20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c", 0x1000}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(r2, r1) [ 625.223189] FAULT_INJECTION: forcing a failure. [ 625.223189] name failslab, interval 1, probability 0, space 0, times 0 [ 625.234464] CPU: 0 PID: 6893 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 625.242777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 625.252297] Call Trace: [ 625.254888] dump_stack+0x1c9/0x2b4 [ 625.258511] ? dump_stack_print_info.cold.2+0x52/0x52 [ 625.263701] should_fail.cold.4+0xa/0x11 [ 625.267760] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 625.272859] ? __save_stack_trace+0x8d/0xf0 [ 625.277185] ? save_stack+0xa9/0xd0 [ 625.280806] ? save_stack+0x43/0xd0 [ 625.284451] ? __kasan_slab_free+0x11a/0x170 [ 625.288852] ? kasan_slab_free+0xe/0x10 [ 625.292823] ? kfree+0xd9/0x260 [ 625.296097] ? p9_client_create+0x7f5/0x16c9 [ 625.300502] ? v9fs_session_init+0x21a/0x1a80 [ 625.304990] ? v9fs_mount+0x7c/0x900 [ 625.308701] ? legacy_get_tree+0x118/0x440 [ 625.312929] ? vfs_get_tree+0x1cb/0x5c0 [ 625.316895] ? do_mount+0x6c1/0x1fb0 [ 625.320600] ? ksys_mount+0x12d/0x140 [ 625.324392] ? __x64_sys_mount+0xbe/0x150 [ 625.328538] ? lock_acquire+0x1e4/0x540 [ 625.332514] ? fs_reclaim_acquire+0x20/0x20 [ 625.336830] ? lock_downgrade+0x8f0/0x8f0 [ 625.340979] ? check_same_owner+0x340/0x340 [ 625.345296] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 625.350394] ? rcu_note_context_switch+0x730/0x730 [ 625.355319] __should_failslab+0x124/0x180 [ 625.359551] should_failslab+0x9/0x14 [ 625.363345] kmem_cache_alloc_trace+0x2cb/0x780 [ 625.368027] ? __kasan_slab_free+0x131/0x170 [ 625.372435] p9_idpool_create+0x42/0x120 [ 625.376490] p9_client_create+0x87a/0x16c9 [ 625.380726] ? p9_client_read+0xc60/0xc60 [ 625.384873] ? kasan_check_read+0x11/0x20 [ 625.389021] ? lock_acquire+0x1e4/0x540 [ 625.392988] ? fs_reclaim_acquire+0x20/0x20 [ 625.397306] ? lock_release+0xa30/0xa30 [ 625.401276] ? __lockdep_init_map+0x105/0x590 [ 625.405771] ? kasan_check_write+0x14/0x20 [ 625.410748] ? __init_rwsem+0x1cc/0x2a0 [ 625.414720] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 625.419735] ? __kmalloc_track_caller+0x311/0x760 [ 625.424569] ? save_stack+0xa9/0xd0 [ 625.428191] ? save_stack+0x43/0xd0 [ 625.431815] ? kasan_kmalloc+0xc4/0xe0 [ 625.435696] ? kmem_cache_alloc_trace+0x152/0x780 [ 625.440530] ? memcpy+0x45/0x50 [ 625.443808] v9fs_session_init+0x21a/0x1a80 [ 625.448125] ? rcu_note_context_switch+0x730/0x730 [ 625.453048] ? do_mount+0x69e/0x1fb0 [ 625.456756] ? lock_acquire+0x1e4/0x540 [ 625.460731] ? v9fs_show_options+0x7e0/0x7e0 [ 625.465137] ? lock_release+0xa30/0xa30 [ 625.469106] ? check_same_owner+0x340/0x340 [ 625.473425] ? kasan_unpoison_shadow+0x35/0x50 [ 625.478000] ? kasan_kmalloc+0xc4/0xe0 [ 625.481883] ? kmem_cache_alloc_trace+0x318/0x780 [ 625.486718] ? kasan_unpoison_shadow+0x35/0x50 [ 625.491305] ? kasan_kmalloc+0xc4/0xe0 [ 625.495189] v9fs_mount+0x7c/0x900 [ 625.498724] ? v9fs_drop_inode+0x150/0x150 [ 625.502953] legacy_get_tree+0x118/0x440 [ 625.507011] vfs_get_tree+0x1cb/0x5c0 [ 625.510807] do_mount+0x6c1/0x1fb0 [ 625.514343] ? kasan_check_read+0x11/0x20 [ 625.518486] ? do_raw_spin_unlock+0xa7/0x2f0 [ 625.522892] ? copy_mount_string+0x40/0x40 [ 625.527123] ? kasan_kmalloc+0xc4/0xe0 [ 625.531005] ? kmem_cache_alloc_trace+0x318/0x780 [ 625.535853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 625.541382] ? copy_mount_options+0x285/0x380 [ 625.545876] ksys_mount+0x12d/0x140 [ 625.549497] __x64_sys_mount+0xbe/0x150 [ 625.553466] do_syscall_64+0x1b9/0x820 [ 625.557349] ? syscall_return_slowpath+0x5e0/0x5e0 [ 625.562272] ? syscall_return_slowpath+0x31d/0x5e0 [ 625.567194] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 625.572202] ? prepare_exit_to_usermode+0x291/0x3b0 [ 625.577210] ? perf_trace_sys_enter+0xb10/0xb10 [ 625.581872] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 625.586709] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 625.591887] RIP: 0033:0x455e29 [ 625.595064] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 625.614325] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:46:06 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x2000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:06 executing program 6 (fault-call:7 fault-nth:18): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 625.622024] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 625.629284] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 625.636542] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 625.643820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 625.651097] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000011 02:46:06 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1f000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:06 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x9000000}}], 0x1, 0x0) 02:46:07 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970db", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:07 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c", 0x1000}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(r2, r1) 02:46:07 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:07 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xfeffffff, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 625.972873] FAULT_INJECTION: forcing a failure. [ 625.972873] name failslab, interval 1, probability 0, space 0, times 0 [ 625.984164] CPU: 0 PID: 6920 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 625.992478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 626.001829] Call Trace: [ 626.004415] dump_stack+0x1c9/0x2b4 [ 626.008040] ? dump_stack_print_info.cold.2+0x52/0x52 [ 626.013230] ? kfree+0xd9/0x260 [ 626.016506] ? parse_opts+0x3b8/0x500 [ 626.020307] ? p9_fd_create+0x8b/0x3f0 [ 626.024191] ? p9_client_create+0x915/0x16c9 [ 626.028600] ? v9fs_mount+0x7c/0x900 [ 626.032311] should_fail.cold.4+0xa/0x11 [ 626.036369] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 626.041469] ? kasan_check_write+0x14/0x20 [ 626.045702] ? do_raw_spin_lock+0xc1/0x200 [ 626.049933] ? trace_hardirqs_off+0xd/0x10 [ 626.054165] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 626.059269] ? trace_hardirqs_off+0xd/0x10 [ 626.063500] ? quarantine_put+0x10d/0x1b0 [ 626.067646] ? lock_acquire+0x1e4/0x540 [ 626.071613] ? fs_reclaim_acquire+0x20/0x20 [ 626.075928] ? lock_downgrade+0x8f0/0x8f0 [ 626.080080] ? check_same_owner+0x340/0x340 [ 626.084398] ? p9_fd_poll+0x2b0/0x2b0 [ 626.088191] ? rcu_note_context_switch+0x730/0x730 [ 626.093121] __should_failslab+0x124/0x180 [ 626.097356] should_failslab+0x9/0x14 [ 626.101149] kmem_cache_alloc_trace+0x2cb/0x780 [ 626.105821] ? kasan_unpoison_shadow+0x35/0x50 [ 626.110401] ? kasan_kmalloc+0xc4/0xe0 [ 626.114290] p9_fd_create+0x1a7/0x3f0 [ 626.118085] ? p9_fd_show_options+0x1c0/0x1c0 [ 626.122575] ? __raw_spin_lock_init+0x2d/0x100 [ 626.127153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 626.132689] p9_client_create+0x915/0x16c9 [ 626.136926] ? p9_client_read+0xc60/0xc60 [ 626.141072] ? kasan_check_read+0x11/0x20 [ 626.145222] ? lock_acquire+0x1e4/0x540 [ 626.149192] ? fs_reclaim_acquire+0x20/0x20 [ 626.153514] ? lock_release+0xa30/0xa30 [ 626.157484] ? __lockdep_init_map+0x105/0x590 [ 626.161982] ? kasan_check_write+0x14/0x20 [ 626.166210] ? __init_rwsem+0x1cc/0x2a0 [ 626.170177] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 626.175191] ? __kmalloc_track_caller+0x311/0x760 [ 626.180027] ? save_stack+0xa9/0xd0 [ 626.183648] ? save_stack+0x43/0xd0 [ 626.187275] ? kasan_kmalloc+0xc4/0xe0 [ 626.191159] ? kmem_cache_alloc_trace+0x152/0x780 [ 626.195998] ? memcpy+0x45/0x50 [ 626.199275] v9fs_session_init+0x21a/0x1a80 [ 626.203589] ? rcu_note_context_switch+0x730/0x730 [ 626.208518] ? do_mount+0x69e/0x1fb0 [ 626.212231] ? lock_acquire+0x1e4/0x540 [ 626.216213] ? v9fs_show_options+0x7e0/0x7e0 [ 626.220616] ? lock_release+0xa30/0xa30 [ 626.224585] ? check_same_owner+0x340/0x340 [ 626.228909] ? lock_downgrade+0x8f0/0x8f0 [ 626.233057] ? kasan_unpoison_shadow+0x35/0x50 [ 626.237633] ? kasan_kmalloc+0xc4/0xe0 [ 626.241517] ? kmem_cache_alloc_trace+0x318/0x780 [ 626.246355] ? kasan_unpoison_shadow+0x35/0x50 [ 626.250931] ? kasan_kmalloc+0xc4/0xe0 [ 626.254812] v9fs_mount+0x7c/0x900 [ 626.258354] ? v9fs_drop_inode+0x150/0x150 [ 626.262585] legacy_get_tree+0x118/0x440 [ 626.266645] vfs_get_tree+0x1cb/0x5c0 [ 626.270439] do_mount+0x6c1/0x1fb0 [ 626.273973] ? check_same_owner+0x340/0x340 [ 626.278307] ? lock_release+0xa30/0xa30 [ 626.282281] ? copy_mount_string+0x40/0x40 [ 626.286510] ? kasan_kmalloc+0xc4/0xe0 [ 626.290397] ? kmem_cache_alloc_trace+0x318/0x780 [ 626.295236] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 626.300768] ? _copy_from_user+0xdf/0x150 [ 626.304918] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 626.310448] ? copy_mount_options+0x285/0x380 [ 626.314938] ksys_mount+0x12d/0x140 [ 626.318564] __x64_sys_mount+0xbe/0x150 [ 626.322538] do_syscall_64+0x1b9/0x820 [ 626.326418] ? finish_task_switch+0x1d3/0x870 [ 626.330910] ? syscall_return_slowpath+0x5e0/0x5e0 [ 626.335834] ? syscall_return_slowpath+0x31d/0x5e0 [ 626.340759] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 626.345777] ? prepare_exit_to_usermode+0x291/0x3b0 [ 626.350796] ? perf_trace_sys_enter+0xb10/0xb10 [ 626.355464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 626.360305] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 626.365485] RIP: 0033:0x455e29 [ 626.368660] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 626.387931] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 626.395636] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 626.402906] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 626.410171] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 626.417433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:07 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) set_mempolicy(0x4003, &(0x7f00000002c0)=0x1f, 0xfffffffffffffbff) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) r2 = request_key(&(0x7f0000000780)='asymmetric\x00', &(0x7f00000007c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000800)='nointegrity', 0xfffffffffffffffe) keyctl$restrict_keyring(0x1d, r2, &(0x7f00000008c0)='cifs.spnego\x00', &(0x7f0000001940)='eth0\x00') write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x9, 0x1f, 0x5, 0x3, 0x8}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) syz_mount_image$jfs(&(0x7f0000000300)='jfs\x00', &(0x7f0000000380)='./file0\x00', 0xffffffffffff8001, 0x4, &(0x7f00000006c0)=[{&(0x7f0000000480)="1d6809abea61d363fde1c9caccb6cf5f0d05001bcc7242129e1e119df8ad3cc61d22fcad2f6a0771b16dcccc0be0d4e347367d08b62c600eefa75a812ce25efbabd5e885790d36a039056c58bc9f1f90714226e1de52fc05638f9992a8b8c4d831a39d1e0089d9637c04dbe8469d9c0082b62d29f52d392f66bfbce2363ec399433fe11823cdc313e159f32a5c57a086384481a376b117d70a97939408a74cff1ada740cfa60a02c824f892e59f4c43dcbdf29ec5a96c33b2d410dca7fde4ed8597fe876d13c5a6233bcbffd1674a05fd7781dceb0492f314c4f", 0xda, 0x8}, {&(0x7f0000000580)="8c4374fe605416b2faab77c59fb65095fe9abad192d2626e86bf634907d50c330a74d11c45ddec5bb3927b976988bab888e955188b04e163e41386b6f89122859b580292862b06562aee0c519e69f6b012e05f3fc5f789222f66cb9ad3f0c6b92317522159a54f6d9cf238e9f56ac3c42e86dfe722a0b53d3dc07183106e985da2c3c3029c2f416a4057e10c9ca1e6c8444ceaee4ccf7d794753d5e5837ff721302b849d1e7fc8", 0xa7, 0x6b}, {&(0x7f0000000940)="d8a1d9f8f3ab98b1dc68de93e72c67ef1f02785b7649fadd60272456a554835489bca0aa92add5cf0ed91a514f8bc1df3e60efeb3efbd1498f7a16bb05195533430e25e8b40fe1c694d91e4c34bf650d6b0163007a8366af718a34a6e60a868919f356bef4e21f1c2750c6d93c9f9f7c8615468ca6e3294afc71caaa8edd9e2f483b3f1a126a84895c61876126aaf2d4844d371d9a3d838869736ca223cf953aa9a5e799ab86476d3c94ffa9f973fae7bf4f8df27a8185bed212bdbbc4d0a1fbe84d19acb9259426d06e0d70a011a844e12d3732ca49f503b21f078a3e3adfcda663a2df8f74df42e08851f4dab9d96803ea40fa195954402fe61320e1c558633f58ae343ac97f8db7e08b42a1a98551a8ae895e7201e139ebe2d53650874cf86162295a3ac8450041f0c1b6fe5e185b852d5abfaa1c87384c13b40398ed28c262f58e19e16c3400af4e37f8f143dcee7682ef3e0b81d3f4a8edcc48a88b5feb46b08307772c9b3eba081ec9ae8e5786a4f36863b854834c9f77daf4333163dd48653f33e73da765783e7f95296d2c7789c724b6eb4ec5e7bc192185789b4b51abfd6a05cee46db5d5b8133f0a009d3dc7ec1ae6f9ff9df968e70cc448afc48fe559095f844ce3f445917607c399ddd5065c1e35f19612f0d963eaa5da29cc61cdca8250bdce2a58e7c6a6be83d05c6469fe663466bb7b356cce95a39344af897be44a7fbf11e2777095b2adf3d28b118656abcf8ee019ec2aa91975370c6c4a802e8e708112b71f77ac545846be1fa99a25252cf7690aaf4098d2cd52a044e19fd218480c7a9a0080a0e8998617e549f28d792b3860346e3170c3fe204740b58f4f7be3e9a333af5d8681b474107a7feebf0cfa50720afc65de5fc31e32e2e042459dfb108d249225bac82a80f511a13d37517d2fb88636df8ef984ae7fa06f86afafd8c6cd145ac1da655544dda9b6530ffde5893493de3f0a5efa49918ab6311daa0fc9191cc54a2fc04963e82c4ba42ce5b043ad96e065103c05e561c82511457630a0761f6f5260c5114fccfe50ae05e81d8d415793cb5368c98d190a0509509711bbad29b7ca6b778e178d2b6ed808d6c40145d0b5892e51767e95cd735ea00364f52206e95b371ab986e0514e77b86159b97616693e7e369392258cc50c3d04b5a1d6aceb38928dac862b0948cce0cc31a260bbc9e793c0ca5ede7a24a2a1c1b4f5b7edeb4ebdb365a7a599e86419aeede5cbdd1e9232bcd13bc109dbe1171946c296724bed26945e21378d680e9d05471797c671a5dabd6017a8b77396cb5133ea63b936841687eac88b6d17f176edbb5a99c2bc488e230ee1a3c9ef67d617751125724de75dd30d88a0172fa99a8063634c66bb3d2524f37bc6c574b1e45fccedea130f1ee4a6667211d952ed35fb627f665ddc8873e53dac9b1eaa4e180ab601fbf62c4bdf9373ca2b56d2f22436911058a7919fd630c03edb1d11c8e2685b11e5391546ff3514105c6bd4d07dd5f4fb0813df4d46dcf4e352411f19fa081e27e4cffe30e43cba63ef89f5c473726b701c0b18b9cd3621f036b5842d17608c4385d72c5f9a41b49ceaf0017a4d714f940ea417956832ea7214f01917f28a30ff9cea54cae68b03905b6ba400074310b0cd46b3e4bff3e7ff66182c3b26e611c2b19846118d734478fcf2aa0110f789941ed2eba64815a7320841fd676c59d75f8d492043c942981f5c22b7ae73d167e71c22d72c4721f23f6b815a74469590f088df8b76054fa4e88c6803ac02618e857320f29d176954e5128060019d0ec22f93c11fb7edc9291b555271b94cfe94eb94d93537a9d9dd0555e188ef9c33ffaa2c1ef2c15f2093a86a26c13dad92ab09a7c59f2683041a76d9817d1947ae766a1b77654012572cc1e1a3ef240117965f7f779b5298aecad36df593455c842d1999d4d584315c4daf1ca58d8d04dc61d1133a615ab111c04a6a5d4fa17eb266729bf8004fb022b9cac36268d1784b43a7160628d201791e291c2178e105bce4e65cb87f45726c7a1308aee50d085888727d7b80dad258d223f320944cc2c4ec40810a21a859adbc4dcbf1a51716593fa33cacdb52009b7e59283704cec7b994fe59680ffec0a54329ccd490f87a8eac28b6f984653366664da000ffcffe364cf23eaaa509240231e0532a72d6ef58685bf25009aedafcaacde445b948d0c110ba5de2c1930ab7627e1d848a226fff974c10e85b18e5539b5a6edfd7a59c7a7f951cb6e384cce9772c502b6fb215a92dddc8f7ffd8264f04c8df8bf2082fb8189156acc37ae50c78f52940e7b77ced9486c12a74acb5f29a28cc2d6d6ff65fed470b29816090c5211cb63e2ecc7772ad6e857b45462ca4050c0ce37b62da9773277614360d0fbcdc0db311e6eb53712c01f275724c7b935db0c88ddcfc6d949b0d49aada1a1c86f4bc13f49be2bd1259fbe5999f89db4420d13de50998a14659db8d9177c1de032bd9c4cc380b12d86961450c4dcff2a7a4a942f90fb6de8b515ec1fd0b12d977de633f4b010fc687ca6ac42a50ed1fcc343a215191de30c7b8f5a41293d3f0721b07f09bf32c1938a82cdc340e08b5fdf6cdff78f9d1b700f0202b9c5e6167893c28c3728cda072bfff3b60f54fbed21cf8aacb02c0cc1d7d9c19ee8aeeda2506a591a50453e06c3a3ad6b8ce36d54c212ced7b22f83eb7c98c1a4b4ecd3cd489a054f8e6a1b01a169950daa4f0465ab3cfa9e3358757aeeddc9e5eabb579e5966e7affb077d7970f7f29f1266cfbbda8f4a024657426f818ac5d6c8faa3a9c8437956551be0d8cf66af47aa048b2bdcd15f1a629619942385f5f3e5e94fab940fe334a5b782e3e5ed6fe1b664793afc2c48fb3cae3ec7f6bfc61ac452bf3b6cbaad582706170f67fdcfd941d8dd6aac9ad284d497c4d4b3c84c74e6d3aa9bdc19002bc768a7386f6af4a18065936e6fcb443ff46abbe6ad370294ec33cfadf826c2a1907073606429a71ab00292c7ced7dc28c2418a10531e3e9d5b1979fd1e0122b41e861c652933cb11a89689e94d1d4f9ed39915ff167d01902d1fee24b6412f5261d49f8382c9a9a9ffccd12668a309e5263407958037854cf12f1ceedcd78c250de66e1fa8cba6c1e5c3e1a7a2214572a204363691024d9f628d4bdb34d0b98ae9fed43003074bf04a75af9543f10fa6c3c51140c51671d8c90b95514cf8879e492f0d8c42920a70392b16f4b1a01bc6b0089119570d648317c37335170adf5ae12702aff4f8b13b8c11ce53981d833a352473abab744779b45bf4645f68aec61fb755d72eaeade6146faeefbbad57e6345f09ed924af786194143979a498f1078007c94500f7c0fe1bb257752a269bcb1474effb1c3eaa425c2db09a63116282ad10812dbbee269ee4938453158237445fdb6e31d1fd8dea57b87fb05540eea9200b24ea8435a359e35d5eb1a8341a74c338c9f73a2f5450860335b6290667c71013b329574ee95a0ec1c3dbe66843d521aa746f9696a8e6fd2663211fc3b96b8e00afada3e6ed982cfe10eed03a76bb96dea51c9c5abffdc1d42f83049409d11dec7b3a95b231c28cd70418d4696bbf7beaafb6a0b78f52b90ca6f5a985017ce2e8102114aac76eae67f4ec4620d26b22396833ab9ce7a3630ba96961173d95615fd43125abcf27e3f87d135be83115c394b785c23a292cf631b42ff9fe1fd9db643eeda012cadea927c40c3e344ccbfb6c7735316294062a1f69232fffb91c3c856b6fd809d2b7c022c87a478b5ebc0eea6bbda2732c93c98e5145e3284eadcec35254d12c1584339eaf6c7499302554ee65f85aad746696ee3cd12dd25d117c094f1c91abca5479a2801323fb928bdfb128f50d4114aae19e93b3fe01aa3c36e7fd079c57b1225f9bcb34f609b0f2fcddf2178dbcf9bf971f3974f1d55093f59f16c1b726eabcbad44aa9c3a2e67d1187448eb2fa7144c44bc4d191a6ca4a166de52c710cc5eb90d376c909f0bf21b046413045ee90f0435c2b41e7decf72586549a8a85a919efe5c6fe88a5b8379e6756c359833285fd1391d3c9bd5dcd406ac68e0b6693dbbee558cde31b6691052fd09afb3f8544715ec7944ba33d25f3c166bc6b0452b65130f58fb0b53a30b53774012a44f9518771668cf0533fd5a215c5d46a880d4739ea88a1c1b518b94ae6d9c8704498da9987d0843f575a0b03d1e2366e01bab9028fe535707b99d61866c045b4b3bfe16823a4ce334868e3fac60eed4e333dff94e65f1b9463555fa07a519df052a3208eacf4c1085e4b2d0fe11c8764d2116dd0ce5c0e1b90c4a23cccf9650f10b7770cff08a73b02b69f680d4b0abcd9c4470169827ab39d57bfbe48acd7bb329f3c301f404969cc35c3d226ff3f5272386cdfe544b0b7c5e8a6650fd81d5f3685863731ddf747c843ca16651bff1e7da05a536e551f1a6078548cea653099845cbf6b8855b265333234bf8631e1e4a8b66f2bf1ac8cf658c9ef488a45a0753a7f88e70bc78ba1238e9046b37a865be63778910e429c4a74649b0eee8e22f70c1bddaa542d8741a3b2b66f8dd5b4c99df2836c16c79467832319c2cb45354c98421c5af92117356c0d5c9f6f1cbdc651df3ce494ab4847e83428d1a082e91481fd799879fabd4d194e314cd6a09fafb1aae65978a3bb0a9c60a07cf541a1323c197bdcb49c6feb4162dc62d0bdc280cbb6ff1135013ae6f42b749b7a9d9cdecd247261eaa4c25bce401b2d3e19269c3645c435edd38faa04db6591b247771a210e32ddd37d94cd0dce28ff567cf38fcee250337bdc7932753014e38bae062fc592ec9f0fbc6e39870519ba6a3c2d4066e215cda3f5e55271264e3924993640cdb8baa5eea6cb09e250ef769d24cf261f536e6dae094f31595b2df79c76d30a8e6c358b22e10c59a841a405d47c9a898be7dac3022111a2a734b7e54027d1f44fe264e134aa1237a5a916db2987b03a9f4e934d4f88d1cd6f9dc39313714702c0a366ae4b209c9b86bed73e9775ec7122c83664211bbc7365d29817269e10e3488b436d29fce31264a764725e2cb0a3edf51b0ac1ea0dea85177a422316717540ad1f22b50434834ed7263baa68ebd01ccdb859c0053926b02ee1957fdb09784057d3712aafdbeef531eb46ae3aac4a2c8fde003ae1982591b00bf4f8bc8b044745ef503c23187ce91598212e956ae0f40d9355228a6f0b9146c3626741f85fe0a213350dec5eb28835f8743963eba9783a979fea9e5d90f289b5fe4fba8406aba58ba04ba6511875247193139c9451aae9bfa3e041fc6dd2fdcd8f6b04161ee54b536318b58744d5dcf43e17210b79aabf0d558ec0a06b0195f1a120c9fcebb927369f14db29f55cffe3760d99cc2e39383474f0e86b110022ccc5ccb96df98d00738b92a85c5f261c4225ecdb68aed6cbf85a35bd6467357e6a2fb7937949e50a50152cd91f79f7e1b6ea5fe0dcc2547c92b4cefe4b1db777a9c7bd937d6cce966531537e535274e27ab7351e8bba2227b04b15e5ba774f96ade188506de864a76b939da9cdd9876d13dcb1ba3d56bb4656245176090da85eb113bfcb743704676e7dfae5e53e4cac74017b8ede2fa5a4d800099d96638eedc6abbcb07e0db7ab186a1c7f6b6b5f1a890c7a424a52e9fcd8077dc5d8c7488907fc4119cc59e39788cf5f4f7b8372ecb838cc99457c00fb18f758fe07f96b231519d84e61d9326465fbfb59ca83bbf00b8fc5f0ef1b3f2894e4a8630d835089f780ec", 0x1000, 0x7fffffff}, {&(0x7f0000000640)="fd421453a428a1426742f8e167c375aca34b0394de01824cbecfb8903aad2d0448f50a104c5993b668ce18987957a09dfda68e16ba75ca5ba6e39d66bb2addd56a9ad2db8eb5413ca9059f3404fb864c10f1b9240cf9", 0x56, 0x9}], 0x80, &(0x7f0000000740)={[{@umask={'umask', 0x3d, [0x3f, 0x7f, 0x78, 0x32, 0x34, 0x2d, 0x0, 0x30, 0x0]}, 0x2c}, {@nointegrity='nointegrity', 0x2c}, {@nodiscard='nodiscard', 0x2c}, {@errors_continue='errors=continue', 0x2c}]}) 02:46:07 executing program 6 (fault-call:7 fault-nth:19): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:07 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xf401}}], 0x1, 0x0) [ 626.424695] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000012 02:46:07 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff07, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:07 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0x0, 0x1, 0x0) dup2(r3, r2) dup2(r2, r1) 02:46:07 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe803}}], 0x1, 0x0) 02:46:07 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:07 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfffffffe, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:07 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x2, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 626.750873] jfs: Unrecognized mount option "umask=?x24-" or missing value [ 626.758994] FAULT_INJECTION: forcing a failure. [ 626.758994] name failslab, interval 1, probability 0, space 0, times 0 [ 626.770469] CPU: 0 PID: 6947 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 626.778784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 626.788130] Call Trace: [ 626.790720] dump_stack+0x1c9/0x2b4 [ 626.794353] ? dump_stack_print_info.cold.2+0x52/0x52 [ 626.799544] should_fail.cold.4+0xa/0x11 [ 626.803603] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 626.808704] ? lock_acquire+0x1e4/0x540 [ 626.812673] ? is_bpf_text_address+0xae/0x170 [ 626.817163] ? lock_downgrade+0x8f0/0x8f0 [ 626.821312] ? lock_release+0xa30/0xa30 [ 626.825286] ? kasan_check_read+0x11/0x20 [ 626.829437] ? rcu_is_watching+0x8c/0x150 [ 626.833595] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 626.838261] ? lock_acquire+0x1e4/0x540 [ 626.842230] ? fs_reclaim_acquire+0x20/0x20 [ 626.846550] ? lock_downgrade+0x8f0/0x8f0 [ 626.850694] ? __kernel_text_address+0xd/0x40 [ 626.855190] ? __save_stack_trace+0x8d/0xf0 [ 626.859510] ? check_same_owner+0x340/0x340 [ 626.863826] ? rcu_note_context_switch+0x730/0x730 [ 626.868755] __should_failslab+0x124/0x180 [ 626.872989] should_failslab+0x9/0x14 [ 626.876790] __kmalloc_track_caller+0x2c4/0x760 [ 626.881455] ? v9fs_session_init+0x21a/0x1a80 [ 626.885942] ? v9fs_mount+0x7c/0x900 [ 626.889652] ? legacy_get_tree+0x118/0x440 [ 626.893879] ? vfs_get_tree+0x1cb/0x5c0 [ 626.897846] ? do_mount+0x6c1/0x1fb0 [ 626.901553] ? ksys_mount+0x12d/0x140 [ 626.905344] ? __x64_sys_mount+0xbe/0x150 [ 626.909484] ? do_syscall_64+0x1b9/0x820 [ 626.913541] ? parse_opts+0x176/0x500 [ 626.917339] kstrdup+0x39/0x70 [ 626.920531] parse_opts+0x176/0x500 [ 626.924155] ? lock_acquire+0x1e4/0x540 [ 626.928135] ? p9_fd_poll+0x2b0/0x2b0 [ 626.931934] ? lock_downgrade+0x8f0/0x8f0 [ 626.936079] ? lock_release+0xa30/0xa30 [ 626.940051] ? check_same_owner+0x340/0x340 [ 626.944367] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 626.949471] ? kasan_unpoison_shadow+0x35/0x50 [ 626.954056] ? kasan_kmalloc+0xc4/0xe0 [ 626.957941] p9_fd_create+0x8b/0x3f0 [ 626.961656] ? p9_fd_show_options+0x1c0/0x1c0 [ 626.966158] ? __raw_spin_lock_init+0x2d/0x100 [ 626.970742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 626.976275] p9_client_create+0x915/0x16c9 [ 626.980511] ? p9_client_read+0xc60/0xc60 [ 626.984656] ? kasan_check_read+0x11/0x20 [ 626.988816] ? lock_acquire+0x1e4/0x540 [ 626.992783] ? fs_reclaim_acquire+0x20/0x20 [ 626.997102] ? lock_release+0xa30/0xa30 [ 627.001069] ? __lockdep_init_map+0x105/0x590 [ 627.005565] ? kasan_check_write+0x14/0x20 [ 627.009795] ? __init_rwsem+0x1cc/0x2a0 [ 627.013765] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 627.018776] ? __kmalloc_track_caller+0x311/0x760 [ 627.023612] ? save_stack+0xa9/0xd0 [ 627.027245] ? save_stack+0x43/0xd0 [ 627.030866] ? kasan_kmalloc+0xc4/0xe0 [ 627.034747] ? kmem_cache_alloc_trace+0x152/0x780 [ 627.039592] ? memcpy+0x45/0x50 [ 627.042874] v9fs_session_init+0x21a/0x1a80 [ 627.047191] ? rcu_note_context_switch+0x730/0x730 [ 627.052111] ? do_mount+0x69e/0x1fb0 [ 627.055826] ? lock_acquire+0x1e4/0x540 [ 627.059809] ? v9fs_show_options+0x7e0/0x7e0 [ 627.064213] ? lock_release+0xa30/0xa30 [ 627.068184] ? check_same_owner+0x340/0x340 [ 627.072510] ? kasan_unpoison_shadow+0x35/0x50 [ 627.077093] ? kasan_kmalloc+0xc4/0xe0 [ 627.080979] ? kmem_cache_alloc_trace+0x318/0x780 [ 627.085826] ? kasan_unpoison_shadow+0x35/0x50 [ 627.090406] ? kasan_kmalloc+0xc4/0xe0 [ 627.094292] v9fs_mount+0x7c/0x900 [ 627.097839] ? v9fs_drop_inode+0x150/0x150 [ 627.102071] legacy_get_tree+0x118/0x440 [ 627.106134] vfs_get_tree+0x1cb/0x5c0 [ 627.109931] do_mount+0x6c1/0x1fb0 [ 627.113471] ? kasan_check_write+0x14/0x20 [ 627.117699] ? copy_mount_string+0x40/0x40 [ 627.121935] ? kasan_kmalloc+0xc4/0xe0 [ 627.125820] ? kmem_cache_alloc_trace+0x318/0x780 [ 627.130658] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 627.136192] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 627.141724] ? copy_mount_options+0x285/0x380 [ 627.146213] ksys_mount+0x12d/0x140 [ 627.149838] __x64_sys_mount+0xbe/0x150 [ 627.153811] do_syscall_64+0x1b9/0x820 [ 627.157693] ? finish_task_switch+0x1d3/0x870 [ 627.162189] ? syscall_return_slowpath+0x5e0/0x5e0 [ 627.167113] ? syscall_return_slowpath+0x31d/0x5e0 [ 627.172036] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 627.177046] ? prepare_exit_to_usermode+0x291/0x3b0 [ 627.182057] ? perf_trace_sys_enter+0xb10/0xb10 [ 627.186726] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 627.191586] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 627.196770] RIP: 0033:0x455e29 [ 627.199948] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 627.219205] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 627.226909] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 627.234174] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 627.241443] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 02:46:08 executing program 6 (fault-call:7 fault-nth:20): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 627.248707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 627.255967] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000013 [ 627.263371] 9pnet: Insufficient options for proto=fd 02:46:08 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x22800, &(0x7f0000000640)=ANY=[@ANYBLOB="7472616e733d66642c72cec8e08afa7c82a7c21d0a1d66666e6f3d", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',cache=none,uname=wfdno,privport,version=9p2000,access=', @ANYRESDEC=r2, @ANYBLOB=',privport,\x00']) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) connect$unix(r0, &(0x7f00000005c0)=@file={0x0, './file0\x00'}, 0x6e) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 627.299502] jfs: Unrecognized mount option "umask=?x24-" or missing value 02:46:08 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfffffff6, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:08 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x7}}], 0x1, 0x0) 02:46:08 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xfffffffe, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:08 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11af6, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:08 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="39700e", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 627.589891] FAULT_INJECTION: forcing a failure. [ 627.589891] name failslab, interval 1, probability 0, space 0, times 0 [ 627.601154] CPU: 1 PID: 6973 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 627.609476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 627.618827] Call Trace: [ 627.621431] dump_stack+0x1c9/0x2b4 [ 627.625071] ? dump_stack_print_info.cold.2+0x52/0x52 [ 627.630273] ? __kernel_text_address+0xd/0x40 [ 627.634773] ? unwind_get_return_address+0x61/0xa0 [ 627.639716] should_fail.cold.4+0xa/0x11 [ 627.643786] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 627.648902] ? save_stack+0xa9/0xd0 [ 627.652533] ? save_stack+0x43/0xd0 [ 627.656165] ? kasan_kmalloc+0xc4/0xe0 [ 627.660055] ? kmem_cache_alloc_trace+0x152/0x780 [ 627.664903] ? p9_client_prepare_req.part.9+0x5f2/0xcd0 [ 627.670277] ? p9_client_rpc+0x1bd/0x1400 [ 627.674433] ? p9_client_create+0xd09/0x16c9 [ 627.678846] ? v9fs_mount+0x7c/0x900 [ 627.682566] ? legacy_get_tree+0x118/0x440 [ 627.686828] ? vfs_get_tree+0x1cb/0x5c0 [ 627.690893] ? do_mount+0x6c1/0x1fb0 [ 627.694613] ? ksys_mount+0x12d/0x140 [ 627.698423] ? __x64_sys_mount+0xbe/0x150 [ 627.702570] ? do_syscall_64+0x1b9/0x820 [ 627.706625] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 627.711987] ? __debug_object_init+0x581/0x12e0 [ 627.716665] ? lock_downgrade+0x8f0/0x8f0 [ 627.720813] ? lock_downgrade+0x8f0/0x8f0 [ 627.724959] ? kasan_check_read+0x11/0x20 [ 627.729109] ? do_raw_spin_unlock+0xa7/0x2f0 [ 627.733518] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 627.738097] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 627.742681] ? check_same_owner+0x340/0x340 [ 627.747001] ? p9_client_prepare_req.part.9+0x707/0xcd0 [ 627.752416] ? rcu_note_context_switch+0x730/0x730 [ 627.757351] ? kasan_unpoison_shadow+0x35/0x50 [ 627.761930] __should_failslab+0x124/0x180 [ 627.766169] should_failslab+0x9/0x14 [ 627.769970] kmem_cache_alloc_trace+0x2cb/0x780 [ 627.774636] ? kasan_check_write+0x14/0x20 [ 627.778871] ? do_raw_spin_lock+0xc1/0x200 [ 627.783109] p9_client_prepare_req.part.9+0x82a/0xcd0 [ 627.788302] ? p9_free_req.isra.8+0x140/0x140 [ 627.792797] ? __fget+0x4ac/0x740 [ 627.796249] ? p9_pollwait+0x83/0x230 [ 627.800049] ? p9_conn_create+0x730/0x730 [ 627.804198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 627.809738] p9_client_rpc+0x1bd/0x1400 [ 627.813708] ? p9_fd_poll+0x1e0/0x2b0 [ 627.817506] ? p9_conn_create+0x55b/0x730 [ 627.821654] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 627.827018] ? ksys_dup3+0x690/0x690 [ 627.830729] ? check_same_owner+0x340/0x340 [ 627.835054] ? p9_fd_poll+0x2b0/0x2b0 [ 627.838858] ? kasan_kmalloc+0xc4/0xe0 [ 627.842742] ? kasan_unpoison_shadow+0x35/0x50 [ 627.847327] ? p9_fd_show_options+0x1c0/0x1c0 [ 627.851816] ? __raw_spin_lock_init+0x2d/0x100 [ 627.856397] p9_client_create+0xd09/0x16c9 [ 627.860634] ? p9_client_read+0xc60/0xc60 [ 627.864778] ? kasan_check_read+0x11/0x20 [ 627.868924] ? lock_acquire+0x1e4/0x540 [ 627.872891] ? fs_reclaim_acquire+0x20/0x20 [ 627.877213] ? lock_release+0xa30/0xa30 [ 627.881212] ? __lockdep_init_map+0x105/0x590 [ 627.885710] ? kasan_check_write+0x14/0x20 [ 627.889941] ? __init_rwsem+0x1cc/0x2a0 [ 627.893916] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 627.898937] ? __kmalloc_track_caller+0x311/0x760 [ 627.903774] ? save_stack+0xa9/0xd0 [ 627.907399] ? save_stack+0x43/0xd0 [ 627.911023] ? kasan_kmalloc+0xc4/0xe0 [ 627.914906] ? kmem_cache_alloc_trace+0x152/0x780 [ 627.919746] ? memcpy+0x45/0x50 [ 627.923026] v9fs_session_init+0x21a/0x1a80 [ 627.927347] ? rcu_note_context_switch+0x730/0x730 [ 627.932275] ? do_mount+0x69e/0x1fb0 [ 627.935987] ? lock_acquire+0x1e4/0x540 [ 627.939959] ? v9fs_show_options+0x7e0/0x7e0 [ 627.944363] ? lock_release+0xa30/0xa30 [ 627.948338] ? check_same_owner+0x340/0x340 [ 627.952655] ? lock_downgrade+0x8f0/0x8f0 [ 627.956801] ? kasan_unpoison_shadow+0x35/0x50 [ 627.961381] ? kasan_kmalloc+0xc4/0xe0 [ 627.965266] ? kmem_cache_alloc_trace+0x318/0x780 [ 627.970107] ? kasan_unpoison_shadow+0x35/0x50 [ 627.974692] ? kasan_kmalloc+0xc4/0xe0 [ 627.978580] v9fs_mount+0x7c/0x900 [ 627.982121] ? v9fs_drop_inode+0x150/0x150 [ 627.986360] legacy_get_tree+0x118/0x440 [ 627.990424] vfs_get_tree+0x1cb/0x5c0 [ 627.994223] do_mount+0x6c1/0x1fb0 [ 627.997763] ? check_same_owner+0x340/0x340 [ 628.002080] ? lock_release+0xa30/0xa30 [ 628.006051] ? copy_mount_string+0x40/0x40 [ 628.010284] ? kasan_kmalloc+0xc4/0xe0 [ 628.014169] ? kmem_cache_alloc_trace+0x318/0x780 [ 628.019011] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 628.024543] ? _copy_from_user+0xdf/0x150 [ 628.028722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 628.034254] ? copy_mount_options+0x285/0x380 [ 628.038746] ksys_mount+0x12d/0x140 [ 628.042370] __x64_sys_mount+0xbe/0x150 [ 628.046347] do_syscall_64+0x1b9/0x820 [ 628.050231] ? finish_task_switch+0x1d3/0x870 [ 628.054723] ? syscall_return_slowpath+0x5e0/0x5e0 [ 628.059651] ? syscall_return_slowpath+0x31d/0x5e0 [ 628.064580] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 628.069593] ? prepare_exit_to_usermode+0x291/0x3b0 [ 628.074606] ? perf_trace_sys_enter+0xb10/0xb10 [ 628.079272] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 628.084116] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 628.089303] RIP: 0033:0x455e29 [ 628.092481] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 628.111744] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 628.119452] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 628.126717] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 628.133980] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 02:46:09 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2000000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 628.141244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 628.148507] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000014 [ 628.157609] 9pnet: Couldn't grow tag array 02:46:09 executing program 6 (fault-call:7 fault-nth:21): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:09 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0xfffffffffffffffd, 0x4d, 0x3}, 0xfffffffa) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:09 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfffffff0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:09 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe8030000}}], 0x1, 0x0) 02:46:09 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0x0, 0x1, 0x0) dup2(r3, r2) dup2(r2, r1) 02:46:09 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xff00, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:09 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf81a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:09 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970f0", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:09 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe00}}], 0x1, 0x0) [ 628.370447] FAULT_INJECTION: forcing a failure. [ 628.370447] name failslab, interval 1, probability 0, space 0, times 0 [ 628.381687] CPU: 1 PID: 7012 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 628.390005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 628.399360] Call Trace: [ 628.401958] dump_stack+0x1c9/0x2b4 [ 628.405598] ? dump_stack_print_info.cold.2+0x52/0x52 [ 628.410798] ? lock_acquire+0x1e4/0x540 [ 628.414779] ? is_bpf_text_address+0xae/0x170 [ 628.419283] should_fail.cold.4+0xa/0x11 [ 628.423354] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 628.428472] ? lock_acquire+0x1e4/0x540 [ 628.432463] ? is_bpf_text_address+0xae/0x170 [ 628.436958] ? lock_downgrade+0x8f0/0x8f0 [ 628.441197] ? __debug_object_init+0x581/0x12e0 [ 628.445865] ? lock_downgrade+0x8f0/0x8f0 [ 628.450008] ? lock_downgrade+0x8f0/0x8f0 [ 628.454158] ? kasan_check_read+0x11/0x20 [ 628.458306] ? do_raw_spin_unlock+0xa7/0x2f0 [ 628.462712] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 628.467291] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 628.471880] ? lock_acquire+0x1e4/0x540 [ 628.475852] ? p9_client_prepare_req.part.9+0x534/0xcd0 [ 628.481212] ? add_wait_queue+0x1b9/0x2b0 [ 628.485359] __should_failslab+0x124/0x180 [ 628.489591] should_failslab+0x9/0x14 [ 628.493388] kmem_cache_alloc_trace+0x4b/0x780 [ 628.497970] ? kasan_check_write+0x14/0x20 [ 628.502198] ? do_raw_spin_lock+0xc1/0x200 [ 628.506438] p9_client_prepare_req.part.9+0x5f2/0xcd0 [ 628.511633] ? p9_free_req.isra.8+0x140/0x140 [ 628.516120] ? __fget+0x4ac/0x740 [ 628.519571] ? p9_pollwait+0x83/0x230 [ 628.523371] ? p9_conn_create+0x730/0x730 [ 628.527522] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 628.533060] p9_client_rpc+0x1bd/0x1400 [ 628.537036] ? p9_fd_poll+0x1e0/0x2b0 [ 628.540834] ? p9_conn_create+0x55b/0x730 [ 628.544984] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 628.550348] ? ksys_dup3+0x690/0x690 [ 628.554061] ? check_same_owner+0x340/0x340 [ 628.558384] ? p9_fd_poll+0x2b0/0x2b0 [ 628.562185] ? kasan_kmalloc+0xc4/0xe0 [ 628.566075] ? kasan_unpoison_shadow+0x35/0x50 [ 628.570668] ? p9_fd_show_options+0x1c0/0x1c0 [ 628.575161] ? __raw_spin_lock_init+0x2d/0x100 [ 628.579742] p9_client_create+0xd09/0x16c9 [ 628.583977] ? p9_client_read+0xc60/0xc60 [ 628.588119] ? kasan_check_read+0x11/0x20 [ 628.592266] ? lock_acquire+0x1e4/0x540 [ 628.596237] ? fs_reclaim_acquire+0x20/0x20 [ 628.600561] ? lock_release+0xa30/0xa30 [ 628.604531] ? __lockdep_init_map+0x105/0x590 [ 628.609026] ? kasan_check_write+0x14/0x20 [ 628.613253] ? __init_rwsem+0x1cc/0x2a0 [ 628.617221] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 628.622235] ? __kmalloc_track_caller+0x311/0x760 [ 628.627070] ? save_stack+0xa9/0xd0 [ 628.630697] ? save_stack+0x43/0xd0 [ 628.634319] ? kasan_kmalloc+0xc4/0xe0 [ 628.638201] ? kmem_cache_alloc_trace+0x152/0x780 [ 628.643037] ? memcpy+0x45/0x50 [ 628.646317] v9fs_session_init+0x21a/0x1a80 [ 628.650634] ? rcu_note_context_switch+0x730/0x730 [ 628.655557] ? do_mount+0x69e/0x1fb0 [ 628.659272] ? lock_acquire+0x1e4/0x540 [ 628.663247] ? v9fs_show_options+0x7e0/0x7e0 [ 628.667651] ? lock_release+0xa30/0xa30 [ 628.671621] ? check_same_owner+0x340/0x340 [ 628.675937] ? lock_downgrade+0x8f0/0x8f0 [ 628.680087] ? kasan_unpoison_shadow+0x35/0x50 [ 628.684667] ? kasan_kmalloc+0xc4/0xe0 [ 628.688553] ? kmem_cache_alloc_trace+0x318/0x780 [ 628.693393] ? kasan_unpoison_shadow+0x35/0x50 [ 628.697972] ? kasan_kmalloc+0xc4/0xe0 [ 628.701860] v9fs_mount+0x7c/0x900 [ 628.705400] ? v9fs_drop_inode+0x150/0x150 [ 628.709634] legacy_get_tree+0x118/0x440 [ 628.713694] vfs_get_tree+0x1cb/0x5c0 [ 628.717493] do_mount+0x6c1/0x1fb0 [ 628.721026] ? check_same_owner+0x340/0x340 [ 628.725344] ? lock_release+0xa30/0xa30 [ 628.729317] ? copy_mount_string+0x40/0x40 [ 628.733547] ? kasan_kmalloc+0xc4/0xe0 [ 628.737432] ? kmem_cache_alloc_trace+0x318/0x780 [ 628.742271] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 628.747805] ? _copy_from_user+0xdf/0x150 [ 628.751950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 628.757484] ? copy_mount_options+0x285/0x380 [ 628.761975] ksys_mount+0x12d/0x140 [ 628.765598] __x64_sys_mount+0xbe/0x150 [ 628.769572] do_syscall_64+0x1b9/0x820 [ 628.773452] ? finish_task_switch+0x1d3/0x870 [ 628.777942] ? syscall_return_slowpath+0x5e0/0x5e0 [ 628.782867] ? syscall_return_slowpath+0x31d/0x5e0 [ 628.787794] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 