770cd9671b95e8c2cf033f58c7cc5243448819a79e9bebc981e553f81789ccdf02135d9d169535731f961e7574b8ffc2084f56536a63da713f50ba2e82c89981b1471d41db220c252a94d096bc07e93a79c0205e87cd2148df2e4bdc8500ed9f1386ae54062ee20f2fb50dcb59a31f9851c96be4a34d2e0bc806bd1436f968ac95fc752216bc76f1e1917e35efe685b56c4eaa711498a8b062febe8c3ddc3dd96745bb232413277c554ade62cebcdfe1ff1224cb070abcb48485db555887a8df3ecb4711f536f71a0ec96b9905da88c06d341c2b7792fd5f0cb5f8c280749b67c9e8f53e94074edcf096b7d7de33744f138034865852387bd9159bc7c0d37b5769b369197c021d911a5b17074b73655d350d3928d8311d7ba2d6573ea3fcae68e96decf33db09ec6dc4e873498ab7dedd14aa00bf527b1c70e8f2be3d49b20bcb3b930457ebd9e74fe0543a0314a8ba0ae3bef3c5673109733ac199581a58a708d58cb429fad6ff82337eebc913b344935710d7791da777796660a432abd318af3cafe38eba3e12c62e51c66f9a9610d96f2a909bd1862c5a4673a31330dd4aa063b856a9b31d4383c6458b5922b8b3ebd6ef5d5131704ad667c52b81d7fe9978068f5b06d8ced14bf52edb3e6e7fe6919b36b6f25322403465050f49d63e574e9ee5d3d00a4bac122737cb5a1d1353ad8da75fe7332775933a87fc4f78b94c2c105315e02308e287eb848b37aa4b2e36519d99ed7bd63b200caad5cf95021e5cd0a340279ebc07e09390527db49b60f480cdd77033478309712aeae8ca6b0b19547c22c81361593f127117b8fe4a5f3a90b2da887425bd2d705b3d374d60ff2ad77a2fad23f45efaa62f4e161d3e8def8a6f059de8b76f1ed773ff6466e1a465c830e141cd74d870da4eb8f0c1a8f49ca5a2e689cc625207d1d03af3f933b1244b434843bb93d8d6a74fde6392c484e7a269a1d37bc7aa3668830ddc67fcaaec55bc30c04052634626447ac5b2d083b60fc4da90d9b98b51b6c6714bd4f8484558ee5722bac340594c49640eb131941b3845f71c5a9551dbfd10faa81dfbaac7083fdaa119aaedca4021b4e81d76d83d4f5d03868bef502ae5a0da14b1383f1aebc2bcec5ded7728b6c63a33772108f19e925ab95774add23f1fb959c66b17fe84d4b618e420168c75efa8ce1f0e5c441c9de1a7eb9b1eea98ceed25efb4c0fa7022499aaa4d3762dee1d0f46ea23350fe6a07b3befbaf8b601a1a8de003cd24cd59a3e1a7d52433064abd8a1b45bfb910c8ef33bceae5c163998c01a3cc743030a9f9d163b4b1325c0cd44e9cb33d95e33e08b074c507139841a7f9bc39cc5a7456939ca97b49deb4534c2090ac8f01fc2d364e67b7cbcaa7cb762699ca7fbf66f25394ceeb7fb9a27d360ce1e5d1b870e98929a9e71d87ccef5c95ebfcd1f8d48fefaa3a9d19172089691d61d1e781b765900c116481548f6ca28be6b7efdecdaa64dc555c3a4659c1df489398c9db51a2b5100f9d21dd2dc50f1071ce70a7d7726265040386d4090b79d76d1a18a4a6e3bbe9405ab45114713e20876b3b6d97327d05b0ce230a6f240598711deb12980a0fc571e56e430cb4b066f68cff04f33e92a670c5db431cb297cf2840f84ef1a5cad6282adf955ef13287f5275e1435329003941529f8327a518a4c020704e20a316ef720e2228e994321af9cde151013ec2ca5d3c0ad43e657c5374a2956c97af47b5418992152b4b7b30134115731dd6e04c34028a5185fbc37ce8e6724614d7b20f621f3518adc712f40930a1dfbb82d45bd82bec5d6ab53ef5970e3746276636b72e5d4819b2e66d1190bbd3d3ee725d15e75aba7990a32545c696efea3a73a3d95e1aef10ccb0cb441dcdd22c9a9c570d450f66e2692d3c14206eaa9edce8fbdfb56df84e404b497d218e120e38184d5942d24f572c8595b975fa98acb9bb908f400f809aa4938b7d0b038d6d555f76db3e90e240a47e82787ff7d9e974ef8e91a1d981b62d50c5e3a3f3f7c22a8beaef73fb6548406bf5296526b7ab117da7c9eb300c2c720a0403e0dfc78272ca5dbbc2e82c1035f8eb1c4e2ecdc8018c6aa27545e20c85e7438c9056ef7af6d5b9c51784ca06b103ed3f8c0ee222021102beea8018b3ea4615f0443be98ce5b1eded4a7534f5d5f2b0ee37e28ed5b0369a10ac49656077ea40f2825cb58caf5130ce6bbc488d5e74ef67da80cb96b74358d89293f53730f30cb1fdb29d4f0f73b0928149a506f43d7ee9912944e0c53d26e58f2d7c35d8327bfbd13febe38dd79c95b156dff0e4d211568ba999986748d963a1582b46114543f13863e76352f770e652f4751ca8a92cc4f9a8b89798a66060bd5c63bea1a5859f6f7a75510fab3fdeca1f1a226dcac7a7852e4e55fde92ff09ab90cbc5c32646bed1c003ad2e1c8a4ac1bd6fe6cdb9115e2a1f958237f116c12a728e75b3c5853dc4e7e01b12be367002977bd35f2d9c79c153609d794384c6300eab919e9734fb56d52355b024a54018a13406902fad610b48a1a3ffc916feb6c9e1e9a080daabc294390047300e75ca72d93c5f43dc59527c95d2bf7167257fdd173c8d9b502b8f003e97da79f8cdb1cf58b22f47ff5a87008b226b17322b1b66252de0731881a42f8f0739988ff016b7ae6eb0728030a18761359b48ebaf2f97082e741f3b2026f7d780ab46eb0be5bd1bbf9469b0a98184e21d706c0cef1320541cd73ed3a82dbc55323efa3a570243eccdbedb9a60e1a095249fb7af53cb25d6a6da747f925a73c866e4b3262d2ea003941f1fbda5675c8b9e6637118b43ca68b91f848ac19601f4ea79a4a5ffcf4e7dd55edb4c85bb627e2e14fbd954081efa50dfbd67dcb83d76085b283ac37d8493b150f12e8667d1863b302dc35841da6855a6d06eba5e836fcd48db85448077cc41785244bd979e1451c7f25762d4eb3a38b1970de1c7492b022e5bc2df722048277b6193111ab12060a80567a1cf3d0efd138e4c421820cee6414aebd97e6bc38458ef5796aa918b9370dba353866cbe2c12bf9ba5fbf9525648a82ea773b76cf07c6b9ce42de0634cb639cf154b38312bef60898cd35675d9597994218a648f97f4c5d7e63d7cc9a805ad532c2ec5a070f57e99ae5f9fd9729d6912c4c1cb3324c8f0dc3a2cf3f93df37aed3cafe30218e85f3244e4de91ba16759d40d29595f24bebd4254d207a7f5180af7ac50b39972eb7d2442d117378e212e87a45ab44d7fd5a36bac19d9d549b5b32e654484a56d897afff466a7eb457bb788415b0c1350fb82f98d9f306a6bf5f9dafb70fed8006fd9009a478ba2710fd625afa4fbe99654e10ce3528e6a545b221f2ee1db1e7bfaf5ceae63d07d1844d46804204449e2cc1f0588abac4ceb05748a2a360546404339a192ae392d3c47e506dc560a91d70ef19ed2190cb12c7afceae848af4fa8ccd972be46c773dc6af0781e5a3eb6073efba108d5e78e1f08ba4b087b091700a0c467b16cc830241949e69e4dc3351e275ae3a36c0d575bb8818415ccaf9a843041002320474a583df86d3facba296819908b4c9c6fc01262365b16027b26c301e9402e2a253b97a8bd7b1bdb2d9f873c817b3e5c235132f9265b4a01c521f4b7dec902e89048207c188608657dc6976963d175cd209e5ec6947bb4f7d69e0ba9a79c599cede7f4a645e6dfe34e54b5c53834c6b23a7ce23e9516b78f59f9e57cd2ac90cab3042ce80769f7681cf02d8ed36c3bb6c7837ff48a5875aab5aeb6f9b7b4edcf9870daa369cc91a70a1ccb649f032b83f355ac61be1245800985ab57dd0e1374d92fa6d8a8f41cecdb16f5b1fdfb1dd05cc1f422e50d7bef3a0ffefbf32d3315b45b92bdc65231b4a34ea5f62a3f10da160f3dde4e825d6a30946117e1baa3488161d1de92f8bf9c9bb7614dfe83de395502ade53f5d10b2bf792f60b26dc0a3e9f567bbb44ef15f0bea6310804d17eab4b5867cdb805775e23cf760c767753be35d27c4257277fd4401a0f28b7198327c7f8fcf5fe38438970c5c8a8da21f5ed8c1f5a89a91a50e56fb5cc8ebfc7e6144d30fffade247938cc13032e97b05ddf9b8ae00b649717bdcd9df88d88ec66aaffcb9d0066cae7c0d7a79a88ed7d2e3a21d0f277ccbb371be069a39e3455", 0x1000}, {&(0x7f00000010c0)="476c47e653d908f1a8ca475295aa726645572976dc731799fea8c64c06091df3d8ac8f7c7d5f80b4701fb709c5efe4d7516d88ae93db0392cdc0df17bc8df52af611747f088470af391df97bcdd4a07524712d52ae857fc17a352a6c3d3b009adecdec98b416eec34744ab0bcda95ad217d9e6d4da74f78c6a81b11cb33b831f90e11f6ccc9fa760c9b378841b9e01ad8cec05369de2aaaf06442547ac372833", 0xa0}, {0xfffffffffffffffd}], 0x3, &(0x7f00000011c0)=[{0x108, 0x3a, 0x1, "cd4ad883c8f904e520f25ed15ca3e7f2eeb342bf3b0a410251a0d36190a16a39cec7bcd7ac9bd753303fdc1be27c7392f2cb1c46bf04b369dc181be51eb6766b2c078d2660ed22c32a4e3dd79f494f381f0e3a39331c38a1fc9a031d64cd242162ebabcbb4e588bf544dfc4e93beb85140892ea995efd113b5f1ccd38f59b13a60c259222ef3ff2e838d5e557bc532681cd6991210083e35ee02683c2ef3b61502d42dad3e9979263d66830d2b330d09fa3b405352aaae1eda76f7060ca38bcdfa08685d2d6781c75d1e66235ce8d3767a14452abd92ce15f67c29b4844d0f803c4b6c47438717d491bf2b566992bcfff48b70d52a0c40"}], 0x108}}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000001300)="7c354d4651da8b217d7cadf09063075d0e7f6e22ac9ecd54d424fb7816fd84ad67e18648696f87af50fbffa983a8d8330f4cb592359474dc23fafa22a64c5292353ba9656f0e736e3fd8f484ec40d3fea2de3d6329fc8c5ea4769389f2f618f99536dc577998e4548301a856c929c2e44be2715162e68aef2e1d54d2577b93fef09d54db21959241acac9eb1ae7e54c0f603b106fdc2bfed15b4d7d61e154bd2a9ff54390f4d66ce48241f9e91a19c9271d6565c6e1c130117a26ace07add6a3d6a5744e5265b72fc5c2471d833c44", 0xcf}, {&(0x7f0000001400)="7ea6a797e5db8de836387cd670e94cccaac7e79df3bd999660e2b75c4171124239774ebfec50c7f8c60daeb9a6243e32322466b8c283b08c026627ebf09d0a7cd02c133e733f376b40f4343c6ed407695185fb9272a8c9cbb166fac81938e8ea01172989dc534ef75bc95cfb2cf3d210fa417e3acb12bfcea90066cc93ffc95e6f99c004922760b95578a30c6bbd1b9aab883bacc585638a9785e8c453bbe08725909a39d3ee958653482a2aba644e84b0390d399226c7814e94ae735e107283", 0xc0}, {&(0x7f00000014c0)="675596f51589b7cc939d0b366130b8942423ad10d9df2514f5b59522e21f637349808207e920baa2ae056ab6923842083ad1f88ad6f6b7ca5640945b28e6fe7dfcfaa601d97738ea57cc9dbe502040ffc9c5d9dabb6cc497d251351bb4e98160faadfcfcce84634af48b342727440ea4fcfd86c9ed352c90bce5da31482d6e64b90b6d31cf67785e2ef79328d876d895706cdac1ffc95e5b579956a87ee466ca26500576dec22e90ae4c664769274d8471cd636a23891bf4b365beb0d10585b15465d753abc06a85c69b0f3517a4c0744b260fa30da9e5dbab6a793c8abc5726090099aa5f02ae826d72bb9d67cf8f0022e824ea9430d6f1", 0xf8}, {&(0x7f00000015c0)="b10417e5cd8215b620c1a3f5e00106934c1be8002e6bd6956fe99a76f79f923fea73c459b52083c724a363d11b2cee4bcbfe3a98fb579d0484af40e9e36593514c28e49a289229ff16dea94e335e543032b0040793103ea653a08a26b73f17c2a16f561e03bfb7db8db1918adae2a4fb3570edf8cfc7c9f5211b6d1504e786fc0a7e84b32ab7fe152834bc58066641000000007fd31be8d02f78edebb5a23b0d54a77f1d707a4bf9c3f7384634cc40e5235245cc03bee3e99bd7c0798ad11f5ea981e0750c70c1945c", 0xc9}, {&(0x7f00000016c0)="d49bd7a4f1e3f56b3e74d716645511e8557563a68c0544b8ffe78b5d7ae402dd214a8072e38e0fb8ea98b1c9655cc5fd769ca55aa59f7e", 0x37}, {&(0x7f0000001700)="75371c455e8dd21ef62fdaab4595209894d585c9c209c17401d0f1bbb5a804c093364ec4623d82635daed995fbff057aa6e652bb284b966fe8cfd2f18ed4d2cf46328bd7f86a149ec9e2d6fd61f1d3bab8f080657358c1916fc7b4c2d0fc6fe9a733bcdd5757ba544a4d23d128ea42276cc7b56cd6a5808f77c6dd54d361415049d0df42d50fc409513d8e43c08cedfbb088eb1eeb86931afbbbe466a4157bcec2eaaaa7b1d7438140f95d75e87ee7355326b42fbccf1886025c990cd3a6c6b1bae0b71f3a0b6d15064786ee8f84710af68b82915dc1f3b97609ed1e", 0xdc}, {&(0x7f0000001800)="49e108e5cbce6f164d098b7e03ded9296bc24c5c44425e35bba028f0c7f4d9de3a9e28a827", 0x25}], 0x7, &(0x7f0000002180)=ANY=[@ANYBLOB="500000008800000007000000e05aa561534038dda701df31f7e98570e880463447d05d8437e7967c29f42bd03744f8aa3de9eddd993896ed2209061450455569abb8082a8536a2808ff6baf3524dbabc02a27c3bdd362b66a1dc80bad32ed754d46566a47ea85425a4ef36a14711c296f939799b645899aa9f43b1da104670f4"], 0x50}}, {{&(0x7f0000004dc0)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x4, 0x2, 0x2, 0x3}}, 0x80, &(0x7f0000006100)=[{&(0x7f0000004e40)="1f1ebf3ece37285375f5af849e24760d1a1181d3b78312515a5e32fd214e5375648544948a772a76a0c47a3693f897c224390068a11527ca21ac6ea542f9732c7a9c118add35ef18ddcf8af74b6f6bc19cd43d922e89bd3303103d2c4e7b117f884a1b47d6cc87695fc028474ed8ba", 0x6f}, {&(0x7f0000004ec0)="ad0b52e0485e63d024b59c996b6cf10f762549800964a142262c8303c809bff7a2742d1cc75b9817779845c7bffb7ccddb7f95d5b253fb6dcbbde73059b1ac414c9463d461ba3ead3454ecbf9efe10e0a5788a40573e3b319bc764b1a4d7087a2cdaed2eb154affef03ce5dd21cced31f2e18c87bd61a967b3", 0x79}, {&(0x7f0000004f40)="12ab66c64eadec392529845f8ba0e845f3b760861dd035fa484331a15486978fb5edf80b3dabc56151240e595c539919f339f7c4b833aafa05524bb7d31b7c0984a79b19b40063a2fd2cd23ad14edc5aaa52a2db593b740f2b2d11a89afd2ab40369b7fc2d6f4cd1ef6522caeddb5170b84dc981a00b0244d7c6bf82131b0577e7d4cce58f5da50b87289150871d212d1358e378a13860fda34b4b279c11b8077fab4d4bb5d7788ab8e60ba32257236c8938f13f3dd6bcfd794b937faef3c239f28f32c0c585bd7ec390ed3303b9dff0376d02f296b63f", 0xd7}, {&(0x7f0000005040)="407450b4e3e379922fd79d5363f8b2bfb8211e7ff7d89b15b0bb9e872d47f6d710929bb33b4d239fe20b89463183d451966a4fde70a99d013cd2df8da0bfa8006c49767870a1244885e0a54989aa52a4e29714316fb6a7afb45fa0aacaaa4a9c517a42ca8bbfd3684e82f9869cc1554a34b56b6806baa8968972606e9615607f649fc2d5f14aea512e9e018e", 0x8c}, {&(0x7f0000005100)="3d3ed7b33cb766232288773bfca77524655bd14f8b00c87ed35e4a55578f14963125f280356a59ec4b5a107a19d5d08127ec0c861a16b9f03792e4e1434d88c8c4f8b9ccdf0a2b34f9485fd6920d67a295b5959a6ec68f2e250d2ed26c6079317d5bd0abfc6fd3b97bda4d089c5244e72250167b529199ab07e7affde996887a405c652aed4e4f4f6ba2a5fde6d46c5c5401de4ea182bfe15a0d522fcca3f4a38fee882ae07bfb49a06dbd8a1e1ce4d7cfbf6127370fc95b4a43896642620279e6aea19e62380ea034282b59308ae0e88dd57e5f78e3138db02ae13a8dd97bfff99b42b727a7ac8bc1994164860d5a22feb1e8480a3f19660f5cd7204da7bc3fe4def03faa1be4014ad74c6f3688c3aa35de925e4acc6c531c2ec522005ef89933beb725e9a5f3017698177dff529567e2e9f90dfd3eee0088650f11debcd2fd5462bd5a6274c00b9313eb1f555378b5da6d93b7f7930d95ecf676cf2363fcccc560a371ecde7fddf7a7ae3ad4b03740f0ff6febb17456a8856069abada7d96d7872d7339c80a4f28f8088e75ee639d3c568f976e2f5cdfb9db6577d76718d5368f72435720e0cf8d39a4b29ecc91c40360e9c7cec1a6e8a7b613243479cdf74c503c21a062846375d3cd93fa55e3f8eb95bff568146b1a1cf0cc57fbc283c9fa1aff3fd56517e293e6bc96867d5d052108c36f6f275cb4c6dcc23889509e2acb96901c6b9b3dc1aa2e13b64c00c50bdac2e5469af4c3f2c872a7d95f8e0db678ccdf2c4ce01741c087bce70ecaba895eaae0181b1a8795b50f8929d1ac0a8df9c97556113b8e68489fac67da8f41c5161f324934cad5e113931147999bc57b6f3b220d06f5db7301e633272769887622797af2f71b55d523b42fc06cae9476965e280a4550a61a20296db83817e29015a84f9f2495570dc847362cc35e6affecc7e35d8800e2ac743fc8de98add132308fd9292fc023c3105016cb78a65fb9a9c06ba99ebc0d3e965c969ce958c8302c4db7e15aca0d44e1e0d39c2d62dd880eb1e85eda4d1961c43750aac53298590a180fe947f1533d937909b950c5c795f4198b71771eebe6bb92b5641a479e0b16b1a9039d6830e265d2b477ec7c285366b4dccb7a1beec7455b284ad20d9c9693c0b2c6ba7e28f2446e9b65c4968aaa2312d6528285e333af5925c18ab74e3a69184df5fa02d1ef5e1611b1325643301305133cfaf30aea9e985a14b025c668c9485106a9cdbb1d35ee48632d06f31bb20dfbd98d465b7d3eb52c0fc585f5129535eef7de2440ae90811a8b93f537b7e6317df5c66096104ef7092b71fae9b896b5f362c6b8ea316bdb9cbb04d87aad883ac6f7f707cdf33d9b33c4167c1a5eb990bf26c0e4268594ace7516766ffafc749c0e1b95519263cfa7f598a910019ee8e59468e271cc33d39bf2801de07ced88c5b570a38c0d067482ba875f299daf6ede14a331df783accec6e9edd83eea5b52e3597611dba6c63376becdd06513f916ba44efd5360bb811b3140d65c796a182f0882bc260ccd8f0f521d3119bbba2f6723589df4aba007181af2218d219c0f934b98127d47c0d61dc6db1f7521df2f84bae31bef5d36d3671b992cddc4f35a8749df6b10f7ba4f2d5473dd79041c6922606e404ec107cc7df0dabc003fedc1a8bf0335c9c994e4ce8e50ad5ca5dc7288ab2b09c51b9a3604e92c7476648f3b8b2fa58a22bfc27aef2c4148d5e9d27032dbe135cece1a76d5ba062baf2b0ace19b048766fe46bf02552f695a07054806e8e5771062d17d631732a7f580fcd1d1dbd15760d38103060857d5d310384eb1b57b272dfbd1308e13944ec5ac339b62977006405c9de0335bb042b6185b2803443e137356bd8799dfa421ab6873c5d1758481f9470a4318bc7856a5bed1bea17c48898ef00435d2aa45e7aaa79fd53e67f94465b5f65cc5e59be6c023f8cb7a0cc211c21a4a5ec1d9c8d9ea5ac8d2dfc3c5ca20864b2e958143b73f54600fe86f2f1c1fb353ea405899ddb881c3549ce4a89cd7489b69a29959c4fa0a7d172a107603053beaaf500e1b4b4e05dd52ea5585a5bb86e0520d74fec89da03f8144bf6cc803bf61ea60122fdb179900ab12dcbaf46eca1b96d36d112667cd97e69be96938c8159ec7c98df914a101ed46c5fcaf561d20a1c8769e993d81ae27a2d534a29a41a24f6c9fb10d205080a86315a9bc82e511396c74422a10692465d44a8958542cd5e13ad784c3173255dfa4f8f4fd932ca993a806e35a4531c546f22f27f3bbaecc7433f240be565e64876e1a0876814a5f674c518b10388175ae7db6889b074bf952b513bfd37425aa8f4bbec372e3ed68d07dd580a7994f0e53ef8d14a3aaf02c4e5cd1b99eb98ed5f5f300609ae17cdc8c44df623bbb797434b9d6c27e77d791590cfb41bb72a703cb764be3a1ade781494c8bbdc012ad6c08d5ae989734ab9ee426c3c717bc94dce5d7f5e2b62dd78f6454bfa740076b695fa2c119b0cfe07f36e375e118e13a56a9a2628c2cb5c55153eba0be88cedf0ed905c178bd3ba7d6d412171965d093caa1d065df8d44c64dc9ee6f53d59a8eeda7ab90c3bd096fd6c8a6c814b4e50319c1476f4f10cf527384f39ff6fe1d2e47ade68dde6c1df60e2706cf398b4fc62ea718de008f548f3fcf7a4c4a16916696b33913852fa48d2b8fe55fe5c9e5e4b5010105368eeb63d9d99610c3f2898c70d2828ffce6e64aaaf06a4d79b25301b2c4355511a6ace1fa7f57195a0034685084976f58fa19e181026eef2559d66309596311d016d43dddee1ee297387b969fdf35731df563c821e00b264487aa7d663ed8997462c7cae6bd79a8177e570104ecce4714fec5d12b79a4ad598508893ecdec9779a698087be8e97ccfa602eba77dd3b2e89f31f1a000b3e9cbf9d6d4bc51c36b572e78b28838e18705d20380c35be69fd2a7910438282a009f3eed238f98ca784bc82bc38b7dac03e93b2ca29af05d30d887d8d4f13b4e71890b9f2f1b8e63d32d24894ea7c6ad9558670cfdedc18c5d809ad106ceac6f3b597a67121ef9c8e2d01814c5c698043789f6230a4a895b9a6d9abbb14514a12ae3eb34ef5c15cb778d80139fde52f75da7bee41848b4f36d48cd5579663e6197c7a05e98ffce9eafe5da347958cd63ea0f6deb5c01870ffbbce762cd9092f1ceb60b5e2615eb8e08e5f1e2cc98afc59bcdedd6a8d145cbfd4d2f52f409339f3336c10d2d06f7ed3ed2067ba25d704916e9050e7cbde8a4bf05f18e295178e43b28424d16b71db9b7649676c33afc8c61a9ee9732ed82005c028bca07a6befca8aeb276d066ab41c946008f20788cd7d140969a56832269d4390ba8ab0a6ee38d1cda75835c4d62e95d9e4d3a38dcebfd0a57ea9df8215fec9068cc6022c9ddb70b290ad79fce375bead5611ec0bd1bc300e3f954c9ba9a8c9fd987eb8e6d5018fc6f094cdb91f8aabb2cfd2f3638b49818f1197c8d32a3a9e39b8611b6d51230d8f78502cf6192f3ecad5c8538e07abbbe6916f55c38d223df8a6760093e2d49a3f552905d129c468a984b4c9726a3c5c14f97cf08a87b8aefdc4c9dcd02fd4f5e20ef897d06aadda3fa115d63504ce9337b395db1ae674628fbf7fcb4cc6f7e70bf6807c620fa74d5da2f5c07605b7b63a3e8ecf5fc90d7acc85ea8a34612d0f9546c0d71c62b84ceca56b0b520571426f5c37bbd24e266c81bd1ba9a1d3a2156492fc9147fb9d38ac1041483e3ebb3332fb61cf120005b889f8ffd4aecb6b7f6d12ca6ffbb8ca71b091b54990450e3990ea9de23865e1a037bd99936fabdaaf1fe1788fd8432e644cbad13692a6149541911a43d38d2c12283f1ee6a74ba3da3b81024faf115c0ce7cea3dd8547a6aa7e5f572d44bbf139ecda41b31981bc426157b25ff151ba24be4402df80d75a74fd6ff9d29b8bcf9e136499061484187b0f62ef3e4c42ff90b036c1ae0b450a50e3239283e6063f3aaf963778bc4f814999214392c404e4d106d6540ca18a67eec5c0b799ed61cb75c48a7cfef093f0186c1da0ec8840576c99f94e75868d1e0becffd3d533db378b411ce5fe444539dd52412ca73aa63c47d43be3f2ae334133654c5ddb1b93ecfd518fa658d682f040570367d3abad764e1ff52bae9d74e50a69e140a3900179f32d500c21385acffa61fdf1079755f941a82ac42261ecc0e419c449abb57686bf1ed66b7824cb78e13c99c6de1a012306f6fce2abb4671b4958e4618465addb6399add0cf7b61b7593a2cd95310ba799e90fdc74d84d5b2ca82f7a44e089a1bb8bc3dfde8b581672165913db3f12536816de657fd915d06a88ca72bc36887e1394911512f002f5399c83350899c1644091078eac57f680a67da0876061fe741dc777cd7e8ee7625a643efc688c2b1ca74f97853ee692df00512e90d2b7340ee553162d51ea45a820019e497a33fe1b6772c57f21b0313d87091e81d468dae09cb0653062fb8a61a4d29e6c9c0ebc2e1499f46501c5d8e382b7ee5d3c69cb82842d30a7f6010ca837a5129b85c05494d6698985c5e26a99d3f5699b9c356bec27affc3d466f604012476155691a753af33cf5f1faab6e0feaadd9e69d9de20b9acfef5d0907720e7895c23545c3d2f1e8bf54ff661148a9b4744d80e11b8f25ab15c299136f85f85d2acfb867d9136fe68728e73908ec916a9b27fd510401e375fc18bccff483537412a8ef6dbd5c594c808eceed776a6d9d1f9206195448e4f31e4522b03473caa6cbf8d676758da0b00217a5c57c048ea22163dc16114914fddd8937f687382a8006801275a6d73d09f8bf211e164afaa6624ac687eaa7e1b650e64cfaf6b845c7291d47ae14b71800fa25b5fa8ba1f94e00ee07fb621b638a5d31b4540b04ea6a4491ed25b06f425c23b227f06ee2fd5707a24feeb383dd48f827d97a1a46087ef808340f46a920696b6e2b5829937376770d4f17124935000c275b8f52ca62056ae44711487546ed9a12aa46d055c2a506a9cc6e45eb6234cdc01702fbbe484fc4535dfa667b23302dc204cf222b8439e97f6a63cf318f51d3edd06985b06ab5242795df01263242e5ba4378166647e90268b125c88b0282e75d8bc6a382e0014fed273724fbe2cdf2eab9fb0d9f9062d6363db6f027493c83d1e6211d9276950b453f0b2864a13bdc4309010c5792a34a793c490e14fad1ab0dd211110b748739a75350594ef882bddf82a4e1775eb367a08db9ac88c4ef88c79434e1edfc6d8cfd4694268eb2a311e270aae6da054b98d5649469bf549562411412461702fef5412c83ecceeb500e675999ab47dd119d89ecacda2735e0ce9bd126e29b485614d3a94dc3305ddf0471292168464d29e3c810b0eccaf9741e4218ab53889d77b7a22f9cc2dac1cbbe5396097d85923db95fff93564292d32c6b08742f724ddbab4ed874e90a24bc57d5d87bc795ab188f1ac523c10cb0f22242c35aea24deddab47ae84f8ba73c1e7d6c39d1f5d37645ec0ce42c64a9708809bfe2980f5fcbb328eae06da600dc0656b1aef1dbefd01ccf896431d0bea9d548912fd946fdbb55c39d6f9a567617b5069fb498b8e9894293fb0a7a93e3206c7d09fc718ac2e2abc4e2703474d48d6f72e9d103960902dc1591367dd4b8c903c59d8f7d3015a0bcbab5b1b7b96c94d44936f2a5d30cd7549bbd9072bde854c364b524041f10ef63ee527f153f238200674965cd8dbe959341cdf0b6926babb10c8c5342652b091bbd0edc1102f2", 0x1000}], 0x5, &(0x7f0000006180)=[{0x50, 0x100, 0x5d0b8fd4, "9f397dda04f86048a45fd5f363c86abfe4157b33207a2f8c4e8ea55eabe1e1a30e3b3553b46399b05fcd62c0da907ea5b14dc8993a0acc9e58777a"}], 0x50}}, {{&(0x7f0000006200)=@llc={0x1a, 0x6, 0x40, 0x4, 0x2, 0x40, @dev={[], 0x1e}}, 0x80, &(0x7f0000007440)=[{&(0x7f0000006280)="4a0af7874213952c797694f4ec05797f12953dc58ee1e1d6faf84a7fa48d8dc209ecc6b8fd87141e6d5938bfc34e181db9d66a91ef460e9f0600000000000000fbaa2a0059b6300643bdc7e7768e3355ae55f75b4a474f7f46930666", 0x5c}, {&(0x7f0000006300)="6b47025d1c8071c9d0c22561451432bb8f043b7a0b47696bc9ec48a28d1b0f7aab9783ac54966467ab0f59a2bd9dc9d9163bc0e3b9e49672075478074c4896e4a48889e914fc4e6469b7da21bf022114d3188e81c979214229a396d62677a9a127ea5cd5ff90da88228192b1bfd1ea21ce4bd7183538ece0d8718d8927c089d2d87ed2c3e248187a71468cf3226bda528086744ed85565bb740117740cc972fd3098aa292e0db14f301db777d0619c786b", 0xb1}, {&(0x7f00000063c0)="a91033bfe8698a42a4171131ae2eb4e32b9f425cca25869f879d22f9c793febf3cfeea94f833d103a948cc0efab5c83536451830ef0df873850ef27c3dc5d69afb1c28409437147b71bcbe1f622ef552b3b10ee5bf199c091e1b8de36503ffece65e136c", 0x64}, {&(0x7f0000006440)="0982b2913bb7008ffe5cb60b4bdbfe611d30fd8df84bae2e8daf30acf59e28e3126cc0636769946cd683759f4c23be0ee59b2091ccd64a5c96c169970bf5dc74c2758267d738d7379f712d6873c23fe3b95926dff206f4771b6a92d2a779d814fe5c70de777410b1032151f5fbbdea737ffbfb24edfa5162e0bc35e99188a3508e2ec2a4572c847ed4977cb43bafd8c98234f0deee315112d9b67d9b56aedcff981adf9dd1cc1f7b5d1508dd967fc2f908e75565d9cbe83981818417bcbb112b3594a0bd1095bc49788ff879b647441269b0f6f122c1ff061b3299eee857c3929491a0f24fc748bd5edd0eb255ba0acb096877363e32f86cbae19592e4dfb7641cadaba94fed52cab8ea6e731ad92d8315ccd0caaef58e6a21eea2c5ab9e4ea769b9fb8c62f4f5d92fe66660b2395bf0cb88faf4b816be8cc821cac51e92b7c4756be0d2fc13d9a77916323268cd1a3ebad6a73ef6dc745243e7da9832600ae271d569a18a8a89a1ccb1cffa7db7d37ad19c264af5b335f36ae7b8c4fd4f35f1bfc792dfc976843a76dc0a99534863c50f9150d67870bb06484eb8bfddde45aef0fadd9106d88e2612699006bdd7408dbe6a05006b1da338b19502e8b5070c4c21c971283d579dac1bca99fe880347044ea06ef23d97090b21cdf4b3edb75fb91e3223f421bb6b293529e3e81f050f3b63f62d195d678aad666e11cd9bbe444c702179a8e46ce7dc985a23f15d096556ebbacfa571e3ec1207b6d4036b4eab312c5d99dfc464bec3a16606d3b4b996c12d78ac78ca28ca90d44c0fa6f4e94ed66288471957e70b1140792fb084382fc0e291f9c4380013c68ed72a9f06b22323c06c68e3f6f66c73aef9f3267430c227126f6362ec39b91751fc5dc598a59be5e692ff8db38a1f0c77df8605e7bb5e1a8de0595eb613d21afcdf74168e2fbd263a92f9280f50a75b7775b72c811cc2ff0816d9d098fb50a991a53c387f96eb3eea2f487d747ccea75a028bfda6a07b8b481ced5e238fba7d6950b42b872c53d6331045c61fc215dea39e812f62c681e2ed0f11112573cd45dfb3c43a96fc05a7554293ffe57de3e8c26f4ba74d5eb84c34c5865374cda5685d1c71e0ac6f359aeb8b77e03a2e2c64a1ff2f8a4ab06014e1224ebba1c36bdaf53a55ef2b784b2b53ce6afb3f12e6296de2fe6460ffb5573ed9bf864c4f54c5f3d50c138f3b9c4b6d8e3a49b18acacbb0fd4a4579333539ef913717d884618d6151be9fc4c2d72ce10dfbc556e212e8fdb75d10fff396676ee186b7a37216e72d42a4a5979f80d3866db355728fbb4c312e12dce3a86d78fce2d0ef0484a2ea42520ee98c8cfe33d471b8645b219c1c5b609fb9ef5311bdda10793e30aa70398e13c6884ddc913b53dafcb7d5a7ca315a73ea0773ebf1636784e7bd36dbc95d2d5c5e5f0ea87471dccba018e9b39ae0af6fb98211d789c3125b42ff1d89b6947dc45801af59aada16a5eec4ab127ac133f71bfae3f374843b5a7eb47743394e3296b31d42aa697f47041670770ceda103d92375f43ab3ae2281e7c863cabf4d977eb09a23a54b2579b882a3f2332bed1f16c6691df59288053d33ab2c9e9dd2828500b693246561968870fc7c964703f4682573585b8405a48e85c5ee2172e6340c5d52fa4dcaf8efb5fbdd9faf8456615df229ddc75f63657f32eb56865649235bcd198f07cb2ee565c5c6e670f751e4357983194fb411a237d4a49d1539ee19b926375f8b39f84fd99e2cc850b6e7181518ae44abf71e1bac39b2cba8c2c611cf89793731112cf560acf70dde3640d3e488df7cd1a77d88b69c38133a5d2b85eba83918fd1573f35bd9b77bec30109709c2fea12be5f3f7040411536590e312e822a32736caa79580209d768d21ddedb4c616e3c38c578e59153ce34452cc55c713ba71f9e209f0b680cd4546b282bce326fdf8dcf280ebff0bf671989c890991f672d853907d147d1e6dda59033ed1b20f4b67f3394684e54411c0e7703d3d4a5750eca387d7d30e8ac5d8d44ae0c93371be51afa508d1ae3c472df375772b6d7182647a12cdf19fc9e376205106466ea0464dc440bbbf1c7d9e4a48fe59a2a3d53e45f17b951e9efd2a87b0fd36a576c9252bf6f2a7d9d691429edf38e42abdbbb04dc47f7d8ccf02ab4286f4f4f423ac6d22a5a90e0ec650b17bafc97893e1cd156b7b047cef401bf75ab056b88c24a5988d29bbf0846c990961ec25bf235d920fda336639cdf3bbd9b91d96eb57fdf0968e199a322c7c3e57783fea4f394b13d5bf583469232f71fff07d25013c0e492591fbbdf46533b59d56fcdb304714e4d657a3b60825d9c4b609ec5ad080258bda664cd7cbd7923195b113a835d485cf51f5d073804b9b56bb1ead89731660bf4c8aa052a958bad6ed8f9822e15f79ce95639dd51ec153522e7a59e1948df2d78e78f702180b244bf58213f2d48b4724346bb226d7443018f934924cf2c1c7162d9acaf71f24a464ec4cf997324303c8c372f5eee25dd4b430f1233699411ce79877ad27e4fdbeba583298d0174fc23c3b75edd38f74d48c37217300aeae0d64e764208ca7b3c3e4b90c939e6f71b25c0423c6210bc92299625a17d43ed53c0cd7bad15282e506a686817ce3a7bae17627c7a0458f93d8734c36af80bd33c22b8fa666d6bd1fbf67843a4da9aaece4486123a66fb04f3eea318a870c723a091386013d96ad0c29eb181c99cf6db8a2c8b21030f46d4cf830a823d3f195e99b9cb315822801d961d739007079de3b2a1a30466caa4360d9871c34411adec48577c671551dc11ecc4ac4c716e2ea268464b0e2087417952992254f8552c4869b928c28a4f8abbc8841d8e0a5cf893d181803d122a1ca2eae693cc196da6166b5c1197317febf91991be124669a6207b29f4b12897a1984c6a23179839f1786f0088900b6a993abf172d78020cca351834caad9e0b5aa46b1ee6c690aca43e63bd787fa166efbe15b64384192fbfefc90ec5a9b3a4fdf51e8b2e80d7670d8cb674e98cd71af5455e389effc0028149f01d8970aabe3c5fd3ab7c235910535cf917cd58bde97f31de9484b1eaf4730d0cc18edba677664a1c703a436b384266aa83957cbab6320e98b50a9e80d222be1fc705b0c4aeb4b304b60c8b72672b6ec844fac2b03610f761677de180f7262f3a95bce6a285e429be28353b022e66210b15ecbfdb9d44ca9c7bf4339f7ba274a55ed875c9b254347124460856919e5eafc64a2a324cbfa85049bf9d4e37839da344a25b74835bf13e4c8963a05fb2854df41174315a2853ed0bc24456c572a5eab25733b278dedc3c4eaa669cc138d6b68b1e774d000d94faa9d3b65013d0d47aefe4a7de9f8cccf958b555b772c3d1be3286307c31e4d9d0c41e481dd8ec09a08a3c486a0002328e21bab62fdaed62203e83db796539689e2f4c356d30177e82c96a09cade96015b64ba263f2ed1c6cdca3d3bf0ce95b6a474e8420195b3f07e0d001f8113af6f95dd7875869cb55ee0c8c17c2e2070b0b98d09b1561d05e9a35e673539bb4b04e614701662581ac6b06305d0b01d56a6c86fb9fec808f9f05d9646ffcf2262145da70e2172b8da4c2e609020a859cffa41e4c45d1ff485410052dab0f4d672cd30c21d03befc13dbf52fbbc7bd40a548c5da990ad1df021adb9902320b72c38aed0f60ca99731dec5f0374d1834d24a75049ccb4c385650a6836b8209169a2e88b9e75ed14062a3c309c872617ba98a66eb77b0bcf5da33f0bb2f3bed81dca214403dba6820f414b0a392a47a2f34ac149ab99bcb2fa0ff5a6fadc21e6c419948784e5dce2017e7b2c0b491b60aa8cbbc7aee8d355ff0eaac59363f0d0eeb3b441d2f5bfb90f226a656799d72a76590da824dd387807e6a56c7a396c2a5a80546c25a052c1b97a0f0170b7252ea8ed19a96ac65b0ad55517884f4eac4816576316f2a315371a7f9483e30301a5f1210ad968358ef39566ea13342164cf5d1cc4a05e7046b43b535d860b159ae705dde424beb3adfad52b4e61a2066e4d917a5360fb159b2937f00d30c848dddf504d6ff6d142f0364be7b33b37894e83d78195dba652234651e404d0b260fa6d5111f3324b2bc414a793dd80d2e7fbb973abc6e2e81b2b6b81d2e1231d272518f071b73d1658327c04a53bfd517cdcb071cf770fe412268debc0c670b5622931e469043e6b3b45e0b2e5f95b10a317aafd7776147d04905619c0bcdd5bc3e022c5c89478501b03889508c2f4a1bff3e73ca8e72f52eb0d13657a06e3f045a2c153c32e73a85b1d92d927fcc87b7a71f3c4ba488e53910589ec9c22e1c58b3f6aeddd0bd7ff44b4baeb0afda183f294255550c6e841ddcc2bb8f447b2d4a04f95401dc651aa1fc653ba2506abfd305f46321ab3f894c515f615abdbb16782c68ba43832b32af9dda413385da387c8080041649b06f4f2c5b910881623db58219853c1d38aaff36227db92e467ab6355d0e01e42c54f4eeab0387388fd4caa953c5ebc71a17bf2fcfa7d9cae7a355f32a7ec7b6ec69dd0f1a599e1043f6232f029e5292fc0dc98d5bbe2f638fd38e5f382e4cce492a4585f4c0aff1685d236cac23393d63d8f88c3fdf948dc6fc11aac0dfcf70ca85406ad02d9d0130c1ee952f7220de282c91fadf7135b1101b0222c76daf84ab369854d2f114453f80186eb2c707071e76726e6f4888761b655c66c2e2e921eeeddbefdc3dd5570553b6b2d0a7e62f8fbc58a55c4026e60c1ec30ca9a159479fbf20cd17fddc9267753126ef8335bb42eceffdffb5b2d342af013caecd3175f25663020f813b7bc40b6897df9315c4e034c83f65b1ffaab4a4530278eb5287221fae6a79d8b2928ef8d465a5baec4330188ed49bfdb86e53b03aaf836a6a22d6cb7172c34fa7add76c3033e82e54c7230099e173d9d5d2c3bc8b0c6d7ab8af4c6130fef279fe7c6eb6e23434494d7ff2fce787cf6efd87ff96dcde03e7e0a86ce58aae445d0da7be996f623ac7fa42422f08672a1b805dd7478fb99d4b6991dd6a4ff9d99c7e9dbd663d95400efef26b5eebf65f0150aaf749b1931d893f684feec077cf0c54564bd8a35e921e6b30a7f09e13782dca04a12053f4269b365924bd6c29dbb4e194261079f022e5d441822471f9fbaa7ca8191f1c50623a27bda07bfd479cc878e1ef9b62f7eb8c9eeff5e7a2aeb0bf3015930334aaec349f8448fd108afbf5f67bd7fea94c567ac8b7a2c41c14a61b281c5162fdc8c8c6662ccd7c6aee35f5bb7385cbdca269c6ee965486694bb3f6d482e553ecb037ff780536732df4727c5b3710793fa491aa98f1594c97527baba845f624eb4043352e7ad4e7ea928a57a78d5cca4030a4efaefbc02b1459551e28f54a148d99e1017de6ac1f3e23c0c92cc454fa779158efde669ea7f7aab708ff0d714bc576c38ddc471db0e4e0b70ef3b8081bb55eb757c6a241477b005664991b535c82633e628f35b5e75a6f41162efbc58fb68267467a5e85b5b74b9b1065f1b02833405dd16a7f771a7943ea0ff0bc28328dcf186a41453413e96c90253e93464b0125d9d4ad8cdcd0d67eec851636694ab60552d3642e40a1a26cca22db02999a0b52eeafc26777c291331183ae90928389ec4bfe82a819bc7a69a4e8c8fe2286088b709b3ce1edb88878cdef71988d4eeacc444dc45839feb393a672260fdc637bb890e431bb1108b7112b2d3d373dcb8991fb30785e9363bb869043c5fa3d9779c39b0f1285", 0x1000}], 0x4, &(0x7f0000007480)=[{0xe0, 0x118, 0x101, "a1e74500b2fd959bf081df07e40c109e2bc7cea5e924b6846dc45480fabf110ccf430437b34eb596f24fe5f9b94698ff3288cbf6bf5d640c58b5c2bfbc2b39a5d165be4e858ac1730642544953ced1d757c8d4af90e719ae2357eebd744e5bc4d5de6310d8443bbae705dac6aa5857d39134f58bb979e57c896ce9aa94444505557c7ae44facb789b857bc3fdca0882c88ebaccb7d20acb60113138a2d37c2f1448be8bc8cde8e2bc8afaed3eb2773bb2323160416321cc9b899857ef3170f8a31c88f673938fe0405"}, {0x60, 0x10b, 0x7, "88af889dedfd0e85b0d132589bd47f2d1c5e2d544a8f9a3b935258615c45dbfe51f07c4cb64ac61a39e38a89a5670c307d51cd7d7fb1524f2c7f76413bff15143a722f58cdab69c08499"}, {0x90, 0x116, 0x8000, "92af94c32fee8be1b72e97c20af542f2bd90159ea9f593bf5e9c254cde855a576c435ca1bea81f51f1a3e10f4eb786c701b9e6a143ac3776fec07f6699e6271f6e1d6480012ba3e186c243c8e737f3c202bb387d021efa14d8aff5e21d1201cfe6ef4de8f6d37bbb3cd7e92565dab24f470e3ea6231ae7b13ea3f8"}, {0x110, 0x10a, 0x4, "a242695e052ca79cce4a54fb3d7eec5669b8f0360d83953c70b00f049baa57c8c59b67029e0e53bf4f356d4f52c64ca9651111aef8b653d164a0879819d79f81f4bf139610612ee1dce4dc122328df50da0a76025567f5d9454bd9d0cea5aa7ec66a931f94a94b403f160dff3c1b70cc3a9975fec9a7e0e55668a90fe479147dc06013002f714c4ed30439461c418ff3a84c1f4472b42805d0f07f893653b0adbb7a5af1fb73ce4aaa84bcd3b4b925d7874a0796f156dea5e9a707a7089ef2b2e2d7ff44a4a9a41c1e54eb73ee1723910efbe7e6be76917d7d2a43a7fc757f15025182e0cf6f53472a6bb692a6ab78219ba5e0798b5c74e6d9e1f4a390610c"}, {0x108, 0x84, 0xa5, "55e7bba244c37720cc6fdd71e256b5502ec1e8d64329faede5c2c6fc7ab8fa1cf8ae2fee9dce1a18e2e6eeba0a49078c298e2f67d4d6eefdbd7976d7ff8866b39a22470f6273384bfb529d40bc0da4948ae60e4f520cfd2d8d076c9911a2fde55e4fc2bcb908f8322386cee2494544b2cef8131c549d47f0bf8778307dd254762fbfb6ab6c1995df411c8e9ea098629e74da6e9af050ee281d95633075bc1ab699c31ade395322878b6f4d414cca5bd70b003430661387601cd0648536729510c82ba12d97b4da4f5f66c53f711899e69b07b247121defb2157e808187bf70e8d3bd9a1f74a9c2af1f061b4dd8a181d8f9ef476a21"}, {0xb8, 0x10e, 0x7f, "b9b07271700654cdc6a75c1813b967bdcde7a5fee20f37c4a8d619b70c673eeaf53e3ed39cdba4e40f7b87e10b469726c2188956efcc0b5395bc984e9b68355381bc872da0b5e0045e9def90faee0b47b2a4dc975028f9390e0661a0d109d265b90bfd343b109da80ac2b1018009a68a81556ffad131d98e317eb393059544bd8265aff5e876db4a941d5aec90075f38a02b2c2bf0a34b6f7b857474c29dbabf74fbc6f17e"}, {0xb8, 0x115, 0x4, "e6421b35ba8e8062d75a132771006a00898629c3b149db9f1ca4f5413f1eeef7c8da7fd0b214127551e003dc97a5f05f3c3325c9a68651773ff91f266d48daef03b3aa93d466f75d5e558cb3141ef26c498388da393f94d27448ea4c7ce48791afb7151aaa71eb1b93d0062bddf8cbc9cf8cbc58a1b542d319c1b481e654ec46c11ea20b2eec0f7a321a87b7beb9c268f902e24c40f12d77b13cdffd75ad4ef46c0e1bd4"}], 0x558}}, {{&(0x7f0000007a00)=@isdn={0x22, 0x1d, 0x82, 0x8}, 0x80, &(0x7f0000007e00)=[{&(0x7f0000007a80)="e3f6020d186105deaab0aff844589b6e51e0bfece4d7380bdd2234fc199370626c6f5f4edbd3fad1f40fd817c1acd977287e8de3077c1f19ff5ad1ed0dcc722853f9ea1f9ddf72a5f33a47fb27a19cd609c8ea1704d3c514a5522644c59eb1f0480da2f42f1c2f164b64acedac3783d709f70d6f52ad7414c6bb727688f5de875ac989fa1b426c2dd9bd3905a79bfd768f22f8d4203052346a55c0e37a3279cc6554ed606fb229e33c738b7a149961e00e1ddb591b8985022ed8b872ef16ba7be40a3cda2875b2bbec7e4ea05afdaef5e025bd59078d91532c09ce21dffbafff7d5d7df76c5fce5960c611a22f5ec065dd146fa25c089d20", 0xf8}, {&(0x7f0000007b80)="735e37b028a7b83ef242b2aa7b62f7a0a4d454cc8695be9be71d93e9e6eaf048d6bb5ce2f25e1deb1382a17087a74557877ed51b9e03225063ad78c28acce31a1fc9658870c75078c7f10edec0eb082c36a619c9a664649693295f917425fde1d27d7d1096a83ba27849838659193a97e3c62a4da7d9bfe8ed884c771ca753c3e58dd864aec7ad427cead721e9d6637631eb83bcd005df54c66fdcd858b2182bd2a94b813f92c5dd86558307ad4892c6c14d7abb00f52906363c0fceced97eb3aa680c613c5fdfcfef6b91db66050b6f5e634e52eda0aeb1c32b9fb5acda", 0xde}, {&(0x7f0000007c80)="7b4a0162a073fa235165ece6dfdf1ded144b4433875896bd8b3fd31643ad42f529c00d777bf7bee08d779c6d27d2dcd73e27063ce4ff59f43516cc6b30e4ddf4901a15eb29a1ed87f698c6036ea1af01982355e5d5aa5edd40f953ac66a4bb05d6724229b9d8b7b1a5b50c080282736a2af3293177f5ea5458b5646e21a5e842c45a11ac9d6672aef42e3e3c25d5f5262b19eb627767", 0x96}, {&(0x7f0000007d40)="818f647b4e37b077378dba17380ec3c0831e6c2b7f6a8491664f8c2d55904af90af12143a85083fe5eac10c9f0fef2a5e281cb92fa14537346228b087cdce15a1a97adff6fd68b60ff6b040d981d3553", 0x50}, {&(0x7f0000007dc0)="33856b60e2ebe36b336d4e229ce0a5a2217782f75441d6adb72a", 0x1a}], 0x5, &(0x7f0000001940)=ANY=[@ANYBLOB="d0000000000000000c01000003000000908598481b54a49a573ba0c3981f8d18a98775b9066fb522108acf27568f8aa11c955750d96a1379ca45e045ccedf8a2eb4721d98169e7d1b8e97e8538f13f10f510e6faf51587ebf20d3dc38efd4723d34252a1ca3c0e53b3727746ea6397d8203e297a13ba43d5b406e1f5d2a1da1cd0e9b6e72c070231c765c149bc9691e0a66b384e8f42de15282c6dabb1830d0b4980627baa28c00936aad3d5b58692d591dc679cbb3c830dea4f469f34ea19d716dda61c8158d8cadd2a70def79cc704e000000000000000840000007f00000091d084ddcac6aaf52664e073b1e897539db6aea744c3f685a582ca88cd6df66af838469aab1876ea38fabec97c0598a96d7b1112dc8d0cf018a9deef80a795e6c2dfb3b95255621f9e9e5c51e2e902621013da8e0ed28dacf5153d83fc8f3e798f63f1c700fb6447bc6a45797fd6b53ea81b40e6439af8e405211e94acccd5150182f2a1b0690b0a4b5a026ecbd22a2ad7da417aab2bd90f2c0910259760b56d6fab710f5417fc0a088b56b0fd86e3b833f9a81700d042aa1c42d36d61ab43b5dad7ab7d094758c0442708e10000000008010000000000000600000002000000de40bba47b6d6fda65d8ac27c9bc8f6994194170498b0f6cc3b0ca28144a4e0bc7fb7437bd46eb8212b2a351ae74a277e70e785790727c7cbf9af7aabce75432ef3146a7f445efff1f47cad44468be7dd2ba4528a037b44cd77bfc5f88d3c700a9c1e343ece00d24561ba7cb2721dbcc8cfe95fa2aa9827bbbe85908013fc1cf324479b935095151bf8dc2107ede9ba6efc3ff623b58b781fa9f5b7b465cfb6d4a87e49c10e79bf658ac93eaf1ed9e6d43c5ea9defadfec1e568477a43832749b2265eeff459aa6b95c34a65f2eb0220e5df7ee22c20b066870cfcfa4c8da4ab68d6751b0521f6ddccafa62c9c945e22aac4130400000000000100000000000011010000cc000000424dd5cc13fbeec08e6a6d8bf8ac343395a97dcaf72ee0e720503b4300e9fab9e4a8d38446fd92f0619552a544e43304f3f402776884acadccce49353255e0dbc57751576cb99fea28701e04b60567b7ae995907b02aefc2d4d4ce5caad54526198df6c8368a86fbec0b6615369fb06d1c2a19bb0dc90a7d034db86fd038973b50b450cc52d273f7474db9dee6cc066bc558a95a2de7f2e8a45d4471b7c3a2922c9545caeb08c5aeecf3d7a215f17571578281a3668ded339fc528a4fccd7aaa5d5b6fc88d705494a7a747fb3396d98a6851c4ba41d743accea6d625f300be90ccdaf5bc6628afefe0176fedc14d890988000000000000001701000000000000cae613e02e5707b0e63199c1582cf532ff99bb980b99fb8ea8d73adecd19ea6645ae06a3d80d42c2b38df08e8e965490fbad525400f7c3ec332a35438475a9958efbbc45b576ae1037d6e5ca30ef62a7a6f5b23c9c389b0a9e5a38ef837b5a6c45f7f797f946f8693ed4742004559b80fc97193a3f0000009000000000000000110100008affffff6085ab78699162d602f94b1d30a69f67e473af7e4ac90ce03fcf4e32923ff775c53afff59c0b009d9f1ce612306f3288d97640744c72bee5019f559c29e8526075ddf21f323bc66e8373b1444f47914fc6d89907a8f3569a7210eb107c01b0493af4650ccee10afac49229033a91b655048fa7ae53cc3d31151d000000000000e800000000000000160100000400000090d7c152a2307a4f58af60bbd4b14d721df14dd5de97833e943dac421de3e1bebf5a7e9c31e54a63dd35cb379a09c4bdedc1a4e0aea1f516a2518a473af70069ce3908384b2c2051244fc22b8f1b67603ac2154c623caa616c09c18d96412cdf8671d6b25527b012e6c7f73da32bcb8fef75343603550725a5d7c4fc8113f3238112e0443de63758dffe5b785f94899e6d6b09cb5aaea618eb79dbd1bcc44e74f59b207899dfb976a2b044ae7a2cf2ad8ff612b1c88edebbe6feccdc5e1f9c5a02423af46f889b42a890fe89ff264b0f494cf70000000000980000000000000009010000090000005d14eabbf8c0a86ce507335d36df961641602b65783c37e1b67bce607e026e18a622d34399962839dacb969d66dea7a8c02e1356127a28df90641a1580545d894f5babcd8cbada46332c2be5dc39e0d9f66d4a0f8415bf7474911809b35abf38589a9098e27e0b085d90d62e123f4c94c400f48e10f39dbc42d83dc6ee36d50bbe726e1020f3ae00b8000000000000000801000005000000da286d2e48119023419b782b76fee17c390d51a20225c592eb5cb5a1841751810bb710b53d1687c25be0ee6dfa18bd140b38afa442ee958a9e09bf926f8e0d59fdea7f94f559681d5b14e2e7a73b467472ea17cdcb87d2cde37a3ce396e5179df8dbb600828f3b66d147f9dc0a5f0eaa9eb4a1ac22f9cc83aa215b316f9bd536dc5eb3c8d9ff77bb189a7255aba5d11536fc366515db53c8c9ab3d9207dce4581b6e000000000000980000000000000006000000830d00009adf614e1c80fe9b91d4b462a6d01b352356049f24262dea3143a92c962574d43e023b2c197fd9529d77cba9c0085e4fdf06ee5dd5149328b3081e12c0c98a094f9891cb506296cd379231ed27aa0b8759318f605ef6d24691f9fddd40aec06007609a82ebcb79f6da871ed044631007a53927cff682b0c6baa98eae40e9bf0e52ebd9f000000000bc72780e53a64b7f3a0e406331f999537ae63ace6f8898f4dc834f0adba1e96e8017da6f6792f0d0812c11bc8af17fe63c98bdba0e"], 0x7a0}}, {{&(0x7f0000008640)=@isdn={0x22, 0x7, 0xff, 0x7, 0x8}, 0x80, &(0x7f0000008940)=[{&(0x7f00000086c0)="06cf3a38835b55464b80192f41dbda254b671103615f4c03cedddaf2885100", 0x1f}, {&(0x7f0000008700)="0bc17aee9744c07572bfb046555469f498490c20aa777da8729b969b36032b6023abd1fad44172df3131ba4bb70426d1c4c3c5f34917de693283b0aa096f65fb81b31db180f6ee2063d21f857e7ac67acfaa29ad46f0b88c8c4667bc19085778490d12fc5fcc9213f265a1df0c2d3bb5346967b368506090cd6bd74aac2e210571b34a87f4fe4d6df44aa684f168714b3862eea4467842263251a7b24184335be204fe1b1a383c0672bcdfd9162087b6cd516f1f97ab40ed88f290d22b049c68a236d2094e018b0e5791d7a1ed8d7d830e4679eae4b5abcb1ae6da6f6785a349a6938566ee73ff6093e07f76b6fd45a8aa62a6b2a467d76fc1", 0xf9}, {&(0x7f0000008800)="51d906c7a01f55046171c960c836a82ad517329904c3d1302badcc82d153ad1e406d127effd0f9b162990c08467c5b290ac510845d0e2b66f02da9903a4514a2f3f24a9a44aedb92bed0e9ab4dacbf9340ef8603f45c691d340f3254f2aacbfb90dd887118834bd5d040bc3b37", 0x6d}, {&(0x7f0000008880)="2bb5de8e55a8c1dad65f444d2b8dd8f78ab1ff51eb31a0cdc943a4285978a8695188127a20dff84c058cc6dde5eaca964b45ed0c2b9ab10b244513d3fbe6b34e825db957b2e7a4234248236e4a1be976ff8af5c6b9097e889e71fddd65549c50da8a537c6e9094a71de12a3f1675a3986a7897cd1ba012c94c7b83e25d4bd3011a730dfc7a36f4e45cc1b9915a91bebf24765d4c0845e5917e", 0x99}], 0x4}}, {{&(0x7f0000008980)=@nfc={0x27, 0x0, 0x1, 0x5}, 0x80, &(0x7f0000008c00)=[{&(0x7f0000008a00)="84deb4e91eb4ef759651845db7caa137f344cabea207c44cf4508edb4810944bbde16980ad3cadc3bf7b20efc73e595c9ea60e27968cadc39dd5fdc07458e892c46e4b0061f485a414a3f12050f9d120ba24a4f54c4ee82fd7ce48d89c5715023a27a2951b483e757fe6d88ffbb083c315b024e9e4a7add6ac0922b2d8b783932d3e917942", 0x85}, {&(0x7f0000008ac0)="af046f481111bfbcb65447f8fbddd19f1963a2cd57dad50364c5e303f0d55b16d3ebfbf6a33b402930", 