628.792811] ? prepare_exit_to_usermode+0x291/0x3b0 [ 628.797824] ? perf_trace_sys_enter+0xb10/0xb10 [ 628.802488] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 628.807328] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 628.812509] RIP: 0033:0x455e29 [ 628.815682] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 628.834949] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 628.842655] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 628.849916] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 628.857177] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 628.864439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:09 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xa00}}], 0x1, 0x0) 02:46:09 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xffffff7f, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:10 executing program 6 (fault-call:7 fault-nth:22): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:10 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4519010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 628.871700] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000015 [ 628.878967] 9pnet: Couldn't grow tag array 02:46:10 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfeffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:10 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970d6", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:10 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xa}}], 0x1, 0x0) [ 629.039774] FAULT_INJECTION: forcing a failure. [ 629.039774] name failslab, interval 1, probability 0, space 0, times 0 [ 629.051054] CPU: 1 PID: 7041 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 629.059374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 629.068732] Call Trace: [ 629.071330] dump_stack+0x1c9/0x2b4 [ 629.074974] ? dump_stack_print_info.cold.2+0x52/0x52 [ 629.080175] ? __kernel_text_address+0xd/0x40 [ 629.084678] ? unwind_get_return_address+0x61/0xa0 [ 629.089619] should_fail.cold.4+0xa/0x11 [ 629.093689] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 629.098801] ? save_stack+0xa9/0xd0 [ 629.102433] ? save_stack+0x43/0xd0 [ 629.106062] ? kasan_kmalloc+0xc4/0xe0 [ 629.109947] ? __kmalloc+0x14e/0x760 [ 629.113659] ? p9_fcall_alloc+0x1e/0x90 [ 629.117628] ? p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 629.122989] ? p9_client_rpc+0x1bd/0x1400 [ 629.127140] ? v9fs_session_init+0x21a/0x1a80 [ 629.131633] ? v9fs_mount+0x7c/0x900 [ 629.135344] ? legacy_get_tree+0x118/0x440 [ 629.139577] ? vfs_get_tree+0x1cb/0x5c0 [ 629.143549] ? do_mount+0x6c1/0x1fb0 [ 629.147263] ? ksys_mount+0x12d/0x140 [ 629.151063] ? __x64_sys_mount+0xbe/0x150 [ 629.155215] ? do_syscall_64+0x1b9/0x820 [ 629.159279] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 629.164641] ? __x64_sys_mount+0xbe/0x150 [ 629.168803] ? do_syscall_64+0x1b9/0x820 [ 629.172880] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 629.178251] ? __debug_object_init+0x581/0x12e0 [ 629.182924] ? lock_downgrade+0x8f0/0x8f0 [ 629.187074] ? lock_downgrade+0x8f0/0x8f0 [ 629.191223] ? lock_acquire+0x1e4/0x540 [ 629.195199] ? kmem_cache_alloc_trace+0x567/0x780 [ 629.200042] ? lock_downgrade+0x8f0/0x8f0 [ 629.204187] ? check_same_owner+0x340/0x340 [ 629.208505] ? rcu_note_context_switch+0x730/0x730 [ 629.213433] __should_failslab+0x124/0x180 [ 629.217671] should_failslab+0x9/0x14 [ 629.221469] __kmalloc+0x2c8/0x760 [ 629.225006] ? __init_waitqueue_head+0x9e/0x150 [ 629.229672] ? init_wait_entry+0x1c0/0x1c0 [ 629.233909] ? p9_fcall_alloc+0x1e/0x90 [ 629.237883] p9_fcall_alloc+0x1e/0x90 [ 629.242338] p9_client_prepare_req.part.9+0x754/0xcd0 [ 629.247536] ? p9_free_req.isra.8+0x140/0x140 [ 629.252036] ? __fget+0x4ac/0x740 [ 629.255492] ? p9_pollwait+0x83/0x230 [ 629.259291] ? p9_conn_create+0x730/0x730 [ 629.263454] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 629.269003] p9_client_rpc+0x1bd/0x1400 [ 629.272981] ? p9_fd_poll+0x1e0/0x2b0 [ 629.276783] ? p9_conn_create+0x55b/0x730 [ 629.280954] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 629.286323] ? ksys_dup3+0x690/0x690 02:46:10 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0x0, 0x1, 0x0) dup2(r3, r2) dup2(r2, r1) [ 629.290045] ? check_same_owner+0x340/0x340 [ 629.294371] ? p9_fd_poll+0x2b0/0x2b0 [ 629.298178] ? kasan_kmalloc+0xc4/0xe0 [ 629.302078] ? kasan_unpoison_shadow+0x35/0x50 [ 629.306671] ? p9_fd_show_options+0x1c0/0x1c0 [ 629.311173] ? __raw_spin_lock_init+0x2d/0x100 [ 629.315761] p9_client_create+0xd09/0x16c9 [ 629.320003] ? p9_client_read+0xc60/0xc60 [ 629.324249] ? kasan_check_read+0x11/0x20 [ 629.328403] ? lock_acquire+0x1e4/0x540 [ 629.332376] ? fs_reclaim_acquire+0x20/0x20 [ 629.336701] ? lock_release+0xa30/0xa30 [ 629.340674] ? __lockdep_init_map+0x105/0x590 [ 629.345170] ? kasan_check_write+0x14/0x20 [ 629.349403] ? __init_rwsem+0x1cc/0x2a0 [ 629.353372] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 629.358385] ? __kmalloc_track_caller+0x311/0x760 [ 629.363223] ? save_stack+0xa9/0xd0 [ 629.366849] ? save_stack+0x43/0xd0 [ 629.370471] ? kasan_kmalloc+0xc4/0xe0 [ 629.374354] ? kmem_cache_alloc_trace+0x152/0x780 [ 629.379200] ? memcpy+0x45/0x50 [ 629.382486] v9fs_session_init+0x21a/0x1a80 [ 629.386805] ? rcu_note_context_switch+0x730/0x730 [ 629.391795] ? do_mount+0x69e/0x1fb0 [ 629.395512] ? lock_acquire+0x1e4/0x540 [ 629.399485] ? v9fs_show_options+0x7e0/0x7e0 [ 629.403901] ? lock_release+0xa30/0xa30 [ 629.407877] ? check_same_owner+0x340/0x340 [ 629.412199] ? lock_downgrade+0x8f0/0x8f0 [ 629.416346] ? kasan_unpoison_shadow+0x35/0x50 [ 629.420923] ? kasan_kmalloc+0xc4/0xe0 [ 629.424811] ? kmem_cache_alloc_trace+0x318/0x780 [ 629.429654] ? kasan_unpoison_shadow+0x35/0x50 [ 629.434230] ? kasan_kmalloc+0xc4/0xe0 [ 629.438117] v9fs_mount+0x7c/0x900 02:46:10 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = accept(0xffffffffffffff9c, &(0x7f00000002c0)=@pptp={0x0, 0x0, {0x0, @remote}}, &(0x7f0000000080)=0x80) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000380)=0x80000001, &(0x7f0000000480)=0x2) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r3 = syz_open_pts(0xffffffffffffffff, 0x200080) ioctl$PIO_FONTX(r3, 0x4b6c, &(0x7f00000004c0)="9f3fc0ca98ad5f2e9d8ae2c1a08682d9642f95dd069c238c33a8ec1016cfe585f9968e370a74a3b2cf8e9556eff8176a266bee14add6877f77e8e47712683f294637c42be7695cda23435abcc452516052072949fd198f2c6b2e47c03c065c02d7eefd9d8c33a3ea208ef46a0106e3ff28d5f5e8903e0ea6b93e38c9ad59f49ecaf7133ac37a1a3e7cf40f54fffbd1af852c3420cf06c549d6957d6a9d939ce0979ad146a563c1c40caebf5f24eadb16e6cd2972f414d6dc00c959ff2cecd485245c2c23d9322d5443f5a2f566053169dedd998b94b7286f") mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RUNLINKAT(r1, &(0x7f00000005c0)={0x7, 0x4d, 0x2}, 0x7) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a6000000290100000000000000000000000000000000000000000000000000000007002e2f66696c6530000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 629.441662] ? v9fs_drop_inode+0x150/0x150 [ 629.445898] legacy_get_tree+0x118/0x440 [ 629.449964] vfs_get_tree+0x1cb/0x5c0 [ 629.453763] do_mount+0x6c1/0x1fb0 [ 629.457304] ? check_same_owner+0x340/0x340 [ 629.461623] ? lock_release+0xa30/0xa30 [ 629.465599] ? copy_mount_string+0x40/0x40 [ 629.469836] ? kasan_kmalloc+0xc4/0xe0 [ 629.473727] ? kmem_cache_alloc_trace+0x318/0x780 [ 629.478579] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 629.484116] ? _copy_from_user+0xdf/0x150 [ 629.488270] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 629.493811] ? copy_mount_options+0x285/0x380 [ 629.498312] ksys_mount+0x12d/0x140 [ 629.501944] __x64_sys_mount+0xbe/0x150 [ 629.505955] do_syscall_64+0x1b9/0x820 [ 629.509841] ? finish_task_switch+0x1d3/0x870 [ 629.514339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 629.519269] ? syscall_return_slowpath+0x31d/0x5e0 [ 629.524195] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 629.529208] ? prepare_exit_to_usermode+0x291/0x3b0 [ 629.534221] ? perf_trace_sys_enter+0xb10/0xb10 [ 629.538888] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 629.543731] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 629.548917] RIP: 0033:0x455e29 [ 629.552097] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 629.571359] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 629.579083] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 02:46:10 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xffffff7f00000000}}], 0x1, 0x0) 02:46:10 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x8cffffff, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:10 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe087, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:10 executing program 6 (fault-call:7 fault-nth:23): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 629.586345] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 629.593607] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 629.600870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 629.608132] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000016 [ 629.615547] 9pnet: Couldn't grow tag array 02:46:10 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) r2 = syz_open_dev$audion(&(0x7f00000002c0)='/dev/audio#\x00', 0x6, 0x80880) recvfrom$llc(r2, &(0x7f0000000480)=""/250, 0xfa, 0x1, 0x0, 0x0) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r3 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$IOC_PR_RELEASE(r3, 0x401070ca, &(0x7f0000000080)={0x4, 0x2040000000000000, 0x1}) 02:46:10 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1f00000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:10 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:10 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xf401000000000000}}], 0x1, 0x0) [ 629.817708] FAULT_INJECTION: forcing a failure. [ 629.817708] name failslab, interval 1, probability 0, space 0, times 0 [ 629.828943] CPU: 0 PID: 7086 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 629.837255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 629.846601] Call Trace: [ 629.849197] dump_stack+0x1c9/0x2b4 [ 629.852832] ? dump_stack_print_info.cold.2+0x52/0x52 [ 629.858025] ? lock_acquire+0x1e4/0x540 [ 629.861994] ? is_bpf_text_address+0xae/0x170 [ 629.866513] should_fail.cold.4+0xa/0x11 [ 629.870570] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 629.875668] ? lock_acquire+0x1e4/0x540 [ 629.879635] ? is_bpf_text_address+0xae/0x170 [ 629.884126] ? lock_downgrade+0x8f0/0x8f0 [ 629.888332] ? __debug_object_init+0x581/0x12e0 [ 629.892995] ? lock_downgrade+0x8f0/0x8f0 [ 629.897137] ? lock_downgrade+0x8f0/0x8f0 [ 629.901286] ? kasan_check_read+0x11/0x20 [ 629.905429] ? do_raw_spin_unlock+0xa7/0x2f0 [ 629.909831] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 629.914406] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 629.918988] ? lock_acquire+0x1e4/0x540 [ 629.922961] ? p9_client_prepare_req.part.9+0x534/0xcd0 [ 629.928363] ? add_wait_queue+0x1b9/0x2b0 [ 629.932508] __should_failslab+0x124/0x180 [ 629.936740] should_failslab+0x9/0x14 [ 629.940537] kmem_cache_alloc_trace+0x4b/0x780 [ 629.945123] ? kasan_check_write+0x14/0x20 [ 629.949357] ? do_raw_spin_lock+0xc1/0x200 [ 629.953592] p9_client_prepare_req.part.9+0x5f2/0xcd0 [ 629.958783] ? p9_free_req.isra.8+0x140/0x140 [ 629.963274] ? __fget+0x4ac/0x740 [ 629.966724] ? p9_pollwait+0x83/0x230 [ 629.970521] ? p9_conn_create+0x730/0x730 [ 629.974667] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 629.980201] p9_client_rpc+0x1bd/0x1400 [ 629.984171] ? p9_fd_poll+0x1e0/0x2b0 [ 629.987970] ? p9_conn_create+0x55b/0x730 [ 629.992118] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 629.997481] ? ksys_dup3+0x690/0x690 [ 630.001188] ? check_same_owner+0x340/0x340 [ 630.005504] ? p9_fd_poll+0x2b0/0x2b0 [ 630.009303] ? kasan_kmalloc+0xc4/0xe0 [ 630.013191] ? kasan_unpoison_shadow+0x35/0x50 [ 630.017773] ? p9_fd_show_options+0x1c0/0x1c0 [ 630.022263] ? __raw_spin_lock_init+0x2d/0x100 [ 630.026842] p9_client_create+0xd09/0x16c9 [ 630.031078] ? p9_client_read+0xc60/0xc60 [ 630.035220] ? kasan_check_read+0x11/0x20 [ 630.039363] ? lock_acquire+0x1e4/0x540 [ 630.043332] ? fs_reclaim_acquire+0x20/0x20 [ 630.047650] ? lock_release+0xa30/0xa30 [ 630.051618] ? __lockdep_init_map+0x105/0x590 [ 630.056110] ? kasan_check_write+0x14/0x20 [ 630.060342] ? __init_rwsem+0x1cc/0x2a0 [ 630.064312] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 630.069326] ? __kmalloc_track_caller+0x311/0x760 [ 630.074164] ? save_stack+0xa9/0xd0 [ 630.077786] ? save_stack+0x43/0xd0 [ 630.081407] ? kasan_kmalloc+0xc4/0xe0 [ 630.085290] ? kmem_cache_alloc_trace+0x152/0x780 [ 630.090129] ? memcpy+0x45/0x50 [ 630.093406] v9fs_session_init+0x21a/0x1a80 [ 630.097721] ? rcu_note_context_switch+0x730/0x730 [ 630.102644] ? do_mount+0x69e/0x1fb0 [ 630.106359] ? lock_acquire+0x1e4/0x540 [ 630.110333] ? v9fs_show_options+0x7e0/0x7e0 [ 630.114740] ? lock_release+0xa30/0xa30 [ 630.118711] ? check_same_owner+0x340/0x340 [ 630.123033] ? kasan_unpoison_shadow+0x35/0x50 [ 630.127619] ? kasan_kmalloc+0xc4/0xe0 [ 630.131506] ? kmem_cache_alloc_trace+0x318/0x780 [ 630.136346] ? kasan_unpoison_shadow+0x35/0x50 [ 630.140923] ? kasan_kmalloc+0xc4/0xe0 [ 630.144807] v9fs_mount+0x7c/0x900 [ 630.148348] ? v9fs_drop_inode+0x150/0x150 [ 630.152578] legacy_get_tree+0x118/0x440 [ 630.156642] vfs_get_tree+0x1cb/0x5c0 [ 630.160447] do_mount+0x6c1/0x1fb0 [ 630.163983] ? kasan_check_write+0x14/0x20 [ 630.168213] ? copy_mount_string+0x40/0x40 [ 630.172461] ? kasan_kmalloc+0xc4/0xe0 [ 630.176348] ? kmem_cache_alloc_trace+0x318/0x780 [ 630.181190] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 630.190812] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 630.196348] ? copy_mount_options+0x285/0x380 [ 630.200842] ksys_mount+0x12d/0x140 [ 630.204473] __x64_sys_mount+0xbe/0x150 [ 630.208450] do_syscall_64+0x1b9/0x820 [ 630.212332] ? finish_task_switch+0x1d3/0x870 [ 630.216822] ? syscall_return_slowpath+0x5e0/0x5e0 [ 630.221747] ? syscall_return_slowpath+0x31d/0x5e0 [ 630.226673] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 630.231687] ? prepare_exit_to_usermode+0x291/0x3b0 [ 630.236700] ? perf_trace_sys_enter+0xb10/0xb10 [ 630.241364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 630.246209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 630.251391] RIP: 0033:0x455e29 02:46:11 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x0, 0x0) dup2(r3, r2) dup2(r2, r1) [ 630.254566] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 630.273837] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 630.281544] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 630.288833] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 630.296103] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 630.303373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 630.310637] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000017 02:46:11 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x3000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:11 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xedc0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:11 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = fcntl$getown(r1, 0x9) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x3, 0x4, 0x5, 0xe8e9, r2}) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a6000000290100000000000000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c6530000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) pipe2$9p(&(0x7f00000002c0), 0x4800) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 630.317905] 9pnet: Couldn't grow tag array 02:46:11 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x800000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:11 executing program 6 (fault-call:7 fault-nth:24): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:11 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x700000000000000}}], 0x1, 0x0) 02:46:11 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:11 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x9000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:11 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x8cffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:11 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x87e00000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:11 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xeffdffff00000000}}], 0x1, 0x0) [ 630.661304] FAULT_INJECTION: forcing a failure. [ 630.661304] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 630.673146] CPU: 0 PID: 7124 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 630.681454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 630.690797] Call Trace: [ 630.693387] dump_stack+0x1c9/0x2b4 [ 630.697019] ? dump_stack_print_info.cold.2+0x52/0x52 [ 630.702209] ? lock_release+0xa30/0xa30 [ 630.706180] should_fail.cold.4+0xa/0x11 [ 630.710239] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 630.715338] ? trace_hardirqs_on+0x10/0x10 [ 630.719571] ? is_bpf_text_address+0xd7/0x170 [ 630.724070] ? trace_hardirqs_on+0x10/0x10 [ 630.728303] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 630.733324] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 630.738080] ? trace_hardirqs_on+0x10/0x10 [ 630.742311] ? trace_hardirqs_on+0x10/0x10 [ 630.746543] ? lock_acquire+0x1e4/0x540 [ 630.750511] ? is_bpf_text_address+0xae/0x170 [ 630.755013] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 630.760552] ? should_fail+0x246/0xd86 [ 630.764439] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 630.769199] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 630.774308] __alloc_pages_nodemask+0x36e/0xdb0 [ 630.778972] ? lock_downgrade+0x8f0/0x8f0 [ 630.783118] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 630.788132] ? __debug_object_init+0x581/0x12e0 [ 630.792801] ? lock_downgrade+0x8f0/0x8f0 [ 630.796945] ? lock_downgrade+0x8f0/0x8f0 [ 630.801089] ? do_raw_spin_unlock+0xa7/0x2f0 [ 630.805492] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 630.810065] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 630.814646] ? lock_acquire+0x1e4/0x540 [ 630.818614] ? p9_client_prepare_req.part.9+0x534/0xcd0 [ 630.823976] cache_grow_begin+0x91/0x710 [ 630.828038] kmem_cache_alloc_trace+0x6a5/0x780 [ 630.832709] p9_client_prepare_req.part.9+0x5f2/0xcd0 [ 630.837898] ? p9_free_req.isra.8+0x140/0x140 [ 630.842390] ? __fget+0x4ac/0x740 [ 630.845840] ? p9_pollwait+0x83/0x230 [ 630.849638] ? p9_conn_create+0x730/0x730 [ 630.853785] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 630.859320] p9_client_rpc+0x1bd/0x1400 [ 630.863288] ? p9_fd_poll+0x1e0/0x2b0 [ 630.867084] ? p9_conn_create+0x55b/0x730 [ 630.871228] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 630.876593] ? ksys_dup3+0x690/0x690 [ 630.880305] ? check_same_owner+0x340/0x340 [ 630.884625] ? p9_fd_poll+0x2b0/0x2b0 [ 630.888426] ? kasan_kmalloc+0xc4/0xe0 [ 630.892313] ? kasan_unpoison_shadow+0x35/0x50 [ 630.896895] ? p9_fd_show_options+0x1c0/0x1c0 [ 630.901393] ? __raw_spin_lock_init+0x2d/0x100 [ 630.905973] p9_client_create+0xd09/0x16c9 [ 630.910208] ? p9_client_read+0xc60/0xc60 [ 630.914352] ? kasan_check_read+0x11/0x20 [ 630.918504] ? lock_acquire+0x1e4/0x540 [ 630.922470] ? fs_reclaim_acquire+0x20/0x20 [ 630.926790] ? lock_release+0xa30/0xa30 [ 630.930761] ? __lockdep_init_map+0x105/0x590 [ 630.935258] ? kasan_check_write+0x14/0x20 [ 630.939485] ? __init_rwsem+0x1cc/0x2a0 [ 630.943455] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 630.948471] ? __kmalloc_track_caller+0x311/0x760 [ 630.953309] ? save_stack+0xa9/0xd0 [ 630.956931] ? save_stack+0x43/0xd0 [ 630.960553] ? kasan_kmalloc+0xc4/0xe0 [ 630.964440] ? kmem_cache_alloc_trace+0x152/0x780 [ 630.969287] ? memcpy+0x45/0x50 [ 630.972565] v9fs_session_init+0x21a/0x1a80 [ 630.976881] ? rcu_note_context_switch+0x730/0x730 [ 630.981806] ? do_mount+0x69e/0x1fb0 [ 630.985518] ? lock_acquire+0x1e4/0x540 [ 630.989493] ? v9fs_show_options+0x7e0/0x7e0 [ 630.993898] ? lock_release+0xa30/0xa30 [ 630.997870] ? check_same_owner+0x340/0x340 [ 631.002194] ? kasan_unpoison_shadow+0x35/0x50 [ 631.006775] ? kasan_kmalloc+0xc4/0xe0 [ 631.010663] ? kmem_cache_alloc_trace+0x318/0x780 [ 631.015501] ? kasan_unpoison_shadow+0x35/0x50 [ 631.020095] ? kasan_kmalloc+0xc4/0xe0 [ 631.023981] v9fs_mount+0x7c/0x900 [ 631.027518] ? v9fs_drop_inode+0x150/0x150 [ 631.031763] legacy_get_tree+0x118/0x440 [ 631.035825] vfs_get_tree+0x1cb/0x5c0 [ 631.039626] do_mount+0x6c1/0x1fb0 [ 631.043160] ? kasan_check_write+0x14/0x20 [ 631.047394] ? copy_mount_string+0x40/0x40 [ 631.051628] ? retint_kernel+0x10/0x10 [ 631.055515] ? copy_mount_options+0x1f0/0x380 [ 631.060008] ? copy_mount_options+0x1f6/0x380 [ 631.064497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 631.070029] ? copy_mount_options+0x285/0x380 [ 631.074522] ksys_mount+0x12d/0x140 [ 631.078145] __x64_sys_mount+0xbe/0x150 [ 631.082121] do_syscall_64+0x1b9/0x820 [ 631.086002] ? finish_task_switch+0x1d3/0x870 [ 631.090494] ? syscall_return_slowpath+0x5e0/0x5e0 [ 631.095422] ? syscall_return_slowpath+0x31d/0x5e0 [ 631.100349] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 631.105371] ? prepare_exit_to_usermode+0x291/0x3b0 [ 631.110387] ? perf_trace_sys_enter+0xb10/0xb10 [ 631.115052] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 631.119891] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 631.125070] RIP: 0033:0x455e29 [ 631.128248] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 631.147520] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 631.155225] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 02:46:12 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0x7, 0x4d, 0x2}, 0x7) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:12 executing program 6 (fault-call:7 fault-nth:25): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 631.162489] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 631.169760] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 631.177309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 631.184569] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000018 02:46:12 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x0, 0x0) dup2(r3, r2) dup2(r2, r1) 02:46:12 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe0000000}}], 0x1, 0x0) 02:46:12 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x100000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:12 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x40000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:12 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:12 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 631.517918] FAULT_INJECTION: forcing a failure. [ 631.517918] name failslab, interval 1, probability 0, space 0, times 0 [ 631.529236] CPU: 0 PID: 7152 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 631.537544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 631.546886] Call Trace: [ 631.549475] dump_stack+0x1c9/0x2b4 [ 631.553103] ? dump_stack_print_info.cold.2+0x52/0x52 [ 631.558288] ? debug_check_no_obj_freed+0x30b/0x595 [ 631.563304] should_fail.cold.4+0xa/0x11 [ 631.567369] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 631.572471] ? __kasan_slab_free+0x131/0x170 [ 631.576881] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 631.582412] ? p9_free_req.isra.8+0x95/0x140 [ 631.586816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 631.592352] ? p9_client_read+0xc60/0xc60 [ 631.596670] ? kasan_check_read+0x11/0x20 [ 631.600815] ? lock_acquire+0x1e4/0x540 [ 631.604784] ? fs_reclaim_acquire+0x20/0x20 [ 631.609102] ? lock_downgrade+0x8f0/0x8f0 [ 631.613247] ? check_same_owner+0x340/0x340 [ 631.617566] ? rcu_note_context_switch+0x730/0x730 [ 631.622489] ? kasan_check_write+0x14/0x20 [ 631.626718] __should_failslab+0x124/0x180 [ 631.630953] should_failslab+0x9/0x14 [ 631.634751] __kmalloc_track_caller+0x2c4/0x760 [ 631.639411] ? save_stack+0xa9/0xd0 [ 631.643036] ? save_stack+0x43/0xd0 [ 631.646657] ? kasan_kmalloc+0xc4/0xe0 [ 631.650541] ? kmem_cache_alloc_trace+0x152/0x780 [ 631.655383] ? v9fs_session_init+0x501/0x1a80 [ 631.659875] kstrdup+0x39/0x70 [ 631.663066] v9fs_session_init+0x501/0x1a80 [ 631.667388] ? rcu_note_context_switch+0x730/0x730 [ 631.672319] ? do_mount+0x69e/0x1fb0 [ 631.676032] ? lock_acquire+0x1e4/0x540 [ 631.680044] ? v9fs_show_options+0x7e0/0x7e0 [ 631.684448] ? lock_release+0xa30/0xa30 [ 631.688420] ? check_same_owner+0x340/0x340 [ 631.692738] ? lock_downgrade+0x8f0/0x8f0 [ 631.696883] ? kasan_unpoison_shadow+0x35/0x50 [ 631.701463] ? kasan_kmalloc+0xc4/0xe0 [ 631.705348] ? kmem_cache_alloc_trace+0x318/0x780 [ 631.710185] ? kasan_unpoison_shadow+0x35/0x50 [ 631.714763] ? kasan_kmalloc+0xc4/0xe0 [ 631.718647] v9fs_mount+0x7c/0x900 [ 631.722183] ? v9fs_drop_inode+0x150/0x150 [ 631.726415] legacy_get_tree+0x118/0x440 [ 631.730476] vfs_get_tree+0x1cb/0x5c0 [ 631.734273] do_mount+0x6c1/0x1fb0 [ 631.737810] ? check_same_owner+0x340/0x340 [ 631.742128] ? lock_release+0xa30/0xa30 [ 631.746100] ? copy_mount_string+0x40/0x40 [ 631.750332] ? retint_kernel+0x10/0x10 [ 631.754217] ? copy_mount_options+0x1f0/0x380 [ 631.758710] ? copy_mount_options+0x206/0x380 [ 631.763198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 631.768727] ? copy_mount_options+0x285/0x380 [ 631.773221] ksys_mount+0x12d/0x140 [ 631.776842] __x64_sys_mount+0xbe/0x150 [ 631.780810] do_syscall_64+0x1b9/0x820 [ 631.784693] ? finish_task_switch+0x1d3/0x870 [ 631.789191] ? syscall_return_slowpath+0x5e0/0x5e0 [ 631.794119] ? syscall_return_slowpath+0x31d/0x5e0 [ 631.799042] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 631.804054] ? prepare_exit_to_usermode+0x291/0x3b0 [ 631.809067] ? perf_trace_sys_enter+0xb10/0xb10 [ 631.813734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 631.818574] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 631.823755] RIP: 0033:0x455e29 [ 631.826929] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 631.846205] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 631.853923] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 631.861189] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:12 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r2 = accept(0xffffffffffffff9c, &(0x7f0000000540)=@ethernet={0x0, @link_local}, &(0x7f00000005c0)=0x80) getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000600)={0x0, 0xfffffffffffffffc, 0x6, 0x7}, &(0x7f0000000640)=0x10) getsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f0000000680)=@assoc_value={r3, 0x2}, &(0x7f00000006c0)=0x8) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000480)={0x0, @in6={{0xa, 0x4e20, 0x1, @empty, 0x5}}, 0x0, 0x0, 0x1, 0x4, 0x4}, &(0x7f0000000080)=0x98) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vcs\x00', 0x4003, 0x0) ioctl$KVM_ASSIGN_DEV_IRQ(r5, 0x4040ae70, &(0x7f0000000380)={0x100000001, 0x4, 0xffffffffffffff71, 0x1}) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000002c0)={r4, 0x51e4}, 0x8) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:13 executing program 6 (fault-call:7 fault-nth:26): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:13 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x40000}}], 0x1, 0x0) [ 631.868450] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 631.875712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 631.882972] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000019 02:46:13 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x6000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:13 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:13 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11afb, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:13 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfeffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:13 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x900}}], 0x1, 0x0) 02:46:13 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB=',rfdno=\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 632.092702] FAULT_INJECTION: forcing a failure. [ 632.092702] name failslab, interval 1, probability 0, space 0, times 0 [ 632.104095] CPU: 1 PID: 7183 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 632.112404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 632.121746] Call Trace: [ 632.124336] dump_stack+0x1c9/0x2b4 [ 632.127959] ? dump_stack_print_info.cold.2+0x52/0x52 [ 632.133144] ? kasan_check_read+0x11/0x20 [ 632.137295] should_fail.cold.4+0xa/0x11 [ 632.141351] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 632.146451] ? kasan_check_write+0x14/0x20 [ 632.150684] ? finish_task_switch+0x2ca/0x870 [ 632.155180] ? pdu_read+0x90/0xd0 [ 632.158632] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 632.164164] ? p9pdu_readf+0xb78/0x2170 [ 632.168139] ? p9pdu_writef+0xe0/0xe0 [ 632.171936] ? __schedule+0x884/0x1ed0 [ 632.175823] ? __sched_text_start+0x8/0x8 [ 632.179975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 632.185509] ? check_same_owner+0x340/0x340 [ 632.189829] ? rcu_note_context_switch+0x730/0x730 [ 632.194757] ? trace_9p_protocol_dump+0xbe/0x3a0 [ 632.199515] __should_failslab+0x124/0x180 [ 632.203746] should_failslab+0x9/0x14 [ 632.207544] __kmalloc+0x2c8/0x760 [ 632.211082] ? memcpy+0x45/0x50 [ 632.214357] ? p9pdu_readf+0x526/0x2170 [ 632.218331] p9pdu_readf+0x526/0x2170 [ 632.222129] ? p9pdu_writef+0xe0/0xe0 [ 632.225924] ? ksys_dup3+0x690/0x690 [ 632.229633] ? check_same_owner+0x340/0x340 [ 632.233951] ? p9_fd_poll+0x2b0/0x2b0 [ 632.237789] ? kasan_kmalloc+0xc4/0xe0 [ 632.241687] ? kasan_unpoison_shadow+0x35/0x50 [ 632.246275] ? p9_fd_show_options+0x1c0/0x1c0 [ 632.250777] ? __raw_spin_lock_init+0x2d/0x100 [ 632.255361] p9_client_create+0xde0/0x16c9 [ 632.259604] ? p9_client_read+0xc60/0xc60 [ 632.263760] ? lock_acquire+0x1e4/0x540 [ 632.267731] ? fs_reclaim_acquire+0x20/0x20 [ 632.272058] ? lock_release+0xa30/0xa30 [ 632.276028] ? __lockdep_init_map+0x105/0x590 [ 632.280529] ? kasan_check_write+0x14/0x20 [ 632.284814] ? __init_rwsem+0x1cc/0x2a0 [ 632.288793] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 632.293813] ? __kmalloc_track_caller+0x311/0x760 [ 632.298652] ? save_stack+0xa9/0xd0 [ 632.302274] ? save_stack+0x43/0xd0 [ 632.305897] ? kasan_kmalloc+0xc4/0xe0 [ 632.309783] ? kmem_cache_alloc_trace+0x152/0x780 [ 632.314624] ? memcpy+0x45/0x50 [ 632.317908] v9fs_session_init+0x21a/0x1a80 [ 632.322230] ? rcu_note_context_switch+0x730/0x730 [ 632.327158] ? do_mount+0x69e/0x1fb0 [ 632.330876] ? lock_acquire+0x1e4/0x540 [ 632.334857] ? v9fs_show_options+0x7e0/0x7e0 [ 632.339267] ? lock_release+0xa30/0xa30 02:46:13 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x0, 0x0) dup2(r3, r2) dup2(r2, r1) [ 632.343242] ? check_same_owner+0x340/0x340 [ 632.347566] ? lock_downgrade+0x8f0/0x8f0 [ 632.351719] ? kasan_unpoison_shadow+0x35/0x50 [ 632.356310] ? kasan_kmalloc+0xc4/0xe0 [ 632.360201] ? kmem_cache_alloc_trace+0x318/0x780 [ 632.365043] ? kasan_unpoison_shadow+0x35/0x50 [ 632.369625] ? kasan_kmalloc+0xc4/0xe0 [ 632.373518] v9fs_mount+0x7c/0x900 [ 632.377063] ? v9fs_drop_inode+0x150/0x150 [ 632.381296] legacy_get_tree+0x118/0x440 [ 632.385355] vfs_get_tree+0x1cb/0x5c0 [ 632.389161] do_mount+0x6c1/0x1fb0 02:46:13 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xff00000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 632.392702] ? check_same_owner+0x340/0x340 [ 632.397027] ? copy_mount_string+0x40/0x40 [ 632.401263] ? retint_kernel+0x10/0x10 [ 632.405154] ? copy_mount_options+0x1e3/0x380 [ 632.409650] ? __sanitizer_cov_trace_pc+0x1/0x50 [ 632.414411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 632.419950] ? copy_mount_options+0x285/0x380 [ 632.424446] ksys_mount+0x12d/0x140 [ 632.428077] __x64_sys_mount+0xbe/0x150 [ 632.432048] do_syscall_64+0x1b9/0x820 [ 632.435947] ? finish_task_switch+0x1d3/0x870 02:46:13 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffffff87e00000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 632.440454] ? syscall_return_slowpath+0x5e0/0x5e0 [ 632.445382] ? syscall_return_slowpath+0x31d/0x5e0 [ 632.450310] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 632.455329] ? prepare_exit_to_usermode+0x291/0x3b0 [ 632.460347] ? perf_trace_sys_enter+0xb10/0xb10 [ 632.465018] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 632.469862] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 632.475045] RIP: 0033:0x455e29 02:46:13 executing program 6 (fault-call:7 fault-nth:27): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:13 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:13 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe}}], 0x1, 0x0) [ 632.478225] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 632.497462] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 632.505172] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 632.512441] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 632.519706] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 632.526975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 632.534244] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000001a 02:46:13 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x900000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:13 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x100000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:13 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x600000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:13 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 632.654010] 9pnet_virtio: no channels available for device (null) [ 632.681467] 9pnet_virtio: no channels available for device (null) [ 632.718439] FAULT_INJECTION: forcing a failure. [ 632.718439] name failslab, interval 1, probability 0, space 0, times 0 [ 632.729733] CPU: 1 PID: 7218 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 632.738039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 632.747381] Call Trace: [ 632.749971] dump_stack+0x1c9/0x2b4 [ 632.753593] ? dump_stack_print_info.cold.2+0x52/0x52 [ 632.758779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 632.764310] ? replace_slot+0xc9/0x4c0 [ 632.768196] should_fail.cold.4+0xa/0x11 [ 632.772252] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 632.777353] ? __radix_tree_replace+0x188/0x2f0 [ 632.782030] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 632.787562] ? node_tag_clear+0xc0/0x1c0 [ 632.791619] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 632.796542] ? radix_tree_iter_replace+0x49/0x60 [ 632.801295] ? idr_alloc_u32+0x208/0x3a0 [ 632.805352] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 632.810195] ? check_same_owner+0x340/0x340 [ 632.814515] ? rcu_note_context_switch+0x730/0x730 [ 632.819444] __should_failslab+0x124/0x180 [ 632.823678] should_failslab+0x9/0x14 [ 632.827481] kmem_cache_alloc_trace+0x2cb/0x780 [ 632.832145] ? trace_hardirqs_on+0xd/0x10 [ 632.836293] p9_client_prepare_req.part.9+0x82a/0xcd0 [ 632.841482] ? p9_free_req.isra.8+0x140/0x140 [ 632.845975] ? __radix_tree_replace+0x188/0x2f0 [ 632.850644] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 632.856172] ? node_tag_clear+0xc0/0x1c0 [ 632.860231] p9_client_rpc+0x1bd/0x1400 [ 632.864202] ? idr_alloc_u32+0x208/0x3a0 [ 632.868262] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 632.873627] ? lock_acquire+0x1e4/0x540 [ 632.877598] ? p9_fid_create+0x37f/0x4c0 [ 632.881655] ? lock_downgrade+0x8f0/0x8f0 [ 632.885804] ? kasan_check_read+0x11/0x20 [ 632.889947] ? do_raw_spin_unlock+0xa7/0x2f0 [ 632.894348] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 632.898925] ? kasan_check_write+0x14/0x20 [ 632.903152] ? do_raw_spin_lock+0xc1/0x200 [ 632.907386] ? trace_hardirqs_on+0xd/0x10 [ 632.911533] ? check_memory_region+0x151/0x1b0 [ 632.916114] ? p9_client_destroy+0x610/0x610 [ 632.920521] p9_client_attach+0x19f/0x860 [ 632.924665] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 632.929764] ? debug_check_no_obj_freed+0x30b/0x595 [ 632.934772] ? p9_client_walk+0xab0/0xab0 [ 632.938919] ? trace_hardirqs_off+0xd/0x10 [ 632.943145] ? quarantine_put+0x10d/0x1b0 [ 632.947293] ? __kasan_slab_free+0x131/0x170 [ 632.951704] v9fs_session_init+0xf62/0x1a80 [ 632.956022] ? v9fs_session_init+0xf62/0x1a80 [ 632.960511] ? rcu_note_context_switch+0x730/0x730 [ 632.965443] ? v9fs_show_options+0x7e0/0x7e0 [ 632.969850] ? lock_release+0xa30/0xa30 [ 632.973822] ? check_same_owner+0x340/0x340 [ 632.978137] ? lock_downgrade+0x8f0/0x8f0 [ 632.982284] ? kasan_unpoison_shadow+0x35/0x50 [ 632.986861] ? kasan_kmalloc+0xc4/0xe0 [ 632.990745] ? kmem_cache_alloc_trace+0x318/0x780 [ 632.995582] ? kasan_unpoison_shadow+0x35/0x50 [ 633.000160] ? kasan_kmalloc+0xc4/0xe0 [ 633.004045] v9fs_mount+0x7c/0x900 [ 633.007581] ? v9fs_drop_inode+0x150/0x150 [ 633.011810] legacy_get_tree+0x118/0x440 [ 633.015867] vfs_get_tree+0x1cb/0x5c0 [ 633.019665] do_mount+0x6c1/0x1fb0 [ 633.023204] ? check_same_owner+0x340/0x340 [ 633.027522] ? lock_release+0xa30/0xa30 [ 633.031492] ? copy_mount_string+0x40/0x40 [ 633.035723] ? kasan_kmalloc+0xc4/0xe0 [ 633.039604] ? kmem_cache_alloc_trace+0x318/0x780 [ 633.044442] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 633.049972] ? _copy_from_user+0xdf/0x150 [ 633.054115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 633.059648] ? copy_mount_options+0x285/0x380 [ 633.064144] ksys_mount+0x12d/0x140 [ 633.067769] __x64_sys_mount+0xbe/0x150 [ 633.071739] do_syscall_64+0x1b9/0x820 [ 633.075623] ? finish_task_switch+0x1d3/0x870 [ 633.080118] ? syscall_return_slowpath+0x5e0/0x5e0 [ 633.085041] ? syscall_return_slowpath+0x31d/0x5e0 [ 633.089965] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 633.094978] ? prepare_exit_to_usermode+0x291/0x3b0 [ 633.099990] ? perf_trace_sys_enter+0xb10/0xb10 [ 633.104652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 633.109492] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 633.114670] RIP: 0033:0x455e29 [ 633.117859] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 633.137124] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 633.144824] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 633.152084] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 633.159342] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 02:46:14 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x1f4}}], 0x1, 0x0) 02:46:14 executing program 6 (fault-call:7 fault-nth:28): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 633.166600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 633.173862] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000001b [ 633.181288] 9pnet: Couldn't grow tag array 02:46:14 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970d8", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:14 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(0xffffffffffffffff, r2) dup2(r2, r1) 02:46:14 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe087ffffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:14 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='wfdno', 0xffffffffffffff9c}, 0x10) ioctl$PIO_CMAP(r2, 0x4b71, &(0x7f0000000300)={0x0, 0x100000001, 0x8, 0x8001, 0x9, 0x10000}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:14 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x3000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:14 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:14 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x900000000000000}}], 0x1, 0x0) [ 633.515041] FAULT_INJECTION: forcing a failure. [ 633.515041] name failslab, interval 1, probability 0, space 0, times 0 [ 633.526357] CPU: 0 PID: 7246 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 633.534674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 633.544056] Call Trace: [ 633.546648] dump_stack+0x1c9/0x2b4 [ 633.550286] ? dump_stack_print_info.cold.2+0x52/0x52 [ 633.555485] should_fail.cold.4+0xa/0x11 [ 633.559548] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 633.564651] ? lock_repin_lock+0x430/0x430 [ 633.568883] ? kasan_check_write+0x14/0x20 [ 633.573119] ? __schedule+0x884/0x1ed0 [ 633.577007] ? __sched_text_start+0x8/0x8 [ 633.581163] ? lock_acquire+0x1e4/0x540 [ 633.585136] ? fs_reclaim_acquire+0x20/0x20 [ 633.589461] ? lock_downgrade+0x8f0/0x8f0 [ 633.593612] ? check_same_owner+0x340/0x340 [ 633.597932] __should_failslab+0x124/0x180 [ 633.602169] should_failslab+0x9/0x14 [ 633.605968] __kmalloc_track_caller+0x2c4/0x760 [ 633.610638] ? kstrdup+0x1e/0x70 02:46:14 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 633.614008] ? v9fs_session_init+0x501/0x1a80 [ 633.618508] kstrdup+0x39/0x70 [ 633.621701] v9fs_session_init+0x501/0x1a80 [ 633.626016] ? rcu_note_context_switch+0x730/0x730 [ 633.630940] ? do_mount+0x69e/0x1fb0 [ 633.634668] ? lock_acquire+0x1e4/0x540 [ 633.638641] ? v9fs_show_options+0x7e0/0x7e0 [ 633.643046] ? lock_release+0xa30/0xa30 [ 633.647017] ? check_same_owner+0x340/0x340 [ 633.651346] ? kasan_unpoison_shadow+0x35/0x50 [ 633.655926] ? kasan_kmalloc+0xc4/0xe0 [ 633.659814] ? kmem_cache_alloc_trace+0x318/0x780 [ 633.664656] ? kasan_unpoison_shadow+0x35/0x50 [ 633.669234] ? kasan_kmalloc+0xc4/0xe0 [ 633.673119] v9fs_mount+0x7c/0x900 [ 633.676659] ? v9fs_drop_inode+0x150/0x150 [ 633.680895] legacy_get_tree+0x118/0x440 [ 633.684957] vfs_get_tree+0x1cb/0x5c0 [ 633.688754] do_mount+0x6c1/0x1fb0 [ 633.692289] ? check_same_owner+0x340/0x340 [ 633.696606] ? lock_release+0xa30/0xa30 [ 633.700578] ? copy_mount_string+0x40/0x40 [ 633.704809] ? kasan_kmalloc+0xc4/0xe0 [ 633.708718] ? kmem_cache_alloc_trace+0x318/0x780 [ 633.713560] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 633.719089] ? _copy_from_user+0xdf/0x150 [ 633.723235] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 633.728768] ? copy_mount_options+0x285/0x380 [ 633.733262] ksys_mount+0x12d/0x140 [ 633.736890] __x64_sys_mount+0xbe/0x150 [ 633.740860] do_syscall_64+0x1b9/0x820 [ 633.744743] ? syscall_return_slowpath+0x5e0/0x5e0 [ 633.749667] ? syscall_return_slowpath+0x31d/0x5e0 [ 633.754592] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 633.759603] ? prepare_exit_to_usermode+0x291/0x3b0 [ 633.764615] ? perf_trace_sys_enter+0xb10/0xb10 [ 633.769279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 633.774121] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 633.779305] RIP: 0033:0x455e29 [ 633.782482] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 633.801745] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:46:14 executing program 6 (fault-call:7 fault-nth:29): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 633.809447] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 633.816711] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 633.823971] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 633.831234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 633.838495] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000001c 02:46:15 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xf0ffffffffffff}}], 0x1, 0x0) 02:46:15 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x600000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:15 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4c190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:15 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x900, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:15 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:15 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) stat(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000300)=0x0, &(0x7f0000000380), &(0x7f0000000500)) chown(&(0x7f0000000080)='./file0\x00', r2, r3) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r4 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r4, 0x40087703, 0x101) [ 634.154500] FAULT_INJECTION: forcing a failure. [ 634.154500] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 634.166339] CPU: 0 PID: 7276 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 634.174644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 634.183985] Call Trace: [ 634.186574] dump_stack+0x1c9/0x2b4 [ 634.190201] ? dump_stack_print_info.cold.2+0x52/0x52 [ 634.195383] ? is_bpf_text_address+0xae/0x170 [ 634.199880] should_fail.cold.4+0xa/0x11 [ 634.203940] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 634.209044] ? lock_acquire+0x1e4/0x540 [ 634.213117] ? is_bpf_text_address+0xae/0x170 [ 634.217610] ? lock_release+0xa30/0xa30 [ 634.221670] ? kasan_check_read+0x11/0x20 [ 634.225813] ? rcu_is_watching+0x8c/0x150 [ 634.229956] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 634.234622] ? is_bpf_text_address+0xd7/0x170 [ 634.239137] ? kernel_text_address+0x79/0xf0 [ 634.243542] ? unwind_get_return_address+0x61/0xa0 [ 634.248465] ? __save_stack_trace+0x8d/0xf0 [ 634.252782] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 634.258314] ? should_fail+0x246/0xd86 [ 634.262201] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 634.267303] __alloc_pages_nodemask+0x36e/0xdb0 [ 634.271967] ? save_stack+0x43/0xd0 [ 634.275587] ? kasan_kmalloc+0xc4/0xe0 [ 634.279471] ? __kmalloc+0x14e/0x760 [ 634.283179] ? p9_fcall_alloc+0x1e/0x90 [ 634.287152] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 634.292167] ? vfs_get_tree+0x1cb/0x5c0 [ 634.296249] ? ksys_mount+0x12d/0x140 [ 634.300048] ? __x64_sys_mount+0xbe/0x150 [ 634.304238] ? do_syscall_64+0x1b9/0x820 [ 634.308298] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 634.313657] ? __x64_sys_mount+0xbe/0x150 [ 634.317800] ? do_syscall_64+0x1b9/0x820 [ 634.321862] ? lock_downgrade+0x8f0/0x8f0 [ 634.326009] ? kasan_check_read+0x11/0x20 [ 634.330153] ? do_raw_spin_unlock+0xa7/0x2f0 [ 634.334561] ? check_same_owner+0x340/0x340 [ 634.338966] cache_grow_begin+0x91/0x710 [ 634.343025] __kmalloc+0x688/0x760 [ 634.346560] ? __init_waitqueue_head+0x9e/0x150 [ 634.351222] ? init_wait_entry+0x1c0/0x1c0 [ 634.355451] ? p9_fcall_alloc+0x1e/0x90 [ 634.359423] p9_fcall_alloc+0x1e/0x90 [ 634.363219] p9_client_prepare_req.part.9+0x754/0xcd0 [ 634.368409] ? p9_free_req.isra.8+0x140/0x140 [ 634.372896] ? __fget+0x4ac/0x740 [ 634.376350] ? p9_pollwait+0x83/0x230 [ 634.380144] ? p9_conn_create+0x730/0x730 [ 634.384288] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 634.389823] p9_client_rpc+0x1bd/0x1400 [ 634.393791] ? p9_fd_poll+0x1e0/0x2b0 [ 634.397588] ? p9_conn_create+0x55b/0x730 [ 634.401744] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 634.407105] ? ksys_dup3+0x690/0x690 [ 634.410814] ? check_same_owner+0x340/0x340 [ 634.415130] ? p9_fd_poll+0x2b0/0x2b0 [ 634.418930] ? kasan_kmalloc+0xc4/0xe0 [ 634.422815] ? kasan_unpoison_shadow+0x35/0x50 [ 634.427399] ? p9_fd_show_options+0x1c0/0x1c0 [ 634.431890] ? __raw_spin_lock_init+0x2d/0x100 [ 634.436474] p9_client_create+0xd09/0x16c9 [ 634.440708] ? p9_client_read+0xc60/0xc60 [ 634.444851] ? kasan_check_read+0x11/0x20 [ 634.448998] ? lock_acquire+0x1e4/0x540 [ 634.452969] ? fs_reclaim_acquire+0x20/0x20 [ 634.457287] ? lock_release+0xa30/0xa30 [ 634.461254] ? __lockdep_init_map+0x105/0x590 [ 634.465747] ? kasan_check_write+0x14/0x20 [ 634.469976] ? __init_rwsem+0x1cc/0x2a0 [ 634.473944] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 634.478955] ? __kmalloc_track_caller+0x311/0x760 [ 634.483794] ? save_stack+0xa9/0xd0 [ 634.487415] ? save_stack+0x43/0xd0 [ 634.491038] ? kasan_kmalloc+0xc4/0xe0 [ 634.494925] ? kmem_cache_alloc_trace+0x152/0x780 [ 634.499763] ? memcpy+0x45/0x50 [ 634.503041] v9fs_session_init+0x21a/0x1a80 [ 634.507359] ? rcu_note_context_switch+0x730/0x730 [ 634.512283] ? do_mount+0x69e/0x1fb0 [ 634.515998] ? lock_acquire+0x1e4/0x540 [ 634.519976] ? v9fs_show_options+0x7e0/0x7e0 [ 634.524379] ? lock_release+0xa30/0xa30 [ 634.528348] ? check_same_owner+0x340/0x340 [ 634.532668] ? kasan_unpoison_shadow+0x35/0x50 [ 634.537244] ? kasan_kmalloc+0xc4/0xe0 [ 634.541129] ? kmem_cache_alloc_trace+0x318/0x780 [ 634.545967] ? kasan_unpoison_shadow+0x35/0x50 [ 634.550543] ? kasan_kmalloc+0xc4/0xe0 [ 634.554426] v9fs_mount+0x7c/0x900 [ 634.557964] ? v9fs_drop_inode+0x150/0x150 [ 634.562194] legacy_get_tree+0x118/0x440 [ 634.566254] vfs_get_tree+0x1cb/0x5c0 [ 634.570067] do_mount+0x6c1/0x1fb0 [ 634.573609] ? kasan_check_write+0x14/0x20 [ 634.577842] ? copy_mount_string+0x40/0x40 [ 634.582076] ? kasan_kmalloc+0xc4/0xe0 [ 634.585962] ? kmem_cache_alloc_trace+0x318/0x780 [ 634.590803] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 634.596337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 634.601866] ? copy_mount_options+0x285/0x380 [ 634.606361] ksys_mount+0x12d/0x140 [ 634.609988] __x64_sys_mount+0xbe/0x150 [ 634.613957] do_syscall_64+0x1b9/0x820 [ 634.617836] ? finish_task_switch+0x1d3/0x870 [ 634.622330] ? syscall_return_slowpath+0x5e0/0x5e0 [ 634.627256] ? syscall_return_slowpath+0x31d/0x5e0 [ 634.632190] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 634.637204] ? prepare_exit_to_usermode+0x291/0x3b0 [ 634.642218] ? perf_trace_sys_enter+0xb10/0xb10 [ 634.646880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 634.651721] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 634.656902] RIP: 0033:0x455e29 [ 634.660080] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 634.679340] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 634.687044] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 634.694315] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:15 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(0xffffffffffffffff, r2) dup2(r2, r1) 02:46:15 executing program 6 (fault-call:7 fault-nth:30): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 634.701575] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 634.708836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 634.716100] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000001d 02:46:15 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x100000000000000}}], 0x1, 0x0) 02:46:16 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:16 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x300, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:16 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:16 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:16 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='fusectl\x00', 0x4, &(0x7f0000000480)="a06f0ffba5544ccde6fc22b5803b2f80d1452c9b23e657ef1fd21783bc09c150f5dade4b18972cb8c4dcebac8f478af6c83f51c730431b8b0e66726803fd3aaac74aca5d42a36e99407f292fbe5aa07c1018a1c508b5827aae3c95f310339eae601c314972") [ 635.067577] FAULT_INJECTION: forcing a failure. [ 635.067577] name failslab, interval 1, probability 0, space 0, times 0 [ 635.078890] CPU: 1 PID: 7303 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 635.087211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 635.096571] Call Trace: [ 635.099159] dump_stack+0x1c9/0x2b4 [ 635.102784] ? dump_stack_print_info.cold.2+0x52/0x52 [ 635.107974] ? __kernel_text_address+0xd/0x40 [ 635.112466] ? unwind_get_return_address+0x61/0xa0 [ 635.117394] should_fail.cold.4+0xa/0x11 [ 635.121455] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 635.126560] ? save_stack+0xa9/0xd0 [ 635.130182] ? save_stack+0x43/0xd0 [ 635.133803] ? kasan_kmalloc+0xc4/0xe0 [ 635.137683] ? __kmalloc+0x14e/0x760 [ 635.141391] ? p9_fcall_alloc+0x1e/0x90 [ 635.145360] ? p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 635.150718] ? p9_client_rpc+0x1bd/0x1400 [ 635.154862] ? v9fs_session_init+0xf62/0x1a80 [ 635.159348] ? v9fs_mount+0x7c/0x900 [ 635.163059] ? legacy_get_tree+0x118/0x440 [ 635.167287] ? vfs_get_tree+0x1cb/0x5c0 [ 635.171267] ? do_mount+0x6c1/0x1fb0 [ 635.174984] ? ksys_mount+0x12d/0x140 [ 635.178778] ? __x64_sys_mount+0xbe/0x150 [ 635.182923] ? do_syscall_64+0x1b9/0x820 [ 635.186986] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 635.192349] ? __x64_sys_mount+0xbe/0x150 [ 635.196493] ? do_syscall_64+0x1b9/0x820 [ 635.200555] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 635.205911] ? node_tag_clear+0xc0/0x1c0 [ 635.209971] ? radix_tree_iter_tag_clear+0x97/0xd0 02:46:16 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xfffff000}}], 0x1, 0x0) [ 635.214892] ? radix_tree_iter_replace+0x49/0x60 [ 635.219642] ? idr_alloc_u32+0x208/0x3a0 [ 635.223704] ? check_same_owner+0x340/0x340 [ 635.228020] ? rcu_note_context_switch+0x730/0x730 [ 635.232946] __should_failslab+0x124/0x180 [ 635.237197] should_failslab+0x9/0x14 [ 635.241684] __kmalloc+0x2c8/0x760 [ 635.245218] ? __init_waitqueue_head+0x9e/0x150 [ 635.249883] ? init_wait_entry+0x1c0/0x1c0 [ 635.254116] ? p9_fcall_alloc+0x1e/0x90 [ 635.258088] p9_fcall_alloc+0x1e/0x90 [ 635.261893] p9_client_prepare_req.part.9+0x754/0xcd0 [ 635.267081] ? p9_free_req.isra.8+0x140/0x140 [ 635.271573] ? __radix_tree_replace+0x188/0x2f0 [ 635.276240] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 635.281772] ? node_tag_clear+0xc0/0x1c0 [ 635.285829] p9_client_rpc+0x1bd/0x1400 [ 635.289804] ? idr_alloc_u32+0x208/0x3a0 [ 635.293862] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 635.299225] ? lock_acquire+0x1e4/0x540 [ 635.303192] ? p9_fid_create+0x37f/0x4c0 [ 635.307252] ? lock_downgrade+0x8f0/0x8f0 [ 635.311401] ? kasan_check_read+0x11/0x20 [ 635.315545] ? do_raw_spin_unlock+0xa7/0x2f0 [ 635.319947] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 635.324526] ? kasan_check_write+0x14/0x20 [ 635.328755] ? do_raw_spin_lock+0xc1/0x200 [ 635.332989] ? trace_hardirqs_on+0xd/0x10 [ 635.337136] ? check_memory_region+0x151/0x1b0 [ 635.341711] ? p9_client_destroy+0x610/0x610 [ 635.346116] p9_client_attach+0x19f/0x860 [ 635.350263] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 635.355366] ? debug_check_no_obj_freed+0x30b/0x595 [ 635.360379] ? p9_client_walk+0xab0/0xab0 [ 635.364526] ? trace_hardirqs_off+0xd/0x10 [ 635.368754] ? quarantine_put+0x10d/0x1b0 [ 635.372901] ? __kasan_slab_free+0x131/0x170 [ 635.377314] v9fs_session_init+0xf62/0x1a80 [ 635.381633] ? v9fs_session_init+0xf62/0x1a80 [ 635.386121] ? rcu_note_context_switch+0x730/0x730 [ 635.391052] ? v9fs_show_options+0x7e0/0x7e0 [ 635.395456] ? lock_release+0xa30/0xa30 [ 635.399441] ? check_same_owner+0x340/0x340 [ 635.403757] ? lock_downgrade+0x8f0/0x8f0 [ 635.407912] ? kasan_unpoison_shadow+0x35/0x50 [ 635.412500] ? kasan_kmalloc+0xc4/0xe0 [ 635.416385] ? kmem_cache_alloc_trace+0x318/0x780 [ 635.421223] ? kasan_unpoison_shadow+0x35/0x50 [ 635.425801] ? kasan_kmalloc+0xc4/0xe0 [ 635.429687] v9fs_mount+0x7c/0x900 [ 635.433224] ? v9fs_drop_inode+0x150/0x150 [ 635.437455] legacy_get_tree+0x118/0x440 [ 635.441517] vfs_get_tree+0x1cb/0x5c0 [ 635.445313] do_mount+0x6c1/0x1fb0 [ 635.448848] ? check_same_owner+0x340/0x340 [ 635.453168] ? lock_release+0xa30/0xa30 [ 635.457142] ? copy_mount_string+0x40/0x40 [ 635.461375] ? kasan_kmalloc+0xc4/0xe0 [ 635.465260] ? kmem_cache_alloc_trace+0x318/0x780 [ 635.470110] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 635.475643] ? _copy_from_user+0xdf/0x150 [ 635.479792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 635.485323] ? copy_mount_options+0x285/0x380 [ 635.489819] ksys_mount+0x12d/0x140 [ 635.493443] __x64_sys_mount+0xbe/0x150 [ 635.497415] do_syscall_64+0x1b9/0x820 [ 635.501295] ? finish_task_switch+0x1d3/0x870 [ 635.505788] ? syscall_return_slowpath+0x5e0/0x5e0 [ 635.510715] ? syscall_return_slowpath+0x31d/0x5e0 [ 635.515644] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 635.520658] ? prepare_exit_to_usermode+0x291/0x3b0 [ 635.525673] ? perf_trace_sys_enter+0xb10/0xb10 [ 635.530342] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 635.535183] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 635.540364] RIP: 0033:0x455e29 [ 635.543540] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:46:16 executing program 6 (fault-call:7 fault-nth:31): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 635.562806] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 635.570510] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 635.577775] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 635.585038] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 635.592300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 635.599561] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000001e [ 635.606991] 9pnet: Couldn't grow tag array 02:46:16 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11afe, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:16 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xfffffff6, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:16 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xf000}}], 0x1, 0x0) 02:46:16 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:16 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffffe4, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:16 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) statfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000300)=""/2) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f00000004c0)='./file0/file0\x00', 0x200100000000004d) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) unlink(&(0x7f0000000080)='./file0\x00') mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 635.806729] FAULT_INJECTION: forcing a failure. [ 635.806729] name failslab, interval 1, probability 0, space 0, times 0 [ 635.818058] CPU: 1 PID: 7328 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 635.826365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 635.835728] Call Trace: [ 635.838314] dump_stack+0x1c9/0x2b4 [ 635.841938] ? dump_stack_print_info.cold.2+0x52/0x52 [ 635.847123] ? kernel_text_address+0x79/0xf0 [ 635.851528] should_fail.cold.4+0xa/0x11 [ 635.855585] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 635.860685] ? save_stack+0xa9/0xd0 [ 635.864309] ? save_stack+0x43/0xd0 [ 635.867931] ? kmem_cache_alloc_trace+0x152/0x780 [ 635.872773] ? p9_client_prepare_req.part.9+0x82a/0xcd0 [ 635.878131] ? p9_client_rpc+0x1bd/0x1400 [ 635.882275] ? p9_client_attach+0x19f/0x860 [ 635.886597] ? v9fs_session_init+0xf62/0x1a80 [ 635.891084] ? v9fs_mount+0x7c/0x900 [ 635.894792] ? legacy_get_tree+0x118/0x440 [ 635.899019] ? vfs_get_tree+0x1cb/0x5c0 [ 635.902991] ? do_mount+0x6c1/0x1fb0 [ 635.906697] ? ksys_mount+0x12d/0x140 [ 635.910508] ? __x64_sys_mount+0xbe/0x150 [ 635.914653] ? do_syscall_64+0x1b9/0x820 [ 635.918708] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 635.924076] ? node_tag_clear+0xc0/0x1c0 [ 635.928142] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 635.933064] ? radix_tree_iter_replace+0x49/0x60 [ 635.937816] ? idr_alloc_u32+0x208/0x3a0 [ 635.941877] ? check_same_owner+0x340/0x340 [ 635.946194] ? rcu_note_context_switch+0x730/0x730 [ 635.951123] __should_failslab+0x124/0x180 [ 635.955355] should_failslab+0x9/0x14 [ 635.959147] __kmalloc+0x2c8/0x760 [ 635.962679] ? __init_waitqueue_head+0x9e/0x150 [ 635.967341] ? init_wait_entry+0x1c0/0x1c0 [ 635.971572] ? p9_fcall_alloc+0x1e/0x90 [ 635.975546] p9_fcall_alloc+0x1e/0x90 [ 635.979343] p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 635.984536] ? p9_free_req.isra.8+0x140/0x140 [ 635.989037] ? __radix_tree_replace+0x188/0x2f0 [ 635.993714] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 635.999249] ? node_tag_clear+0xc0/0x1c0 [ 636.003307] p9_client_rpc+0x1bd/0x1400 [ 636.007286] ? idr_alloc_u32+0x208/0x3a0 [ 636.011347] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 636.016715] ? lock_acquire+0x1e4/0x540 [ 636.020689] ? p9_fid_create+0x37f/0x4c0 [ 636.024752] ? lock_downgrade+0x8f0/0x8f0 [ 636.028902] ? kasan_check_read+0x11/0x20 [ 636.033044] ? do_raw_spin_unlock+0xa7/0x2f0 [ 636.037452] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 636.042042] ? kasan_check_write+0x14/0x20 [ 636.046280] ? do_raw_spin_lock+0xc1/0x200 [ 636.050522] ? trace_hardirqs_on+0xd/0x10 [ 636.054679] ? check_memory_region+0x151/0x1b0 [ 636.059258] ? p9_client_destroy+0x610/0x610 [ 636.063668] p9_client_attach+0x19f/0x860 [ 636.067811] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 636.072911] ? debug_check_no_obj_freed+0x30b/0x595 [ 636.077925] ? p9_client_walk+0xab0/0xab0 [ 636.082072] ? trace_hardirqs_off+0xd/0x10 [ 636.086299] ? quarantine_put+0x10d/0x1b0 [ 636.090451] ? __kasan_slab_free+0x131/0x170 [ 636.094859] v9fs_session_init+0xf62/0x1a80 [ 636.099181] ? v9fs_session_init+0xf62/0x1a80 [ 636.103673] ? rcu_note_context_switch+0x730/0x730 [ 636.108609] ? v9fs_show_options+0x7e0/0x7e0 [ 636.113014] ? lock_release+0xa30/0xa30 [ 636.116983] ? check_same_owner+0x340/0x340 [ 636.121303] ? lock_downgrade+0x8f0/0x8f0 [ 636.125456] ? kasan_unpoison_shadow+0x35/0x50 [ 636.130036] ? kasan_kmalloc+0xc4/0xe0 [ 636.133920] ? kmem_cache_alloc_trace+0x318/0x780 [ 636.138758] ? kasan_unpoison_shadow+0x35/0x50 [ 636.143337] ? kasan_kmalloc+0xc4/0xe0 [ 636.147226] v9fs_mount+0x7c/0x900 [ 636.150763] ? v9fs_drop_inode+0x150/0x150 02:46:17 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(0xffffffffffffffff, r2) dup2(r2, r1) [ 636.154994] legacy_get_tree+0x118/0x440 [ 636.159052] vfs_get_tree+0x1cb/0x5c0 [ 636.162863] do_mount+0x6c1/0x1fb0 [ 636.166401] ? check_same_owner+0x340/0x340 [ 636.170718] ? lock_release+0xa30/0xa30 [ 636.174693] ? copy_mount_string+0x40/0x40 [ 636.178934] ? kasan_kmalloc+0xc4/0xe0 [ 636.182827] ? kmem_cache_alloc_trace+0x318/0x780 [ 636.187675] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 636.193213] ? _copy_from_user+0xdf/0x150 [ 636.197371] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 636.202915] ? copy_mount_options+0x285/0x380 02:46:17 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xffffff8c, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 636.207420] ksys_mount+0x12d/0x140 [ 636.211056] __x64_sys_mount+0xbe/0x150 [ 636.215035] do_syscall_64+0x1b9/0x820 [ 636.218922] ? finish_task_switch+0x1d3/0x870 [ 636.223431] ? syscall_return_slowpath+0x5e0/0x5e0 [ 636.228365] ? syscall_return_slowpath+0x31d/0x5e0 [ 636.233296] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 636.238316] ? prepare_exit_to_usermode+0x291/0x3b0 [ 636.243340] ? perf_trace_sys_enter+0xb10/0xb10 [ 636.248017] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 636.252867] entry_SYSCALL_64_after_hwframe+0x49/0xbe 02:46:17 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xedc000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 636.258054] RIP: 0033:0x455e29 [ 636.261234] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 636.280510] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 636.288228] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 636.295499] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:17 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x1c00}}], 0x1, 0x0) 02:46:17 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x20000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 636.302773] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 636.310041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 636.317311] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000001f [ 636.326849] 9pnet: Couldn't grow tag array 02:46:17 executing program 6 (fault-call:7 fault-nth:32): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:17 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfffffffe, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:17 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11af9, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:17 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:17 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r2 = getuid() mount$9p_tcp(&(0x7f0000000080)='127.0.0.1\x00', &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='9p\x00', 0x4000, &(0x7f0000000480)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@version_u='version=9p2000.u', 0x2c}, {@afid={'afid', 0x3d, 0x200}, 0x2c}, {@access_uid={'access', 0x3d, r2}, 0x2c}, {@afid={'afid', 0x3d, 0x8}, 0x2c}, {@cachetag={'cachetag', 0x3d, 'W[em1^proc'}, 0x2c}]}}) 02:46:17 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xfffffdef}}], 0x1, 0x0) 02:46:17 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x5000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 636.575563] FAULT_INJECTION: forcing a failure. [ 636.575563] name failslab, interval 1, probability 0, space 0, times 0 [ 636.586915] CPU: 0 PID: 7366 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 636.595219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 636.604560] Call Trace: [ 636.607158] dump_stack+0x1c9/0x2b4 [ 636.610799] ? dump_stack_print_info.cold.2+0x52/0x52 [ 636.615988] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 636.621350] should_fail.cold.4+0xa/0x11 [ 636.625409] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 636.630507] ? fs_reclaim_acquire+0x20/0x20 [ 636.634824] ? lock_downgrade+0x8f0/0x8f0 [ 636.638970] ? rcu_is_watching+0x8c/0x150 [ 636.643115] ? lock_release+0xa30/0xa30 [ 636.647092] ? trace_hardirqs_on+0x10/0x10 [ 636.651321] ? trace_hardirqs_on+0x10/0x10 [ 636.655549] ? fscache_hash_cookie+0x640/0x1400 [ 636.660213] ? kasan_kmalloc+0xc4/0xe0 [ 636.664098] ? fscache_alloc_cookie+0x800/0x800 [ 636.668766] ? lock_acquire+0x1e4/0x540 [ 636.672800] ? fs_reclaim_acquire+0x20/0x20 [ 636.677123] ? lock_downgrade+0x8f0/0x8f0 [ 636.681272] ? check_same_owner+0x340/0x340 [ 636.685589] ? rcu_note_context_switch+0x730/0x730 [ 636.690516] __should_failslab+0x124/0x180 [ 636.694748] should_failslab+0x9/0x14 [ 636.698544] kmem_cache_alloc_trace+0x2cb/0x780 [ 636.703216] alloc_super+0xd4/0xb10 [ 636.706846] ? destroy_unused_super.part.11+0x110/0x110 [ 636.712209] ? sget_userns+0x17c/0x860 [ 636.716092] ? lock_downgrade+0x8f0/0x8f0 [ 636.720236] ? lock_acquire+0x1e4/0x540 [ 636.724212] ? kasan_check_read+0x11/0x20 [ 636.728354] ? do_raw_spin_unlock+0xa7/0x2f0 [ 636.732759] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 636.737345] ? kasan_check_write+0x14/0x20 [ 636.741572] ? do_raw_spin_lock+0xc1/0x200 [ 636.745805] sget_userns+0x276/0x860 [ 636.749521] ? v9fs_kill_super+0xa0/0xa0 [ 636.753582] ? vfs_get_super+0x270/0x270 [ 636.757658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 636.763192] ? ns_capable_common+0x13f/0x170 [ 636.767598] ? v9fs_kill_super+0xa0/0xa0 [ 636.771655] sget+0x10b/0x150 [ 636.774762] v9fs_mount+0xe2/0x900 [ 636.778297] ? v9fs_drop_inode+0x150/0x150 [ 636.782527] legacy_get_tree+0x118/0x440 [ 636.786585] vfs_get_tree+0x1cb/0x5c0 [ 636.790382] do_mount+0x6c1/0x1fb0 [ 636.793919] ? check_same_owner+0x340/0x340 [ 636.798234] ? lock_release+0xa30/0xa30 [ 636.802203] ? copy_mount_string+0x40/0x40 [ 636.806433] ? retint_kernel+0x10/0x10 [ 636.810327] ? __sanitizer_cov_trace_const_cmp4+0x5/0x20 [ 636.815775] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 636.821308] ? copy_mount_options+0x285/0x380 [ 636.825799] ksys_mount+0x12d/0x140 [ 636.829424] __x64_sys_mount+0xbe/0x150 [ 636.833394] do_syscall_64+0x1b9/0x820 [ 636.837282] ? syscall_return_slowpath+0x5e0/0x5e0 [ 636.842210] ? syscall_return_slowpath+0x31d/0x5e0 [ 636.847134] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 636.852149] ? prepare_exit_to_usermode+0x291/0x3b0 [ 636.857161] ? perf_trace_sys_enter+0xb10/0xb10 [ 636.861826] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 636.866666] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 636.871844] RIP: 0033:0x455e29 [ 636.875022] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 636.894302] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 636.902004] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 636.909266] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 636.916531] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 02:46:18 executing program 6 (fault-call:7 fault-nth:33): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 636.923793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 636.931055] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000020 02:46:18 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe0}}], 0x1, 0x0) 02:46:18 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf31a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:18 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4b190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 636.975155] 9pnet: p9_fd_create_tcp (7374): problem connecting socket to 127.0.0.1 02:46:18 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, 0xffffffffffffffff) dup2(r2, r1) 02:46:18 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:18 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$LOOP_SET_BLOCK_SIZE(r2, 0x4c09, 0x2) fanotify_mark(r3, 0x80, 0x1, r1, &(0x7f00000002c0)='./file0\x00') open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:18 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xf6ffffff, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:18 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x200000000000000}}], 0x1, 0x0) 02:46:18 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf91a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 637.168750] FAULT_INJECTION: forcing a failure. [ 637.168750] name failslab, interval 1, probability 0, space 0, times 0 [ 637.180043] CPU: 1 PID: 7392 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 637.188365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 637.197720] Call Trace: [ 637.200318] dump_stack+0x1c9/0x2b4 [ 637.203968] ? dump_stack_print_info.cold.2+0x52/0x52 [ 637.209171] should_fail.cold.4+0xa/0x11 [ 637.213246] ? fault_create_debugfs_attr+0x1f0/0x1f0 02:46:18 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x700}}], 0x1, 0x0) [ 637.218367] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 637.223396] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 637.228159] ? lock_acquire+0x1e4/0x540 [ 637.232136] ? is_bpf_text_address+0xae/0x170 [ 637.236637] ? lock_downgrade+0x8f0/0x8f0 [ 637.241383] ? lock_acquire+0x1e4/0x540 [ 637.245369] ? fs_reclaim_acquire+0x20/0x20 [ 637.249697] ? lock_downgrade+0x8f0/0x8f0 [ 637.253848] ? rcu_is_watching+0x8c/0x150 [ 637.258004] ? check_same_owner+0x340/0x340 [ 637.262336] ? rcu_note_context_switch+0x730/0x730 02:46:18 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 637.267272] ? kernel_text_address+0x79/0xf0 [ 637.271687] __should_failslab+0x124/0x180 [ 637.275928] should_failslab+0x9/0x14 [ 637.279738] kmem_cache_alloc+0x2af/0x760 [ 637.283895] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 637.289466] fscache_alloc_cookie+0xcb/0x800 [ 637.293886] ? fscache_cookie_init_once+0x80/0x80 [ 637.298740] ? put_dec+0xf0/0xf0 [ 637.302112] ? format_decode+0x1b1/0xaf0 [ 637.306179] ? set_precision+0xe0/0xe0 [ 637.310077] __fscache_acquire_cookie+0x230/0xb00 [ 637.314930] ? fscache_cookie_put+0x850/0x850 02:46:18 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x1100}}], 0x1, 0x0) [ 637.319433] ? pointer+0x990/0x990 [ 637.322982] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 637.328012] ? scnprintf+0xc9/0x130 [ 637.331654] ? snprintf+0xe0/0xe0 [ 637.335116] v9fs_cache_session_get_cookie+0xc4/0x270 [ 637.340321] v9fs_session_init+0x1013/0x1a80 [ 637.344735] ? rcu_note_context_switch+0x730/0x730 [ 637.349679] ? v9fs_show_options+0x7e0/0x7e0 [ 637.354092] ? lock_release+0xa30/0xa30 [ 637.358075] ? check_same_owner+0x340/0x340 [ 637.362399] ? lock_downgrade+0x8f0/0x8f0 02:46:18 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x9, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 637.366555] ? kasan_unpoison_shadow+0x35/0x50 [ 637.371140] ? kasan_kmalloc+0xc4/0xe0 [ 637.375036] ? kmem_cache_alloc_trace+0x318/0x780 [ 637.379884] ? kasan_unpoison_shadow+0x35/0x50 [ 637.384474] ? kasan_kmalloc+0xc4/0xe0 [ 637.388366] v9fs_mount+0x7c/0x900 [ 637.391909] ? v9fs_drop_inode+0x150/0x150 [ 637.396145] legacy_get_tree+0x118/0x440 [ 637.400204] vfs_get_tree+0x1cb/0x5c0 [ 637.404006] do_mount+0x6c1/0x1fb0 [ 637.407545] ? check_same_owner+0x340/0x340 [ 637.411869] ? lock_release+0xa30/0xa30 [ 637.415851] ? copy_mount_string+0x40/0x40 02:46:18 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x11}}], 0x1, 0x0) [ 637.420089] ? kasan_kmalloc+0xc4/0xe0 [ 637.423985] ? kmem_cache_alloc_trace+0x318/0x780 [ 637.428829] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 637.434366] ? _copy_from_user+0xdf/0x150 [ 637.438524] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 637.444067] ? copy_mount_options+0x285/0x380 [ 637.448569] ksys_mount+0x12d/0x140 [ 637.452200] __x64_sys_mount+0xbe/0x150 [ 637.456178] do_syscall_64+0x1b9/0x820 [ 637.460066] ? finish_task_switch+0x1d3/0x870 [ 637.464565] ? syscall_return_slowpath+0x5e0/0x5e0 02:46:18 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfe1a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 637.469502] ? syscall_return_slowpath+0x31d/0x5e0 [ 637.474436] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 637.479456] ? prepare_exit_to_usermode+0x291/0x3b0 [ 637.484475] ? perf_trace_sys_enter+0xb10/0xb10 [ 637.489148] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 637.493995] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 637.499196] RIP: 0033:0x455e29 [ 637.502374] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 637.521653] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 637.529368] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 637.536639] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 637.543907] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 637.551179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 637.558450] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000021 02:46:18 executing program 6 (fault-call:7 fault-nth:34): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:18 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x4000000000000}}], 0x1, 0x0) 02:46:18 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="397087", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:18 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x7000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 637.771429] FAULT_INJECTION: forcing a failure. [ 637.771429] name failslab, interval 1, probability 0, space 0, times 0 [ 637.782733] CPU: 0 PID: 7448 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 637.791097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 637.800444] Call Trace: [ 637.803033] dump_stack+0x1c9/0x2b4 [ 637.806658] ? dump_stack_print_info.cold.2+0x52/0x52 [ 637.811844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 637.817374] ? replace_slot+0xc9/0x4c0 [ 637.821260] should_fail.cold.4+0xa/0x11 [ 637.825322] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 637.830431] ? __radix_tree_replace+0x188/0x2f0 [ 637.835100] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 637.840630] ? node_tag_clear+0xc0/0x1c0 [ 637.844704] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 637.849642] ? radix_tree_iter_replace+0x49/0x60 [ 637.854396] ? idr_alloc_u32+0x208/0x3a0 [ 637.858461] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 637.863301] ? check_same_owner+0x340/0x340 [ 637.867618] ? rcu_note_context_switch+0x730/0x730 [ 637.872542] __should_failslab+0x124/0x180 [ 637.876816] should_failslab+0x9/0x14 [ 637.880618] kmem_cache_alloc_trace+0x2cb/0x780 [ 637.885285] ? trace_hardirqs_on+0xd/0x10 [ 637.889432] p9_client_prepare_req.part.9+0x82a/0xcd0 [ 637.894621] ? p9_free_req.isra.8+0x140/0x140 [ 637.899111] ? __radix_tree_replace+0x188/0x2f0 [ 637.903782] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 637.909316] ? node_tag_clear+0xc0/0x1c0 [ 637.913372] p9_client_rpc+0x1bd/0x1400 [ 637.917346] ? idr_alloc_u32+0x208/0x3a0 [ 637.921403] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 637.926780] ? lock_acquire+0x1e4/0x540 [ 637.930747] ? p9_fid_create+0x37f/0x4c0 [ 637.934808] ? lock_downgrade+0x8f0/0x8f0 [ 637.938956] ? kasan_check_read+0x11/0x20 [ 637.943095] ? do_raw_spin_unlock+0xa7/0x2f0 [ 637.947499] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 637.952094] ? kasan_check_write+0x14/0x20 [ 637.956327] ? do_raw_spin_lock+0xc1/0x200 [ 637.960557] ? trace_hardirqs_on+0xd/0x10 [ 637.964706] ? check_memory_region+0x151/0x1b0 [ 637.969286] ? p9_client_destroy+0x610/0x610 [ 637.973695] p9_client_attach+0x19f/0x860 [ 637.977842] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 637.982942] ? debug_check_no_obj_freed+0x30b/0x595 [ 637.987956] ? p9_client_walk+0xab0/0xab0 [ 637.992106] ? trace_hardirqs_off+0xd/0x10 [ 637.996341] ? quarantine_put+0x10d/0x1b0 [ 638.000498] ? __kasan_slab_free+0x131/0x170 [ 638.004912] v9fs_session_init+0xf62/0x1a80 [ 638.009231] ? v9fs_session_init+0xf62/0x1a80 [ 638.013721] ? rcu_note_context_switch+0x730/0x730 [ 638.018651] ? v9fs_show_options+0x7e0/0x7e0 [ 638.023056] ? lock_release+0xa30/0xa30 [ 638.027024] ? check_same_owner+0x340/0x340 [ 638.031346] ? kasan_unpoison_shadow+0x35/0x50 [ 638.035923] ? kasan_kmalloc+0xc4/0xe0 [ 638.039809] ? kmem_cache_alloc_trace+0x318/0x780 [ 638.044645] ? kasan_unpoison_shadow+0x35/0x50 [ 638.049223] ? kasan_kmalloc+0xc4/0xe0 [ 638.053109] v9fs_mount+0x7c/0x900 [ 638.056647] ? v9fs_drop_inode+0x150/0x150 [ 638.060876] legacy_get_tree+0x118/0x440 [ 638.064934] vfs_get_tree+0x1cb/0x5c0 [ 638.068731] do_mount+0x6c1/0x1fb0 [ 638.072271] ? kasan_check_write+0x14/0x20 [ 638.076503] ? copy_mount_string+0x40/0x40 [ 638.080735] ? retint_kernel+0x10/0x10 [ 638.084623] ? copy_mount_options+0x1a1/0x380 [ 638.089114] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 638.093953] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 638.099483] ? copy_mount_options+0x285/0x380 [ 638.103978] ksys_mount+0x12d/0x140 [ 638.107599] __x64_sys_mount+0xbe/0x150 [ 638.111569] do_syscall_64+0x1b9/0x820 [ 638.115452] ? finish_task_switch+0x1d3/0x870 [ 638.119946] ? syscall_return_slowpath+0x5e0/0x5e0 [ 638.124871] ? syscall_return_slowpath+0x31d/0x5e0 [ 638.129795] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 