0x29}, {&(0x7f0000008b00)="d9ff01ca483c9f487ffc8fc52fb81888a66b4f1f89bcfa9400dcc3cf30094459418fa2b53405fe14854ecff00179510f1d99c72c4d3a6ad5e0ac2d2b9e78647d3dbe0be6a487b2b0f06dca83e3d3d13c4c13208f15e1f8d276911734ccfec8999fc97f0a5b70c1ece35b1347cb79abb931a267582d74c645d98eb83eae63940de884ab6f7768e972c8cd06fa7bf3aa70995fed76fa4500d3d7a6f2ed55969f77ae2e7756f8c1c2318e6278d0f1b4d6068e59562eab32f7539daddc7210658d92c2c5d878bb9488cb81454bc872f043e2bace52fa836c9d63a25fba77f0975bc5887448a0d47b", 0xe6}], 0x3, &(0x7f0000008c40)=[{0x28, 0x117, 0x1, "034dbbfcce8235692bab25a0ba63342286a3ace285a8a38c"}, {0xa8, 0x11, 0x80, "76b0a528041d156c493409535346daede8ee6ae215699e54639d9be85480713fa582d7a69c94574007114837b06960d572e7341c0002ee3a9c703b40d88d3a44ea3914777bef1e77523705b879624b0d5e32d5dec7151422abdd562e72db60f1588d7dbf5d087aeb33c2e9eb34ebbc37dac18493f5122b4636a24ffc54bad4a97a07c26a3e3282d1e3f6cddf2e1367fd2b"}], 0xd0}}, {{&(0x7f00000018c0)=@llc={0x1a, 0xfccc, 0x4, 0x3, 0x8b, 0xec, @local}, 0x80, &(0x7f0000002300)=[{&(0x7f0000002200)="c0467fe7ce1c70a7fde787cebf7adf0000de4e4c1d10d51ddd19f0b0395cde8c36d05403b8ae78471685b446ec3264111e06f72ab372c8abf2d2eb86d1bd4f9322cde93046010a4809dfe07d81db1a6537f547bd2381f3d8921f6374a181d1d84002c946de63cc163b4afc2abc5a636b743979c1fedb71eba16dca12c85e784138fd0c37e1c373ee2fe7750dc18c39fa87dfc9d5f731cb5a74f6782d57294c48d653cb59e9ff7bae41f749148da5a29f304746276727fd47715283d75d075473c837d5b438ceb1b8ffa36426bba85360b8acbd", 0xd3}], 0x1, &(0x7f0000003940)=ANY=[@ANYBLOB="30000000000000000a010000faffffff028ee78a12d841d45683c50398da66b15129fdb303b207d63caab70000000000b00000000000000011010000fefffffff52543c9ef8f4e3894bff4323c1ea8def43bf2fab315f51d2ffc559823f5971798871b4b73821d53ac6c65e4bc01e32444509643e0e58f400d8e3d80f45a4ddede67644bf9d97709cfce300e4d623f9b5ec2f01aafec0a740f41ba455298c56b6259a9fad2dc3371a1596c1485d1d0e3b353d408b738d5b6a731108a73b9b9196ecf98e53133b04e4fd7cb9532cf1967c53ce9a378af6b2ea776c2bdff01000010010000000000008400000006000000b1ae7ad274ae0ea36ae5e33e5bd7249edb18cbac9ec111c640f94b62c947518455b17de32ffc7bd8f873a92fcdd9128351a4e50162c1e8aed9879814ecef72525543a45918b1932cca6dd477df339974ce66ffca680c9192ee210f444f6d19136c546fe96ef8d586a5c5f4be6a32a7cf34e78008ca25802218dd4c25cceb42cf4730a99bc1c222f4f22c2ea79116e4152b721f0a883b33db99d9f3b5ca8b8e8dbf77f7415404d2b2c49fdd08666f844bc9154e17dc6ad3e698464abed92acc0b75ee900762626ee3487b495a332ebac0a872ae70cc334917f939071bf4e99de7d5ae293a3ee581650b41bb1eb6ef8244701dc1fcdb34d96171a41d66255400004800000000000000000000000500000065c73ea36a28d6843eb478c0b0d77a25dfb5e10dfbb53b8f1215928dab7a32fc67aec45d2b28c093bd52beb5c4f36f6907e0e8b7f0590000d800000000000000840000005f00f1796c163bbb29a90ffe42172c426ec1b7e90585d539a416ad27318f09d90341a4e7a257c18ddba32a24213daa8d8648291b7a13860887e1a5a1f1d5f717b753c84c923a93abeb49bf9025d49a64c948b0f3aa29f14ac77c9b1cbd8ced3bb2d584aaf6fd148ebab0bcc03581a2c8d80768cd97b4a7180abe478a378548c7228b40fdd4ce47fb07cb86b3fdfa7a066a63c7bddd5182662d0d566a72b0588e688f7ce700842aaa75132e1d948cc35fcd708cb4f72df85212a02b0e5e1bcf372361bfcc5330c8da12000000d8000000000000001201000009000000107f9e9a78deabc8fe9180bb2d78b3bd9946d16ce3c123a005466593a0cc0093f591dc76106b88e7f085de5b35a6f18460665c88ba84cdee6dbb5766341e5098a6ca1814ed6aa37b84ac51bb9628510012c02923b05270c34be843564ad34fa36d2ef4dc163e59865a219c15a3013078f7f48d96d7ac6ce30763da83d09f5068b43b058de9ef8fa3d842b90065d19dbf8f26449ec0b1c64704294f1edc5cc11ad418101181e22a992ab90a08488eccc6d3ff3e83dc008bc612b0b6a760a56eb00de800000000000010100000000000008400000000020000980b58d4c167add94c18dfa5a58cf2685b4447738e12e9216d548321673f87feaa78f2247b78c26760b807783101687e6d2098f6203b3ec8a3284573878a34d2d969f63f3a5f42ea8c1c9532db98b46780ceb283e3b94191ea5ddeeac7ca9fe1871e49e51420e72d2c84c3245f3fccd9c357aab4312dee57434dd0eeb08dccfc5cf403cea09d53a1e2632c5b27779b4c095ffcc8fcb936c6e4fe6ec51b3fbef897adcf95ef889968fc0f4b4d91061c83e9e76951089ba2081a27dc9bf01da59f9f15d4cb77c1b692ff8de6f06efc6e278886c515fb7d43d65eed79933328221d00a8bd2bda9dec240d4fbb6863988e90b8e740e685460abea52db8e7a7cd5eb46dbb43487cc389d8ec418d1c1184b8b5e38bb682c50c2e297568d66b93e03ec8ed063b45881ccc9add2d8904c42f178f67780fa6cb948380afeaee8cc1f924f3bf6bf4663e1b430a4f57253fee8ef59899964747c1a18c5041f78e458a6a0043e467ce36ad8e2e54bf07f26aae27980f6e3c1677de663288593be3def497632e988fabda7d0b400f39546677db071ddbbf6d73a268187bfe6ae1f5ad1755f04e0aa2a6cd34df7a5966e944d359bb0bbe8c8d3eab0cfff32250ed942aa9c6ac0d084a4ec5dac31f6ff688e33302253bf63845dfeddf652b590e833a38ab0524c0289b47ee38acd0b399aad6bcea7dfb72c16ed7b108f1dc46ab6771577d0699be09afdcce7d5df377a1ad90926a776caf1c22f648d566b3197cc483471c7655557573b2fa2086bdf4717992258a6f3d00e2c11f4b5609fff734080600000000000000774e2aa8940f47c19aa434229e93a3cc540c05cd47f47197cd452e5bc18da4f16a08ae6f7bd868209d34d17dd35c882bdb5d4897af9ca9422959aa36264387616091f0a0ce934060b414e05c15d14e3186cb16bcd3e3377ec7ee020fdaf745b5adae01ab02081aff13d145cbbc701dbc258986767065b745d40c9ef89d93ddd67252ccf42d20a71411f36976a06f65b2ff7ff2c81a63bdc77794c0ce2297ea3c14808a32060ebd3bdf61af46512e20246343a86f73b4b20870f1fca876921f9003c739a15ad955f7b5025d9a8a83a67200e5691f650d9f7d4880af0f160cc4f0ed6e0a8cf8b2a762b4f2438b9ededc3b88ae78645d1ce2ea0dc54dad8c3da99fedf9e9432d0c47ef704a2d9b9d75cb9720fd9435663a3cffa9417292d60c4ee614d0cf8fa53336ffb4decae711a5195a743015dc98f0413e8c30151045c063c470637915328dc93247ed89c1c68dbb96082b2674217e7d2eed760e054fd43d4398c4e759c7233a5dbeb67df7a8738d8dfc6e508efb44ffa9459e3b460fa0d8ecf3d318b5cb306ca9b0833437070ccff34e50b8fe7d865b8af3068bcda439ff118d7d8b32d854b7243e529bdeaae1055ede7d98063171efb3e8f6b69f955bd1c6f2972323c8d99df6dccaad086702205d3c10c62dc4aac6ea215ec909a793cdf438dba8898f5c9682b04aa6ea054f51a4decdd335e60736e19a60f8684bc679232ac15b4817f7c7b9a6f742481f4eab8151f5ebc58ad973b847ee51c65aa725a8659d5a88ac07e7cd9213b9df42f22e452fea3682a822f8ba46d0551f3c8718cb5595b7d2d1096ad36316a0521028828210c76c780d6696b1c755fa47a51cc733e532d4ba83684018d32198ad98f3a0914f9d912f4e38ba07a3ed113e854c65f895abddcb6663649ddd171b0ea298cbb3493c6bc851747395035ab95a7a8e6d2f853ef18792bde6109fd462a09ff36a85dca3395f1610d37f13416175d5f096b20ce0289b0e4c7102842ec27210b318f750790e93887f1f72037ac24b9b44d992b00805f44d4fbfd8de8bd46a790d45cc742ba3c2ec4c230d167118c882ef8b662469ffda44a44215434aa749976cebdc67d230cefdcaff37aaa2a0b8db3edfaf488b97459ee0d128bba588dc490119268dcfbdbf964b842f4d4122d0eb06e31bb33a762f344f84acac8a5cf3fd18c2a17acef914efb4f37798b1c32c90bac86f7cf90a9a84545507fbf4f198bd70b3e8307a673af4bf68e95945b46fb9e6dab5621f2c376385386ee66dd423e49ea6d929aa8876bba8a1f0cef22761ce055c3c17c2529d551ba7bb838c1b80e73625755babb212050fecd486add9b274dc37024ac4fd0082506d913590380ae9637d93205d6f23df0ef5b6a0c075d112e99f0bca682fd9c4f529cff537b2ca576b3727e36907827aa9f6b3de695978a3781ed249ff5e7c17a471625fb24fc3a9874e6ae3bd6f314c33572b0cf9ea3ca56832de748af6f9a89bc0dc0158ab07bbfb9c1bc00fb95bf065caf28685af306f17f6520135584c1b2cce3579f32c281f3dabc1e987705d376b311f0ca4f2a8ba763cec62d516110bb66d9a6fdbf9e37b3c3b196467bf9474f80c9df54dbb4c3fe21919868a021442dc8dfafc1324f662e72b0aa098a1d5595b3f7e3f3b8d11aafd6afb6ee07d5980267b05076e45388950886c03833a5f03eccd6e107ed4c09daf690aa72f65367b4527c0f51f5a72a6156d86a0dcf34c393c58107f47cebe564e5b123efe28d68644acd3cdbcce176ade9de8483630814e378b2c29af912c58c49abc65d5f0994061ba96874109f86c0efefb76835e748cea2384a3c12824b340395a4b0b587e7dbd36dc5ace6cfaefbd5f8257821e7f79c70dc456c4a3464c948e4d24c50307c7af3da97e5bef283db5e46a7da5f845993f39e4a692bcaf18aba3d02ae861b4017a807569b3ee8a14a553a3bf92a413db0bee183d0f93d5225aec83a5fcac5d744520c7427e2a054d5908a6e8434a985fc70bdb3c1fe310fd4503df4417c8d624de07ec089b2f8a2a6c9ee5c967f56d0e749d14b6cb9bd5f251c005660e1dbfb359f3c8630116913150989a850f6a5af5e32e8105aa8e145980cacfa6cc1456d171ab3e7e536ab35cfc2885bdc675e47e28347ac6f41d9d1dc61bb4ab9ad3869df5f20fb9443079627e39f66818e7f6a92c35404361f37ed4a31049bf7484e1c5fa7c5914dccb118730d35ab7ba2f378c7373d79ccfa07fe38fc92aeb875ce275a29603fc098efab183bb72b62c487db0be621b12d7d492a15b882d6adb210fe90aa19897f55665366616868d9a1aade758a68d6e53f093f24684c72eb58c4caf9ce7f070e8174fd1bf75ac935e579cc23f38a74cf1ae9a1c43ab0adc4190662263de8fcf6848024da907ec66b474ff4156fe1491fb43e901665901bae07801237b0f0cefb0ae16112d6b246c25a392b7c0f6e8161e4d55734b6a1f258723ac3683dd2a942aa0f1fb858b6b6847a16eb210f0eb7a0b6414b0c7f896663b20f50afa2d3ce80b2ca6eea6331e37e6f9d6736a64038d8d05cd29cc89e126ce4e633bd1ed2b609ed39a93422ab125b3c0bd1d1d0bfba1e39a2160e3431259e091b67b394741936be70a5d817711611c08aa1a00cfc0b38e35e7bf4c402147a6c688df6b54ea5d1ccf40a09f57feb1c950aef90d8f4459bf1a09a670c16192e518986b1e35015cdb4ee05152c9db4a4c350514bc603eb4132f63e45f0c9a7296651f4c00e8b6023c19eb4f00ae28afd48629a5fe12a2188b1760adf17932d5c868757ac2cb67c87f86588f550a18945ff4530d11934c1c8385d170fdb11020198318d7d887386640239bae7cf153626f208273425e194a773b9e36ff64cf82311dc64db9fdf986a9968e814eacc2fe5ca82e6aa70ee40783e01ff8aeab992d55a5ad306633c705a31e371ec1660ef0902944466953f2d6efb32c1a5e12d07d3a0a912fc95b894e0b96f71e886901d9cec40fdeb0b30d36b1080000000022ac34a3a69f0d0f8905e3089866f942a9392f9c70b515ac984b519ba4e3b1e9177235aa15a87566a42125d0a23979cb791cc11da50bdef5d1d1fc5a326f1a7db563a62faaa7abbf5d47420ee0e79fd2c2c7ba1416ddaf1cfb8dd7ceba47d72e1903d1e46f344697a9976ef14ec7c37706ccef7650ce204f3abb010000000000000020aca3eff502043533d25690e6aa446f78b645570f7fd42a15da3fdf5986ce94f3d6e5b06fc82d82927a88473eebcb84f6315f1d4bce8ef5ca9398f5da4f67a3775dccaa79b4fd94b59af24c63d318bed0e75d6d264f4ae553f9928288e08b96133d5fc72494e71d77e0aeb1a6c97b171fa8bca21fb4d594b32047bf161ecf3cfac4ce090cec9c186358f6ab04976d08a50b161004109c170ab03164efdb69778792d841a2400c371feb2ee70d620fca32f3c832b3710787bb4630857c8c245aad7799de531f893db807b8b3e72bded16b5049aa776b72eb7d2ace2d28c119698d42f381319979185d176f5a9fd5dfe2537fde7cc48bf169b17797bf89250aece588e16f0321ab160a9a64cb68ef66850325c0605033b6176497b7b69c811ddad498034640c5821043012a408d8235a31a1d7be3c312e0b89af22879c071c194ed6cab21e9b2970e7b2223edfff2e3c797ca6ade3ec5d18119860af0fd74f43241e8bf36f55fb68a09eea80e74dc43fbb696b1a2253ede5f591516ae16754cac35e6f5769f193b7f2b41a1956bd91d2ce5292e7617f0f320f88250a5579dc5c2ae533b7c43cb15403642cef2cbfecbf9a0ccd942949517fbea4b068df9dee049d4c423928d3dbf131eb264b8ef7d65f31ebd564a9260553a45bed831e80ad8127411f056ba007056f31590c76fd1fb4906fef8082dc9e4cab301fb2143b648158d682854e368ac163954b1118a0342cc0a8b94c064d5f2a8703c097f481d520db4adcd6b20ad7bf926457f57885f48d8efeb75b2623c535adffe48016ea78607878a51c27a6da94fa9e8baecf1c73db10a3d3acb71246e5022f3c1370938c003733bba5f1eddc80d0a51d0e69b41e36ce88740ceb6ca89cb6549cd0294437036d19b47206a52c171dae15c559ae2f943dd940341442e0e0612c3377ce5d37c9489b1d3a72b1585a9baebceb4786f5b95aa0cc062cb8db1693ac8c557d35694df370093fed77cb28edb99fdac5774f5fff29067434663d2733365717bd7bfba60b7edc663372e78b8933c69dcc955137e1d8b22f46757177b06257a80a2d84983dbdf3f9a493a0003b6e2e8098452807b09569bdcc5ebf0685c6ada2e9dae5def44a469e7e0ed12abaf28f0f1aa27eebe5efd5844d69399f923f472a718a2c8d61be26da74bdb54b1724f59e7d74e8ada866507164e6bd65bc740a74311fcb42339ecac3eed1d3a78ea86bf292770bdc429339b0b93975a5f9c0b26b371b81cb804eccd809438dbcdcc90895b84cae68b544d7f0b324b0b5b63025b1dc65b76e7af89b6ecf3db3d892836b0366ec99a145ff48f126dfc979f30c4dbcc296ca19d7e6942b5c18218ba57e2d73a3317524b76e8a3b93db5dc0ca3f2471421a3212be5e806075c81e2fdb5d5fbdd54f4eb9f89e664de542b4e713be4e1c07a8e18c1d1590766c07c984ebdd518467e6ed2e94fb521d32f6035ea4fbc6fe2e7649c553f2de8291985fe0e1ac123c9ab03a27bac9beffc4736285869885ad8fb833a63d04e54124547e98d0fb4bce27913ebcfd413eb9a702fa608b36d719c9e1f641743aeb9eb7efa8210af7851324653c8bfaecdac1113dfc5aab5f40507477a7d7271f69fbcb80f9081a41b62af12ba900ba47a9e2fbde893bacb1591f8030ad16d16a60ff978dc9ab5441eee4de5040d8124ea552811622c5f7dea6dba6f2fcd0e4f195470556801eb0f47b5760d0cd98a24be38f8804a4d7e0325e46c7d0cfe27b6ee0048e1f61be7ffc0e9294b356b87f5c0ec51e1b1d08975515c"], 0x13f8}}], 0x8, 0x40000) r2 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 307.780853] FAULT_INJECTION: forcing a failure. [ 307.780853] name failslab, interval 1, probability 0, space 0, times 0 [ 307.790809] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 307.824088] CPU: 1 PID: 16734 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 307.832005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 307.841358] Call Trace: [ 307.843954] dump_stack+0x1b2/0x283 [ 307.847585] should_fail.cold+0x10a/0x154 [ 307.851735] should_failslab+0xd6/0x130 [ 307.855715] kmem_cache_alloc_trace+0x29a/0x3d0 [ 307.860392] ? copy_mnt_ns+0xa30/0xa30 [ 307.864282] copy_mount_options+0x59/0x2f0 [ 307.868517] ? copy_mnt_ns+0xa30/0xa30 02:43:03 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) chroot(&(0x7f0000000000)='./file0\x00') 02:43:03 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x2, @any, 0x7, 0x2}, 0xe) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$sock_inet_SIOCDARP(r2, 0x8953, &(0x7f0000000080)={{0x2, 0x4e23, @empty}, {0x306, @random="0b9f26961f59"}, 0x30, {0x2, 0x4e21, @loopback}, 'syzkaller0\x00'}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PIO_UNIMAP(r4, 0x4b67, &(0x7f0000000140)={0x9, &(0x7f0000000100)=[{0xfb9, 0x9}, {0x8001, 0x8001}, {0x5, 0xfffb}, {0x2, 0x2}, {0x6, 0x81d8}, {0x100}, {0x9600, 0x2}, {0x2, 0x4}, {0x6, 0x8}]}) 02:43:03 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYRESDEC=0x0, @ANYBLOB="b44ba18ce555ad3f5c4a19b7207486e7a2321859331445f364fe3993fadbe7e1069e887e3c054438b0178108b4d8f39914ab76739a05370d6556786e7dd17eae42225a3cb5a6beb2f73455da2768b00999cb0598c6b9f168d07919607b7d821172fb5e12d3ba830d8b510618779993e41a85bd7d031eb4933dcca22d40a8e42dbf7367ee626de3a329a5a114bbe123bde67a02ed0abc904faccd5e5524e35619952c5d42b102b710d4c81a4c6db745c4d42ca0f4c0ed38d473b1d52eaef0add722ce4c63f58e90b8aea83b7861", @ANYRESOCT], 0x208e24b) [ 307.872403] SyS_mount+0x84/0x120 [ 307.875953] ? copy_mnt_ns+0xa30/0xa30 [ 307.879838] do_syscall_64+0x1d5/0x640 [ 307.883728] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 307.888909] RIP: 0033:0x46090a [ 307.892095] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 307.899815] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a 02:43:03 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x2b, &(0x7f00000003c0)="233fecccd12254421dbf5598b9dcbd378dee6c8bc7b7e55287d7231df5fe563c78f96885d05237a24b5fcca0749c8f0bf6ea9d2ff297a315631c2cea3343215eea4ce16ff841f129baa6914d2356f1e580fea1269af4089166b5d8d36c3494ee76cca36dcbf1925ffc836efd542939ae230421d48c4abb1c42070ccc0a12a2891e2825b2b7ef05c161cdf01cc5767ab174d5b713c0c97c621db8a16bf8a600200d2c245c218766c29be728eb91eaca895ffe22c5d8d2b1909194cd7a9f2c27db8ca37ee0493f9d8170248d850b5be52508ecb5aa0f531c61649bab5e9721184655a082203f8c3ee26175d7cf6f8fda20547980e250fe74971d", 0xf9) 02:43:03 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x46b1c000) ioctl$RTC_ALM_READ(0xffffffffffffffff, 0x80247008, &(0x7f0000000280)) mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000010}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xd0, 0x0, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv_slave_0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @private=0xa010100}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_1\x00'}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8001}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x10000}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x1d}]}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8001}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0x21}}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x28}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x40000}, 0x400c080) ioctl$BTRFS_IOC_RESIZE(r0, 0x50009403, &(0x7f0000000240)={{}, {@val, @actul_num={@val=0x2d, 0x33409c55, 0x6b}}}) [ 307.899821] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 307.899827] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 307.899833] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 307.899838] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:03 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) [ 307.921027] audit: type=1804 audit(1606963383.349:139): pid=16754 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/245/cgroup.controllers" dev="sda1" ino=16839 res=1 [ 307.949970] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 308.049166] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 308.145273] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 308.299527] audit: type=1804 audit(1606963383.729:140): pid=16754 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/245/cgroup.controllers" dev="sda1" ino=16839 res=1 [ 308.328121] audit: type=1804 audit(1606963383.729:141): pid=16736 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/245/cgroup.controllers" dev="sda1" ino=16839 res=1 02:43:06 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:06 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000005, 0x4010, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:06 executing program 4 (fault-call:3 fault-nth:49): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:06 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:06 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000040)=0x4, &(0x7f0000000080)=0x1) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:06 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$VIDIOC_STREAMOFF(r3, 0x40045613, &(0x7f0000000000)=0x4659d0ff) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r1, 0x0, 0x100000300) [ 310.825817] FAULT_INJECTION: forcing a failure. [ 310.825817] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 310.837658] CPU: 0 PID: 16798 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 310.845535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 310.854888] Call Trace: [ 310.857476] dump_stack+0x1b2/0x283 [ 310.861131] should_fail.cold+0x10a/0x154 [ 310.865284] __alloc_pages_nodemask+0x22c/0x2720 [ 310.870045] ? __lock_acquire+0x5fc/0x3f20 [ 310.874285] ? trace_hardirqs_on+0x10/0x10 [ 310.878519] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 310.883357] ? trace_hardirqs_on+0x10/0x10 [ 310.887588] ? trace_hardirqs_on+0x10/0x10 [ 310.891814] ? trace_hardirqs_on+0x10/0x10 [ 310.896038] ? reacquire_held_locks+0xb5/0x3f0 [ 310.900598] ? dput.part.0+0x3b4/0x710 [ 310.904467] ? list_lru_add+0x22a/0x490 [ 310.908417] ? mntput_no_expire+0xc7/0x910 [ 310.912633] cache_grow_begin+0x8f/0x420 [ 310.916713] cache_alloc_refill+0x273/0x350 [ 310.921013] kmem_cache_alloc_trace+0x340/0x3d0 [ 310.925658] ? copy_mnt_ns+0xa30/0xa30 [ 310.929522] copy_mount_options+0x59/0x2f0 [ 310.933731] ? copy_mnt_ns+0xa30/0xa30 [ 310.937595] SyS_mount+0x84/0x120 [ 310.941024] ? copy_mnt_ns+0xa30/0xa30 [ 310.944892] do_syscall_64+0x1d5/0x640 [ 310.948758] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 310.954088] RIP: 0033:0x46090a [ 310.957254] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 310.964937] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a 02:43:06 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:06 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='snd_soc_jack_notify\x00', r1}, 0x10) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="7cc28efb17285370785c7ce552b434345a0792dee038f88e54041a82c39307cdfa9c9c106a6c5d68a6c2d6a05f554bc754be7b3779900dbbdfa3b206001843310f5b48fba2a0d90d2acb7540c2b3a7fcfba886f8d850f549e1f0895d908e8eea814325988bde166e089a4b575b18c5c79083df25d51107b2b727611a879fc7f490f19cad055366272d1d3d655359"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:06 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x8001, 0x753, 0x1}}) [ 310.972204] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 310.979450] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 310.986713] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 310.993964] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:06 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:06 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="dedabc80d525b196390f25ac5472190d1187ae035b691cb6dd65c6d741f02969574eb8b0c7a3bbdab9ff"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$RTC_WIE_ON(0xffffffffffffffff, 0x700f) [ 311.027802] audit: type=1804 audit(1606963386.460:142): pid=16807 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/246/cgroup.controllers" dev="sda1" ino=16847 res=1 02:43:06 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x1}, 0x1, 0x0, 0x0, 0x1}, 0x14) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r2, 0x28, 0x1, &(0x7f00000000c0)=0x6, 0x8) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$UI_SET_MSCBIT(r6, 0x40045568, 0x26) sendfile(r4, r3, 0x0, 0x100000300) [ 311.131320] audit: type=1804 audit(1606963386.490:143): pid=16807 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/246/cgroup.controllers" dev="sda1" ino=16847 res=1 [ 311.221378] audit: type=1804 audit(1606963386.630:144): pid=16828 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/247/cgroup.controllers" dev="sda1" ino=16834 res=1 [ 311.403199] audit: type=1804 audit(1606963386.830:145): pid=16839 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/247/cgroup.controllers" dev="sda1" ino=16834 res=1 02:43:09 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}], 0x1, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:09 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0xfffc, 0x1fe}}) 02:43:09 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000012000000006c0000000000000000000a200a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800b00020002000000000000000073797a300000000008000300000000000000"], 0x1}}, 0x0) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:09 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="53d487400bac6a760744c182c227cfc153e790e75fc9e66a64b22d5f5285d4f127c155bf4007766d85050c983eba546344819c977b0ab09ef6a5b80d2d43d167511d1697c8d59d31f9f76e6759b4f9c564c0b48d8189eefa24977b6f3ae8cdb8c91475d2f2"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) socket$bt_hidp(0x1f, 0x3, 0x6) 02:43:09 executing program 4 (fault-call:3 fault-nth:50): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:09 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="358c680f995be057c7d8bd79eea2fdd06f4780ffbacf9a0e409f3c6202e033f0a9ecb443ee955cea4fdd25dacd17799239adfaea9243f9d495875bbdc1b1499233a6cbfe9720f5d61ede3625fc269af8119462d1ad63383d4e67dcc786cd8f699a34446d7da4a6ae6f1b905ab72b94065093c6e5257994880ab53f2569b13c87255f0e53e33b69c0d9a19abc385a8d65a0a1aaa96fd9ea6e61844486709d34daf724e0d6b4c452332eb3801f0cc5e518850abfda5f916f996f445e4cb52e2f4ae9e88b29a70d8662baeb8b4106a11e", @ANYBLOB="faad9a26c35e42363d7650e9425783b18c5d30e41716f9a853cefcc0641b244eaf6f9e21fb5a3f4ece86b3562249e25016120dabd503d6"], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000000)={0x4d, &(0x7f0000000180)="a3f058f46b27e5cdf331e1d6b37c2a75c1db19c983464ce30c382da63638c5014326945e9e335f4221ef2ba11444da12befaf83c22d12eb85b522dcfd3e083e6336f99e6f7c6d5db0c3b7331bf"}) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = accept4(r4, &(0x7f0000000400)=@in6={0xa, 0x0, 0x0, @loopback}, &(0x7f00000000c0)=0x80, 0x0) sendmsg$IPSET_CMD_FLUSH(r5, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x3b4d34bdfbc83649}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x1c, 0x4, 0x6, 0x304, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40000) ioctl$SNAPSHOT_PLATFORM_SUPPORT(r0, 0x330f, 0x9) sendfile(r2, r1, 0x0, 0x100000300) 02:43:09 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SNDCTL_SYNTH_MEMAVL(r2, 0xc004510e, &(0x7f0000000040)=0x9a) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 313.864210] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 313.872835] FAULT_INJECTION: forcing a failure. [ 313.872835] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 313.872846] CPU: 1 PID: 16854 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 313.872852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 313.872855] Call Trace: [ 313.872868] dump_stack+0x1b2/0x283 [ 313.872881] should_fail.cold+0x10a/0x154 02:43:09 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:09 executing program 5: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) [ 313.872896] __alloc_pages_nodemask+0x22c/0x2720 [ 313.872910] ? __lock_acquire+0x5fc/0x3f20 [ 313.872926] ? trace_hardirqs_on+0x10/0x10 [ 313.925424] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 313.930267] ? trace_hardirqs_on+0x10/0x10 [ 313.934501] ? trace_hardirqs_on+0x10/0x10 [ 313.937556] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'. [ 313.938729] ? trace_hardirqs_on+0x10/0x10 [ 313.938745] ? reacquire_held_locks+0xb5/0x3f0 [ 313.938755] ? dput.part.0+0x3b4/0x710 [ 313.938766] ? list_lru_add+0x22a/0x490 [ 313.938778] ? mntput_no_expire+0xc7/0x910 [ 313.968199] cache_grow_begin+0x8f/0x420 [ 313.968210] cache_alloc_refill+0x273/0x350 02:43:09 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x7ff) [ 313.968223] kmem_cache_alloc_trace+0x340/0x3d0 [ 313.968232] ? copy_mnt_ns+0xa30/0xa30 [ 313.968243] copy_mount_options+0x59/0x2f0 02:43:09 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$IOC_PR_PREEMPT(r2, 0x401870cb, &(0x7f0000000000)={0x3, 0x0, 0xf4, 0x15}) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="5f02ab93ad58670670465b6ceb9ffe4aedc8813cb9ea4e93bf78c4f256fab5f49c99b21baebc1a5dd05dc7fbd88473b36485dccaef67d3bcc9ca056cfd9df65fcaa4b535542b09833f8831a0da9830b00d7eae"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:09 executing program 5: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) [ 313.968252] ? copy_mnt_ns+0xa30/0xa30 [ 313.968262] SyS_mount+0x84/0x120 [ 313.968270] ? copy_mnt_ns+0xa30/0xa30 [ 313.968281] do_syscall_64+0x1d5/0x640 [ 313.968296] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 313.968303] RIP: 0033:0x46090a [ 313.968308] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 313.968317] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 313.968323] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 313.968328] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 313.968333] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 313.968338] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 313.978638] audit: type=1804 audit(1606963389.410:146): pid=16867 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/248/cgroup.controllers" dev="sda1" ino=16873 res=1 02:43:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:12 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRES32], 0x1}, 0x1, 0x0, 0x0, 0xc5}, 0x20000000) ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x8d) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000200)='/dev/input/mice\x00', 0x101600) mkdirat$cgroup(r0, &(0x7f00000002c0)='syz1\x00', 0x1ff) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000000)={0x0, 0x1f}, &(0x7f00000000c0)=0x8) openat$cgroup(0xffffffffffffffff, &(0x7f0000000180)='syz0\x00', 0x200002, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$cgroup_ro(r2, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$VIDIOC_S_EDID(r3, 0xc0285629, &(0x7f0000000140)={0x0, 0x5, 0xdee3, [], &(0x7f0000000040)=0x2}) sendfile(r5, r4, 0x0, 0x100000300) 02:43:12 executing program 5: socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:12 executing program 4 (fault-call:3 fault-nth:51): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:12 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="3bd3490862079749e6d02501e56cf8b1fd6bc15c4e2b3c98a236b6caf58a7e479b6127c4330150681439b45b8d053fc00ba2fbc60ce12771ecf5941e2bd63a02bb2685eab78c5ab7c049e3af8d000000000000000331fa5761a7dbededb3fae9f56f54fc63b784c6dd7322aee2222060b9533acb17e71e1cd395848d9e9fba0c0192b7d5f025e5efd7249fc165bcbe147b5d"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:12 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000400)={0x2, {0x3, 0x0, 0x0, 0x0, 0x0, 0x2}}) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="6800000000020104000000000000000002000000240002801400018008000100e002000108000200ac1e00010c0002800500010000000000240003801400010008000100ffffffff08000200ac1414bb0c0002800500010006005ca6e98763c4054b024a00000a800600482e3234350000009c0f62a817b9c0bdac70b6f7b80e6e39e4361ae92fc42e8bde3d131ab6a11733ccbd66"], 0x68}}, 0x0) r2 = bpf$ITER_CREATE(0x21, &(0x7f0000000180), 0x8) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000001440)='/dev/btrfs-control\x00', 0x0, 0x0) ioctl$sock_netdev_private(r3, 0x0, &(0x7f0000002180)) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300)='ethtool\x00') sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f00000003c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x40, r4, 0x200, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKINFO_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x3f}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x1}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x20}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x8}]}, 0x40}, 0x1, 0x0, 0x0, 0x18000}, 0x10004881) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r2, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="08002cbd7000fddbdf2506000000340001800800030002000000140002006272b07033045a000000006715a2d44813e4770a736c6176756e00"/66], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x8015) ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f0000000080)={0xa825, 0x8, [], 0x0, &(0x7f0000000040)=[0x0]}) getsockopt$CAN_RAW_FD_FRAMES(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000100), &(0x7f0000000140)=0x4) socket$bt_cmtp(0x1f, 0x3, 0x5) 02:43:12 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, 0x0, 0x0) [ 316.884675] FAULT_INJECTION: forcing a failure. [ 316.884675] name failslab, interval 1, probability 0, space 0, times 0 [ 316.897834] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. [ 316.901151] CPU: 1 PID: 16905 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 316.914304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 316.923652] Call Trace: [ 316.926242] dump_stack+0x1b2/0x283 [ 316.929873] should_fail.cold+0x10a/0x154 [ 316.934021] should_failslab+0xd6/0x130 [ 316.938003] kmem_cache_alloc+0x28e/0x3c0 [ 316.942153] alloc_vfsmnt+0x23/0x7f0 [ 316.945866] ? _raw_read_unlock+0x29/0x40 [ 316.950016] vfs_kern_mount.part.0+0x27/0x470 [ 316.954519] do_mount+0xe53/0x2a00 [ 316.958064] ? copy_mount_string+0x40/0x40 [ 316.962299] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 316.967315] ? copy_mnt_ns+0xa30/0xa30 [ 316.971206] ? copy_mount_options+0x1fa/0x2f0 [ 316.975699] ? copy_mnt_ns+0xa30/0xa30 [ 316.979588] SyS_mount+0xa8/0x120 [ 316.983039] ? copy_mnt_ns+0xa30/0xa30 [ 316.986926] do_syscall_64+0x1d5/0x640 [ 316.990816] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 316.996001] RIP: 0033:0x46090a [ 316.999182] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 317.006889] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 317.014152] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 317.016825] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. 02:43:12 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:12 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, 0x0, 0x0) 02:43:12 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) sysfs$1(0x1, &(0x7f00000000c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q') mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x0, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY_DYN_ACK={0x4}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x14, 0x25, 0x0, 0x1, [@NL80211_TXQ_ATTR_AIFS={0x5, 0x5, 0x4}, @NL80211_TXQ_ATTR_QUEUE={0x5}]}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x4801}, 0x4000010) 02:43:12 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, 0x0, 0x0) [ 317.021415] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 317.021421] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 317.021426] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:12 executing program 4 (fault-call:3 fault-nth:52): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:12 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x4) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCSRS485(r2, 0x542f, &(0x7f0000000040)={0x400, 0x0, 0x81}) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:12 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) ioctl$EXT4_IOC_MIGRATE(r0, 0x6609) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:12 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) [ 317.166431] FAULT_INJECTION: forcing a failure. [ 317.166431] name failslab, interval 1, probability 0, space 0, times 0 [ 317.194752] CPU: 1 PID: 16945 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 317.202664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.212014] Call Trace: [ 317.214611] dump_stack+0x1b2/0x283 [ 317.218262] should_fail.cold+0x10a/0x154 [ 317.218278] should_failslab+0xd6/0x130 02:43:12 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 02:43:12 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) r2 = getpgid(0xffffffffffffffff) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) r5 = gettid() wait4(r5, 0x0, 0x8, 0x0) ptrace$setopts(0x4206, r5, 0x0, 0x0) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) statx(0xffffffffffffff9c, &(0x7f00000016c0)='./file0\x00', 0x800, 0x100, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r7) sendmsg$unix(0xffffffffffffffff, &(0x7f00000018c0)={&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0), 0x0, &(0x7f0000001800)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, r0, r1]}}, @cred={{0x1c, 0x1, 0x2, {r2, r4}}}, @cred={{0x1c, 0x1, 0x2, {r5, 0xffffffffffffffff, r6}}}, @rights={{0x24, 0x1, 0x1, [r0, r0, r7, r0, r0]}}], 0xc0, 0x801}, 0x44800) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 317.218290] kmem_cache_alloc+0x28e/0x3c0 [ 317.218302] alloc_vfsmnt+0x23/0x7f0 [ 317.218313] ? _raw_read_unlock+0x29/0x40 [ 317.218324] vfs_kern_mount.part.0+0x27/0x470 02:43:12 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) 02:43:12 executing program 4 (fault-call:3 fault-nth:53): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 317.218337] do_mount+0xe53/0x2a00 [ 317.218349] ? do_raw_spin_unlock+0x164/0x220 [ 317.218359] ? copy_mount_string+0x40/0x40 [ 317.218369] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 317.218380] ? copy_mnt_ns+0xa30/0xa30 [ 317.218391] ? copy_mount_options+0x1fa/0x2f0 [ 317.218400] ? copy_mnt_ns+0xa30/0xa30 [ 317.218411] SyS_mount+0xa8/0x120 [ 317.218419] ? copy_mnt_ns+0xa30/0xa30 [ 317.218431] do_syscall_64+0x1d5/0x640 [ 317.218446] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 317.218453] RIP: 0033:0x46090a [ 317.218458] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 317.218469] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 317.218475] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 317.218481] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 317.218486] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 317.218492] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 317.308764] audit: type=1804 audit(1606963392.740:147): pid=16959 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/250/cgroup.controllers" dev="sda1" ino=16875 res=1 [ 317.457407] FAULT_INJECTION: forcing a failure. [ 317.457407] name failslab, interval 1, probability 0, space 0, times 0 [ 317.543670] CPU: 1 PID: 16979 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 317.551586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 317.560938] Call Trace: [ 317.563529] dump_stack+0x1b2/0x283 [ 317.567166] should_fail.cold+0x10a/0x154 [ 317.571310] should_failslab+0xd6/0x130 [ 317.575275] __kmalloc_track_caller+0x2bc/0x400 [ 317.579929] ? btrfs_parse_early_options.constprop.0+0x9b/0x2f0 [ 317.585976] kstrdup+0x36/0x70 [ 317.589156] btrfs_parse_early_options.constprop.0+0x9b/0x2f0 [ 317.595019] ? kstrdup_const+0x35/0x60 [ 317.598892] ? parse_security_options.constprop.0+0x90/0x90 [ 317.604587] ? lock_acquire+0x170/0x3f0 [ 317.608541] ? pcpu_alloc+0x8e8/0xf50 [ 317.612330] ? trace_hardirqs_on+0x10/0x10 [ 317.616557] ? pcpu_alloc+0x8e8/0xf50 [ 317.620350] btrfs_mount+0xfe/0x1fe0 [ 317.624057] ? lock_downgrade+0x740/0x740 [ 317.628187] ? _find_next_bit+0xdb/0x100 [ 317.632228] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 317.638182] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 317.643609] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 317.648649] ? __lockdep_init_map+0x100/0x560 [ 317.653123] ? __lockdep_init_map+0x100/0x560 [ 317.657596] mount_fs+0x92/0x2a0 [ 317.660945] vfs_kern_mount.part.0+0x5b/0x470 [ 317.665434] do_mount+0xe53/0x2a00 [ 317.668969] ? copy_mount_string+0x40/0x40 [ 317.673188] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 317.678319] ? copy_mnt_ns+0xa30/0xa30 [ 317.682186] ? copy_mount_options+0x1fa/0x2f0 [ 317.686666] ? copy_mnt_ns+0xa30/0xa30 [ 317.690600] SyS_mount+0xa8/0x120 [ 317.694033] ? copy_mnt_ns+0xa30/0xa30 [ 317.697903] do_syscall_64+0x1d5/0x640 [ 317.701786] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 317.706959] RIP: 0033:0x46090a [ 317.710134] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 317.717825] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 317.725081] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 317.732342] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 317.739613] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 317.746867] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 317.797975] audit: type=1804 audit(1606963393.230:148): pid=16964 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/250/cgroup.controllers" dev="sda1" ino=16875 res=1 [ 317.829985] audit: type=1804 audit(1606963393.250:149): pid=16959 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/250/cgroup.controllers" dev="sda1" ino=16875 res=1 02:43:15 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {0x0}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:15 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eefffffffffffff7000000", @ANYRES32=r1, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8400000024000b0e00"/20, @ANYRES32=r1, @ANYBLOB="00000000ffffffff000000000b00010064736d61726b00000c0002000600010008000000480008801c000100000000000000000000000000000000000000000000000000040002001c000100d8000000000000e6ff000000000000000900000001000000060002"], 0x84}}, 0x0) bind$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) r2 = socket(0x200000000000011, 0x3, 0x0) r3 = socket(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eefffffffffffff7000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8400000024000b0e00"/20, @ANYRES32=r6, @ANYBLOB="00000000ffffffff000000000b00010064736d61726b00000c0002000600010008000000480008801c000100000000000000000000000000000000000000000000000000040002001c000100d8000000000000e6ff000000000000000900000001000000060002"], 0x84}}, 0x0) bind$packet(r2, &(0x7f00000000c0)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @dev}, 0x14) sendmsg$ETHTOOL_MSG_FEATURES_GET(0xffffffffffffffff, &(0x7f0000001080)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001040)={&(0x7f0000000f00)={0x110, 0x0, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x800}, 0x800) 02:43:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 02:43:15 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) accept$alg(0xffffffffffffffff, 0x0, 0x0) 02:43:15 executing program 4 (fault-call:3 fault-nth:54): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:15 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$SOUND_PCM_READ_BITS(r2, 