638.134806] ? prepare_exit_to_usermode+0x291/0x3b0 [ 638.139815] ? perf_trace_sys_enter+0xb10/0xb10 [ 638.144481] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 638.149320] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 638.154503] RIP: 0033:0x455e29 [ 638.157681] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 638.176949] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 638.184655] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 638.191914] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 638.199178] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 638.206440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 638.213702] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000022 02:46:19 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, 0xffffffffffffffff) dup2(r2, r1) 02:46:19 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x500, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:19 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11afa, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:19 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x1100000000000000}}], 0x1, 0x0) 02:46:19 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c61636365737301", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:19 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1194d, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:19 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 638.221270] 9pnet: Couldn't grow tag array 02:46:19 executing program 6 (fault-call:7 fault-nth:35): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:19 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x2000000}}], 0x1, 0x0) 02:46:19 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x300000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:19 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf51a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:19 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x200, 0x0) ioctl$BLKALIGNOFF(r2, 0x127a, &(0x7f0000000140)) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f00000002c0)=0x100000001, 0x4) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:19 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x3e8}}], 0x1, 0x0) [ 638.528366] FAULT_INJECTION: forcing a failure. [ 638.528366] name failslab, interval 1, probability 0, space 0, times 0 [ 638.539665] CPU: 1 PID: 7478 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 638.547978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 638.557329] Call Trace: [ 638.559920] dump_stack+0x1c9/0x2b4 [ 638.563552] ? dump_stack_print_info.cold.2+0x52/0x52 [ 638.568743] ? kernel_text_address+0x79/0xf0 [ 638.573153] should_fail.cold.4+0xa/0x11 [ 638.577216] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 638.582320] ? save_stack+0xa9/0xd0 [ 638.585944] ? save_stack+0x43/0xd0 [ 638.589565] ? kmem_cache_alloc_trace+0x152/0x780 [ 638.594406] ? p9_client_prepare_req.part.9+0x82a/0xcd0 [ 638.599766] ? p9_client_rpc+0x1bd/0x1400 [ 638.603910] ? p9_client_attach+0x19f/0x860 [ 638.608229] ? v9fs_session_init+0xf62/0x1a80 [ 638.612716] ? v9fs_mount+0x7c/0x900 [ 638.616428] ? legacy_get_tree+0x118/0x440 [ 638.620658] ? vfs_get_tree+0x1cb/0x5c0 [ 638.624627] ? do_mount+0x6c1/0x1fb0 [ 638.628334] ? ksys_mount+0x12d/0x140 [ 638.632128] ? __x64_sys_mount+0xbe/0x150 [ 638.636272] ? do_syscall_64+0x1b9/0x820 [ 638.640329] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 638.645687] ? node_tag_clear+0xc0/0x1c0 [ 638.649745] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 638.654667] ? radix_tree_iter_replace+0x49/0x60 [ 638.659420] ? idr_alloc_u32+0x208/0x3a0 [ 638.663482] ? check_same_owner+0x340/0x340 [ 638.667802] ? rcu_note_context_switch+0x730/0x730 [ 638.672730] __should_failslab+0x124/0x180 [ 638.676967] should_failslab+0x9/0x14 [ 638.680765] __kmalloc+0x2c8/0x760 [ 638.684306] ? __init_waitqueue_head+0x9e/0x150 [ 638.688968] ? init_wait_entry+0x1c0/0x1c0 [ 638.693198] ? p9_fcall_alloc+0x1e/0x90 [ 638.697172] p9_fcall_alloc+0x1e/0x90 [ 638.700974] p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 638.706166] ? p9_free_req.isra.8+0x140/0x140 [ 638.710661] ? __radix_tree_replace+0x188/0x2f0 [ 638.715331] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 638.720864] ? node_tag_clear+0xc0/0x1c0 [ 638.724921] p9_client_rpc+0x1bd/0x1400 [ 638.728896] ? idr_alloc_u32+0x208/0x3a0 [ 638.732952] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 638.738317] ? lock_acquire+0x1e4/0x540 [ 638.742285] ? p9_fid_create+0x37f/0x4c0 [ 638.746346] ? lock_downgrade+0x8f0/0x8f0 [ 638.750492] ? kasan_check_read+0x11/0x20 [ 638.754636] ? do_raw_spin_unlock+0xa7/0x2f0 [ 638.759036] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 638.763618] ? kasan_check_write+0x14/0x20 [ 638.767848] ? do_raw_spin_lock+0xc1/0x200 [ 638.772079] ? trace_hardirqs_on+0xd/0x10 [ 638.776223] ? check_memory_region+0x151/0x1b0 [ 638.780799] ? p9_client_destroy+0x610/0x610 [ 638.785212] p9_client_attach+0x19f/0x860 [ 638.789358] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 638.794456] ? debug_check_no_obj_freed+0x30b/0x595 [ 638.799466] ? p9_client_walk+0xab0/0xab0 [ 638.803611] ? trace_hardirqs_off+0xd/0x10 [ 638.807839] ? quarantine_put+0x10d/0x1b0 [ 638.811996] ? __kasan_slab_free+0x131/0x170 [ 638.816405] v9fs_session_init+0xf62/0x1a80 [ 638.820723] ? v9fs_session_init+0xf62/0x1a80 [ 638.825213] ? rcu_note_context_switch+0x730/0x730 [ 638.830143] ? v9fs_show_options+0x7e0/0x7e0 [ 638.834545] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 638.839296] ? retint_kernel+0x10/0x10 [ 638.843180] ? kasan_unpoison_shadow+0x35/0x50 [ 638.847764] ? kasan_kmalloc+0xc4/0xe0 [ 638.851650] ? kmem_cache_alloc_trace+0x318/0x780 [ 638.856487] ? kasan_unpoison_shadow+0x35/0x50 [ 638.861065] ? kasan_kmalloc+0xc4/0xe0 [ 638.864949] v9fs_mount+0x7c/0x900 [ 638.868486] ? v9fs_drop_inode+0x150/0x150 [ 638.872717] legacy_get_tree+0x118/0x440 [ 638.876776] vfs_get_tree+0x1cb/0x5c0 [ 638.880571] do_mount+0x6c1/0x1fb0 [ 638.884110] ? copy_mount_string+0x40/0x40 [ 638.888337] ? retint_kernel+0x10/0x10 [ 638.892222] ? copy_mount_options+0x213/0x380 [ 638.896714] ? write_comp_data+0x22/0x70 [ 638.900775] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 638.906305] ? copy_mount_options+0x285/0x380 [ 638.910795] ksys_mount+0x12d/0x140 [ 638.914422] __x64_sys_mount+0xbe/0x150 [ 638.918392] do_syscall_64+0x1b9/0x820 [ 638.922273] ? finish_task_switch+0x1d3/0x870 [ 638.926764] ? syscall_return_slowpath+0x5e0/0x5e0 [ 638.931687] ? syscall_return_slowpath+0x31d/0x5e0 [ 638.936610] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 638.941797] ? prepare_exit_to_usermode+0x291/0x3b0 [ 638.946809] ? perf_trace_sys_enter+0xb10/0xb10 [ 638.951476] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 638.956317] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 638.961500] RIP: 0033:0x455e29 [ 638.964675] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 638.983939] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 638.991644] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 638.998910] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 639.006171] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 639.013438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 639.020714] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000023 02:46:20 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xa00000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:20 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x2000000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:20 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 639.028301] 9pnet: Couldn't grow tag array 02:46:20 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, 0xffffffffffffffff) dup2(r2, r1) 02:46:20 executing program 6 (fault-call:7 fault-nth:36): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:20 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf41a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:20 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="243bda5babfc371e24c12a8911d9195e5aa3b18b807fbdc965f28d9f5396556a7a51f57ca38d982985de7572d36f8db8faa4e1a67338e81a6e10eab39ab2553a6c768e67ccb50a44636316f2ede39d97d7be3e6ea3b3cfdb0027453268d97907a0b2dfe55b842da70febb8f03f51b44c252fb422756bfb1720d70eef74658fab2c87b8cf4c7cc0e12e824856def32862e6b7c9c69c2bc0bc99925ce905fd9abb6ec5126f843e13af56000000ef7f6f90efafe2145a1b130a4751f46d6e02"]) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a600000029010000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000008000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f6669030000000000000000000000000000000000002e2f66696c6530"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:20 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x400000000000000}}], 0x1, 0x0) 02:46:20 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x3f00000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:20 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970d9", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:20 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff00000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:20 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xe000000000000000}}], 0x1, 0x0) 02:46:20 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x1000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:20 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x200000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 639.350498] 9pnet: Insufficient options for proto=fd [ 639.364308] 9pnet: Insufficient options for proto=fd [ 639.387560] FAULT_INJECTION: forcing a failure. [ 639.387560] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 639.399402] CPU: 1 PID: 7518 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 639.407715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 639.417061] Call Trace: [ 639.419651] dump_stack+0x1c9/0x2b4 [ 639.423281] ? dump_stack_print_info.cold.2+0x52/0x52 [ 639.428471] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 639.433145] should_fail.cold.4+0xa/0x11 [ 639.437208] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 639.442308] ? is_bpf_text_address+0xae/0x170 [ 639.446800] ? lock_downgrade+0x8f0/0x8f0 [ 639.450948] ? lock_release+0xa30/0xa30 [ 639.454921] ? kasan_check_read+0x11/0x20 [ 639.459069] ? rcu_is_watching+0x8c/0x150 [ 639.463214] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 639.467883] ? is_bpf_text_address+0xd7/0x170 [ 639.472375] ? kernel_text_address+0x79/0xf0 [ 639.476782] ? __kernel_text_address+0xd/0x40 [ 639.481273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 639.486805] ? should_fail+0x246/0xd86 [ 639.490687] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 639.495792] __alloc_pages_nodemask+0x36e/0xdb0 [ 639.500457] ? save_stack+0xa9/0xd0 [ 639.504083] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 639.509099] ? p9_client_attach+0x19f/0x860 [ 639.513418] ? v9fs_mount+0x7c/0x900 [ 639.517137] ? legacy_get_tree+0x118/0x440 [ 639.521368] ? vfs_get_tree+0x1cb/0x5c0 [ 639.525336] ? do_mount+0x6c1/0x1fb0 [ 639.529052] ? ksys_mount+0x12d/0x140 [ 639.532861] ? __x64_sys_mount+0xbe/0x150 [ 639.537008] ? do_syscall_64+0x1b9/0x820 [ 639.541067] ? node_tag_clear+0xc0/0x1c0 [ 639.545133] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 639.550058] ? radix_tree_iter_replace+0x49/0x60 [ 639.554808] ? idr_alloc_u32+0x208/0x3a0 [ 639.558869] ? check_same_owner+0x340/0x340 [ 639.563189] cache_grow_begin+0x91/0x710 [ 639.567252] __kmalloc+0x688/0x760 [ 639.570791] ? __init_waitqueue_head+0x9e/0x150 [ 639.575453] ? init_wait_entry+0x1c0/0x1c0 [ 639.579684] ? p9_fcall_alloc+0x1e/0x90 [ 639.583661] p9_fcall_alloc+0x1e/0x90 [ 639.587464] p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 639.592654] ? p9_free_req.isra.8+0x140/0x140 [ 639.597147] ? __radix_tree_replace+0x188/0x2f0 [ 639.601817] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 639.607347] ? node_tag_clear+0xc0/0x1c0 [ 639.611404] p9_client_rpc+0x1bd/0x1400 [ 639.615376] ? idr_alloc_u32+0x208/0x3a0 [ 639.619432] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 639.624794] ? lock_acquire+0x1e4/0x540 [ 639.628761] ? p9_fid_create+0x37f/0x4c0 [ 639.632819] ? lock_downgrade+0x8f0/0x8f0 [ 639.636969] ? kasan_check_read+0x11/0x20 [ 639.641107] ? do_raw_spin_unlock+0xa7/0x2f0 [ 639.645513] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 639.650093] ? kasan_check_write+0x14/0x20 [ 639.654325] ? do_raw_spin_lock+0xc1/0x200 [ 639.658554] ? trace_hardirqs_on+0xd/0x10 [ 639.662700] ? check_memory_region+0x151/0x1b0 [ 639.667279] ? p9_client_destroy+0x610/0x610 [ 639.671687] p9_client_attach+0x19f/0x860 [ 639.675830] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 639.680930] ? debug_check_no_obj_freed+0x30b/0x595 [ 639.685945] ? p9_client_walk+0xab0/0xab0 [ 639.690092] ? trace_hardirqs_off+0xd/0x10 [ 639.694323] ? quarantine_put+0x10d/0x1b0 [ 639.698467] ? __kasan_slab_free+0x131/0x170 [ 639.702878] v9fs_session_init+0xf62/0x1a80 [ 639.707194] ? v9fs_session_init+0xf62/0x1a80 [ 639.711687] ? rcu_note_context_switch+0x730/0x730 [ 639.716619] ? v9fs_show_options+0x7e0/0x7e0 [ 639.721022] ? lock_release+0xa30/0xa30 [ 639.724991] ? check_same_owner+0x340/0x340 [ 639.729315] ? kasan_unpoison_shadow+0x35/0x50 [ 639.733896] ? kasan_kmalloc+0xc4/0xe0 [ 639.737779] ? kmem_cache_alloc_trace+0x318/0x780 [ 639.742618] ? kasan_unpoison_shadow+0x35/0x50 [ 639.747194] ? kasan_kmalloc+0xc4/0xe0 [ 639.751077] v9fs_mount+0x7c/0x900 [ 639.754611] ? v9fs_drop_inode+0x150/0x150 [ 639.758839] legacy_get_tree+0x118/0x440 [ 639.762900] vfs_get_tree+0x1cb/0x5c0 [ 639.766699] do_mount+0x6c1/0x1fb0 [ 639.770236] ? kasan_check_write+0x14/0x20 [ 639.774470] ? copy_mount_string+0x40/0x40 [ 639.778701] ? kasan_kmalloc+0xc4/0xe0 [ 639.782589] ? kmem_cache_alloc_trace+0x318/0x780 [ 639.787428] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 639.792961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 639.798494] ? copy_mount_options+0x285/0x380 [ 639.802987] ksys_mount+0x12d/0x140 [ 639.806607] __x64_sys_mount+0xbe/0x150 [ 639.810578] do_syscall_64+0x1b9/0x820 [ 639.814460] ? finish_task_switch+0x1d3/0x870 [ 639.818952] ? syscall_return_slowpath+0x5e0/0x5e0 [ 639.823879] ? syscall_return_slowpath+0x31d/0x5e0 [ 639.828801] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 639.833815] ? prepare_exit_to_usermode+0x291/0x3b0 [ 639.838827] ? perf_trace_sys_enter+0xb10/0xb10 [ 639.843495] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 639.848338] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 639.853516] RIP: 0033:0x455e29 [ 639.856694] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 639.875958] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 639.883661] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 639.890922] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:21 executing program 6 (fault-call:7 fault-nth:37): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:21 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d9fddc1796551fbdae0ee87cab0d77151b8504e017c3b7b912662e43fdf56f947c430f2d74a6b16a052c9801c1920bd2a17d1ce9c12b52acc680e67676da8fb1c157eeb52e9a0d46a34740650c76b2f94d224e23b0fab5ff7bead32cc0c8a87d69a39e16c2565b170045e4db87f5f9e14455c1b4ac008d4f6a615a658f825305d90f46b5ed5d05c9dcecbd592f0ab4e9b66b566e9ee91fdcecb55b275f908f71ebd76dd078a726eda212bcc", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r2 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3) utimensat(r2, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x100) [ 639.898183] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 639.905457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 639.912721] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000024 02:46:21 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:21 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x43190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:21 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xfffffffffffff000}}], 0x1, 0x0) [ 640.087197] 9pnet: Insufficient options for proto=fd [ 640.103346] FAULT_INJECTION: forcing a failure. [ 640.103346] name failslab, interval 1, probability 0, space 0, times 0 [ 640.114749] CPU: 0 PID: 7545 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 640.123064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 640.132416] Call Trace: [ 640.133881] 9pnet: Insufficient options for proto=fd [ 640.135014] dump_stack+0x1c9/0x2b4 [ 640.135032] ? dump_stack_print_info.cold.2+0x52/0x52 [ 640.135053] ? __kernel_text_address+0xd/0x40 [ 640.153409] ? unwind_get_return_address+0x61/0xa0 [ 640.158347] should_fail.cold.4+0xa/0x11 [ 640.162407] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 640.167524] ? save_stack+0xa9/0xd0 [ 640.171157] ? save_stack+0x43/0xd0 [ 640.174788] ? kasan_kmalloc+0xc4/0xe0 [ 640.178674] ? __kmalloc+0x14e/0x760 [ 640.182385] ? p9_fcall_alloc+0x1e/0x90 [ 640.186357] ? p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 640.191716] ? p9_client_rpc+0x1bd/0x1400 [ 640.195865] ? v9fs_session_init+0xf62/0x1a80 [ 640.200355] ? v9fs_mount+0x7c/0x900 [ 640.204061] ? legacy_get_tree+0x118/0x440 [ 640.208294] ? vfs_get_tree+0x1cb/0x5c0 [ 640.212264] ? do_mount+0x6c1/0x1fb0 [ 640.215973] ? ksys_mount+0x12d/0x140 [ 640.219771] ? __x64_sys_mount+0xbe/0x150 [ 640.223932] ? do_syscall_64+0x1b9/0x820 [ 640.227990] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 640.233360] ? __x64_sys_mount+0xbe/0x150 [ 640.237505] ? do_syscall_64+0x1b9/0x820 [ 640.241569] ? lock_acquire+0x1e4/0x540 [ 640.245549] ? cache_grow_end.part.37+0x95/0x170 [ 640.250305] ? lock_downgrade+0x8f0/0x8f0 [ 640.254454] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 640.259383] ? kasan_check_read+0x11/0x20 [ 640.263526] ? do_raw_spin_unlock+0xa7/0x2f0 [ 640.267934] ? check_same_owner+0x340/0x340 [ 640.272251] ? kasan_check_write+0x14/0x20 [ 640.276481] ? rcu_note_context_switch+0x730/0x730 [ 640.281406] __should_failslab+0x124/0x180 [ 640.285641] should_failslab+0x9/0x14 [ 640.289435] __kmalloc+0x2c8/0x760 [ 640.292975] ? __init_waitqueue_head+0x9e/0x150 [ 640.297640] ? init_wait_entry+0x1c0/0x1c0 [ 640.301872] ? p9_fcall_alloc+0x1e/0x90 [ 640.305843] p9_fcall_alloc+0x1e/0x90 [ 640.309643] p9_client_prepare_req.part.9+0x754/0xcd0 [ 640.314832] ? p9_free_req.isra.8+0x140/0x140 [ 640.319325] ? __radix_tree_replace+0x188/0x2f0 [ 640.323994] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 640.329535] ? node_tag_clear+0xc0/0x1c0 [ 640.333606] p9_client_rpc+0x1bd/0x1400 [ 640.337583] ? idr_alloc_u32+0x208/0x3a0 [ 640.341645] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 640.347008] ? lock_acquire+0x1e4/0x540 [ 640.350977] ? p9_fid_create+0x37f/0x4c0 [ 640.355057] ? lock_downgrade+0x8f0/0x8f0 [ 640.359205] ? kasan_check_read+0x11/0x20 [ 640.363350] ? do_raw_spin_unlock+0xa7/0x2f0 [ 640.367754] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 640.372335] ? kasan_check_write+0x14/0x20 [ 640.376567] ? do_raw_spin_lock+0xc1/0x200 [ 640.380810] ? trace_hardirqs_on+0xd/0x10 [ 640.384958] ? check_memory_region+0x151/0x1b0 [ 640.389535] ? p9_client_destroy+0x610/0x610 [ 640.393946] p9_client_attach+0x19f/0x860 [ 640.398092] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 640.403198] ? debug_check_no_obj_freed+0x30b/0x595 [ 640.408217] ? p9_client_walk+0xab0/0xab0 [ 640.412361] ? trace_hardirqs_off+0xd/0x10 [ 640.416589] ? quarantine_put+0x10d/0x1b0 [ 640.420737] ? __kasan_slab_free+0x131/0x170 [ 640.425145] v9fs_session_init+0xf62/0x1a80 [ 640.429466] ? v9fs_session_init+0xf62/0x1a80 [ 640.433958] ? rcu_note_context_switch+0x730/0x730 [ 640.438893] ? v9fs_show_options+0x7e0/0x7e0 [ 640.443299] ? lock_release+0xa30/0xa30 [ 640.447271] ? check_same_owner+0x340/0x340 [ 640.451592] ? kasan_unpoison_shadow+0x35/0x50 [ 640.456170] ? kasan_kmalloc+0xc4/0xe0 [ 640.460054] ? kmem_cache_alloc_trace+0x318/0x780 [ 640.464892] ? kasan_unpoison_shadow+0x35/0x50 [ 640.469469] ? kasan_kmalloc+0xc4/0xe0 [ 640.473355] v9fs_mount+0x7c/0x900 [ 640.476894] ? v9fs_drop_inode+0x150/0x150 [ 640.481125] legacy_get_tree+0x118/0x440 [ 640.485183] vfs_get_tree+0x1cb/0x5c0 [ 640.488980] do_mount+0x6c1/0x1fb0 [ 640.492518] ? kasan_check_write+0x14/0x20 [ 640.496754] ? copy_mount_string+0x40/0x40 [ 640.500987] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 640.505740] ? retint_kernel+0x10/0x10 [ 640.509623] ? ksys_mount+0xe2/0x140 [ 640.513332] ksys_mount+0x12d/0x140 [ 640.516959] __x64_sys_mount+0xbe/0x150 [ 640.520929] do_syscall_64+0x1b9/0x820 [ 640.524812] ? finish_task_switch+0x1d3/0x870 [ 640.529304] ? syscall_return_slowpath+0x5e0/0x5e0 [ 640.534229] ? syscall_return_slowpath+0x31d/0x5e0 [ 640.539159] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 640.544172] ? prepare_exit_to_usermode+0x291/0x3b0 [ 640.549185] ? perf_trace_sys_enter+0xb10/0xb10 [ 640.553849] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 640.558692] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 640.563874] RIP: 0033:0x455e29 [ 640.567053] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 640.586319] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 640.594025] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 640.601290] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 640.608558] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 640.615819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 640.623081] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000025 [ 640.630654] 9pnet: Couldn't grow tag array 02:46:21 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(0xffffffffffffffff, r1) 02:46:21 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x3, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:21 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1f000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:21 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r2 = syz_open_dev$mice(&(0x7f0000000300)='/dev/input/mice\x00', 0x0, 0x0) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000480)={[{0x4, 0xffffffffffffff80, 0x4, 0x1, 0x3f, 0x841, 0x0, 0x9, 0x3, 0x10000, 0x9, 0x8, 0x6}, {0x800, 0x9, 0x400, 0xffffffffffff8001, 0x1, 0x7, 0x1, 0xcac, 0x1, 0x8, 0x7b93, 0x4, 0x100000000}, {0x3a080906, 0x0, 0x4, 0xf0, 0x4, 0x1000000000000, 0xa1, 0x2, 0xfffffffffffffffd, 0x8, 0x4, 0x8, 0x8001}], 0x8}) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000540)=@nat={'nat\x00', 0x19, 0x6, 0x7d0, [0x20000940, 0x0, 0x0, 0x20000a80, 0x20000d20], 0x0, &(0x7f0000000500), &(0x7f0000000940)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x1, [{{{0x11, 0x40, 0x896d, 'team0\x00', 'yam0\x00', 'ip6gre0\x00', 'veth1\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x17}, [0xff, 0x0, 0xff, 0x0, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x70, 0xd8, 0x110}, [@common=@CONNSECMARK={'CONNSECMARK\x00', 0x8, {{0x2}}}, @arpreply={'arpreply\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xffffffffffffffff}}}]}, @snat={'snat\x00', 0x10, {{@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x2, [{{{0x11, 0x0, 0xdada, 'gretap0\x00', 'vcan0\x00', 'ip6gre0\x00', 'ip_vti0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, [0x0, 0xff, 0x0, 0x0, 0x336b64313b04e6b6, 0xff], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x21}, [0x0, 0x0, 0xff, 0x0, 0xff, 0xff], 0x70, 0xe0, 0x118}, [@common=@mark={'mark\x00', 0x10, {{0xffffffd0, 0xfffffffffffffffe}}}, @snat={'snat\x00', 0x10, {{@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 0xffffffffffffffff}}}]}, @arpreply={'arpreply\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1c}, 0xfffffffffffffffd}}}}, {{{0xf, 0x2, 0x4b65, 'veth1_to_bond\x00', 'bond_slave_1\x00', 'teql0\x00', 'bridge_slave_1\x00', @random="7148a64e87fd", [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x21}, [0xff, 0xff, 0x0, 0xff, 0x0, 0xff], 0xc0, 0x128, 0x158, [@ipvs={'ipvs\x00', 0x28, {{@ipv4=@multicast2=0xe0000002, [0xffffffff, 0xffffff00, 0xffffff00, 0xffffffff], 0x4e20, 0x7f, 0x3, 0x4e23, 0x8, 0x1}}}]}, [@common=@AUDIT={'AUDIT\x00', 0x8, {{0x2}}}, @snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xffffffffffffffff}}}]}, @common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}}]}, {0x0, '\x00', 0x3, 0xfffffffffffffffe, 0x1, [{{{0x0, 0x8, 0xff, 'veth0_to_bond\x00', 'bridge_slave_1\x00', 'vlan0\x00', 'erspan0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty, [0xff, 0xff, 0xff, 0xff, 0xff], 0x120, 0x158, 0x190, [@statistic={'statistic\x00', 0x18, {{0x0, 0x1, 0x5, 0xfffffffffffffffc, 0x1, 0x103cc7ab}}}, @rateest={'rateest\x00', 0x48, {{'vcan0\x00', 'team0\x00', 0x2, 0x0, 0x800, 0x0, 0x6, 0x100000001, 0x2}}}]}, [@common=@mark={'mark\x00', 0x10, {{0xffffffc0, 0xfffffffffffffffe}}}]}, @snat={'snat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xffffffffffffffff}}}}]}, {0x0, '\x00', 0x4, 0xffffffffffffffff, 0x2, [{{{0x1d, 0x24, 0x9100, 'bcsf0\x00', 'bpq0\x00', 'bond0\x00', 'bond0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, [0xff, 0x0, 0x0, 0xff, 0xff, 0xbffe4e82177cee1d], @empty, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x70, 0xb8, 0xe8}, [@common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00', 0x81, 0x8, 0xfff}}}]}, @common=@STANDARD={'\x00', 0x8, {0xfffffffffffffffd}}}, {{{0x13, 0x0, 0x88b5, 'syzkaller1\x00', '\x00', 'veth1_to_bridge\x00', 'bpq0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0x0, 0x0, 0x0, 0xff], @random="3c98acefbc91", [0xff, 0xff, 0xff, 0x0, 0xff, 0xff], 0x70, 0xe0, 0x118}, [@snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xfffffffffffffffe}}}, @snat={'snat\x00', 0x10, {{@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x15}, 0x10}}}]}, @snat={'snat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xffffffffffffffff}}}}]}]}, 0x848) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYRES64=r1, @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYPTR64=&(0x7f0000000380)=ANY=[@ANYRESHEX=r2], @ANYBLOB=',\x00']) r3 = open(&(0x7f0000000080)='./file0\x00', 0x10800, 0x2) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f00000002c0)={0x2200000000000000, 0x105000, 0x7, 0xb, 0xc}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:21 executing program 6 (fault-call:7 fault-nth:38): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:21 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970d5", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:22 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0xf0ffff}}], 0x1, 0x0) 02:46:22 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xc0ed0000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:22 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf6ffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 640.933180] 9pnet_virtio: no channels available for device (null) [ 640.963186] FAULT_INJECTION: forcing a failure. [ 640.963186] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 640.975022] CPU: 1 PID: 7567 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 640.983328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 640.992670] Call Trace: [ 640.995258] dump_stack+0x1c9/0x2b4 [ 640.998884] ? dump_stack_print_info.cold.2+0x52/0x52 [ 641.004073] should_fail.cold.4+0xa/0x11 [ 641.008133] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 641.013236] ? lock_acquire+0x1e4/0x540 [ 641.017202] ? is_bpf_text_address+0xae/0x170 [ 641.021696] ? lock_release+0xa30/0xa30 [ 641.025668] ? kasan_check_read+0x11/0x20 [ 641.029810] ? rcu_is_watching+0x8c/0x150 [ 641.033954] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 641.038625] ? is_bpf_text_address+0xd7/0x170 [ 641.043117] ? kernel_text_address+0x79/0xf0 [ 641.047523] ? unwind_get_return_address+0x61/0xa0 [ 641.052448] ? __save_stack_trace+0x8d/0xf0 [ 641.056765] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 641.062295] ? should_fail+0x246/0xd86 [ 641.066179] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 641.071280] __alloc_pages_nodemask+0x36e/0xdb0 [ 641.075942] ? save_stack+0x43/0xd0 [ 641.079562] ? kasan_kmalloc+0xc4/0xe0 [ 641.083539] ? __kmalloc+0x14e/0x760 [ 641.087254] ? p9_fcall_alloc+0x1e/0x90 [ 641.091228] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 641.096241] ? vfs_get_tree+0x1cb/0x5c0 [ 641.100209] ? ksys_mount+0x12d/0x140 [ 641.104007] ? __x64_sys_mount+0xbe/0x150 [ 641.108150] ? do_syscall_64+0x1b9/0x820 [ 641.112202] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 641.117562] ? __x64_sys_mount+0xbe/0x150 [ 641.121702] ? do_syscall_64+0x1b9/0x820 [ 641.125762] ? lock_downgrade+0x8f0/0x8f0 [ 641.129907] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 641.134833] ? kasan_check_read+0x11/0x20 [ 641.138976] ? do_raw_spin_unlock+0xa7/0x2f0 [ 641.143384] ? check_same_owner+0x340/0x340 [ 641.147706] cache_grow_begin+0x91/0x710 [ 641.151765] __kmalloc+0x688/0x760 [ 641.155297] ? __init_waitqueue_head+0x9e/0x150 [ 641.159955] ? init_wait_entry+0x1c0/0x1c0 [ 641.164184] ? p9_fcall_alloc+0x1e/0x90 [ 641.168153] p9_fcall_alloc+0x1e/0x90 [ 641.171952] p9_client_prepare_req.part.9+0x754/0xcd0 [ 641.177140] ? p9_free_req.isra.8+0x140/0x140 [ 641.181632] ? __radix_tree_replace+0x188/0x2f0 [ 641.186301] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 641.191830] ? node_tag_clear+0xc0/0x1c0 [ 641.195886] p9_client_rpc+0x1bd/0x1400 [ 641.199861] ? idr_alloc_u32+0x208/0x3a0 [ 641.203917] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 641.209279] ? lock_acquire+0x1e4/0x540 [ 641.213252] ? p9_fid_create+0x37f/0x4c0 [ 641.217310] ? lock_downgrade+0x8f0/0x8f0 [ 641.221456] ? kasan_check_read+0x11/0x20 [ 641.225596] ? do_raw_spin_unlock+0xa7/0x2f0 [ 641.229999] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 641.234577] ? kasan_check_write+0x14/0x20 [ 641.239480] ? do_raw_spin_lock+0xc1/0x200 [ 641.243711] ? trace_hardirqs_on+0xd/0x10 [ 641.247858] ? check_memory_region+0x151/0x1b0 [ 641.252437] ? p9_client_destroy+0x610/0x610 [ 641.256844] p9_client_attach+0x19f/0x860 [ 641.260997] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 641.266095] ? debug_check_no_obj_freed+0x30b/0x595 [ 641.271107] ? p9_client_walk+0xab0/0xab0 [ 641.275252] ? trace_hardirqs_off+0xd/0x10 [ 641.279484] ? quarantine_put+0x10d/0x1b0 [ 641.283631] ? __kasan_slab_free+0x131/0x170 [ 641.288043] v9fs_session_init+0xf62/0x1a80 [ 641.292361] ? v9fs_session_init+0xf62/0x1a80 [ 641.296849] ? rcu_note_context_switch+0x730/0x730 [ 641.301777] ? v9fs_show_options+0x7e0/0x7e0 [ 641.306183] ? kasan_check_read+0x11/0x20 [ 641.310345] ? do_raw_spin_unlock+0xa7/0x2f0 [ 641.314751] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 641.319342] ? kasan_unpoison_shadow+0x35/0x50 [ 641.323918] ? kasan_kmalloc+0xc4/0xe0 [ 641.327803] ? kmem_cache_alloc_trace+0x318/0x780 [ 641.332647] v9fs_mount+0x7c/0x900 [ 641.336186] ? v9fs_drop_inode+0x150/0x150 [ 641.340416] legacy_get_tree+0x118/0x440 [ 641.344472] vfs_get_tree+0x1cb/0x5c0 [ 641.348268] do_mount+0x6c1/0x1fb0 [ 641.351803] ? kasan_check_write+0x14/0x20 [ 641.356034] ? copy_mount_string+0x40/0x40 [ 641.360266] ? kasan_kmalloc+0xc4/0xe0 [ 641.364158] ? kmem_cache_alloc_trace+0x318/0x780 [ 641.369004] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 641.374539] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 641.380072] ? copy_mount_options+0x285/0x380 [ 641.384563] ksys_mount+0x12d/0x140 [ 641.388186] __x64_sys_mount+0xbe/0x150 [ 641.392159] do_syscall_64+0x1b9/0x820 [ 641.396043] ? finish_task_switch+0x1d3/0x870 [ 641.400533] ? syscall_return_slowpath+0x5e0/0x5e0 [ 641.405467] ? syscall_return_slowpath+0x31d/0x5e0 [ 641.410391] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 641.415401] ? prepare_exit_to_usermode+0x291/0x3b0 [ 641.420414] ? perf_trace_sys_enter+0xb10/0xb10 [ 641.425076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 641.429925] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 641.435108] RIP: 0033:0x455e29 [ 641.438287] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 641.457895] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 641.465597] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 641.472857] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:22 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1194c, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:22 executing program 6 (fault-call:7 fault-nth:39): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 641.480120] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 641.487378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 641.494637] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000026 [ 641.504510] 9pnet_virtio: no channels available for device (null) 02:46:22 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:22 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) r2 = dup3(r1, r1, 0x80000) ioctl$TIOCSTI(r2, 0x5412, 0xca33) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r3 = dup2(r1, r0) setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000480)={0x5, {{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x0, 0x3, [{{0x2, 0x4e23}}, {{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}}, {{0x2, 0x4e21}}]}, 0x210) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:22 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x20000000}}], 0x1, 0x0) [ 641.678792] FAULT_INJECTION: forcing a failure. [ 641.678792] name failslab, interval 1, probability 0, space 0, times 0 [ 641.690082] CPU: 1 PID: 7593 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 641.698397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 641.707749] Call Trace: [ 641.710350] dump_stack+0x1c9/0x2b4 [ 641.713990] ? dump_stack_print_info.cold.2+0x52/0x52 [ 641.719191] ? kasan_check_write+0x14/0x20 [ 641.723436] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 641.728373] should_fail.cold.4+0xa/0x11 [ 641.732443] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 641.737555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 641.743102] ? find_next_zero_bit+0x111/0x140 [ 641.747610] ? kasan_check_read+0x11/0x20 [ 641.751766] ? do_raw_spin_unlock+0xa7/0x2f0 [ 641.756184] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 641.760780] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 641.765806] ? find_next_bit+0x104/0x130 [ 641.769873] ? cpumask_next+0x24/0x30 [ 641.773679] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 641.779224] ? pcpu_alloc+0x190/0x13a0 [ 641.783117] ? kmem_cache_alloc_trace+0x152/0x780 [ 641.787974] ? lock_acquire+0x1e4/0x540 [ 641.791962] ? fs_reclaim_acquire+0x20/0x20 [ 641.796292] ? lock_downgrade+0x8f0/0x8f0 [ 641.800448] ? check_same_owner+0x340/0x340 [ 641.804777] ? rcu_note_context_switch+0x730/0x730 [ 641.809716] __should_failslab+0x124/0x180 [ 641.813973] should_failslab+0x9/0x14 [ 641.817779] __kmalloc+0x2c8/0x760 [ 641.821317] ? __init_rwsem+0x1cc/0x2a0 [ 641.825287] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 641.830304] ? prealloc_shrinker+0x124/0x450 [ 641.834713] prealloc_shrinker+0x124/0x450 [ 641.838947] ? inactive_list_is_low+0x850/0x850 [ 641.843615] ? __lockdep_init_map+0x105/0x590 [ 641.848110] alloc_super+0x8dd/0xb10 [ 641.851824] ? destroy_unused_super.part.11+0x110/0x110 [ 641.857191] ? lock_downgrade+0x8f0/0x8f0 [ 641.861334] ? lock_acquire+0x1e4/0x540 [ 641.865314] ? kasan_check_read+0x11/0x20 [ 641.869456] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 641.874037] ? kasan_check_write+0x14/0x20 [ 641.878268] ? do_raw_spin_lock+0xc1/0x200 [ 641.882502] sget_userns+0x276/0x860 [ 641.886214] ? v9fs_kill_super+0xa0/0xa0 [ 641.890276] ? vfs_get_super+0x270/0x270 [ 641.894350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 641.899892] ? ns_capable_common+0x13f/0x170 [ 641.904300] ? v9fs_kill_super+0xa0/0xa0 [ 641.908354] sget+0x10b/0x150 [ 641.911462] v9fs_mount+0xe2/0x900 [ 641.915000] ? v9fs_drop_inode+0x150/0x150 [ 641.919235] legacy_get_tree+0x118/0x440 [ 641.923296] vfs_get_tree+0x1cb/0x5c0 [ 641.927093] do_mount+0x6c1/0x1fb0 [ 641.930631] ? kasan_check_read+0x11/0x20 [ 641.934776] ? do_raw_spin_unlock+0xa7/0x2f0 [ 641.939184] ? copy_mount_string+0x40/0x40 [ 641.943413] ? kasan_kmalloc+0xc4/0xe0 [ 641.947296] ? kmem_cache_alloc_trace+0x318/0x780 [ 641.952143] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 641.957673] ? copy_mount_options+0x285/0x380 [ 641.962167] ksys_mount+0x12d/0x140 [ 641.965791] __x64_sys_mount+0xbe/0x150 [ 641.969765] do_syscall_64+0x1b9/0x820 [ 641.973650] ? finish_task_switch+0x1d3/0x870 [ 641.978144] ? syscall_return_slowpath+0x5e0/0x5e0 [ 641.983071] ? syscall_return_slowpath+0x31d/0x5e0 [ 641.987999] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 641.993014] ? prepare_exit_to_usermode+0x291/0x3b0 [ 641.998091] ? perf_trace_sys_enter+0xb10/0xb10 [ 642.002755] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 642.007600] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 642.012785] RIP: 0033:0x455e29 02:46:22 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x7, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:22 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x500000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 642.015959] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 642.035228] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 642.042933] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 642.050197] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 642.057461] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 642.064723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 642.071986] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000027 02:46:23 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(0xffffffffffffffff, r1) 02:46:23 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x8cffffff00000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:23 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1100}}], 0x1, 0x0) 02:46:23 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2f66696c00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:23 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:23 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x6f09000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:23 executing program 6 (fault-call:7 fault-nth:40): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:23 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) r2 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x3, 0x80000) r3 = gettid() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000640)={{{@in=@multicast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@broadcast}}, &(0x7f0000000740)=0xe8) r5 = getegid() r6 = getpid() r7 = getuid() getresgid(&(0x7f0000000780)=0x0, &(0x7f00000007c0), &(0x7f0000000800)) fcntl$getownex(r0, 0x10, &(0x7f00000008c0)={0x0, 