0x80045005, &(0x7f0000000000)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x2801e, r0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) fdatasync(r4) sendfile(r4, r3, 0x0, 0x100000300) r5 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nvme-fabrics\x00', 0x800, 0x0) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000100)) 02:43:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 02:43:15 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x10, 0x0, 0x0, 0x0, 0x2}}) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bsg\x00', 0x80000, 0x0) ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000200)={0x9f0000, 0x8000, 0x40, r1, 0x0, &(0x7f00000001c0)={0xa10901, 0xa0dc49b, [], @ptr=0x6}}) r2 = accept$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, &(0x7f0000000080)=0x10) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000140)=0x78) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e23, 0x2c0ac, @private0, 0x800}}, 0x800, 0xfff}, &(0x7f0000000300)=0x90) 02:43:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 02:43:15 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000040)="0657a1dd4860bda835b9721046fa95bfc6e545f90645350f6b2013f9a529afa2e4dd8981cb9745b7d6b0bc7dd3e11e5c418ae6069a3cf8e1a79dfec0b667894ceaf41e08cca9e144646cc617154f0b400d5a2c61d7511125b0e433dfff5ef7cf8bdb9e6a6896ec7d8da0c04da9138643e9c78bc4d9dbda63efd053ef7f8ffcf959ffe7433ae7a6fb7ee132cb83ea695d5e40ae9fcb7d360185b25f20d3cb75b6cdaf1b5820826e91e6", 0xa9) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 320.137472] FAULT_INJECTION: forcing a failure. [ 320.137472] name failslab, interval 1, probability 0, space 0, times 0 [ 320.186272] CPU: 0 PID: 16998 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 320.194194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 320.203545] Call Trace: [ 320.206144] dump_stack+0x1b2/0x283 [ 320.209777] should_fail.cold+0x10a/0x154 [ 320.213928] should_failslab+0xd6/0x130 [ 320.217900] __kmalloc_track_caller+0x2bc/0x400 [ 320.222565] ? kstrdup_const+0x35/0x60 [ 320.226450] ? lock_downgrade+0x740/0x740 [ 320.230599] kstrdup+0x36/0x70 [ 320.233795] kstrdup_const+0x35/0x60 [ 320.237504] alloc_vfsmnt+0xe0/0x7f0 [ 320.241228] vfs_kern_mount.part.0+0x27/0x470 [ 320.245726] vfs_kern_mount+0x3c/0x60 [ 320.249526] btrfs_mount+0x42a/0x1fe0 [ 320.253325] ? lock_downgrade+0x740/0x740 [ 320.257466] ? _find_next_bit+0xdb/0x100 [ 320.261533] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 320.267510] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 320.272956] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 320.277970] ? __lockdep_init_map+0x100/0x560 [ 320.282461] ? __lockdep_init_map+0x100/0x560 [ 320.286954] mount_fs+0x92/0x2a0 [ 320.290322] vfs_kern_mount.part.0+0x5b/0x470 [ 320.294820] do_mount+0xe53/0x2a00 [ 320.298364] ? retint_kernel+0x2d/0x2d [ 320.302251] ? copy_mount_string+0x40/0x40 [ 320.306489] ? __sanitizer_cov_trace_pc+0x9/0x50 [ 320.311241] ? copy_mount_options+0x1fa/0x2f0 [ 320.315729] ? copy_mnt_ns+0xa30/0xa30 [ 320.319615] SyS_mount+0xa8/0x120 [ 320.323060] ? copy_mnt_ns+0xa30/0xa30 [ 320.326944] do_syscall_64+0x1d5/0x640 [ 320.330831] entry_SYSCALL_64_after_hwframe+0x46/0xbb 02:43:15 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x0, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:15 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) bind$x25(0xffffffffffffffff, &(0x7f0000000000)={0x9, @null=' \x00'}, 0x12) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 320.336010] RIP: 0033:0x46090a [ 320.339187] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 320.346912] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 320.354173] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 320.361437] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 320.368699] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 320.375965] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 320.469465] audit: type=1804 audit(1606963395.900:150): pid=17021 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/251/cgroup.controllers" dev="sda1" ino=16034 res=1 [ 320.586943] audit: type=1804 audit(1606963396.020:151): pid=17021 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/251/cgroup.controllers" dev="sda1" ino=16034 res=1 02:43:18 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:18 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|o\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q\x00\x00\x00\x00\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) getrusage(0x0, &(0x7f0000000380)) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000140)=ANY=[@ANYRES64=r0], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x4) sendmsg$BATADV_CMD_GET_BLA_CLAIM(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0x0, 0x9, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x8}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xffffffff}, @BATADV_ATTR_BONDING_ENABLED={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x5) 02:43:18 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x0, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:18 executing program 2: clock_gettime(0x1, &(0x7f0000000040)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000200)) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x106}}, 0x20) r3 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x9, 0x2000) setsockopt$inet_sctp6_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f00000001c0)=0x9, 0x4) sysinfo(&(0x7f0000000300)=""/231) write$RDMA_USER_CM_CMD_BIND(r1, &(0x7f00000000c0)={0x14, 0xfffffffffffffdd1, 0xfa00, {r2, 0x30, 0x0, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x2}}}, 0x90) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(0xffffffffffffffff, &(0x7f0000000140)={0xb, 0x10, 0xfa00, {&(0x7f0000000080), r2, 0x2cb9cff2}}, 0x18) 02:43:18 executing program 4 (fault-call:3 fault-nth:55): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:18 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:18 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x0, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:18 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$SIOCAX25NOUID(0xffffffffffffffff, 0x89e3, &(0x7f0000000040)) setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000080)=0x1, 0x4) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:18 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a3000f0ff0038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003a4193bb99644fbbf4925ab362a73b7d8eba7f97f93c7b300bef06b804809315cc57d58e3c1603c10535122c61d58d15f768de6c95ccff7d4fc32da83ee23ab5f6c75d57a63a121edd6d960c39cb2cf546c3e4c4dbbc59778c8bf2773358ac9afc95258d5f2fa899df5ffed2f1f986b89bdff30de04021b557e2870315d178ed247b615e01207d3cc31512306ca1a2435b54856ab60a067b379ebd60d73fda2b1567168897ec02b46f0b07316b7a7f69b99a351dc52d4192b0e36cb8d0f4a6b6553a14a19"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) [ 323.191767] FAULT_INJECTION: forcing a failure. [ 323.191767] name failslab, interval 1, probability 0, space 0, times 0 02:43:18 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000000)={0x7, 0x10001, 0x9, 0x9, 0x9}) r2 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r2, &(0x7f0000002000)='/', 0x1) sendfile(r2, r2, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r2, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 323.280124] CPU: 1 PID: 17051 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 323.288046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 323.297400] Call Trace: [ 323.299991] dump_stack+0x1b2/0x283 [ 323.303624] should_fail.cold+0x10a/0x154 [ 323.307775] should_failslab+0xd6/0x130 [ 323.311746] __kmalloc_track_caller+0x2bc/0x400 [ 323.316414] ? btrfs_parse_early_options.constprop.0+0x9b/0x2f0 [ 323.322471] kstrdup+0x36/0x70 [ 323.325668] btrfs_parse_early_options.constprop.0+0x9b/0x2f0 [ 323.331549] ? kstrdup_const+0x35/0x60 [ 323.335434] ? parse_security_options.constprop.0+0x90/0x90 [ 323.341140] ? lock_acquire+0x170/0x3f0 [ 323.345112] ? pcpu_alloc+0x8e8/0xf50 [ 323.348910] ? trace_hardirqs_on+0x10/0x10 [ 323.353143] ? pcpu_alloc+0x8e8/0xf50 [ 323.356954] btrfs_mount+0xfe/0x1fe0 [ 323.360703] ? lock_downgrade+0x740/0x740 [ 323.363059] audit: type=1804 audit(1606963398.710:152): pid=17076 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/253/cgroup.controllers" dev="sda1" ino=16178 res=1 [ 323.364850] ? _find_next_bit+0xdb/0x100 [ 323.364862] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 323.364881] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 323.364889] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 323.364900] ? __lockdep_init_map+0x100/0x560 [ 323.412288] ? __lockdep_init_map+0x100/0x560 [ 323.412299] mount_fs+0x92/0x2a0 [ 323.412313] vfs_kern_mount.part.0+0x5b/0x470 [ 323.424629] vfs_kern_mount+0x3c/0x60 02:43:18 executing program 2: r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x84042, 0x0) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-vsock\x00', 0x2, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0xe0006, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_u='version=9p2000.u'}, {@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@debug={'debug', 0x3d, 0x79a}}, {@access_any='access=any'}, {@privport='privport'}, {@uname={'uname', 0x3d, '/dev/nvram\x00'}}], [{@smackfsfloor={'smackfsfloor', 0x3d, '/dev/nvram\x00'}}, {@obj_role={'obj_role', 0x3d, '/dev/nvram\x00'}}, {@fsname={'fsname', 0x3d, '$!'}}, {@measure='measure'}, {@fsname={'fsname'}}, {@euid_gt={'euid>', 0xee01}}]}}) bind$isdn(r0, &(0x7f0000000040)={0x22, 0x2, 0xff, 0xdc, 0x5}, 0x6) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$IOC_PR_PREEMPT_ABORT(r0, 0x401870cc, &(0x7f0000000240)={0x81, 0x1000, 0xffffffff, 0x10001}) [ 323.428430] btrfs_mount+0x42a/0x1fe0 [ 323.432229] ? lock_downgrade+0x740/0x740 [ 323.436374] ? _find_next_bit+0xdb/0x100 [ 323.440434] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 323.446409] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 323.451859] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 323.456874] ? __lockdep_init_map+0x100/0x560 [ 323.461359] ? __lockdep_init_map+0x100/0x560 [ 323.465836] mount_fs+0x92/0x2a0 [ 323.469183] vfs_kern_mount.part.0+0x5b/0x470 [ 323.473772] do_mount+0xe53/0x2a00 [ 323.477300] ? retint_kernel+0x2d/0x2d [ 323.481174] ? copy_mount_string+0x40/0x40 [ 323.485389] ? __sanitizer_cov_trace_pc+0x4d/0x50 [ 323.490248] ? copy_mount_options+0x1fa/0x2f0 [ 323.494720] ? copy_mnt_ns+0xa30/0xa30 [ 323.498624] SyS_mount+0xa8/0x120 [ 323.502056] ? copy_mnt_ns+0xa30/0xa30 [ 323.505920] do_syscall_64+0x1d5/0x640 [ 323.509787] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 323.514975] RIP: 0033:0x46090a [ 323.518148] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 02:43:19 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) [ 323.525837] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 323.533087] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 323.540339] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 323.547588] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 323.554842] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 323.742144] audit: type=1804 audit(1606963399.170:153): pid=17101 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/253/cgroup.controllers" dev="sda1" ino=16178 res=1 02:43:21 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:21 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400203) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000040)={0x10000, 0x10000, 0x7, 0x1000, 0x3}) 02:43:21 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:21 executing program 4 (fault-call:3 fault-nth:56): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:21 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f00000000c0), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x10, r0, 0x0) mount(&(0x7f0000000040)=ANY=[@ANYBLOB="7914d6a321705bbdbf5ccde15fb8d35d8a2dc7fdf40a4cfbff0fa11670d5e68c5e9b4b53e767c5a11e"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$FBIOGET_FSCREENINFO(r5, 0x4602, &(0x7f0000000380)) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000280)={0x1, 0x8, [{0xffc, 0x0, 0x1}]}) r6 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_BSS(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="020026bd7000ffcbdf251900000008000300", @ANYRES32=r7, @ANYBLOB="0c00990003000000040000000500a2002000000005001d007f0000000500a2003f0000000500a200030000000500a30001000000"], 0x50}, 0x1, 0x0, 0x0, 0x4}, 0x895) r8 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_MRT6_ADD_MIF(r8, 0x29, 0xca, &(0x7f0000001c80)={0x0, 0x0, 0x49, 0x1, 0x8}, 0xc) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000000)={0x0, 0xff}, 0x8) 02:43:21 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x14, r4, 0x200, 0x70bd2b, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x5e6fc548202333e) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r5, r1, 0x0, 0x100000300) getsockopt$IP_VS_SO_GET_SERVICE(r5, 0x0, 0x483, &(0x7f0000000180), &(0x7f0000000000)=0x68) 02:43:21 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) 02:43:21 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000100)=""/47, &(0x7f0000000140)=0x2f) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000080)={0x4, 0x70, 0x23, 0x8, 0x5, 0xb1, 0x0, 0x81, 0x1, 0xc, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x2001, 0x1, 0x6, 0x7, 0x3ff, 0x1, 0x6d2}) r3 = syz_open_dev$audion(&(0x7f0000000180)='/dev/audio#\x00', 0xfffffffffffffffb, 0x2000) ioctl$SNDRV_PCM_IOCTL_RESET(r3, 0x4141, 0x0) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x3}}) [ 326.203906] FAULT_INJECTION: forcing a failure. [ 326.203906] name failslab, interval 1, probability 0, space 0, times 0 [ 326.259208] CPU: 1 PID: 17110 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 326.267130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 326.276487] Call Trace: [ 326.279083] dump_stack+0x1b2/0x283 [ 326.282822] should_fail.cold+0x10a/0x154 [ 326.286975] should_failslab+0xd6/0x130 [ 326.290951] __kmalloc_track_caller+0x2bc/0x400 [ 326.295617] ? kstrdup_const+0x35/0x60 [ 326.299506] ? lock_downgrade+0x740/0x740 [ 326.303652] kstrdup+0x36/0x70 [ 326.306844] kstrdup_const+0x35/0x60 [ 326.310557] alloc_vfsmnt+0xe0/0x7f0 [ 326.314270] vfs_kern_mount.part.0+0x27/0x470 [ 326.318771] vfs_kern_mount+0x3c/0x60 [ 326.322570] btrfs_mount+0x42a/0x1fe0 [ 326.326371] ? lock_downgrade+0x740/0x740 [ 326.330517] ? _find_next_bit+0xdb/0x100 [ 326.334576] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 326.340557] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 326.346005] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 326.351023] ? __lockdep_init_map+0x100/0x560 [ 326.355518] ? __lockdep_init_map+0x100/0x560 [ 326.360014] mount_fs+0x92/0x2a0 [ 326.363385] vfs_kern_mount.part.0+0x5b/0x470 [ 326.367891] do_mount+0xe53/0x2a00 [ 326.371432] ? copy_mount_string+0x40/0x40 [ 326.375662] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 326.380675] ? copy_mnt_ns+0xa30/0xa30 [ 326.384561] ? copy_mount_options+0x1fa/0x2f0 [ 326.389052] ? copy_mnt_ns+0xa30/0xa30 [ 326.392934] SyS_mount+0xa8/0x120 [ 326.396380] ? copy_mnt_ns+0xa30/0xa30 [ 326.400262] do_syscall_64+0x1d5/0x640 [ 326.404152] entry_SYSCALL_64_after_hwframe+0x46/0xbb 02:43:21 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x5c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0) [ 326.409333] RIP: 0033:0x46090a [ 326.412516] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 326.420219] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 326.427488] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 326.434791] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 326.442053] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 326.449316] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:21 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x5c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0) 02:43:21 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x8, 0x80, 0x3}}) 02:43:21 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="cb9943c2f2997dec6fe50a201bfbeba84b6e030000000000000019080625759145fd9944f58958b8ce3df1f879f471c7af37771cd812e9a478a475a986b4d98faad5db0b1e3b4d10fb1e4b4ef2b42398f120dd73be3a15d5b54e6036a645ab8d95bc20b2c50f4d6d729697168c2380548d6c66421dadc44c1d55e3aa00000000000007f3fdad2c07dad4169e0691500072e67ffe9e2a6a0cc8793c0911fa496f8cd5c6632e6ba45146b09a6c5f75c513cb3561b68d98ad5e1ace20eaf85ad0903a2daf773a14025f56b7be5e24f25604cfa434ce0ba039f193bb25914d14b0585af4554a7050c4ed103c0311e060b2d6cb994904787b72215e229a8cb4f3964c49a8193a75039221a157c85fbb1ff6758e131f827b2013eb068f96343ebf570500608904953b4075a0beb037f40eafc4569e43db7ceb810e5b5ca5233552975e750e05e5aa966503c1d9abbc4d92"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 326.574346] audit: type=1804 audit(1606963402.001:154): pid=17133 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/254/cgroup.controllers" dev="sda1" ino=16578 res=1 02:43:24 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYRES16=r0], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:24 executing program 4 (fault-call:3 fault-nth:57): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:24 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x5c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x5c}}, 0x0) 02:43:24 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f00000000c0)={0xcb, "98687197768c8b311974af652aa97d98668cd1bc977373afc4d0e259d7c513a068c2bd974018d3914e559dc02e7857687acdd65ee89bf28c2231c6b99860115a945dd127e11f8014022b96aca17ecf37ce8c3a3b788d25d29daf13cce620243d4deaf13c05f03999fb5c12e399330c7329b8bfaa5d5cd5758cbd517eecf3dd10abaa2a1b39aa27e7f5d9ecceffad2d6e9fa5aeef37a18a3766d48a3432439aaaffbc75a69adede35400b394c67eb2fac6eafd59d29cd20b11726b61bbef34f24f4ef506603700347d15df9"}) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000300) 02:43:24 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) llistxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/201, 0xc9) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x6, 0x0, 0x9}}) fsync(r0) ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000180)={"deceabe270fbc162d51189c4c50e8648ecff1f624e4e96786e09225a987f16e7d1d3d932334f2ba89da63a6205ef2e2693cbb5c16b2cb1700f388b6ccbbf822dfed353ad90808904f5b2cdcacc4348294a7d4baf131cf9c3a6074189c46939ee45a294a87a043234860959845ec3a0930b30b5bfa606b9bc563cdcf6553866f97dcbd77977a17a726ae4bb14a5e004ec418f1b719177d02f5c1cdbeba7cd866ca00eb9ba7acdb0780b595b6ee453acf58ff80b7500066e9d7a457238450dfec7adb40666cd76c6698a86f3fe0068f18737645ee909fed24146cb7b4ca064967e2e9d4c7daa6a311ce6dadad025c66d4456e1f903b6f5502f7f1cc476c409cbd8b7bbb4ddd6f7b92b95a1198734fc06daf6fbe63352fa4629be15e86a206fefba98b3b53adadefc25c1b656ebee02ab6d2a10a4cdc41e45d6d100a948e009a3ec201296e189366bafbd6e97e200acdb7084c600757aff3955281087eb54c48e6c0100c5e7c73ee9fe1fba5859ed62b0704390c996bc05ab81798ed50c09a17f08d6ff69fdc4a5b642ea9100d4e14ecfa4094b40f7c718eee2d8574f563f42aaa56974751c9e59ef0e8fbff84368c75f1f5d76e45a2c5004c0e76bd86a90d0bed39a1ed0538573e99e4fc5f39f869219ae363ab5604d469e10a8551e64caa43d0600568bba50fa2e93370beee864352169af6de3dbb3cdcd6bd45d3bdc79ee1bd9ac3806d34e2032527f5b03611b3885927a2794254f5fca3bbaed4bc5eae6866e7121a98c3191b18a300e2324cfdd184bd9569cdf3a9b93e62f803aa0a6de8ac4e1dfce022ec37e37317e6b70de31d3b708f5f262cab5a7eb0f990f9e714f48ba3e30a871703b620f67b2d54cf9db0d7b6b206314355eb758084214f1d8034981431cc3fce6e8ae4928b4f1dafb38c812d48bc0d42a7615c67a75fdcc93637bce785df9d077511de494a6211c9a886bf523b4238838971d9515d049bcada1b5a5c2f11f5e5e5f848ac940ef372e3164c9034fde76593f303fda2cbc49d7ed8c96790db32c01c8b909f46469c445cf917e951bc71c32212a8bb013f796b6eaa1c17769275ea86445d9c52fcc1f3026e3aad2b7ad06dabcbead98f194496f19003346808d619b16c854c1aeeb4c2edb6ebed2d00bb28a04d3f755ab5bc488665b47e825d4464a6cb77ac10a5060661423e1a5dae385f87ef2fe53f5f43079a9098b73bdd3c85983e03c8c2821449b78293eb62563fb6cb7642125501df6bce895a62f215a3ef23183790e5e2d03f483717492e7ea871b2bbe7f49d1fcd2e49e24e9246a6d490a9625d2351258fe786fd4009578d273d0b1a746f41c9175e029f46cf5e99beac722963c4f6e2a371f5d11f8368c88db640ae0fe199e4cf8d9ad393ac86c4da21c10811ad0db009d98a79195e2b9047b44f0aa926044bba806ef74fa"}) 02:43:24 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000080)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x1000, 0xffff, 0x3ff}}) [ 329.224081] FAULT_INJECTION: forcing a failure. [ 329.224081] name failslab, interval 1, probability 0, space 0, times 0 [ 329.250996] CPU: 1 PID: 17171 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 329.258908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.268264] Call Trace: [ 329.270855] dump_stack+0x1b2/0x283 [ 329.274490] should_fail.cold+0x10a/0x154 [ 329.278643] should_failslab+0xd6/0x130 [ 329.282618] kmem_cache_alloc+0x28e/0x3c0 [ 329.286769] alloc_vfsmnt+0x23/0x7f0 [ 329.290485] vfs_kern_mount.part.0+0x27/0x470 [ 329.294984] vfs_kern_mount+0x3c/0x60 [ 329.298786] btrfs_mount+0x42a/0x1fe0 [ 329.302590] ? lock_downgrade+0x740/0x740 [ 329.306738] ? _find_next_bit+0xdb/0x100 [ 329.310799] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 329.316780] ? rcu_lockdep_current_cpu_online+0xed/0x140 02:43:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x6c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x6c}}, 0x0) [ 329.322260] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.327276] ? __lockdep_init_map+0x100/0x560 [ 329.331780] ? __lockdep_init_map+0x100/0x560 02:43:24 executing program 4 (fault-call:3 fault-nth:58): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:24 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f0000000000)) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000380)='wg0\x00', 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x185000, 0x0) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}]}, 0x24}}, 0x40) sendfile(r2, r1, 0x0, 0x100000300) 02:43:24 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="5b379263002749a8944135831ff8a82958387a79655256c4072d26867d"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x60, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x60}}, 0x0) [ 329.331793] mount_fs+0x92/0x2a0 [ 329.331808] vfs_kern_mount.part.0+0x5b/0x470 02:43:24 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x3c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x3c}}, 0x0) [ 329.331821] do_mount+0xe53/0x2a00 [ 329.331834] ? do_raw_spin_unlock+0x164/0x220 [ 329.331848] ? copy_mount_string+0x40/0x40 [ 329.331863] ? rcu_read_lock_sched_held+0x16c/0x1d0 02:43:24 executing program 4 (fault-call:3 fault-nth:59): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 329.331874] ? copy_mnt_ns+0xa30/0xa30 [ 329.331886] ? copy_mount_options+0x1fa/0x2f0 [ 329.331895] ? copy_mnt_ns+0xa30/0xa30 [ 329.331906] SyS_mount+0xa8/0x120 [ 329.331915] ? copy_mnt_ns+0xa30/0xa30 [ 329.331926] do_syscall_64+0x1d5/0x640 [ 329.331943] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 329.331951] RIP: 0033:0x46090a [ 329.331957] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 329.331967] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 329.331973] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 329.331979] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 329.331984] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 329.331990] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 329.450338] FAULT_INJECTION: forcing a failure. [ 329.450338] name failslab, interval 1, probability 0, space 0, times 0 [ 329.450350] CPU: 1 PID: 17202 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 329.450357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.450361] Call Trace: [ 329.450375] dump_stack+0x1b2/0x283 [ 329.450397] should_fail.cold+0x10a/0x154 [ 329.450412] should_failslab+0xd6/0x130 [ 329.450425] __kmalloc_track_caller+0x2bc/0x400 [ 329.450436] ? btrfs_parse_early_options.constprop.0+0x9b/0x2f0 [ 329.450449] kstrdup+0x36/0x70 [ 329.450460] btrfs_parse_early_options.constprop.0+0x9b/0x2f0 [ 329.450470] ? kstrdup_const+0x35/0x60 [ 329.450480] ? parse_security_options.constprop.0+0x90/0x90 [ 329.450490] ? lock_acquire+0x170/0x3f0 [ 329.450499] ? pcpu_alloc+0x8e8/0xf50 [ 329.450510] ? trace_hardirqs_on+0x10/0x10 [ 329.450520] ? pcpu_alloc+0x8e8/0xf50 [ 329.450531] btrfs_mount+0xfe/0x1fe0 [ 329.450541] ? lock_downgrade+0x740/0x740 [ 329.450551] ? _find_next_bit+0xdb/0x100 [ 329.450561] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 329.450580] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 329.450590] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.450601] ? __lockdep_init_map+0x100/0x560 [ 329.450611] ? __lockdep_init_map+0x100/0x560 [ 329.450621] mount_fs+0x92/0x2a0 [ 329.450635] vfs_kern_mount.part.0+0x5b/0x470 [ 329.450646] vfs_kern_mount+0x3c/0x60 [ 329.450655] btrfs_mount+0x42a/0x1fe0 [ 329.450665] ? lock_downgrade+0x740/0x740 [ 329.450673] ? _find_next_bit+0xdb/0x100 [ 329.450682] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 329.450699] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 329.450708] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.450717] ? __lockdep_init_map+0x100/0x560 [ 329.450726] ? __lockdep_init_map+0x100/0x560 [ 329.450735] mount_fs+0x92/0x2a0 [ 329.450746] vfs_kern_mount.part.0+0x5b/0x470 [ 329.450756] do_mount+0xe53/0x2a00 [ 329.450771] ? copy_mount_string+0x40/0x40 [ 329.450780] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.450790] ? copy_mnt_ns+0xa30/0xa30 [ 329.450799] ? copy_mount_options+0x1fa/0x2f0 [ 329.450808] ? copy_mnt_ns+0xa30/0xa30 [ 329.450817] SyS_mount+0xa8/0x120 [ 329.450825] ? copy_mnt_ns+0xa30/0xa30 [ 329.450836] do_syscall_64+0x1d5/0x640 [ 329.450858] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 329.450866] RIP: 0033:0x46090a [ 329.450871] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 329.450881] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 329.450886] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 329.450892] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 329.450897] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 329.450902] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 329.481891] print_req_error: 9 callbacks suppressed [ 329.481896] print_req_error: I/O error, dev loop4, sector 0 [ 329.510608] audit: type=1804 audit(1606963404.941:155): pid=17205 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/256/cgroup.controllers" dev="sda1" ino=16905 res=1 [ 329.570801] FAULT_INJECTION: forcing a failure. [ 329.570801] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 329.570813] CPU: 1 PID: 17220 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 329.570819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 329.570824] Call Trace: [ 329.570844] dump_stack+0x1b2/0x283 [ 329.570861] should_fail.cold+0x10a/0x154 [ 329.570875] __alloc_pages_nodemask+0x22c/0x2720 [ 329.570892] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 329.570904] ? debug_check_no_obj_freed+0x2c0/0x674 [ 329.570921] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 329.570931] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 329.570941] ? kfree+0x14a/0x250 [ 329.570951] ? btrfs_parse_early_options.constprop.0+0x18e/0x2f0 [ 329.570960] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 329.570973] ? btrfs_parse_early_options.constprop.0+0x193/0x2f0 [ 329.570987] ? parse_security_options.constprop.0+0x90/0x90 [ 329.570995] ? lock_acquire+0x170/0x3f0 [ 329.571006] ? pcpu_alloc+0x8e8/0xf50 [ 329.571018] alloc_pages_current+0x155/0x260 [ 329.571031] get_zeroed_page+0x19/0x50 [ 329.571040] parse_security_options.constprop.0+0x1a/0x90 [ 329.571049] btrfs_mount+0x1d5/0x1fe0 [ 329.571059] ? lock_downgrade+0x740/0x740 [ 329.571070] ? _find_next_bit+0xdb/0x100 [ 329.571079] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 329.571097] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 329.571107] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.571118] ? __lockdep_init_map+0x100/0x560 [ 329.571127] ? __lockdep_init_map+0x100/0x560 [ 329.571138] mount_fs+0x92/0x2a0 [ 329.571152] vfs_kern_mount.part.0+0x5b/0x470 [ 329.571164] vfs_kern_mount+0x3c/0x60 [ 329.571175] btrfs_mount+0x42a/0x1fe0 [ 329.571185] ? lock_downgrade+0x740/0x740 [ 329.571195] ? _find_next_bit+0xdb/0x100 [ 329.571211] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 329.571229] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 329.571239] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.571250] ? __lockdep_init_map+0x100/0x560 [ 329.571260] ? __lockdep_init_map+0x100/0x560 [ 329.571270] mount_fs+0x92/0x2a0 [ 329.571284] vfs_kern_mount.part.0+0x5b/0x470 [ 329.571297] do_mount+0xe53/0x2a00 [ 329.571315] ? copy_mount_string+0x40/0x40 [ 329.571325] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 329.571334] ? copy_mnt_ns+0xa30/0xa30 [ 329.571345] ? copy_mount_options+0x1fa/0x2f0 [ 329.571354] ? copy_mnt_ns+0xa30/0xa30 [ 329.571364] SyS_mount+0xa8/0x120 [ 329.571373] ? copy_mnt_ns+0xa30/0xa30 [ 329.571385] do_syscall_64+0x1d5/0x640 [ 329.571400] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 329.571407] RIP: 0033:0x46090a [ 329.571412] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 329.571422] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 329.571427] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 329.571432] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 329.571438] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 329.571443] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 329.597264] print_req_error: I/O error, dev loop4, sector 0 [ 329.692244] audit: type=1804 audit(1606963405.121:156): pid=17214 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/256/cgroup.controllers" dev="sda1" ino=16905 res=1 02:43:27 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:27 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) r1 = semget$private(0x0, 0x6, 0x0) semctl$IPC_INFO(r1, 0x3, 0x3, &(0x7f00000004c0)=""/163) semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f00000000c0)=""/184) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = accept$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000040)=0x1c) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) setsockopt$inet6_IPV6_PKTINFO(r6, 0x29, 0x32, &(0x7f0000000080)={@dev={0xfe, 0x80, [], 0x2d}}, 0x14) bind$inet6(r4, &(0x7f0000000240)={0xa, 0x4e20, 0x7, @ipv4={[], [], @loopback}, 0x4}, 0x1c) r7 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r7, 0x0, 0x0) 02:43:27 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x3c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x3c}}, 0x0) 02:43:27 executing program 4 (fault-call:3 fault-nth:60): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:27 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$TIPC_CMD_SET_NETID(r2, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x24, 0x0, 0x224, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x2, 0x3}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x8001}, 0x8000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000300) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000002c0)={&(0x7f0000000200)='./file0\x00', r2}, 0x10) 02:43:27 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x4, 0x208000) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendmsg$nl_route(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)=@setlink={0x94, 0x13, 0x10, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x4114a, 0xca40}, [@IFLA_BROADCAST={0xa}, @IFLA_MAP={0x24, 0xe, {0x6, 0x7, 0xffffffffffffffff, 0x8, 0x80, 0xff}}, @IFLA_EVENT={0x8, 0x2c, 0x10001}, @IFLA_NET_NS_FD={0x8, 0x1c, r4}, @IFLA_PHYS_PORT_ID={0x22, 0x22, "0109ba2c6d70a0183c69e93d1c7ce548113342496ee5bf2c085a88750d40"}, @IFLA_NET_NS_FD={0x8, 0x1c, r6}, @IFLA_OPERSTATE={0x5, 0x10, 0x5}]}, 0x94}, 0x1, 0x0, 0x0, 0x4000}, 0x84) r7 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)={@cgroup=r7, 0xffffffffffffffff, 0x1b, 0x7}, 0x14) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:27 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x3c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x3c}}, 0x0) 02:43:27 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="fd9da773531c5fe526e1311d3fa58b53441686ee6b0aec6ed36014"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 332.297629] FAULT_INJECTION: forcing a failure. [ 332.297629] name failslab, interval 1, probability 0, space 0, times 0 [ 332.350791] CPU: 0 PID: 17241 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 332.358714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 332.368070] Call Trace: [ 332.370683] dump_stack+0x1b2/0x283 [ 332.374320] should_fail.cold+0x10a/0x154 [ 332.378472] should_failslab+0xd6/0x130 [ 332.382452] kmem_cache_alloc+0x28e/0x3c0 [ 332.386600] getname_kernel+0x4e/0x340 [ 332.390485] kern_path+0x1b/0x40 [ 332.393853] lookup_bdev+0xc6/0x1c0 [ 332.397473] ? bd_acquire+0x440/0x440 02:43:27 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x54, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x18, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}]}, @CTA_EXPECT_MASTER={0x4}]}, 0x54}}, 0x0) [ 332.401271] ? btrfs_parse_early_options.constprop.0+0x193/0x2f0 [ 332.407415] blkdev_get_by_path+0x1b/0xa0 [ 332.411561] btrfs_scan_one_device+0x84/0x330 [ 332.416056] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 332.421072] ? device_list_add+0x8f0/0x8f0 [ 332.425318] btrfs_mount+0x1fc/0x1fe0 [ 332.429117] ? lock_downgrade+0x740/0x740 [ 332.433258] ? _find_next_bit+0xdb/0x100 [ 332.437314] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 332.443292] ? rcu_lockdep_current_cpu_online+0xed/0x140 02:43:27 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x40, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x40}}, 0x0) [ 332.448742] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 332.453757] ? __lockdep_init_map+0x100/0x560 [ 332.458248] ? __lockdep_init_map+0x100/0x560 [ 332.462742] mount_fs+0x92/0x2a0 [ 332.466114] vfs_kern_mount.part.0+0x5b/0x470 [ 332.470607] vfs_kern_mount+0x3c/0x60 [ 332.474406] btrfs_mount+0x42a/0x1fe0 [ 332.478293] ? lock_downgrade+0x740/0x740 [ 332.482437] ? _find_next_bit+0xdb/0x100 [ 332.486496] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 332.492473] ? rcu_lockdep_current_cpu_online+0xed/0x140 02:43:27 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x1c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x1c}}, 0x0) [ 332.497919] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 332.502934] ? __lockdep_init_map+0x100/0x560 [ 332.507425] ? __lockdep_init_map+0x100/0x560 [ 332.511917] mount_fs+0x92/0x2a0 [ 332.515287] vfs_kern_mount.part.0+0x5b/0x470 [ 332.519783] do_mount+0xe53/0x2a00 [ 332.523338] ? copy_mount_string+0x40/0x40 [ 332.527567] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 332.532575] ? copy_mnt_ns+0xa30/0xa30 [ 332.536462] ? copy_mount_options+0x1fa/0x2f0 [ 332.540954] ? copy_mnt_ns+0xa30/0xa30 [ 332.544838] SyS_mount+0xa8/0x120 02:43:28 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x1c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x1c}}, 0x0) [ 332.548292] ? copy_mnt_ns+0xa30/0xa30 [ 332.552176] do_syscall_64+0x1d5/0x640 [ 332.556110] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 332.561293] RIP: 0033:0x46090a [ 332.564474] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 332.572176] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 332.579441] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 332.586703] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 332.593975] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 332.601243] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 332.675136] audit: type=1804 audit(1606963408.111:157): pid=17269 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/257/cgroup.controllers" dev="sda1" ino=16593 res=1 [ 333.094298] audit: type=1804 audit(1606963408.521:158): pid=17245 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/257/cgroup.controllers" dev="sda1" ino=16593 res=1 02:43:30 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:30 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x420241, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x0, 0x3}}) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5111) 02:43:30 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x1c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x1c}}, 0x0) 02:43:30 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)="0f", 0x0) r1 = accept4$x25(0xffffffffffffffff, &(0x7f0000000040)={0x9, @remote}, &(0x7f00000000c0)=0x12, 0x80800) connect(r1, &(0x7f0000000100)=@phonet={0x23, 0x9c, 0x9, 0x68}, 0x80) mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x5, 0x11, r0, 0x40000) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x2, 0x1, 0x6, 0x8, 0xffffffffffffffff}) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="c1ea4609ba637f9b502ed279107051eefba508babba2eb9f64494c744f3501a912a2bd80f8dad0af29af6bbf65ac642a96be6003a376a39945ad52845c4b80d5038f3535a80ddec9c2347129f3c28d362bf7fe33a822f40112323e84db3d9dbf8a5961c5cfc9e7ae2f738a77019c004ed3c6df88c4767efd9deb7b12c0d9d355666791b7b5e28bf627000014cba5e6ca97fb645909267df803d8d45ea3e7b1e353b59251551080c23190c8d7bcac09b202db4be3e5fb59bb3d41f33398ffce44f40a1ffe1c00671066944996b107018c35083dff06e753f471156a7c3abd031dcb3b942901442b50cbbb3d1fa4713d164ce10411131b1743a4825a335f2242abead1a1887d894c220a093bd46280bfc8ea29eaccc3935465480f8e11b54a03333efccf36de550077bf2d5219f6323bfd1899b2e2aca28b241377164bc58fc91a29d00d000000000000000000000000b2a7a24b76654a27f86dab2f8b9002385e535f62039603f545494ab4052bec550281e57c91f4f14b857365bdec"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:30 executing program 4 (fault-call:3 fault-nth:61): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:30 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000003829cc3eaad2000000000000000900010073790900000000000000ff0f00000000000000000000000000000000040004800900020002000000b1d600000900010073798e3000002000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) write$FUSE_POLL(r0, &(0x7f0000000000)={0x18, 0x0, 0x0, {0xffffffc1}}, 0x18) r1 = openat$cgroup_ro(r0, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) socket$inet(0x2, 0x5, 0x4) ioctl$DRM_IOCTL_AUTH_MAGIC(r4, 0x40046411, &(0x7f00000000c0)=0xffff) sendfile(r2, r1, 0x0, 0x100000300) 02:43:30 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x34, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x34}}, 0x0) [ 335.345249] FAULT_INJECTION: forcing a failure. [ 335.345249] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 335.357092] CPU: 1 PID: 17295 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 335.364975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 335.374331] Call Trace: [ 335.376928] dump_stack+0x1b2/0x283 [ 335.380679] should_fail.cold+0x10a/0x154 [ 335.384918] __alloc_pages_nodemask+0x22c/0x2720 [ 335.389681] ? __lock_acquire+0x5fc/0x3f20 02:43:30 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040)) 02:43:30 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x34, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x34}}, 0x0) [ 335.393922] ? __lock_acquire+0x5fc/0x3f20 [ 335.398154] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 335.402993] ? trace_hardirqs_on+0x10/0x10 [ 335.407231] ? trace_hardirqs_on+0x10/0x10 [ 335.411475] cache_grow_begin+0x8f/0x420 [ 335.415538] cache_alloc_refill+0x273/0x350 [ 335.419864] kmem_cache_alloc+0x333/0x3c0 [ 335.424015] getname_kernel+0x4e/0x340 [ 335.427914] kern_path+0x1b/0x40 [ 335.431282] lookup_bdev+0xc6/0x1c0 [ 335.434908] ? bd_acquire+0x440/0x440 [ 335.438717] ? btrfs_parse_early_options.constprop.0+0x193/0x2f0 02:43:30 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x5, 0x1010, r2, 0xffffc000) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="5c2be288d2ad6b507d06b31448ad26ae7fde6da82e124d47736aa2c6228a0e55ee58d4e9bc2d26018a0661d654331fe221532c28381a401bc6e5aa5bfe49fb0603bd7b55f2dff4f775d844486efdf943397139882df4138a56be27c56f1000"/109], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$EVIOCSABS0(r2, 0x401845c0, &(0x7f00000000c0)={0xdf6, 0x0, 0x2b20, 0x81, 0x800, 0x80000000}) 02:43:30 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x34, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x34}}, 0x0) [ 335.444863] blkdev_get_by_path+0x1b/0xa0 [ 335.449386] btrfs_scan_one_device+0x84/0x330 02:43:30 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x2c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x2c}}, 0x0) [ 335.449406] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 335.449415] ? device_list_add+0x8f0/0x8f0 [ 335.449432] btrfs_mount+0x1fc/0x1fe0 [ 335.449443] ? lock_downgrade+0x740/0x740 [ 335.449454] ? _find_next_bit+0xdb/0x100 [ 335.449464] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 335.449483] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 335.449492] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 335.449502] ? __lockdep_init_map+0x100/0x560 [ 335.449510] ? __lockdep_init_map+0x100/0x560 [ 335.449521] mount_fs+0x92/0x2a0 [ 335.449535] vfs_kern_mount.part.0+0x5b/0x470 [ 335.449548] vfs_kern_mount+0x3c/0x60 [ 335.449558] btrfs_mount+0x42a/0x1fe0 [ 335.449567] ? lock_downgrade+0x740/0x740 [ 335.449576] ? _find_next_bit+0xdb/0x100 [ 335.449585] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 335.449602] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 335.449611] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 335.449622] ? __lockdep_init_map+0x100/0x560 [ 335.449630] ? __lockdep_init_map+0x100/0x560 [ 335.449641] mount_fs+0x92/0x2a0 [ 335.449654] vfs_kern_mount.part.0+0x5b/0x470 [ 335.449666] do_mount+0xe53/0x2a00 [ 335.449683] ? copy_mount_string+0x40/0x40 [ 335.449692] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 335.449702] ? copy_mnt_ns+0xa30/0xa30 [ 335.449713] ? copy_mount_options+0x1fa/0x2f0 [ 335.449722] ? copy_mnt_ns+0xa30/0xa30 [ 335.449732] SyS_mount+0xa8/0x120 [ 335.449740] ? copy_mnt_ns+0xa30/0xa30 [ 335.449751] do_syscall_64+0x1d5/0x640 [ 335.449769] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 335.449777] RIP: 0033:0x46090a [ 335.449782] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 335.449792] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 335.449798] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 335.449803] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 335.449808] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 335.449814] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:33 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe", 0x23}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:33 executing program 4 (fault-call:3 fault-nth:62): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:33 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00000002c0)={0x6, {{0xa, 0x4e22, 0x100, @initdev={0xfe, 0x88, [], 0x1, 0x0}}}, {{0xa, 0x4e21, 0x1, @remote, 0x7d04}}}, 0x108) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000180)={0x8, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}]}) r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='cpuacct.usage_user\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$TIOCGPTLCK(r3, 0x80045439, &(0x7f0000000080)) sendfile(r4, r3, 0x0, 0x100000300) 02:43:33 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='./file0\x00', 0x0, 0x1005010, 0x0) ioctl$SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000000000)) 02:43:33 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x2c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x2c}}, 0x0) 02:43:33 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) socket$l2tp(0x2, 0x2, 0x73) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x9aa40, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x10b020, 0x0) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f00000000c0)=0x4, 0x4) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000080)={0x2, {0x3, 0x0, 0x0, 0x1}}) r2 = gettid() wait4(r2, 0x0, 0x8, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) fcntl$lock(r1, 0x24, &(0x7f0000000100)={0x0, 0x3, 0x71, 0x3f, r2}) 02:43:33 executing program 5: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x2c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_MASTER={0x4}]}, 0x2c}}, 0x0) 02:43:33 executing program 2: ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6_vti0\x00', 0x0, 0x4, 0x0, 0x3e, 0xd6f, 0x44, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, @mcast2, 0x1, 0x700, 0x2, 0x3}}) r1 = socket(0x200000000000011, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000010000104bffff7000000", @ANYRES32=r5, @ANYBLOB="0012000c033f0c6ca0d8fb7339a8000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8400000024000b0e00"/20, @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000b00010064736d61726b00000c0002000600010008000000480008801c000100000000000000000000000000000000000000000000000000040002001c000100d8000000000000e6ff000000000000000900000001000000060002"], 0x84}}, 0x0) bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev}, 0x14) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@initdev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in=@private}}, &(0x7f0000000b00)=0xe8) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000380)={'ip6gre0\x00', 0x0, 0x4, 0x20, 0x1, 0x7, 0x63, @ipv4={[], [], @empty}, @mcast1, 0x8, 0x80, 0x1035, 0xe57}}) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000440)={0x0, @rand_addr, @private}, &(0x7f0000000480)=0xc) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'veth0_to_bridge\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000980)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000940)={&(0x7f0000000b40)=ANY=[@ANYBLOB="04040000", @ANYRES16=0x0, @ANYBLOB="08002dbd7000040000000200000008000100", @ANYRES32=0x0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=r0, @ANYBLOB="400002803c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="8f7edc330c80a613bc6b872a6a04c18d03f1c9", @ANYRES32=0x0, @ANYBLOB="300102803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000500000008000600", @ANYRES32=0x0, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040009000000080007000000000008000100", @ANYRES32=0x0, @ANYBLOB="280102803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r6, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c000000000000000000000005000300030000000800040001000100400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004007f00000008000600", @ANYRES32=r7, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000100000038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400e20a000008000100", @ANYRES32=0x0, @ANYBLOB="f000028038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000008000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400ff0000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b000000080004000104000008000600", @ANYRES32=r9, @ANYBLOB], 0x404}, 0x1, 0x0, 0x0, 0x8810}, 0x841) r10 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r10, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00)='nl80211\x00') sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000ac0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000a80)={&(0x7f0000000a40)={0x18, r11, 0x0, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @void}}, [@NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY={0x4}]}, 0x18}}, 0x800) [ 338.374885] FAULT_INJECTION: forcing a failure. [ 338.374885] name failslab, interval 1, probability 0, space 0, times 0 02:43:33 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x1) socket$l2tp(0x2, 0x2, 0x73) r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x9aa40, 0x0) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x10b020, 0x0) setsockopt$inet_udp_encap(r1, 0x11, 0x64, &(0x7f00000000c0)=0x4, 0x4) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000080)={0x2, {0x3, 0x0, 0x0, 0x1}}) r2 = gettid() wait4(r2, 0x0, 0x8, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) fcntl$lock(r1, 0x24, &(0x7f0000000100)={0x0, 0x3, 0x71, 0x3f, r2}) [ 338.439162] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. [ 338.455077] CPU: 0 PID: 17348 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 338.463005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 338.463010] Call Trace: [ 338.463025] dump_stack+0x1b2/0x283 [ 338.463040] should_fail.cold+0x10a/0x154 [ 338.482734] should_failslab+0xd6/0x130 [ 338.486714] kmem_cache_alloc+0x28e/0x3c0 [ 338.490866] getname_kernel+0x4e/0x340 [ 338.494755] kern_path+0x1b/0x40 [ 338.498129] lookup_bdev+0xc6/0x1c0 [ 338.501753] ? bd_acquire+0x440/0x440 [ 338.505552] ? btrfs_parse_early_options.constprop.0+0x193/0x2f0 [ 338.511696] blkdev_get_by_path+0x1b/0xa0 [ 338.515844] btrfs_scan_one_device+0x84/0x330 [ 338.520340] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 338.525356] ? device_list_add+0x8f0/0x8f0 [ 338.529616] btrfs_mount+0x1fc/0x1fe0 [ 338.533416] ? lock_downgrade+0x740/0x740 02:43:33 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040)) 02:43:33 executing program 3: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)=ANY=[@ANYBLOB="8e8d30dce89e5cf745588ed46d8b64042c6e7fcc4dcc5870530f4d3a71e76c5b03ce765720b4071ba73e5658c5316585702bd2cb523695637b4d6ee0bb20166dc6e175eab2132395c5af1a83099a32c7b1ea80a9342200000000000059fa136d2716eb87577d897cc676b9a9e9c25ab8fd2ec443cd64db1d88d2843f292a75f4f5f8be6a09354a9a1d0d73dde88fac2fc9d5acbfa62cb321e12d498472b935d065b9e62750eb1a3e2ac71c02d9f06b568f04e46efe60b70876a911320d31fea4759032fbe46d4860d6", @ANYBLOB="8f18e472dda291ed1a290d2134e94cb6facfa49422891661bf0668d89ecd2fe2d862eb94357ae3806cefa5189fada5b79f8634272dd160200715176cec4d475e9a72fd211a5df76acfc89039cab545b311b4ce021aed90cd20b060f2f349534e13e97778a752cb3b0d8e9d8bb73e110b93bc71b0ee2c54d88f5080aeb2e1a8dd24bfdd47339433f82d1302c6b5c4e3", @ANYRESDEC=r0, @ANYRESDEC=r0], 0x1}}, 0x20088084) r1 = socket(0x4, 0x6, 0xd5bb) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000200), &(0x7f0000000580)=0x4) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) recvmsg$can_bcm(r2, &(0x7f00000006c0)={&(0x7f00000005c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x10, &(0x7f0000000dc0)=[{&(0x7f0000000640)=""/123, 0x7b}, {&(0x7f00000008c0)=""/86, 0x56}, {&(0x7f0000000e40)=""/186, 0xb5}, {&(0x7f0000000ac0)=""/134, 0x86}, {&(0x7f0000000b80)=""/157, 0x9d}, {&(0x7f0000000c40)=""/61, 0x3d}, {&(0x7f0000000c80)=""/47, 0x2f}, {&(0x7f0000000cc0)=""/199, 0xc7}], 0x1000000000000250, &(0x7f0000000a00)=""/76, 0x54}, 0x40000001) accept4$rose(r3, 0x0, &(0x7f0000000a80), 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) openat$cgroup_ro(r6, &(0x7f0000000940)='hugetlb.2MB.limit_in_bytes\x00', 0x0, 0x0) write$binfmt_script(r5, &(0x7f0000000100)=ANY=[], 0x208e24b) sendmmsg(r2, &(0x7f00000000c0)=[{{&(0x7f0000000180)=@rxrpc=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x4e21, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x92}}, 0x80, &(0x7f0000000000)=[{&(0x7f00000002c0)="cbf8f4560dd68ba9fe5127936eaecd5408df91efef19b04481e0a6e2b58a9446bb4cd8d6f903a4455925f71c9a8b7a16c29bb6000b13967e58ce9ba23205f5efe97eb44dd110591408870da905f17a53b3760452be6666c58233085f16720b03010bb93e166b4026f9c4e7e53aaee6ce111b9c209f7a2cdd82358fc917449aa7fe21d4321df1a2fe67f50416062828528522b654eb72039120f6efa48c43f66012a3904aba2e348f2565cfbbd9179b25cf6c86e9bd26797e43d083f9c446b875518eed8495fdfc860744ab0a3a5efdcf7d0664eb5e", 0xd5}], 0x1, &(0x7f00000003c0)=[{0x20, 0x10e, 0xa68, "e61c635af4825cb251e484b3a72165"}, {0xe0, 0x6, 0x1000, "e64c19a2c4ee54871486829a47b67c7d528a60bf84491f75326cb9d04d2bf0722b3da59942e0d8a3c24bf912502d003250555e1048f8d6cc6f1cab34681fbf6e791b20db47eedc82449895f44843b3db97bf99641c3108d2f0ae128f8955673a7bfae22f8e267caab98752459d21d57c67cb2864b912a631ad6bb00ba67406b26c18bd175ee620ce7d4688eba40989e3cb024547aa76d4ce92c2b0336d43f9fe09a8fbd9d52074cab55d458d06aec02e38cc7e0651c6e4d385f9765dde3e1cdd1c3a4870d9a0b4c624"}, {0xb0, 0x103, 0x0, "47239794b70e8bc46565dd57c6e8080cd255fcb4769cbf78e8771eb9a93c0eb524dbbd140c17b182ec325188b42e1d5d80c4d814f5ae6cc12a725c7ac44810cd7d50e8d976750b3367e3a56cacaf3737f621c8249333bab79fd8011a0188abaafc180b1f6478b6bad63267d3af5b2381e1db71f093797f66bf88fa5c814a3858907dfd2ba3a7dbac3f7c40187ed48b16a63aa8db06241842803e57aa6f"}], 0x1b0}}], 0x1, 0x20000004) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) read$alg(r5, &(0x7f0000000f00)=""/212, 0xd4) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r8, r7, 0x0, 0x100000300) 02:43:34 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040)) [ 338.537564] ? _find_next_bit+0xdb/0x100 [ 338.541640] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 338.541660] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 338.553061] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 338.558077] ? __lockdep_init_map+0x100/0x560 [ 338.562573] ? __lockdep_init_map+0x100/0x560 [ 338.567067] mount_fs+0x92/0x2a0 [ 338.570434] vfs_kern_mount.part.0+0x5b/0x470 [ 338.574930] vfs_kern_mount+0x3c/0x60 [ 338.578731] btrfs_mount+0x42a/0x1fe0 [ 338.582530] ? __schedule+0x893/0x1de0 [ 338.586413] ? lock_downgrade+0x740/0x740 [ 338.590561] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 338.596530] ? retint_kernel+0x2d/0x2d [ 338.600417] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 338.605436] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 338.610194] ? retint_kernel+0x2d/0x2d [ 338.614083] ? __lockdep_init_map+0x100/0x560 [ 338.618579] ? __lockdep_init_map+0x100/0x560 [ 338.623075] mount_fs+0x92/0x2a0 [ 338.626449] vfs_kern_mount.part.0+0x5b/0x470 [ 338.630948] do_mount+0xe53/0x2a00 [ 338.634531] ? do_raw_spin_unlock+0x164/0x220 [ 338.639029] ? copy_mount_string+0x40/0x40 [ 338.643265] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 338.648280] ? copy_mnt_ns+0xa30/0xa30 [ 338.652169] ? copy_mount_options+0x1fa/0x2f0 [ 338.656673] ? copy_mnt_ns+0xa30/0xa30 [ 338.660561] SyS_mount+0xa8/0x120 [ 338.664010] ? copy_mnt_ns+0xa30/0xa30 [ 338.667896] do_syscall_64+0x1d5/0x640 [ 338.671789] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 338.676980] RIP: 0033:0x46090a [ 338.676985] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 338.676994] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 338.676999] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 338.677003] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 338.677011] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 338.716915] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 338.730092] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'. 02:43:36 executing program 1: r0 = memfd_create(&(0x7f00000000c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x5) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:36 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, &(0x7f0000000040)) 02:43:36 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:36 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=@gettaction={0x9c, 0x32, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@action_gd=@TCA_ACT_TAB={0x58, 0x1, [{0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xdd43}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0xa, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xc}}, {0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x8}, @action_gd=@TCA_ACT_TAB={0x28, 0x1, [{0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x20004004}, 0x4080) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:36 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a010262e31c4f73a2b32f00000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) ioctl$vim2m_VIDIOC_QUERYCAP(r1, 0x80685600, &(0x7f0000000180)) 02:43:36 executing program 4 (fault-call:3 fault-nth:63): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 341.387811] FAULT_INJECTION: forcing a failure. [ 341.387811] name failslab, interval 1, probability 0, space 0, times 0 [ 341.399349] CPU: 1 PID: 17408 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 341.407229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 341.416581] Call Trace: [ 341.419173] dump_stack+0x1b2/0x283 [ 341.422824] should_fail.cold+0x10a/0x154 [ 341.426968] should_failslab+0xd6/0x130 [ 341.430929] kmem_cache_alloc+0x40/0x3c0 [ 341.434971] radix_tree_node_alloc.constprop.0+0x1b0/0x2f0 [ 341.440571] __radix_tree_create+0x323/0x4b0 [ 341.444958] page_cache_tree_insert+0x98/0x2a0 [ 341.449517] ? file_check_and_advance_wb_err+0x370/0x370 [ 341.454939] ? __add_to_page_cache_locked+0x1ed/0x840 [ 341.460106] __add_to_page_cache_locked+0x1fd/0x840 [ 341.465121] ? page_cache_tree_insert+0x2a0/0x2a0 [ 341.469936] ? find_get_entry+0x339/0x630 [ 341.474057] add_to_page_cache_lru+0xcf/0x2b0 [ 341.478525] ? add_to_page_cache_locked+0x40/0x40 [ 341.483366] ? alloc_pages_current+0x15d/0x260 [ 341.487939] do_read_cache_page+0x36f/0xc10 [ 341.492236] ? blkdev_writepages+0xd0/0xd0 [ 341.496469] btrfs_read_disk_super+0xd0/0x370 [ 341.500961] btrfs_scan_one_device+0xb5/0x330 [ 341.505436] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 341.510482] ? device_list_add+0x8f0/0x8f0 [ 341.514707] btrfs_mount+0x1fc/0x1fe0 [ 341.518483] ? lock_downgrade+0x740/0x740 [ 341.522607] ? _find_next_bit+0xdb/0x100 [ 341.526643] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 341.532609] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 341.538043] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 341.543041] ? __lockdep_init_map+0x100/0x560 [ 341.547515] ? __lockdep_init_map+0x100/0x560 [ 341.551989] mount_fs+0x92/0x2a0 [ 341.555337] vfs_kern_mount.part.0+0x5b/0x470 [ 341.559809] vfs_kern_mount+0x3c/0x60 [ 341.563586] btrfs_mount+0x42a/0x1fe0 [ 341.567372] ? lock_downgrade+0x740/0x740 [ 341.571495] ? _find_next_bit+0xdb/0x100 [ 341.575532] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 341.581480] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 341.586902] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 341.591890] ? __lockdep_init_map+0x100/0x560 [ 341.596358] ? __lockdep_init_map+0x100/0x560 [ 341.600826] mount_fs+0x92/0x2a0 [ 341.604201] vfs_kern_mount.part.0+0x5b/0x470 [ 341.608674] do_mount+0xe53/0x2a00 [ 341.612196] ? retint_kernel+0x2d/0x2d [ 341.616058] ? copy_mount_string+0x40/0x40 [ 341.620266] ? copy_mount_options+0x185/0x2f0 [ 341.624733] ? copy_mount_options+0x197/0x2f0 [ 341.629204] ? copy_mount_options+0x1fa/0x2f0 [ 341.633707] ? copy_mnt_ns+0xa30/0xa30 [ 341.637568] SyS_mount+0xa8/0x120 [ 341.641027] ? copy_mnt_ns+0xa30/0xa30 [ 341.644891] do_syscall_64+0x1d5/0x640 [ 341.648841] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 341.654014] RIP: 0033:0x46090a [ 341.657181] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 341.664864] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 341.672110] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 341.679398] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 02:43:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) 02:43:37 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$cgroup_int(r2, &(0x7f0000000080)=0x2, 0x12) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) r5 = socket$netlink(0x10, 0x3, 0xf) sendmsg$TIPC_NL_MON_GET(r5, &(0x7f0000001940)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001900)={&(0x7f00000000c0)=ANY=[@ANYBLOB="180012a4ac06e97eeb3718a62bd75c42b2fc53c29d11908a6bc28edd44dca52fe6f3aeb82b20ca792dfe16ac0b631331094a7541d819b67a96cd8af42ce82200d2ab36d7f201f8173ce632f41e0d5e1ccd1ff0094fecafc6cc903470d931d7cc2e5cbaed88aac983333e1748cb2d2340d067e531eaa5b7ccfbec3fcdf5a5cdde15af0b13e712a5bc2e114185c31fb58311afcc033f77a114e2da51437cecefd960b20e87c4e37613b47f6986afde905a189ef9525fcc260825d23fe0b912f922256bf5f35762581b06378b0631348d712b88631b88614412c757be5e18ea66947dd39e6735", @ANYRES16=0x0, @ANYBLOB="080025bd7000fcdbdf251200000004000680"], 0x18}, 0x1, 0x0, 0x0, 0x200000c1}, 0x805) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000040)=@int=0x6, 0xffffffffffffff01) 02:43:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) socket$inet_udplite(0x2, 0x2, 0x88) [ 341.686645] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 341.693900] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:37 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0xfffffffffffffff9) 02:43:37 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x3, 0x4, 0x2, 0xfffc, 0x3}}) [ 341.761695] audit: type=1804 audit(1606963417.191:159): pid=17422 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/261/cgroup.controllers" dev="sda1" ino=16973 res=1 02:43:37 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x2}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x1c, &(0x7f0000000040), &(0x7f0000000080)=0x4) 02:43:37 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:37 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) ioctl$BTRFS_IOC_SNAP_CREATE_V2(0xffffffffffffffff, 0x50009417, &(0x7f0000000440)={{r0}, 0x0, 0x1a, @unused=[0x100000000, 0x2, 0x1, 0x6], @name="30dc59dbd92b2a7f33f4607abc14db3c8ee8183a27dc8d737ddb67b2170a5dea7301578fa3bd7e4549e28adca67ebe90a28ddfa637c5f628ca3d9dfeaa8b5bdfa273f7e0c170a2f9c747c37c843b9bf7447d5b5db31b42e8bd299589c86615ea232c8f1defc86208459d2d2066a768c7339d537710915a98e161d5a0cf67b7efd3bc031d0f7449e2a3b77a645ab94ffcaa791d4287fc8f58ed4b56c5cd73820017729da2b678001bc116f90ddf0c15ec46439a42c82c81ca9f148dbeeb284ef3f396f14933bea8a005f47e30ee970af3b474a4db1df73ffcf46693fe27c20ec781f12d6488f84608a6f49097c20638ccb80ba559bec738c58357f72bfa7011605f19d28d621458ab107419f46441a87bba308db663d75638d2d911a7f2d56d594bbe10436a6e83af76fd1185aeebb4ff2649e57aaaa99044e88ee33e82d7f508ea54aefc3ed8026a0a4a87c158ba36390c1ccbee440cb01eaefc14e8e8f1d835081ac45e3544da464a2aa181da7a2b69a7f4287cc754d814b0239ff991118fb95d91d53cae90884d20753c790eb02a9d5b15497e1d7f6d894ca2d4bfbc48042693cec7aab9293b41ffd1526ace4e7c21d12da5c0c8da9529bb52c8368529d25c4dff39b7ecbeead84f3c0f9ff26c7b795ff7b48b0aed98aacb036d3ff11d40ebd4f7437f175735a84310698014cf99340ce7e60ae216e93c808d1e0cccf0fdb253f7ffbe892b821bea103b9f0fcf4b37b99ad210cbf5be32c7ea57411abca059223b24eb8ac5e8af9f274e783375801a3a05cae477c22db01230fbe72cc44fe9b5d09f86505dc7b855bc69bf805e18fc796d547491b12db1c1eb6b2a1c6858671565f8a4196e8be4120f76d1fcc42e661e2154ec3bc2b75821b2dcb88b38649e6bfe84cb3a459a22f73aff467850a131463d370d02a4b8538abe74e6046a8fcc1153f60befbf7834d0101f58fa573f49a3ef2b7ac6fc12f96a945a1ad1e3399f4d614a94882ae2dbc7e8722edeedf105f9a17649484657cb3a24ddde07aa5c4e366314c30054cf3b624567c8f8411aeb65f23acb7ba7b022f499d637f497d0b1a6a98a9d82e331ab53799bfd18e1dd44f6ed3ac8eb0af5223078ce26c85ec33fceabe305cf7396c326461a45d924af55cec61642e3c9c1dc153325763a423d010c686a53dcbdcbd4a5a2c8bdee659108f45b295d4d88234b104ce8642f92be78164cfbb789ea5c3e25dbdfd06bc4e31298a21b5b7c70a75ebd23b668a76a1d79252e65bf5abf722e5533378ba340378be751792f74ca8a82b0da78811d6d588c86f43a76e6050fc39e127fcca13ba39be8dd413a17a0dd2731e5f8084ad28d4864684d61bea0425c230b163495fc4de09475dd11e8613f93ff66e204406da74f97cfdd25dad1947741779eec8f3248b86480e132436ddd1cde36052410fd67adb92c9df3f4b7e8aff44704a48670b8a1de4b6a5277180cecfd1bb02026ea3e2b432fa52687d5e3445f3f18c19343d822368237eef3671e61c694860c631a10844c12452e9a187205ed7fb33a46d3764ae9f2734d6ac6fa4b61c3af94adec17e4fff41ab289d0a40e5b4becf8337ac97712e85cc6ac471c24287d1df98c0c1e064dbc8ea620651f47850c9beade2885577fef13dc82886f845e501b6450f329ed5b86d7c98d3c83df3f1a99f9df366ad1f9db69cb2813b6d0ae0a3c9b35f9a2b900e1825ba9a384f036a8b7f5cc7939ac6ab854892376f8640f00c4a26df99bb9de18411757828336cefead5a54e19fed8ccfdcdfca93251e35b55ea2561eff5a0c5a8bd0f2bca2ae2dfd8fff7c50460b9de5a763ef06b052444e62d688bf10060228e0f37d5af4d4d5704a8e0e17f037ccba79ee6ddea11d693c1e1f6bf0920e854b463742c3a380a72e5c7f4d7d05757786ddc0d54a3b679fc4b7a7d116841df4748ff6309b714dc5fdc1c8768b300dd239bc05bd7ff3d4862a72b456f7b99822f5ee2c3a430a436a43c3f61e3b61eccc64ff726fe242357bab83d62d1c2a91c0e943ef994d5d1527260d0ac9e1fb1d4985e42552b087942b277ec88c9dae801ef492f3b58552dcac8ddaa75f190b3a5c1c3cffcc51024214ed105f5fe9f25fdacf78af4895a44e97478b68e2a485820a5748b6e1e10433104780cac8ac6d25e2c645c3e5d956c331b481ffddfabae8374e94a271d0e3d4932505dad20a99aa73eb4666043163d45e5a83f7d3d69fa47be03ac854bcedf33ab7748bfbb5678707aae053bf0156e2950728ad52b3a8f68e677d89a51fdf81b6ac536d7cb52bbfa2147ad277bef92faea4683d1789b862695ec7060e3d886e69751de7b3b4b6743d776043daa1c452139feb05f82e1aef1a5ae4e19359a4d1d8f15026102ec0adfe1192998ae2e730b52ee5c9aaa46613833336adb69399bfd8d6bbbbf7e1c6fa1163386ef6f6bfe3df1820b2435615c1697aba3f3ad2a97b59ca8767b37d1f59f7eac25c65eb98874fb0d7ef87e441724fedabfa38b81a039eb3abdc5b0b92e009e221d5f264c0444eaa405f01327e66014c926ed69baa04cd6d4fb7f97fb3bbc9baaa3d46f5c0197c4b1ad1530cb60363c8746adcfc9572d423fcf0f16e8f7ebdbdf7914bd7f2bbf2e712c86c9ba2f356e48aaae6e51f8b97f3a97fcc510db5501938704647cd0d7e46accfbec3c1c8a5497769d927113e7d117af1fd288fbb8b4951456003115edeb4042bffa3ec832fb666cd227cbf2d8e31bf57f58a3d9f3b609126a536d94b0034709da416a33734dbd268e3c64a86f46cd6b6e02fc15b881229674927e15fbc999f314728ee9934ce68f5eee9ca460d52cc77aafdee38b757a7f582451514bf1cc0a5a21569ebbdf65c323fa7211333d286050bb175015b92dd454895cd4229acbe75bd5729db66ee0773857af8ec6ccc73cdfdb0b39d5a943f48f329775792a815afd005ba0fd705b9768e4838d4078daa7abb466b91d3dc78bc00804a2dba608bdf9476f19ad60573d972500b030272b2da75dac185ba9ca76f833ca8514019f3877986394504e5bca940291b613284207eda576e35b3ecaf7b9b3dfb709800084ec79dcc0b9bc512a6014df74c16523f00e1662bf42d0f0925ce785e5435b7df110b9e81cb07b8ea364585b890f753a2ed53d0d6464bafae4927ddf5f82a5daaee4098922bba4f1838a4d2964bd5d98152e6fd9d2c1194124397b23bdee5f957c5a6c4ec08929b393a4e2617ed050f43d1d463c368fd508fe71526d8d642189b31a972c5f835913f93d9e254a619e568b55784513b3e9e5dfe69445dd8048c7fb62313711c1715d37a1a9da5d1211a0fc92df05eb2fa9a621e6227d08785df7c325efcb8ba7f7fd7b0751b83e9e0663ce6eb2757fb7cf7da663e329459ad43d2b40cf441c2d14c0a7e0b2e4176be90d1ec062d4102ffae23029f014398ac4d56738b905bd2fd27568c7831afd09395f0f9bc571b8ac893575d7df409e934281bac9b845a81d8b7baf00aee04f647df37ab621954d1e43f29317e139237d6a32360b114987b8fc3188771381b730aa54fa716d0541d740c94793cb63074ffd90581f6d381cce2776134bf56e0ca10a4514d4fe364276923c1df712872172276ade8e8789af744cfb873ae5fadcd4318cf7b606acd4d0b5ff889bbba421040b817afdd461d860aa7944be7348a6b2ad10329b3114b2874bf0b56c030b164eee2c0b2de96dc1ba857cca1c6833b04590be488e3d3fe134c5cc42046425dad959fdbfa3d1402bdea846a60e0371f00262010d065c0919c561194fea78285d41fd43fa2f1c13d1907b924b14bd7d54b2557c811b9f6222eae75e4570dc35e6a311e74856faef1f1903c6cc9ad89f80b5ce70390865c09141e7f273d2db33f44103a66b1329b5f58b7a1e9695a9a74c5bbf622fdb71f494c673f3fb4c46da8b47412f31644e3dbefe386b296c7330246c73fd9e6e821c7aedcec9d30ad1eaa1582efb55cebd0ae6be0545a07642ab8696bc56300b8bebee6a6f219df50a458d82aed061014f295889c24989d5b510617eac10afdad7a722e1a1ceb2bfe231270648296a9eda01adec4aef9597cd81eb77432b39415a1ffd96b383fe1c89f597d1cf43d8dfaa8cc34a58cf09e029ae87692fd54337e8f50415b4882d4a53e0f238ca6d733e3d6dca9b22a8caf9b4c54a6ef2e9d6c92507337b36ad886d91c5e5a2aa189260e71b0a1ad8526597291ac3fd06e0560adc6aa6ee96ba2aafc41e2a64f2e9c0f84c81edb6129fd326c6f2afed5e1276dde739e5f06daa4886a9e322113126aad8e13f24774beccb8e5743e3b4a650cb06e606ea4833ae3308ad01d376fe2eb756b43a3a06696dca81eb214f2f4b99a18763fa293ab0a85d81af6618f0d8f25141551394eaabf798b186c17627d79951de068100a94309dd4538bc505f1f04301d12e4754a57c51aa81deee2214b6cfe68d51c88402858d6b81eef0412e211a9c0cb09943a924abed40766c9c96ec709df8c8f5d7949d16ac5945ab282ea9ac32799c155ae9ef946a0830a93af590cf8b452fff5168bd804ce04db14288afe17c036e6c1c8f800c9f091420b7660e296df90d85fdfe72a56c9ccf3e42deac694374b08495f253cc82e21b4109c65ffe01cf156475edf527a5b5f14349d21483192e1c8da6182b8cef6040e95778db2323a4b041a0bd5815d97b44de705abfeb7b5e6052fee0f00490b983dc791e727372d17557c11f8ed4095b5ef7252c5b6accb4d5985a349473e0728ebb1d85308cdd345e9da18de9743df8c0208c747090d900bb58f49147c6640856d28d45cbd72c2299dd244042acffc82cf47012ca12bbb73bbda9d85c8cf1953a585b069122d35aca974035c204fc91984e97899dfc84908e5192fb2c3b71fd5f5d96ea39a75aadebca3077d41a928e1ba00ebd8b3abd2b5f0ec4ff6117fd25fe0525753c44f61e0247d854ce61d43f63923daca39c2416c5412a8aee10a8078545d13f33dfe7d3c5f2dfdd752871c1f13eceaf9e93e2d8acbe169f79a5c2f20997337870811669a2534110f1b2660cbe9b13f9020132955551ef26e4b2876a2883aede5f1f984209ce3b6a839a00d29c292ba8ba82f73af050b9ea1cc04078865ccc0754c8484052349e34d81dde7ea4afce2ff0de1bf026a6115f5aa159b237fc6bf18020ff3a6e60db2e74775134268e42703040426fc53944bb1debcab1dd1ee929ade289fb5acf68b35e34a6e7f6c966ea2ca6372494184100ae4d1c68a8facb111fbadceca098e5c398018ffdc3654e862e3a7988f44070acc87f9c707c3db5c48d72c70ff4e310498ccd98ec154033478fd850a7b846f0fd00bba24aabff292a1c4194ed0c9dd5c8a09a69eeb3ae747bec655884e820dbce71df30a26a2c335e7f29d812d8fd27d31fc68510a34c20e259ec8584d6bee3c11c91bc7b2d7602222370fb3f1a534f61cc504f56a96a625a48a29448c69ec18f36067d1b13a5f08ba7bb520d9e653daf12c27532bcd02ee08b6df764cef84dcac1c87d1f68fb28aa531382cc32c7646a74331d9e90a7562addfc7f5f8c6d41cb330531d511a0acb5e3a312b7c78759d28f264729a8034b44937a965f93b404fc273fa735a3144f96770ada96c235a62b74ec46dd89356f3ca2f9ba984595292c8afc0ae5cf50aa1a5d5a5d12651980b358c748c865ec50"}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x8c, 0x0, &(0x7f0000000380)=[@dead_binder_done, @acquire={0x40046305, 0x2}, @enter_looper, @free_buffer, @register_looper, @reply_sg={0x40486312, {0x2, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000100)={@flat=@handle={0x73682a85, 0x1000, 0x2}, @fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000080)={0x0, 0x18, 0x30}}}, @clear_death={0x400c630f, 0x3}, @decrefs={0x40046307, 0x3}], 0x42, 0x0, &(0x7f0000000180)="cfdb3c3a3d69461c03ec15a8d6254466f5dc7e8df0f677e6297c352ef67a863ef4182f6dbbe2258de3a8e3d5da25593ab83d3d93a9da1cd9e22725575fb1a781f35e"}) mount(&(0x7f00000000c0)=ANY=[@ANYBLOB="a5626e15aca1d22a073a2efc2539c8e2cfe869"], &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0) connect$rose(0xffffffffffffffff, &(0x7f0000000000)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, 0x1c) [ 341.970729] audit: type=1804 audit(1606963417.401:160): pid=17422 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/261/cgroup.controllers" dev="sda1" ino=16973 res=1 02:43:39 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:39 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) 02:43:39 executing program 5: ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:39 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) read$FUSE(0xffffffffffffffff, &(0x7f0000002040)={0x2020, 0x0, 0x0, 0x0}, 0x2020) ioctl$SIOCAX25GETUID(r2, 0x89e0, &(0x7f0000000000)={0x3, @default, r3}) 02:43:39 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:39 executing program 4 (fault-call:3 fault-nth:64): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 344.434595] FAULT_INJECTION: forcing a failure. [ 344.434595] name failslab, interval 1, probability 0, space 0, times 0 [ 344.448998] CPU: 0 PID: 17469 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 344.456894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 344.466241] Call Trace: [ 344.468849] dump_stack+0x1b2/0x283 [ 344.472493] should_fail.cold+0x10a/0x154 [ 344.476638] ? mempool_free+0x1d0/0x1d0 [ 344.480606] should_failslab+0xd6/0x130 [ 344.484578] kmem_cache_alloc+0x40/0x3c0 [ 344.488638] ? mempool_free+0x1d0/0x1d0 [ 344.492608] mempool_alloc+0x10e/0x2d0 [ 344.496497] ? remove_element.isra.0+0x1b0/0x1b0 [ 344.501248] ? alloc_buffer_head+0x20/0x110 [ 344.505600] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 344.511053] bio_alloc_bioset+0x41b/0x830 [ 344.515206] ? bvec_alloc+0x2d0/0x2d0 [ 344.519000] ? lock_downgrade+0x740/0x740 [ 344.523150] submit_bh_wbc+0xf5/0x6f0 [ 344.526950] block_read_full_page+0x6ce/0x870 [ 344.528200] audit: type=1804 audit(1606963419.962:161): pid=17478 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/262/cgroup.controllers" dev="sda1" ino=16993 res=1 [ 344.531440] ? set_init_blocksize+0x210/0x210 [ 344.531453] ? __lru_cache_add+0x178/0x250 [ 344.531463] ? __bread_gfp+0x2e0/0x2e0 [ 344.566404] ? add_to_page_cache_lru+0x136/0x2b0 [ 344.571160] ? add_to_page_cache_locked+0x40/0x40 [ 344.576001] ? alloc_pages_current+0x15d/0x260 [ 344.580580] do_read_cache_page+0x38e/0xc10 [ 344.584908] ? blkdev_writepages+0xd0/0xd0 [ 344.589144] btrfs_read_disk_super+0xd0/0x370 [ 344.593640] btrfs_scan_one_device+0xb5/0x330 [ 344.598129] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 344.603147] ? device_list_add+0x8f0/0x8f0 [ 344.607391] btrfs_mount+0x1fc/0x1fe0 [ 344.611179] ? lock_downgrade+0x740/0x740 [ 344.615318] ? _find_next_bit+0xdb/0x100 [ 344.619364] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 344.625316] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 344.630741] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 344.635745] ? __lockdep_init_map+0x100/0x560 [ 344.640224] ? __lockdep_init_map+0x100/0x560 [ 344.644697] mount_fs+0x92/0x2a0 [ 344.648043] vfs_kern_mount.part.0+0x5b/0x470 [ 344.652516] vfs_kern_mount+0x3c/0x60 [ 344.656305] btrfs_mount+0x42a/0x1fe0 [ 344.660093] ? lock_downgrade+0x740/0x740 [ 344.664226] ? _find_next_bit+0xdb/0x100 [ 344.668272] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 344.674236] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 344.679671] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 344.684666] ? __lockdep_init_map+0x100/0x560 [ 344.689136] ? __lockdep_init_map+0x100/0x560 [ 344.693621] mount_fs+0x92/0x2a0 [ 344.696984] vfs_kern_mount.part.0+0x5b/0x470 [ 344.701469] do_mount+0xe53/0x2a00 [ 344.704992] ? copy_mount_string+0x40/0x40 [ 344.709206] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 344.714210] ? copy_mnt_ns+0xa30/0xa30 [ 344.718183] ? copy_mount_options+0x1fa/0x2f0 [ 344.722654] ? copy_mnt_ns+0xa30/0xa30 [ 344.726518] SyS_mount+0xa8/0x120 [ 344.729946] ? copy_mnt_ns+0xa30/0xa30 [ 344.733827] do_syscall_64+0x1d5/0x640 [ 344.737710] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 344.742886] RIP: 0033:0x46090a [ 344.746111] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 344.753809] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 344.761067] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 344.768323] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 344.775584] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 02:43:40 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x135042, 0x0) ioctl$TIOCSPTLCK(r1, 0x40045431, &(0x7f00000000c0)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x404e40, 0x0) 02:43:40 executing program 5: ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:40 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bsg\x00', 0x301002, 0x0) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e23, 0x9d, @remote}, 0x1c) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000080)={'icmp\x00'}, &(0x7f0000000180)=0x1e) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = fcntl$dupfd(r7, 0x0, r6) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000100)={0x88003}) ioctl$KVM_RUN(r5, 0xae80, 0x0) r9 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$BTRFS_IOC_SCRUB(r9, 0xc400941b, &(0x7f0000000380)={0x0, 0x0, 0x3ff, 0x1}) mount(&(0x7f0000000940)=ANY=[@ANYBLOB="cac034938b4b6dbc6e08efa8f088d7cbec168dc907046ad2ae2ebf4acdb362894a463ddf2f930889fb67f1e9f53959f00e788073291461c55d3e5c14addb07a7c9e9a090c855652c1bc43d06f8b3e6ac1c6b4cbc2cbf798f0d45fbaef6ce768a66f3d4d42fb571b287dba3887e6debe55d54b67c4ea0385a5c4a1a4baa26a632b26218b0535b16237a0de0e2761bc74de0302cd3276b2a7099f4289f030bd0a1295035d8d70220bd4df74aa17f535c83bfb5a404d43531d7301ac68718f5dd9af89864654a908bf366497482f0d8a8550087b8bceaab7e22cdae04d29498a36a9737a092a48dc954bce06d76c647e920f75673b4bf05aec3ece8925053b80106adca1145fee469bb7df085736fdaf3bf46b5bf45abe81542859a4f834a331c68ff127bde4b28b8cb75f8773e83c748c1dc8f7c51bcfa599f4ea4d529c21084fb27b5d084c20d17d096e47c4e2f1f2a8ce954f4c341f62713820e1d175b237cc86fdfefe6f842b4af56bb689b404d3ea167645e3ece4a07b3f8e7aa2fb2e9880efe38e554ca42ba93f2e4f99e77738e2fb8c6bc4bec886dbd8d350266f5862b7c6d503f3305cdae833001f322099c465a9d74f7995e23"], &(0x7f00000000c0)='.', 0x0, 0x5010, 0x0) [ 344.782840] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:40 executing program 5: ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:40 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:40 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_syncookies\x00', 0x1, 0x0) ioctl$BTRFS_IOC_SPACE_INFO(r1, 0xc0109414, &(0x7f0000002040)={0x463, 0x0, [[], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], [], []]}) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:42 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb", 0x34}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:42 executing program 4 (fault-call:3 fault-nth:65): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:42 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) getsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x28, &(0x7f0000000140)={@local, @rand_addr, @remote}, &(0x7f00000001c0)=0xc) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@empty, @in=@remote}}, {{@in6=@private2}, 0x0, @in6=@empty}}, &(0x7f0000000180)=0xe8) 02:43:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:42 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00') mount(&(0x7f00000000c0)=ANY=[@ANYBLOB="e4e1d1a08cb8a8feffffffffffffff1d089652d0d5a6739494f8641f0274e02d8bfd92eb7dd2146fe9c0ea4a669f64ff6f500500a84ccf223da531baca78b1a69e44f7b44d34cc2e6d4f3d3f9e6812dd6b3cc150bf1af7342d4411140e1703a5a6405c26605213f122c7825fc4f998e9d08adf3ddd96de13e1d361a0a1e0067a994a01be05a67e255c7b026e58e0f3727361ecd9ada90829d3a1d8b9892ee887559f29aa35bceeabc5bed35914ad922c4db91b287a02f350839fc27a4ab91b6d74a04fb23041f55509fd59e8f460169b560ad4e7979ef188e82cc44e2ce5d0627427118177951ab6492e4c44f0218a5445d0b92f84b611a59037f15516cdec5def8f227ce408a80a2dbb6cebf652d566e1fcbbcae316d3b89cbab5066660861c081b3e2680601a551fc46ef1da3cf7e16b5e98a97109437bc2f568e2289243f41c2a6ca11b13cf59c8353701c28c9c2422178118fd4c8113361ab6b0925cc99281cf9226287540ab8ae74a97d959d357c3a5d6a0523467d6e6bd4b0928fa830001c10d8507c881371b5a7e332207adb8fa07197d9e7872dd08fac5aa6969a9126b7d629d9eb8531d5ebd5b6dfb9ef46d7ca21a98cafba9c407ac3451a0fc946c49834b6492a5865a8970150d9600"/471], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:42 