0x0}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000940)={{{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@local}}, &(0x7f0000000a40)=0xe8) getresgid(&(0x7f0000000a80)=0x0, &(0x7f0000000ac0), &(0x7f0000000b00)) r12 = getpgid(0xffffffffffffffff) fstat(r0, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000000ec0)='./file0\x00', &(0x7f0000000f00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r15 = getpgrp(0xffffffffffffffff) lstat(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x5, &(0x7f0000001040)=[0x0, 0x0, 0xee01, 0xffffffffffffffff, 0xffffffffffffffff]) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000001080)=0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000010c0)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@dev}}, &(0x7f00000011c0)=0xe8) getgroups(0x5, &(0x7f0000001200)=[0xee00, 0xffffffffffffffff, 0xee00, 0xee00, 0x0]) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000001740)=0x0) getresuid(&(0x7f0000001780), &(0x7f00000017c0), &(0x7f0000001800)=0x0) lstat(&(0x7f0000001840)='./file0\x00', &(0x7f0000001880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r24 = getpgrp(r18) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001900)={{{@in=@broadcast, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@dev}}, &(0x7f0000001a00)=0xe8) r26 = getegid() ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000001a40)=0x0) r28 = getuid() getgroups(0x7, &(0x7f0000001a80)=[0xee01, 0xee01, 0xffffffffffffffff, 0x0, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff]) r30 = getpgrp(0x0) lstat(&(0x7f0000001d40)='./file0\x00', &(0x7f0000001d80)={0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x9, &(0x7f0000001e00)=[0xee01, 0xee01, 0x0, 0xee00, 0xee00, 0x0, 0xffffffffffffffff, 0x0, 0xee00]) r33 = getpgrp(0x0) r34 = geteuid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001e40)={0x0, 0x0, 0x0}, &(0x7f0000001e80)=0xc) r36 = getpgrp(0x0) r37 = getuid() getgroups(0x4, &(0x7f0000003040)=[0x0, 0xee00, 0xee00, 0xee00]) fcntl$getownex(r1, 0x10, &(0x7f0000003080)={0x0, 0x0}) stat(&(0x7f00000030c0)='./file0\x00', &(0x7f0000003100)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000003180)='./file0\x00', &(0x7f00000031c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000003240)={0x0}, &(0x7f0000003280)=0xc) lstat(&(0x7f00000032c0)='./file0\x00', &(0x7f0000003300)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f0000003380)='./file0\x00', &(0x7f00000033c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r45 = getpgrp(0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000003440)={0x0, 0x0}, &(0x7f0000003480)=0xc) r47 = getegid() sendmmsg$unix(r2, &(0x7f0000003640)=[{&(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000480)="9dcaa9d808b44159e377244e31cd2b4255e9d54c9f35e115196eba843ac1f175533e739af56ba170f28895915bb0e3ea76f38a66e3f81734544cba40acaf212d3487790c162f1dd69c89acf5a2ab829b443d3bedfbdf716315d60b8421a2ffe344be9b5d39390936ae28fc160914e80b0fac8afdacdd926bece7c8cdc094b0fbefccbcac312621659bebcfdaea82b850ed212ca70f4a828f4672a42b71a5e61982156f965f90", 0xa6}, {&(0x7f0000000540)="c145d3fea166e037d80a3e655688237fa372e5d801512910354eda476877b7555f4f66075cb7d2fd62ef59ee6f9078fdfcb7e31ff0f6a718509a3d6eaec0cc9d3261b37f322f2de9e36a7af98e8635e101384be6d2b845b6852fab245365f917e81d6f1e0a6cd5df56a84a2c123de5dc17d40dd26901e68c48dda37c8658c27760fa5a9bd42d425c9d04c614c566029a577fbe70dc34076de859bd2afef29f1cc703de04d94d2ef31d03e4da4c9005eedc39b6b48156bea3af8056a49118c919881ad4e97674ec8e659a7a3b099edc81d1113abb0f0c3d0a5b3dd0d766", 0xdd}], 0x2, &(0x7f0000000b40)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000ca9020005100000000000100000002000000", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r10, @ANYRES32=r11, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="20000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00'], 0xc8, 0x8010}, {&(0x7f0000000c40)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000cc0)="beb69b3ebaf84ba74e3c42713b31551e7299536f29b43afc2e67bd0151d96a318d24233dfa9f8ab3693b99c09e3eb872460cd6f08c78ca4792b00df3b0d73acd8d76bc7e4868a9b907606050666758f5e51e7e7e586ff4cbbec7dced8f8eeae9660088e881ad99148d84cdf6da732de388429f0eab68ea3fccd8356fa6aa0fcf0a66a2956bf2f6b4fde6a4b4cf7e271fc0e342d6b4889ab8f4068fd0284ac6a9566f35", 0xa3}, {&(0x7f0000000d80)="55ef8c69111d46d97a234f149ce9ec6049cc93477c4c2ae010f7ea7209f38b7372cf2c527f1a17a3e3280103f95c34e14047be897f9ee7790e89933b4ca8100081249f6b4c18c7bf859be705c664b93d7d7a9fd39d5729395d23", 0x5a}], 0x2, &(0x7f0000001240)=[@cred={0x20, 0x1, 0x2, r12, r13, r14}, @rights={0x10, 0x1, 0x1}, @cred={0x20, 0x1, 0x2, r15, r16, r17}, @cred={0x20, 0x1, 0x2, r18, r19, r20}, @rights={0x20, 0x1, 0x1, [r0, r1, r1, r0]}], 0x90, 0x40000}, {&(0x7f0000001300)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f00000016c0)=[{&(0x7f0000001380)="e81b23e27cb7bcd9e0db602e39a2e20d23b70319f99f0cbfb6af5fa393ac69e88660614dd8312ec2b856c9bd92c9fcacc40398b17c2a692356800a6d5751022dfec2a165add4404378ccd786db4cd345fb7b6448acfbcfb6452087f9c32d4cd084aea18c075c8ec3445eea75a72fab93f784769b96364d233995df5d0b5af78af11dea5ea0cd74ac7b70cee141038293576983d845d10da3fc5938325cf99f", 0x9f}, {&(0x7f0000001440)="db755160e59c1750", 0x8}, {&(0x7f0000001480)="8e359fe6e4119c147767988c7ecc75443f8977f1a117178883346c6a2b24bfe50b7ef1db66c4663d242a7db2310a45c895a6f926e1b0cd91741ba31c8af19f92060e309ab4d36bec0534563751869dd11077d3dd0b471fe8732d673f6e0b770aff657f0da21d418b17ae3a7e98c670694a179fa36af5a4649c2d8723dab690228c861cee09f731c84b8ca50a63", 0x8d}, {&(0x7f0000001540)="00d88c9c309f422ff68e657a100dd725fe318d17344504b34b3c1da2dbcf13a0169e2f32bb09f255d054d4150cedfd1f9bab48d8ca36bde5f86e204fd8dbed256ee2601a399e1f6bf645c7e8b5673bdd78075e0e5454bfd25d311c2a4d13", 0x5e}, {&(0x7f00000015c0)="7f58747c4f2aa358eaa877b11d256abcded41a62c004e84659eff13382f3418987b15d4537e0978f8c56a81f0cd0a115646da89f1b7f3fa6fa92042a95eed60cb26cc0ecca7c16ea61efc11604095e9b0fa0fb8e6a6af6e470484f684ac6d272096ef1e32927bdf2254eb4e563e1ec00838b4b7cac3a9b7eac06a1161ac422c1d7894078d44a2b086fda6222437287f1e5d44cd512765cdf0d9e7d1fb8242e042d0d1b63ffcd7c331e8dd3d039f75e0808463fdb65071e0da2566e733421b07d95981fb0b61d612895c7f3d97cbcab74cf50411240dfc0f56fc9f3e1d5c39d5cc22e57b2c150961e32d0a04e119031b6e300ab5cc7", 0xf5}], 0x5, &(0x7f0000003840)=ANY=[@ANYBLOB="20000000000000000100000002000000", @ANYRES32=r21, @ANYRES32=r22, @ANYRES32=r23, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r24, @ANYRES32=r25, @ANYRES32=r26, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r27, @ANYRES32=r28, @ANYRES32=r29, @ANYBLOB="0000000030000000000000010000d4d5964b0000d9a42003336df9d017e3999bc5e24eede1984c51fca18f12836b10249098e9132d975432918d85024ec11640cbaf4ed8fa07f8abd6f87c20b702b74b74e2f51fe8982c9ca940780e16c9f4188cb2fc3d3e7b1aab82b1edcddc08989e9c21e72a184c10a836b7f48d861f470000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x90, 0x40000}, {&(0x7f0000001b80)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000001d00)=[{&(0x7f0000001c00)="423e8408cd557b1bde98b069", 0xc}, {&(0x7f0000001c40)="5714534db74f868bce72b7c344ed5428429aaaa9c3c10b3c3db517d238693952e40a22c09530197f191de7ad260780cfbeade24098ba7dfb182c52d35eed4044017272422c15bee6f0e47d368424929c5117bb8b54bfe9484b46bbb8825e6abf76aab243ef328f709ddbfc0a2c984682ed803ee231e578d8e78da64106629c55aee12d8266f609ab8e5f51b4a0765d74adb0336582e19dfe7acc", 0x9a}], 0x2, &(0x7f0000001ec0)=[@cred={0x20, 0x1, 0x2, r30, r31, r32}, @cred={0x20, 0x1, 0x2, r33, r34, r35}], 0x40, 0x10}, {&(0x7f0000001f00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003000)=[{&(0x7f0000001f80)="36748e414597f4821158eeb15c1eb2e9c7ef821938dcada8b536a4918c607d1ccd2ffd1f66ddd5c55eb7ed3848ec0ec018bb64fcc557822cd30d22e6d87205017044bd73ec777ddbcdc7a2", 0x4b}, {&(0x7f0000002000)="e5f93311ea0abb035bda1691c30fbb093be99081cd04ab4a1338eba1ec3d90afa2104bf778cf4c03e21b17cfefb4f622a1ef60c77e97889daa08699c2a902f2a9dd8f635464bbece3f12aa0f4050558273d0c24410f5b03b1d340e5c7b9942c0b58d9cd0c1babc111749afb6cec223164e44c56eaee233bb6e0c491706617e34726bd5823aa1ab3309142c1a67e680c0403a1773e26d4f019e51318cffa7a8fc7731ed23a6f2665d741d6cf471b608f0397887b92b678ad62b5a886ee71580e31959be392ae3d1c1677d8e45b819bc6b5d8049b734891dd7ab2218df856490112750dd1c0c3dd5e7a1a0a630eb9d2e9d78433f0124bda11b89a9a62eb4812f2817f70dcfc5bfd9518427e708681fb7ba939d48ba9cb87d72c79fc86ab906a966b3ffaa9cbe0abac31d4ca124f4d048b26f3740657792ec33b00922989fad62d9623aaaddc296c4da7009f5aae02c02a16cc9edb41b36303b04c3373cab9167110ec790ac8c5c3b6bf49f93781bf144f504a5bf2b415e95b81c44e2f539bb4262f9802a3d469570dafd756fe66cb443acb6d862df2ec801fce7a98a898e1496b426c21cb5715d39edf1c8fc2a80aecc04e264f2fc82f00d0d560e79bee67cf9666f5c56118ca9837fbf0a55e390adc20c4d2038bc9b9ba23fe5e14dd17f10f6b1911bc0b49f03e4bc7e64c174078a1470d34bc7ef7a90828e466befcf43989040a3bffedeebd0dc5e79f3f55c35c0892941632d815d0705714607393ff61a7bd56c7c64383cb6f05a207054fe0f4b920ae3cfcdda99dd719798e2aa58122d1834c0304ffbc9735844b6dddc30bb8586d4de64aaef9b35823c584cd7bc4d4771e89aa0dbd7bfd73a8b161b54fa4c679ba3fb9e495eb138a64fa4e0417fb6aba0e605509c38fa8d6178d43313d1aa30dde4515947a8d5cf331be2671199779bdee184ad0da82bec97410f92b9cbd9e4970a85e8072caa22985622ff2478c3c36f81917e34b3b63f02245705c547810a9247aa35cb05f3bf65f18b09215b450fe2347823a2725e46ceac5411fbb5b700d137eca98fa322ef04820eb0f1c01bb0878ba2c16e6ee2e0eef7abb25f60854c89c9b92a792a4575a607b80162dc72b5a4a383009c58652ec86deed44cf258b386d955b53398c2598e9c7c384fda63a05dba5ac0ecd9176fc513373f1296f640ca9177003174b96b8ee1ed5c0b90b1eaad9ecbeb3370af758707633f543fdc05010485e35a78903d49012bde860e00f5ce4ea3a63a07686bfcc39c4504354ffe5d101e45b514cae7c11281f6ccb27e0c09401efc370a3e9aa9a424d811f2c57a3c4bab726129df5b289c0446ce645c41f5a5d216959388e68d8df6b578406907b8732651aa75124cf81e683afbff03c36c8bc8d572119a649a6267fbf08e1088bb990dda03d03b6043b655df9a8aca4eb4f7f9085e01005cddf54b0bda716fe7b469ef94bdf15fefee4405247146dd7eb2f9250f3b05d3c8f466120de5f28a35c2f1c3bbbc37f3086ead4e3ba6cc034f6517f4166ad39ba6160c003dad57657710300522b066699afd0b7e270e552e86816d5076de1d4495ca08d4e2b941513b14ef01f96d9077b4e6cd0e9d7f4b5958da6e81e91c962e8097697180dd95599300b11e7080d4e5da0394a6479e176267321e406d417f88232b77f05d26873805e1e8a4c8ebd33fc1d602f0fb945e393762d7eb864a210019e63eb759411accf7e4f0441c7446cc2f36316d37342feb0aeebdc3c389a50374c4cc527c0ba62fe1a7bee5107d47e0ce7f7dc979946729ef6a40461a832ebcd3a152480eaa736e615839e00035092399b3fff570839e34df6946e8244873316214464acb6cf2506fc65c2ef0152fc539ba806f33692a016c6a3a15652e1b7ec2b4c3bf4af15dccd48651c083b98cc3a02925bdf2fec807ed03b3f2749193475791a9bedd8794a1b84f3a98caa02492eb9d820a36be2cf6f5de97f09d52d3bf4022d4a25b90d8ffe0313023b482def0bc1c13a2c05b4036b64e5a720a499743aaed3ad3b8dd94572cf9aa1e72e2fbea170419d4fceed872e5a3acd4d8399a49c7c83942453b71633b3ce7ba46feda5e4a1a121c3d6842109a4687967f24ddb1c8f3d377716d842d491a0c0378d8538cc48745c31e2e8ab23921c6ba1d1abce18a72a455da6b5ae1663a15b2a844628ae570a699167306b563072b507594bdf0b126aab56eb0eda6ed529097929a5abf29817d8046ca6fb6bcfb8e32a102b0945f9b227b5fc179b3bd06771519366a7bc2780aa259d4bbac81cc80591f85bae9a096753198636eb0bc56f348af66f083359c97ce3023651353b2754ad4cf74ed8652af90ef294961b8e7a153add546db2eee70104828932864f725478e871e8507c91d514f18c0b846e7547d2271b33240b66b61e20e0c1bd99a4920fd8f2790b51fd9fb8d3d3f1386d5a4a64269b04f2f94d7d7c29195c93ea9bdd1d6dd2c5bf6b48b92fad3c1d5104c64f8165309b7b55d991a1688cfec60685b7a45f76076b83c77a3e9a6668f9321c68fa6f15a7db78d629fe939a592433d269bfdca447c712327ffda3040fe99534c47c4bc61ed27e393e1e99d9cf794aa165420379dcf84f6d3f98becf9505d7ae19eafe9e37e13dc659b10c7eb681dfd4d929848f33d1d15c0184ccc421d04bbac808e29a8539ca08be5b436984d19033e1790239853977ce6623a2274d4d9b0e0655f0395aea806c2e3f91a2bb6cbf3fd0781c8540890f1adba01a6f468aeb5b8a9011b4bbeaf2d860f50181faebcfad9c90eb6b80bc3e97449e977afc56a133214c12221132e38290fbaba3335f21dc542f81528f071043632679a9075fa6fcd7153b5cee97809564ced3a0978246bbe6e41ae96b4a5ef3051f8aae0fce50a86cd5c40e2777bd1107391c2184c3240f69ec8403a2146f1d0a8db5b9ce0ce2bf76d9ad7298e97834065671c41db4521e9cb6ba16e29e0fa5a054f6ecbe511a1ae8e2c74c46156cab9f228169e33722335ffb96ccb6ef0b8313f066ba851a333b0f5d6fbd2d8aec3aed68c5381a5242f0b22154c19597a4655fa95a1dd85a0aa9bd1b1ebe3c2d414fc2c2caad930d068e282681097f449ca8221a573cde8bc4208163dec4416809a93068ebd5275342e0ed72fbc04eb54245e1f73bfc8dc04af42892fff39eea75bb7a46d4e8a0377df5e06e43610a865dec81939031beb1d937072173ef156dfe1157f5afbc2f56c20b75bf9713bd5b2955ba664aef3506078e8e1dff4e0d66a1151135f04c5b9962f2b845d83d1979754cd9eb0d1d59e22d6e63807788f6ab51dc992397024db8a8cfcce4ac7321f4223153a3929f25127a91aff1e745923877915708e1f5a2b4d6d1bf3868ceb7c9dcd6da3998fa5325538b3dbf113ea82fc52581b79abfdec8ecaceadbf1a7843fbd5c38807cd511bf87077cfde7639403c0d283f9831997230b6febc084eba67b8a80d881826fb36abb207926b4c8eabd1ae6592e891dcebe609d4a05f3029612c41b3dfd3d0da5731e1af9d00d70fa18ce00912560c0ce2e043c6d2acc752d06a8dbdf2c7e12363b45745bd0a79e4b8ae27c2c23364b9e7de1b9bf23b6b4781488c9c17254f6371aa24cab8774430ea0239a5acbf845caf4a3941f6979800a4c0de5b3b8a0fc930cdc843eda77e96ffcfc0648758e307c7bce818df4d3069016eec50302dc9e51f4a57fd4f8318b0ab29996f027542a216bce6185badb429fe13b8cb0d1b6e1b3f36d43a78336804674eae41ff65b2dcd8724bd77b1b2b343074ccfa3376158ccc1785376984e9a90fc63b3b2ba449a9963de13ce2714ca01a3b971277ad6317ab13df442a31cdb01031729b359eb7596d5ae0b1c0fe36bb7e6403ee6bfd91e27f1e97ffaa9c3109d825da183f325576ff873c03c4e91a3189e7e1db9fb43392ac8d7b1477be908927e466baea9ca012f4cb97daaecea16e2e8231496835004d7629e732d9de7f82c71bdb922bd478c597a0b9fcf9747b30850e6158196b8761615e8dc371f5d086a7ff7883c88a1413400f2bce2723b726fcde98da9d8b73cf255b2d5b301e3f8748e3846bab2befbe524002b3f7c1bfee63408540d4b16893028ea5c7f8508e8b931064cb2b12e128b26f615997fc04009bbb1b4cf1d13b51feae5983dff3ab96ea4e3d5e34a49bf1165813548130b708ec32dc767555969ad04057e15a57ca6f27945008a096088f65182fd3cbb71d494ede9f1534c543e9afa60dbca2d3e9b9b7d1bc1e6717fb7d7049ed44bfc5147504ade8621f0d84716e70fe0ce13b235b6e97102173d04da5c2628b371dc678f742cff2efd31098d7bda6d32a45fa5c4d40dde7c332f912ec3380fe87910a08e1ae08cebb66fcaed0f6784f56fcd1841cbd661873ae25776a41a42460703947a0f035bd6a4aaaad78c89855e9d8a0086fd523a05a0d01455bae40f71f969c65c0cfd47f9b91fb8e6169770aba2a3cf2a9f19de631ff580d18de3cd09b5e9050324b726ba0553bdb11f67ab24f00169204d05c20a3a4d5d8030de7c739d1105cac05d79f6e8bfe89bb3c6e5563d89ae1623285a2deebb7f7ad57b659b38e0f80c982df605e230fb248c53a52a70733bb8498fc1f9e7be6a11b5cfa7e89d8ce08192e83ccef957da4c795f68056c9a86e233b40e9140768b61bae4face17d2edb3e9606a988cfd7e8f8b9a2a7b668ea768829b46a288d8a6a05329e5893297cb5dbb143cb53c1c3db910aca7fa924c213e00689200eedbb72ad57327c144016020e049f41b728e2b724f7bcb99c1e00c36e8557efa707ebbca2445f7303b77a0f36f2066d08900e4ebb859572d0fd161f2ddcab67ab6f0ac026012373042fa66d77b852f6ff9c87ba6f766bff41902e17f832c3f6332a6a4e1c212249d972b73d8fe26836be2e18a5fe5f3a42f8571197a59089434b997bbddcfb3e224d25978945a3b7c57690544bf93bfc7d51041d9a14dae7aa8b70053864b72793eaa30b345740b3491070b737a0cab57e5d7c8464f3686be20093316ebb1fa94b028681b15b5617b65e699e03875b06310638489e02d2e70e4a1ed7664d10e875726e8534c566c8c99fedd17419ac3f5bfa6612356dac6d62336bbc414cdbf70f3e6f3838178eefeb401c722ce01e563f5e4f647271a514c0b58875887a8683f4d66296f7053e7746c2b89fc27a48178ab8fd14c84f13d9ca9f01a2fa823c831d03da06f8ce35ab66cea71edab79f517a70d5b4c22addd1c6a52414f1fb139bcb6f7ad8ce082def2e40ded8e217b5760c227a7a2713b283c243bf7373533e565ad995bdd1677a0f24d54628dc265405f84c8917417ae28ae8c5cf9d6c29360c98dce25550e687458800c64c172edf69769400361004b36056ede549ba458792ee506dd9316aca07d96dfe1decaa29750c239d68e4e3e0f8f6a216604b5b3eb5bac016b91221e23245325ad11f2c8863907ca62a0accc2856745858fedd0142ac833c96e2c63f0795df8b01083d7435c4ed8e6de5c74587803f3a9d28ddb30ca38bc8c2aa308774f9c8f8c716e411c2e3a5dc0d91f21b9a99fd44d23a5f419a0aab334b3ef7a92df2d8b63dd34044dbb2d42c6eee6ff5756ba548919cc32ea1c65bb87d7c3c6c91f88ef87dc38e9b8cc38ea6f3d4753601c97362c9a7a2777287ac39d8ab119191f8b53510e2ff8e9b12757f0b4eaae13e2ba94df074fde49c80928f2f78efacdd889854c890ce394354d290afa4d82aa7d79b36b156838502943e9", 0x1000}], 0x2, &(0x7f00000034c0)=[@cred={0x20, 0x1, 0x2, r36, r37, r38}, @rights={0x20, 0x1, 0x1, [r0, r0, r1, r0]}, @cred={0x20, 0x1, 0x2, r39, r40, r41}, @cred={0x20, 0x1, 0x2, r42, r43, r44}, @cred={0x20, 0x1, 0x2, r45, r46, r47}], 0xa0, 0x8040}, {&(0x7f0000003580)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000003600), 0x0, 0x0, 0x0, 0x10}], 0x6, 0x80) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000037c0)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d207f60a5c801d9027a72d8be578b4e2d1e", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 642.507345] 9pnet: Insufficient options for proto=fd 02:46:23 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x3f00, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:23 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x2000}}], 0x1, 0x0) 02:46:23 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xa000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:23 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x9000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 642.576554] 9pnet: Insufficient options for proto=fd [ 642.604415] FAULT_INJECTION: forcing a failure. [ 642.604415] name failslab, interval 1, probability 0, space 0, times 0 [ 642.615688] CPU: 1 PID: 7628 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 642.624007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 642.633362] Call Trace: [ 642.635956] dump_stack+0x1c9/0x2b4 [ 642.639593] ? dump_stack_print_info.cold.2+0x52/0x52 [ 642.644796] should_fail.cold.4+0xa/0x11 [ 642.648870] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 642.653985] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 642.659011] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 642.663777] ? lock_acquire+0x1e4/0x540 [ 642.667754] ? is_bpf_text_address+0xae/0x170 [ 642.672256] ? lock_downgrade+0x8f0/0x8f0 [ 642.676409] ? lock_acquire+0x1e4/0x540 [ 642.680391] ? fs_reclaim_acquire+0x20/0x20 [ 642.684721] ? lock_downgrade+0x8f0/0x8f0 [ 642.688879] ? rcu_is_watching+0x8c/0x150 [ 642.693035] ? check_same_owner+0x340/0x340 [ 642.697365] ? rcu_note_context_switch+0x730/0x730 [ 642.702300] ? kernel_text_address+0x79/0xf0 [ 642.706714] __should_failslab+0x124/0x180 [ 642.710957] should_failslab+0x9/0x14 [ 642.714763] kmem_cache_alloc+0x2af/0x760 [ 642.718922] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 642.724469] fscache_alloc_cookie+0xcb/0x800 [ 642.727747] FS-Cache: Duplicate cookie detected [ 642.728884] ? fscache_cookie_init_once+0x80/0x80 [ 642.728904] ? put_dec+0xf0/0xf0 [ 642.728923] ? format_decode+0x1b1/0xaf0 [ 642.733586] FS-Cache: O-cookie c=00000000737d5a96 [p=000000002649bb4d fl=222 nc=0 na=1] [ 642.738397] ? set_precision+0xe0/0xe0 [ 642.738422] __fscache_acquire_cookie+0x230/0xb00 [ 642.741769] FS-Cache: O-cookie d=00000000d5b355fb n=0000000082e6ebbd [ 642.745801] ? fscache_cookie_put+0x850/0x850 [ 642.745819] ? pointer+0x990/0x990 [ 642.753935] FS-Cache: O-key=[10] ' [ 642.757800] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 642.757817] ? scnprintf+0xc9/0x130 [ 642.762632] 34 [ 642.769122] ? snprintf+0xe0/0xe0 [ 642.769141] v9fs_cache_session_get_cookie+0xc4/0x270 [ 642.773611] 32 [ 642.777129] v9fs_session_init+0x1013/0x1a80 [ 642.777145] ? rcu_note_context_switch+0x730/0x730 [ 642.780656] 39 [ 642.785652] ? v9fs_show_options+0x7e0/0x7e0 [ 642.785670] ? lock_release+0xa30/0xa30 [ 642.789268] 35 [ 642.791045] ? check_same_owner+0x340/0x340 [ 642.791065] ? kasan_unpoison_shadow+0x35/0x50 [ 642.794486] 33 [ 642.799660] ? kasan_kmalloc+0xc4/0xe0 [ 642.799677] ? kmem_cache_alloc_trace+0x318/0x780 [ 642.801452] 30 [ 642.805835] ? kasan_unpoison_shadow+0x35/0x50 [ 642.805855] ? kasan_kmalloc+0xc4/0xe0 [ 642.810761] 39 [ 642.812552] v9fs_mount+0x7c/0x900 [ 642.812569] ? v9fs_drop_inode+0x150/0x150 [ 642.816951] 39 [ 642.820902] legacy_get_tree+0x118/0x440 [ 642.820920] vfs_get_tree+0x1cb/0x5c0 [ 642.822694] 31 [ 642.826993] do_mount+0x6c1/0x1fb0 [ 642.827011] ? kasan_check_write+0x14/0x20 [ 642.831567] 31 [ 642.833346] ? copy_mount_string+0x40/0x40 [ 642.833363] ? kasan_kmalloc+0xc4/0xe0 [ 642.837230] ' [ 642.842047] ? kmem_cache_alloc_trace+0x318/0x780 [ 642.842066] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 642.843852] FS-Cache: N-cookie c=00000000ad22afa4 [p=000000002649bb4d fl=2 nc=0 na=1] [ 642.848405] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 642.848422] ? copy_mount_options+0x285/0x380 [ 642.852285] FS-Cache: N-cookie d=00000000d5b355fb n=00000000789062db [ 642.854062] ksys_mount+0x12d/0x140 [ 642.854079] __x64_sys_mount+0xbe/0x150 [ 642.857590] FS-Cache: N-key=[10] ' [ 642.861812] do_syscall_64+0x1b9/0x820 [ 642.861827] ? finish_task_switch+0x1d3/0x870 [ 642.863604] 34 [ 642.867643] ? syscall_return_slowpath+0x5e0/0x5e0 [ 642.867661] ? syscall_return_slowpath+0x31d/0x5e0 [ 642.871429] 32 [ 642.873208] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 642.873225] ? prepare_exit_to_usermode+0x291/0x3b0 [ 642.876735] 39 [ 642.880945] ? perf_trace_sys_enter+0xb10/0xb10 [ 642.880962] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 642.882737] 35 [ 642.886952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 642.886965] RIP: 0033:0x455e29 [ 642.890826] 33 [ 642.892511] Code: 1d ba [ 642.897353] 30 [ 642.902862] fb ff c3 66 2e [ 642.910836] 39 [ 642.916346] 0f 1f 84 00 00 [ 642.920839] 39 [ 642.927298] 00 00 00 66 90 [ 642.930932] 31 [ 642.934875] 48 89 f8 48 89 [ 642.938411] 31 [ 642.942264] f7 48 89 d6 48 [ 642.946755] ' [ 642.948523] 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 643.032839] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 643.040558] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 643.047835] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:23 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:23 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000300)) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r2 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x3f}, &(0x7f00000002c0)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000480)={r3, @in={{0x2, 0x4e21, @loopback=0x7f000001}}, 0x7, 0xffffffff}, 0x90) 02:46:23 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf61a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:24 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf31a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 643.055104] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 643.062370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 643.069638] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000028 02:46:24 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(0xffffffffffffffff, r1) 02:46:24 executing program 6 (fault-call:7 fault-nth:41): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:24 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe4ffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:24 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xf6ffffff00000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:24 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffff000}}], 0x1, 0x0) 02:46:24 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x8, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:24 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:24 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rf=\x00\x00\x00', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:24 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x900000000000000}}], 0x1, 0x0) [ 643.584211] 9pnet: Insufficient options for proto=fd [ 643.623224] FAULT_INJECTION: forcing a failure. [ 643.623224] name failslab, interval 1, probability 0, space 0, times 0 [ 643.634516] CPU: 0 PID: 7675 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 643.642822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 643.652253] Call Trace: [ 643.654845] dump_stack+0x1c9/0x2b4 [ 643.658471] ? dump_stack_print_info.cold.2+0x52/0x52 [ 643.663658] ? __kernel_text_address+0xd/0x40 [ 643.668148] ? unwind_get_return_address+0x61/0xa0 02:46:24 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xedc0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 643.673081] should_fail.cold.4+0xa/0x11 [ 643.677145] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 643.682250] ? save_stack+0xa9/0xd0 [ 643.685890] ? save_stack+0x43/0xd0 [ 643.689526] ? kasan_kmalloc+0xc4/0xe0 [ 643.689630] 9pnet: Insufficient options for proto=fd [ 643.693411] ? kmem_cache_alloc_trace+0x152/0x780 [ 643.693427] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 643.693437] ? __list_lru_init+0x4d6/0x840 [ 643.693455] ? alloc_super+0x976/0xb10 [ 643.716742] ? sget+0x10b/0x150 [ 643.720029] ? v9fs_mount+0xe2/0x900 02:46:24 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970dc", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:24 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4b19010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 643.723752] ? legacy_get_tree+0x118/0x440 [ 643.727996] ? vfs_get_tree+0x1cb/0x5c0 [ 643.731974] ? do_mount+0x6c1/0x1fb0 [ 643.735689] ? ksys_mount+0x12d/0x140 [ 643.739492] ? __x64_sys_mount+0xbe/0x150 [ 643.743640] ? do_syscall_64+0x1b9/0x820 [ 643.747705] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 643.753073] ? save_stack+0xa9/0xd0 [ 643.756706] ? lock_acquire+0x1e4/0x540 [ 643.760681] ? fs_reclaim_acquire+0x20/0x20 [ 643.765006] ? lock_downgrade+0x8f0/0x8f0 [ 643.769159] ? ksys_mount+0x12d/0x140 [ 643.772962] ? check_same_owner+0x340/0x340 [ 643.777283] ? rcu_note_context_switch+0x730/0x730 [ 643.782215] __should_failslab+0x124/0x180 [ 643.786454] should_failslab+0x9/0x14 [ 643.790262] kmem_cache_alloc_trace+0x2cb/0x780 [ 643.794933] ? kasan_kmalloc+0xc4/0xe0 [ 643.798825] __memcg_init_list_lru_node+0x185/0x2d0 [ 643.803842] ? kvfree_rcu+0x20/0x20 [ 643.807476] ? __kmalloc_node+0x47/0x70 [ 643.811455] __list_lru_init+0x4d6/0x840 [ 643.815512] ? up_write+0x7b/0x220 [ 643.819052] ? list_lru_destroy+0x500/0x500 [ 643.823372] ? prealloc_shrinker+0x124/0x450 [ 643.827780] ? prealloc_shrinker+0x21c/0x450 [ 643.832190] ? inactive_list_is_low+0x850/0x850 [ 643.836862] ? __lockdep_init_map+0x105/0x590 [ 643.841366] alloc_super+0x976/0xb10 [ 643.845083] ? destroy_unused_super.part.11+0x110/0x110 [ 643.850447] ? lock_downgrade+0x8f0/0x8f0 [ 643.854593] ? lock_acquire+0x1e4/0x540 [ 643.858570] ? kasan_check_read+0x11/0x20 [ 643.862713] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 643.867293] ? kasan_check_write+0x14/0x20 [ 643.871525] ? do_raw_spin_lock+0xc1/0x200 [ 643.875763] sget_userns+0x276/0x860 [ 643.879475] ? v9fs_kill_super+0xa0/0xa0 [ 643.883537] ? vfs_get_super+0x270/0x270 [ 643.887611] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 643.893148] ? ns_capable_common+0x13f/0x170 [ 643.897556] ? v9fs_kill_super+0xa0/0xa0 [ 643.901615] sget+0x10b/0x150 [ 643.904719] v9fs_mount+0xe2/0x900 [ 643.908261] ? v9fs_drop_inode+0x150/0x150 [ 643.912493] legacy_get_tree+0x118/0x440 [ 643.916552] vfs_get_tree+0x1cb/0x5c0 [ 643.920350] do_mount+0x6c1/0x1fb0 [ 643.923887] ? kasan_check_read+0x11/0x20 [ 643.928036] ? do_raw_spin_unlock+0xa7/0x2f0 [ 643.932449] ? copy_mount_string+0x40/0x40 [ 643.936680] ? kasan_kmalloc+0xc4/0xe0 [ 643.940571] ? kmem_cache_alloc_trace+0x318/0x780 [ 643.945418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 643.950957] ? copy_mount_options+0x285/0x380 [ 643.955452] ksys_mount+0x12d/0x140 [ 643.959083] __x64_sys_mount+0xbe/0x150 [ 643.963056] do_syscall_64+0x1b9/0x820 [ 643.966938] ? finish_task_switch+0x1d3/0x870 [ 643.971429] ? syscall_return_slowpath+0x5e0/0x5e0 [ 643.976357] ? syscall_return_slowpath+0x31d/0x5e0 [ 643.981282] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 643.986292] ? prepare_exit_to_usermode+0x291/0x3b0 [ 643.991306] ? perf_trace_sys_enter+0xb10/0xb10 [ 643.995973] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 644.000820] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 644.006001] RIP: 0033:0x455e29 02:46:24 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0xffffffff00000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:25 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="e887ce089d733d66642c72947ec0b6a07cea8b5466646e0500", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) r2 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0xffff, 0x14501) getsockopt$inet6_tcp_int(r2, 0x6, 0x11, &(0x7f00000001c0), &(0x7f0000000380)=0x4) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1, {0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{0x8}, 0x0, 0x0, 0x7, './file0'}, {{0x4}, 0x0, 0x0, 0x7, './file0'}, {{0x1}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 644.009181] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 644.028405] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 644.036119] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 644.043387] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 644.050655] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 644.057923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 644.065188] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000029 02:46:25 executing program 6 (fault-call:7 fault-nth:42): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:25 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x40000}}], 0x1, 0x0) [ 644.315483] 9pnet_virtio: no channels available for device (null) [ 644.335281] 9pnet_virtio: no channels available for device (null) [ 644.363057] FAULT_INJECTION: forcing a failure. [ 644.363057] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 644.374886] CPU: 1 PID: 7707 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 644.383193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 644.392538] Call Trace: [ 644.395128] dump_stack+0x1c9/0x2b4 [ 644.398750] ? dump_stack_print_info.cold.2+0x52/0x52 [ 644.403942] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 644.408610] should_fail.cold.4+0xa/0x11 [ 644.412662] ? is_bpf_text_address+0xd7/0x170 [ 644.417151] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 644.422254] ? __kernel_text_address+0xd/0x40 [ 644.426742] ? unwind_get_return_address+0x61/0xa0 [ 644.431670] ? __save_stack_trace+0x8d/0xf0 [ 644.435993] ? trace_hardirqs_on+0x10/0x10 [ 644.440297] ? save_stack+0xa9/0xd0 [ 644.443921] ? save_stack+0x43/0xd0 [ 644.447545] ? kasan_kmalloc+0xc4/0xe0 [ 644.451422] ? kasan_slab_alloc+0x12/0x20 [ 644.455561] ? kmem_cache_alloc+0x12e/0x760 [ 644.459876] ? fscache_alloc_cookie+0xcb/0x800 [ 644.464452] ? __fscache_acquire_cookie+0x230/0xb00 [ 644.469461] ? v9fs_cache_session_get_cookie+0xc4/0x270 [ 644.474819] ? v9fs_session_init+0x1013/0x1a80 [ 644.479397] ? v9fs_mount+0x7c/0x900 [ 644.483106] ? legacy_get_tree+0x118/0x440 [ 644.487334] ? vfs_get_tree+0x1cb/0x5c0 [ 644.491304] ? do_mount+0x6c1/0x1fb0 [ 644.495010] ? ksys_mount+0x12d/0x140 [ 644.498806] ? __x64_sys_mount+0xbe/0x150 [ 644.502947] ? do_syscall_64+0x1b9/0x820 [ 644.507001] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 644.512364] ? lock_acquire+0x1e4/0x540 [ 644.516334] ? is_bpf_text_address+0xae/0x170 [ 644.520824] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 644.526358] ? should_fail+0x246/0xd86 [ 644.530240] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 644.535339] ? fs_reclaim_acquire+0x20/0x20 [ 644.539661] __alloc_pages_nodemask+0x36e/0xdb0 [ 644.544324] ? lock_release+0xa30/0xa30 [ 644.548301] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 644.553312] ? trace_hardirqs_on+0x10/0x10 [ 644.557542] ? fscache_hash_cookie+0x640/0x1400 [ 644.562207] ? kasan_kmalloc+0xc4/0xe0 [ 644.566088] ? fscache_alloc_cookie+0x800/0x800 [ 644.570753] ? lock_acquire+0x1e4/0x540 [ 644.574721] ? fs_reclaim_acquire+0x20/0x20 [ 644.579039] ? lock_downgrade+0x8f0/0x8f0 [ 644.583186] ? lock_release+0xa30/0xa30 [ 644.587159] ? check_same_owner+0x340/0x340 [ 644.591475] cache_grow_begin+0x91/0x710 [ 644.595538] kmem_cache_alloc_trace+0x6a5/0x780 [ 644.600208] alloc_super+0xd4/0xb10 [ 644.603834] ? destroy_unused_super.part.11+0x110/0x110 [ 644.609193] ? sget_userns+0x17c/0x860 [ 644.613077] ? lock_downgrade+0x8f0/0x8f0 [ 644.617224] ? lock_acquire+0x1e4/0x540 [ 644.621194] ? kasan_check_read+0x11/0x20 [ 644.625334] ? do_raw_spin_unlock+0xa7/0x2f0 [ 644.629735] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 644.634311] ? kasan_check_write+0x14/0x20 [ 644.638539] ? do_raw_spin_lock+0xc1/0x200 [ 644.642770] sget_userns+0x276/0x860 [ 644.646482] ? v9fs_kill_super+0xa0/0xa0 [ 644.650540] ? vfs_get_super+0x270/0x270 [ 644.654615] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 644.660148] ? ns_capable_common+0x13f/0x170 [ 644.664550] ? v9fs_kill_super+0xa0/0xa0 [ 644.668603] sget+0x10b/0x150 [ 644.671708] v9fs_mount+0xe2/0x900 [ 644.675243] ? v9fs_drop_inode+0x150/0x150 [ 644.679474] legacy_get_tree+0x118/0x440 [ 644.683536] vfs_get_tree+0x1cb/0x5c0 [ 644.687351] do_mount+0x6c1/0x1fb0 [ 644.690886] ? kasan_check_write+0x14/0x20 [ 644.695116] ? copy_mount_string+0x40/0x40 [ 644.699347] ? kasan_kmalloc+0xc4/0xe0 [ 644.703234] ? kmem_cache_alloc_trace+0x318/0x780 [ 644.708075] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 644.713608] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 644.719140] ? copy_mount_options+0x285/0x380 [ 644.723630] ksys_mount+0x12d/0x140 [ 644.727251] __x64_sys_mount+0xbe/0x150 [ 644.731225] do_syscall_64+0x1b9/0x820 [ 644.735107] ? finish_task_switch+0x1d3/0x870 [ 644.739596] ? syscall_return_slowpath+0x5e0/0x5e0 [ 644.744522] ? syscall_return_slowpath+0x31d/0x5e0 [ 644.749448] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 644.754462] ? prepare_exit_to_usermode+0x291/0x3b0 [ 644.759472] ? perf_trace_sys_enter+0xb10/0xb10 [ 644.764135] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 644.768975] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 644.774160] RIP: 0033:0x455e29 [ 644.777334] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 644.796600] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 644.804305] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 644.811566] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 644.818825] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 644.826087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 644.833435] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000002a 02:46:26 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(r2, 0xffffffffffffffff) 02:46:26 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x1000000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:26 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:26 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x48190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:26 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:26 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:26 executing program 6 (fault-call:7 fault-nth:43): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:26 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe00000000000000}}], 0x1, 0x0) 02:46:26 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) readahead(r0, 0x2, 0xffffffffffffff7f) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:26 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x20000000}}], 0x1, 0x0) 02:46:26 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x600, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:26 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11b01, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 645.190073] FAULT_INJECTION: forcing a failure. [ 645.190073] name failslab, interval 1, probability 0, space 0, times 0 [ 645.201514] CPU: 0 PID: 7734 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 645.209827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.219170] Call Trace: [ 645.221754] dump_stack+0x1c9/0x2b4 [ 645.225380] ? dump_stack_print_info.cold.2+0x52/0x52 [ 645.230567] ? __kernel_text_address+0xd/0x40 [ 645.235058] ? unwind_get_return_address+0x61/0xa0 [ 645.239991] should_fail.cold.4+0xa/0x11 [ 645.244052] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 645.249156] ? save_stack+0xa9/0xd0 [ 645.252779] ? save_stack+0x43/0xd0 [ 645.256398] ? kasan_kmalloc+0xc4/0xe0 [ 645.260285] ? kmem_cache_alloc_trace+0x152/0x780 [ 645.265121] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 645.270307] ? __list_lru_init+0x4d6/0x840 [ 645.274536] ? alloc_super+0x976/0xb10 [ 645.278419] ? sget+0x10b/0x150 [ 645.281694] ? v9fs_mount+0xe2/0x900 [ 645.285404] ? legacy_get_tree+0x118/0x440 [ 645.289630] ? vfs_get_tree+0x1cb/0x5c0 [ 645.293598] ? do_mount+0x6c1/0x1fb0 [ 645.297306] ? ksys_mount+0x12d/0x140 [ 645.301101] ? __x64_sys_mount+0xbe/0x150 [ 645.305244] ? do_syscall_64+0x1b9/0x820 [ 645.309312] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 645.314672] ? save_stack+0xa9/0xd0 [ 645.318301] ? lock_acquire+0x1e4/0x540 [ 645.322269] ? fs_reclaim_acquire+0x20/0x20 [ 645.326586] ? lock_downgrade+0x8f0/0x8f0 [ 645.330752] ? ksys_mount+0x12d/0x140 [ 645.334557] ? check_same_owner+0x340/0x340 [ 645.338875] ? rcu_note_context_switch+0x730/0x730 [ 645.343798] __should_failslab+0x124/0x180 [ 645.348031] should_failslab+0x9/0x14 [ 645.351825] kmem_cache_alloc_trace+0x2cb/0x780 [ 645.356486] ? kasan_kmalloc+0xc4/0xe0 [ 645.360371] __memcg_init_list_lru_node+0x185/0x2d0 [ 645.365387] ? kvfree_rcu+0x20/0x20 [ 645.369010] ? __kmalloc_node+0x47/0x70 [ 645.372983] __list_lru_init+0x4d6/0x840 [ 645.377041] ? up_write+0x7b/0x220 [ 645.380574] ? list_lru_destroy+0x500/0x500 [ 645.384887] ? prealloc_shrinker+0x124/0x450 [ 645.389290] ? prealloc_shrinker+0x21c/0x450 [ 645.393689] ? inactive_list_is_low+0x850/0x850 [ 645.398354] ? __lockdep_init_map+0x105/0x590 [ 645.402845] alloc_super+0x976/0xb10 [ 645.407248] ? destroy_unused_super.part.11+0x110/0x110 [ 645.412608] ? lock_downgrade+0x8f0/0x8f0 [ 645.416752] ? lock_acquire+0x1e4/0x540 [ 645.420726] ? kasan_check_read+0x11/0x20 [ 645.424869] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 645.429446] ? kasan_check_write+0x14/0x20 [ 645.433675] ? do_raw_spin_lock+0xc1/0x200 [ 645.437905] sget_userns+0x276/0x860 [ 645.441611] ? v9fs_kill_super+0xa0/0xa0 [ 645.445668] ? vfs_get_super+0x270/0x270 [ 645.449740] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 645.455270] ? ns_capable_common+0x13f/0x170 [ 645.459675] ? v9fs_kill_super+0xa0/0xa0 [ 645.463730] sget+0x10b/0x150 [ 645.466833] v9fs_mount+0xe2/0x900 [ 645.470369] ? v9fs_drop_inode+0x150/0x150 [ 645.474596] legacy_get_tree+0x118/0x440 [ 645.478654] vfs_get_tree+0x1cb/0x5c0 [ 645.482448] do_mount+0x6c1/0x1fb0 [ 645.485979] ? check_same_owner+0x340/0x340 [ 645.490293] ? lock_release+0xa30/0xa30 [ 645.494264] ? copy_mount_string+0x40/0x40 [ 645.498496] ? retint_kernel+0x10/0x10 [ 645.502386] ? copy_mount_options+0x1a1/0x380 [ 645.506876] ? __sanitizer_cov_trace_pc+0x32/0x50 [ 645.511713] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 645.517255] ? copy_mount_options+0x285/0x380 [ 645.521743] ksys_mount+0x12d/0x140 [ 645.525365] __x64_sys_mount+0xbe/0x150 [ 645.529338] do_syscall_64+0x1b9/0x820 [ 645.533222] ? finish_task_switch+0x1d3/0x870 [ 645.537712] ? syscall_return_slowpath+0x5e0/0x5e0 [ 645.542636] ? syscall_return_slowpath+0x31d/0x5e0 [ 645.547562] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 645.552570] ? prepare_exit_to_usermode+0x291/0x3b0 [ 645.557580] ? perf_trace_sys_enter+0xb10/0xb10 [ 645.562246] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 645.567083] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 645.572262] RIP: 0033:0x455e29 02:46:26 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:26 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x3000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:26 executing program 6 (fault-call:7 fault-nth:44): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 645.575436] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 645.594696] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 645.602396] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 645.609653] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 645.616913] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 645.624176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 645.631437] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000002b 02:46:26 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1c000000}}], 0x1, 0x0) [ 645.952973] FAULT_INJECTION: forcing a failure. [ 645.952973] name failslab, interval 1, probability 0, space 0, times 0 [ 645.964242] CPU: 1 PID: 7765 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 645.972557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 645.981915] Call Trace: [ 645.984513] dump_stack+0x1c9/0x2b4 [ 645.988148] ? dump_stack_print_info.cold.2+0x52/0x52 [ 645.993350] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 645.998895] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 646.004426] ? delete_node+0x30a/0xc80 [ 646.008311] should_fail.cold.4+0xa/0x11 [ 646.012368] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 646.017465] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 646.022392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 646.027925] ? replace_slot+0xc9/0x4c0 [ 646.031811] ? __save_stack_trace+0x8d/0xf0 [ 646.036132] ? plist_requeue+0x650/0x650 [ 646.040194] ? save_stack+0xa9/0xd0 [ 646.043824] ? lock_acquire+0x1e4/0x540 [ 646.047796] ? fs_reclaim_acquire+0x20/0x20 [ 646.052111] ? lock_downgrade+0x8f0/0x8f0 [ 646.056257] ? check_same_owner+0x340/0x340 [ 646.060579] ? check_same_owner+0x340/0x340 [ 646.064897] ? rcu_note_context_switch+0x730/0x730 [ 646.069828] __should_failslab+0x124/0x180 [ 646.074066] should_failslab+0x9/0x14 [ 646.077861] __kmalloc+0x2c8/0x760 [ 646.081399] ? rcu_note_context_switch+0x730/0x730 [ 646.086322] ? __list_lru_init+0x151/0x840 [ 646.090553] __list_lru_init+0x151/0x840 [ 646.094614] ? up_write+0x7b/0x220 [ 646.098154] ? down_read+0x1d0/0x1d0 [ 646.101863] ? list_lru_destroy+0x500/0x500 [ 646.106184] ? prealloc_shrinker+0x124/0x450 [ 646.110592] ? prealloc_shrinker+0x21c/0x450 [ 646.115001] ? inactive_list_is_low+0x850/0x850 [ 646.119668] ? __lockdep_init_map+0x105/0x590 [ 646.124163] alloc_super+0x976/0xb10 [ 646.127964] ? destroy_unused_super.part.11+0x110/0x110 [ 646.133329] ? lock_downgrade+0x8f0/0x8f0 [ 646.137469] ? lock_acquire+0x1e4/0x540 [ 646.141443] ? kasan_check_read+0x11/0x20 [ 646.145587] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 646.150164] ? kasan_check_write+0x14/0x20 [ 646.154390] ? do_raw_spin_lock+0xc1/0x200 [ 646.158626] sget_userns+0x276/0x860 [ 646.162335] ? v9fs_kill_super+0xa0/0xa0 [ 646.166394] ? vfs_get_super+0x270/0x270 [ 646.170469] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 646.176004] ? ns_capable_common+0x13f/0x170 [ 646.180418] ? v9fs_kill_super+0xa0/0xa0 [ 646.184474] sget+0x10b/0x150 [ 646.187580] v9fs_mount+0xe2/0x900 [ 646.191119] ? v9fs_drop_inode+0x150/0x150 [ 646.195349] legacy_get_tree+0x118/0x440 [ 646.199407] vfs_get_tree+0x1cb/0x5c0 [ 646.203202] do_mount+0x6c1/0x1fb0 [ 646.206738] ? kasan_check_write+0x14/0x20 [ 646.210971] ? copy_mount_string+0x40/0x40 [ 646.215199] ? kasan_kmalloc+0xc4/0xe0 [ 646.219084] ? kmem_cache_alloc_trace+0x318/0x780 [ 646.223921] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 646.229459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 646.234994] ? copy_mount_options+0x285/0x380 [ 646.239486] ksys_mount+0x12d/0x140 [ 646.243110] __x64_sys_mount+0xbe/0x150 [ 646.247080] do_syscall_64+0x1b9/0x820 [ 646.250959] ? finish_task_switch+0x1d3/0x870 [ 646.255453] ? syscall_return_slowpath+0x5e0/0x5e0 [ 646.260379] ? syscall_return_slowpath+0x31d/0x5e0 [ 646.265303] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 646.270317] ? prepare_exit_to_usermode+0x291/0x3b0 [ 646.275328] ? perf_trace_sys_enter+0xb10/0xb10 [ 646.279992] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 646.284832] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 646.290016] RIP: 0033:0x455e29 [ 646.293197] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 646.312461] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 646.320174] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 646.327435] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 646.334750] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 646.342015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 646.349279] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000002c 02:46:27 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(r2, 0xffffffffffffffff) 02:46:27 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x2000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:27 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:27 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:27 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4000000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:27 executing program 6 (fault-call:7 fault-nth:45): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:27 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x5000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:27 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x9}}], 0x1, 0x0) 02:46:27 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x9, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 646.651861] FAULT_INJECTION: forcing a failure. [ 646.651861] name failslab, interval 1, probability 0, space 0, times 0 [ 646.663172] CPU: 0 PID: 7784 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 646.671480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 646.680822] Call Trace: [ 646.683422] dump_stack+0x1c9/0x2b4 [ 646.687048] ? dump_stack_print_info.cold.2+0x52/0x52 [ 646.692243] ? __kernel_text_address+0xd/0x40 [ 646.696742] ? unwind_get_return_address+0x61/0xa0 [ 646.701680] should_fail.cold.4+0xa/0x11 [ 646.705748] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 646.710857] ? save_stack+0xa9/0xd0 [ 646.714484] ? save_stack+0x43/0xd0 [ 646.718113] ? kasan_kmalloc+0xc4/0xe0 [ 646.722018] ? kmem_cache_alloc_trace+0x152/0x780 [ 646.726871] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 646.732063] ? __list_lru_init+0x4d6/0x840 [ 646.736297] ? alloc_super+0x976/0xb10 [ 646.740187] ? sget+0x10b/0x150 [ 646.743462] ? v9fs_mount+0xe2/0x900 [ 646.747195] ? legacy_get_tree+0x118/0x440 02:46:27 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf401000000000000}}], 0x1, 0x0) 02:46:27 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf0ffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:27 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x47190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:27 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 646.751423] ? vfs_get_tree+0x1cb/0x5c0 [ 646.755398] ? do_mount+0x6c1/0x1fb0 [ 646.759108] ? ksys_mount+0x12d/0x140 [ 646.762904] ? __x64_sys_mount+0xbe/0x150 [ 646.767043] ? do_syscall_64+0x1b9/0x820 [ 646.771106] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 646.776473] ? save_stack+0xa9/0xd0 [ 646.780099] ? lock_acquire+0x1e4/0x540 [ 646.784066] ? fs_reclaim_acquire+0x20/0x20 [ 646.788385] ? lock_downgrade+0x8f0/0x8f0 [ 646.792532] ? ksys_mount+0x12d/0x140 [ 646.796330] ? check_same_owner+0x340/0x340 [ 646.800645] ? rcu_note_context_switch+0x730/0x730 [ 646.805573] __should_failslab+0x124/0x180 [ 646.809803] should_failslab+0x9/0x14 [ 646.813598] kmem_cache_alloc_trace+0x2cb/0x780 [ 646.818261] ? kasan_kmalloc+0xc4/0xe0 [ 646.822149] __memcg_init_list_lru_node+0x185/0x2d0 [ 646.827159] ? kvfree_rcu+0x20/0x20 [ 646.830781] ? __kmalloc_node+0x47/0x70 [ 646.834756] __list_lru_init+0x4d6/0x840 [ 646.838811] ? up_write+0x7b/0x220 [ 646.842463] ? list_lru_destroy+0x500/0x500 [ 646.846779] ? prealloc_shrinker+0x124/0x450 [ 646.851182] ? prealloc_shrinker+0x21c/0x450 [ 646.855586] ? inactive_list_is_low+0x850/0x850 [ 646.860267] ? __lockdep_init_map+0x105/0x590 [ 646.864761] alloc_super+0x976/0xb10 [ 646.868472] ? destroy_unused_super.part.11+0x110/0x110 [ 646.873834] ? lock_downgrade+0x8f0/0x8f0 [ 646.877976] ? lock_acquire+0x1e4/0x540 [ 646.881954] ? kasan_check_read+0x11/0x20 [ 646.886104] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 646.890688] ? kasan_check_write+0x14/0x20 [ 646.894917] ? do_raw_spin_lock+0xc1/0x200 [ 646.899150] sget_userns+0x276/0x860 [ 646.902859] ? v9fs_kill_super+0xa0/0xa0 [ 646.906917] ? vfs_get_super+0x270/0x270 [ 646.911010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 646.916542] ? ns_capable_common+0x13f/0x170 [ 646.920946] ? v9fs_kill_super+0xa0/0xa0 [ 646.925004] sget+0x10b/0x150 [ 646.928112] v9fs_mount+0xe2/0x900 [ 646.931649] ? v9fs_drop_inode+0x150/0x150 [ 646.935880] legacy_get_tree+0x118/0x440 [ 646.939950] vfs_get_tree+0x1cb/0x5c0 [ 646.943749] do_mount+0x6c1/0x1fb0 [ 646.947287] ? check_same_owner+0x340/0x340 [ 646.951604] ? lock_release+0xa30/0xa30 [ 646.955576] ? copy_mount_string+0x40/0x40 [ 646.959805] ? retint_kernel+0x10/0x10 [ 646.963692] ? copy_mount_options+0x1e3/0x380 [ 646.968179] ? write_comp_data+0x70/0x70 [ 646.972239] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 646.977772] ? copy_mount_options+0x285/0x380 [ 646.982263] ksys_mount+0x12d/0x140 [ 646.985888] __x64_sys_mount+0xbe/0x150 [ 646.989860] ? do_syscall_64+0xca/0x820 [ 646.993835] do_syscall_64+0x1b9/0x820 [ 646.997716] ? finish_task_switch+0x1d3/0x870 [ 647.002206] ? syscall_return_slowpath+0x5e0/0x5e0 [ 647.007130] ? syscall_return_slowpath+0x31d/0x5e0 [ 647.012056] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 647.017070] ? prepare_exit_to_usermode+0x291/0x3b0 [ 647.022085] ? perf_trace_sys_enter+0xb10/0xb10 [ 647.026748] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 647.031587] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 647.036768] RIP: 0033:0x455e29 02:46:28 executing program 6 (fault-call:7 fault-nth:46): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 647.039946] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 647.059220] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 647.066924] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 647.074191] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 647.081454] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 647.088713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 647.095979] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000002d 02:46:28 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:28 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x4000000000000}}], 0x1, 0x0) [ 647.404353] FAULT_INJECTION: forcing a failure. [ 647.404353] name failslab, interval 1, probability 0, space 0, times 0 [ 647.415667] CPU: 1 PID: 7817 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 647.423987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 647.433340] Call Trace: [ 647.435940] dump_stack+0x1c9/0x2b4 [ 647.439580] ? dump_stack_print_info.cold.2+0x52/0x52 [ 647.444782] should_fail.cold.4+0xa/0x11 [ 647.448851] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 647.453956] ? is_bpf_text_address+0xd7/0x170 [ 647.458464] ? kernel_text_address+0x79/0xf0 [ 647.462882] ? __kernel_text_address+0xd/0x40 [ 647.467385] ? unwind_get_return_address+0x61/0xa0 [ 647.472321] ? __save_stack_trace+0x8d/0xf0 [ 647.476661] ? save_stack+0xa9/0xd0 [ 647.480299] ? lock_acquire+0x1e4/0x540 [ 647.484280] ? fs_reclaim_acquire+0x20/0x20 [ 647.488600] ? lock_downgrade+0x8f0/0x8f0 [ 647.492744] ? ksys_mount+0x12d/0x140 [ 647.496546] ? check_same_owner+0x340/0x340 [ 647.500867] ? rcu_note_context_switch+0x730/0x730 [ 647.505794] __should_failslab+0x124/0x180 [ 647.510028] should_failslab+0x9/0x14 [ 647.513825] kmem_cache_alloc_trace+0x2cb/0x780 [ 647.518488] ? kasan_kmalloc+0xc4/0xe0 [ 647.522378] __memcg_init_list_lru_node+0x185/0x2d0 [ 647.527388] ? kvfree_rcu+0x20/0x20 [ 647.531012] ? __kmalloc_node+0x47/0x70 [ 647.534984] __list_lru_init+0x4d6/0x840 [ 647.539038] ? up_write+0x7b/0x220 [ 647.542575] ? list_lru_destroy+0x500/0x500 [ 647.546889] ? prealloc_shrinker+0x124/0x450 [ 647.551296] ? prealloc_shrinker+0x21c/0x450 [ 647.555702] ? inactive_list_is_low+0x850/0x850 [ 647.560368] ? __lockdep_init_map+0x105/0x590 [ 647.564866] alloc_super+0x976/0xb10 [ 647.568585] ? destroy_unused_super.part.11+0x110/0x110 [ 647.573943] ? lock_downgrade+0x8f0/0x8f0 [ 647.578089] ? lock_acquire+0x1e4/0x540 [ 647.582062] ? kasan_check_read+0x11/0x20 [ 647.586205] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 647.590789] ? kasan_check_write+0x14/0x20 [ 647.595016] ? do_raw_spin_lock+0xc1/0x200 [ 647.599252] sget_userns+0x276/0x860 [ 647.602961] ? v9fs_kill_super+0xa0/0xa0 [ 647.607017] ? vfs_get_super+0x270/0x270 [ 647.611096] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 647.616639] ? ns_capable_common+0x13f/0x170 [ 647.621045] ? v9fs_kill_super+0xa0/0xa0 [ 647.625100] sget+0x10b/0x150 [ 647.628202] v9fs_mount+0xe2/0x900 [ 647.631753] ? v9fs_drop_inode+0x150/0x150 [ 647.635983] legacy_get_tree+0x118/0x440 [ 647.640044] vfs_get_tree+0x1cb/0x5c0 [ 647.643840] do_mount+0x6c1/0x1fb0 [ 647.647379] ? kasan_check_write+0x14/0x20 [ 647.651609] ? copy_mount_string+0x40/0x40 [ 647.655839] ? kasan_kmalloc+0xc4/0xe0 [ 647.659727] ? kmem_cache_alloc_trace+0x318/0x780 [ 647.664569] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 647.670103] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 647.675635] ? copy_mount_options+0x285/0x380 [ 647.680127] ksys_mount+0x12d/0x140 [ 647.683750] __x64_sys_mount+0xbe/0x150 [ 647.687725] do_syscall_64+0x1b9/0x820 [ 647.691606] ? finish_task_switch+0x1d3/0x870 [ 647.696099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 647.701022] ? syscall_return_slowpath+0x31d/0x5e0 [ 647.705951] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 647.710963] ? prepare_exit_to_usermode+0x291/0x3b0 [ 647.715988] ? perf_trace_sys_enter+0xb10/0xb10 [ 647.720651] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 647.725495] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 647.730676] RIP: 0033:0x455e29 [ 647.733853] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 647.753123] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 647.760828] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 647.768092] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 647.775354] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 647.782615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 647.789878] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000002e 02:46:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000c01f96)="2c267e242481c30c666d158d944f0d89d0b24c02deea35d5f9772f8dae1cd41446cde1fbd5331eb8ac66abe4cabe3d1e42910a6a97054224ebde680a2c55c3eb196263fff503b9a83e08ec52bb3c81701958db38fabf47e496cf0a9432989b7476733757dc1062021181e6ac4f656a7b7be4ace9d1d96fb9cf322fa1916986285493f75f8787212d0ccbd4c3fa28fda762b68fbf35cc9e334d419c9d9fab1b0a5fd501e429ef862e908502d31b442c89b8e728b222c35ef07ca658b0c27225da062e195f29b1b2ba25d4099813dcd2f613c79466432b6c36fa3b2e7822aa51458c4d5cea7abdba8e2f129daff37f27487e477a5c5ba0f214c0ba7845e146c8689525e3a923e35014b6ddb9b85e35ad7590abaf67c006c4b1feb963d9eab378801359edbcdd410f113b39b11b5f7a420a080df102df54c169372e0e045640619942d91cf198369418515e484ee19965db6d9ff1b76561d8b60216afb1b236d5b56cbdfe8a3166c2cb934bd953d7d4989e899f871d0892bc9cebe86962d59c65881ebf3edcfb52180ff5795d2b5abefefbc7d122a20dc5b32465da34213a0c623d7a9b2f3339fa63ddc561a45ac96a68c4f21423a05ea2235b6df0ed19019d07d9b0e9cda2f58709b494a46ebe64722863d67a846b829f3e3ce4c9f0ce5a37d93fb1d07a420bde1c678ab8ad546c5a1f295baf92e543c4da2dabfb9b15b89e2875c06d7dfcb2994a68fefbdfa07991c1222403482c5b09928214d1d4369ab817d15838538566a0176cc12e72bdac913ea4ad953e4ef72e338c9abb074e45389d831d29eb0c2147ccf7cd404c7c71e77fa9e44a1dcd4bb893211bfd9a2c25214e9202ebc41539286e3f2417a34400bfbfa668b8c0dc75673bbb42c3d88870ace8de6b6b9b5d51264a690396cc342012bba7192829d5e13d7603ed5e8489811daa185e2ad017a5c66df226512cef5ebc7d7b9556d42af281defaadcff6d6f264dedf38296b00b0c1a534dc539c3c7f6b1882be5cd29f7c6541d9efc446ff28ea9a7cf7ced90bf2a3cd4b08b98debf758df3bf64090af0fa91269a827554d0088657fff5d93bcd5c9f26ab2aeceb659e427e05ce81fa0bf118ac60e56aca2129e6bc8513e6372de0ec4b7561d69e7126daf2a98ed9f96b0d3d611a8f0a69468fed7caf20980b80cb2bd629e376aface6d811ccb978546ac135b8cb146862ec33a4f14cec8f340b09bcc49fed4b5f861d397de3eb153841bfeda6cf888f18df77940d2ff55759d1e7c7976f5f4de3803b3b6f1eb5d6e7bb1138f8198119a237482acfe813619c20b7656c76236ad6622e6f917b74fe13679677d7008d603de253372e93994e10590b44c71468723cdaa8a0368c04773926d5d901d46b671d9e5f43641fd39cef19474375343f0a0be26e5614d1970e7d1a6c832253cdbc7f859955ad62674c9a97287d7cb4d811fb7694d579322fdf25ff824605aa0c8cf5460bed8ca2a8b1527c9c51f6b7c1510143b024142d6a9e5111c4aa98147ecc41febad60fb132faa75cc3b61ca564412ef8827327a85efc37ce6df695d394c2399f6e24189499438e0f77b598891e6ffbf855d741817f44f4a431ee11ad30a50b178a5ef179137ba24336b9b9a6a459d1f361eed683da46ccc51081331fc422471a136d31ad7698fc27d0a5cc2e48d0c0af32c91489e03647a9e9771c4fc62d3877079fb037b641a5fe7bda287ab1a049ee5dadaa2f971566dcb708e351e0f937993696fd31a1d999addd76127e97ad684948d0d5e6bd21b0b68986295d7cc71be683e448b1e3016ae3e98ee83512c398376d52bb0ab50674a886d34a7c123748396498581ff22aeb3052d01b3f6dc473b6ce27d359dc9077a68a2abe4b17c3dfbaeb7f90f1be19c89de6753620f33e31cfe27a3a18b333e548836e38920a3459b5407268f0d41c58c6f5091172cf0a508c1d73f2aa9e953496bbe8ab03533f89e2b4dafb37b89d25e0efb75ff84bb1cbd60a33dddb627e88efb44138b40ffad9bf70111f7e8f6b01e89b3a74b9cf71191f2bd026ba01e16a21d0abca2491351475a08fb593cdfb40047e896457af4c3a61f4fb7ad570080193954b62a7839127ddfb8d93018978fd3e642658213571246308454cc4195cead295f6f72c10def5930930e44782edd916230fa99423def58b780f6936d55aa952baea0c58630526df65f0ebf91b0e01c97f9b3bbca8fceff87ffc945c972b51b11954a476967b52c2fa3247a6e6bba9cef9ff5efd4523a64e11005128003b34251108d8f3dd62c3db158fec915546db1db5f02300b3f5baee8ac9a498d00a1bdb1cfab31dffc4506c799a269b6be101c0e8a2907c5464733a06d8f855c619befa9b77cbceb48da086ac09e510c609cb5c95d0f69d053ef35c32a7b96e6ab7297fdf211e198bf90087433474bffd8fe0d1e77934d8848d2d6a5ce21124e8c2af71e28026950caa63c4b0f6648e41225b384d5ee21701659489ccc2017d48463e0dcf97361c538c8b47d049f2b36d0584cb786215400ce18e285c1dbad47dda87c28d3f5f7fb15c560d1b28472f787b4915300364ce08acf3747d0020731e81dac8c252ed2cb5e096268f6d3e363620d92f272bd34c240eb4aba3d01904d897723345234ccbc4610a3a2259b244397b1f1db4094dfbc765aa212dd09a9197c9ff51e0f07c3547fc3f2f86e2d996b3bb4a6ebb282a10e2738b1e945ce3f33bd3979bfba6edb830341f6eb997cab67f9eb7a57fc1a8bf0ce64d9300e622a144bb424ecace72f0d16ef443de9ba89d8ac38e2e88f0a3ed23ec851dfb45df034532169cca827c88081e7fd2354819d9c20ea39f2932787246d8806e089ec1c70cca020f898602f211eb2504aadc3090d85a3ec9483451058d6caba71806f3f494d73755774296a67511572eb801b188dfbddf065be196febbfbce5af895fdc7278a1ede609f9af86f208aeef20001a9fc0bc04eef1a84229dda539e6bcc31479321036f162e57f41b1991cddc88179be2b1ada532eeb770aab9ec82399b80879ed2cdda07b061b0f0ee35002209d9b5afa9836efd2cad153227f4af2c1b4f60c21573c35faec09c45467540dbf3cabee5a2918b4a9432ebe672306f1acfdae1a3c3d8be48c58621c0b16312ed7777f81fc9084eeddf26e68c5d7f0d83347897a69e9b293c1e93b17448fea811d13af456f30f4f5b0ed0ec8b5876ab2dadeff381093f16f5013cfff76f2c77fdaf87d0d82697e070131831054757ac544aab5801ca1dfa665ded0e9de3eedb8cb6f17485a92eceac1b2b33927bb410c9369a4b7f3fc186828693a92fc07f415d244ee972b25c2d42b69c5e03ba57a1037d59f02a098fe62536e7af192233d86e8fae5d17fc7bd13b6e54d59941edeb975c85667a743ad4825e68cd00c707ba80bb0902d7f7fabd7c8e6a6df462b210528ce8378a6255c1da496305c84e741c5a5175919b44938f969bc2cf50e0ea4569e0dc523118e7b4d8165893f610a49a215f0945f0c177d1fc348cfbdbe1ef33bd8f1f41f761b9f8bb23172315bbd451d729f823d20559b3535d01173c92dd4b8c151d1e9be2eeb62d133f050bea021e75e41d8eab2678f0bfb40e134d8a60029a9ee4332316e1665360f477255915f344e1c56ed620431e9e4371c983abef24ba800c239b2273b14b342339a374a0fc3aa30898ef0e69040ef4dd6c298dc90e03242118eb824bd23044c87783085533e19445b43ef341c4372ac4545ac03a3adc532475947d63ce67e1e3763cc7f9ff9d103c434570c02c7b811a648b5bbfadb847d29311b6589a4864fd8af8e354b221fc78e407c95160460cd74d5966ba405da1f496950a6ac1e79ab6dc511ecd726d05d38e0fd65bd66c58c11280785a302aa00ddc03cad93833bd357b30ec13e91d632ec8d5565ed6a5d0554f17b4d7efa147fc0d9035d8a96213e9465da1d3b94f56d3f2b12d7e394a5fff25873c591cee50c5c14273d4b1c645d5ded4a0ad5d8a1296f40c2b65cf457a5780c4a4569927bd896c0d71498f2d31f4f61282540105f5845326aa61ceb01c10be922a2fdeaa1a9689922e255e053be4c4cb45f5c6bd8af4f93f8362bbf54875ddbedab4b97e8cec478e4ceda8121439523839abb6e1cdc7ba2eb34c1fe9931585e1e0d8c326276bab83170752a30f2a3a250aad1cc1f72155457dd3ab40e4c2f1454084683f8bfc92fd87af76a73dbbf06f8d4f18dffbff0c8310eb96303c60401e4efa54def27c4e023aaaee24d525d1d98822eaeb33bbc5d40e8845b6ae1b29ede30c6675f5aab93b2b28391008e62d9d9bd1224116d9874233c57f3524e34a2737f74daa1bb9051ba8e2564fa2f3e5462bd67a7be796c682ba55d0f64331b1c0c3e45aec99548e65b61420f25cad6d3ca9063db31fe16b7157249cdc2e592188efddd0161314104615509ee1ff212c98a448a5b2b7a931b01b1ed502135f324f3b58906591ce181010e9c62ce9cfab26d4ddf9ab43fbc277d15b8bfb93edbcfe276e5646fde162dc926487440cdcc90a92ed03662ec04ab9ec1b1647707b43c7fe18a030e3001cd7915013e0196c4609aa8475fc85302b963f4be6a16b8206b099c81b6bf4619389f6df538813a2ad08183e97750b35b1ced267166f4f39b13d9925db22bdc6dd7c3ca8d0aab439040d42952e62eee9a2728c9b7e45f7463f8447ec2ec435bd7e91bd05ad09ec013468f4ba54437da9b8db677f4eaf10c5746da05bf12359b3aa915be2999e2bce629dd4ad01ce0b6229e4b49cca0157abb5221488a785af2d71a149f096b0c564a6d36ca92d36ea15c54dc44eaafed114a858f1c126f68888eba594dcd52ae7f233e2ec88d2a2fc95da3385e02f30746a844f8d6e05b724aff933c15088cde099f04f4228745bdb51180d4e6114a364cb6ef32a71872dfcb86278df4a20423c354699cdb4c63b35dc4fa04a5d456c65e72b20be53f302e8ccbe6873e76e0adabdca405c50a9d933be9046c616c8e6ada9949de0db64bed0b6c8c8d6250a2589896ebbdaa5e7d254130c4b5fd7e9b57da57e5491aad4aa5f81d73a220332abf1e7a5ccc360bc1ac342408f8d5335e97a3c2f8353498946bfbbabf386459423c4e2af0c908b4724df1f97b92991a937a955ac45aa3b130768c49d550cfdacd2e7753950f336d9ce6f367fb566c935bb940f9beedaaa4348efff216e201a9e5de2c65ac43f6c3d0e8d5f0b960b65c3285c99b2f7d747657bf77afb9057a6d28bede1a72d45cb2125a8902150685e3ca7171212e01d224e876feb972d5ded4313c48164034bc0244ec73e687d87b44c33a16e8471e25e1a58094dfc509a007a3f2c010dfffeb80f36febb448fc40fe301e897bbe1aeb2a7a7ca968b22bb5d5ad5b366a4377ae441937f2b60a4e3ec6c8a90dd415cc47ae6dad270eaadab63c7f321b3af28d9079759da8b18167608a4ae2e08a84f84eeccb08c56cc476ed0db598c174437c1eace848c717a7e5aaca4e35d861038326bae04ebac9bc451fa4c5d60bd52eeeac89e01e11b3719f07b33a4192709713d120b0f7bddd82cbb13c321ccd87880993eedb0e2a8ca88dd7ec9af1367240b20209f96c237e067889503fee6bf3787a4d90570de215fb02d11a82a379303bbb5ed40d0432a317b50ff1ef21bcdf57f894a6938ad35396b6bf8dc24287cea55c472b6bcd7a2e3fd4a6cdf3435e54170fac4f116fdd3817240c940fea9b0509b5e047f23e6f7ef05d04ccdd39bd8d70e1a130e72fdf6c1e", 0x1001}], 0x1) r3 = socket(0xa, 0x1, 0x0) dup2(r3, r2) dup2(r2, 0xffffffffffffffff) 02:46:29 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfb1a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:29 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x900000000000000, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:29 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\t', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:29 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x1) epoll_pwait(r1, &(0x7f0000000080)=[{}, {}, {}], 0x3, 0x0, &(0x7f00000002c0)={0x5}, 0x8) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) memfd_create(&(0x7f0000000300)='{trusted\x00', 0x1) 02:46:29 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf4010000}}], 0x1, 0x0) 02:46:29 executing program 6 (fault-call:7 fault-nth:47): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:29 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4a19010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:29 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xffff000000000000}}], 0x1, 0x0) [ 648.166544] FAULT_INJECTION: forcing a failure. [ 648.166544] name failslab, interval 1, probability 0, space 0, times 0 [ 648.177909] CPU: 1 PID: 7840 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 648.186225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 648.195579] Call Trace: [ 648.198177] dump_stack+0x1c9/0x2b4 [ 648.201813] ? dump_stack_print_info.cold.2+0x52/0x52 [ 648.207006] ? __kernel_text_address+0xd/0x40 [ 648.211500] ? unwind_get_return_address+0x61/0xa0 [ 648.216438] should_fail.cold.4+0xa/0x11 [ 648.220503] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 648.225710] ? save_stack+0xa9/0xd0 [ 648.229344] ? save_stack+0x43/0xd0 [ 648.232978] ? kasan_kmalloc+0xc4/0xe0 [ 648.236933] ? kmem_cache_alloc_trace+0x152/0x780 [ 648.241783] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 648.246973] ? __list_lru_init+0x4d6/0x840 [ 648.251473] ? alloc_super+0x976/0xb10 [ 648.255363] ? sget+0x10b/0x150 [ 648.258655] ? v9fs_mount+0xe2/0x900 [ 648.262380] ? legacy_get_tree+0x118/0x440 [ 648.266620] ? vfs_get_tree+0x1cb/0x5c0 [ 648.270598] ? do_mount+0x6c1/0x1fb0 [ 648.274317] ? ksys_mount+0x12d/0x140 [ 648.278123] ? __x64_sys_mount+0xbe/0x150 [ 648.282284] ? do_syscall_64+0x1b9/0x820 [ 648.286359] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 648.291735] ? save_stack+0xa9/0xd0 [ 648.295378] ? lock_acquire+0x1e4/0x540 [ 648.299360] ? fs_reclaim_acquire+0x20/0x20 [ 648.303692] ? lock_downgrade+0x8f0/0x8f0 [ 648.307842] ? ksys_mount+0x12d/0x140 [ 648.311648] ? check_same_owner+0x340/0x340 [ 648.315974] ? rcu_note_context_switch+0x730/0x730 [ 648.320909] __should_failslab+0x124/0x180 [ 648.325151] should_failslab+0x9/0x14 [ 648.328954] kmem_cache_alloc_trace+0x2cb/0x780 [ 648.333622] ? kasan_kmalloc+0xc4/0xe0 [ 648.337517] __memcg_init_list_lru_node+0x185/0x2d0 [ 648.342537] ? kvfree_rcu+0x20/0x20 [ 648.346166] ? __kmalloc_node+0x47/0x70 [ 648.350142] __list_lru_init+0x4d6/0x840 [ 648.354203] ? up_write+0x7b/0x220 [ 648.357747] ? list_lru_destroy+0x500/0x500 [ 648.362077] ? prealloc_shrinker+0x124/0x450 [ 648.366493] ? prealloc_shrinker+0x21c/0x450 [ 648.370907] ? inactive_list_is_low+0x850/0x850 [ 648.376274] ? __lockdep_init_map+0x105/0x590 [ 648.380776] alloc_super+0x976/0xb10 [ 648.384500] ? destroy_unused_super.part.11+0x110/0x110 [ 648.389870] ? lock_downgrade+0x8f0/0x8f0 [ 648.394022] ? lock_acquire+0x1e4/0x540 [ 648.398008] ? kasan_check_read+0x11/0x20 [ 648.402159] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 648.406744] ? kasan_check_write+0x14/0x20 [ 648.410980] ? do_raw_spin_lock+0xc1/0x200 [ 648.415222] sget_userns+0x276/0x860 [ 648.418938] ? v9fs_kill_super+0xa0/0xa0 [ 648.423005] ? vfs_get_super+0x270/0x270 [ 648.427084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 648.432625] ? ns_capable_common+0x13f/0x170 [ 648.437036] ? v9fs_kill_super+0xa0/0xa0 [ 648.441102] sget+0x10b/0x150 [ 648.444210] v9fs_mount+0xe2/0x900 [ 648.447748] ? v9fs_drop_inode+0x150/0x150 [ 648.448292] FS-Cache: Duplicate cookie detected [ 648.451978] legacy_get_tree+0x118/0x440 [ 648.451997] vfs_get_tree+0x1cb/0x5c0 [ 648.452014] do_mount+0x6c1/0x1fb0 [ 648.452035] ? kasan_check_write+0x14/0x20 [ 648.456699] FS-Cache: O-cookie c=0000000029139844 [p=000000002649bb4d fl=222 nc=0 na=1] [ 648.460727] ? copy_mount_string+0x40/0x40 [ 648.460740] ? kasan_kmalloc+0xc4/0xe0 [ 648.460758] ? kmem_cache_alloc_trace+0x318/0x780 [ 648.464537] FS-Cache: O-cookie d=00000000d5b355fb n=00000000a539390c [ 648.468049] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 648.468068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 648.472287] FS-Cache: O-key=[10] ' [ 648.480396] ? copy_mount_options+0x285/0x380 [ 648.480413] ksys_mount+0x12d/0x140 [ 648.484623] 34 [ 648.488487] __x64_sys_mount+0xbe/0x150 [ 648.488505] do_syscall_64+0x1b9/0x820 [ 648.493318] 32 [ 648.499786] ? syscall_return_slowpath+0x5e0/0x5e0 [ 648.499804] ? syscall_return_slowpath+0x31d/0x5e0 [ 648.505308] 39 [ 648.510934] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 648.510952] ? prepare_exit_to_usermode+0x291/0x3b0 [ 648.514462] 35 [ 648.518933] ? perf_trace_sys_enter+0xb10/0xb10 [ 648.518951] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 648.522551] 33 [ 648.524334] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 648.524352] RIP: 0033:0x455e29 [ 648.528294] 31 [ 648.532144] Code: 1d ba [ 648.533943] 35 [ 648.538839] fb ff c3 66 2e [ 648.543767] 34 [ 648.545533] 0f 1f 84 00 [ 648.550558] 37 [ 648.555536] 00 00 00 00 66 [ 648.557340] 33 [ 648.561974] 90 48 89 f8 48 89 [ 648.566818] ' [ 648.568587] f7 48 89 d6 48 [ 648.573784] FS-Cache: N-cookie c=00000000a2a8f91a [p=000000002649bb4d fl=2 nc=0 na=1] [ 648.576936] 89 ca 4d 02:46:29 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:29 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xa00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:29 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f00000000c0)='./file0\x00', 0x800000000, 0x0) 02:46:29 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:29 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:29 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x6000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 648.578751] FS-Cache: N-cookie d=00000000d5b355fb n=00000000c5018903 [ 648.581382] 89 c2 4d 89 c8 [ 648.583184] FS-Cache: N-key=[10] ' [ 648.586079] 4c 8b 4c 24 08 [ 648.587879] 34 [ 648.590515] 0f 05 <48> 3d 01 [ 648.592314] 32 [ 648.595206] f0 ff ff 0f 83 [ 648.597017] 39 [ 648.600163] eb b9 fb ff c3 [ 648.601876] 35 [ 648.604774] 66 2e 0f 1f 84 [ 648.612740] 33 [ 648.615115] 00 00 00 00 [ 648.621602] 31 [ 648.624499] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 02:46:29 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x600, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 648.624517] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 648.628074] 35 [ 648.630973] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 648.630980] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 648.630991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 648.632775] 34 [ 648.635851] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000002f [ 648.704486] 3733' 02:46:30 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='t9', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a6000000290100000000000000000024344df5000000000007002e2f66696c65300000000000000000000040000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e3666696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2fe6696c6530000000000000000000"], 0xa6) stat(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getgid() write$P9_RGETATTR(r1, &(0x7f0000000480)={0xa0, 0x19, 0x2, {0x410, {0x2, 0x3, 0x4}, 0x100, r2, r3, 0x9, 0x7, 0x7, 0x4, 0x3f, 0x0, 0x6, 0x6, 0x3, 0x1, 0x6, 0x1, 0x4, 0x8001, 0x7}}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:30 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="397005", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:30 executing program 6 (fault-call:7 fault-nth:48): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:30 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4419010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:30 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xffff0000}}], 0x1, 0x0) 02:46:30 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:30 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11af4, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:30 executing program 5: r0 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffc) r1 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r1) keyctl$unlink(0x9, r2, 0xfffffffffffffffd) 02:46:30 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x2000000}}], 0x1, 0x0) [ 649.136092] 9pnet_virtio: no channels available for device (null) [ 649.156516] 9pnet_virtio: no channels available for device (null) [ 649.172693] FAULT_INJECTION: forcing a failure. [ 649.172693] name failslab, interval 1, probability 0, space 0, times 0 [ 649.184174] CPU: 0 PID: 7886 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 649.192488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 649.201949] Call Trace: [ 649.204537] dump_stack+0x1c9/0x2b4 [ 649.208171] ? dump_stack_print_info.cold.2+0x52/0x52 [ 649.213366] ? __kernel_text_address+0xd/0x40 [ 649.217858] ? unwind_get_return_address+0x61/0xa0 [ 649.222785] should_fail.cold.4+0xa/0x11 [ 649.226853] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 649.231957] ? save_stack+0xa9/0xd0 02:46:30 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="397010", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 649.235582] ? save_stack+0x43/0xd0 [ 649.239214] ? kasan_kmalloc+0xc4/0xe0 [ 649.243097] ? kmem_cache_alloc_trace+0x152/0x780 [ 649.247934] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 649.253119] ? __list_lru_init+0x4d6/0x840 [ 649.257348] ? alloc_super+0x976/0xb10 [ 649.261232] ? sget+0x10b/0x150 [ 649.264505] ? v9fs_mount+0xe2/0x900 [ 649.268212] ? legacy_get_tree+0x118/0x440 [ 649.272440] ? vfs_get_tree+0x1cb/0x5c0 [ 649.276418] ? do_mount+0x6c1/0x1fb0 [ 649.280135] ? ksys_mount+0x12d/0x140 02:46:30 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11b00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:30 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 649.283937] ? __x64_sys_mount+0xbe/0x150 [ 649.288091] ? do_syscall_64+0x1b9/0x820 [ 649.292155] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 649.297525] ? save_stack+0xa9/0xd0 [ 649.301169] ? lock_acquire+0x1e4/0x540 [ 649.305144] ? fs_reclaim_acquire+0x20/0x20 [ 649.309475] ? lock_downgrade+0x8f0/0x8f0 [ 649.313627] ? ksys_mount+0x12d/0x140 [ 649.317429] ? check_same_owner+0x340/0x340 [ 649.321747] ? rcu_note_context_switch+0x730/0x730 [ 649.326677] __should_failslab+0x124/0x180 [ 649.330913] should_failslab+0x9/0x14 [ 649.334711] kmem_cache_alloc_trace+0x2cb/0x780 [ 649.339379] ? kasan_kmalloc+0xc4/0xe0 [ 649.343267] __memcg_init_list_lru_node+0x185/0x2d0 [ 649.348362] ? kvfree_rcu+0x20/0x20 [ 649.351997] ? __kmalloc_node+0x47/0x70 [ 649.355967] __list_lru_init+0x4d6/0x840 [ 649.360026] ? up_write+0x7b/0x220 [ 649.363569] ? list_lru_destroy+0x500/0x500 [ 649.367888] ? prealloc_shrinker+0x124/0x450 [ 649.372295] ? prealloc_shrinker+0x21c/0x450 [ 649.376702] ? inactive_list_is_low+0x850/0x850 [ 649.381419] ? __lockdep_init_map+0x105/0x590 [ 649.385956] alloc_super+0x976/0xb10 [ 649.389670] ? destroy_unused_super.part.11+0x110/0x110 [ 649.395030] ? lock_downgrade+0x8f0/0x8f0 [ 649.399176] ? lock_acquire+0x1e4/0x540 [ 649.403151] ? kasan_check_read+0x11/0x20 [ 649.407890] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 649.412475] ? kasan_check_write+0x14/0x20 [ 649.416705] ? do_raw_spin_lock+0xc1/0x200 [ 649.420940] sget_userns+0x276/0x860 [ 649.424653] ? v9fs_kill_super+0xa0/0xa0 [ 649.428720] ? vfs_get_super+0x270/0x270 [ 649.432815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 649.438347] ? ns_capable_common+0x13f/0x170 [ 649.442765] ? v9fs_kill_super+0xa0/0xa0 [ 649.446834] sget+0x10b/0x150 [ 649.449937] v9fs_mount+0xe2/0x900 [ 649.453473] ? v9fs_drop_inode+0x150/0x150 [ 649.457703] legacy_get_tree+0x118/0x440 [ 649.461765] vfs_get_tree+0x1cb/0x5c0 [ 649.465565] do_mount+0x6c1/0x1fb0 [ 649.469103] ? kasan_check_write+0x14/0x20 [ 649.473337] ? copy_mount_string+0x40/0x40 [ 649.477569] ? retint_kernel+0x10/0x10 [ 649.481457] ? copy_mount_options+0x1a1/0x380 [ 649.485950] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 649.490791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 649.496325] ? copy_mount_options+0x285/0x380 [ 649.500819] ksys_mount+0x12d/0x140 [ 649.504441] __x64_sys_mount+0xbe/0x150 [ 649.508414] do_syscall_64+0x1b9/0x820 [ 649.512300] ? syscall_slow_exit_work+0x500/0x500 [ 649.517143] ? syscall_return_slowpath+0x5e0/0x5e0 [ 649.522074] ? syscall_return_slowpath+0x31d/0x5e0 [ 649.527000] ? prepare_exit_to_usermode+0x291/0x3b0 [ 649.532011] ? perf_trace_sys_enter+0xb10/0xb10 [ 649.536678] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 649.541526] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 649.546712] RIP: 0033:0x455e29 [ 649.549890] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 649.569152] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 649.576862] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 02:46:30 executing program 4: pipe2$9p(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x400000, 0x0) setsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f00000002c0)=0x3, 0x4) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2ce16363733d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) getpeername$inet(r2, &(0x7f0000000100)={0x0, 0x0, @multicast2}, &(0x7f0000000300)=0x10) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000480)={0x6, {{0x2, 0x4e20, @multicast2=0xe0000002}}}, 0x88) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:30 executing program 6 (fault-call:7 fault-nth:49): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:30 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 649.584127] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 649.591391] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 649.598654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 649.605915] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000030 02:46:30 executing program 5: perf_event_open(&(0x7f000001d000)={0x200000002, 0x70, 0x6, 0x108000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0xffd1, &(0x7f000070aef1)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @broadcast=0xffffffff}, @udp={0x0, 0x0, 0x8}}}}}, 0x0) 02:46:30 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x11000000}}], 0x1, 0x0) 02:46:31 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x7002e00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f00000002c0)={0x7, 0x4d, 0x2}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="23080fd1"]) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@loopback}}, &(0x7f0000000080)=0xe8) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xffffffffffffffdd, 