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000006298000000000a01000000000000000000000000000900010073797a300000020038000000120a010200000000000000000000000004000480090002000200000000000000090001007300000008000300000000"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:42 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:42 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000080)=0x8001) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x4}}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) mknodat(r4, &(0x7f0000000040)='./file0\x00', 0x40, 0xe5) [ 347.462886] FAULT_INJECTION: forcing a failure. [ 347.462886] name failslab, interval 1, probability 0, space 0, times 0 [ 347.505739] CPU: 1 PID: 17522 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 347.513658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.523016] Call Trace: [ 347.525638] dump_stack+0x1b2/0x283 [ 347.529273] should_fail.cold+0x10a/0x154 [ 347.533431] ? mempool_free+0x1d0/0x1d0 [ 347.537402] should_failslab+0xd6/0x130 [ 347.541376] kmem_cache_alloc+0x40/0x3c0 [ 347.545436] ? mempool_free+0x1d0/0x1d0 [ 347.549406] mempool_alloc+0x10e/0x2d0 [ 347.553296] ? remove_element.isra.0+0x1b0/0x1b0 [ 347.558044] ? alloc_buffer_head+0x20/0x110 [ 347.562365] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 347.567826] bio_alloc_bioset+0x41b/0x830 [ 347.571975] ? bvec_alloc+0x2d0/0x2d0 [ 347.575772] ? lock_downgrade+0x740/0x740 [ 347.579921] submit_bh_wbc+0xf5/0x6f0 [ 347.583723] block_read_full_page+0x6ce/0x870 [ 347.588216] ? set_init_blocksize+0x210/0x210 [ 347.592713] ? __lru_cache_add+0x178/0x250 [ 347.596945] ? __bread_gfp+0x2e0/0x2e0 [ 347.600837] ? add_to_page_cache_lru+0x136/0x2b0 02:43:43 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f00000000c0)=@usbdevfs_driver={0x1f, 0x2, &(0x7f0000000000)="fdcedbfdf7e401fa7a373f96185d56eb6ada2f2379f75cea473127a9c0c324c2b1d717369bcf8bfa688ec7b612d22c3d6a6d627d483e100ba880be023cae6e960a09ee10bf0c7858d4df33"}) mount(&(0x7f0000000140)=ANY=[@ANYBLOB="11c9053383a6ccb3536b1af9c58c75b0fc0fe1f2f3a97b10fdf45fa01803db051bdd72993ef529f1503f00acee19a5ed74dcab3e4e193cdbfc0c1b2895a21e185d652026fc7d5acbd9ee69269637a223a73efb5003dab1d641dd42bc78d075420e086a39f81f21f0e84bf2a4458518fabb754ac3b79ff7cb43cf356cb6b49c22f9bde3d93db35c8cbc66c89d4b5ead5b26f3cd3c04c97df1f1783dcfc9f43458650f4d"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 347.605592] ? add_to_page_cache_locked+0x40/0x40 [ 347.610444] ? alloc_pages_current+0x15d/0x260 [ 347.610457] do_read_cache_page+0x38e/0xc10 [ 347.610469] ? blkdev_writepages+0xd0/0xd0 [ 347.610485] btrfs_read_disk_super+0xd0/0x370 [ 347.610497] btrfs_scan_one_device+0xb5/0x330 [ 347.610509] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 347.610520] ? device_list_add+0x8f0/0x8f0 [ 347.610536] btrfs_mount+0x1fc/0x1fe0 [ 347.610548] ? lock_downgrade+0x740/0x740 [ 347.610559] ? _find_next_bit+0xdb/0x100 02:43:43 executing program 4 (fault-call:3 fault-nth:66): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:43 executing program 1: keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f0000000000)={0x0, 0xb2, 0x54}, &(0x7f00000000c0)={'enc=', 'pkcs1', ' hash=', {'sha3-224-generic\x00'}}, &(0x7f0000000140)="629c6c9583fd7d4d9b7e64736e343cecf7f23507f4066cf32d403970346b641454c36b49ed35048f451a122e8e7ea57d016dd1d98e2edf3ed21082e0088bfebf5ab3fa4c842f9c85a44c8680206e9b3edaa08a72da41f7da6b059a359fad062c405a2dbd97b4b2c7eb0bd07c7fe77b80bea1e7132e41ff24ef6fee24c71e380898594f7a6347b566db1e1187de3cede4d97e25e83069dcb89699cce5c23972f350885d6e7063b3a2bf1213b431110078f786", &(0x7f0000000240)=""/84) r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) write$binfmt_script(r0, &(0x7f0000000480)={'#! ', './file0', [{}, {0x20, '(,'}], 0xa, "5a0deee5f6fb4249057305e81e4febe68a1925204d1bfe55a2df29d2f08e8e9bb3fa7f640bf0176d92c60bf5f84fdb49b62b1a5e86fb3b4c1690b2bdd87e810c4c985801604f63b45b3690697ffa4fc371bd18b74f52937d72e358844d8400178d5362b11f38cabcca3894ea2ab9176dbd9e803444c1f1530552fa1e1dedba7db086921d8bc77c8339d84809d2f48bfd33afa852762a2bf1dc22b54d2782b1a9ba7fd2bf070139e08456801d373f47c558241a5a543614eab5c06ff428b488c6b8388639a29f667fd582fa6ae046f90e1fd1"}, 0xe1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_S_AUDOUT(r2, 0x40345632, &(0x7f0000000040)={0x3ff, "3b35549116754890ba0848bdab82acb54bc88d1ffef0e7d7f10051937386eb8f", 0x3}) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="5e78e29e3d721ff582710f51080046a99bdc8c65846849b18c6ffe43cc39f83cc1b780aeae989dcc4be172abf19219eeedee63da7a60c8daf837fa930c1108ca19ec3a8b5f6d436f9d55ddf7066f4d24b892773e1437aa7daa02ca2e3ac030d7f3d3f80000000000d9d45f0814ba6ffda31cec619dfb40c09b2b81e9451cbce11cbfbd736e22abde6dcbea3e5ff36d24197417b65432d406b283c60fdba86c15919cd7e22d0bf2e5d5a9d732747c177d95f1dfa65b00040000007c2023b2f5d1f96dc7bd345539a96cdf6457f2d35d4dd4e400"/220], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 347.610569] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 347.610589] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 347.610600] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.610611] ? __lockdep_init_map+0x100/0x560 [ 347.610621] ? __lockdep_init_map+0x100/0x560 [ 347.610632] mount_fs+0x92/0x2a0 [ 347.610646] vfs_kern_mount.part.0+0x5b/0x470 [ 347.610659] vfs_kern_mount+0x3c/0x60 [ 347.610670] btrfs_mount+0x42a/0x1fe0 02:43:43 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x80, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_TUPLE={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASK={0x24, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_EXPECT_MASTER={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE]}]}, 0x80}}, 0x0) ioctl$BTRFS_IOC_QGROUP_ASSIGN(r1, 0x40189429, &(0x7f0000000080)={0x1, 0x6e, 0x9}) r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ocfs2_control\x00', 0x200, 0x0) shutdown(r2, 0x1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000040)=ANY=[], &(0x7f0000000000)='./file0\x00', 0x0, 0x8c410, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x7fff, @ipv4={[], [], @rand_addr=0x64010101}, 0x8}, 0x1c) [ 347.610681] ? lock_downgrade+0x740/0x740 [ 347.610690] ? _find_next_bit+0xdb/0x100 [ 347.610700] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 347.610719] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 347.610729] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.610740] ? __lockdep_init_map+0x100/0x560 [ 347.610749] ? __lockdep_init_map+0x100/0x560 [ 347.610760] mount_fs+0x92/0x2a0 [ 347.610773] vfs_kern_mount.part.0+0x5b/0x470 [ 347.610786] do_mount+0xe53/0x2a00 [ 347.610803] ? copy_mount_string+0x40/0x40 [ 347.610813] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.610829] ? copy_mnt_ns+0xa30/0xa30 [ 347.610840] ? copy_mount_options+0x1fa/0x2f0 [ 347.610849] ? copy_mnt_ns+0xa30/0xa30 [ 347.610860] SyS_mount+0xa8/0x120 [ 347.610868] ? copy_mnt_ns+0xa30/0xa30 [ 347.610880] do_syscall_64+0x1d5/0x640 [ 347.610897] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 347.610905] RIP: 0033:0x46090a [ 347.610910] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 347.610919] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 347.610924] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 347.610929] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 347.610934] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 347.610939] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 347.674115] audit: type=1804 audit(1606963423.112:162): pid=17521 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/263/cgroup.controllers" dev="sda1" ino=17010 res=1 [ 347.811804] FAULT_INJECTION: forcing a failure. [ 347.811804] name failslab, interval 1, probability 0, space 0, times 0 [ 347.811817] CPU: 0 PID: 17558 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 347.811823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 347.811826] Call Trace: [ 347.811841] dump_stack+0x1b2/0x283 [ 347.811856] should_fail.cold+0x10a/0x154 [ 347.811870] should_failslab+0xd6/0x130 [ 347.811883] kmem_cache_alloc_node_trace+0x25a/0x400 [ 347.811896] __kmalloc_node+0x38/0x70 [ 347.811907] kvmalloc_node+0x88/0xd0 [ 347.811917] btrfs_mount+0x911/0x1fe0 [ 347.811928] ? lock_downgrade+0x740/0x740 [ 347.811940] ? _find_next_bit+0xdb/0x100 [ 347.811950] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 347.811968] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 347.811978] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.811989] ? __lockdep_init_map+0x100/0x560 [ 347.811999] ? __lockdep_init_map+0x100/0x560 [ 347.812009] mount_fs+0x92/0x2a0 [ 347.812024] vfs_kern_mount.part.0+0x5b/0x470 [ 347.812036] vfs_kern_mount+0x3c/0x60 [ 347.812046] btrfs_mount+0x42a/0x1fe0 [ 347.812057] ? lock_downgrade+0x740/0x740 [ 347.812066] ? _find_next_bit+0xdb/0x100 [ 347.812076] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 347.812094] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 347.812103] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.812114] ? __lockdep_init_map+0x100/0x560 [ 347.812123] ? __lockdep_init_map+0x100/0x560 [ 347.812133] mount_fs+0x92/0x2a0 [ 347.812146] vfs_kern_mount.part.0+0x5b/0x470 [ 347.812158] do_mount+0xe53/0x2a00 [ 347.812170] ? do_raw_spin_unlock+0x164/0x220 [ 347.812182] ? copy_mount_string+0x40/0x40 [ 347.812191] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 347.812202] ? copy_mnt_ns+0xa30/0xa30 [ 347.812213] ? copy_mount_options+0x1fa/0x2f0 [ 347.812222] ? copy_mnt_ns+0xa30/0xa30 [ 347.812232] SyS_mount+0xa8/0x120 [ 347.812241] ? copy_mnt_ns+0xa30/0xa30 [ 347.812252] do_syscall_64+0x1d5/0x640 [ 347.812268] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 347.812275] RIP: 0033:0x46090a [ 347.812281] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 347.812291] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 347.812297] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 347.812303] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 347.812308] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 347.812314] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 347.892755] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. [ 348.258613] audit: type=1804 audit(1606963423.692:163): pid=17578 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/263/cgroup.controllers" dev="sda1" ino=17010 res=1 [ 348.258676] audit: type=1804 audit(1606963423.692:164): pid=17546 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/263/cgroup.controllers" dev="sda1" ino=17010 res=1 02:43:45 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:45 executing program 4 (fault-call:3 fault-nth:67): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:45 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xc620bc33822cd786, 0x13, r2, 0x9727a000) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="6c3f5d8cbc4aa6eae3654a635e767126a8aabeeaa2edb4349104df86524f168d6afdc4567d9cf5e75af974bc0ca4794f65201a29158030f982c32b163954741edf4c8957d4b1ae87bd4bab926595656244c4dbec4da429dab31e4212b0ce2dde9fdd3d0d8e64a97f1964409de14dd6a154067869b217d3fbb34a8f3334c5425acd349c"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0) ioctl$SIOCRSGCAUSE(r5, 0x89e0, &(0x7f0000000180)) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00') r7 = socket$inet_udplite(0x2, 0x2, 0x88) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x61, &(0x7f0000000240)={'filter\x00', 0x4}, 0x68) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r8, 0x660c) sendmsg$TIPC_CMD_GET_BEARER_NAMES(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r6, 0x400, 0x70bd28, 0x25dfdbfe, {}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x20005001}, 0x4000000) 02:43:45 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x4) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r1, 0x0, 0x100000300) 02:43:45 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:45 executing program 2: ioctl$mixer_OSS_ALSAEMULVER(0xffffffffffffffff, 0x80044df9, &(0x7f0000002440)) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000002400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000023c0)={&(0x7f0000002540)=ANY=[@ANYBLOB="00000b3f594008c39ec1579f6f30bc86d5a3b8863bf6a9e2af68d07e355736840f5dff233ac0c629dc064f63", @ANYRES16=0x0, @ANYBLOB="000328bd7000fddbdf2505000000540007800c00040003000000000000000c000300e2000000000000000c00030006000000000000000c000400242fc308000000000c000400dd2d0000000000000c000400060000000000000008000100010000007800028008000200010000000400040008000200010001000400040008000200810000004c00038008000100ffff00000800020000000000080001000800000008000200000800000800020034f6000008000200000000000800020009000000080002000600000008000100000000000400040004000400180007800c0004001f0000000000000008000100ffffffff240007800c000400ff0100000000000008000200d50300000c000300ffff0000000000001c00098008000100070000000800010000020000080001000000000064100680041003009c1246c1673ddfe677f475860e9a0c63cbcb519280717de762f3afcb09aafcfbca5ee0f5b3d301fd9f6d36abe67fe10a33adb80e09c5aaeaa39bea26a188694500ef02d2772f34802b0cd5980890f9faf04376d7425a07699ae5d01d50841edd22eec57d462fa4427243924e203ae5d7fa704c0ad3104797ca93c27bfe770bc228e08a27dd6bf64a5591cc88c995b18a1223db19f57a554b789136c53755744f5fd631bc205b2538df7e7902b62865e5a9887d7c82453feaca331f638c72ac4174dae9ed34649430bb1a3c207b7ded916f74ff391be4b78f57e3d67102fa90b3793478f88cd1ad5643a8a4feca81fb530c33a4467337d58e240ad602997f0e7fd6493926a4e10ec7448663dbfd2ebdb46768353f05b9061c427bca9459dabc175d45fd67b0f78fcc85bfc3ecc56308caa6b5ea90aee9f5703cb87415d9d90b2146901754af5bcb1ea1d2d31a8526cbf70d8c29d7b5809d5c0370f2ce538a9808bfe673100b4fbed3c4436d2ac3963f9a66eef0fce0fc4daa86ccdf7dbb2e3e5b97eea0b845b24bed91d962c51934c52f2066de2e898a5aca3c511d18aa3f7982eb933f37a74adf680ee3d35d2d7a9f9bbe53c62a64cc59fb2fe3b0088949a5cce48da7b3af1edb7bdac967d62c299c58cf511e1c8cc2d5bd80bbdf709cec4e775023a58e0470cb5b74ebae00d3f2c9973e4676922993eb419b6ccee11a8fc35a7517614515d83cbe35b908d9839a7d8d89c984ba8caa88bd504a097942307693259881db1b4a75b6a7135b60c34bbc916f0ef7cbb0b04629976b35065027969fe2bcb16a2673db098e8ccd2b90189fa14cec7ad8753c88bdbb1f4719187cac6809534e91159466145079f7016960ee63d31078f381893721c7740f76d4c09109f946e4a4d0e2faec18bd77c6fd9d3971084ffda97df09dee887cff034e8279c61f2238555dbe0b85d711e925a9a33a69c6626b8292afb3794ddf0023e24b58c18a84d10d59090ecc3ec231d1426f209f3d31977ac4f6b6a50e9d44664e38ebc4385978fb88830d2a4e4d44a9054d77619b2c3d9a085abc44ecaab1e5564841296e6f0297ee4ecccbbf146e840a7f756ce3f393e38a55c207f1551c954c2fdbf26773b7b81f20da43d78d6b84f62fc1e50825d19cbfd3d9cd9a7d855d5b53fe35c6e807839d5d0689d23c6a00874b7ba3d2860224a1fb020014648f67aa9e9875eb86121eb98303cc431ffb4547d63014d03f92544a1cb1a9901b0e50dc26784ca8d17729eb1155bde08b60d4dadc8b37bee3d7928ec65236a48dd2509f09bf7f021fa4ad04490f3ec15b97852a1979865348faeed5fb1a0ff5c9e03db041acf94f397276d2508377bdba09c4b921e6beb07a80b109a6b395981e40edff80cab78edee9dd2d0fe3477f71625e9a14680b2b17870286e24d497c6c66efe87ecf62f4da64e4e5e8c2cb27c008de5ff5e3007d359966634849fcae701cf7cdb04c5afa8aa6430266d09dd0592c49bee988aa43858f447bf4de5bffb7fd087144a71209adb3d50d8b2e4eb9487e595025ea3c7b3d7a3017899fa2f5a01d84904ba6f1bb34cc18fddeba37b91c3e1201282b213f6f409fc8414154174c983e75bd6956ac521aae9ec0d358bceb7bd19b98b8e75a9f9c27d9313bed291691b0fc717c6df46f4efd0569cfe0c372b863693eab0b6b7cf819ea8d06cb5e0875af01d78183d9a1d90f833c106b88edca4a9d9fa4800ac82cf40009714aebcc31de844a2bdf05951e50930493cc5210e43e8b39f2d3078c8767cecafe6cc37f75b1e013da872e636de5c09167245b65920f9323e795c4605cf69399610fab28e3eb2ab8b76d844e42f36f721488bfe0425f67ee50898b91056b39b80bdf3a15bf7a82aaaec004bb8117c7891f2ca844600256e8a5423e4648bc30c9d01bf86a2dd4a1924e58ac7dd4697fe3545fb76325280405b889e44f18576dc0e5ac8dd5b18a42dc1a9394f72860c0a38519e283d18f6e36a3727b7eeeda81788e6dd64249d7249ace7ecf61223a85e0ba0d29931619fc77144ef3f794f0f90869e34552d9630101b496917e9bb19ded5949ea5a4dbc8632eb52c26cf5242c34e5a086973da77016eb4d5281f1180555c752d54ca10cbb1082e9c3dc27ad17e63b3859256084474ab8f4f3ab3a8cb0dd09bfc75b049fcb599a2dcf285242e1daa05dee3ca34350401c37cf37d62e4716111fcab5ed9d0d117668e805004b992307aca6ffce41df32a6de67756e327a1d008b509d73598feab6d9d88cbd07fa15d29b990e334880254b9a1da32a2da4f295f7db00498dca8493cb8d46e438b2c9df02cfd45bf2d85060b2148b921abd3d5eb506b91f7073ca875e18243ba4559efe85d0df8b43d31548ac1f2f54fb65b0c648b6549b9afc0fd749bb4a923ac32482b0ad4718a664a268cf83c00f91ceb34022008465da8c2d23f405d11d64f3df4271968398c27af08897a4dd1a94e5ff8da28c0168d93f28fe46edefa9ca4a4042f06867fd9d7d377d775911d92d16e6c7feaa1188cac2f2552471ebc5241ab7a868c83d0b05764ddd74cfa938d57ff245294ab98641e2f5c126fffc2bd738b861fdebfc9372e838f07bfd075694502def5abc8b3d597ad205ae6befdd3cfd7989c40ac54f536d6971e43c45727e98613a2e012b1ec66c68bb10fa7999bec706024020bfec734581f2171ad03953aac6519fe31233c2e128daeb4319f6cbd2c91d98cbc533a11a218a8b199a3b032d74cba7c930e1e12b795887f267eb84c535ccbfb2e4293c2c4b6883c78fb4111d17833913d26f1cac1c2c4d1e9b177c51b360cdf8b20ea7b7a7c0b8eb2e32dd0779f824f4681206f91e62041593b79c0c736c63e4d5d98d740ea6cda710292eaa044e6c847e80fa149186716eed02d2357fca0d5184758acc7688e6a30c9d6312730192c215fa9137619fa0e0c5cd640a6492ccc08860f757ce4313a8f014302cff0a374a8c084f826a22b45724b46d7a8c65487f1d0f85a333c6f959a57c8e1a0638511f0f651aad0797410d8f88535939bf296aa46f6f07899f8b47d1a8e0d4d825ccf50d5cf984bceada1d1a1cd377b273f89eb15413f588074261b24c71e9d3546d363e1fc38cd0fb6318d7a13519001064b6fd7962077714752a1d9590765a2da7bffb71f3c1bf16f6caacc766dafd1a530d6fc5486d0ccf40d8b0b5d5baaf696686182282713f05d9dc27d2877c06fec9047fabe61c42cb81346a8f1d4dd2bb22b87f6fd59c4b5762183a4aec532cb5fbb39d25e59c7d6109327d7fd08675a2cb91b65f01b7ef6b8eb8c171914254e497165bd87481c0f9447dfb59b26397071fce2862a01f5514300352ba5e716ff0739e482a858700e27bc53152ca54418a105a08e8d177f95837e51fc99645c26e008e2a14dc678a7b66ea466407459f620ae2f1e55165c8af9e8772a8e09936d511c9897f44317538e7e273ae6c00660c3083dc0acee5fa3672323eef49ea73975f3386928c2dfeb537a88a553a97532e1190d4c4e5cac3870eeec4db5c96789a4e67ac6fb775b3d730c60400722d2c9dfd654132a77047f81259cf7c889ed748352cbaba3da4fccb1f73182bfffb47aec8f9e661d76074c9bee91fee545319916e06e1bb9c2004cf1ff2cd4c6804d666c8ce23b9d102c9ca7fa449fad184e6439b7d9f5d17a878a757bcea9f790b3b79d9002861d193e3c50fd835976526d0fbebf4a7b5d6aec623bc402c806463bfdb75f21f423e170d715069c703874a1e4edb94cf92b44800dffb448382db0a4655311688bb4c3d072a5b2cb8ab6e6cd86b229243e83d20a8db588f9ba2d5dfa46d1f9ed1d801af5329900c96e129f866af8c4e9262ae02acf49018aecc094f23c4b66e99a03f94c43fc3c630deae73577c98b6ff43cb6e6a4ecee096a5b035bc45905bc4a5f4745f8ef44be2d77724a0243caeb954272f788a59c5a541665bf3457f734b7d460e9f5fe3f6154e44ff0bac64c57348684e74e9f4db7fb065ae81c1516a78d57d5b37fa99cbba3327661e2a7438946b27ded109a3305a1fb481ee4dc9b39f22ce56ae52847e8e711b7f0a047d58ac0e7d145e65f9796752e438e2f3b36b647d512206293cf68b19d39118bb8f121705dfbb7817a3cee99889fdedeae091f4d14aa4b48e98bdb514c430efde6b8ceefd3d0d374ca857856b0f0673f7394bf5e4089334d8deaa49fa1444d0170c67c8575f0291cfefc25e61356b837609943664d9a75ae3d9afe24512ccbe2353e1837508ca102b2a0a2b37244dd6615f8a9c51a8931e09d54088773ee60acd0e19db09d66aad477068fa4ed8dd31d1a818b9883a2265ebbc98b4ee2cd9f352780506d8aa44c3d7076e4c4fe6972d1d3c388959132cd583d8b8b7dc46de49cf28fdda304b303368c09dcb2c6053031b8fb56a3bdc6fd6e46372ace3bd8cca2379836dddc6ca21cdc59ca98d6d622ed2fe64ba836ef1dd1c4e1867bba6feca50fa9527009d56f1261b0942f31daaf8e189b2cce908a886f8bbedc8ba1c7040886780ef0b7ac34c0b4a825c2e20ffaac8de93edc09020d24624ddeeeb91df025fece001cb93cfb6f0190b2bae5dd32045092ba9066f6d73e238b7c5e6ac54ba5f0ad927ebadd98756285c32bd4f5821ef39db9dd0b310f56b57e3b59aa4fdb8f8f4a272d971506f779871e35e57e3542a6be0f2ddb82a933e53074924473e8cbd1f3b7a678be616f5036b65be3e4f9daac111a6466c6f84879e384cfac33d14c6d33c7c54c87d7aa4636f5e68110223da2beda3cea5aabf28b3a275435101783fca490a916a54f930a909b4133eb0d14997c401b3eb662a04c3dbeaee8d790f929871ac23d2e2dbd2f8cec9cc6a27bf1bbb726ba45cd5508af1d53c6a593cd46c191d1ef3c7d9b22928160c7d3b0bbd0a3b07a2be612815d089d9f478ae2a0327218aa26bd4ef85cbbf8b30d32374d2b5ca505d53ed99f8f2e7a425ff40768eb057213189c2e88417b021504fe3993e9af0feab718f61681f13dd71f6ee3e378d7b28d8daddea5d9ec3dd4ec4a017f5f243e9867b6ca6294d21e26bf7a327fb6092333852df4afa8300b2687e8fcab4965256a0540fe6c9efa5e5b0778afc73f08b4486af107c9aae91c9707048999f73516f8e24e8e68650e4ece69c4f1cd032f406f6793853f22f91aef14e2083d2205883d244b3d040b6c95ef8e0ec3203494f9d9cacf8af3d31720f2ad085bb964bca22cbc04fa866b48bb0aa0faab4f7e81995a3b6d48f3d1028bd029dbd5d5864228359fa629ebe159bd5f9ca09062e368da8e4698882f5db6c336761dadcfd028bdb0e105db20cd4e42647d6d1edc5cd4bf150fba9dfbf13fb299742a938571863230a393148e0400579dc6dc02422a61ae0092534db6db3a1700c91f69806162169e969fbaf30817bb1c8e0a4a376e1d245b5194a239642594d91c9cbc36c048c3c3aa7c0532c323bc69815d34a29bf6f79414d2e963cf24cd7a3ffd0acecadcc281439c006e8f2914664146e01929315c349ff75575d1fc1c84b3d80a3473b13e6e3aea4cc914537dad2388cad40f15bd3eb5d2ac9c644212e1c36308adcc45bf6e3091b7c36db6abf0aee0e998269874677933eca4cca23e918bc12ce8e22d5bc63486194b8f1b39e00539e359c22ad2c15c44f5cce671e50e9387bdb50c5fb8f5cd0cfb287b9b65722f4daea6f967438fee1f3388405a3adf3b1fd91098040b696add0f96ab1e93893f17f7ea571368116d212e371095708000100010400000800010004000000080001007b0d00004400040067636d28616573290000000000000000000000000000000000000000000000001c0000005840323098a3b342157de77e4cd1405a74c326bdc5fd8f446bdc548b1400098008000200ffffffff08000100000000000c000580070001006962000048110680040002003e00040067636d286165732900000000000000000000000000000000000000000000000016000000d96f4b39c3f89e4f92f79f59620341449348fc27fa4300000400020008000100b40000000410030087ad0dd3d9166b5f79c51a30b60a8668d9e3018229cb369c9b53c3499fa4ec21d67056f5a67f70c894901297c61630d56a7e249f63983b547f0ce4f9c9e028a7b0713539b83ff94e8959ed10b54dbd9e66f4792315e36d6a3d0e0a926febd5514fd7e2c7f58f7c7970d1f90ddf50dd001ea6b4bc06922627ed4325182af4f7c398b9fc4c03afd3317165556016548157da1944a432832b4182735611a77ec1f60a9872d7e731f6f7456f85715531f8d6a0d1b7fffbc7401fad1c4a58c0dc4fc42a441e5ad1bf0ffea1549e205d98c0afa8a244c61a32b689d83ce2fecd92f78bb1d1809015aaf2f91625d18a5890b52cac2d00b40c8a49569080e60643cdd177531f5047901d1c65fa6ea8bd0f09ee9e54194123972215e0b6d7e4dcf90148060b201e14690d7adb692d99fa2471dd78cf1762b2c891dd9b925bd434c6e34d605f4743809646a256d1b5e84fb8d3cf374132dbbd802fd23718d52310f9ce0acf6cf4174fe0792ccffff5ffbd30703f7387ebfa90f30a53ccd53e38175dc88958db6e6cb04b6363f6da74fddb704ce8d2ad075070840290c76af66af90d0a067fe8e49a845bc830fc3aec2440493b704075af09a859fe0309dab779dc834c497054ce3066bd99328e695913d6eea9980cbfea6cbf1ea57d687f1d44accbe285152601e276f6b3d66acceebac97c196338e52695a64ddba7813e820226166e0c643e9148becef65bf9ed47d1b6c3125f0f7f8d8726ec930f40839f1a789d1a0e1a0147efbebfd6d8bb7f5b57e50ab8efad8110f98e60a2d07379b9bf919a7dd3e0ba13aaaaaef08b21904cc7fe066d8a8104daaf4c623b3a280cfc7e8e29e82656e44f05b4d3eb8e4bfc3306da1b7f36e3b36d77401a1616c822c23f9e621c9116e4dee1a01064d3e75ce7d6ff2e8e9df4d7000ecf4987b8e202bf6ec6bc99f49944e24108af7e501a2057062047caa86d736207af68c9336d0a457f942c1e8dbf185777fe38d67773dad3c4582d604c6717098b36f8e3c020d18f723ecae66c31c6bb36706ff2d7efcdd57d5b014d3a5f2f6ba515f922f458dd220061483d106ed058fd7dd744d2ecf1c3f357570e44ac36f69143860f160816379f929313d689549ee858e6fc92b19521bf77115ecab7bc460e0af0765fb0f8615924770244a17f01a00f38529ce7984b43182150aa800ebbc7b734f8461ca277520bcbd7e4dea15521406a7fa13597b5ba8d9817867a7025729dd7e9cc4423e00fffdc63854203d282e14d95f17ff6bbbd63103f95612e4790a931ed006643301b9de27ceffd3b1a80a416ebde8998eb0e279a8bd036cb1fa0c23781b569ef4468ffee519a15628bb1e729949832630a02af046b9214ab12e86a098ba24cb213eb2221b6b927d683b9d69a5cd99b95cf6ae28bb3b81938162cbb7200b942e537ce8b6608cc2243c9ef01de2a1f2f440263499db87e851ed901567bda4dada46aa076a4a17e997b665c4edcb99d80622a0e8d3b2c1f9673c05d07fe646411cfdace8a5a9673f1b89fbc04bdc6e02b9fb22bd63edb3a29c815a8eeeadfd4da699a715a862db5e811567996ad90f23363732e161d2be7646c287c0ed47abf24d4b12e58a8a73188c260e33173afa54ca07ac61ab8cc110752fd60e2841e086b38b54d58e0e4204f74d9f23f9abd0f90b20a2e220b6cfdf3d8eb67e3df5013eb86167a3710c0e2b485d1d473adc6cdb29cf61f847e25354d83d9cbccfe3f5dbaf5a2a964cc958277f28cb2f8cfdc73ff3489121ab0bfaa9127e453035e523edc5a0495267c7f4dfcfc7a1edc39c31ada9aeb5815560f7540844b7857ca11972a74c4968f682a7896dd95d8392cf24e278169c3cdd7f00996a2069d55329dda6f0fd468d973a75de551a930cdf9d65331e64c36cfd794f6a25c5db4b627b21fbe4e9f1473134e490a82c5928032bdccc69e5cf2c968cbdaebdea39900a5c499086b0206c129f4b43b025481620a662b554693293fb6725eedced06bd4a8d3609daef99e3d1cfc6e9009f30d99352005a0b67cce6ea88a642e0a3c902737e0d9b1080516faf9ef4a9e49f92bd1628186aba040a3124f973b53daf76fab5d7a0bf193acf5fbe80467382006bb1961f0bf5376b206b9a462f7b0be8336e4e6cf43b6304f26f4969fbce6aca88869ee3cdbd6c8682b2fb24cb6181c9c3c565def2c0a1e03ea4667f024d7cb3633a2ec6244fb3477749bfafb3e24a8c6ffe1c4cf3e003a6c8be4839118df195cdd38b10b386f3e7ab7f48d2cc196fb7e64a3cdb2183869b5d79cd8a4b73a6c4b5e92e147e164c1b1e9b12c92d467e4831c0d5b806a70313ed3966ae76555523af176ba4345fb32799041ee498a27fb605b7fc66f77fb2f151e84d62a63168c8bd5299b89feff50d9d0dc18562636a6b1e1f8790afb6f3b28d6559c5d73768484d33eb729143d24361b3325e154b6c7c508ff4b22a65a5ccf984bb9811ffdb3be29e25a02c6ab6b59c6aec7f90bba3680e83f376a5cf709c30ae79dc4b26c89b1c2d0a1f560f5c15f713161949394d1138c68ba022761ed42a03cf095013ceaf010ea1c2ba1c9003d87696c9c3ea7b1960331e24a1c399edddc40307c7331b15bbecfbe37ce72894d863ca32e223fc46d5f3b8aefe89373d4a13374da29bd101a5a9d66e88cb223c1cb2dab4de43c85e5a328a479715528574051dba429b2fcbcbc4900a9a8ebd9f50bab87747d075cf08f231494b254d09b5203e94b2fdcd12c2e545519a05e4765e4f619cccdbf734142fcdbbb474d9f644ce42b6260a8fc383214b546d099cb2df23f20764951191e857902503180402bf84528da1c570b482713657777ecee860e4ebe186feecd1f93d2b5baa075a50a96e2ab358a15ad431a1e603d0a1373d732b27202f3bda819d8f9b17aa768fbd7596b21ac33dc8efce5eeea40adc8a19055efd32be8dc34599b6e64271c3475f6396f6dd4d55ead6daf6422a19e93eca49780a2282d32b4e73fa59e01eefec2b0411ddc6014cee84cd74d7865c6b1fb9f0353802af345594d70b88c93f2abb50e08321ed025af73b887908ae874a6cd9cf23b4d1ac8d178fc9e81193ea9e25865d98f3c9f5397633a28402f4d04f0cf878fdf2faae12a5b36cffb076e510a131f02bd9ad106390bd2d42344bc1f09ff88157876ffca452c18468d9420b702d79fc45c2686cc9c8c0b943fbc474c64fad06ce68fb30218b867c8ed82dd72a7020c0be479212efc79a2482e5bb4baf04e75e7af38d16c30c68e3c93295bac463b4a2dce10e57877427c588f23c6b8cb9e170b7f4d7663fba197fb3011909b0a973adc0f70f3299c9a5d3cf6702bd2888d3ba50069798e0cdf96ace7cf7e98a757f78b35455594b6e376b8e09bfff7af5d34e2a2b26ff5e5e174b592509fc7b3f49bdbf4e88166dd356a378ce42e5cf2e83d7774cf5d77d74576ea69daa7221284a9dd23b8c04b7a2d37cc5cb9e8b1332fdfa17dbe5fdf1705c376b33018e078c570ba03ba5868f244b5d436e4932175cbde4dad0a7e0d8c1eaffb789cb61247613fdaf11d9fb1c701e96246363c0b91f7e34a4cd1a48d288c1b2fa8d46e9c1c004dd35631be90d345e6bc1d07233bba0ce60324b146e1a23dbc9f24e9a3025a549b591212997a6869f9a3f1d9faf578742d894d4459369196c7f55ae05547f8f7965d335969cd6e43c9ab61a8897d8991a6899b27e0e1f6bb2d30f1b111a17892241e5036f38e3b4ff9b50c24da910c7f89a9fd3738123dd0bb706a5b4267f287b7a0044ee64c83e2c7639fd3fe686944498baf20d15d9b37d1d89cb30063d2e922ace548a4bc2544f5db0c0b783b0eb71b2a804ce5f200626cdc6a5da7e674e371fc7dded22dc864dc11ee19f6c9dc17c8c43a2ead9ec13fb46e61cad63ed783d3116c7d302d8045a63f8660115ce0e4547b270be6712ac49f6a7c84e01f63f6d17387eb243bf163b55c5ff5d85f6ba4902d030013e9eb0a14e2c38c592d4fda0ea49df6b880ed7511dfe3e009ac01e26a14cf12dcdea681af86381190fccc18388ab0d410f5c39d2a07b1a22db941c8637dece75c8285d60bb72e3e1b307f969c8a02bd55dc5b99045c8ba66b01efed7ad45721a22455ca8c8dde68d120cd57ac57bae2afb054b9284b9331140e050a9237ed7ab1e1ee1bdef8752f6e09ffa32158fca3496df8f973c849c88688f00e8e22155ed6b09cbcf1dcaa8ba420920542506fd5e09cd5771a4d7869555744a8c614afedd3b80f3c196e618ee0a9bd77f3bdadbc958ad42c7741528f26c92714fb48e0caf50773f7300f1a2d8224e189c17833e857609e6190fc236436134f43984e31e6cb3c40b4d9688d77d65024dc5e94e75c68062da0de4bc657adcef82e28bcae1c03449f9c70897c99f3510d40bd5b326fc4a4e08fe3f5bc751d21f3b063855b54613982dfccd3db203f4aba8e9cb9afab7730c76c9229be517ad63d6699c13c499ff819173928462fa8c5568b468de7f19c0b8d4e6d7d67d95d4a94fae1fa9b131941461baf832ce8780c059c67c69157482025b7c63fa0feadf89aa52dbc80dc843f29252965795a69fe1b152cde5909ed12009672fd01841cb1a01baf4088a8e71d6d91e885a9bad148defc49ca629539569bd6a0b8425ff64aed0703a3dd7e1a30c2a50414f452f2f9b249c1e09085861b4c69d23c1a936891dbfcb341c418da57c20b3dfb5acb4baaf7c13f152d041493a11dc5c7818341b268eda099c294fa2a46e20e3f159d968452cc3f943adf4a848a45dcf6ea8df6d33561bce56718e0ee6880fa5f7a9c958118c424ea708090529c373c2bc9b380abee4abba0bac294623adc4f56b5177fc9b14b0a37b8f4c98c6d2bf61c094fdba9a8c19f169fc3d0438c3cd5a68ff8d52a62cd8591ceac08dcde7122612659a2b9d5691954adedd9cef6306ef47ebc2e2c8e37302f79d6b8e0d92d82b40ce45c59eb96ea8300fc2d42dc8c235166d3a4e9084d72692237583bd796dc7bb7bdc9d752713336451477287179ce15e8b068f5ee0f60ff4626ec1229366d4edc7bdbe307416cd63f673523d73d467cc8beb3fa961e4d2317a4b5b0cedd58b664af238f53bdd5ef0300bd23d0ba8c2755622dff2a5caa4e56581fce57bd2361cf3c66be994d15205e2fe6be7cba54f6246db1d75df7d9efcdbe797e4ff87d1ec4b0b0e4c4b01355d13cbdd00775a0c9a39f04a5874ddfa2fc23c8c203182715ae63e678f8d908b954bc396829ddb473b6fda1e9ea651cd1856468b0d27031911bac1ac9dbc652e1e630e58abcaa44fe8265a35d477123c8ff241da03a895a2c45f8926b9328f96c7919ced2f71256c8e3b4aab2e43223d1759d07ba914a0a8a2ac31e39e4e9480d7c3c799f57861908642fc9ce73b937c48e8d359cdf38b96f1395a8039b1bcbe0dccb661538529ce7a84679f7f93320c6df2c7936b94a3a4801e46f5415455ed5ccfec22241b663017036f8028c9c8838853c5758fa7073ce864bac1b062dff88cd7089e1745cd118b3c13519075a2ea5a5e54b32274ef76f8a8dfe8dd411399e08a8153b8a8df3d7ea0f5ba7a504c6405ae5d05eeecc3d214de4516d9328e6a236f74e0fa411573db244e83844376e42989e40c3ad06d49f00add1d74ba64b83ea6653d031cdd0ab2eb12d328effb1c362768382c2f8d60eb2021092a80312dd8b9387577d89e00f44c4c244b79d60b16142a53cfdee2f5f18bf5e53738448c39545e094f666f19983ffee81066a7b17ba85195810ed0003009e378d0ee5b1675b2ccd4d2c372b42c2373acb4a45b694ab3f43ba07a8cb049f658de3b721c20d6f56c3dd9ba11ba5ce78a288af810d243a9ab81e321abe390d4a73bfd3ce4cfc64c9d2c8855c7eef419b2a662d46aeb982b217e2aaae948fa53d5a74316d0dda09236f6dcbbf2e3d8894ab22355042bd58e419e24358870d9faf657bf3c9411809a0197af393847be37bc93d763dfa55c6a5ccc872267a190281865957cd717f5cbd7d02fdf80cb2852ece2596184163e5a2c8aeeb945cdf95f2e2a25582ff20478af862c179adb6a798df87a50f0154558a6fa59f8e732a3cba1dbf57b46d9aabcf000000"], 0x2304}, 0x1, 0x0, 0x0, 0x4000880}, 0x20044194) r1 = open(&(0x7f0000002480)='./file0\x00', 0x4000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000024c0)) ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) [ 350.453821] FAULT_INJECTION: forcing a failure. [ 350.453821] name failslab, interval 1, probability 0, space 0, times 0 [ 350.490608] CPU: 1 PID: 17588 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 350.498546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 350.507898] Call Trace: [ 350.510490] dump_stack+0x1b2/0x283 [ 350.514124] should_fail.cold+0x10a/0x154 [ 350.518273] should_failslab+0xd6/0x130 [ 350.522251] kmem_cache_alloc+0x28e/0x3c0 [ 350.526399] alloc_buffer_head+0x20/0x110 [ 350.530547] alloc_page_buffers+0xb3/0x1f0 [ 350.534787] create_empty_buffers+0x36/0x450 [ 350.539206] ? mem_cgroup_commit_charge+0x17c/0x3b0 [ 350.539218] create_page_buffers+0x14d/0x1c0 [ 350.539230] block_read_full_page+0xb9/0x870 [ 350.539241] ? __add_to_page_cache_locked+0x2ea/0x840 [ 350.539254] ? check_preemption_disabled+0x35/0x240 [ 350.539263] ? set_init_blocksize+0x210/0x210 [ 350.539274] ? __lru_cache_add+0x178/0x250 [ 350.539283] ? __bread_gfp+0x2e0/0x2e0 [ 350.539292] ? add_to_page_cache_lru+0x136/0x2b0 [ 350.539302] ? add_to_page_cache_locked+0x40/0x40 [ 350.539313] ? alloc_pages_current+0x15d/0x260 [ 350.539324] do_read_cache_page+0x38e/0xc10 [ 350.539335] ? blkdev_writepages+0xd0/0xd0 [ 350.539350] btrfs_read_disk_super+0xd0/0x370 [ 350.539363] btrfs_scan_one_device+0xb5/0x330 [ 350.539375] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 350.539385] ? device_list_add+0x8f0/0x8f0 [ 350.539403] btrfs_mount+0x1fc/0x1fe0 [ 350.557284] (syz-executor.2,17610,0):ocfs2_parse_options:1484 ERROR: Unrecognized mount option "/dev/nvram" or missing value [ 350.558370] ? lock_downgrade+0x740/0x740 [ 350.558383] ? _find_next_bit+0xdb/0x100 [ 350.558394] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 350.558411] ? rcu_lockdep_current_cpu_online+0xed/0x140 02:43:45 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:45 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_DESTROY(0xffffffffffffffff, &(0x7f00000014c0), 0x4) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nvram\x00', 0x10000, 0x0) ioctl$VT_GETMODE(r1, 0x5601, &(0x7f0000000080)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x3, 0x0, 0x0, 0x4}}) r2 = syz_mount_image$ocfs2(&(0x7f00000000c0)='ocfs2\x00', &(0x7f0000000100)='./file0\x00', 0x2, 0x3, &(0x7f0000001340)=[{&(0x7f0000000140)="9126851f9636be37f20265f3c0e5990604c1639080f99cabbcc92b08e17449719e5ebf679266ebc553bbe61cdd0250b2d7dfd40c0812899e3427400f129036c9b7ad66922dc363dab55f2ea8013bfd9ebc5313750d5c955893731481289cfd1e09ddd49f084cd17372163426898b0526899f98b9ce97a2ee9cca83eb1fbcff766b6143cc96e9c76a20ccc151d60f74fd2f364f1dac4d75b68ded8c7e0d210cd8bcdf22f1d733a0c50e9fea7b7558065c1a3cb85174140de34267ecb6ea7224c7717098af4bc9088a417bed7837032431ccf530c30fee5d6ad5dde9db4959736fb06bda5cd2e75d13185c601a861d55a4191d96d56c6931065366b2fa1d7a1cce1f551b358f5211e2144e7794d9323a37f71b962abf25aae974ac20254b755233b2d4da15f2665556540582bb5eaf9b46675262e7609fad888f1c023f683f4af0c2ade22a8572b88f0365389a66209b05d24d638d0c9ff321890bbf62e0c59a82055fa5adf9f8b90c0f180bc535545ac7e60a7fa107ceb10b5224791fbcb6498cea1bc06ae065e12bf61dce2e708118810faf62cf042edcee5dfc82b797e02189cdea3b03e7ff41833d2b5d07b81fbb94e97e4dcda7a4d73f57ac7af37376a70c3db4d7343628a28df36eb3da696378bc38758125f8c5a839202c24b73f7bb0a76907f7cfa535d60d9ddfba9edb470c302234774fce596d6852729c68de25dead43884e525b420ce98c8f5c5bddcde3ec4d54ad51b99eb010054f0f3dbeb5388a9af1b75e0d11f8054df59eac273bc800900caac96654f982e849f587cf9fe416148fd337bc875d2158e6e5fa5c17171613957bbb8db0df6e2710995bd348c12c2c586dfac4cbd7e524eefe7f4779cc9f4368ef25a696a475d53b20ec397fc6f925a5721108f29304c6384157220c68206bbf28c97d69041552362ce1bfa64bd02f75418f926809914e8ca584f3957fdddde160485f7c58d5f752ac86a4b53dc572be1e5519781749568cd2047e789c31abd56ea5ccd9163e57765ad39669d9e31d7c41170fbf30c806e17dfbc6b379e0deb825a41c1aec64fa2a5ec7c0e81fc81045264f836f1e7b083ded11c0e482f8e9fbdac26669264f51794647ce0195545de604f81ac228f28bf3c84641e2e7057fcbb5c64c6a7ccee337d1e8059aab786c6b687db0c46812de48647ba42543fd34aa653fa0ed8eb1870ae0037579e6376c2ecb0a0e9f92f3bd9ea4738d0d7fb848c2822c1f6eb54b9244144af499ac7e731e7ee28bfbecf87b58f77f9cd5c52e4b888dd2b1b57b2220c878aa966dfd2ace4de9ad3b35f8077b8ad192015aac1d1e93024e2f8689929c0dee85498e17843c828e5a41198868ed0218e2dafe7d24cff15f2623ca836a6ecfac8fbac804864c6b404e0bad040d5c26a5ca55afeae893804b4645ebae8ec5899915dce73d47cb1abb0ca45d9e2a90583217e67c7c08465d12cdf45aaf76278331618768f0bfadc13011eb09f619be0553b0aa46bdcecade0cfcbec2fc491eb0aa07c2f18a500d779a5afc237819ae9dd5ac2f11cbcdade4bb37d71d2dbb847ab042a182d3878683fcc182add61b41e466bdd05866348b198085a9beaf9843ccdb6229c6971aaa0021903e1874024130f03b85bd9a3d8b1de7e536857ed54270dfc71f80ecdabd1ec0495a0ed6d30906c3d4c2ae8310c04909775e1ba31f1715e5a4dbc287d9758b8dc619066bae819a8d35fe152d5aec2ca734f0e58f5ea30eef5261a1f8a3ca41036819b7cf49a2b026ce9b22e870457435bdb80fc3564389076470a07f1a5ed410ddae4f7cfc1a6a0d8caa5bc51a282c631b88fc33957c3dded6cd2441eec665b22c460ca40503fa88b0d924999c951b67fcea02484d8f18d9ea19842adb4a0cf51bbbee8b022b9bac71bb3bd26809321cb675e98773430c6596944ed9db12d3333ea7f69936f8728c7127237bbd826146632aa8fd2894872b34bf66adc31a8f119b48d1b13b8c0b121d4411cc17e55fc76dfbbae6573a1218f6d6303607a9f39b97a99e975d1da7ec83ec637e2184225e6137e8c05edeea09394da8e5ef3f8c531816f10f60bebb8873b25b7bd09cf8b8ad35cf52fdf395e582cfab94a1786b0e3330ddde0ab69a8d8c2827cf432c5813b41e94daf0121a5abd3c984db6bd2f2271f2b0163fe0151c09bf1dbe9dad61223f6338e2190908ef561ac1df019cb686a43411642098951fb9d44a4910e0268bd6f7c97612d4af894278deabe608d56a72aaee0fa47334e22e99046dbd5b95523b076a7c518cc4b08859f8829e82c43fc014141317cb75234c121057203825a12898566cc0ba29d314da18e2297eb372316c20c1bb2de738d57b7c3477a1268ccf5e441bcfec3613d50ece61da8f7fbac49174d395f50fbf4807a1fee3eb642b72b5d7591cd8ceea8d06c0ea04a481e3e10e0e03014244a8d991b3dc7109bf11fdd7c68a522d9a1eb2394a7625d0bd89f6c6a9d2932ee3d16a3f6ae91fbf5f5045b8aeb2217b9661ac0c14028d62eca16dc3f567e4f6d6ef1c6bbfa90e00c7a6818c96d02e54c6b9f7cc46f633293b283c46cfe664b4963eee6c481bcc2e44eb778ac46f082e88e8815bcced1352e38fa48ec61319c2fa7e2465614ef15b3d9322826e44532e7b9953cf181ecb926b73008b846697bb99515ae31e13abcae5dfc7bc47a99054aa4bf07053ff1d85eb51e7343d5b6fba42d9ad3874b57745e5af5c33b56e51d406d15259a5587e83974247bee947466a98a8cf10e1376a0dab3630ad19e716a15aa55396e07c11b71ea2d3684e0e518e644012b1827d6c66eae40e890c3697896d7968403f76f6011a5a59ce8802175e40b762c306625b85982a84b0ad010ca547daa79b757193135af7fae3500bd0c867194e0f8a3586b0c14dd956845345cfff0f3dc551afe89a53dfbc739bf78fe9dd396c534716922ce2e85d0b98cdd9fa99180d9900e994373d771b5468cf26a2bc1410a92b10196b6598ad3869b726341db8babdb2170c207dae86d399ad25684a8458718db6cc2cb4abd6386d9d70a0abf06c1bc220af61518a14d9216742257464203bb963df4410c249b1ab4f301f4384518be45abd4daf585a4b435ae286b7356b56c663b314d6d24ab23b3ad30a1a2001c8937fb92f4c6b4a44c031b38cc5a6b764ee00b53658473b29d40fc87b62791a2b94abfb1fd81c512f4bc8637ec142f5e474b6181d8deab89ee957ee4e7215c63125e0f1db3f5cbbf98442f61b648fe14999585cf73eccadd23c6ce49eb3f4200efa8fda0794a25ce75985958a78d9a1f0a1c2b8a7ab50b683feee2429079073b6c96ce74fb5d8af07dd2bfcbdcb035878831fa8f4888230ca068a4abc04692125abb873060dd35ba2a04dadfc243a237a67c017d3c6ff3a1ca4c702ec2241519f67c1df0755f1f2a61fd15107de995cb4378f4ef44dc814d9492996ca0ef6bfec29cdb5c2d3b55110c5c5122b9d68e9b2dad5b5fae0d2dbc89096885e1f0b04837592f51f87d65dcf18d2f66d5c75041fdb3e4a9f0f132891ee51865dd7b6170b630c85a188407c798544ca0a550fb18fe00cf0e1cf3550069e9c9c6a50149c9b3df33aaf60d5a9a1e630c187f64126a76990ed9c127009d5e09be351c1b826c1c6aa107b9a1234fce08efa48dfc5a6a28b67f5c4eca22c681df00f0204e019e06798c4d301051f3e85154d65e16a53791825f17f7a3a895c08ead14397739ecde9163202eb826580d6d653b1d65279ab5a32693454e629dff6e61dac0c61ff75294f5b6bb38372d61433b0df268e9598b6faeec1f0b2fd8b73f9cbea20ec335c9dcbc68b6b691d7da86fcb53de1e9feafd42381b5a81eebac7ebfa30e358269ccae6f533a966a57476b6ffd2e3787c923a42bfaacb5e0fca6c8872a15dc891c73f8ba09c2a24ed49f93076fac1f7f1d06e43509663d1f228c8b6630e8fa79b96e99d59a03a298093608022539fbb6a63fef1071081aa87e4dcb93adca8f709ba2723bf39085cb4ca069327a9f8791c14c27ce169c2d63b090ba80a5dc1f9f03a4e8787cee03dd27731816ed145f9c58e9780b651bebaa309967463bf7aa79c795a0a0131db36330e9eff0536d379bc3826460e71ce9954a2ecba7506a6f761733b353afdd7b0cd83658b709586ad51a138e2f707bc6a0771c5395db87099455e059d4aa39a9fbadbb66fb797ee7864b67c46c04e0d9b332307f22cd0bcff434ba2704946efb6248e0874e81e6a07d28e5de2babc32e483493b78a221143417e4541949149bbd052f9cbe90513bb97cc9568e7fee653efd367390fa85f181e41a9d2405244bb4e2b7eddbe10177795a766b9e983a7215f1102ae9de425ea43fe0f6f3108fe7df7a9fb6d2269652ac16e5f872c2cf4d31eda21b8cf1fe5f0f848021481d69a93e4fc14dd5b25f6c7389d0463f69560430447013cdebbfe5e2940281d12f1626675b893957fb5901a04e050947a613a1e50b13a98250c7eefa3a83e236c1a98303953431e70354cc4c99edda31f926a00319eb73758e75769f8db93afcb6f90cdca98c86129e3e23c3135e84f61dc4de24fbc2c588b34e0a8d464ecdaf48acd1731c0afa5ba3032336ab9e7d0ca59d2c19961a752521f47f6a7cfcddb84e6d40a5ba977dec58c8b0a9cccdde42db39c79948792868a9b03d6e161a941d1aeb5782bca5a53fe3d9a3906be25dd64060a5396fa9a3e80bc45a9e15245c61d241a0178a68c629bbc1badb377922b59ddcedf6aae7282974835ee3745670990eecf33a7be7d39286b2f650e0f3c371de813b9c661877b1e342060809726e9fdfa38084c4a5f036218b7a504693f389e2b1c1ae4b38437434a3500b5a7628c981af7056af11a7d02b49410b0ffdffc39f847fbf0ca1dd3b44c54ebc86e8746100da64727a4b6ce246d46e3b2d243af14e75b3b0e63f00e9d218e5bf3c6d688528f9fb123299c2cbbf87c7c7c56c94db211745261609c4706149fa84a9e6d3b7097d4efa9cfba6e5bba8a1d10cb4dfd5bf0bd847167fd1daa5c862f608d16b28e675d88174ffe8dfff9728a2259260546c28878aa6c497d20fa0d8e7dc0e53a71c2f17c9c8771e8c0676cc2d2c7307171d04252461c6e0694bd0f6d1bf8b936cca3999f32646a5b87aaf3ddbaccae5ef87732bf070ee77cd177833db6b7e18c9962a361d5354f459b35bbb607e751107d952b97295ee8ecf798030ba313c860418ca913c4e020a6a0b865067f053e8eb98cee05ef9cb9d98cf8a58c68b30451d2d49c3cf815a77909bb138d78dcc27ddb8040ba8e28e1858a12bb7033eaff6690875dc0f3a2097fb43d3b934c546b50f99cade0626db1c1393ae81024ba7a25684a51adb5b47f0c7c42e9694718418cddeaa8168e51070345b31472f8b47b196cecce781d49d926f19c88c75548dc888edc599d3443a889c2e0a256ef0f242a9003d9ba394a01f3bd532d684865a1af8444949ade43d9c408086e148290a2c56855eaae0bcdfb23831fb7ac29f9dce6ea592d2e26c4eae4f68b81e53f641e8ffdadff5e895162d5ba6bb089fbdc854592a3c63a5c7f73d001e0df9d085dbd6e3497a6944da5c184a91335b673454f224e006c03b23762c7fee6a6ac4be60edf6d88b085c45cc5d244bc5db38ba4ea2249e68e529e8f90b5bd2a1b94249fc6c06813889d04dd3c53ae41c7cfd963238d91bca2328477d94cb9f94df14aaee0f36bf09208e18cdab475cd4b990004a6b42da0464277c3883358c13eb1c7ce6e518a8", 0x1000, 0x100}, {&(0x7f0000001140)="6d7554c538ff0b817ccec0d5876488fe88c9e2bd13f082e8d7cc6d07054723f6d1eadb84ce63c14663b1ac59118185cfb7806b5a1123769343e6a98a2357e82258edfd09dfeb615da6c1608db9570193f283940bc6b4e37e1447e2552eaee7915a43e657965427616a9bac2de83dfc7fa2e5ad106f718841062c1de6834376ea3a25438df3f4e76f9ecb0abac5641a87051bf3c7c0bd5e7af9e782c82fa72e2b45178fa350756a047b794abd99749c7fa146b6d318384ed586397edc52bfb68d0238b85b0346593baa1e", 0xca, 0x1}, {&(0x7f0000001240)="ad3a1d3651a3ac06712b52e79f52effbcf6893daa704a0671a59b6657bd2b49b45c04568988b9dd3e681f3c91ee6c5ea78e9a3c49e1cb3eaff8accaa94e3c0cdac244b2f4074e790b6ee57d1ca3842334e0f97ccacbb61effda78a1a98f5a4f81d917dda5208dc21bff99c21d5af1b6329058327efcdf7fb29f61abf7e893052e334af9fadb849de7a5ef2fcd2208d0946105d94b3797d5159816af15cb80c004a3629019792c305ff3ccb68bd6fd303283fc709b4bad2eeea69b92604ca5833642f6fe37852924f5aaabcf3f75f954aa5b9c135664f31", 0xd7, 0x1947}], 0x80, &(0x7f00000013c0)={[{'/dev/nvram\x00'}, {'/dev/nvram\x00'}, {}], [{@seclabel='seclabel'}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@obj_role={'obj_role', 0x3d, '\''}}, {@audit='audit'}]}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) linkat(r2, &(0x7f0000001440)='./file0\x00', r4, &(0x7f0000001480)='./file0\x00', 0x1000) 02:43:46 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0xd014, 0x0) 02:43:46 executing program 5: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, 0x0) [ 350.558422] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 350.571100] (syz-executor.2,17610,0):ocfs2_fill_super:1217 ERROR: status = -22 [ 350.572276] ? __lockdep_init_map+0x100/0x560 [ 350.572287] ? __lockdep_init_map+0x100/0x560 [ 350.572299] mount_fs+0x92/0x2a0 [ 350.572311] vfs_kern_mount.part.0+0x5b/0x470 [ 350.572322] vfs_kern_mount+0x3c/0x60 [ 350.684603] btrfs_mount+0x42a/0x1fe0 [ 350.688407] ? lock_downgrade+0x740/0x740 [ 350.692558] ? _find_next_bit+0xdb/0x100 [ 350.696627] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 02:43:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, 0x0) [ 350.702613] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 350.708062] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 350.713078] ? __lockdep_init_map+0x100/0x560 [ 350.717574] ? __lockdep_init_map+0x100/0x560 [ 350.722078] mount_fs+0x92/0x2a0 [ 350.726317] vfs_kern_mount.part.0+0x5b/0x470 [ 350.730848] do_mount+0xe53/0x2a00 [ 350.734415] ? do_raw_spin_unlock+0x164/0x220 [ 350.738910] ? copy_mount_string+0x40/0x40 [ 350.743143] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 350.748157] ? copy_mnt_ns+0xa30/0xa30 [ 350.752045] ? copy_mount_options+0x1fa/0x2f0 [ 350.756539] ? copy_mnt_ns+0xa30/0xa30 [ 350.760427] SyS_mount+0xa8/0x120 [ 350.763876] ? copy_mnt_ns+0xa30/0xa30 [ 350.767759] do_syscall_64+0x1d5/0x640 [ 350.771649] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 350.776836] RIP: 0033:0x46090a [ 350.780019] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 350.787718] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 350.794979] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 350.802278] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 350.809615] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 350.816865] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 350.843238] print_req_error: I/O error, dev loop2, sector 0 [ 350.843285] audit: type=1804 audit(1606963426.272:165): pid=17608 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/264/cgroup.controllers" dev="sda1" ino=16081 res=1 02:43:46 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:46 executing program 4 (fault-call:3 fault-nth:68): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:46 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) socket$inet6(0xa, 0x4, 0x1) 02:43:46 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, 0x0) 02:43:46 executing program 2: ioctl$VHOST_GET_VRING_ENDIAN(0xffffffffffffffff, 0x4008af14, &(0x7f0000000040)={0x1, 0x200}) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x9a04}}) setsockopt(0xffffffffffffffff, 0x0, 0xff, &(0x7f0000000080), 0x0) 02:43:46 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sysfs$1(0x1, &(0x7f00000000c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q') sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0xcd1, 0xba, 0x4, 0x1, 0xf9, 0x5d, 0x5, 0x6, 0x0, 0x8d, 0x1, 0x49, 0x0, 0x2, 0x20, [], 0x2, 0xffffffff}) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) write$UHID_GET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000040)={0xa, {0x7, 0xed, 0x3}}, 0xa) 02:43:46 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:46 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) [ 351.019376] print_req_error: I/O error, dev loop4, sector 0 [ 351.032642] FAULT_INJECTION: forcing a failure. [ 351.032642] name failslab, interval 1, probability 0, space 0, times 0 [ 351.073635] CPU: 1 PID: 17663 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 351.081564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.090917] Call Trace: [ 351.093510] dump_stack+0x1b2/0x283 [ 351.097145] should_fail.cold+0x10a/0x154 [ 351.101314] should_failslab+0xd6/0x130 [ 351.105287] kmem_cache_alloc_node_trace+0x25a/0x400 [ 351.110394] __kmalloc_node+0x38/0x70 [ 351.114190] kvmalloc_node+0x88/0xd0 [ 351.117904] btrfs_mount+0x911/0x1fe0 [ 351.121717] ? lock_downgrade+0x740/0x740 [ 351.125868] ? _find_next_bit+0xdb/0x100 [ 351.129931] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 351.135913] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 351.141368] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 351.146391] ? __lockdep_init_map+0x100/0x560 [ 351.150885] ? __lockdep_init_map+0x100/0x560 [ 351.155378] mount_fs+0x92/0x2a0 [ 351.158754] vfs_kern_mount.part.0+0x5b/0x470 [ 351.163258] vfs_kern_mount+0x3c/0x60 [ 351.167064] btrfs_mount+0x42a/0x1fe0 [ 351.170866] ? lock_downgrade+0x740/0x740 [ 351.175011] ? _find_next_bit+0xdb/0x100 [ 351.179078] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 351.185083] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 351.190530] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 351.192771] audit: type=1804 audit(1606963426.512:166): pid=17670 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/265/cgroup.controllers" dev="sda1" ino=16017 res=1 [ 351.195561] ? __lockdep_init_map+0x100/0x560 [ 351.195570] ? __lockdep_init_map+0x100/0x560 [ 351.195580] mount_fs+0x92/0x2a0 [ 351.195593] vfs_kern_mount.part.0+0x5b/0x470 [ 351.219229] audit: type=1804 audit(1606963426.512:167): pid=17672 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir430928317/syzkaller.WSOdxw/414/cgroup.controllers" dev="sda1" ino=15762 res=1 [ 351.222446] do_mount+0xe53/0x2a00 [ 351.222460] ? do_raw_spin_unlock+0x164/0x220 [ 351.222473] ? copy_mount_string+0x40/0x40 [ 351.269324] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 351.274318] ? copy_mnt_ns+0xa30/0xa30 [ 351.278182] ? copy_mount_options+0x1fa/0x2f0 [ 351.282699] ? copy_mnt_ns+0xa30/0xa30 [ 351.286576] SyS_mount+0xa8/0x120 [ 351.290014] ? copy_mnt_ns+0xa30/0xa30 [ 351.293932] do_syscall_64+0x1d5/0x640 [ 351.297845] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 351.303049] RIP: 0033:0x46090a [ 351.306222] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 351.313905] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a 02:43:46 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) 02:43:46 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) [ 351.321152] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 351.328403] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 351.335693] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 351.342941] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:46 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) io_setup(0x9, &(0x7f0000000000)=0x0) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) io_getevents(r2, 0xffff, 0x4, &(0x7f00000000c0)=[{}, {}, {}, {}], &(0x7f0000000180)={r3, r4+60000000}) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r5, r1, 0x0, 0x100000300) 02:43:46 executing program 4 (fault-call:3 fault-nth:69): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 351.516302] FAULT_INJECTION: forcing a failure. [ 351.516302] name failslab, interval 1, probability 0, space 0, times 0 [ 351.527527] CPU: 1 PID: 17696 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 351.535408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 351.544761] Call Trace: [ 351.547355] dump_stack+0x1b2/0x283 [ 351.550989] should_fail.cold+0x10a/0x154 [ 351.555148] should_failslab+0xd6/0x130 [ 351.559131] kmem_cache_alloc+0x40/0x3c0 [ 351.563202] radix_tree_node_alloc.constprop.0+0x1b0/0x2f0 [ 351.568830] __radix_tree_create+0x323/0x4b0 [ 351.573245] page_cache_tree_insert+0x98/0x2a0 [ 351.577827] ? file_check_and_advance_wb_err+0x370/0x370 [ 351.583273] ? __add_to_page_cache_locked+0x1ed/0x840 [ 351.588471] __add_to_page_cache_locked+0x1fd/0x840 [ 351.593486] ? page_cache_tree_insert+0x2a0/0x2a0 [ 351.598328] ? lock_downgrade+0x740/0x740 [ 351.602473] add_to_page_cache_lru+0xcf/0x2b0 [ 351.606967] ? add_to_page_cache_locked+0x40/0x40 [ 351.611810] ? alloc_pages_current+0x15d/0x260 [ 351.616393] pagecache_get_page+0x300/0xab0 [ 351.620721] __getblk_slow+0x1dd/0x7a0 [ 351.624615] __bread_gfp+0x206/0x2e0 [ 351.628331] btrfs_read_dev_super+0x79/0x1f0 [ 351.632737] btrfs_get_bdev_and_sb+0xd3/0x2c0 [ 351.637232] __btrfs_open_devices+0x172/0xa30 [ 351.641731] ? find_device+0xf0/0xf0 [ 351.645446] ? btrfs_mount+0x9ee/0x1fe0 [ 351.649421] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 351.654876] btrfs_open_devices+0x98/0xb0 [ 351.659024] btrfs_mount+0xb24/0x1fe0 [ 351.662829] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 351.668810] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 351.674263] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 351.679282] ? __lockdep_init_map+0x100/0x560 [ 351.683863] ? __lockdep_init_map+0x100/0x560 [ 351.688359] mount_fs+0x92/0x2a0 [ 351.691732] vfs_kern_mount.part.0+0x5b/0x470 [ 351.696235] vfs_kern_mount+0x3c/0x60 [ 351.700038] btrfs_mount+0x42a/0x1fe0 [ 351.703839] ? lock_downgrade+0x740/0x740 [ 351.707987] ? _find_next_bit+0xdb/0x100 [ 351.712047] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 351.718027] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 351.723476] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 351.728495] ? __lockdep_init_map+0x100/0x560 [ 351.732989] ? __lockdep_init_map+0x100/0x560 [ 351.737485] mount_fs+0x92/0x2a0 [ 351.740857] vfs_kern_mount.part.0+0x5b/0x470 [ 351.745353] do_mount+0xe53/0x2a00 [ 351.748897] ? copy_mount_string+0x40/0x40 [ 351.753127] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 351.758145] ? copy_mnt_ns+0xa30/0xa30 [ 351.762035] ? copy_mount_options+0x1fa/0x2f0 [ 351.766526] ? copy_mnt_ns+0xa30/0xa30 [ 351.770414] SyS_mount+0xa8/0x120 [ 351.773858] ? copy_mnt_ns+0xa30/0xa30 [ 351.777741] do_syscall_64+0x1d5/0x640 [ 351.781632] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 351.786818] RIP: 0033:0x46090a [ 351.790004] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 351.797709] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 351.804978] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 351.812247] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 351.819516] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 351.826785] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 351.857063] audit: type=1804 audit(1606963427.292:168): pid=17701 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/266/cgroup.controllers" dev="sda1" ino=15922 res=1 02:43:49 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1", 0x3d}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) 02:43:49 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:49 executing program 4 (fault-call:3 fault-nth:70): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:49 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}, 0x1, 0x0, 0x0, 0x20004008}, 0x840) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:49 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) r2 = socket$inet_sctp(0x2, 0x1, 0x84) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = gettid() wait4(r5, 0x0, 0x8, 0x0) ptrace$setopts(0x4206, r5, 0x0, 0x0) ptrace$setregs(0xd, r5, 0x0, &(0x7f0000000080)) r6 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r7) r8 = syz_open_dev$loop(&(0x7f000000a540)='/dev/loop#\x00', 0x40, 0x2100) sendmmsg$unix(0xffffffffffffffff, &(0x7f000000a640)=[{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000001c0)=[{&(0x7f00000000c0)="502afaed7001436b1c857409e8febf8fcc5ecf96bc85c708c157b790f6c6f8fb569fdcffdec75ff46b64ba3d97c67592db21c66666cefa9e45688bcf22d37fce90edb4c9dbc6e05da151e8e7998ab9118a0bee0c7f6eb384ff036b9c53c6a752bc79515a3f85ef9926bc88cec14ef887390b0ae2344fe1a2bbbcc0dc6625e3851a5b852ebae05e8e966e14b9171dd3371e8c0e0225944300c7f8a914bfdc970fa65a78855c4fdf06625b95c58ffae5e06efa2cc4c56a821cd54a4b8e893ffa92932c5903a0b6dda8", 0xc8}, {&(0x7f0000000380)="4b39e9eb0d5d13afd429903b23bf20e9f29b8445a779e8f483c4e184abbacb3e56fe00692938cb65fbc7da3246ce2fcdf6381641c55584f050d5d2ff790d119e4aba93d7c9d05eb3b2485dbf9e376d122d34885e1a0b36019a6f421009b090f3c3174444924f1e2822fb8ade492241b35163ba214b34d1e20c10b62c602320ea4fd0edab23f14eb9fb9e2bafd19f9c758705b4de1b76bc6bbdfc3dcbbfdc1ac805278a70c4ea63ba44e05bc5d7e36f265deb0e9c8a6bd8912c8aa2b29dc9e21144c33e01e859c4ba4b2e0ea7864aee917b78bf3d3c37b1a142f2566fc691d344f08be24e70d015cb245e8d0888440a16f681c0cf9ae3a250884df96a9e6c0963f8c20cb6da7292768ef5a8c7d2cbd4ca7accb534534a128ce2f66edfcdb440824af32a2be0b902ccb7f260120aab2692bb51be205a9de0af68f870ad4ed0131747b39c2f086987c79c71c658cefceb5d543b771272ba8eb45fa2f878572671b786cc303685a069239d26ce028e55ee83a99e2ac89e8ed8499eec9024278aaab1fb0078242215fa8785f33a1dc53f897e2e0233b6fc4deb3b29fce297cb5714a55d86c544aa7946522743c3458d1793abbfcc2085c763c762980b4050313c9dadbd2461a077ac323ef7fb8541f80554b23417420d91d50d8d96110f6b49d833d52b0532d1c84725bd20b0a5da6ecafd7098b733340aea216f0aa94d262f44ccd8d8457a4709a5ee8584d82e9b265a2de6ca1ea591d136f8c0316f53375e41df8de2989fec52e05914b2763a6ea7c65e5541278b39d23a32882807d267756641eb21b5379e8e54c9a575d37b8c82981ca2a187ae2fc335c38a67524f6e83f43b36963e278570866963def0dd1c38771064520a11d8b06e95ece77faa7abd59934581a90854016af4d410781fd6f25758a0e912413d79a6054b5d57f2b32ad7ddd438c2dafc865b019e8487bc81ce396a42dae6e4df4fe17be0c26a54ccf61d0a56c30411b2d5e58be95e23e9897372efee107845add5498f3f4fad27e66419f0a48322c366fee08e082cc2c0e10be54ebadbe0e44d4884b2e3ba5e7c65b6899302982227f71e6ea56650666f250a9f6b2ac4e6e104b3e1371a0f278acc65096c71a9091f8eeb95f043ef3f17da814cd25b06a2d5dc2304829b0708e601007b0b4ee12375fc09e70656e6b6105aac7f7c376de184d18231a552f26e3d19f98bfc1464ad3e89a156ab527f101a213a57beb6034b727ad082124b594dd0abd179f95a587d36f191b33a4ddf4892b526e3ec4e9640ca63f1e21a5dcd81266da7066e9f5486424aa7016da2bc24b0c1b015343210b0d44cb6150f61407c0013a740f0f00e0b1d6a80b8041907906ce222e5a0b4f5edccb041ae2e29d6ee4711131d24ebee899c67c2cfd0153289caec25ee971fa6b7d9bfb4ea1cb8050e598b381f8bac40a1248ec68ed7da277ea4097d4a3452cfb8a7ee5ae5d13d7190b7a061a74c294e258659b1e5202e15956883d2babca188ec16b163f8238754ffab61b3b522fe6138749d2349c2a34cade254ccfdeca306145780e62b57100034dd3f9f7858547ce7298d7770b62a2a210964742672c6320a3f0fbf9a17dcc2d347786319e4a14ea238c55b2997c5c294bc78722fce3a82e3b7092cc43b6354b1b0071b67cf0d04cede59b8bb878f30480da806c3a90f2602b6057f6b8bd5f40b9333b5eb4bca70373545d21f79ee521e99388ab7a542fb1fe3ced815a5ec98b20b293cb62a215dfd41ce1a35823fa2f5c53a686cbe0efd30c7160dc71b2e6c253df5c303c3d0e181b3601ab688a040c18f28c5a262659225807470426f99447b4a9b2788a0f856e06b7cd4e6cf2f615b192a1351965da294d25ca240256fdc3d7bcd9dc25f40c34b521591f2014f4915e0b746016ffede4586bc22d62d7c01c81299dd5f0084c62e0b76ee8c92a7776f59e7df0ba31c3b5eecdc6fae8bc652b5ed6f6ee0981bcf51982aa5b0dd061cd9aec9c53575eb44237f5cc9ddc59ecda895bcf47e7eaf5ef7dfc1f1321a2219640c5c87989f3cef89a0618b5d0d7afd6e62073402d70ebd648b585b2abd0be50e2dcd8a74a14f15e3b206c8e56bd33c22ca6ab18412fdc032117582126284352b67310d2905c162286133b034924fc0c8636c40d60b12943f7a6e177b69d7521de7ed0af835d380b6cd6a752a17c81d40d43669b5937070b08f012d745b762ab05e6d80c83c96e52390ac2a0310a51ea86c2d48373c85e63ffb942c735658f9a72aa1bb34e105f79c0b06ffaeab075ea3a018d6d1adb09f03d44d4bf9b154faa5d290e312b1cf3d6d1d665cc0c903382e10bb8e2c35f241c2b79dc28fdda15cba39bf292a812007e603fc23c8373205c83a627ee734d623b8c1a2a58c80114cb0fd61b9e02284c4b577c6ec48431a57f6a4abd5dfed1c23191717d14287389b07d3d62ea7c90a18fc744af272077fdf2c8790e76f16f0f24ea80d2f60aa2d67f89b3d997fbe94e1773c3d39bd75b736e5328399dc37098f408219ee38c4c398ce71692feae632144b45f9daa3505ee3e5509cd956c2a60ab6fba089ee196ae7b6785fee0ef88f90547e6816d261f42836da9b23abea9a9427f1abe1ad42b29be3e3d599064639b5ae55095c47a1c37d369ceea47e05c387aafc26bd884eebc8edcb66bb393740d52077448fba93f5d04541fa18840a08b0a8eaf14d2bf02b5f5259230c2589d786141e59dee8ffb9dfd788d682886b456c5afc94ef24188047e67f8163ede6121caa74e379d30882da5e49dbc0ba65e8b2cf2c66527ef0ba8ab0dd83b778fb287a10f587c65c09d9ed887641b6c6c2995bb1271afad07924598ef54cc65c5a5a1371aa72ebf5ff78d6fcb58fbb172f1c8cc0382d6f54e08e1b4241b91c391926932fa10d76fcb2c131fad5a66c07f8a397a0a3a12498af356d11b3da117ba5d88abdbcc486f4c1558cb1202ae3010bb8c2a1c9007a7957961f9068e8c4286c4cc2f55aa2e074fd037bfe4f24aba519da79301d6c84c61ef3e06524a7e6da52867954147251d5506c2b9d24341c4ea9a8f06521a4b9ea30bea62fb2c1c2541af02b405415f55dd10ed3cc7fa15b49aa701782a84acc3440f8600979440a638e62e27861fc429a2c7623e8fe5653119d8516f0f7c0dd2a280327adef2dee7289a356d03689261c8228e99a6c6cafec6a3dea31aeb816a3fe65942648a06c38e7ca7f5fae4ae231027fec94f07334fa337e13d41450fe6c064b28d35d6f6fde9cf3d203872576b26f3785c0ee169909553d3fab477350fe344dc804d0034d361111a00beb96142c188f62f5a29a49276b972633cbec243122294e28eebaaaa195ec30fede03bef0318d7b521402c4fb32fc8c440e49daa43796d1ec687f0e92d72e26be2af710d52402d93001fdfda9815d3c75f59e616a3f3823a4fc124214de39fc6fcd38771ade59f481cad56caceeaf171dec36c238106cf2b7a119a8a183601e6c8c05916ef7be2efdf81dc31027150dde9e1e849185f464ef4eb98f8b5172a58d35877a7020f84868a707b1f97a394b40c184b51747e27b42be799139c4f051098b8ca0165cdd3d1cfccb28d77d53247cf39d6ffbb249656b1654611a0d502888b88d2307eee0aa72ae1e29d5c74fc3ff69daa4666df9e86243a58e9432cf4d35320dd059d822d63f4687ca0fcf6dc2c725e5668d51711d584169f7a4827f08d0a5b6e123aaf82503b7aad2d9be21ad682c4e579e7f4ccfbd0b303bde22c62b2e5285458d656990a693d58606366fcec95f4e8fbf0b92148c0b1379a3810b1af93a7c9323c0cce944cedf134ecda0dbc67048b2ceb1fee95d698ffed8f8b1a472c0ccaac03b8c6b42db4dbfc17cfc903bd910cbb062d82352a4dff81596a16a2151eff3d5fdb19188246a08383342d8c631ee72ab2fc628fb2a695ccce9a67aa055b7e286251baffbe31ac23ca9db73fa5358c1e00ebde7b660072eb73a5fcc857836379b72d53164c26965fea02340204895b84b0a168d999f9c90b2781d1ffa8890f6278f569454cff392f9d21d01fbee49b0cebf6d481fdfb2bfb1da4ecc70110817680d3d060dcc76642b2295541c21a422e86ed2cc827227896ecd9125358ea201c6d6040cbdd3a43a901c627172a1a28479db2e6e61aae00b9718d67bb960737ba74e6d87b627553be43aa83ee5e65eadb54c0ef4d8fe7981a93afe9fbac92e38e35b2d50fe5f2e8b30d585f6b3bb9b71e2560c79d3c1e9e097efa2babb33e9e6f0b33b082550a1887a72d21660c0b25a320d21568d9b667fe67230b2a5ffa80950042447f3d197164a7b01c366d718eff3f318d251158cbc469dc848ffffe5c6b99f3dbadfd4231856cd473e6aa4fcc7bd8fd6c4801e51f4b77145b176a7c206d844537f35a051950aecc45de17e3ea83e0a0b9853cd612c57ea24268d888e600dabfc8a45ea088a3d05fecac00d8004c9b273a91c622d91717b4a1e0caa44ac10c918457aa09bfc50bd91918f0f33096ec0be67506362396d606997a48072fc5c9bb16eb4e974f0da05db9da09fc601cc196cc6c91f1ef9bd644378e49cc88157ae7112ab83d05340cbe867cb0821cdb7302bea5c2f9a0cadf600b348380028d64be7b30ca948f01606be6c1a09c2a9f182c7c81438c9440a858dcc50dc53d61afff665256dafb54d874df622edb177ba4fee81b182cf700efc2073833381d92a7f5e5aae9ed44d39422e042210ca952891c28f5ebfcc39aef73769905a97d1c56e215fe8eb278928f94a0ce365196e359f6c4ea99ffc1d7fb06665b39861c5ce5ab9067c6e909dd6335d1e7ae54a6f6eca92b2ea4d19c0c49dd18442f6451c769fe4d86b86c72c3195bc6a66a26390b62757b1e517314e756ddd8c1a20065a99c454133643f55b0b8a626585ee3040bbc9e4d04e67a926ca29d14bafa9b72e0e0a207a923f834a1b53b8609a89beb0f02a7af485d20c3f20d1f01df56e0ae7a4bc3ce8bd016a2b280f687355ebbc7a0305b9495eecb4e009ec8177cc8d856af75f097def6973ae7fb2c473b3af8a092229f3cf639eee58f04b2607c0502594d2e79fede0df0dff4593f2d42e1ea4642f37f8321c987e6b3ddcfde9370bf6ba48649ae7e0004746ab810e982943b4cadee6c4affa4f6a0efc58abef0b8b6e6a7359e75f1f40b547998074cd3ccc8754b8e62d0a1b082ad63b9e7b5c1e5fac030eab8472860e656f8d0bdc3c293fbe02ab4c6464f6bc7a7e9e7747321229a83bd40aa68c5236ac3b3b39cbbe0a58c84564a45da8e097704c452fb1efee144e3eebb7532aba56f1e62bc9f4915930ae81e182b33cdcc0d1f5c56572c50bde35cf790870f59520cf5dfdb2637f2c287878a762238d4b1f3bd78c92a70cf3c7e71915b5746e32d3dc8fe5e48a2217938e52846326d39d0e623112c22ba80f7b31e2b8943b9f5234f12e23d8b3f210e11eddc4fed2fb1c7aebbbf645473a0c2f477bb017ea04db64899472fb4817f3fab5e83d102cae1fa94451cc394e5f747d19cecad54be91ca904b895494fceddbc0329b962da98e2efb1c343baf4f701bda5b2d31641dba9ef5663196aa39d6ce8f5d495d03be33153471466c5746c96c1108471cdab4d4f1e46a278e8832a972b97dedb4159502b4f542ceca29e7f576b1d969f1daada167135467fa34e2bd43884bd087e6a3e77d416b684fc4e36889e4c2420c55a1fc2a3ed038b81d0d8676e6fecf7d0ba550cc66f44cbda3e7d9f3383123dfc755ad1417b4761eef8", 0x1000}], 0x2, 0x0, 0x0, 0x4000040}, {&(0x7f0000000240)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000001500)=[{&(0x7f0000001380)="85ca23c532ce2c210d3389c0725f73110014f6a8611ac9c29a01e78ffd86a614cb5eb99d26c9a94a81696048f190459281f37315a57965ac47468d1b179357c40490ac010eff873cf7bda4af880a02f404bb510f1f0351d611594fbb77f0eef657358e2316a522d5e9cc495d74285b933f1753dba963a33d392fb81be379", 0x7e}, {&(0x7f0000002040)="745d9eaf4a8bef6a357ca69cba2c43fb24d88eb606950b38c3a17891e096edac606fda4bdfc0d67ccc28c6e3404771e5fb006c8a813b92688df1f14ddd43a4c16039777646a1f871852a51dc3d228c7ad2b4e20210aa43f69d5d0d8bb902aa7e969949d66878e7b69ba456f2418dc17712dee6424a62f45a37244018c7c32470ac4889697a50a31f10e1b979e4161de4f7902ea4679ea52a7d281ee141bc70c4639422d1d9937025be8f32af385d32a7736bac650de3bf00f5d8931bce1f2a760b168aa934cbe9106d1a2b2a7ac569872f39bb7c3fe23fd0335df7e3793826cdb7ae62f13de115d4e3546c3563abe43b9f709b525e21d2ecd4d124c2fdbdcd8f882f47d65e4be04d65ddd7c528ca662de3d3d21bc81956c4b61f9850a173c18d4af3b54bb92f4f6d125b846842a4d9a7a0587198f19193edbda8d1b539a461db88996c557f56d063a470224494f1a96936cccf3886ca12c51dd27a6f23e09b75fdfd4b0e9aef85854fee885cdfe5ee4c1c16f0b5f4fe17056175bac728880d64c53eb31ec6076b73c4769c142f7d4721bfe3d028b59e7168792fa35d67e7a29fb4d0f89c13539576e5d234e55186884a02e1345654ebd06d9a1860742a7fbf219fa166d16eb0c7ba85b7ad6f1575d7e1a644e2596bd1278eee262c4c82f84a34aaf46b8aa861ef7259f3cf56578b383bc3600f7dba007b17bb7352f2dc777743f53d9764fca9a23c4c1cc2b407903ec1029ed4c03b0b9327db81f56b1ceccef7d9e4e1d1a20411136866a7a25396777dde5a12b99c8f41a8bdcdd3745638fc0f36c46f16bac67b5f361b1cf911cde3782f6443d0f9bd8f001bc0549bdf88871ec6d47b1ac476354842c36f349b66dbc04d8bb351a3a5274827c87f69f2cd924fbcf762cf75ca7be42d2758fb0f996d096432c8345a5970f964b5c37958d43ea75a365916c9ae10f693cb0ce180f361745397d20946574a33d4f25eeee7fb041ee44bb79cce3ca26c11f10ba102ecf6d2ff85e3b034620afedec6d0743239e6842a30ae5daa0ef1376fa8a01162a0dc41c4d899d3284e8b6d9b78d41113c74f9ccfe632e9102b2539a6ee228a500f1eeaaea2a3a448bca99714e03890d4320649d88d47098b251c004106ab6f308673fe31956121b3e1d54470604a21db79642f2c414b509ab26324fd290336203b749b80d117cd388db34f305ade1ab7de5c6ca7763aa11bd90bf4ddf3857c6646b56af198ef44341a3aeb68da1411a85df325b303d66c81f2133aa4ab30c10dcc7533a72e90536108b7388dffdd929f7175f6a2d187488a2bbc146a86fa586b023d75742a6fe0e1db732dc90d3a2fc11b685f719fa56cf8ccdc99215c4e3dd3d6482134d400ac9ae64104e1ccb933291050bb10b3a4a9b89fd5ce757bdb00f27a5ba567fa5864fb1b776b67130508f8053f9012bd74ac26bdc5703fd05d26979b12517d033c87d5e198c05206624d090f30be8b157311540f762f4ec24f4d06ab14ad8ebae6b2dbb2b30a276e532d677bba1df39d1f0a82a2542e3840b7a1ac14b427903bbe065015c91e984f1cdfae977f69d917361376dac9006cf30fe5aaf5a05f0a7c3675adaf01e676d25ea269353d8f4fd36a9249452ea3510f7d67a820dad27fc5bc73fcc39bd008771f87fa09dcabf717454b1add68ed54a9f9ee6083e9a45ae5a28005192bd8d5be22d9e1f2200449f04433561624b5f13842d5969ddcb6eb25f149121f150362a0c6400b6526051996a4757715cb6f2c3ac8c8cd9719b5edd9e7fe022898398338f433d43121b6dcc11122120b120a3673f486fb5a799328e4c6ba0371f099629ebe45219cbaf69d359f0bc3784daab15da86439ffe230446fc6a7735f0e55f51f378287ed303edd3c1791c1ccea22b2c880b6ce43bd7ff58c7047580e10efa60d51cb69fbb0840ec225ce31764f700cbad96ceecd822d0c7cbc7ecf2071dee0a584e418b13f78ec5185c19ac9af43ed21418f28dc336f24b1f41d731e8a9f039c3159e10c4f0613cb1556255fe898fa0bae40c36ea55d7c0ee47dd8ce2c994832c4b0cdbdef901a9487be5a100e09cb5a3b891f965d119c3934784e91018c90054aea3389c38fbac291733b2559b9af9362d40d8098cd33a9ea067e2e4e586e0acd6839428dbb877521712abf3d02c07d91603511a696e04ba2f2fe8539db1870a3b6a264b9eb32cd51be87e00a11f6b1dc911c6abdefcb9de13af2057d2e776b91d2748abbf2e3e8197e47492d83d0d11f29fce392973936a113ad38385135b8d079bb0dd4cf3d6a3897051e7f4fbf0433e8667c4d2d874b49fab0ca36a1776f08e37c1f8b0e437f8d118d464fc0a030f28a902c5ece33d30460744dd4d7b2414fa90ae3fa270c44bb77c0c84cc3dfba3ddd6d9534e042d1d1666cef7e80e716eb5dd842d87f74b2215b57a2ce998c58186ea66e1cfa0d500a346d5cf784db2afda4be5d26ade506cb7dbe7c34539b0d6cf20a0d5c435576358d36d7f66131ce1a5cdee92b8fe579f405e3e61ca30267f92dec23e6e8a129f5278b559712c1e35772535515f086247ef808223b2a145a4639537e1ba511231663de9ce36db2bcf1e7f74270d6866f12594fbd74a96940335e698e40a9cbcae71ca7e083b1bbc505f35a1e996e594a58b31fbf436ec5293fccd335a1fcb303253c08f5b8e2ee7e4955852172ea6227560c73fd75e8ff20d341e35e50cf7e0a2701709c9b45e0d7b37a78c06b3c0b4b64c52c5e70879f32f71decc763f0b47d8c1486d0b8f3d03085a6d91d1a42a267a003dcbb608b3bc183da2a5a70e4fb3131f17cc980af3e103c301fe5e7084c9212a5fe1c9fe5a61db92581f2cc4b5eda243f9c491b37f0cd674dfe5a146f0e6acd5aed1e6ff06de00fddcb8346a89dcaf6cdd30f7f65d5c618c6ebdcb4007d28e750389a5e626dfc6c7609b067b229ba9dcc890aaecb2f5e4479c3170ed567a2975288385592001490fe688f10a480707591879e15e3b336a86da0f74ac71eed3c11dbe5e3432f4c253a0501b479bafb3d5639599b5bdf68e0e1318d21d3ca04c2ac1c1307ae93ca0f66c042113e8744614811f02ced5390f248cc9e5133b897896f4a9d1f6b16ff01af5d0a58a472ac5f11fe64afa54070abb22bc196a05aec149132052078f70319ec22264aa18dec6250ce135dd7fa43a4fffab669b3648942bf38cb8a20df319bcc5d7eb41adb50f286f3d2f45227f5c7c4087b19d98f1a51e507e80cfaf22daad4e3323b5641e0d0394a6b9f5607593de71fa402bb5abf264d6fa1a80cbeed35be3507d6c151885d54ac301f3a8d6aa12ad42f5e4cb9f4385c49be5e4ad99c514f871f5a634c9c30cd297f9987611a716ee8941ff51d74755877a441184aac64959087dfebf11414c86772f7a42786bf79901bf13a9e38f445787483b0b526a1345f4c3232f7e068a0480080b96b85b106a8301997ad9a9db106869a952d87ef5bd60c481dfe9fb3304fce4fda311bf35ccdf679b1eeca5f7fd141d375cf7f3c7fe8ccbe4aa37f291c87ebe70ef641599e0e9511adc9e4f8d64e43fc5cf7ce84875e4a86e7be8c8ab25bd3106af892ab138cc8babf6640151fe5635994851e13b38b6c6bcd561b2ed8b5c0dcdd2b78d483f1fd75ddbee2e3adf5aaf6da188a3367428f89feec8bb1a217ef51e61cfa1e55a41c102253642d5c714c16c5584690221da07abd26dd34d4a564f64e1740ea4faa9b8f68cd19f71eec986f076770f83df22e3cbdbf13424968f70a16df63734f7145875c14d9644c62c5d565a193fdc829f8cd1bf53b057d502640b30ffaa0654b6d229ad58f33f1d89e9380cefc841996b8d59908232c254f1c694dccd6f5905221d4670b3bb18e1533127e275656f85d827033ad2c2198d86d9db2ddaf606d0d09a0884f652c45308e997bd906a719e11fd399f22a2c0ac67b3050ede9175126b07e3e7f47fcd5507a3f266afa42091ee56d2c6cc55213849508990430d13e75220cc6ba6bac61ddd638d4e04465f6aa3c9f02c92132b1c05281f11dbc8a2d1eab43ee872f4bea6da2103017b8c77cd35837ec7345eb202e669e3dbb1f0a999d377a0ad778c23bbdb25fe87cc114cd82e6f2d0489e53418a8bef7760a45718e1f5ea977de561b1eb1103c8041421a8574806d9e5722d107c810062d042bed1f88845860f2e984f3caf70194f604a2784a5d06e36065c5d707225f49b3f6b6caeb5adf20e7e7ca4ca9134b4fa306b8617320cc57b1f0318010dd83905e7cfe7134fbc0e6ca171990d5b1d53d97fe4c0ba403b9869b7067445b04805008a0d504afbb681338fdb329160115dd8dc45ee5d6ece7cde32784ca4a05570425e5610ff98965cf7cb452355570ad81940b0b90b336db046e488334cc5e52f153ae3738cbbe968e6c2f781f4bdae79bfa244e978a493017a12e2a6bd7e0d09c3c3cc54458d189d2d8865d08488fa235bced396050905d125055078fc998f8a61504506cbf8c3b1b22c4c48eb80650801940b99a86af3d6232f8779a13cf720c22369c5c5676b5a3d12ce9f5c924758a96064dc7273456b6443033db332fe875a39b0f5c3130e9e882d2448f6e0798c65947c5e9bea736d0650c7e49bd4a813176e7fdccb9f8f219ee06c65ded77379cc03b0f9dfe16ab24a721fc2c04d0e2d4e79e4302edcda10279da8de13d931160184a4a3081f95bea560b52b4efaaedd33cd6d980f31d5d9b790c18e7fb61e7dc79857b49270cc438818641d91f20ae78779aebdc2abbbbc157229b8c2e640be35bd53c4926054dc9313cdbefc250d9c63d6f36b9af6e3124976e83220fda5770306cceb39b2b984637f9ce9658c22fe542c0d48b911cfbf3cd2662e4f356d70cec647ef426bfa8dd2e5dd0c9b6d7282c58cc22a45ec597b066e19f51bb26d0fd98aa03c1dfc54de9f2833fc05fbd00277b4f90213ec7d1ce4277fc0ef121a7a496f0733dbb6e4573ddc6faed4e657da30bdac5e538581f0526802b2f59f9cac273917d624d2787493ccf0e9e7de3a43bb8bd4a88224687ae0e2c15b7131665e8e98a068d6ff4b111783fa195038cdcd566cf05259b612a33c21047fbc83afa90e9e5384ca1bf751f9bba9c39b57ef2464977f6b044f7e39e5fab27179af46e3676c3968fefe4325741be76f680aeb4149420d9dc049e1886b6f465e1f0d83e579a8c450da6872c145c1c38cd2756de7d65a16cc84d00fb150a8a3f14170643b3f04e6187b26c116a3c406b3f4346483aab139d3ab2cd4e150ca66d2c94ae7312409753aced8edd38ee814d67328bb31d3a6dee5ca3699816705f9b785001e2bd14a4bff0b18bda22235a07c5a7f9c7bca8e75d22b9f67978389255b2f39ee596e3c5755c9475ca51fdae1a3efedc05fd091fedc3e8f2cb686616c4d7c2e36e3a42067471bc790ccbee420758d70b9c1983f8e647ce49dd43e3bccf0f9cac53361d3cb8c3dcc2319f404069f546496c7178d7b1f23593c96316521879a0fd0bc2714905f4c6e01c8ac04bc72be87dc945d4b9c6845d80e6bc21dfafa489a21ecc5ede615bd550886e8219a9559cdebb7b2e641d382af422a51064f4242f1f235802d0fa93c501497c9b4c634e44b58ecb4edc2a8c437e3d788cd7cc89934f29a41fd76cc33ff0867f41e8863f8d7e64a0817740f30b1eb364a761a34d418a0bf37a091179884bafd0103ee5f44a7fe7358df920410dbd8fa758863efb1c8ef6b41117eb83e262d3a7c6196c0c9a1bbb3e530679c4122c262", 0x1000}, {&(0x7f0000001400)="fc565cfd99e970ce1cd8936eccdfba5e72494c31ae989d227a3499e475f43ea51088a8ea02309f726a1a613cdbb0adeaa0d651a4f6f00e311e11bfbc7581f7b7fc3ff011be002e64a0f19cced063224f0866d4538c47fcbd1284b4e9e2aa6e5f2ea425e66a2dfeb4736790e925efbc364b3316677759b6403fcbcff945a8eca056180976f955066a0bef7a013be6fac9eb99321657ccff9813f8bb8af9917b263fe32a2fbf59ee55c1a6085c58f3703de4d384753bdd4e9b3615158874d63b7da7717bbc5ff3cd684e78a37330f80d", 0xcf}], 0x3, &(0x7f0000001a40)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xee01}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff}}}], 0x110, 0x4800}, {&(0x7f0000001b80)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000001cc0)=[{&(0x7f0000001c00)="fbfaced3bb357b3273b39ac03b7f54a535e2ba419b1747ceaa19e8fd7a8b624f9f89b1b15eb9f9578fd386e6a8b06aba3f0053416796a87bc05af229cb5d0700479be142b1bd1aef8bd71829eca3b6d508e6cea1a4c21cbf463d0015e39081dcf184b003780fa90caa0a4286f62fa4b3eedcd6eba9dcb071f804b467bedc95da925037a10457f03c822c0e0b85a2ef0e6d49c0f3b5b7c1155a0fb6eb2e", 0x9d}], 0x1, &(0x7f0000001d00)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58, 0x4008810}, {&(0x7f0000001d80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001e80)=[{&(0x7f0000001e00)="baccf796486f4fe0df59a288bee195bfb9c4f8e2d0a94ef5a929f5388ec8631a20bfff535d397777100ca9616b9ced159b08dbcbed6108204c4dd6314e0d5a38eed5746bdaa4e84e471ac7bda71476b6dd912dbd19e558766d2ce7964c22ffe4f3e4646a98a34c9e7786e302551ec81a991e728212", 0x75}], 0x1, &(0x7f0000001780)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0xee01, @ANYBLOB="0000f3ff1c00000000000001000000020000008b965b2b5d246d3972241dc396659cc9e79592f48ac26c446abe3b941dfcd439a6f6f31d2e24a5c76f95dece85185bd40e59572c6985ffc0520fed2e9264cbad84a3f2dad2993bf276496c3e016b495782b0b482ac6165cf2767670bd8678f73227dd6d1cb9f40f05ad7847e63ef19abe9a66577fb6bb7a16c6ff8f2cf9736bcea195b0aeb40422740bf50135c991027fcc06e20650098fe9711db6edea773772ac35af2edf9ae6a993807325ad47b545a7523e33732084a80299573d11e55cdcbff70c6e8970a5d", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000340000000100"/20, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="0000000034000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="aaf0ed5ebb5837780033df38d050c702139dbc8faccd8851", @ANYBLOB='\x00\x00\x00\x00'], 0x130, 0x44}, {&(0x7f0000005c80)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000005dc0)=[{&(0x7f0000005d00)="707f0ba0ae54750243e2e19fc998b52c18c5590371892592b10d1c6dc4e1ed0e42b057ed171d42fa7fabcfa60105750e5476a964c954d75e4b0a47dec063776afdff4e95000d609d6a5f4908fc415e892a6bc5c095ccef3189f2776804bc46bb75ff6b63c209d21a54de24b5b4af945a02289b43a813f0ad9b049cacad76ddbf6e204bc861ab9729ebfb4ff0140cc5e5a667c85f020d115cbc8a785ba60006b0ad10fb6419da10df1c2b6d4cff3cd401414a94db06ac971c050e6b494141e4", 0xbf}], 0x1, &(0x7f0000007f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xee00}}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, r0]}}], 0xe0, 0x4000001}, {&(0x7f0000008040)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f000000a4c0)=[{&(0x7f00000080c0)="4d1e4d91cdd847751e423734171839b329a56dd58c76612c388bbb14aeecc4722f73fd1333cfc17643716e809cb7e2d153b33a6abc1ee9e9557628895d86430e60f000729484ce38e6c0b97380c5fe4f59c3f335f60e6c63b614e2d477000297c6f9a97ba2fa75abff04ee0bacca5bca3c3ab1882fb55123bb29e0422eb6e8f3a327ac0a978c255acdf27b14ddaac286d27c57fd76444ce959845285ef0a215b60717979d67b49fb0e122de573cbd95d5052aab6af3eef41de634b95534da8f0045d0230bfaec358b3f9704811d4c8ced1d0ce050f3c8967457b666ed44f99f3da7654a4dcb4ecd0df996620406020340405f3e29c33238797baa22e2bf6ff28bb7dd8f7ac696c217c366e1c2f850d1010dd3dd4ccef328d3a5fd0a0a8ce1768b631f462352060a9e0125f79f31e16c8d77f6c7b3de19af62e64c0fa4414a87023604d20591997c156cdfb08c8e5f423132fc3745613723532d8447d4d8d2cab9e40e1429bbe85fe283f4c51da6d8a2c4894bfbd930cf1cb453a54b256be59c2b785d037b71b2b9528e6a30c874299a5ddf4a9b26ffd4e2e2b76c2d8da5285e6f362593bc4b0d73d7fcbae63dec512e4fa9656de4dc16d5602c6a888cfacd2ee9768a6cf793604aeb7e9fea6a75b46e118b24d7456d60c88c26d335d03266b2228db78d841b7e05444c472485e21f2852d00558de39a2723ae7110788f044a69f2eec52381eec58731814c2c57cc0763e40e894530d0f85363fa2747c63cedb1098656a1ae2aa6980a11291d26ae8577697edac26f6d309eee3db81b71620784abab6a8ec03644d63bc9acd05c3936209b47ca8ee735e7f246c8b0e79eb5bb424161c1904d9e899178690d5b95864055500c156db8fdeabe8ae454fb3e9ee0b99f46a7f28d5582343cb4bbf0693990ac75f1ef8c55a004800c506f0093cb51fa95dd663e363d3534eee5e9429dd8a1dfa9e697504a30138e5162a02564e15cd9dea312f9d9c36d6d5bf1d154522b760e2949f0d684cb5ac0d8972b2c5c904fe909c5bce5017c31d97a3e821007c5ac3d9e80d9ef1d8ea03ad9974a6253807d53f6a67a2b092d953636db56844368629bbc9da575627030a4ea7c16a07900bc0bc0e63f49f3f428ab4dd443381c8e0abf81d88b65de3892eb147080fd6dc0a260edbd23b7775c3e1037545df97b91970c8a9f8e06c2e3bddc90def8d7c65b62f29d733f76f854566329b5e4e06dacc6cb1f7e368d807f2cc3f14909b52aadeff687456f4b8e19a6cbd0e95d471a5467b8390bc1e4d4284bb199fdafff0511aab30dc31249a5ed625b4e075938e688ee64295852bd52a973670d336237d0c983401f8a29330ecf2f3ccd9eb47a92ee0da56d9e61a505ca8eb2a8afa32813abed2e93fa81a8f1b06082a67ba4b36ff5352cdeb3772ce24faa5d503d165c628dac9fa0f8bc9da0f4cb200587fa2827666577e94d85c7ed778498fcde6326311657fa03636c1eab661fe78ee822bdfbbfe1d5bd0e5b9520007ceb198032465e87b1339bfab1cd1dbf8cd7af86b9de1f5f45cf60434a06519f80ec8148cdedfec6fb89fb50c310f5886aef5ddc0a4fa3cebf460027b96f46f0a7ba5e50fcab1c5b5dcf527520e4b8261836d51a673063b02459756208deb8beb795088804cfaa22d91363a39a821b18fe877a45ce0c393b3245fbd751fa7e8ce0a823ffeff7eda1ca2fc6eae99f5bdb3bebd01a8ef8be101fd44d35f8e130f98db920219af21973a8adeb1590effb88ffcb6764a00d62a35863208386d749f6306cd2167c387ec0efca0a45f1ae69178499423a80b335046d5686384806ceb4821d83a6ad5e0a8440441bfb465e8b5ae5df89cd33b652a7248144f439f1e90627f87fba157f4e4ba9eb9a7af45c1251daf7299b903a0c0bc54fb374e9cf5bbdf9666ef9e90d5f9cb23c75db6f5434e7d5b6c8d8cc10556061b826a0c52581252d556b737c834f60d97f2d3f71ad636e9bf48ea189193a261adea8dedbff1c4b122ca75518d4f1051012169819803af7cfefea66828060412e64b2f2aa5d65d9f48f65721c95679b2dd0b83a4d494ed4f00a5e08df5da3b36ceaaefc786a1f889f2c34dad0b9a5ad07a619bc8086fbd7c45da37e69b447812be1b9adf96417473a98c81764a51f0c57652632cc2cc4ab517f742b4e62c06c2519235d024358dc7f91cca471507db8458de0b06b57d5fdf050bc3721404c172aade27da14c29190d8e8e2df6466240d5b87bc59c2aa14a88cd74236d85748377889e12a6d6abbdae2a3440f7f3c7b8ab65486f128ac326deffed69221073c4149c89fba35dcbb87fd2952cfffe27ad5b651b93bf718ca00dbb3d8e3178433135978e88d591ade059b574c1e8e8a0eb59b5d959abf8bfa922c1b36034373336d47155619f6b1fbae35137b75381465cca2ab476029fe6d0c8526b6fc1bf6327e22df871aa9339f58e4f5b5bb3fbb80183be60cfe1319138be75469b0b3469c9067d09219a3945b36dcde6a84d13d620948f84542f147d16ceb4de96239ee05151523c782c4ab8a453747e64233c048b9cec040dfd5e1e93c84fac5b9d2f619d8d92c2d9929c5063b7117256293bb3f5c516c3736c9dd529e475f22e3a58eabaa4f53c029de520d2b65be3f15bec46644e81cd8fc010ee3056f164b4f42cf8350e329d9176e03e464461a69bc72d95b4092f98d0592eb7b097099fc9e352a54b2f9f595484a977b3998c76530e80c3ec1ccf1182e4e7e387d7835005fbf5f3653b0d2ac32806b6b80f91bb9c6e94d4e6724a4cc5b5d352f571ac2904c8a9e1a814f1ca7a9b83c5142634c6e8f2111f3ca7106c691f0d02d5ea1df1e474ed22d2e02b9c3bcefe7ca36465cb5f70fc3a79dc1d1522a1d53015a257336928ae54058447812fb195ed71a53327fa2b8b390d210a8c8ac27a1fa9afb27d5dc1c7ef71754ae97c771ce7bebffc2a7c1442dd6844a64e42608d7415c05a90db0a70bcded67ec4bcd784e40fc1ac8c57d359644120cb28082e619172512b8732541c596b7d72dfd0d319ec6dc12396d50572e53dc2efe209e84cdd2f970099c7db1444c062ebac391c8347c53e2636960f45927b04ab65f67f25f300810db0e3d883033b75bae1b85990a492b20cc348f8c3ad9ecb837d3c4dec2d95b8fdfadeade259e883fc46ef22818bd2c706d92902ef573d0d30858aeb2724d2cf63c3f861364254d3359842facced5c8b5fded9cc14d97c88b98448348da89f6518c60096a4330eeb317fb48dc1901466d90f87ea6f0a1f2f38bd84ce9866b6c411a3e8ba8fb21c3b197c361dfc70adf90a0d315979c8732fd519caad0954a533069835b07e0ce4e54dc8e97ba541e1e2a702ddeee191506d5bd2f4d1549bb2c3a043b0f5b4abb6935d435453e706e5e7cf8faa6e58a8f658827fdc2ff2acb4bd6e7f3304660f72cf84c974a639af94400956c3028f0909d6255e19d6f1ac2b3a315470eefa00367140ad02dca0f7aa5b65fe0cd01ee752bd424aa2c848c0fb8317c0b875f1f8bcd16915f31d8b3372f65e99c20b439662181bcc9f1dd93123dc67cfbc7ba83b86dc6784093363dbbd5f46b7d17824225f24e5b87c29dd54c5dfdb65dacec07a148ab27cad4fea46b83021b534946b8aa65937f63588e0b701c190ded730cc181f11fab3580894ac8cea8af996fad9cb592ca7839b4420d15bcbeaee811e7c4ca89ecc11e8c92aacb90bfe650832eaf8e801fb6f6abfacbbe33916102b8c43e71698ef8a8489bfc640e6eb9a6f3b2fc2ccc020e706cf7291b597642d50725dc91e4041fef7f816b06cb1e8ea9475e1ce54191ec729021a4f70efd0e56134be6de0889ae2369ebb016ed8c78828ca533b21029949dc646d1249d5e29753292a8a65c49c131dbbb4b5821f19edc62a5b2ebaacb373fd40fbbaca72902674d65003f84dc555e922659e704912fddf020e234032415e042f26645ccb0f298f547b609719059d110dce6f07d1a3245e9d7c5f469807efca997c80ffb62aff6316ed530ea2a02718b613b27f079ab9e0c78709264f97849e802d677cf0ad825acc3c2e9f8fc5e97e68327c5cbaaac3bb96f8f8d4622315457671c912d2d1fefcac65f9e31a80affd2c4fc021bd489dfa9a9763164f5573591cf0768b5289d455feee4cfde63d57050240208ac0a49587ca3ad1f9f35a0bac014dbce4724a1d9b1282c5b4a1e10742cf43fc3117f2aed343c50fdb3c5a8eb48a396dc40e1c777edd7509cf7e45ee9dc36a52f919648d05abd120e2e74478420f686973f09f4df22c39cefe3f76271937ef90fbd3c9532803e05ad91dabde2cdbcf91d9a29d83ecd902459581df443aa427d0bfc1ca1cfaae3cce1dda63a76659cdcaf31e925b994f963930b0adfb0c55ccef775e4fec0aa6ac4f6c296f3f45f2e8368ee7d7563588030ee58dd4a0b7025ceac6c2a77ffa7fef9b52854741135cbcf75c382084927c110c8287ded06430bd29fa3387069367370b531b11b638dde45081b19b20cdc7b2b6741102ad7cedc87d60154b1fce2eca4878a56ad89c25d39bec74af26b40317e36fc60543d5d7ae07c7e2d7534f860a6bc7af114cc6ef8a263548271d3a172adba7cac7de1873517a54afa98cb3ae9f42caef654bbe0f5520e95d46b5006375ef6123e63c7159c0d41b5bdb33c3d4fb8ee71c069f2a34865f7fccb82b87e771c1e274ffe17ce7dc3d69a02bc64e3f1524472fcabca8a7b671a5a2581d452438a193b9ee81631a0f4fea0d0b5886f57d50e6e323ab3b081096610784c3c35baaa59d317f5862aa915980a1e5b65943ac434027ecd8d0de67b8b6d6ec37d376df87b55823584fe2ccc4c9005d7e220fdb58a48a76a96ae1b0bde02432eb1d80bb46adf3422a6c4c9063581c6b7ce855d0d9060b95a12ea954446d0e98a6eb0b5d6ad73d8fe840cea2305696386bbdacfbec4593db4bba46a0c0d999e1d400b480ed85485f0f7816aface47ee522b8d17a412bfd3e20fb08eadcccde83fe8aa1fa9c2908476a4dfe30dfe18ef3ce803a346fe3bb2f933dbe15a446667977464599af2fc924486f6d30b876717a8c6e4df74cfd3d03b36cb655a14b8618a9a4c349e4a28d1d678013fab08a0a305ec916451b89d7323190cb84823f895afe84c0c37b8f5c0b3de22b980b6a2b5badc7a4b584c24910ab34313b6bfb1e25d2905c8942c4206b267df8ae267a81f3e6e51044fd6119ff89b21cadbfe25b5cf7cdb8490b08528583ff36d0271b2f113d92cad027701d33881c55831f4b3073a104eb63b567daac4da38a941b07158e9226dba7b0ef1e7fa244fdc6ff69761bcbe7cfb87e732464407c77709bf361a0743b38c0d40896fe97ed5c67315e7f9eb3e96b88ef522dabba0ec3864af218fd522d55ea734193e0e390219a1c5490b5a7d1971ea435e8ff046aebc6dd861eb9c8fd50b0615f4115eb38fa9465009e8fb5a498299f17c41b1b27be30a951f412cc57430614d307d8dc77d534e40ed1bf30c13e06a63f6f14a38a509fa0de1bbd1dd27f4eab9896fb3572698a18d82356e394396597f8c12b8d92106fa50c26e47312a580d0718fdc13ce346954c9d39e380b1eb1d7b74f9a62a4c16c97cceeb3e2ec4b092fee2cfdc18b0fcd322fa0f3d4983c6f6d59ef769633aeae03c131e7cce4b12ea3dd53b37d2c0a434af2f34c620906625c081377cf8510c18f00c6f53ddac2275d08eacdce212d3450bf264cbdf5f77e6ec84bc06be37dc0bf4dc9fb8609ba448efbe8ce", 