0x19, 0x1, {0x0, {}, 0x0, r2}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) r3 = socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r3, 0x800448d3, &(0x7f0000000580)={{0x4, 0xebd, 0x8, 0x5, 0x5, 0x5}, 0x1ccdb62e, 0x2, 0xffff, 0x1, 0x7ff, "2ff9474105feca967de9ae26da8dbccbab58e9720650e028a392436de49e646cde5f33e374a1e4236052fa7fd8698f73d0dd711fe32b248859c45b1923f40e098cbc4ea7ad736326b14e0f856c4709f500f2b74811634e3d4e2b5fa963471bec4793088f518bc800540858ef816dae065509d3ba4815eccf8464e7ec6426aafa"}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='t\x00\x00ns=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) write$P9_RFSYNC(r1, &(0x7f0000000040)={0x7, 0x33, 0x1}, 0x7) [ 649.912255] FS-Cache: Duplicate cookie detected [ 649.916999] FS-Cache: O-cookie c=00000000e2787a23 [p=000000002649bb4d fl=222 nc=0 na=1] [ 649.925264] FS-Cache: O-cookie d=00000000d5b355fb n=000000008055cb51 [ 649.931786] FS-Cache: O-key=[10] '34323935333137323038' [ 649.937238] FS-Cache: N-cookie c=0000000006e603c7 [p=000000002649bb4d fl=2 nc=0 na=1] [ 649.945248] FS-Cache: N-cookie d=00000000d5b355fb n=000000000f2924d9 [ 649.951766] FS-Cache: N-key=[10] '34323935333137323038' [ 649.986567] FAULT_INJECTION: forcing a failure. [ 649.986567] name failslab, interval 1, probability 0, space 0, times 0 [ 649.997848] CPU: 1 PID: 7920 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 650.006164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 650.015515] Call Trace: [ 650.018114] dump_stack+0x1c9/0x2b4 [ 650.021761] ? dump_stack_print_info.cold.2+0x52/0x52 [ 650.026960] ? __kernel_text_address+0xd/0x40 [ 650.031461] ? unwind_get_return_address+0x61/0xa0 [ 650.036395] should_fail.cold.4+0xa/0x11 [ 650.040463] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 650.045575] ? save_stack+0xa9/0xd0 [ 650.049206] ? save_stack+0x43/0xd0 [ 650.052843] ? kasan_kmalloc+0xc4/0xe0 [ 650.056748] ? kmem_cache_alloc_trace+0x152/0x780 [ 650.061592] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 650.066798] ? __list_lru_init+0x4d6/0x840 [ 650.071039] ? alloc_super+0x976/0xb10 [ 650.074928] ? sget+0x10b/0x150 [ 650.078209] ? v9fs_mount+0xe2/0x900 [ 650.081930] ? legacy_get_tree+0x118/0x440 [ 650.086171] ? vfs_get_tree+0x1cb/0x5c0 [ 650.090150] ? do_mount+0x6c1/0x1fb0 [ 650.093864] ? ksys_mount+0x12d/0x140 [ 650.097666] ? __x64_sys_mount+0xbe/0x150 [ 650.101825] ? do_syscall_64+0x1b9/0x820 [ 650.105890] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 650.111267] ? save_stack+0xa9/0xd0 [ 650.114902] ? lock_acquire+0x1e4/0x540 [ 650.118879] ? fs_reclaim_acquire+0x20/0x20 [ 650.123207] ? lock_downgrade+0x8f0/0x8f0 [ 650.127361] ? ksys_mount+0x12d/0x140 [ 650.131171] ? check_same_owner+0x340/0x340 [ 650.135500] ? rcu_note_context_switch+0x730/0x730 [ 650.140439] __should_failslab+0x124/0x180 [ 650.144684] should_failslab+0x9/0x14 [ 650.148488] kmem_cache_alloc_trace+0x2cb/0x780 [ 650.153164] ? kasan_kmalloc+0xc4/0xe0 [ 650.157056] __memcg_init_list_lru_node+0x185/0x2d0 [ 650.162075] ? kvfree_rcu+0x20/0x20 [ 650.165704] ? __kmalloc_node+0x47/0x70 [ 650.169685] __list_lru_init+0x4d6/0x840 [ 650.173750] ? up_write+0x7b/0x220 [ 650.177294] ? list_lru_destroy+0x500/0x500 [ 650.181621] ? prealloc_shrinker+0x124/0x450 [ 650.186035] ? prealloc_shrinker+0x21c/0x450 [ 650.190539] ? inactive_list_is_low+0x850/0x850 [ 650.195216] ? __lockdep_init_map+0x105/0x590 [ 650.199714] alloc_super+0x976/0xb10 [ 650.203439] ? destroy_unused_super.part.11+0x110/0x110 [ 650.208811] ? lock_downgrade+0x8f0/0x8f0 [ 650.212961] ? lock_acquire+0x1e4/0x540 [ 650.216938] ? kasan_check_read+0x11/0x20 [ 650.221083] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 650.225666] ? kasan_check_write+0x14/0x20 [ 650.229903] ? do_raw_spin_lock+0xc1/0x200 [ 650.234145] sget_userns+0x276/0x860 [ 650.237863] ? v9fs_kill_super+0xa0/0xa0 [ 650.241928] ? vfs_get_super+0x270/0x270 [ 650.246009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 650.251554] ? ns_capable_common+0x13f/0x170 [ 650.255967] ? v9fs_kill_super+0xa0/0xa0 [ 650.260029] sget+0x10b/0x150 [ 650.263144] v9fs_mount+0xe2/0x900 [ 650.266694] ? v9fs_drop_inode+0x150/0x150 [ 650.270938] legacy_get_tree+0x118/0x440 [ 650.275008] vfs_get_tree+0x1cb/0x5c0 [ 650.278811] do_mount+0x6c1/0x1fb0 [ 650.282353] ? copy_mount_string+0x40/0x40 [ 650.286584] ? retint_kernel+0x10/0x10 [ 650.290475] ? copy_mount_options+0x1e3/0x380 [ 650.294974] ? audit_kill_trees+0x450/0x450 [ 650.299303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 650.304849] ? copy_mount_options+0x285/0x380 [ 650.309354] ksys_mount+0x12d/0x140 [ 650.312983] __x64_sys_mount+0xbe/0x150 [ 650.316960] do_syscall_64+0x1b9/0x820 [ 650.320855] ? finish_task_switch+0x1d3/0x870 [ 650.325354] ? syscall_return_slowpath+0x5e0/0x5e0 [ 650.330288] ? syscall_return_slowpath+0x31d/0x5e0 [ 650.335224] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 650.340244] ? prepare_exit_to_usermode+0x291/0x3b0 [ 650.345264] ? perf_trace_sys_enter+0xb10/0xb10 [ 650.349937] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 650.354787] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 650.359972] RIP: 0033:0x455e29 [ 650.363150] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:46:31 executing program 5: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f00000007c0)) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000000340)='bdev\x00', 0x100000, &(0x7f00000002c0)) mount(&(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000180)='mqueue\x00', 0x0, 0x0) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfa1a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 5: r0 = socket$kcm(0x29, 0x2, 0x0) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000000), 0x4) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf51a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:31 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xffffff7f}}], 0x1, 0x0) [ 650.382425] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 650.390139] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 650.397413] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 650.404684] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 650.411952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 650.419221] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000031 02:46:31 executing program 6 (fault-call:7 fault-nth:50): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x7002e, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:31 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x5, 0x80000000032, 0xffffffffffffffff, 0x0) getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f00000004c0)=ANY=[], &(0x7f0000000180)) 02:46:31 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x100000000000000}}], 0x1, 0x0) [ 650.539316] 9pnet: Insufficient options for proto=fd [ 650.555716] 9pnet_virtio: no channels available for device (null) [ 650.572917] 9pnet: Insufficient options for proto=fd 02:46:31 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0xffffffffffffff7e, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:31 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 650.584818] 9pnet_virtio: no channels available for device (null) 02:46:31 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x3f00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:31 executing program 5: r0 = eventfd(0x80000002) sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2005) write$eventfd(r0, &(0x7f00000000c0)=0xffffffffffffff90, 0x8) writev(r0, &(0x7f00000003c0)=[{&(0x7f0000000200)="919a5a6d22709990", 0x8}, {&(0x7f00000002c0)}], 0x2) [ 650.725175] FAULT_INJECTION: forcing a failure. [ 650.725175] name failslab, interval 1, probability 0, space 0, times 0 [ 650.736476] CPU: 1 PID: 7984 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 650.744783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 650.754129] Call Trace: [ 650.756723] dump_stack+0x1c9/0x2b4 [ 650.760346] ? dump_stack_print_info.cold.2+0x52/0x52 [ 650.765539] ? kasan_check_write+0x14/0x20 [ 650.769768] ? __mutex_lock+0x6c4/0x1680 [ 650.773831] should_fail.cold.4+0xa/0x11 [ 650.777889] ? __list_lru_init+0x4d6/0x840 [ 650.782123] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 650.787228] ? mutex_trylock+0x2b0/0x2b0 [ 650.791289] ? ksys_mount+0x12d/0x140 [ 650.795084] ? __x64_sys_mount+0xbe/0x150 [ 650.799230] ? do_syscall_64+0x1b9/0x820 [ 650.803285] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 650.808650] ? __list_lru_init+0x409/0x840 [ 650.812884] ? lock_downgrade+0x8f0/0x8f0 [ 650.817026] ? lock_acquire+0x1e4/0x540 [ 650.820996] ? fs_reclaim_acquire+0x20/0x20 [ 650.825314] ? lock_downgrade+0x8f0/0x8f0 [ 650.829462] ? lock_acquire+0x1e4/0x540 [ 650.833430] ? fs_reclaim_acquire+0x20/0x20 [ 650.837748] ? lock_downgrade+0x8f0/0x8f0 [ 650.841894] ? check_same_owner+0x340/0x340 [ 650.846215] ? check_same_owner+0x340/0x340 [ 650.850533] ? rcu_note_context_switch+0x730/0x730 [ 650.855464] __should_failslab+0x124/0x180 [ 650.859709] should_failslab+0x9/0x14 [ 650.863510] __kmalloc+0x2c8/0x760 [ 650.867042] ? kvfree_rcu+0x20/0x20 [ 650.870665] ? __list_lru_init+0x151/0x840 02:46:31 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4f190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:32 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe000000000000000}}], 0x1, 0x0) [ 650.874894] __list_lru_init+0x151/0x840 [ 650.878948] ? up_write+0x7b/0x220 [ 650.882486] ? list_lru_destroy+0x500/0x500 [ 650.886806] ? prealloc_shrinker+0x124/0x450 [ 650.891212] ? prealloc_shrinker+0x21c/0x450 [ 650.895615] ? inactive_list_is_low+0x850/0x850 [ 650.900284] ? __lockdep_init_map+0x105/0x590 [ 650.904780] alloc_super+0x9a6/0xb10 [ 650.908491] ? destroy_unused_super.part.11+0x110/0x110 [ 650.913849] ? lock_downgrade+0x8f0/0x8f0 [ 650.917993] ? lock_acquire+0x1e4/0x540 [ 650.921977] ? kasan_check_read+0x11/0x20 [ 650.926130] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 650.930725] ? kasan_check_write+0x14/0x20 [ 650.934963] ? do_raw_spin_lock+0xc1/0x200 [ 650.939206] sget_userns+0x276/0x860 [ 650.942923] ? v9fs_kill_super+0xa0/0xa0 [ 650.946993] ? vfs_get_super+0x270/0x270 [ 650.951074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 650.956616] ? ns_capable_common+0x13f/0x170 [ 650.961034] ? v9fs_kill_super+0xa0/0xa0 [ 650.965096] sget+0x10b/0x150 [ 650.968208] v9fs_mount+0xe2/0x900 [ 650.971753] ? v9fs_drop_inode+0x150/0x150 [ 650.975990] legacy_get_tree+0x118/0x440 [ 650.980049] vfs_get_tree+0x1cb/0x5c0 [ 650.983833] do_mount+0x6c1/0x1fb0 [ 650.987357] ? check_same_owner+0x340/0x340 [ 650.991664] ? lock_release+0xa30/0xa30 [ 650.995623] ? copy_mount_string+0x40/0x40 [ 650.999840] ? retint_kernel+0x10/0x10 [ 651.003710] ? copy_mount_options+0x1a1/0x380 [ 651.008188] ? __sanitizer_cov_trace_pc+0x3f/0x50 [ 651.013019] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 651.018536] ? copy_mount_options+0x285/0x380 [ 651.023018] ksys_mount+0x12d/0x140 [ 651.026626] __x64_sys_mount+0xbe/0x150 [ 651.030585] do_syscall_64+0x1b9/0x820 [ 651.034455] ? finish_task_switch+0x1d3/0x870 [ 651.038933] ? syscall_return_slowpath+0x5e0/0x5e0 [ 651.043843] ? syscall_return_slowpath+0x31d/0x5e0 [ 651.048753] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 651.053754] ? prepare_exit_to_usermode+0x291/0x3b0 [ 651.058750] ? perf_trace_sys_enter+0xb10/0xb10 [ 651.063421] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 651.068252] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 651.073431] RIP: 0033:0x455e29 [ 651.076600] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 651.095765] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 651.103456] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 651.110708] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 651.117970] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 02:46:32 executing program 6 (fault-call:7 fault-nth:51): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:32 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 651.125220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 651.132468] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000032 02:46:32 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:32 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xfffff000}}], 0x1, 0x0) 02:46:32 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x400, 0x0) getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000300)={@loopback, @dev}, &(0x7f0000000380)=0xc) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0xea, 0x29, 0x1, {0x7f, [{{0x0, 0x3, 0x1}, 0xca, 0xffff, 0x7, './file0'}, {{0x10, 0x2, 0x3}, 0x5, 0x2, 0x7, './file0'}, {{0x88, 0x2, 0x4}, 0x5, 0x0, 0x7, './file0'}, {{0x44, 0x2, 0x6}, 0x6, 0x6, 0x7, './file0'}, {{0x80, 0x3, 0x4}, 0x3, 0x100, 0x7, './file0'}, {{0x2, 0x3, 0x4}, 0x5ce, 0x9, 0x7, './file0'}, {{0x10, 0x4}, 0xfffffffeffffffff, 0x3, 0xd, './file0/file0'}]}}, 0xea) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:32 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:32 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x50190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:32 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 651.444888] FAULT_INJECTION: forcing a failure. [ 651.444888] name failslab, interval 1, probability 0, space 0, times 0 [ 651.456421] CPU: 0 PID: 8023 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 651.464731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 651.474078] Call Trace: [ 651.476677] dump_stack+0x1c9/0x2b4 [ 651.480309] ? dump_stack_print_info.cold.2+0x52/0x52 [ 651.485503] ? __kernel_text_address+0xd/0x40 [ 651.490003] ? unwind_get_return_address+0x61/0xa0 [ 651.494931] should_fail.cold.4+0xa/0x11 [ 651.498989] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 651.504091] ? save_stack+0xa9/0xd0 [ 651.507712] ? save_stack+0x43/0xd0 [ 651.511335] ? kasan_kmalloc+0xc4/0xe0 [ 651.515220] ? kmem_cache_alloc_trace+0x152/0x780 [ 651.520058] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 651.525240] ? __list_lru_init+0x4d6/0x840 [ 651.529474] ? alloc_super+0x976/0xb10 [ 651.533363] ? sget+0x10b/0x150 [ 651.536643] ? v9fs_mount+0xe2/0x900 [ 651.540356] ? legacy_get_tree+0x118/0x440 [ 651.544598] ? vfs_get_tree+0x1cb/0x5c0 [ 651.548567] ? do_mount+0x6c1/0x1fb0 [ 651.552277] ? ksys_mount+0x12d/0x140 [ 651.556071] ? __x64_sys_mount+0xbe/0x150 [ 651.560212] ? do_syscall_64+0x1b9/0x820 [ 651.564268] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 651.569634] ? save_stack+0xa9/0xd0 [ 651.573259] ? lock_acquire+0x1e4/0x540 [ 651.577229] ? fs_reclaim_acquire+0x20/0x20 [ 651.581543] ? lock_downgrade+0x8f0/0x8f0 [ 651.585683] ? ksys_mount+0x12d/0x140 [ 651.589484] ? check_same_owner+0x340/0x340 02:46:32 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1f4}}], 0x1, 0x0) 02:46:32 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf81a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:32 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="397006", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 651.593806] ? rcu_note_context_switch+0x730/0x730 [ 651.598745] __should_failslab+0x124/0x180 [ 651.602983] should_failslab+0x9/0x14 [ 651.606790] kmem_cache_alloc_trace+0x2cb/0x780 [ 651.611466] ? kasan_kmalloc+0xc4/0xe0 [ 651.615359] __memcg_init_list_lru_node+0x185/0x2d0 [ 651.620371] ? kvfree_rcu+0x20/0x20 [ 651.623997] ? __kmalloc_node+0x47/0x70 [ 651.627967] __list_lru_init+0x4d6/0x840 [ 651.632024] ? up_write+0x7b/0x220 [ 651.635564] ? list_lru_destroy+0x500/0x500 [ 651.639885] ? prealloc_shrinker+0x124/0x450 [ 651.644289] ? prealloc_shrinker+0x21c/0x450 [ 651.648698] ? inactive_list_is_low+0x850/0x850 [ 651.653365] ? __lockdep_init_map+0x105/0x590 [ 651.657858] alloc_super+0x976/0xb10 [ 651.661571] ? destroy_unused_super.part.11+0x110/0x110 [ 651.666934] ? lock_downgrade+0x8f0/0x8f0 [ 651.671077] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 651.675830] ? kasan_check_read+0x11/0x20 [ 651.679973] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 651.684550] ? kasan_check_write+0x14/0x20 [ 651.688783] ? do_raw_spin_lock+0xc1/0x200 [ 651.693015] sget_userns+0x276/0x860 [ 651.696726] ? v9fs_kill_super+0xa0/0xa0 [ 651.700789] ? vfs_get_super+0x270/0x270 [ 651.704868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 651.710399] ? ns_capable_common+0x13f/0x170 [ 651.714805] ? v9fs_kill_super+0xa0/0xa0 [ 651.718861] sget+0x10b/0x150 [ 651.721965] v9fs_mount+0xe2/0x900 [ 651.725503] ? v9fs_drop_inode+0x150/0x150 [ 651.729738] legacy_get_tree+0x118/0x440 [ 651.733798] vfs_get_tree+0x1cb/0x5c0 [ 651.737602] do_mount+0x6c1/0x1fb0 [ 651.741137] ? kasan_check_write+0x14/0x20 [ 651.745371] ? copy_mount_string+0x40/0x40 [ 651.749604] ? kasan_kmalloc+0xc4/0xe0 [ 651.753488] ? kmem_cache_alloc_trace+0x318/0x780 [ 651.758330] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 651.763865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 651.769397] ? copy_mount_options+0x285/0x380 [ 651.773891] ksys_mount+0x12d/0x140 [ 651.777519] __x64_sys_mount+0xbe/0x150 [ 651.781491] do_syscall_64+0x1b9/0x820 [ 651.785370] ? finish_task_switch+0x1d3/0x870 [ 651.789860] ? syscall_return_slowpath+0x5e0/0x5e0 [ 651.794787] ? syscall_return_slowpath+0x31d/0x5e0 [ 651.799711] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 651.804723] ? prepare_exit_to_usermode+0x291/0x3b0 [ 651.809838] ? perf_trace_sys_enter+0xb10/0xb10 [ 651.814504] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 651.819346] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 651.824530] RIP: 0033:0x455e29 02:46:32 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) r2 = fcntl$dupfd(r0, 0x406, r1) setsockopt$inet_dccp_buf(r2, 0x21, 0xc, &(0x7f0000000480)="0a3eacbefb849386fe05dd9f79d3d53108a0e2cc483880671493f7d96f874c51e551ee642b6b0c82ee69c39803053c3406d88a55700e34ce0e6d34cf49f83e86185412901bb071cd6f977cfef0a1533de1adc35d8ec48f62cba3cc490c6221f137beb895b5f8fcf297466c2fe9b4a41d2db52addd329bdb15c5a1bf33c762d78c4c8beec46c5bac66bf9672eb0d8480a73ab46c2c0ce9813fd91e7", 0x9b) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:33 executing program 6 (fault-call:7 fault-nth:52): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 651.827705] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 651.846972] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 651.854677] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 651.861943] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 651.869204] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 651.876638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 651.883903] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000033 02:46:33 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:33 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x900, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:33 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xa00}}], 0x1, 0x0) 02:46:33 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2f66696c, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 652.218579] FAULT_INJECTION: forcing a failure. [ 652.218579] name failslab, interval 1, probability 0, space 0, times 0 [ 652.229884] CPU: 0 PID: 8058 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 652.238199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 652.247552] Call Trace: [ 652.250146] dump_stack+0x1c9/0x2b4 [ 652.253771] ? dump_stack_print_info.cold.2+0x52/0x52 [ 652.258960] ? __kernel_text_address+0xd/0x40 [ 652.263450] ? unwind_get_return_address+0x61/0xa0 [ 652.268379] should_fail.cold.4+0xa/0x11 [ 652.272435] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 652.277542] ? save_stack+0xa9/0xd0 [ 652.281161] ? save_stack+0x43/0xd0 [ 652.284884] ? kasan_kmalloc+0xc4/0xe0 [ 652.288765] ? kmem_cache_alloc_trace+0x152/0x780 [ 652.293610] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 652.298808] ? __list_lru_init+0x4d6/0x840 [ 652.303041] ? alloc_super+0x976/0xb10 [ 652.306923] ? sget+0x10b/0x150 [ 652.310202] ? v9fs_mount+0xe2/0x900 [ 652.313913] ? legacy_get_tree+0x118/0x440 02:46:33 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="3970f6", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:33 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\n', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 652.318140] ? vfs_get_tree+0x1cb/0x5c0 [ 652.322110] ? do_mount+0x6c1/0x1fb0 [ 652.325816] ? ksys_mount+0x12d/0x140 [ 652.329613] ? __x64_sys_mount+0xbe/0x150 [ 652.333763] ? do_syscall_64+0x1b9/0x820 [ 652.337819] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 652.343182] ? save_stack+0xa9/0xd0 [ 652.346810] ? lock_acquire+0x1e4/0x540 [ 652.350779] ? fs_reclaim_acquire+0x20/0x20 [ 652.355096] ? lock_downgrade+0x8f0/0x8f0 [ 652.359240] ? ksys_mount+0x12d/0x140 [ 652.363043] ? check_same_owner+0x340/0x340 [ 652.367362] ? rcu_note_context_switch+0x730/0x730 [ 652.372287] __should_failslab+0x124/0x180 [ 652.376523] should_failslab+0x9/0x14 [ 652.380320] kmem_cache_alloc_trace+0x2cb/0x780 [ 652.384985] ? kasan_kmalloc+0xc4/0xe0 [ 652.388873] __memcg_init_list_lru_node+0x185/0x2d0 [ 652.393885] ? kvfree_rcu+0x20/0x20 [ 652.397507] ? __kmalloc_node+0x47/0x70 [ 652.401484] __list_lru_init+0x4d6/0x840 [ 652.405546] ? up_write+0x7b/0x220 [ 652.409082] ? list_lru_destroy+0x500/0x500 [ 652.413401] ? prealloc_shrinker+0x124/0x450 [ 652.417804] ? prealloc_shrinker+0x21c/0x450 [ 652.422209] ? inactive_list_is_low+0x850/0x850 [ 652.426873] ? __lockdep_init_map+0x105/0x590 [ 652.431367] alloc_super+0x976/0xb10 [ 652.435080] ? destroy_unused_super.part.11+0x110/0x110 [ 652.440441] ? lock_downgrade+0x8f0/0x8f0 [ 652.444583] ? lock_acquire+0x1e4/0x540 [ 652.448556] ? kasan_check_read+0x11/0x20 [ 652.452703] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 652.457283] ? kasan_check_write+0x14/0x20 [ 652.461517] ? do_raw_spin_lock+0xc1/0x200 [ 652.465755] sget_userns+0x276/0x860 [ 652.469466] ? v9fs_kill_super+0xa0/0xa0 [ 652.473532] ? vfs_get_super+0x270/0x270 [ 652.477606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 652.483138] ? ns_capable_common+0x13f/0x170 [ 652.487541] ? v9fs_kill_super+0xa0/0xa0 [ 652.491601] sget+0x10b/0x150 [ 652.494704] v9fs_mount+0xe2/0x900 [ 652.498240] ? v9fs_drop_inode+0x150/0x150 [ 652.502468] legacy_get_tree+0x118/0x440 [ 652.506532] vfs_get_tree+0x1cb/0x5c0 [ 652.510334] do_mount+0x6c1/0x1fb0 [ 652.513871] ? kasan_check_write+0x14/0x20 [ 652.518104] ? copy_mount_string+0x40/0x40 [ 652.522335] ? retint_kernel+0x10/0x10 [ 652.526225] ? __sanitizer_cov_trace_const_cmp8+0x1/0x20 [ 652.531670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 652.537204] ? copy_mount_options+0x285/0x380 [ 652.541697] ksys_mount+0x12d/0x140 [ 652.545335] __x64_sys_mount+0xbe/0x150 [ 652.549312] do_syscall_64+0x1b9/0x820 [ 652.553193] ? finish_task_switch+0x1d3/0x870 [ 652.557693] ? syscall_return_slowpath+0x5e0/0x5e0 [ 652.562619] ? syscall_return_slowpath+0x31d/0x5e0 [ 652.567542] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 652.572554] ? prepare_exit_to_usermode+0x291/0x3b0 [ 652.577571] ? perf_trace_sys_enter+0xb10/0xb10 [ 652.582234] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 652.587076] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 652.592255] RIP: 0033:0x455e29 [ 652.595432] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:46:33 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="a600000029010000000000acb8a6c224e60abd5def720000002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c653000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66690000000000000000000000000000a1e4a91ce7db6ee8026cb43eb9e5dbb22596b54cdbbe67ece011ca2a5bde58b832710be2765e75d3aefaaa1aabc78e21840100181bb3110fc3efee2b49796e9fa74118df26ccbc309e2a1f8ed259a962c63ecf876b33f8bba35196efc593fbb50356159fc0989a32bb21636f30ad0d7e38b61008385066e95f028f3a4e66907a4a0e03ab627e1bd29ee10efaa442f2ea6cf32eba72cb5420fa1807a94e75617e7cdfa1d01a0b793cd7a26acd7cb097d69d77e51fb42ebb4db9aa71c268dd6b271e56f706b5c47ddb739ad0a85ee3e2a346efc411593f5300589d38d9df16a2516a6b8e288ad24455149cf7ad8528876c2c096700004fdb1dc9168f5ab47ef5b8c737fc9452654ebef4cbf5f9f31843a67c949e89c3f2db27c02c769460aced35f0ce0c0ff7c2abd5482b22b2de3611d86c8f4138c9cec259fc307bb4"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:33 executing program 6 (fault-call:7 fault-nth:53): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 652.614720] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 652.622424] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 652.629689] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 652.636953] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 652.644215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 652.651480] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000034 02:46:33 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x6f09, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:33 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x400000000000000}}], 0x1, 0x0) 02:46:33 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:33 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xc0ed0000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:34 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 652.969277] FAULT_INJECTION: forcing a failure. [ 652.969277] name failslab, interval 1, probability 0, space 0, times 0 [ 652.980661] CPU: 0 PID: 8089 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 652.988975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 652.998320] Call Trace: [ 653.000907] dump_stack+0x1c9/0x2b4 [ 653.004530] ? dump_stack_print_info.cold.2+0x52/0x52 [ 653.009718] ? __kernel_text_address+0xd/0x40 [ 653.014207] ? unwind_get_return_address+0x61/0xa0 [ 653.019134] should_fail.cold.4+0xa/0x11 [ 653.023191] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 653.028290] ? save_stack+0xa9/0xd0 [ 653.031917] ? save_stack+0x43/0xd0 [ 653.035541] ? kasan_kmalloc+0xc4/0xe0 [ 653.039425] ? kmem_cache_alloc_trace+0x152/0x780 [ 653.044263] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 653.049448] ? __list_lru_init+0x4d6/0x840 [ 653.053682] ? alloc_super+0x9a6/0xb10 [ 653.057565] ? sget+0x10b/0x150 [ 653.060837] ? v9fs_mount+0xe2/0x900 [ 653.064553] ? legacy_get_tree+0x118/0x440 [ 653.068781] ? vfs_get_tree+0x1cb/0x5c0 [ 653.072750] ? do_mount+0x6c1/0x1fb0 [ 653.076461] ? ksys_mount+0x12d/0x140 [ 653.080254] ? __x64_sys_mount+0xbe/0x150 [ 653.084398] ? do_syscall_64+0x1b9/0x820 [ 653.088497] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 653.093863] ? save_stack+0xa9/0xd0 [ 653.097493] ? lock_acquire+0x1e4/0x540 [ 653.101467] ? fs_reclaim_acquire+0x20/0x20 [ 653.105785] ? lock_downgrade+0x8f0/0x8f0 [ 653.109925] ? ksys_mount+0x12d/0x140 [ 653.113725] ? check_same_owner+0x340/0x340 [ 653.118046] ? rcu_note_context_switch+0x730/0x730 [ 653.122970] __should_failslab+0x124/0x180 [ 653.127207] should_failslab+0x9/0x14 [ 653.131002] kmem_cache_alloc_trace+0x2cb/0x780 [ 653.135665] ? kasan_kmalloc+0xc4/0xe0 [ 653.139554] __memcg_init_list_lru_node+0x185/0x2d0 [ 653.144577] ? kvfree_rcu+0x20/0x20 [ 653.148201] ? __kmalloc_node+0x47/0x70 [ 653.152171] __list_lru_init+0x4d6/0x840 [ 653.156229] ? up_write+0x7b/0x220 [ 653.159764] ? list_lru_destroy+0x500/0x500 [ 653.164081] ? prealloc_shrinker+0x124/0x450 [ 653.168487] ? prealloc_shrinker+0x21c/0x450 [ 653.172890] ? inactive_list_is_low+0x850/0x850 [ 653.177567] ? __lockdep_init_map+0x105/0x590 [ 653.182064] alloc_super+0x9a6/0xb10 [ 653.185783] ? destroy_unused_super.part.11+0x110/0x110 [ 653.191144] ? lock_downgrade+0x8f0/0x8f0 [ 653.195295] ? lock_acquire+0x1e4/0x540 [ 653.199278] ? kasan_check_read+0x11/0x20 [ 653.203421] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 653.208002] ? kasan_check_write+0x14/0x20 [ 653.212232] ? do_raw_spin_lock+0xc1/0x200 [ 653.216470] sget_userns+0x276/0x860 [ 653.220180] ? v9fs_kill_super+0xa0/0xa0 [ 653.224239] ? vfs_get_super+0x270/0x270 [ 653.228314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 653.233847] ? ns_capable_common+0x13f/0x170 [ 653.238268] ? v9fs_kill_super+0xa0/0xa0 [ 653.242328] sget+0x10b/0x150 [ 653.245429] v9fs_mount+0xe2/0x900 [ 653.248967] ? v9fs_drop_inode+0x150/0x150 [ 653.253196] legacy_get_tree+0x118/0x440 [ 653.257253] vfs_get_tree+0x1cb/0x5c0 [ 653.261048] do_mount+0x6c1/0x1fb0 [ 653.264581] ? check_same_owner+0x340/0x340 [ 653.268896] ? lock_release+0xa30/0xa30 [ 653.272867] ? copy_mount_string+0x40/0x40 [ 653.277097] ? kasan_kmalloc+0xc4/0xe0 [ 653.280980] ? kmem_cache_alloc_trace+0x318/0x780 [ 653.285819] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 653.291348] ? _copy_from_user+0xdf/0x150 [ 653.295492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 653.301022] ? copy_mount_options+0x285/0x380 [ 653.305518] ksys_mount+0x12d/0x140 [ 653.309143] __x64_sys_mount+0xbe/0x150 [ 653.313115] do_syscall_64+0x1b9/0x820 [ 653.316999] ? finish_task_switch+0x1d3/0x870 [ 653.321492] ? syscall_return_slowpath+0x5e0/0x5e0 [ 653.326416] ? syscall_return_slowpath+0x31d/0x5e0 [ 653.331344] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 653.336357] ? prepare_exit_to_usermode+0x291/0x3b0 [ 653.341368] ? perf_trace_sys_enter+0xb10/0xb10 [ 653.346031] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 653.350873] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 653.356057] RIP: 0033:0x455e29 [ 653.359232] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 653.378499] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 653.386201] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 653.393463] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 653.400725] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 653.408633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:34 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f00000008c0)={0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000c40)={{{@in=@rand_addr, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast2}}, &(0x7f0000000d40)=0xe8) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000d80)={0x0, 0x0, 0x0}, &(0x7f0000000dc0)=0xc) r6 = getpgid(0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000e00)={0x0, 0x0}, &(0x7f0000000e40)=0xc) getgroups(0x5, &(0x7f0000000e80)=[0xffffffffffffffff, 0xee01, 0xee01, 0xffffffffffffffff, 0xee01]) r9 = getpgrp(0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000ec0)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}}}, &(0x7f0000000fc0)=0xe8) r11 = getgid() ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000001000)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000001040)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@local}}, &(0x7f0000001140)=0xe8) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001180)={0x0, 0x0, 0x0}, &(0x7f00000011c0)=0xc) r15 = gettid() fstat(r1, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0}) r17 = getegid() ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000001700)=0x0) fstat(r0, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f00000017c0), &(0x7f0000001800), &(0x7f0000001840)=0x0) r21 = syz_open_dev$sndctrl(&(0x7f00000041c0)='/dev/snd/controlC#\x00', 0x0, 0x80602) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000004780)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000047c0)={{{@in6=@local, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@loopback}}, &(0x7f00000048c0)=0xe8) lstat(&(0x7f0000004900)='./file0\x00', &(0x7f0000004940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r25 = gettid() r26 = geteuid() fstat(0xffffffffffffff9c, &(0x7f00000049c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000004a40)={0x0}, &(0x7f0000004a80)=0xc) r29 = getuid() fstat(r0, &(0x7f0000004ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000004b40)=0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000004b80)={{{@in6=@mcast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@dev}}, &(0x7f0000004c80)=0xe8) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000004cc0)={0x0, 0x0, 0x0}, &(0x7f0000004d00)=0xc) r34 = getpgrp(0x0) stat(&(0x7f0000006300)='./file0\x00', &(0x7f0000006340)={0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000063c0)='\x00', &(0x7f0000006400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r37 = fcntl$getown(r0, 0x9) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000006480)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6}}, &(0x7f0000006580)=0xe8) getresgid(&(0x7f00000065c0)=0x0, &(0x7f0000006600), &(0x7f0000006640)) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000006680)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f00000067c0)=[{&(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000380)=[{&(0x7f0000000480)="d82d5017c8338bb583fe6307fe6d6730c7d9b381170d86edee3454ade842b3e754b2bc3fb7fdc4551f1f22ef5d370d1959265a3c98db8601e07064525ccf900a348c1041a83ddc2e2cdbe1cc071824e95b0471260dcf55dd0643a4a74dd9cdc4ea67daa0ff6f9d0123eeeb413dda28353a733ebfd797e489812a8276e6e79ce8b59fccf046973782640100bc1adc5ae3f34be34dd7d3fc94220de55cc6e25f8172c13995d4ec56658e34c1c3a9592f2acea5ca459f4a6718ff1ef58018b2ffb65007b51da3afac75d18925d062111fb048875b1e", 0xd4}], 0x1, 0x0, 0x0, 0x8010}, {&(0x7f0000000580)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000bc0)=[{&(0x7f0000000600)="4ca00c63252c372daa2b26ce3442e5b5f6af153860950474470040eef7ecf7e224abec5450d12df3fde532f6a632d7b2dd07031320b7f61eaa4f126fc7b69e467ccc11dc038ef5ec481afdd44ac3e36a4c36367b6628577255479610a89375c1cc1325947478ee67fdbf4dacdcd26e1f3c4d7fce1899cf10877ae47809561c79cf5b45b75c8223467868e54601c10a446e7b1f34d7c166d160f108e483f41eaf8240754fb0a0807a7c9cac1ac429399d98a47b1a25abf1c4cd731caee44ce81b27b6ea9f", 0xc4}, {&(0x7f0000000700)="7911652e3e02cbb0f405668c03e22fde3add3449deab6c9ce61bbcf9e2ddf657d628f2249475c58ff1f33931d7374815df3a6c59bea5d9cff436b359acf6ea03fbbda12c74caa13cccd334b9015c3e42f64ebc05dfa5c3ec0a1db28b027a871e89d06940f458319e698c81ae6edf3078915a699146dee3db22a6bfecffc6bef6ff21415d2e48809f222d88b5", 0x8c}, {&(0x7f0000000940)="9f5d8b2567fca3782bdf351cf46c7a176ecbac68c518f50a99eb11df96423d2a0538d6aa79659326d92de93752c70203cd7ba1cd7eeeaaab51bcd73387554934ebb0300c882b4f39f9bd01c24233d13f54f9b0c4096e0a620bde30b68b094256bf14f2dd4a0da7e0a7d46be2da74d3a8f50677f8ddf25d77b25672f5eb7d94f0e38a34c7ea32f3286aa551f474038e27d11b1f78b85d7f191faa5cbeb3a082640779cebd108f0d4a15927f388b71b33c3948d2f916c63db1f0bc1dcc0ab0eece04cf5fc2a000ade78cdbd2a0c08a1e9090ff06a0a8ec30ae4a8e32aa681aa301", 0xe0}, {&(0x7f00000007c0)="9fa28269f74460e7bc0c3b2d2440695649f46b89428e663ffa15e1803ab06f457d6de3195de83ef9646fce9418bb0dd78a36508dcbd8bb11952ccc09a5dbad7240f4690506edf791cd358a82978efb332bd390ac5c3958b0dfc73e56db23bac39a4b1d905e7162f003540099324cc2e19c782786009afcdc274ef878ae", 0x7d}, {&(0x7f0000000a40)="ab6c050ba07eb3f6809ffdcab09db7ceae7bf09d97b984b315f3a72f5a43eb41c417ff72c26a66cececf41513034f07206d1ac2fcf79f4ea74e9c070943865e838ed8069c141020e3d5adefe29ef320488f34a5abca9d1734f2f18dd068bd8e72a0da06d337521fe", 0x68}, {&(0x7f0000000ac0)="4483f44fd45b7de1c4f0de03799880e0382dc36d4e6ecbdd3bea87979c4a31aaeea34af79a586fa591c617dfbdd351daf53e12656c564890b54d292f1b5e5b76ad6e8d7624b36a021e9958e4fe250acd9828cff157fe0325463b30328ec5c62e47b7ce842cf93642aa355d5e378c611d4ee4f962c7078d8d9565d68b3f157a569eb43e1c9919b9e5dba94bd9df11851d8b0a9679d1a94e070475cbff2b7932f91cba73901c031514311e00aa189e075f353f07daa3efa558f55630be93b19d4d466f325d1067e29295ed1d6ebc23a50257979a6420a0a313", 0xd8}], 0x6, &(0x7f0000006980)=ANY=[@ANYBLOB="20000000000000000100000002002000622afc71e5c0cd96df9b74dfba74f157377b42685e21f884c140b7aa9647901990475a8c14b5d381296c761429f2c0d5bd0e1f86a023ef8bd3ef2c657a4a896c3c252ff38b", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=r10, @ANYRES32=r11, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r12, @ANYRES32=r13, @ANYRES32=r14, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r0, @ANYRES32=r0], 0xa8, 0x80}, {&(0x7f00000012c0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001600)=[{&(0x7f0000001340)="a83484579140a3bb3c0e5ec5265f4e3d8f440a7d3724eea2a96b3deab8d695d6d61a78e8a1b26a164490658c9c4a5618d4012eaf264b8ed0ac27fa02f0cae627013d1b3ae0d819054fda392fa4a2793d38cc9f07966d271acd803bbe9685f84e5dc2e702d51186506699866164d09cf145f75e96adfc3179f647b220f5f6085739303c739b70", 0x86}, {&(0x7f0000001400)="e207aae5ea7421d377560eac57da6baff4a185ed867f58b38707718772caa5d5437e6b686cf2ca35c8c2c8b0daf1acd9f9b1c1aa75ad31b7f8d5d71c8223c0d8f1ba2fd8519095ce4d34408e55ca082aaec6e514e159f5288d4f2b9fdcf2eb7610f93eac6ae1749014ae05cf224dc3c34df5bdfec59514a2f6e1b6c021d9055922a60f1cbb117a508ace7ac088c4ce68816b561693ab8c4873d2ee40db965c7a04c6b922e31b9e9c6464afdebf2df27f919b2f1acab9e46fd1baddd8fbff2a9f55c9b20499699c907508419105e004923849f6f4a334be7d524cfebd084185c5222db67bc57028e7f3b5b73d3393a537eeb3", 0xf2}, {&(0x7f0000001500)="93c2e104d4d78d4bb31bb8551ef89e4aba5a16a9fa4c8a14f3a5e38add1a339d27be01806c744cfd217b264cede8866d2e062e9faaed45c9890f1a4bb47488f8191b73aa94ebad5b7b8518234ac87583c25ae090463ca1cf008a91dfc266106b943ccffe5d90cad8f7f6814fd09d2475399058094fba054c733ee63ac99b5ea59db98029b95655815afd6d9b3f75761c5b220f08b62285d608614adf51cd3332631b93d1562f9cae2c6742eb5ff102b87163c836e14c97016d7d547bc3721e362a1de6bcece55dce85241f728f21d34d09b944c306f883d2df301703164ab5d227ebf044c5fa60d3d1a89b40a0960e1d54f1714ec15d", 0xf6}], 0x3, &(0x7f0000001880)=[@rights={0x28, 0x1, 0x1, [r1, r0, r1, r0, r1]}, @cred={0x20, 0x1, 0x2, r15, r16, r17}, @cred={0x20, 0x1, 0x2, r18, r19, r20}], 