0x1000}, {&(0x7f00000090c0)="08f3598abee95d8abfc1b1d07c21b13352f1b38cfb7254cd8364371134b94b0bac9f7668f3b97d7e3e36aabf508d01e7a678e3e6c147871fd9549c55e51724119bfc87d5f29d6e51df2f1c1a7126daa8b41572019f406bf5ade9626f025262a0f4e606", 0x63}, {&(0x7f0000009140)='cl/', 0x3}, {&(0x7f0000009180)="df6ba3a222018a53b0c4308c8563d5fb759743e7b1ba2c24d088375b89225d8ef65c26c8e4f45efa31684f50393bafe9812b2e2944ac2127ec38a2afc7998bfa6ae0ec241b385d8a4dba794dc031b6699aaac86e19a921e60377286ef3f2c348793076da31bdcbe5d931724d03c475079c29eb32d0a4eb5cbdc3f623cd30af8e6dcc04f154507fd164de88c51eee8bfbd3ddc0679d0cf0c06a00716c6fab69a8357264f77e0f08e81de5c4043aafe03173c01f7832bc68cf57e2410d", 0xbc}, {&(0x7f0000009240)="9b51b031bba69f0116dc2ef23d5246cda9573dea681904f8829aabb2100e2c81470ff3daaa5c8d1585271ff258c521c3fdfd024875c508a527a970d8899ae3d261746c3d287d7b05bf20905314cd8fbf89a817653708239f1908545d5a2b9d28f0169c56739103af3ef028cc3d705d29366b6e315aacf2c51e2af2a655f679aac48d0b7ccdc923c7", 0x88}, {&(0x7f0000009300)="b8f05b5f2f872fdc49773df35bb36de2f4dfe5b8f3e1f62cbb371425d0055a151da83e6481a05c4864df2ffb916a1ee5502425ba14106a40eb57ca9d929f3faa0eff53bc5cad50f9dcd22384f072a5fc1bf83377dd0192068c6e6a5e3dd78c4fb1a0104cfe1d26617da7417103554a26eb276042c25700f8d1e00832835d0d32a5696a54e1566a72dd660c66c64ed4d12570ab1b928e143bbbaa2866cef309a365f69e0a1450217256e39eb617d46f84aab11976f13f1faf359b667895a1", 0xbe}, {&(0x7f00000093c0)="5beed2f5061bbf78e9c8f4e3f8799e0e924b774f0f17a9fe0bb0ec0a6161907337afc7f20e083badf17019d8a1db5e7aac6c8d779b5d4516e6701ff4645f96e8543e59e8ad16f0ac71b3cf7b59e2a92ae86ecf1c0ef2d37f6b78c7460b789e6e7a43bab468793a146cf2404aa08e9171a6ca9cf378fd831149d38ef5c2d26d35895fd5a4953b98693004ebc47fd8e15ad699deb6c78d3d1ef70a810e3d2d1f4adb29eae177ac5b75a5188b45404fb5bda593d495784d9c3cae650d56dd86bd73eeebd64a5f81eb2ba184f38f4020035572991ae34f236e6432b68b372a2d5d97445f3716666bd4a259b6182738f47b10d5a208b34ac2856ad5f3a69e34b93489e461f9a765003e276757ce47ec84dc0a8953776d46b74c7b1e89c90bc0276bdc61d81820a64d01121810a86fa40c13a08263310e0201e3e50a7e859effc1ceb73fcd2f8a759ea5bbdcef16479ed43720823810ba5c1a541929ecb98f9bea36bdf8782e59c425580a888f17e14f60d5f999176babcb05cfada570a17f3bc85bcee104f4d25ee72eddbe3c99ad20b579c22c030a9932a0b8663354cbca0a3e90d2b536c866e6a4d6b45beb66347b2021fe30941dccd8a467928acbe8919f566c5dfc0a1475f1c0b27c6caaf67874c2d6e199a9ffe7b5a06d43f53e1793ceeb2f03a82ff6c73348ff4188b6a6fedd274855cabc3c39a96df8430cb8f3f0b488a61b2122a025d9ac3f2dac46f6fbe95ba45be9272451a75ed11f309ada2b541e294575dd34cdd8b995b287845018e0924ddc887c6ba635e209ac3a7fde9c7848720a3f8d78812f7558c684c096590e846c7fd0b5bf6ea925d341215484b7e19b12930e552d17d61c923ee11ed0b1093af8c80870c73e716e2463bb75997842dfd30da860097ab306b3c11ebe48435b9a42073a6e7c9030a4fe154edd30fd0cb79ece0085ebb7b0224d291a03cf25adb36879418452d759ba24422c233271ac1a8e9b41ea48864512b9d485cb16881f30c7132898fe8d7274d2fb50faa0b94ae1f860416e4d94234d0a9e48e003976bb045069c87e6be547067f74b0ac5e42bfc71247fb59db4e504e39e5b97fd343f69454baef6b7197376e9ee92ba9dd382a6ce9346c07183d3938973a4242a1b4c58749cdf8fc183f1461ec76913bb7a453d29913bbf93d2120a84626253a61690f35947ac4840c243b5df2dba2a5fcb13420d51e1ca5c246ee84d3b99ef9c713bbda69be685c274ce2297b0c8ab2990d875165aa121916e8b72803c7463e53d8556805670da6f0b7b96ecbd3fa35d4705295181d46af9f12ed55fda046424cfd244d72107114048d1043b7615d3936b0fe47161f16fde17fcb1c5acd1430581d2821327b2ad96138b15bf5e44264a51517bffa9171d6b5c74a1529038e9a8c16fc4a425644b088035dbb33df213ab0dd5fc83fa3c65eecc622b24c3e3b13e41054dfba1b89d8175594d976d6a43289d8aabc74256c36ba8da26f25598893212965987683c46a8262340d77eb2bbb7f9067c5b1dcbd657f4ccf088a77e101198a18d93f44d78f83d3f0a4d911a56435b9e360f7a694d6d1a6f82e28b74b1264826b79ef778051b048240077dd6731bf18f65031b791a539b2e63d51f3518c3092325519fd70dc7c651941ebbbb52005d86f760bfe3e95b9f81d45d707ed6fd6bcc71a9213793d8a3160117812f891c066ae5d7e5763429166564431d94e6849ca508ad79d1b9ae4f86211580226abc4861a68fbc88bc274a193fd6de1d8c6aa5eb9382391793ad9b0172b6a06d68e7b5780d92a5ab5003b9a28204ce41c13859c03e76c47f8f3c4887866e50e61523eb5b93e83c8c0023c68712211c3880cc48ce52bef0da5451dd1dac22435039427cf48ebac9d78adacb742edf1f5fb65323a94b82f8a5b194ab6533e8d3b143f53d9413b112aaeb2dde4123a8a929188a82c5e481be712067e190587074451285a9eef54ae5b8ea88ee970cb3aba1008f68490401e3ab3a9e44e14c2b3e32f09309474db78c5e6bdfd9d0d6f7810e62689051df3f0d0723ac9f546002189bdda210aed9c28aeb94b8478b643db071cbfa57c41180bd6b39a9f739fd140bc9be765d12bc624f9b622839c2075d89e407a8429ee1fc0096f8c8a3e106fd16817bd46fcf3c1556a41185dc71614dbb059237b9f94f2f99b6eb99d5bedef91aa1d42c483d329f68345da738f94c334094ec97f56e6ebb9bea2313afdc4771654383d11dc3cdfbd60d46b1c57f6f3c5a2df9fab24198b31e14e00a10a6286bd1330bc3281f2c46bf5d937ef6d789f6cb85f084fa8a90b46aaf2b61862bd99012ec52b5152e8c26d881dcc9410883ae09fe78241b03765d862b6011ac2f6f8b666758f996e5a521ccb9022f6b3569f3aa4e44893496da42050557a81fe41e6711d752bd07c6615aa85b753d1b2237ec77c9c226c8c84cd13b9007983b8793e113248dbc8abdc72dfad8bed4d75b0e1c4a248dc79a82635b3a5c622979cee1c219dce4652e3affa1e0e9f29749783f767bed7fe6a1e1785e4cea7cb49cdd88e37c442198a29ed035a6cedf02fe3901fc8e002571d250ebac7021e2ad2d590fcc56ab5134f89bfe2a4458126d2deeb3258ef2ad29bdb046071269bae1b2383610a9c314ae73c0d43d5e6f1799ac93abf6ac936b64846695f1c54e99db057d45dadde0a8dbe08d73cc416ad3f2e9994df6c993b89a8467ec7c012cd3bae6ed2ac6ff4240f418a9be3f3510062b85db0e8eea1cba7ca3e1679dc67e4eae949e1d3da5ed43811e4748ececf03236ea428dc7902962d582ec481fcbc9c257ce7493ab32894e6b14be1232892518f630473b3e8213b3f5068ebeabd9357703b624874c4e3ab7960ee739f0baa53b3bfa4fc562d17b4474b70e790ca9039591ecaa7a5711598f90957aa4034ae0a2c440001a3954473f795cb41f8ea1df78d73bfb4e0dc54c7683838eb33a47d24a1c6f34b799b05d5393d3da98fec13c21b64e33ebc9a709c71df8fac69cab24ee96521486f1153bfbcea7c2ef6ef44a08ed578b8cc59781c0b4a2b606fd2523f5d2d551b1856fca779e4a4f490fb7647e82ce310ab23a4d64d55e5262c28947dd983a562a85f4f83df236b15ddc54151b17d2ae47e0c1f6dfe39bcf2826fa5afc44851e95e9c295723d0caefcb29c1752b861c4d3a0b4e2df78030f1320a1a892035f51229ca9aaad696f8b1b995de937c5269fd2a1a6db0c49daabaf8b64db65e2382018319b93c3ec2de9293ef5124e5b2018b7d73a23394c3b186821681e41b1b42396f221d37f5758e24bdf935279de4cd4e12d5de104c93624e11a6760b44f334a17983152141005e6eaed96a9fcc4eb50f7d17595c382ced37c78e8b3d36a2e8eaa67b627f068ff7158128728d98a74dbf7023636d49d6c78f8953cd44c062659871bc5bdf292048e62761f07d1232ce51e0730c0ff703a487a8d68cad2ac71815799a5e8762186a459752c442890d17066d44808a6b0b30aeebc4b6cafc8aa7da4f3732d5a644a31c0ed75943502c2caf973c96a7053cb807b3e1d6f093b51aeba9c336d7d63dfef8c144d746379f18a1822dfea9fc6132dcb51aa6415bda0342ebdbd6157b02b42487609b289f981565dbd1fde14e13475d6152f2748389dade048009cf8bc38833734eb2a75102547cfc97b6f3f94156b14d505ac48a9268813644111d70a57f4cfba50de636a73ba9766d2e8e923f83fd7a493d2e5f613b1b3c94cba097a9147e0257c7e45bf15a9e5bbc045b785e3a375a3f32aed198b8f144c4a75af30528c069a75b5ac880174664d683c407521b7c8a9496a244058e37ecf658454d24bd2473bc9898021df5d4bfea26c056f1b4c4105991bdb7ba557617c1043d64e73a278e3065359065337433c7534e2fd1b502fe6116b660b547350683d4109bba2148f32a29bf2d86d5c61f4ea9742dcb542b2155b2a0d9dd01b0f0c1a1dddd577710a2067c57be76be715f0b39d44f37f546943d006f70f18163f2052911c208f3028722c81e0aafd704d942bdf14fccb4ba4d9dd7e2dd56248e4787329d9ae20310471be3c726e49f92ab93f4e5bb2b6077f3396b5c09c8b8beb32f996d5160c217ecdb6e12d050ecb88eded86064492fa694844be2ff9e3ac9c068f409d10682f8208f56d0839ed6cbd722e4f3ee65434a66dfa2904e0d3190d97a07d4d465c0ba55f53452e0f914fb4f464280722a5c84b30ee9cf4afaf89c4022693d404e1745fc82e72a650579d5a98b2e4e143c66c38b4b8535a805fdb5208fa67c6e68b7ec74feee28e92f0727b81293cb243031ca1f7fc7448635ac4f507dd61b9c9810fb7df5a84bbdf0d37ef5715c1cd90df662d568c168d256510db891e0e028f254042dfd70608bad91189098bc3e4e8a10a6e45e236bd3259b70d8001a943f4ec5760f14e41f71e5f7b6ac46312efeddceb82afd6d4f913a378b6e71a97fe87f5fe7d89e620ae41f2e8490a110e78098be336aef4fe1acbb2ef13898ae6433fc8ca2f5472bacf5541b2751776cfd4b37b7c0487b43e172ec201d1fe83055995da23eef64c5e94789a6a80e08089a1458633af3832383b42c0441801af6ea3996a86edc8ae345c095994458448dd19b7a7561853f21b8c31df6ce9a40d621433cfcc06ad6a64dc5bf5c628bb453bdce89e542710b91223e7766f41e0067e0ffe164b576a817d9527c0a5c39873e2d1d515c21551fa360060376fb3ff9beb0f4133574933aae61ce15ca84d51bd000c1ddf5427534a3e125c2d2a7ac74a947e87fc303d11e1d40e2b8ebbacf7184485f8369e6dbc1c5bdfc83a6f8885e141e8665ee60bea7551bb64fbb8686a855f8b7edb5f424e8fde2fc75831099b9c2e2f0839b4556330d5a9173bff843f699ee20f8b6da40cd29f8f319e252be940507ef4e480eec3c426ac6028ecba104ddfb80f9d5a5785ab0cfa1f04869c7976569fae660400651a603e4a0d49320588b6b33693d3ce3186de2d40b5f59bd5c4e5ee81e62a5e0dc0fb557a9d9dde17f34c486967763a01d76e44af75025dc838928139f343b47b56e722b5362b64a6090ea0b5c6617b4607752d45b185a8e92b48e7b24a758b43c4a08658fd910766e47d2fd6ad6b0c028704667cbcafb147b884e6989ba7a41536d9d002cfa9aba304fdd782a39e283a86293869ef83c28958d10e0608ee7ec841d73becff29c79d47afd2c7cd8c3c980002762175d742867887efb0bf1d3e1a55979809d9e23a945e8116d013a8f93799ed0702cf488086e8ac93ce67eb5ef24dcabeefac09e98efb303d5ae0672fc497bd3a50d9dfd4d5a84b66ad0e1ae33ea55a4eec084d91ae88ef5f2b919db2f564342bf03a21d2bcebcbf57c00c22840eb55346ef22b0d11a4999869fdebb2134cd82a187b6e9b621d4de1238d566c865f6be7df19f5e2de52d9d8086ca37ce6b3922ae2fa4f2c1314aca70b3bb3292a7a647f86d9f70af0c745008f0962c87d5f51d165c4e73615c9f8b0fea3b319766663605c42e56af683956c85ecc3b85d2859c047721189b22113fbedcdfb08a9b71c51f90fb21c366c29a624c91d4078fe4138725cb229628957f0051e16c0e67f1de4d3cac228ff8784a5cf05e671885867f4c63353a98528dc08120150badb0ca81896bd7c4098ca6da5c96dd4a77a4e2c92f85e348ecbd0e3979c40ec51a415532235094149593533c9420c5069731cd522a71e11e92edcb7f799dfe601e2ca0d4c66f0be603b5bcdda81e9a5cffbe0", 0x1000}, {&(0x7f000000a3c0)="941d144d62228e7de9ecae763af9395204367fe841d55d7f7ee5dc1893598bec66b66f5934f1873e0c6d099646f1dd382c2c55b4c9c8e23adf09e5b008a8a4357c75cccfd5b5c7e7ba67708979b5cc6f02a2fe2a6111621874ddb4f0e5ab12d55ea0aea38905ce5fc8a03e0e454a0ff772d6b793c0c2c8c24f4842101fe561037eb79b477e54dcf099546104198499360364190ddfb82d9d712b1947eae699a0827c0ae0836e1c4176a9fba762296ac36fdff6ad83005eacb0298b41054512081980069869d974adb8eb9de8528919922225", 0xd2}], 0x8, &(0x7f000000a580)=[@rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [r0, r1, r0, r0, r2]}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @cred={{0x1c, 0x1, 0x2, {r5, r7, 0xffffffffffffffff}}}, @rights={{0x14, 0x1, 0x1, [r8]}}], 0x88, 0x4014}], 0x6, 0x4000) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x85) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:49 executing program 2: ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) 02:43:49 executing program 1: r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) close(r0) r1 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r1, &(0x7f0000002000)='/', 0x1) setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, &(0x7f0000000140)=ANY=[@ANYBLOB="2f04000000000000000000003dfe8000000000000000000000400000bb0000000000a68c30e6792d7da43d365cdcd1aa000020006658"], 0x28) sendfile(r1, r1, &(0x7f0000000200), 0x87) keyctl$restrict_keyring(0x1d, 0xfffffffffffffffc, &(0x7f0000000000)='trusted\x00', &(0x7f0000000040)='^-}[-\xbe\x00') mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r1, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 354.008801] FAULT_INJECTION: forcing a failure. [ 354.008801] name failslab, interval 1, probability 0, space 0, times 0 02:43:49 executing program 2: ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) [ 354.052100] audit: type=1804 audit(1606963429.482:169): pid=17721 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/267/cgroup.controllers" dev="sda1" ino=15796 res=1 [ 354.088908] CPU: 1 PID: 17719 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 354.096819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.106172] Call Trace: [ 354.108760] dump_stack+0x1b2/0x283 [ 354.112394] should_fail.cold+0x10a/0x154 [ 354.116660] should_failslab+0xd6/0x130 [ 354.120638] kmem_cache_alloc_trace+0x29a/0x3d0 [ 354.125312] btrfs_mount+0x9ee/0x1fe0 [ 354.129117] ? _find_next_bit+0xdb/0x100 [ 354.133179] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 354.139157] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 354.144614] ? rcu_read_lock_sched_held+0x16c/0x1d0 02:43:49 executing program 2: ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) 02:43:49 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, &(0x7f0000000040)) [ 354.149632] ? __lockdep_init_map+0x100/0x560 [ 354.154128] ? __lockdep_init_map+0x100/0x560 [ 354.158623] mount_fs+0x92/0x2a0 [ 354.161992] vfs_kern_mount.part.0+0x5b/0x470 [ 354.166490] vfs_kern_mount+0x3c/0x60 [ 354.170293] btrfs_mount+0x42a/0x1fe0 [ 354.174125] ? lock_downgrade+0x740/0x740 [ 354.178274] ? _find_next_bit+0xdb/0x100 [ 354.182341] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 354.188320] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 354.193777] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 354.198794] ? __lockdep_init_map+0x100/0x560 [ 354.203285] ? __lockdep_init_map+0x100/0x560 [ 354.207787] mount_fs+0x92/0x2a0 [ 354.211155] vfs_kern_mount.part.0+0x5b/0x470 [ 354.215658] do_mount+0xe53/0x2a00 [ 354.215676] ? copy_mount_string+0x40/0x40 [ 354.215687] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 354.215697] ? copy_mnt_ns+0xa30/0xa30 [ 354.215709] ? copy_mount_options+0x1fa/0x2f0 [ 354.215718] ? copy_mnt_ns+0xa30/0xa30 02:43:49 executing program 4 (fault-call:3 fault-nth:71): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 354.215729] SyS_mount+0xa8/0x120 [ 354.215738] ? copy_mnt_ns+0xa30/0xa30 [ 354.215750] do_syscall_64+0x1d5/0x640 [ 354.215767] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 354.215781] RIP: 0033:0x46090a [ 354.215786] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 354.215796] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 354.215801] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 354.215807] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 354.215813] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 354.215818] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 354.258710] audit: type=1804 audit(1606963429.522:170): pid=17720 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir430928317/syzkaller.WSOdxw/415/cgroup.controllers" dev="sda1" ino=15780 res=1 [ 354.417647] audit: type=1804 audit(1606963429.852:171): pid=17735 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/267/cgroup.controllers" dev="sda1" ino=15796 res=1 [ 354.434959] FAULT_INJECTION: forcing a failure. [ 354.434959] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 354.510320] CPU: 1 PID: 17762 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 354.518179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 354.527509] Call Trace: [ 354.530095] dump_stack+0x1b2/0x283 [ 354.533703] should_fail.cold+0x10a/0x154 [ 354.537827] __alloc_pages_nodemask+0x22c/0x2720 [ 354.542579] ? __lock_acquire+0x5fc/0x3f20 [ 354.546791] ? btrfs_mount+0x42a/0x1fe0 [ 354.550740] ? mount_fs+0x92/0x2a0 [ 354.554254] ? vfs_kern_mount.part.0+0x5b/0x470 [ 354.558898] ? do_mount+0xe53/0x2a00 [ 354.562600] ? SyS_mount+0xa8/0x120 [ 354.566202] ? do_syscall_64+0x1d5/0x640 [ 354.570240] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 354.575585] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 354.580406] ? trace_hardirqs_on+0x10/0x10 [ 354.584619] ? lock_downgrade+0x740/0x740 [ 354.588744] ? do_raw_spin_unlock+0x164/0x220 [ 354.593238] cache_grow_begin+0x8f/0x420 [ 354.597280] cache_alloc_refill+0x273/0x350 [ 354.601599] kmem_cache_alloc_trace+0x340/0x3d0 [ 354.606346] btrfs_mount+0x988/0x1fe0 [ 354.610125] ? lock_downgrade+0x740/0x740 [ 354.614251] ? _find_next_bit+0xdb/0x100 [ 354.618287] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 354.624241] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 354.629667] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 354.634677] ? __lockdep_init_map+0x100/0x560 [ 354.639163] ? __lockdep_init_map+0x100/0x560 [ 354.643635] mount_fs+0x92/0x2a0 [ 354.646979] vfs_kern_mount.part.0+0x5b/0x470 [ 354.651453] vfs_kern_mount+0x3c/0x60 [ 354.655243] btrfs_mount+0x42a/0x1fe0 [ 354.659026] ? lock_downgrade+0x740/0x740 [ 354.663158] ? _find_next_bit+0xdb/0x100 [ 354.667217] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 354.673174] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 354.678602] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 354.683635] ? __lockdep_init_map+0x100/0x560 [ 354.688105] ? __lockdep_init_map+0x100/0x560 [ 354.692579] mount_fs+0x92/0x2a0 [ 354.695925] vfs_kern_mount.part.0+0x5b/0x470 [ 354.700403] do_mount+0xe53/0x2a00 [ 354.703927] ? do_raw_spin_unlock+0x164/0x220 [ 354.708399] ? copy_mount_string+0x40/0x40 [ 354.712739] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 354.717731] ? copy_mnt_ns+0xa30/0xa30 [ 354.721596] ? copy_mount_options+0x1fa/0x2f0 [ 354.726180] ? copy_mnt_ns+0xa30/0xa30 [ 354.730088] SyS_mount+0xa8/0x120 [ 354.733522] ? copy_mnt_ns+0xa30/0xa30 [ 354.737429] do_syscall_64+0x1d5/0x640 [ 354.741304] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 354.746484] RIP: 0033:0x46090a [ 354.749667] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 354.757352] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 354.764602] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 354.771848] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 354.779092] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 354.786336] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:52 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:52 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eefffffffffffff7000000", @ANYRES32=r1, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8400000024000b0e00"/20, @ANYRES32=r1, @ANYBLOB="00000000ffffffff000000000b00010064736d61726b00000c0002000600010008000000480008801c000100000000000000000000000000000000000000000000000000040002001c000100d8000000000000e6ff000000000000000900000001000000060002"], 0x84}}, 0x0) bind$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @dev}, 0x14) socket(0x200000000000011, 0x3, 0x0) r2 = socket(0x10, 0x3, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eefffffffffffff7000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000003c0)=ANY=[@ANYBLOB="8400000024000b0e00"/20, @ANYRES32=r5, @ANYBLOB="00000000ffffffff000000000b00010064736d61726b00000c0002000600010008000000480008801c000100000000000000000000000000000000000000000000000000040002001c000100d8000000000000e6ff000000000000000900000001000000060002"], 0x84}}, 0x0) bind$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @dev={[], 0x44}}, 0x14) sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x268, 0x0, 0x2, 0x70bd2c, 0x25dfdbfd, {}, [@HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}, @HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0x268}, 0x1, 0x0, 0x0, 0x74471bb471624270}, 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:52 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r4, r3, 0x0, 0x100000300) 02:43:52 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$SNAPSHOT_S2RAM(r0, 0x330b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:52 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) 02:43:52 executing program 4 (fault-call:3 fault-nth:72): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:52 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) [ 357.028262] FAULT_INJECTION: forcing a failure. [ 357.028262] name failslab, interval 1, probability 0, space 0, times 0 [ 357.071107] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 357.086967] audit: type=1804 audit(1606963432.522:172): pid=17781 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/268/cgroup.controllers" dev="sda1" ino=16499 res=1 [ 357.093178] CPU: 0 PID: 17782 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 357.117268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.126625] Call Trace: [ 357.129212] dump_stack+0x1b2/0x283 [ 357.132845] should_fail.cold+0x10a/0x154 [ 357.136994] should_failslab+0xd6/0x130 [ 357.140966] kmem_cache_alloc+0x28e/0x3c0 [ 357.145117] alloc_buffer_head+0x20/0x110 [ 357.149262] alloc_page_buffers+0xb3/0x1f0 [ 357.153496] __getblk_slow+0x2d6/0x7a0 [ 357.157390] __bread_gfp+0x206/0x2e0 [ 357.161113] btrfs_read_dev_super+0x79/0x1f0 [ 357.165519] btrfs_get_bdev_and_sb+0xd3/0x2c0 [ 357.170018] __btrfs_open_devices+0x172/0xa30 [ 357.174521] ? find_device+0xf0/0xf0 [ 357.178236] ? btrfs_mount+0x9ee/0x1fe0 [ 357.182209] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 357.187655] btrfs_open_devices+0x98/0xb0 [ 357.191802] btrfs_mount+0xb24/0x1fe0 [ 357.195606] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 357.201582] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 357.207031] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 357.212043] ? __lockdep_init_map+0x100/0x560 [ 357.216540] ? __lockdep_init_map+0x100/0x560 [ 357.221030] mount_fs+0x92/0x2a0 [ 357.224396] vfs_kern_mount.part.0+0x5b/0x470 [ 357.228890] vfs_kern_mount+0x3c/0x60 [ 357.232687] btrfs_mount+0x42a/0x1fe0 [ 357.236483] ? lock_downgrade+0x740/0x740 [ 357.240627] ? _find_next_bit+0xdb/0x100 [ 357.244685] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 357.250660] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 357.256104] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 357.261119] ? __lockdep_init_map+0x100/0x560 [ 357.265606] ? __lockdep_init_map+0x100/0x560 [ 357.270097] mount_fs+0x92/0x2a0 [ 357.273461] vfs_kern_mount.part.0+0x5b/0x470 [ 357.277951] do_mount+0xe53/0x2a00 [ 357.281495] ? copy_mount_string+0x40/0x40 [ 357.285733] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 357.290744] ? copy_mnt_ns+0xa30/0xa30 [ 357.294628] ? copy_mount_options+0x1fa/0x2f0 [ 357.299115] ? copy_mnt_ns+0xa30/0xa30 [ 357.302998] SyS_mount+0xa8/0x120 [ 357.306445] ? copy_mnt_ns+0xa30/0xa30 [ 357.310328] do_syscall_64+0x1d5/0x640 [ 357.314220] entry_SYSCALL_64_after_hwframe+0x46/0xbb 02:43:52 executing program 2: syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000040)) [ 357.319402] RIP: 0033:0x46090a [ 357.322583] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 357.330288] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 357.337559] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 357.344820] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 357.352088] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 357.359353] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:43:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, 0x0) 02:43:52 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) sendfile(r0, r2, &(0x7f0000000040)=0xfffffffffffffc01, 0x400000000005) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='trusted.overlay.origin\x00', &(0x7f0000000100)='y\x00', 0x2, 0x1) 02:43:52 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, 0x0) 02:43:52 executing program 4 (fault-call:3 fault-nth:73): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 357.539908] FAULT_INJECTION: forcing a failure. [ 357.539908] name failslab, interval 1, probability 0, space 0, times 0 [ 357.546591] audit: type=1804 audit(1606963432.972:173): pid=17810 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir430928317/syzkaller.WSOdxw/416/cgroup.controllers" dev="sda1" ino=16417 res=1 [ 357.593164] CPU: 1 PID: 17824 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 357.601079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 357.610428] Call Trace: [ 357.613023] dump_stack+0x1b2/0x283 [ 357.616651] should_fail.cold+0x10a/0x154 [ 357.620798] should_failslab+0xd6/0x130 [ 357.624770] kmem_cache_alloc+0x28e/0x3c0 [ 357.628917] alloc_buffer_head+0x20/0x110 [ 357.633063] alloc_page_buffers+0xb3/0x1f0 [ 357.637296] __getblk_slow+0x2d6/0x7a0 [ 357.641188] __bread_gfp+0x206/0x2e0 [ 357.644905] btrfs_read_dev_super+0x79/0x1f0 [ 357.649311] btrfs_get_bdev_and_sb+0xd3/0x2c0 [ 357.653807] __btrfs_open_devices+0x172/0xa30 [ 357.658305] ? find_device+0xf0/0xf0 [ 357.662015] ? btrfs_mount+0x9ee/0x1fe0 [ 357.665983] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 357.671432] btrfs_open_devices+0x98/0xb0 [ 357.675576] btrfs_mount+0xb24/0x1fe0 [ 357.679379] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 357.685355] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 357.690805] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 357.695822] ? __lockdep_init_map+0x100/0x560 [ 357.700309] ? __lockdep_init_map+0x100/0x560 [ 357.704806] mount_fs+0x92/0x2a0 [ 357.708174] vfs_kern_mount.part.0+0x5b/0x470 [ 357.712671] vfs_kern_mount+0x3c/0x60 [ 357.716472] btrfs_mount+0x42a/0x1fe0 [ 357.720276] ? lock_downgrade+0x740/0x740 [ 357.724423] ? _find_next_bit+0xdb/0x100 [ 357.728477] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 357.734431] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 357.739860] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 357.744869] ? __lockdep_init_map+0x100/0x560 [ 357.749367] ? __lockdep_init_map+0x100/0x560 [ 357.753847] mount_fs+0x92/0x2a0 [ 357.757194] vfs_kern_mount.part.0+0x5b/0x470 [ 357.761669] do_mount+0xe53/0x2a00 [ 357.765190] ? assoc_array_gc+0x1071/0x1110 [ 357.769489] ? retint_kernel+0x2d/0x2d [ 357.773354] ? copy_mount_string+0x40/0x40 [ 357.777617] ? __sanitizer_cov_trace_pc+0x46/0x50 [ 357.782442] ? copy_mount_options+0x1fa/0x2f0 [ 357.786962] ? copy_mnt_ns+0xa30/0xa30 [ 357.790833] SyS_mount+0xa8/0x120 [ 357.794264] ? copy_mnt_ns+0xa30/0xa30 [ 357.798139] do_syscall_64+0x1d5/0x640 [ 357.802016] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 357.807182] RIP: 0033:0x46090a [ 357.810353] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 357.818050] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 357.825315] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 357.832570] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 357.839817] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 357.847062] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 357.863717] audit: type=1804 audit(1606963433.292:174): pid=17795 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/268/cgroup.controllers" dev="sda1" ino=16499 res=1 [ 357.888460] audit: type=1804 audit(1606963433.302:175): pid=17834 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/268/cgroup.controllers" dev="sda1" ino=16499 res=1 02:43:55 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:55 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_BLANKSCREEN(r0, 0x541c, 0x0) 02:43:55 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000000000)="0ff3bcae26b3735e3968fcd8067e330a8bce57", 0x13) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:55 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:55 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:55 executing program 4 (fault-call:3 fault-nth:74): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:55 executing program 5: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x420241, 0x0) ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x0, 0x0, 0x0, 0x3}}) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) ioctl$SNDCTL_SEQ_PANIC(0xffffffffffffffff, 0x5111) 02:43:55 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000080)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x1000, 0xffff, 0x3ff}}) [ 360.090109] FAULT_INJECTION: forcing a failure. [ 360.090109] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.102038] CPU: 0 PID: 17850 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 360.109930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 02:43:55 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="a84ba8812d28e2b111137c099ee93e9c67ccf9a4e8189d6b39323ee995b7f7cc84b610b12390210ba278bd1295d216630f15d73a5626bb06902a33ef550db1c5fd3a1dd727907368bcab67208d5f3f20efa3c1d12d2f"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:55 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f0000000000)) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) setsockopt$SO_BINDTODEVICE_wg(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000380)='wg0\x00', 0x4) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/autofs\x00', 0x185000, 0x0) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000200)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r3, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}]}, 0x24}}, 0x40) sendfile(r2, r1, 0x0, 0x100000300) [ 360.109935] Call Trace: [ 360.109950] dump_stack+0x1b2/0x283 [ 360.109966] should_fail.cold+0x10a/0x154 [ 360.109981] __alloc_pages_nodemask+0x22c/0x2720 [ 360.109993] ? deref_stack_reg+0x124/0x1a0 [ 360.110005] ? __lock_acquire+0x5fc/0x3f20 [ 360.110016] ? unwind_next_frame+0xe54/0x17d0 02:43:55 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$cgroup_subtree(r2, &(0x7f00000000c0), 0x0) ioctl$ASHMEM_PURGE_ALL_CACHES(r2, 0x770a, 0x0) ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r2, 0xc0305616, &(0x7f0000000040)={0x0, {0xfffffff8, 0xe9}}) 02:43:55 executing program 4 (fault-call:3 fault-nth:75): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 360.110026] ? __save_stack_trace+0x63/0x160 [ 360.110033] ? deref_stack_reg+0x124/0x1a0 [ 360.110043] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 360.110051] ? trace_hardirqs_on+0x10/0x10 [ 360.110062] ? __lock_acquire+0x5fc/0x3f20 [ 360.110075] ? kernel_text_address+0xbd/0xf0 [ 360.110083] ? __kernel_text_address+0x9/0x30 [ 360.110092] ? unwind_get_return_address+0x51/0x90 [ 360.110101] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 360.110111] cache_grow_begin+0x8f/0x420 [ 360.110123] cache_alloc_refill+0x273/0x350 [ 360.110136] kmem_cache_alloc+0x333/0x3c0 [ 360.110147] getname_kernel+0x4e/0x340 [ 360.110156] kern_path+0x1b/0x40 [ 360.110166] lookup_bdev+0xc6/0x1c0 [ 360.110176] ? bd_acquire+0x440/0x440 [ 360.110186] blkdev_get_by_path+0x1b/0xa0 [ 360.110198] btrfs_get_bdev_and_sb+0x2f/0x2c0 [ 360.110210] __btrfs_open_devices+0x172/0xa30 [ 360.110225] ? find_device+0xf0/0xf0 [ 360.110235] ? btrfs_mount+0x9ee/0x1fe0 [ 360.110246] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 360.110258] btrfs_open_devices+0x98/0xb0 [ 360.110267] btrfs_mount+0xb24/0x1fe0 [ 360.110280] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 360.110297] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 360.110306] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 360.110315] ? __lockdep_init_map+0x100/0x560 [ 360.110323] ? __lockdep_init_map+0x100/0x560 [ 360.110332] mount_fs+0x92/0x2a0 [ 360.110344] vfs_kern_mount.part.0+0x5b/0x470 [ 360.110356] vfs_kern_mount+0x3c/0x60 [ 360.110366] btrfs_mount+0x42a/0x1fe0 [ 360.110377] ? lock_downgrade+0x740/0x740 [ 360.110386] ? _find_next_bit+0xdb/0x100 [ 360.110400] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 360.110418] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 360.110428] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 360.110437] ? __lockdep_init_map+0x100/0x560 [ 360.110446] ? __lockdep_init_map+0x100/0x560 [ 360.110455] mount_fs+0x92/0x2a0 [ 360.110467] vfs_kern_mount.part.0+0x5b/0x470 [ 360.110478] do_mount+0xe53/0x2a00 [ 360.110488] ? do_raw_spin_unlock+0x164/0x220 [ 360.110501] ? copy_mount_string+0x40/0x40 [ 360.110509] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 360.110519] ? copy_mnt_ns+0xa30/0xa30 [ 360.110529] ? copy_mount_options+0x1fa/0x2f0 [ 360.110537] ? copy_mnt_ns+0xa30/0xa30 [ 360.110547] SyS_mount+0xa8/0x120 [ 360.110555] ? copy_mnt_ns+0xa30/0xa30 [ 360.110575] do_syscall_64+0x1d5/0x640 [ 360.110594] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 360.110601] RIP: 0033:0x46090a [ 360.110606] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 360.110616] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 360.110622] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 360.110627] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 360.110632] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 360.110636] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 360.358792] FAULT_INJECTION: forcing a failure. [ 360.358792] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 360.358803] CPU: 1 PID: 17884 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 360.358809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 360.358813] Call Trace: [ 360.358828] dump_stack+0x1b2/0x283 [ 360.358843] should_fail.cold+0x10a/0x154 [ 360.358859] __alloc_pages_nodemask+0x22c/0x2720 [ 360.358871] ? deref_stack_reg+0x124/0x1a0 [ 360.358884] ? __lock_acquire+0x5fc/0x3f20 [ 360.358896] ? unwind_next_frame+0xe54/0x17d0 [ 360.358906] ? __save_stack_trace+0x63/0x160 [ 360.358914] ? deref_stack_reg+0x124/0x1a0 [ 360.358924] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 360.358934] ? trace_hardirqs_on+0x10/0x10 [ 360.358945] ? __lock_acquire+0x5fc/0x3f20 [ 360.358958] ? kernel_text_address+0xbd/0xf0 [ 360.358967] ? __kernel_text_address+0x9/0x30 [ 360.358976] ? unwind_get_return_address+0x51/0x90 [ 360.358986] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 360.358999] cache_grow_begin+0x8f/0x420 [ 360.359011] cache_alloc_refill+0x273/0x350 [ 360.359024] kmem_cache_alloc+0x333/0x3c0 [ 360.359034] getname_kernel+0x4e/0x340 [ 360.359043] kern_path+0x1b/0x40 [ 360.359054] lookup_bdev+0xc6/0x1c0 [ 360.359064] ? bd_acquire+0x440/0x440 [ 360.359076] blkdev_get_by_path+0x1b/0xa0 [ 360.359087] btrfs_get_bdev_and_sb+0x2f/0x2c0 [ 360.359099] __btrfs_open_devices+0x172/0xa30 [ 360.359115] ? find_device+0xf0/0xf0 [ 360.359124] ? btrfs_mount+0x9ee/0x1fe0 [ 360.359134] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 360.359147] btrfs_open_devices+0x98/0xb0 [ 360.359156] btrfs_mount+0xb24/0x1fe0 [ 360.359170] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 360.359187] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 360.359197] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 360.359209] ? __lockdep_init_map+0x100/0x560 [ 360.359217] ? __lockdep_init_map+0x100/0x560 [ 360.359226] mount_fs+0x92/0x2a0 [ 360.359238] vfs_kern_mount.part.0+0x5b/0x470 [ 360.359251] vfs_kern_mount+0x3c/0x60 [ 360.359262] btrfs_mount+0x42a/0x1fe0 [ 360.359273] ? lock_downgrade+0x740/0x740 [ 360.359285] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 360.359310] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 360.359319] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 360.359330] ? __lockdep_init_map+0x100/0x560 [ 360.359340] ? __lockdep_init_map+0x100/0x560 [ 360.359351] mount_fs+0x92/0x2a0 [ 360.359364] vfs_kern_mount.part.0+0x5b/0x470 [ 360.359375] do_mount+0xe53/0x2a00 [ 360.359387] ? do_raw_spin_unlock+0x164/0x220 [ 360.359398] ? copy_mount_string+0x40/0x40 [ 360.359408] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 360.359418] ? copy_mnt_ns+0xa30/0xa30 [ 360.359429] ? copy_mount_options+0x1fa/0x2f0 [ 360.359438] ? copy_mnt_ns+0xa30/0xa30 [ 360.359448] SyS_mount+0xa8/0x120 [ 360.359457] ? copy_mnt_ns+0xa30/0xa30 [ 360.359469] do_syscall_64+0x1d5/0x640 [ 360.359483] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 360.359491] RIP: 0033:0x46090a [ 360.359496] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 360.359507] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 360.359513] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 360.359519] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 360.359525] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 360.359531] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 360.395414] audit: type=1804 audit(1606963435.822:176): pid=17873 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir430928317/syzkaller.WSOdxw/419/cgroup.controllers" dev="sda1" ino=16131 res=1 [ 360.611764] audit: type=1804 audit(1606963436.042:177): pid=17864 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/269/cgroup.controllers" dev="sda1" ino=15811 res=1 [ 361.100498] audit: type=1804 audit(1606963436.242:178): pid=17848 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/269/cgroup.controllers" dev="sda1" ino=15811 res=1 02:43:58 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce868250", 0x41}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:43:58 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="5a3d439b6c1fadf3e3f4fbce70427362fa5b8bf994813d6867383fdb4e1bf9488bbd7315c0c59c70bbf316ccbee69b6787c7321fdb42bc9369fbc1d2f38c76bd3933f75019ed5d627c45688e2debba863d2e3041d1b308e90f99362d9b798954"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:58 executing program 4 (fault-call:3 fault-nth:76): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:58 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000080)) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3, 0x0, 0x1000, 0xffff, 0x3ff}}) 02:43:58 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="ec8ea79d106619c624c39b53000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a30"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:43:58 executing program 5: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="5b379263002749a8944135831ff8a82958387a79655256c4072d26867d"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:43:58 executing program 2: r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000040)="0657a1dd4860bda835b9721046fa95bfc6e545f90645350f6b2013f9a529afa2e4dd8981cb9745b7d6b0bc7dd3e11e5c418ae6069a3cf8e1a79dfec0b667894ceaf41e08cca9e144646cc617154f0b400d5a2c61d7511125b0e433dfff5ef7cf8bdb9e6a6896ec7d8da0c04da9138643e9c78bc4d9dbda63efd053ef7f8ffcf959ffe7433ae7a6fb7ee132cb83ea695d5e40ae9fcb7d360185b25f20d3cb75b6cdaf1b5820826e91e6", 0xa9) ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000000)={0x2, {0x3}}) 02:43:58 executing program 5: r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) keyctl$update(0x2, r0, 0x0, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYRESDEC=r0], 0x1}}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r1, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r3, r2, 0x0, 0x100000300) 02:43:58 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = syz_mount_image$afs(&(0x7f0000000000)='afs\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x8, &(0x7f00000014c0)=[{&(0x7f00000000c0)="1b33647bbc9774020bf90e49989f1fefc69bfc77234562d0", 0x18, 0x1ff}, {&(0x7f0000000100)="e4fff588b99e42a6f6e2029352fb4a887068aedb24f7a2c82497cca74bf312", 0x1f, 0x3}, {&(0x7f0000000140)="b3074db5f72516dd942753d52f0633c526c970763e25fb1fce2390156b383fddfcc8f7a25ff803cdb70dbf315713f839e9fede9f6742e989e05f8267c863ff2bbfbbffa1540ddcce830375d6c376b512489cdf6bb88b1f8c4cabd74d6fc41f3b9c741776a8028f5331b3e93e90bfdc6606", 0x71, 0x7}, {&(0x7f0000000380)="e2a1f0b8d772a08c1e08e2c51e09b3d0aee211595eed20bed2f3ee7fb2830caa5c06c4e72408ebb60494fe4e5dbf1d79965df0295af6f3c866f9ff960b68dbb13a0a3549fbf963de88fa9127a9c239be9efb1a6016657e3788e9eb0ebba24689ee98a7041dea148f7041c37e2e630c41a784cf111473f50055a203e4b87a3806b35d4efa15857cb53d706d7fe639e4e63d383d11596514b6fa961c865ab67d743bff", 0xa2, 0x20}, {&(0x7f0000000440)="453a7bd3b4d2335210c425805394acb3ee77985e91ce57af972bc009aae0c98408a3a151d0e0cd3dece7a52faf40788d702c7ec9b4229ca5f9838e94081b45e34822f3f89338f6acb7cbd31f6261f155cfb5186c0020fd709b56bb60fbe4c4e262b484c465f33d85591214b53bf93eb6d5a913058141f0567354b9791952533157e6ebc3e8f977ff0d72e17b0176ca316e0950d6e9377df857b0222913a4a8b59200072aaea4c780f2832ff0b3f77558f4a4ee2bc7eb8ab6a19e4596402d5dd0d41e54d874246822fcf42cc12e4db0b6164609a983b0fad326120457f6c36a400f0514458f50032db42dcc8d03a4c45441319523fc01719cb9cef0d917c2f4a5661ef9d66d3bd7fb0e44172566ee160ebe80e26e53d4b73247997ec4c2fa8a8eb681ca94a81a3ec05d724fb7ab72046151afee9463978ff424806016e2b78e2d8496425b5ddc7671d400b754bad18cbc216e1d13c7b6c90b17f00bb11c2a5894b4c8b8e6240de02ec8ae4ff44af9c3644aa49e0da5c476a44ebd123f75f7f8e00be385e18884b6c719e90acbc1b631bfe9e206770f93d0c56fd1921d18758e40da7198a4089c21bc88168d892f1dee266c1910a90d4f957f586423bb0fbcd93b76fd57bed9aafce3148fbe0368331cdc82572aff357ae94f4704e0e3c6c34bfe14d5648240e1a0242e1c06cdbdefc2004c78e1c67f9a854c28ae91ab15fd36ecfe036a53c2f81cd1b31e4c276201ad0360086583c505e2db18f958a796a7b2953d228d2315d8a3c847ba8e7e1965fd6f4730bad147066939d6e2ef05f51be083478b93d5d29bd5a14d8994161179d314873a13b7975d7397439895b75f3f2ad1f69d41d2e5fa08d9d03d705f46c8de460b4c274ab57bbc775988b8f9d4147ecb07ebf56fed7302628cf3ecc180ed84690c89ac3a03242ab04aa87e12e707997ae1dddb99af0540889142f1f47f0aca5ef6f3dd98c5050cbd124377886ef40050dbf0de769d4ad4ef926c1a5eb54e72afe48902d8ffca007038ce08d855bc6473c26d1b13f9ac7af6c22880e15a90f4ba0764ab4dbabedaf8d55045197166a4540053a28f6b471b78d0589e44a28b552a90ec2f323e4cafbe6ff8b48c55bfd18121b5e1d9a82d28ded045bb86f5465dc8dc46cc11d30fabc9db4b12844284a50c755c7649214a331e67a270f2a9b97021b5ddaf90d643388e6f3d62abd8051e3932811180f26f5982db5abdfba6764de952d80c95a69c2d50724e013359d15694c8d6e1d065f33c1ae9a940636cd975cf7bf68059077d6726e2ec09cf790e1b08ff4fe50a167996ffb001fc38e374c3bbe9fef0a350791157789cf30d1fd79e7f26aed901a5a534d46b6138c28132594af579fd843a14ef23aca4ac8f56ad2e7d926a6a8b5db6911a594299c98e877b4e56c9e52aa7ca72e9c854469857e8d1cf2ba009b3e9dc7b620e62da7536608c116e10fdb0de01c673ddf314ae007cc7cc28e8ab08dd3b30c34d2efb1cc0719b54d94bb51654927c6fe2b028814a4045719e40c90df27333d9e5e119d0730484f2855622f5e4a7975cccf84d86efe0a66e251f307189f315ecacbb65c4ac85087f429705d686d54b727b340253a3590c8a0ce0fc216d4965740b00cd1b9857409ec582a728d6ce2c12fdd8ae357f4c5dbd5a0fcb52f5dc1eb5af77021b484c22a34312077d678a11d99746b95b780e46b9592bd0d69e5952e195e9fb3ad5fd1eaacc4ef98e7d621c8e5d245b0dd600fe6036ebe9ebf73d767b1699662c7dda163b063ea46eb08767dcc2d85581d128025d2c31639530e752032cb948c5a22246c7c20938ceb9f5998da686eb486a36b168014d869bfab3f058dff852c9fd722cab552ac1abd3deab6891560651d924e55dc2f45faec3ce883f98629283123efb4cd64a8d83cbcc6b082a2bfa8b361859854627e58d3cff1f67b56b3cf011450a365b54526ebd38b285e46048ba837e0629342371ad03aeb41cb737bbf79a0021e8d1d8f1d031191240c01e850f9f3e64b6fa3bccc9730aed94b46dca58efef6e129a099fa2962e6b8df21223db20678655255493f9ecc00ced34554260d2c5f8989265c07773cbaac530961d550b2c92e780ad1f5e82b97c05389e87c8e64ccf7956b644f0685f6459672069df3a98e3168aec49bbe8468617debe1139f694e4eb5c1cd5b30e423fcb9f1fc7689d41a16d769c0ade73eeca05efdf496d7ac381a6e1ffd1c1afe9d69dfd8b87a8762bf0be16c0b61e6265f805ab2b2095d955733b27a71f067835b85093dffbe96be30e26eddffe7660472f7a6b04a131ebc329c79644d8c48f0373fd5bc9193d6dd811331f065d30aaeefcffb3e07d082c1fd2e075e939c53f801d97cde0b80538df72c0289ae5e34465f2f822d9eef9132431e90c1c31b1710b67b98c02f3ba38955e9332ca7b2995ab1a184958d7d06029e6c8ec2a2a19cf3832882137a8e5b9de4f04788f872ec0d840b6c6feb1b5ac4cca586928d5f62dafcc79dee6d3061544092a8822093acc861414d16a3bb12c5d3c27289169b045f9201e5d981a89473c4e3d162df3730c6124d4b49b5a9d65bceb6dbc6f2b88408f7c28294bec206d7824b791caeac9ff2665ed3763b805838d67f7fdbb2f66a5c941badd00adf1bddbb29f6d8a3d50edcb38e40adca49e0bb1abd12f25aeb76cf9d4d601564d0c689c2b2b151de0d2777f5c52f5ad9217b09984675ee0b2300e55578e55b931562d127d95d4d497fd94c8c0b6fa5f63ca44332c480ab61eb1b0b06e1c231d6425116da97711f2aa6eb090731c24c9f2050043ccb9e8853939624730ff7991135b4e67521aec5dd82ec88354eabfdd2e43e5dbc621dc6a5fb947d21901d44b0e51f41002c59436f249001a4381e7a93fc3f68357a43328c49f6838140626f4455c19b3b2617bbc8b567152e655739ff8ec4e3fd5e1a3d7a4663fb726556ad1f165c9f8a36c1bdbceae42bd95b4c6b013d36c3cf27a6ed6ba52286380cd0ea043f29e67a3f2e3467617ac2ce02078ee39a386a1c70ebc433d4b922c96d804d14442dfad1f216d3a0321a637fec4b54ac4c8cfea430d2ae7de90bc4e1d59de7d550942a0579a2714fe1495065a02ba754f0baba14da43cf3da10324c195395f549ceae535a1928092d7ef8e02bda21c54e50e83b343fbce9b63a71238ecee63e065fde1176ebc045b5e3275e47e4dff69a3f7a2147c804252318afe61a21cb78e36622579befbbc24ea31e3aca3bdac344227525f90ee2c6e7635468d3d083da6378595416896faf525a4b83505d5ffec4a685ff7b9e8ba6d55a8ea3da088c1b85b1cb9e434e702b06643f806dec531c879db294510d94f0d1fb5e0e37739b9ab7281776677b9c771087d93c77513849516f4fda8ecc834cf7bc11cd4a3eb8927781e0d4dfde3cafb74aadb7004b745e6eaaffcb1bdb9199c244b1225f2810a26b3141f3a2d4d814b0deb7223b54bd9782d997aa975556567aa4ddd7c0370367670ce75e40bb2e7a44c7db6b3123303a94558059248a3fd6c19a77cdb72c316ed1b7ed14664a5c9cbb2db9cd76837b7955b6f96278d4cb7276c3397eec9d9e114dc852f7b61c9c9c23b7e06f9c14802e42289a4fa0a6a6da74fe538d57ee583fe8568f1e9d0a008c3498f4c785f89976e063bb250dff0fa8e8b4a27c82c9ef725a130ed81a67fc64d59ddee38e99e6ba5f6a8c91bf20b8cfe44d3758814138616e7baeb459e543863ad216a18f1e1cdb5dadac6e1a9ba3611779bfed439e467da66a22013b09880fa3680ef823bddeb17fc5c1b5b582b6e016f601d30c6b1d65c438a3a23736b65f47050247d725d92475d76e336e10ab9367d84237ef4af4008921403b9c7a9bcc6e27d1bef739263d0bedaeaf6dfdfe6bc5d6f3724335f4757d73029f7b92c443f867d176926d77f536a1a2302190313b2c787cd7275501d183985750fda0e8ca860cca9481a613ed1cf9699f9bf31077ac5504fac3310acafdf17bf469c8afd3586ddf7e6779b4a790d191c45e59f3b7c6a6bc82956c37a0d6be753211cd45c48c0f12ea6061c08ab2d43556a01f8d207c8484f8045911ca2181c228817be30672038802945c047d83e3a1a8c33cab2bea8e3aea7213f98053b701c3f8894af6bb62fc104ba29d0b242b6a9ea0c7b05e6a320ce801afd963624a64040325adbc4555776ec05f88a50276ccf4b0cc27875ba51439ba73bf904d8c4ed5ae0b87bb1a4015b98927944670d9fbce0720c792897ff41bfcb0cc9dbfebc18d8da9adb5b6738df4bdb794631f7c3e1d7a0c2b8787aa8a309ea30fe22678954405faa4e119e39ab82be4ec84aa1a42eea553f7636e63e48acb850e7af90357aa5bca6d543f88c1361df46c9e1f7e4b9f7ea89f706dd03b96ab98e7865f7de5f70ebaf6afe48073320611e58d56cf21ee07dd40bb88c68eff87fe720d5204cceb723dbbb0d75df4200d858854f2bbd163ce27565705c690e0f0ed9cedd312013eb2c4c8e0c3de56c0e20b8adae40fdc0fc2083232aa5edf7ed93b14f71e330485069d2c85fc48159a82e76a38ceefdc2425bcf5910a7cadf8b0f9c1f620b12a26d9f35361597147a358d74e1d3ef9fb6970526d9e34da2e5858d0a53ab193db37d8902f6bfb977817d9db614b6380a17710438ac3acb746995fdb1c589bc21e7654316c738c89f1615677c784ba95ab0454b18d0cba5b1b890220e576a5ea55df684120658a4021dcc3f2c31967a8b2c5a75935332b32fa046b1269e912211ec63243eb97d73f47cd04228e1e2701ae07883ff6222861589b8807e26825ad201f8ff0a7c6c8525a0fa69aec8f06bba468df83b46806dc57b852175086466eb03a2c7dfbaec5e544f859a5942cbe65d65f98a67b8f867f60eb2c1aab60985942eedd07ccbf42bc4840e099c5c7cc5389a4a494bda80a80401af494b28cba91175e9f08c26895927e4155b57644d9c259ee62851f3df0945cbab75257a2d440bcf4f3bb48280131ea79fbf5dbca661b317cff88ef999d078079c7b33ec495c885a49dbdffcf18242607f9e8801fce68b7ce427bb8c818a0c3acd516081411096b5a10db6ca84ccf15a5b196665550a1b95dff30d4a9e57e5c1e8c8f8f82052935406e550feba7b927b8bcff768865513f99d35dca7342616fe5701305b596bc46b4012d210f06c219837f748c8c83689cc6738653162aacdd2695b515e5935e65ff324dd7f4f0c71275acbeb56f04910e2ee2cbee697f007cef91412bf4aaa45de51a8e566010fab267fd12a70230ba4849cb1dc35585d0bccf3f53a717cb993ffce25f459506fea14da07ce9a4478cf4e586f560c82e25726f2ff1a24a57db010cb22b65e21b46543fc5412c3cb1b14f7efc26eef286e0afc3b510ecfafd6aa138192b0debe2b2a2036131ec0db372ecaa61924f094cc61dd700badea1d0f98f90c295dc123a60441c832433460d0d72dcad7d7aa1827a276e7556d018e82bd991ed2f9bcf415d9635f9eedbf303a6a04584f918bca3ed538793d958114b84c793ca40d057fd33c3c65d3897c04a42c19a658f39db6b214c1ba464eb3177d847050794ecdd564c89a11858ce7d8e46240d5968810326ebcc7e8715a7c89122584071ce63c5a8c6ce80121f5f52f658abe52410b17fc169953a6fdf7acdb050d9d73a73e48ca7e0e0626a2be2aed36f011f7f97c74c725db6f365f0022f12f7c6206381a425ad721ecc15c31e61af2d3b99b32dbbeb627c32805971a2c495f49f2d86c9", 0x1000, 0x7}, {&(0x7f0000000240)="7ad7b94d860e45ccd7d4176c22cd969813bda79ecad08cb324fae49ccb08728c77feb86329e8f216e2d2cda6961afc6edbc60887c9016697f5a67bd26df42363502036341aa7d81addc939d6c2d65de938b271bb894b3e0383c831e0c9", 0x5d, 0x7}, {&(0x7f0000001440)="0253090f8208e9f8c0df98dc664ca8cab59dd176d23786aa81c7fdb10bba3bd331354735dc3dd15cb26a1530a8dbd4a6c3869262695428bc4ea4897efd9e0d19d1bb2b9d3c41a52718ac3f9318d4f60f3c0dad134620b741daec14affb6cfd364c174d5d8d890e39850676178011750c386e346d578bb81384d3", 0x7a, 0x2}, {&(0x7f00000001c0)="26a9ec51ea24252962af0d40b8c8050c125528098ecce514e42f920173d27fde", 0x20, 0x80}], 0x80040, &(0x7f0000001580)={[{@source={'source', 0x3d, '/-'}}, {@flock_local='flock=local'}, {@dyn='dyn'}, {@dyn='dyn'}, {@dyn='dyn'}], [{@smackfstransmute={'smackfstransmute', 0x3d, '/'}}, {@appraise_type='appraise_type=imasig'}, {@smackfsdef={'smackfsdef', 0x3d, '#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q'}}, {@obj_type={'obj_type', 0x3d, '#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q'}}, {@fsname={'fsname', 0x3d, '#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q'}}]}) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x5, 0x12, r1, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 363.142422] FAULT_INJECTION: forcing a failure. [ 363.142422] name failslab, interval 1, probability 0, space 0, times 0 [ 363.172657] audit: type=1804 audit(1606963438.603:179): pid=17910 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/270/cgroup.controllers" dev="sda1" ino=16338 res=1 [ 363.212778] CPU: 0 PID: 17914 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 363.220698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.230049] Call Trace: [ 363.232641] dump_stack+0x1b2/0x283 [ 363.236274] should_fail.cold+0x10a/0x154 [ 363.240436] should_failslab+0xd6/0x130 [ 363.244411] kmem_cache_alloc+0x28e/0x3c0 [ 363.248560] getname_kernel+0x4e/0x340 [ 363.252446] kern_path+0x1b/0x40 [ 363.255810] lookup_bdev+0xc6/0x1c0 [ 363.259436] ? bd_acquire+0x440/0x440 [ 363.263238] blkdev_get_by_path+0x1b/0xa0 [ 363.267384] btrfs_get_bdev_and_sb+0x2f/0x2c0 [ 363.271880] __btrfs_open_devices+0x172/0xa30 [ 363.276378] ? find_device+0xf0/0xf0 [ 363.280090] ? btrfs_mount+0x9ee/0x1fe0 [ 363.284068] btrfs_open_devices+0x98/0xb0 [ 363.288214] btrfs_mount+0xb24/0x1fe0 [ 363.292023] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 363.298036] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 363.303487] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 363.308501] ? __lockdep_init_map+0x100/0x560 [ 363.312992] ? __lockdep_init_map+0x100/0x560 [ 363.317487] mount_fs+0x92/0x2a0 [ 363.320856] vfs_kern_mount.part.0+0x5b/0x470 [ 363.325354] vfs_kern_mount+0x3c/0x60 [ 363.329153] btrfs_mount+0x42a/0x1fe0 [ 363.332962] ? lock_downgrade+0x740/0x740 [ 363.337110] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 363.343089] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 363.348541] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 363.353557] ? __lockdep_init_map+0x100/0x560 [ 363.358049] ? __lockdep_init_map+0x100/0x560 [ 363.362551] mount_fs+0x92/0x2a0 [ 363.365924] vfs_kern_mount.part.0+0x5b/0x470 [ 363.370424] do_mount+0xe53/0x2a00 [ 363.373969] ? copy_mount_string+0x40/0x40 [ 363.378200] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 363.383216] ? copy_mnt_ns+0xa30/0xa30 [ 363.387103] ? copy_mount_options+0x1fa/0x2f0 [ 363.391594] ? copy_mnt_ns+0xa30/0xa30 [ 363.395481] SyS_mount+0xa8/0x120 [ 363.398943] ? copy_mnt_ns+0xa30/0xa30 [ 363.402828] do_syscall_64+0x1d5/0x640 [ 363.406720] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 363.411904] RIP: 0033:0x46090a [ 363.415086] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 02:43:58 executing program 2: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = open(&(0x7f0000000040)='./file0\x00', 0x800, 0x94) r2 = semget(0x0, 0x2, 0x240) semctl$IPC_RMID(r2, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$RTC_RD_TIME(r4, 0x80247009, &(0x7f0000000100)) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x450800, 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="5c792ffb6cfd4b3a63283ef7eb1591dd97a9ee642554b963f48329b7424fa5b735bfd893dc9c489f865ccd5809bf345e3bf45c2d348b36bc84a190f0fae3065e156afbacc1eba68327de040d765a727f9f377e1872e7ef97217fea2a321aa4287d2b7697c8fc06a5601b42bf3a350afe982d3852559249e19a7bbf54d6d68552abd19c1aa0942872a5eec915d0eb6beb342531a94237361add4847c864b814c17e4ee2a3758daebd2982c21092d8d2152c3b24c4ea6eca144922d75e0d955cefbcaf03de175fe17295a7337bdf292095d9acfae54b89dd38f4aefb63bad82559fcb76b2ba70f19676ec5d9f6fe91845b2ec460c849e7ac0ee258e013a3c75169a37c46a6da3c31909329e9deb66439f37fba070b7022d1269271035fa3f3426b98818c86043e628246ed9b50d5ab5307d3546d7f81e9f459f3bea175116bf1a8266f4c78bad8c232"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000180)={0x3, 'veth1_to_bond\x00', {0x8}}) [ 363.415999] audit: type=1804 audit(1606963438.853:180): pid=17936 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir430928317/syzkaller.WSOdxw/421/cgroup.controllers" dev="sda1" ino=16483 res=1 [ 363.422783] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 363.422789] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 363.422794] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 363.422799] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 363.422804] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 363.483337] print_req_error: I/O error, dev loop1, sector 0 02:43:58 executing program 4 (fault-call:3 fault-nth:77): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:43:58 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = openat$mice(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/mice\x00', 0x0) write$dsp(r2, &(0x7f0000000180)="2c6516555a6ee1e38e15446763b43f44333823", 0x13) r3 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000240)='batadv\x00') sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x2c, r4, 0x2, 0x70bd29, 0x25dfdbfe, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x2}, @BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x38}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x1) getsockname$tipc(r3, &(0x7f0000000000)=@id, &(0x7f0000000040)=0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000100)=ANY=[@ANYBLOB="13895ce0aa0cc5d1cec1329455bbf9ec7c5830491afb802bb4177ed02a6c580fa55065674c6d0f6513655fc8dbe38e60576554f140f31ab5f9e6596d6a7273455d042e84ca5d90a242d8602d945077ac6a8b007bc1bc3a261fe7debc1632661ff77c2263eeddd610f018eb8c8ba141e8b697c12d41fa9b2f3037029aa5eea4"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 363.575154] FAULT_INJECTION: forcing a failure. [ 363.575154] name failslab, interval 1, probability 0, space 0, times 0 [ 363.588586] CPU: 1 PID: 17950 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 363.596489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 363.605841] Call Trace: [ 363.608434] dump_stack+0x1b2/0x283 [ 363.612071] should_fail.cold+0x10a/0x154 [ 363.616225] ? mempool_free+0x1d0/0x1d0 [ 363.620205] should_failslab+0xd6/0x130 [ 363.624201] kmem_cache_alloc+0x40/0x3c0 [ 363.628267] ? mempool_free+0x1d0/0x1d0 [ 363.632239] mempool_alloc+0x10e/0x2d0 [ 363.636132] ? remove_element.isra.0+0x1b0/0x1b0 [ 363.640892] ? mark_held_locks+0xa6/0xf0 [ 363.644954] ? __find_get_block+0x817/0xc40 [ 363.646010] audit: type=1804 audit(1606963438.963:181): pid=17922 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/270/cgroup.controllers" dev="sda1" ino=16338 res=1 [ 363.649303] bio_alloc_bioset+0x41b/0x830 [ 363.649316] ? bvec_alloc+0x2d0/0x2d0 [ 363.649329] ? __getblk_slow+0x57f/0x7a0 [ 363.683659] submit_bh_wbc+0xf5/0x6f0 [ 363.687444] __bread_gfp+0x11c/0x2e0 [ 363.691196] btrfs_read_dev_super+0x79/0x1f0 [ 363.695709] btrfs_get_bdev_and_sb+0xd3/0x2c0 [ 363.700196] __btrfs_open_devices+0x172/0xa30 [ 363.704711] ? find_device+0xf0/0xf0 [ 363.708411] ? btrfs_mount+0x9ee/0x1fe0 [ 363.712391] btrfs_open_devices+0x98/0xb0 [ 363.716527] btrfs_mount+0xb24/0x1fe0 [ 363.720307] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 363.726262] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 363.731689] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 363.736685] ? __lockdep_init_map+0x100/0x560 [ 363.741154] ? __lockdep_init_map+0x100/0x560 [ 363.745627] mount_fs+0x92/0x2a0 [ 363.748974] vfs_kern_mount.part.0+0x5b/0x470 [ 363.753447] vfs_kern_mount+0x3c/0x60 [ 363.757245] btrfs_mount+0x42a/0x1fe0 [ 363.761021] ? lock_downgrade+0x740/0x740 [ 363.765143] ? _find_next_bit+0xdb/0x100 [ 363.769178] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 363.775145] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 363.780581] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 363.785584] ? __lockdep_init_map+0x100/0x560 [ 363.790053] ? __lockdep_init_map+0x100/0x560 [ 363.794525] mount_fs+0x92/0x2a0 [ 363.797873] vfs_kern_mount.part.0+0x5b/0x470 [ 363.802348] do_mount+0xe53/0x2a00 [ 363.805869] ? retint_kernel+0x2d/0x2d [ 363.809737] ? copy_mount_string+0x40/0x40 [ 363.813949] ? copy_mount_options+0x185/0x2f0 [ 363.818440] ? copy_mount_options+0x197/0x2f0 [ 363.822910] ? copy_mount_options+0x1fa/0x2f0 [ 363.827380] ? copy_mnt_ns+0xa30/0xa30 [ 363.831245] SyS_mount+0xa8/0x120 [ 363.834674] ? copy_mnt_ns+0xa30/0xa30 [ 363.838542] do_syscall_64+0x1d5/0x640 [ 363.842410] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 363.847589] RIP: 0033:0x46090a [ 363.850766] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 363.858468] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 363.865715] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 363.872963] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 363.880235] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 363.887482] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:44:01 executing program 0: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x66, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb960b5e00b57f5afc611bd71606"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fce", 0x43}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:44:01 executing program 3: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) prctl$PR_CAP_AMBIENT(0x2f, 0x1, 0x15) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r2, r1, 0x0, 0x100000300) 02:44:01 executing program 2: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) r1 = open(&(0x7f0000000040)='./file0\x00', 0x800, 0x94) r2 = semget(0x0, 0x2, 0x240) semctl$IPC_RMID(r2, 0x0, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$RTC_RD_TIME(r4, 0x80247009, &(0x7f0000000100)) openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x450800, 0x0) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000380)=ANY=[@ANYBLOB="5c792ffb6cfd4b3a63283ef7eb1591dd97a9ee642554b963f48329b7424fa5b735bfd893dc9c489f865ccd5809bf345e3bf45c2d348b36bc84a190f0fae3065e156afbacc1eba68327de040d765a727f9f377e1872e7ef97217fea2a321aa4287d2b7697c8fc06a5601b42bf3a350afe982d3852559249e19a7bbf54d6d68552abd19c1aa0942872a5eec915d0eb6beb342531a94237361add4847c864b814c17e4ee2a3758daebd2982c21092d8d2152c3b24c4ea6eca144922d75e0d955cefbcaf03de175fe17295a7337bdf292095d9acfae54b89dd38f4aefb63bad82559fcb76b2ba70f19676ec5d9f6fe91845b2ec460c849e7ac0ee258e013a3c75169a37c46a6da3c31909329e9deb66439f37fba070b7022d1269271035fa3f3426b98818c86043e628246ed9b50d5ab5307d3546d7f81e9f459f3bea175116bf1a8266f4c78bad8c232"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000180)={0x3, 'veth1_to_bond\x00', {0x8}}) 02:44:01 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x801090, 0x0) 02:44:01 executing program 5: sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000000006c0000000000000000000a20000000000a01000000000000000000000000000900010073797a300000000038000000120a0102000000000000000000000000040004800900020002000000000000000900010073797a3000000000080003"], 0x1}}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000001880)={&(0x7f00000016c0)={0x20, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0xff}]}]}, 0x20}}, 0x0) sendmsg$TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r4, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x1c}}, 0x4000010) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040)='nl80211\x00') sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x1c, r6, 0x221, 0x0, 0x0, {{}, {@void, @val={0x8}, @void}}}, 0x1c}}, 0x0) sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, r6, 0x400, 0x70bd2a, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20040895}, 0x0) write$binfmt_script(r0, &(0x7f0000000100)=ANY=[], 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r8, r7, 0x0, 0x100000300) 02:44:01 executing program 4 (fault-call:3 fault-nth:78): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) [ 366.141503] FAULT_INJECTION: forcing a failure. [ 366.141503] name failslab, interval 1, probability 0, space 0, times 0 02:44:01 executing program 2: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() write$sndseq(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x5a, &(0x7f0000000340)="c4fe910c6786cec96ddb5322ad863ae8cb9b9d6c5b2821049d69d60a34ad866a422525ee105042f88d45e7886c0f2a93cd82682ce184dbd0f5ecb8a2ca2a6b7c896ce29e8f72ae59ed01040000d027f9851190fc934ff0f1bb96"}}], 0x1c) wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)}, {&(0x7f0000000000)="0832f497d38350418e4bb321019511dc5df26e9a0b7ecb6974f527cc14538d1efb1ffe03284f6d33265be9c604b293f20e96beeb2aa4c457ac37a3a3f1ce8682500fcecd80", 0x45}], 0x2, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x2) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 02:44:01 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="fd394a193cb7f51da8904a3eb03e1d60b48dac25f427"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) [ 366.181053] audit: type=1804 audit(1606963441.613:182): pid=17971 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.3" name="/root/syzkaller-testdir729457911/syzkaller.UnsC8x/271/cgroup.controllers" dev="sda1" ino=16721 res=1 [ 366.229150] CPU: 0 PID: 17970 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 366.237076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.246427] Call Trace: [ 366.249022] dump_stack+0x1b2/0x283 [ 366.252657] should_fail.cold+0x10a/0x154 [ 366.256813] should_failslab+0xd6/0x130 [ 366.260794] kmem_cache_alloc+0x28e/0x3c0 [ 366.264950] alloc_buffer_head+0x20/0x110 [ 366.269094] alloc_page_buffers+0xb3/0x1f0 [ 366.273333] __getblk_slow+0x2d6/0x7a0 [ 366.277225] __bread_gfp+0x206/0x2e0 [ 366.280939] btrfs_read_dev_super+0x79/0x1f0 [ 366.285351] btrfs_get_bdev_and_sb+0xd3/0x2c0 [ 366.289932] __btrfs_open_devices+0x172/0xa30 [ 366.294433] ? find_device+0xf0/0xf0 [ 366.298140] ? btrfs_mount+0x9ee/0x1fe0 [ 366.302114] btrfs_open_devices+0x98/0xb0 [ 366.306264] btrfs_mount+0xb24/0x1fe0 [ 366.310075] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 366.316058] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 366.321510] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.326534] ? __lockdep_init_map+0x100/0x560 [ 366.331027] ? __lockdep_init_map+0x100/0x560 [ 366.335522] mount_fs+0x92/0x2a0 [ 366.338900] vfs_kern_mount.part.0+0x5b/0x470 [ 366.343402] vfs_kern_mount+0x3c/0x60 [ 366.347206] btrfs_mount+0x42a/0x1fe0 [ 366.351009] ? lock_downgrade+0x740/0x740 [ 366.355167] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 366.361156] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 366.361490] audit: type=1804 audit(1606963441.773:183): pid=17995 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.5" name="/root/syzkaller-testdir430928317/syzkaller.WSOdxw/422/cgroup.controllers" dev="sda1" ino=17016 res=1 [ 366.388972] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.388986] ? __lockdep_init_map+0x100/0x560 [ 366.388995] ? __lockdep_init_map+0x100/0x560 [ 366.389006] mount_fs+0x92/0x2a0 [ 366.389019] vfs_kern_mount.part.0+0x5b/0x470 [ 366.389029] do_mount+0xe53/0x2a00 [ 366.389045] ? copy_mount_string+0x40/0x40 [ 366.389053] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.389062] ? copy_mnt_ns+0xa30/0xa30 [ 366.389072] ? copy_mount_options+0x1fa/0x2f0 [ 366.389080] ? copy_mnt_ns+0xa30/0xa30 [ 366.389090] SyS_mount+0xa8/0x120 [ 366.389098] ? copy_mnt_ns+0xa30/0xa30 [ 366.389109] do_syscall_64+0x1d5/0x640 [ 366.389124] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 366.389133] RIP: 0033:0x46090a [ 366.455384] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 366.463092] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 366.470361] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 366.477630] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 366.484990] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 02:44:01 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) r1 = pkey_alloc(0x0, 0x0) pkey_free(r1) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000140)=@sr0='/dev/sr0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x5010, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c00000091220956c4aeb818fbdba821d8e322785c0534de00c0c74897de01a541c8f0bf92d5cb77d101b8bfa65525c961886001b76c5ef77cf7821b4872c2f09fc44bbdfef8ae64de38a49b048cad00f2f038f34d1929626c11d8d3082b97efa03302ed24c8b9ed0fbebc9e7cb231cb8f95908793cd420dd532eaa2402eb5e6a59b7e9eeb901f4c272b793c6ec8b4582b98d9feabc4c784405e9a71f7c2e90c68f2929b61432ddca98112b8d67d3285f3e327524e77debb6f9850ed0cc15ee5d078f6f74267dae00cdd7a9c34107fc55ce5e23181cdbfad480b0ca918a936ababbe3c3c8abbfe48e58b346dbdfa9982a240261d1f6d477050fd21b81044541f83b0ec88554f35afefe320f456cf236cd521f197bb928d55a9f9e50f1ef3f59664a39eed91ca3bb3a0ca4c32808a83d1717de08de96446ee", @ANYRES16=0x0, @ANYBLOB="000425bd7000fedbdf250dd1000000080003", @ANYRES32=0x0, @ANYBLOB="08003200020000000500290000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0x4) [ 366.492264] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 02:44:02 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x10, &(0x7f00000000c0)=0xffffffff, 0x4) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="01010154a5e2cc8f4be4f3299cc3b5250000", @ANYRES16=r1, @ANYBLOB="20002dbd7000ffdbdf25010000001400068008000900550f000006000b000200000008000600000000003c0003800500ab94059c0aac290ac3816d080007000000060007004e23000008000500000000000800030001000000080003000100000005000800020017000600040002000000080005000100000038000180060004004e21000008000b0073697000070006006c6300000c000700140000000100000006000100020000000800080020000000a849f7bd02000000f3d9d1c681de9220a0ddfd1b8f6bda0979f540aa48afe1bf3825d63089ba0343dd0f0cd6fdc980b5e8655838c279396ce238f07f8d714232b9a00848070b01b68a2ca4f9301caf261e634e1fc63c67fe0409c5e7bd6b103051fa2bb63c6a76bca83aa03275c1700301ff0c952fdab906889620db15cf42b710f7b36ee9cb6d3c30f3bf56cb5efe21b6c5723593b7bcfb38e1ab3689bc39dd279f4f249264570f4449ab54bb04e4c152a232d1d58b7fe235c87e47041ee9bd8a"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d7}, 0x0) socket$packet(0x11, 0x2, 0x300) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) mount(&(0x7f0000000080), &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) 02:44:02 executing program 4 (fault-call:3 fault-nth:79): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="90e42e8500000000000000000000000000000000000000000000000000000000f90cac8b044b4fa88bee4b8d3da88dc2000001000000000001000000000000005f42485266535f4d07000000", 0x4c, 0x10000}], 0x0, &(0x7f0000000040)) 02:44:02 executing program 1: r0 = memfd_create(&(0x7f00000002c0)='#\'%nod%v\x00\x7f\xe5\xd0ql\x86\xc9\xe6\x14\x93\xb0\x7f_,y<~\xab\x84\x00\x00\x00\x00\x00\x00\x14}\n\x81\xc7\x85|oC\xca\v\xe3\xba]fn\r\xdf!\x94\x0f\xaf\xb7\x93\xe8\xb6\xc3N\x16&\xab\xf9{\xaf;\xcf\x8c\xa8\xb9\x06\xaf\xd0\xfb:\x90LNF\x13\x9f\xc2\xb7/1\xb9V\xf0*\xcb\xdc\x05n<\xcfi\x02=1\xda\"\xb3\xfe\xf3\x97\xd9\xa5b\xd4\x00Q$\xb2v\\\xa9\xcf*tw\x8a\n_)\x89A\x8f`R\x12zM\a\xc43\xd0d\xee\x13Q', 0x0) write(r0, &(0x7f0000002000)='/', 0x1) sendfile(r0, r0, &(0x7f0000000200), 0x87) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r0, 0x0) ioctl$CHAR_RAW_RRPART(0xffffffffffffffff, 0x125f, 0x0) mount(&(0x7f0000000000)=ANY=[@ANYBLOB="6f93fb9ff29047cdfba709cfff7f7fdad8"], &(0x7f0000000080)='.', 0x0, 0x5010, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={0x0, 0xc6, 0x5, 0x8}, &(0x7f0000000140)=0x10) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$BTRFS_IOC_BALANCE_CTL(0xffffffffffffffff, 0x40049421, 0x2) write$UHID_INPUT2(r4, &(0x7f00000000c0)={0xc, {0xa, "3442389c120dc4d1ac68"}}, 0x10) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x16, &(0x7f0000000040)={0x2, [0x8001, 0x1]}, 0x8) ioctl$SNDRV_PCM_IOCTL_STATUS32(r2, 0x806c4120, &(0x7f0000000180)) [ 366.688444] FAULT_INJECTION: forcing a failure. [ 366.688444] name failslab, interval 1, probability 0, space 0, times 0 [ 366.738341] CPU: 1 PID: 18017 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 366.746262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 366.755617] Call Trace: [ 366.758210] dump_stack+0x1b2/0x283 [ 366.761846] should_fail.cold+0x10a/0x154 [ 366.765992] should_failslab+0xd6/0x130 [ 366.769963] __kmalloc+0x2c1/0x400 [ 366.773502] ? bio_alloc_bioset+0x45f/0x830 [ 366.777821] bio_alloc_bioset+0x45f/0x830 [ 366.781970] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 366.787418] ? bvec_alloc+0x2d0/0x2d0 [ 366.791220] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.796240] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 366.801088] btrfs_alloc_device+0xbc/0x580 [ 366.805328] ? btrfs_finish_sprout+0x5e0/0x5e0 [ 366.809998] ? __kmalloc+0x3a4/0x400 [ 366.813717] ? __btrfs_close_devices+0x2f9/0xb20 [ 366.818478] __btrfs_close_devices+0x29f/0xb20 [ 366.823067] ? find_device+0xf0/0xf0 [ 366.826787] ? btrfs_alloc_device+0x580/0x580 [ 366.831299] btrfs_close_devices+0x24/0x140 [ 366.835634] btrfs_mount+0x1686/0x1fe0 [ 366.839534] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 366.845519] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 366.850986] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.856007] ? __lockdep_init_map+0x100/0x560 [ 366.860507] ? __lockdep_init_map+0x100/0x560 [ 366.866050] mount_fs+0x92/0x2a0 [ 366.869426] vfs_kern_mount.part.0+0x5b/0x470 [ 366.873930] vfs_kern_mount+0x3c/0x60 [ 366.877737] btrfs_mount+0x42a/0x1fe0 [ 366.881548] ? lock_downgrade+0x740/0x740 [ 366.885699] ? _find_next_bit+0xdb/0x100 [ 366.889769] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 366.895789] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 366.901769] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.906793] ? __lockdep_init_map+0x100/0x560 [ 366.911297] ? __lockdep_init_map+0x100/0x560 [ 366.915808] mount_fs+0x92/0x2a0 [ 366.919183] vfs_kern_mount.part.0+0x5b/0x470 [ 366.923685] do_mount+0xe53/0x2a00 [ 366.927231] ? do_raw_spin_unlock+0x164/0x220 [ 366.931732] ? copy_mount_string+0x40/0x40 [ 366.935975] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 366.940991] ? copy_mnt_ns+0xa30/0xa30 [ 366.944880] ? copy_mount_options+0x1fa/0x2f0 [ 366.949376] ? copy_mnt_ns+0xa30/0xa30 [ 366.953276] SyS_mount+0xa8/0x120 [ 366.956731] ? copy_mnt_ns+0xa30/0xa30 [ 366.960653] do_syscall_64+0x1d5/0x640 [ 366.964554] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 366.969750] RIP: 0033:0x46090a [ 366.972935] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 366.980642] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 366.987931] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 366.995202] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 367.002473] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 367.009745] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 367.018047] ------------[ cut here ]------------ [ 367.022813] kernel BUG at fs/btrfs/volumes.c:891! [ 367.027742] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 367.033094] Modules linked in: [ 367.036285] CPU: 1 PID: 18017 Comm: syz-executor.4 Not tainted 4.14.210-syzkaller #0 [ 367.044157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 367.053509] task: ffff888057ebc640 task.stack: ffff888062140000 [ 367.059567] RIP: 0010:__btrfs_close_devices+0x86d/0xb20 [ 367.064925] RSP: 0018:ffff888062147820 EFLAGS: 00010246 [ 367.070285] RAX: 0000000000040000 RBX: ffff88809139a040 RCX: ffffc9000a9b2000 [ 367.077551] RDX: 0000000000040000 RSI: ffffffff82ad6afd RDI: 0000000000000286 [ 367.084815] RBP: dffffc0000000000 R08: 0000000000000000 R09: 0000000000000000 [ 367.092078] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880aaa3bcc0 [ 367.099344] R13: ffff88809139a108 R14: fffffffffffffff4 R15: ffff88809fe7e480 [ 367.106610] FS: 00007fe4267ca700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 367.114826] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 367.120697] CR2: 0000000000749138 CR3: 00000000a9ed4000 CR4: 00000000001426e0 [ 367.127965] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 367.135229] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 367.142486] Call Trace: [ 367.145073] ? find_device+0xf0/0xf0 [ 367.148782] ? btrfs_alloc_device+0x580/0x580 [ 367.153274] btrfs_close_devices+0x24/0x140 [ 367.157590] btrfs_mount+0x1686/0x1fe0 [ 367.161474] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 367.167448] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 367.172894] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 367.177905] ? __lockdep_init_map+0x100/0x560 [ 367.182394] ? __lockdep_init_map+0x100/0x560 [ 367.186883] mount_fs+0x92/0x2a0 [ 367.190245] vfs_kern_mount.part.0+0x5b/0x470 [ 367.194740] vfs_kern_mount+0x3c/0x60 [ 367.198536] btrfs_mount+0x42a/0x1fe0 [ 367.202332] ? lock_downgrade+0x740/0x740 [ 367.206470] ? _find_next_bit+0xdb/0x100 [ 367.210532] ? btrfs_get_subvol_name_from_objectid+0x8b0/0x8b0 [ 367.216503] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 367.221947] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 367.226957] ? __lockdep_init_map+0x100/0x560 [ 367.231445] ? __lockdep_init_map+0x100/0x560 [ 367.236041] mount_fs+0x92/0x2a0 [ 367.239404] vfs_kern_mount.part.0+0x5b/0x470 [ 367.243892] do_mount+0xe53/0x2a00 [ 367.247426] ? do_raw_spin_unlock+0x164/0x220 [ 367.251918] ? copy_mount_string+0x40/0x40 [ 367.256147] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 367.261161] ? copy_mnt_ns+0xa30/0xa30 [ 367.265045] ? copy_mount_options+0x1fa/0x2f0 [ 367.269542] ? copy_mnt_ns+0xa30/0xa30 [ 367.273423] SyS_mount+0xa8/0x120 [ 367.276871] ? copy_mnt_ns+0xa30/0xa30 [ 367.280753] do_syscall_64+0x1d5/0x640 [ 367.284639] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 367.289819] RIP: 0033:0x46090a [ 367.292999] RSP: 002b:00007fe4267c9a88 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 367.300699] RAX: ffffffffffffffda RBX: 00007fe4267c9b20 RCX: 000000000046090a [ 367.307965] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007fe4267c9ae0 [ 367.315228] RBP: 00007fe4267c9ae0 R08: 00007fe4267c9b20 R09: 0000000020000000 [ 367.322490] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000020000000 [ 367.329753] R13: 0000000020000100 R14: 0000000020000200 R15: 0000000020000040 [ 367.337019] Code: ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e f0 01 00 00 48 8b 44 24 08 c7 80 10 01 00 00 00 00 00 00 e9 4f f8 ff ff e8 43 d4 a9 fe <0f> 0b e8 3c d4 a9 fe 0f 0b 48 89 cf e8 22 a4 d3 fe e9 19 f8 ff [ 367.356201] RIP: __btrfs_close_devices+0x86d/0xb20 RSP: ffff888062147820 [ 367.368278] ---[ end trace b0c9339ee03bfa49 ]--- [ 367.375014] Kernel panic - not syncing: Fatal exception [ 367.380886] Kernel Offset: disabled [ 367.384543] Rebooting in 86400 seconds..