0x68}, {&(0x7f0000001900)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003c80)=[{&(0x7f0000001980)="26548c6191f01adb106080e43ad6edc9b50db8a1f3825a57adfe0e6bfce86a79cab119c182b03d3fd87c74e76c4cfae0b50f46556c3d21b263a575f1568babf49243e010c0427816181329b93503cb9768ef49ec82062f7307d6674d0020ebca8dd907de8e3f07f9c9393b9a80a684c2f9eae00596bdf1783591f0b24505e312668b56860ceb74f359f36474021e89179faefb6af2b57f1c49e86c684d1f99e31d5c3ba4bdb9a5abe5893aa9256771e4a23c7b1340bae8979f111cacf6ada2c8e039e520af9da5cb3e72e7f5ea82fb8af0f8ab64b14a5e86e31d3b86f76d09352559ac70e3db82b3c1e1412e2f1e94f8b032f71f27a78c4bf19ee37b5a0cec0cff1e4e864bc98423f10eb92183a46c8d1b0d474219cf23ae80474e33c4306aafabbae18f2e3e357610021d060947a2c48f73ac664b97a3e22262598e1b0a73b9e1367cbba26a5e9dd9b0925e78c4bab12331edcd5589cc873064c89e422e1ce60b12833599dd81b58c2b202fc284e246aa1d2044805d40918aa8fca2aaec3ac092f74870d06fb5e8fa84628ed6ba3f736a70db108b585fb3da93bdffd3a7bc4298c96751c074107d8ae528e2de697bbbf226125e2a93c106f5c4db07dc57cb8c777392aab0eee64fd98b700daeaf1e0691161b31b8b10b2320ba35591421ad1971ace591c180d083a655ad5c5a4576c27ae860a4f4b5bab2cbc5f78ce402457fe9f5f7f17ffb7935e6323e7a8a7860de7e4de0ac5081ab7c07203f1938f2f6c8d51b0fb3e173bfc1586b10a2734071548961c0e416e1d67761757f3601985c4446a75ac3edb684af8d55c671d8f34a14b51b83883685d5a734cd7dbc0595b7e006b0937ebd7064dce8b14902752ff8d1f3c3b377b7f4352eb39a961d182dfdadf7c4dea3f5bd9c180efe8f69eea5ccefd0d94db4adf222198d7076b91981afd2b64b819c53036f77c7044df3039e3f2431e1b5ea58f0e71754f1322902ca330895fa04a09d328c8b40315f5bad611ac47757792967a1671be1ca3db51391c18592e79c281d2da56417852f38789d394dc76c17d746419c196b13bdfa7bf328941fb58d1d5e99609f3c056e1cf355e6e8bc640937ac6892194602de35272d414018636e9049f64deaeeef152a9c337ce6c0807fc1fe3ffaa2de93f107107c7696ad36d2a3bf99959859a3a4af5495910d763ec7826b7a02754e70d1217dc4ff4a3204a2ce51bba9c6b6edef00607122d3ee4df2ad4ee11ee52437e50e33dfdea38cd553e1b6ec6a4531d0a1a065baf28d21a42b2a3a98a0bf7b688caa73625eae254c94ef1e0c90fbc920ceee7dd433d303a418d7261f8ba0dc8fa38f211f854a36b5174fc7daa573427521f5ade410de26b63f85fddec417333cd40a48e722acbcbfc74a981d8961a04358147053052cf56df828807ce07ff8d58503df34e0d1162fbed74b56be26fe93f59c64f7af1bba3113b7b11f9f5664170c4b74bee25d5b4f0eb92592b86ca4b6108ce54533d35733952741551a6da42449294b494cee93a5114041cec3a0f88bef4b4c863ff07e0edbc6587a4b605d512f89b29a157a026d2f477de4b0e8a88dea5c9adea37d9712b0f24ffd37b0e6f60727f25639f7effe01d3200da2775034d9584ea53368054cb96ac38c63ccbbb107a339c1fe38347b6818e1bf482e1541d9649dbe7614caa8d5cb74f4b4c4c946dcd38335b539839722d6478bfc7451259218bf19f1790eea2dce44fd09580ed8923922aa9208a2055934439af7d216c3a6c3af14d7f2850974753cba3617d216fd72951f25bb7776094c2cf0f4a88345c888a11f5812b3cc1917c7336d121831bdf76698004516bfd1b1e93eaae088c373baac8e8359b5d578765b8cad9936e16c241ea6cac5bbf45bb254e6b931f3d45cc1c78496145aab7d5782dde82eb3b5866b3f751b5ea60b2b395fb9198765cb6d22de9982d2de0ca5dbaf0ffdf6eb86c21189db1ebbe005a2fae99ce726a0fc21a35b6f3cfa786ec0ff131ab0810a413ce9d5c53ce19ed7ef79035824bd7060615b39cace7576fbfdd393e335969ee76357299d08a8196c7726861dba6ab1b8473c45a608a487754471b7667020ab3733c5f79ebd7d4e62cbe3bbae423b29b078f8f31437b3adcd2f93cde35a723aa36e1a250ec2fd3f1af99381ccb60037a0057a46c9f2295f8f4d2f6cb790d03726d5eaa7276a8fc8ca1ce1f16ca6af8739266adc777626fb5544cf8fad55de1c5ccebba2ce3b3f197c1f1093e5ee4edd8ff5dc7723d3c032b31cdc2e3566b10678d73cf5a856ad431982c9ae4004e7c2a851eb62ee90d590b9c3dc59ff107e9e7217e2e1c1f7de21edc5cb6e677ba1adfb13a757bcae76ee752ce44f030a8c4ae9266ceda85dd0a089af01ced6baa80df98d897015b5baef7a9e48f34eb8810e9fe914f64e45d1e2a6427ab843ccdd238943fd36cd1aa0bbca5fc724becea161b9e039927f9ef7a28949657e5addc155848f826b2a06c2c907cc8f6f1f7bfeed3053b1b9f24c6c2e15e6105316116fb414080cd89b238ca514e56e8735918047147488b0fb0376c0826695ba682ce2f6c93e950499a07979f59960dffbc5b4881a7248146e7f192b5489876a86806ca2c2207dcf79c1c0498df15ccbcafcc064da018bfc9cdf4a363cff48cc22dde9f7cf01795b4ebb09795d304afc1c531d187f9fb8836334a694616bac1a04df9842122dc470641bacb49a6320581c01b2831a1f314e2282696a4a2881ca0935fd60a6abeef183bdb77b1ee131dfb6056e5e9465ccfe8b735cc61ab3fd010cd61e4d7cc2c7ad792024dd8882f189b53ab763e69accd85488fba65ec448630be56f9d825c3ca9cf79166662895c7f2fdbe803916e6548a70ba59ab981d0e793dceb5e4e8b8c7c8768c3682ce97af488acb056176c32a9e1443cf91d3b6c8c42a043398f50ba2fb9a08beb05f31dfb2b89d7192a8f3633c116efdb45d8540f2136ee650012665d4c212ce75be8576bc4f9ba0f10dd458c927600da4221732981cb33616a554855efc53fda846c6b005cf31410cdb9a9a0c6dd83d4963f21b7a3cbdb563eea7b2ffa8a2ffcd931fb5a70e2fcf510cdcf93aba43428d4abf705466ade4179f7975521e2b51d862656b630ba3c7638e2a196483101d0fee79072e49dc716b07fc7ba8f61031689f70cfd118b7590645ea489a4574211a353f0590557e8b3768ef28987ca7771d342144c6e982f59c4ef49e506a01aa0166457323ad8e9e1901adf7afd62fb1f3901741fa015ea8b476282dbc2584a69aaa6a2bec065d0399a15a2ffc482ff0658e45f2b5be401fc19c8e339cdb04214346a7277d9ecde5ca8adfb613a84e0f7a8d447738b20231eb8b2cb59a9b95042cd6b3b6d7c34adce171db6e1af1f1c14c0b0a8a8ba011348d6f20544586586c2401926d42c3eeade4f62bd42414056796df61e1d7d5853f5c987ffeaaf13b58485609b82dadc85bf158e9d49546cedc21a3076c10207cfb84205f333346c18f11ccff379941ab20b77b13eef5151ab5f0049e4acc501b647b668022bee35f66581361211dcaacd87be29cf08a4510cdc75c3ab0d5ab7db02d3a8dd140bf135c199540c1d816cf8d604b2e0cda2bd1c388247430e37a8367d465c196bee592915d3360381f5bf62664d0f10fbfce636d3ec9c3057f877c8b6d467eef687c0285dcba1486b10ca8283585671b3b3e417a59d91eaa253c1ef70cb0ef5a26de01f997878bcdb50767f72aa452f53c16d217c2c485fc3192d8ac53b49c69725eb193a502c3ceb49fd3aa2989022bee4e4518bb65d14525d0458146e86967f59301b9b52c20640536bbd54082fe44b0cdbfa116cddcc607b95eb959c5b1a2fc055472fe38d5af88d3668390d8b5ae3f874469c5d88d0506da92b80c5215205ccd526419e22008778a058f5313198fdb51e31cf977d9183f4d8a0dd548dbc7aadd87ae0876cc9f17738f854fa6afefef6c00ebce8f00b3dd8bde231b8a64929fea38e1a1f12ba27acffbfe7fc0e17a8cdf16fb30de034140c6a50c7c4f299b5523ef8d926ddf536afe12b3f45c6f075c1ff31fc9fe0eeb7033f234672a23c7853cd842d09f5c3257a3ca3808aaa88f30568ff589bec985cf03a01c6d52c20f1ac0cd7cb23ce062029ea6625dadd498b1a25f2711eb05798cf4af9546a7cc9ef6f27f886f629d5ed3e3c6001c269e7d0033927c4709a369161778a7507d4888e055c1ec87da84a4994296303b3523cc94fdd6a07e08c3614f9a07e3e2c13cfb3497e3686b6845cfd8f57877ae382639445234f9438bd407edfcc96217c301c47106ba2b73033ff6b5f7998b66bf2d711e79a9b9411fe2eccf946f13b59ed9e336a0fb22b8cdb6a9f578bc85ae2f7959b7ba9038f6404be802962467550ff3906dec357f1e920f110bfd9f10ef093fb3d065f1b6d9dd1ea50ed8be4fee822dbfc67f6c0cb50acfd6f23fc1628f9536fde366f0606754d04fbcdb1b9eadca316764c2e7ed38f9e6d8d1c53a14fd6e6281dd7e2dfc3685326ff98f1a13a8cc8d4d04b4282bd13671b686252ce52abdc2f7dd486cc9617e0cb28af2eac2b0fb70c54b022d39f3d2c758608e0ea35bb362749fb26d94b10dd6c64761fee9e4d7aea61b56817ba341d777f12344216cf4ed1b3979a0aece4cad6ba02e76cf6007901bcc561bea1563efe93e99d209e50617c28230b7c0f95fc937b004b0f3411862198662ec97e226bf6bb026180ffc6b4d196a7b1ac10b45c2cd748820b8d7b35fc6170a1eba1b2648b3620815878a7e8fcef241092ee6e7aa3e5e95fb7469cad0ea815803fa3da67c36189e6dfde69e621d1bd75b2a9bb5cead62c062dcfce427c6e82c48a26182f75b0fa8c99b5f8f34ce368bce18bb3c3b379f76c1b65416f9b7a5cd0bc05a05e89d6e0c331e6017c3e95d07d3f229d011e1fa7869840f4e754834b58b4d68cdb06466552ae37d698aa11bcb07b6e8cd58966c10aa7c062dc27d455d2f2fc1916fd954edc44c97c96050487a7da366a8bb547ca0c89ad92993e40da90210015b9b815f762e82e60e84905f6ec252f3b8cd05f0b74132873d9ef818442d3f9b7df4528a4644fc2864e4f7175d036aa0b5880f05b80a0ac1295671a15dd376294115abb2fd0fdee10dfc94184c035235ff2e26b02b7a2d5a9c32f0c5ac7c7c3216ee6025e8116223873bef542b11551a10833bca87a2239cc07198be170a13e8525fc4161f56010c664ddf7178554ee2ad7af9e134102e9b432f92aa6c0aecbaba4d37252e97a0cf93cada2da773d59d68bae7761c5c21909dc79a58c904890cf9b71411bbdae919463c68af2515f292390d7d4f81e3c8bdbec0ef73f3b830a0cf962a5ba62597ea68af9ffb735965a4f3f169587f017d092506751470a65ee9d86f31799985e3489c21612c7a72639e1e0e26744a48df8e66c3cfa28c98c625cb113d83ff6aace5e9a23eba85e8de4d62443bc4793039c3c71b004d98d8a6ac782d892259d966ffbe349ffb520c91c2d6acb5ca39bc7fe67129c8fa343618b625e86cc082356f33625eb5318d6d65dc0b5e9e74e6db527a85a0b24240c2f37bc97c4351e287ae8ee9e9ec03c8e80559bb1fd45c46d83dc46c3c54e9902270653b60ed01f6bb9a9d1b1211e3a39af1c454f89bdd2093016b908e5c223191a18c19aec375e40a42bff2aae371b3f3903ecb9719e47498d7dd310d1494f7d7778599940d26191d4357e27cf77b421c637cdbf725a11d5c89bee420555cf733a", 0x1000}, {&(0x7f0000002980)="d916f658b8d6194dd0e637ce862c02f0bba59b9e32d8521cde45616b7b7db215e82747baf2dc6490907ef9aba3381937e517d4e2e7b60caa866f79be9a5aa6fad4ba92988c5d7f33417537acb4c3f5f67dcaa29fae4b29083924248fd621dfd6e680c3bf8bca27e6b118927bc8739d1832bd92411c4bc9cd26a77095ebd08e3c05dd8e4b9d2f3c75f8cc81f45ab63a8f3d881fb5bed58c7e55b8b49e74f11466f66d2d15c25b94bc10054a0ece2687f936211088c240626c01", 0xb9}, {&(0x7f0000002a40)="e502fcd18b2c51e83ee82c698978fe2774386abc20f45695b2807a703319b68fa7bc7ebe29e8fbd393a85a53e1b108e9cfa36ca15009375413637a89677852753762ec72dba132c5448ce2c2d89be4dfcd0dcd11c1685077bc1bd1e0f5c77672c81616fc9e61fdc1594cc36db6e26938b2cba5a142ecbc1f66f67d", 0x7b}, {&(0x7f0000002ac0)="9e88be342fae44129a8bd2373c655d97a48626ae54f5aae610694182b05defcf9a93bd4111a2607bea95633afde3d5ec1f4cebcbb51002c0b84ec4674d83b09322ac405c082bcf4e2b0afd88ebeaaa64f0124fce22d0a7b280c125224f3a6cad25fda50e7fc57ebd68d0adbd4c2ed070c8546dd468901e7f325310c9dcc0c3a6589fa88e6f5a88e57f032a34deb677885854d652bb5fbc867513a055f410d5c4959c2234a36f2753e52a74be2c69680ed2d9f21e27111a70272dc0401784a017a7ffa1ecf7aabf575eda57c0cd0c4c3a89978cafe67f32c1655e05cf74a29bcabd5e07f9e8258eabae9fafb86047d10aa3fe91b2021903b510ff440be6ca977e882cb9b52944fe3b83be1db13b2cfcdf1f163cdffb667b0485f59da7ffd7539f9df9559ae98bae83fc07c2fa59caaac0b5d261436e14921c218533961350ffb33180b867496825eae70008b743b11341111c57e4942162b46600ede53ff89531d36ad0ea29c9ca7b6d135ab27fce6dae235ca959d174bbfb880a6f5b0976370a94ece344f547670400f5129c9303a775beeb1b70010d72baa31244477fa7839d2fc8eac1224a9bc264035e3d853086ce9016917debdeff64db05df3393b9e7bec78678670f3c7811dd5443829cab40b11cf10d70127ea4f6796e621a0130794ef8057c8eabb70a5e134d9cedfcdd2c14c8e5d24064a446830244522f32d17aeac033a64d31c143ecb1e393ec653aab488672fb5d22cb940872d8d2802cc4947531954e9ecc6d411c374b392989c2b0ee847cc76367fa4d17d473c4ddcc39bf7236289a775a6ab2f319e3df80598007e21d6933830cebab11a70767ff35fb01b2c9d0508792d934fd403837294a9c8f39b7fa1925dfd3afdbe4ae950b0f6f9e0841e09ebafc32f0a590ec446d3ede62565680b79954f8072052c45c5f1f4497ca22ff48249bd05b9ec5a09a30312a0b74b07f970c91c9fc1c848a26ae77f1deaccb36251042699c673588c22c626429b013355be0f82dbbaa64ed1d20435f529950c4807dca9a6323f9a4a241d078b9d1a3ce5738ed683e8071b4a291fed2a2c1b1eb1976b08bf82bad77027f989be04dc4b351ce5f4b316a1a7124ab7106515347285ff207e123f2e2ca989f8d78ff1d0cbe44341efe2fa67b3c1aaecc258c6e4d8b76af89f6a6fcb7832b24259d436370c8db9c915d20c2f35eeec64af1fe900ed61f5cc70b262fd0c4b8a22b32db20c805af4ced0edeb9f2dde037019e3b2d330d9402b08e57ace3a7a9efd5ba2f54daa2230ccf8e4f112bc48257bd3e9193d70fe7010179e3ef215b7c9f113385a9e679e4dc46fe85c29fb385d928c75bdfdf8069c0d55c446a2fdf3da67ce59f01097590f785fe652571a4e4cba29a6ebe9cf67951285f32bc9f7789b024ead510846c35828a3d5506353eeb22e95416e89a8d907a82892ba383d0f128c284a032d842690454aff0d3308dab95388059a7d43c1a600ad75c0ebe5df3c056b2b86d4555987171abd89d6145e49ad006c7f722894cefec295d43f4182a178cf83a55531fccda53cf7aa94009b35ef59f88049717160c5ed549d1a6864a5400f63985030a3341285b139907a244e467c0a70db517a47bba2e2b16052c076af9b28cbfa9fa70fcfcfea52c20a7857529952c667d751a7e76818269f50b44dcd7c520affd0a92f3ecac8b8af6885ab19b12e64e79370176b67afcc6fad7dcd075b80012d9f8a5489485382919c5eb4c151bede0e1a72f8c2a76a4f611b61123a905f0c53e5490cd4a30808580fbd7a9f4bbb4f710cc90d152e6dc1ba7d06e1d4df4c8c668329922437fa6af2daa7e691aa0306b68fd53ac6ef117255cf3ba0df961316cdc2f1d138ec682c1fcdb7e3720a84b0932c5d2630cd5cfd1410486b41389d86ac67ac13a582ba9cff797a928e92ebaeb416d957c654bfb282042884cf9d5ed4cb7e9e576588f3f6342ca31bc5b524981ad62fd3b234b4ef663a042d25d66ddb4cbfa4bc37ae9d5a65220dad3908620d94b20aaf9f3a3fa5caf4cccaa136df99d2e5812abdb964475c7e3d18ecdd6562f851d675aff12db5c4faf2a86e37633af542983ee859534eea4db0fde6eb0e5331f6dfa56d7eb321cd1c2b5c007456fc78305b3ff1a7988cfba930ecf613b99c8d4265591472d20a1e0fc9be8dd79659a71f4a9d6cfd8a87bce2da997e4a8d4a747d1f26f7f88e9d58f6a51fb4fb9a23ae0f8f4d9aad41689c941bf5da76720cd6356814673c0822138858ca221f5b9cf7568475da161dc05102d266f082a7272f756f444c483ce2da0e9bf6bad8960922eaa72ea2c551f2cb5ccd7c0cd537dc189d24af04db59dfec1368b886e13c08ed646d36fe7fbe9af3b473a13d8255d003e18e938ecd72cc9be7d3766cbcadc74f917fafec96d4c3a6663aac14a9b7190b5456570802568ebfc1137d284065b593ab95f8fb512ace3fe939492468b83e9c6f8a43d1db0ab391aab450990fb708f2e906af7547d1752c35638de5633aced3d9d8329809ce27ddafe6fe69482ea96d2671a413ed3b817293bae37fac3c8ded2726b6050cc9ea353abfd1f50e4bbad9fec1a87f5b8b2029b7ab766173c9a83e110841e4f4eca2840db646962982d5e21f324cb76f345031d0f2f815ed6ecc99c05399a437d7d84d67f4a7364d1f0daa5917938c36a33fbd81f53d90bdef5c8908256e1dc447b7c206fdad122febf59f1a7e5d8b7cf7699d93f6eab31b91cf353a9a9e044b7cd2ab3c2fc4e9cb08f247bff52426395a6246068a6219485b61de28e93604ac4956d7deeb0a49737e828799abbbdffc089aab62dce9325cd8808bb38f482db04080f834166f2f824404ee312bb1f27f257fe59f47fd58fb1d5bbb0d9895d9a4ed9c79f8f004b4b4fd1db464f495fc0c512a960ac8c3cbcebb170b439c119541a2f07c654c291ad2d721c085560f0f585ba427e628a6cd03618db1b9a43f17228d484c5503bbeac87041e89940f9f98d71e84bb4eaac5a5fb60018476856bf9979426ffb9f70cfbc3715ebe46db0972ecf94bb180172e1c397938ab9801f8c1ad40c366291aa293ad18d6c1845b00b5f2cd45bde0cc813943cb23b072ee589939f1ae1f66e18fa1ea89915b9b074a4120bddd58da3205780f23867a704317c631c3460d20d354aaf418e4c75479c0b669f14b3955af7df714f872fbc48b09729dbe4be141b63ca6e55c5e4f8fa7dc7ec4b34457be543e1756257e66cd4aa8f654bc167c915b4ba06b25ced3aad752cbe7893f2a49514be7bcdf8620abbfca8528b10ebb987f11431744ec2913c9772b00fd2e9b5be6081d31173915ac937da1a1bfd5eec36b1a6740c6476b8591976e897a98dafd2e92f2597441bc0dbe903c7a55f8832b343f47909233689eb8c33fb1aebd61aef0f2cfc3a243d029a62cd5118f4cf6af9f6713d8e61825c51ff6b074afdb3e1e9032de2e31f9e645a3ab4f7f1b0d2021492f1a66a1ed16d43d644bdf3d0ebe4ee73f668eb4259794354ac8bfa4935da24e97d669e9c918f4a80782fa2d9b6560fadf32a0bda8661d35550431e611bb1326d27bb76ee91ae09c42d8e937988b50ede7f6c3d8b008f86feb934cef6606540cf1efa67aa07db90fae3e9d781d7e22b2efd15689085d660a21176155062edaeee982cfe55921db69bf8a0fd3673c892ca4dfcc20ff241e95a57b3410816f014dde2d5d7ffa4bd0ccba70f9a018ca6d99fbcc3cfc7620f5e32ce648501927db4879e1c434ba90056d7e564e24b6a51068f02af901466d2ab80ddd6eb97412233f9d2042dfaa99311a9cb290540dae811b709e2cb302b368b7911e84f8742c79dc3cb9e24dbb8ef6e53b836d04d65ccbe6ef2a7b6826649b3f37fce0053dc7b65ae203d7ec726b739ea837c10a561374d16ad050a1956119ec6ab4c3bd94c480028e8d4b767e2dc21eeb48d276a3f18895601547da1e5c0839367bca9856fe6cdf8ed27f55334b0f43b10c5029474039598400132df510c1d1d5e001e4853d51765de4e93a505cd627c08a08ad8f5bde58e5fe7b42e01dace4db5c485ab5a9f2c6d3893b2a6f8fcbfa14692e786740c440653552dbe6c79579c20f2d0f1caa25b83967f20bcf21f747af146f887b6379272f36c14b546650d0f3a7075ce04e2421ac086fe52a5936a1e30edb9c54d0f82c5dce377bf5572cafbc3d716642d11a9c83b165741f8844ff261a991cd3715a0ccf952d2309c94d8721b6d9668702900b2e7fbdafd1c51c5f7ee8aa9d67ebb7a82aa5a51abd9c129f73b9c60d0106b3dbe542b668c65b80109dde649ffbb254b2e0bcbe455dc4d06e6d6a63df96c53bb7b0c6b734f1f29a6d8516b8d856a5e5ac461d86a5ecc8815a0b70b1e387ea8ed030eeeadc46e9b9c954d00e9d4ae63831a9fda192a16e922b2bf2711a68a382b0d49d6d655cc1baeebdc494e1e50596dabc9661eb3368feb78e6059957fbc4db62f0caff359a0d644b760874a8e3f5c158a8ff0fa68362b185f116976b7565162a9ff1b1b6c30cf0f5a027b6e99697ac80178286f0949efdb1c171e5c0c561ed759ba4e31c6c623e71fb5de8a30b06a1568c0addb94146b71e66e6bb344afbad4ed94cae8b40f36cbde6fda8f0b986a81362780031cfb7d2a3ceda11fb08a2a55c86c854fb3eeb6ae52040ed4bc8222237a11f6b91b2f13122f22d7d9cb758f916cc30a7ad354a90cf2db6f3a3c62ac2ae22c2fde998d32d169651bf6a00c00c7b01d09f8115f662991cd7a08f7fbbbf9a0808f803d5fd6237d178da261cbe8c6bef47320bf648d7d73fd68150bf139e2c61b778bc164faf16a885debdf52e525ac3cec953742abafc4de8aa0d5b816d2b74239a5031b71ac24b9440d88e0b6bafa73ca41573e5deca368bef9d295ae37602441fc391915aa6ca35d30178b304e523da398fed54403454b90869cd196830dac9635f85c3fe6f64cc5fa345669a47c5acb7cfc8c5c1b8555f7e617bed6e90aafdf1e4e04df2a73e5ccbadd30ba168aa50dab5c539d6138178af6efa8b78724ffe77aa7e09d72ecc36a50a5d71ea5d4df851541602e392cc93fab4b26815f2799e6134320dbcac3cb41f63ccc6ddaaa9fdb00a4b6ecb1b9130383e158b42a6d5537c79423ffdae358db7c0eaad6a13c57e956dcbe707302e2b68955b67dc9827c3ad0e490d3fbe8d7ddffda47a8eaa97e50697e5bd17f072361b390c4ff2b4232e1d85db89db71f75c2118b648946c0a11e7f8fbde4c57c32568ef3c0115fb79b056cafea6a89de1582279c544682d4cd8a9dbdf308d36f00844336ae65ece4b429d600fc8dd2649fe00f42ea87c58fbd9fefd5cfa0f7467e97533a916cf3346c5533b328a5bb2cefccae3d682180e926ca4c4f1d14392cee54652458f8bb8fb31417f54c2fba795674974c0d8010427331ae41cac7bd27ca4d9b010fec876582ba1a2aacd114a8987c835a05fa6ff3f1829b227aecb93a9e5a4c8fa74ea3022ba2f8fc21e0299e5b32b30d0bae7d97f3a5ebb54bd151def12c97fe31cd51b233100585efd09f95d9bb82ffe547ea8d8cf70e248d9dc5d65711196186728a16d85ce9f6b12c3ae4231901c0918cb0484c2bf238c4e12e849a7eb90c475d29c74f225cdf65e062dd0ad5b85adc86cf542abcc5d13c67dd86472a8e18d5360c9e4c594b01b7e5735bccec63961bd31128d0496019acab51b0ee40b6c858bc3e08c962a30a477cc5b08a8b2034f04b6667feadac7210154824eae89e43eba081a52a220365", 0x1000}, {&(0x7f0000003ac0)="81dd8a1f6cf155a64af8324b12ec394f74050add1168e2908dbdd8a8290a80b0be0aecc581f16ab369e231ffb7a686c8576a9f7f934231ef041ed30fd09f01a4609f0759387c49bed8480fd6ff4b998319402951215cc593d37c7f6e4ccb52bdbd144842d26f1dd6a23038485165b329fc68d48506a880456e8374a03a2e00576091174e4ee6ce611c2af2d800a0e363e64de8a6fa5a75bbf9068013c015379ec5875f168d63e3e89a81b1a5fe1a4fd8e34494942b6ed8a5094c8efba056a43850b5644604d6c0bf", 0xc8}, {&(0x7f0000003bc0)="eeb5d8a7d237ec97bc807c28964616440aa9a718b664cbc772ffcb1b519f7ce02749f160ef0df9f707197ee0455002026d6b5d97dc9af45ea71185f28a6e744f2fc7dff76e37388162cd551b57428bff22084c0e790bb313e61a1ffbf0a8204a5cc77ef9ab77f63ca140ff135e5ee7d63764b2e04c42f447364ebcfc63b1d82be91f5feeb43bd04ef46d", 0x8a}], 0x6, 0x0, 0x0, 0x4}, {&(0x7f0000003d00)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000004140)=[{&(0x7f0000003d80)="d5d546ad2daf179310e58862e443e25ba43c24eb5372fe37c8d195e558e00ca2f0395f060fc3b51bba92feeb64ddf535716347ccead422800c02417f9bb40609f253ecab6cc90be7897db6b4f715be31349acd92b62aedeaef6ebd00169311b6c23296439c202df3690ea7c67ea88b484bd6b8e7d8ac8ad30c1c0fb1be410db4468f636ffce16cfae5e966452c0c12787b67cb038328564152ea04cdbf735a6715a42dbe323c9afeb9213b8835295b29970cc0a97bc897dce292056ec56470ef696a5c488222f9bacbbba2539ce278b72fb0eaad00d2c676702881c8", 0xdc}, {&(0x7f0000003e80)="ef5ec4c5e684e4d6c3f59566de30d491a89de557024dec85c3b635195b6e615ed338c0fd7fd76f12059bef59074dc62980bf6a93aeeed7382fc7521ad24de4d5ae96c5866d23a3faf9c68f337114799a11fca70e0c6fd7afc4597c5a995724e126b30dba721ecc356ea5994d2b93a1f7799adc6f", 0x74}, {&(0x7f0000003f00)="f8371bc8a59ec6f886663394d365d316e41cde16e757434207be14562446a7367ecb208554fa25f6146476ec6475c890e7798fedb95a04b6ac18b6c9ad4c10762f12190bc06d497dd28feffa13fd1971019e782f25977e98f82e", 0x5a}, {&(0x7f0000003f80)}, {&(0x7f0000003fc0)="33295e89e0d24f6f85828c0bea1b0922fb7682229bcfc9794f85eaeefab705ad7505f09bd85d86922ea21fb734183310d8339e61c2d36f682f9b46a3ba3f61c63252e17bb25deaf30df0b5c71b16113486ca2de4f4fbefb77b29c37cb615c3bf1f88", 0x62}, {&(0x7f0000004040)="8c104f023f216dc11929e0b5f0756dd1e3a7be8fbc124cf7330c7e9bbed2d683463bbbd66abfd176fec3d4d2f82ccfc563002acb4e06d5b5572b00991798ea17b0c1a20902eb31d0d44f70221d000910cb2cad2d00aa3c69c2d7d1f8502789e254a7e87c3d9c221361048f844cb6f933e7db1752e68ad30a9ae84fac42b2", 0x7e}, {&(0x7f00000040c0)="f99ceffbd99f6ab221", 0x9}, {&(0x7f0000004100)="9af87c3f3bf9a3887621409290c02495e08fd09cee88679ee297942b", 0x1c}], 0x8, &(0x7f0000001200)=ANY=[@ANYBLOB="180000000000000001000000010000007e974f377c34cd3a99335119e7f59b66257b438557a6a65ab3b1891c695676178e96fadf67dac6dbc4fc96511af3af96540080ce764656557475287152d2d300ed12f5", @ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="28000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r21, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x40, 0xd70e8f5ca43f54fb}, {&(0x7f0000004240)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000046c0)=[{&(0x7f00000042c0)="5c5cf5a215be7335ef0fa10ad0e48f85658e7b", 0x13}, {&(0x7f0000004300)="7f257b431a10f1b322d2de0193c5c1d68df425408d346b1f802008a2aa1c3957ccf156dc04e57849daca62f048334754cf40577e873c56f8d2651fa2a99a79dba29a063f517913e31ad720e4b1927c98198539b065a9ed1729807087abefb39f1aaa57c815b2903fe21e11f5", 0x6c}, {&(0x7f0000004380)="d81d46807be580eaff885e3f1bf42182a9e4db5991b636340f08139cf42365be8d6335b0aa0a6bfabda7a3c1ca0ee8d3af93e91b8f7b97e44d", 0x39}, {&(0x7f00000043c0)="eff5f1b45b039f414f6fa8a7c625948969f674ed7a0570bfe1", 0x19}, {&(0x7f0000004400)="533f600854da3e249c6a11d04506ed4a69a104b8acba52f04db3faaf02ef8fd6267dc2508d57df4c840167562b8f69aaea9e2b44ad997014fad425c7ac3c0c2e1d5ba27c3218b8e4ee6f4ec9db04a8084f052cfad51d4960242e948a4fdc7a0f2e87eb71cdf526f83e837abfe9fa93759438feac59b2fe01510b06b7bcffdc9d21417cb7bf05b7001e5cf863ceaf8abc066d8f2418a1a14ec9a68d6b4f94ae", 0x9f}, {&(0x7f00000044c0)="1bbeb1d74808940537ff02a159cbc4892edc70f4d2947ec61ce197ac0292c8dcb4f77d231c12f27768be64ba", 0x2c}, {&(0x7f0000004500)="622c35f8e4db0bc8c3e9c8bfb72e84b780c0c226be41ba5ab5", 0x19}, {&(0x7f0000004540)="95529deb07c14b6c33bd2037efff017f87b1cd42f9ab126a9df68cda9080574122edecfc7d47b2b443ef8da0913858834529232c91c154038a5464ef6cb8fa464feaabdb8ffa894827dfeb85d41f887ea4f0cd4dd0fc3aabc3c0253d690c03833cc3aa44d137380169d584d8e801706bb92fc01108d220a33b1dbcdef16c6d1ad680637aea4108d1c833daea670d55d441c0acc15642a6c5", 0x98}, {&(0x7f0000004600)="ab6d0e5af7f420c52bf2efeb3f2c126046446a467c98c877894af2a4cdf720b1f7f6a335138a7c1b6074d53b30983b3ed2dfebb3b13e8fccf3f836cfa90278b63b57c3dcb20e71b0d703811a0432acc9e342bfbb8cf14360fec1846bdb3f1813bbfcf07a566561d83d67341c29aeda4f3eb24205a5da37affcf4b31c74db", 0x7e}, {&(0x7f0000004680)="db312c2839d99dce314827799611f2fc36a8ceb20200", 0x16}], 0xa, &(0x7f0000004d40)=[@cred={0x20, 0x1, 0x2, r22, r23, r24}, @rights={0x28, 0x1, 0x1, [r1, r1, r1, r1, r1]}, @cred={0x20, 0x1, 0x2, r25, r26, r27}, @rights={0x28, 0x1, 0x1, [r1, r0, r0, r1, r1]}, @rights={0x20, 0x1, 0x1, [r1, r1, r1, r0]}, @rights={0x20, 0x1, 0x1, [r0, r1, r1, r1]}, @cred={0x20, 0x1, 0x2, r28, r29, r30}, @rights={0x38, 0x1, 0x1, [r0, r1, r1, r1, r1, r0, r1, r1, r0, r1]}, @cred={0x20, 0x1, 0x2, r31, r32, r33}], 0x148, 0x8000}, {&(0x7f0000004ec0)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000006280)=[{&(0x7f0000004f40)="d86a6430b45d4ab920e4d1b16deb646037e760b1984747473da4dcd909c7b83d4a504ca0e86fb0f3451a704ad1c410042d8d8f1618489a461ac065e04261e0dfe974a699625446adbfb79d16ff914ef7bfe1d0ece870e425ed20fb78230cfca29311936678bde07808033dea2939e807e26156cb28ba9c0898aaf7e0f8231695dabb88985d41fc5609b0", 0x8a}, {&(0x7f0000005000)="2bc66eaf75fe78c0d744c6c9856f5275b4ffedda58e6a90ddb5fd9bf69b3adf9ba2112a6eba4932ed38128858c6be06610d36f590eb0b72d1c610099c46ffa21b5840472e5e616aed4c1adc5e13a287846e21b8dd58b50e3f39b052dfe78ed", 0x5f}, {&(0x7f0000005080)="1dca158ff0265a3f77935009087ef11f9f9fe0cf6ee130b039e0c075e0fbde5c022e4a82f91c5c2758925e439cff3126422795f97226329083fa", 0x3a}, {&(0x7f00000050c0)="cc70d0d23f976240c30687f7ac4c6302b6cb484d52de1437da577259d70327375e2064a2c6ccbc1f0287629553ce9c12208fda7e33ad77a59a300e9e2a7689ff25d0f86dd728707d3e276f98a5e61951a5d16f3351b27e19d55d8d73f66c9e09bea73f5eabd792589712141a2138f33cf02b852c62c329c1202c8eefd599527360a757af0b26", 0x86}, {&(0x7f0000005180)="9e2778ed51e8544b879aec35b099d5062bf2bd4a84d8b08e80678535f4f9e6f1186d67f01ae66b1c006e30cf11f6789740ceeebda3ffcd2dab12986c97f2db58f7e1db9d2a8615ea2ae53dc0a65dabe799863e77c180c36cc5d5802940ace6c278b25a2fd993968cd785770faf44d84475eeec9c7f1ff6065768f70caa46eab2027b5a2a68ad302584453858400a9f0bef956fc050c1341cc8e47bfceff43a952146250d9db41bab8c7130ed1f51a527", 0xb0}, {&(0x7f0000005240)="3bc0e00cee80e4d1fdc6e394e55f064bc955e572b32edbffd9bf261573c0c9de10de49982b33c2f0a2344355e00ba9eb76d50e", 0x33}, {&(0x7f0000005280)="5f6f9feaa03f8ac107fe31756861cef7aad9072a177a59830b910c15ffd4fb87736ed8cb63acadb9dd4404a035cdc9f1588971c3261eb87c375df61a78e68d705a866060a84c8ad3a17ab1cba9ec70ef1cc75f99f73dc16c771001a632836c853c7f20c79759714bc10204bc3b76eaf0c89723a05ed34c49507bc759c0a0460d2f4c2be6549899ba9679a5cfbb2f73580586f83bfc13212abe5a24c2ad4a4401302fd0aeda27381c7602e56ef53095aba8122f80552255998f324ad4e654a0ca3d9ab9041b9bd0c3a87652f75fed5d2afca76bce331c6ad49e44e05b94533f4f8b8015f73fed788d588538dc4c4fdef9809fabd11957885536c751d6bc2bac9be1fe0b3df412588dbb631b454dd93575e580d341b06dfba9c38e60c6c836fde1183ab4855ec4f2ff1e3ca0ab40755efaad436646a38c1c2bf805b39d451be71b972af9a415d89cd25194ea6a11e585962f02c5be0b80dee26bb48eccece1e0ace0484d8cfcbb67838ca39ef17cccd6dfe5e3d6d0d2be2522e9e97af20d24cb367763845850f8a95375423912de9850d58d96d260da4d7e8bd303e095e9a29b8f5874b7c74cf38cb86a8d49e165ad1771ac43c73c45cc03911457de82987c4580d58e50ef26b2ce3d331670c19567180d8f121be244c782923b5bd081d1f283ea01811f7a7d78f4ae4a8d307ddab34946a7f37722a286d82a8fd3df6345fa80047dc5d7031123f69445cb3612277d5fc863c67a072de94dedae018928e202f4e10256b0c1610212222df7ca21a7d5257ec5ea377a68f2aa51056905f691b2288dd5ac1d266cb8ffdcf5d61592e6dd471ade87cd2de86bb9a87b3d0ac0794e6ce405ceec65fe9542e6e09c29f72dbbd88b85e7736407553f721498b99ec67754494ebeaf3a7c80780266ee89b0c0d71524bfe927aa770974e0b06c5db1f86b08ab5bedf77bac6421200584cf89825992b857b80eae050e5f03c96c337c65d23253f1cd0a5f96b718c493181419f9836d0e17f82eafc373fc1eb9fa6f3161dc74475abbf96f7bde81180be12a8cb1444a8970fabc1b8e9fa2b3096e50ddc71fb57a7578a2524adba34f2d7541d593dba62917ac462c2667bd86c68fa01d66c8489d631dca95a3fdadf66400f9e816402cf0896d24e4ddccd7b0660d525e74e624b0fedbe27768e17f02d63e46524670aba82d817d367ef40e36a446add2bd92792919e9c5c23f40f8750b96825899aec45264d9109dd2f93f06744163f22e2b9df0c63a6dd129f9555dafb544f9132571028db50453c698ac70081a8bcecca7f3ac4eb88e3c8313dbc6749bd66e977e0237ad20ac02fb8b468cd49451bc6a63057201a4440a6a6c91eba7675daf493cb21737c79ddd1ebbd901ae0e0b223dc5b9e5719c517fa76cc67161f20d4ec9b2b102de2c1bd3bdf969551cec76132e4dd4a3fd28c2090f1a570d405250b58ade9161bd3db4e81f4d6cb7a70bf8da51d95b7bb7679c6ddff4a4f09c375135857fd5d8af7e000e5c2590e9513482cadb9a2a2e72a8e8a25cd27b223e978a2d12be2ccca476fd85fe410b0fd5b6a18b4dc674296e05858f5974895301db58d4501d5adcef93f1f2ab8d2ea67794bf645b8e90c6a9159a71a0e41b6dfd3f620ac753a962dbfeb4d5c3d34b5bc7b5acd5ac3bb247aeaadc700bc675a1471dad72ac13c2d1331be577a73dbc56037f5b4fbd036208069985aa983d712729fd8c7e7743ee8b5a74094c5fa9dfa684600523269d8501d5e7011a5d96be40f038becbf952e978cf9947c8891c4c77ddbfa406b9d25d0cefd5a7c838df196fdaeb76f96cc0062c5b0bd7c7176e1d217973cfb688bc32822ec89c4b9f371100d0bb24f15dbee87374e6175fe0dc135deb0c68b211fac62f93a8ee7becde3e9cca7cc1340f26239a282fc47641ff8584908e74524dc738a24446c84760a1903985168b3567f3f08bd6b532acf616fb4fe3a1f9bf9d99bbbef9b92895f0598393a7707dd6a4887f1933cdf9783e7795827b509dd6f1ec04a83ebd761cb643d522990d08f24558e4e0c82ce05a651afc1ae7f5f06b04263ddbbbf8dd25b89fb2c8ed86d7f5fe8155c7e2163658a4d844e6688cf0baaa1434b5c5c7463245b5068f5bc85a194898a012b6da3ac8b30907c65b7c078b73edfe37315dd5cadc64e2c113b42d3b84bc0a0a2d9cd7a3547e6cee032ba7e15c723307d1a0164134a85ac588d62218f23ad4694acca5bb067939c00edbdd62b617a45a0fc666becba74d7550f85a3165c2fca45caf7cac7456335b88418fef82e3ca21c3ea38d391990cc5d7e143ff30de28f6dff92fe794cd5837447df0dd0fc26ea8f3722212a09b06988634d77e3e73716a3cfac885bb8042d5c82a3a5870cfb6f1c21b6f564ab999d319067daf951eb8a81f3c42745ec253abd83b9955b9b98253e54ebb39cfee6efdf540c941895f022c6fadea89b3e6462a5cadeb32838e47fedc7c88d63dc0454125cb97b70e54770fb3799d0a069110ce44079d0654fbdf4ebc934a458e29ab4ee408eeb49f36bf325317d57d0899bbe6406f04eb3ee7c410a4b34770e1c6a595ec8fa91f244bfd8e7cdaec75eb134ede258efa49b6783baa504ce60351c5b929f8cda7d7b5a08f73f3578ff0da181f2b34f4fe1403c2cfec790377b48b8ec50d46ff3afcb08810262d9ab24f42aeba8539a697ccbc626157be7c44cf1fa6cd28f3696f4e9cf736e38f0ad102eeb3f8f1a4eee7e87904a204132b75b564f91c0c51895e497f946ade208692b155d03e2a618e58ca77cdc0fdefe884a315eefbd8c164710148a945580818fab150ca3d529fee0067da441dfce59842dae2377aed9ada8390ba03a87bccd6f5c74ed342c191c2a188a312fcb6cc2996544edbb3a9dc4cfae25f39dba87a9dedb0608a439344d574f2dadc127b2a313c8d1cbb61a86c1864026d94aea627db0beb4825ac0e21dc4a54345900c355c30d322af1a2aaa780a742e1568af2848a149a0c598c15a500591bc5b4d7c1d1c9216b54bdda32df622f82d00dcdfd8951a6cc33f77cc938eee0976ee490e1c643dbe6f89c74435c5cbe8a0791ccab2463374b485867db04d0cc2665405145aaf5c89daa3c2848eafe204dab75a9ffb390d7e90b9754a44ee179e02d49b62dc9595a234a6296150ca58e89a9a0c4a0f61fd019706e264056b24280c3b75138ca2a2a9b4c5762c487776d3eda4baf5af6ad1dfe5b250c4217d433f45f70f46a973c2d4080e8a65cc80f7237a65cbb1cf20f9df416a1878be476a2b39ce18dc1f636d7bc9ece8838d30e17fd52dc09812815baef7463e5be56584be891b4938b23b0b149ab8d67d1d9b89358a8ac68b43cf3cd13c33ac0e7b24487fc3ec0a44785cfd0a3c3b8a8711e94b4f85184e62bd8a6462a040fa31ba2e34d6e69951e71b0d0c18792d98d6859e20e05e26c720cbbb3b9c6f9477b9ad156a57502433b1cf80b668911028160a9aba881c6f5b3459d39e5a3b6c9685d3de813240f7b6223022a456378d1a59ba489de29683d6fe3c77ba89cd204e8cfbca3724bec0af8821c3beeefc03d9619aac501de78f99ae0429c2d194f454807b26e5fe6437d4fc3856b6281f877315ecb761eb288c94f15f12aed8310be1208eb21daea046759ab0477b2b3e3127a48f05677ea5ce13995d9f1e82787dc202827d475f1426fd9ee1a6bf09d26ee507f98d9e805eb393060621977001cee4ff9947b41376ba46235ddd3471bef76e49c34ac27e63619681fe5737f302e064bec4792878ed564ff105c153363e566b80f3306e6ba02183c464dbbbb09ac3ee8ae45a436425ee32fc8d0c9e6e4b89cf1221a799987cb8d35c0a70ca573e29e17276002c76d359eb6840ebfa53a6090fc47bf6c6be331dd78eb74a9f7785bf59bde8a84204d0ef91e3627a362a1384647442b7b2e79dcb8b61ce55487364727199aea76eb661fca3f44d60a3ad855788e3205d3bb0b5ced7c02535d556e194c1c804044564cfc3ef6196e4b4d37e5a7d41eae7aaa838ac80750cad49022210a53d0fb32d63ba1ae1904c0048c357ee9a0a89f94124f3cf1c9d09c38694bc233306854cbcd4776e0a4c89c8f59f8e8c34a170807b2e79327c055457bc85dbd7602c912d660c4c7c3db5f56bc301effb63e1efa5e90d96adee628261604a8c6cb240e677eee786f96a360f7ff0567971310c167d8fddeefc7976cbb9ddcaa1f7884a367a176d74770d5bb9077b0682b8a0f35bc14fa18f21bc98f2b54e9aa4a03ac9e2b0cdad479504f28bc36308952e85ef5c0988a03b98106dae9e0695ce8b3e0199bd1f030bc18d5ae274cdd9838c987c24693f7b15cd30fdd7ebbaef0a1bdd5cb1b19f7cb86bf107e2d99c1ce40bee8c0091e6ebf8a6b21be9517e7203ccd7790c220c5978e824b248cb8c35060b723fd95fc114f353c8e5ba1ee1ddb7ac7f15316ff7b56cc8cb54e3cffb961c3f392fbde737e5611c6f595f28a136ab7fbcb3638e2f1b74eecd2c5ccf72eac7037bff31f89c1bda50159b5503ee3b7fa20df66f36f4fd24844cd009416b32b96174bbde85084dab1a0f605796fff2155e70ca43ca80f688352fd744003b8cc210315b8508f87adf1b090ba2f0fa8de6e767657c743a2d07df22c25a45eb7cf100313e0a512c7ddedb6979ce47840ddc73a97a399f7dbe8e6e94ad6a3d0c522f9d9d6fb933558bbbdf2d97cbbccbfc0374ff0e8c40d012c4f13581e9c23f60f819e05943886fd29a9feab852725121dc4db9c7245296b7cb8a8a14961f7b820668312a20bf099a24f449f317813ef0a7779520e738063311975816466dbc6735309faf626d20ad843488f09ac926dd3aee073d24035bf7a9407e063e13fc2f8128b1a79b0e3657c80563d9c995d1a4fb6c308ba26f6c5626bbf061ab9dc7362a19bc87efa06be8cc412146a38fe62755ec7809f89b697fbba56689395d367e8e4a0fe15acef90a28f44a842f00961764224cd288fb0534f71cc0fe6775f2da895ad9570b5581d0dae631a523ca9067e9a35117b5e938a367490168e9be9dfd8f1d8fcff7c96d6cab07e550673807ae49b7d7d3d9c0a0da02c93ae69f46b35eb4a4785adfcbf26f34819a2837285cd40132d3c31a1135b7679f82767bc58ae640522d15d0bcf2c24febe838b29cb53a1d4479dae74fb2156bb25f3c67d56ac27d3ff3b99a26a32bf042952ff2015cc683128d515101d9e919854c7bda26d60ae9297a07cf0aef449e6b6c5757bc95ffec6891bdd9a757af3ffcb7ac9555dad7a07dac19eb73745fa9ff91ba708d7b8ee2992eedf7e765c8b1979615069f2602569f0c25f13070ca8c1afec5b1ea83e1ee3b0d637f79ea7de8f6209743a1eb5d1ae0217ecb2506df951ca8160245b1628c9751388e0052b66517c63af69f0d49d95e5f2facbe36e3cd76a9690fd9a0b34bffe7d39a78cff5a1cadf395092c4c9be8b035cecc24b7fe51bc4ddd799c4aa462c19e4df09f90a3e5743e46e12a54de43260de14368f1482d10940bdffc35769f9dc66a55e6b8130d4894265cefed4c7baa4230e3cdb7df4994a1ae933d17e377c4e800a6a39782d25c47ee2316244d0636bd0e9c0d47479043daefe2b48a25892f09e6a65c2badf288ff276d34e9c682d82c27ce3418ca389efdf3dd446825f35ae9341f1a685f6f205e8183ce4a0bf7248915b2884fa0d4a9820de2d7c50e05ddc30294d382a0b0a113cd9be0a151aafd2a861b5d1a2735cdffa3d2546e6b95b6bd3de277b2d8b858e43b", 0x1000}], 0x7, &(0x7f00000066c0)=[@cred={0x20, 0x1, 0x2, r34, r35, r36}, @cred={0x20, 0x1, 0x2, r37, r38, r39}, @rights={0x20, 0x1, 0x1, [r40, r0, r0]}, @rights={0x28, 0x1, 0x1, [r1, r0, r1, r1, r1]}, @rights={0x18, 0x1, 0x1, [r1, r1]}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r1, r1, r0, r0, r1]}], 0xd0, 0x1}], 0x7, 0x20000000) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:34 executing program 6 (fault-call:7 fault-nth:54): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:34 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 653.415894] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000035 02:46:34 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf0ffffffffffff}}], 0x1, 0x0) 02:46:34 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:34 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffffff87e00000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:34 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x96f, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:34 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="3970ff", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 653.730916] FAULT_INJECTION: forcing a failure. [ 653.730916] name failslab, interval 1, probability 0, space 0, times 0 [ 653.742299] CPU: 0 PID: 8118 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 653.750612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 653.759955] Call Trace: [ 653.762542] dump_stack+0x1c9/0x2b4 [ 653.766169] ? dump_stack_print_info.cold.2+0x52/0x52 [ 653.771355] ? __kernel_text_address+0xd/0x40 [ 653.775841] ? unwind_get_return_address+0x61/0xa0 [ 653.780767] should_fail.cold.4+0xa/0x11 [ 653.784826] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 653.789928] ? save_stack+0xa9/0xd0 [ 653.793551] ? save_stack+0x43/0xd0 [ 653.797173] ? kasan_kmalloc+0xc4/0xe0 [ 653.801053] ? kmem_cache_alloc_trace+0x152/0x780 [ 653.805888] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 653.811071] ? __list_lru_init+0x4d6/0x840 [ 653.815299] ? alloc_super+0x976/0xb10 [ 653.819178] ? sget+0x10b/0x150 [ 653.822452] ? v9fs_mount+0xe2/0x900 [ 653.826161] ? legacy_get_tree+0x118/0x440 [ 653.830394] ? vfs_get_tree+0x1cb/0x5c0 [ 653.834364] ? do_mount+0x6c1/0x1fb0 [ 653.838073] ? ksys_mount+0x12d/0x140 [ 653.841867] ? __x64_sys_mount+0xbe/0x150 [ 653.846010] ? do_syscall_64+0x1b9/0x820 [ 653.850064] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 653.855428] ? save_stack+0xa9/0xd0 [ 653.859067] ? lock_acquire+0x1e4/0x540 [ 653.863037] ? fs_reclaim_acquire+0x20/0x20 [ 653.867354] ? lock_downgrade+0x8f0/0x8f0 [ 653.871496] ? ksys_mount+0x12d/0x140 [ 653.875310] ? check_same_owner+0x340/0x340 [ 653.879628] ? rcu_note_context_switch+0x730/0x730 [ 653.884553] __should_failslab+0x124/0x180 [ 653.888786] should_failslab+0x9/0x14 [ 653.892581] kmem_cache_alloc_trace+0x2cb/0x780 [ 653.897242] ? kasan_kmalloc+0xc4/0xe0 [ 653.901128] __memcg_init_list_lru_node+0x185/0x2d0 [ 653.906143] ? kvfree_rcu+0x20/0x20 [ 653.909765] ? __kmalloc_node+0x47/0x70 [ 653.913733] __list_lru_init+0x4d6/0x840 [ 653.917785] ? up_write+0x7b/0x220 [ 653.921318] ? list_lru_destroy+0x500/0x500 [ 653.925633] ? prealloc_shrinker+0x124/0x450 [ 653.930038] ? prealloc_shrinker+0x21c/0x450 [ 653.934441] ? inactive_list_is_low+0x850/0x850 [ 653.939104] ? __lockdep_init_map+0x105/0x590 [ 653.943594] alloc_super+0x976/0xb10 [ 653.947321] ? destroy_unused_super.part.11+0x110/0x110 [ 653.952694] ? lock_downgrade+0x8f0/0x8f0 [ 653.956834] ? lock_acquire+0x1e4/0x540 [ 653.960816] ? kasan_check_read+0x11/0x20 [ 653.964958] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 653.969538] ? kasan_check_write+0x14/0x20 [ 653.973765] ? do_raw_spin_lock+0xc1/0x200 [ 653.977997] sget_userns+0x276/0x860 [ 653.981704] ? v9fs_kill_super+0xa0/0xa0 [ 653.985761] ? vfs_get_super+0x270/0x270 [ 653.989834] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 653.995364] ? ns_capable_common+0x13f/0x170 [ 653.999770] ? v9fs_kill_super+0xa0/0xa0 [ 654.003827] sget+0x10b/0x150 [ 654.006930] v9fs_mount+0xe2/0x900 [ 654.010468] ? v9fs_drop_inode+0x150/0x150 [ 654.014694] legacy_get_tree+0x118/0x440 [ 654.018752] vfs_get_tree+0x1cb/0x5c0 [ 654.022547] do_mount+0x6c1/0x1fb0 [ 654.026082] ? copy_mount_string+0x40/0x40 [ 654.030310] ? retint_kernel+0x10/0x10 [ 654.034195] ? copy_mount_options+0x1e3/0x380 [ 654.038688] ? write_comp_data+0x6d/0x70 [ 654.042746] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 654.048277] ? copy_mount_options+0x285/0x380 [ 654.052769] ksys_mount+0x12d/0x140 [ 654.056394] __x64_sys_mount+0xbe/0x150 [ 654.060363] do_syscall_64+0x1b9/0x820 [ 654.064245] ? finish_task_switch+0x1d3/0x870 [ 654.068736] ? syscall_return_slowpath+0x5e0/0x5e0 [ 654.073659] ? syscall_return_slowpath+0x31d/0x5e0 [ 654.078583] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 654.083598] ? prepare_exit_to_usermode+0x291/0x3b0 [ 654.088611] ? perf_trace_sys_enter+0xb10/0xb10 [ 654.093275] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 654.098117] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 654.103298] RIP: 0033:0x455e29 [ 654.106471] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:46:35 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:35 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:35 executing program 6 (fault-call:7 fault-nth:55): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:35 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1000000}}], 0x1, 0x0) [ 654.125735] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 654.133439] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 654.140701] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 654.147963] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 654.155226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 654.162485] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000036 02:46:35 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r2 = memfd_create(&(0x7f0000000080)='em1\x00', 0x1) fstat(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r2, &(0x7f00000002c0)='./file0\x00', r3, r4, 0x1000) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:35 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:35 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1b010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:35 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff07000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:35 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x9000000}}], 0x1, 0x0) 02:46:35 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 654.459169] FAULT_INJECTION: forcing a failure. [ 654.459169] name failslab, interval 1, probability 0, space 0, times 0 [ 654.470465] CPU: 1 PID: 8144 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 654.478779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 654.488125] Call Trace: [ 654.490710] dump_stack+0x1c9/0x2b4 [ 654.494334] ? dump_stack_print_info.cold.2+0x52/0x52 [ 654.499519] ? __kernel_text_address+0xd/0x40 [ 654.504007] ? unwind_get_return_address+0x61/0xa0 [ 654.508935] should_fail.cold.4+0xa/0x11 [ 654.512991] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 654.518089] ? save_stack+0xa9/0xd0 [ 654.521715] ? save_stack+0x43/0xd0 [ 654.525346] ? kasan_kmalloc+0xc4/0xe0 [ 654.529225] ? kmem_cache_alloc_trace+0x152/0x780 [ 654.534063] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 654.539244] ? __list_lru_init+0x4d6/0x840 [ 654.543473] ? alloc_super+0x9a6/0xb10 [ 654.547353] ? sget+0x10b/0x150 [ 654.550625] ? v9fs_mount+0xe2/0x900 [ 654.554330] ? legacy_get_tree+0x118/0x440 [ 654.558560] ? vfs_get_tree+0x1cb/0x5c0 [ 654.562543] ? do_mount+0x6c1/0x1fb0 [ 654.566275] ? ksys_mount+0x12d/0x140 [ 654.570072] ? __x64_sys_mount+0xbe/0x150 [ 654.574217] ? do_syscall_64+0x1b9/0x820 [ 654.578275] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 654.583698] ? save_stack+0xa9/0xd0 [ 654.587324] ? lock_acquire+0x1e4/0x540 [ 654.591292] ? fs_reclaim_acquire+0x20/0x20 [ 654.595608] ? lock_downgrade+0x8f0/0x8f0 [ 654.599749] ? ksys_mount+0x12d/0x140 [ 654.603551] ? check_same_owner+0x340/0x340 [ 654.607867] ? rcu_note_context_switch+0x730/0x730 [ 654.612792] __should_failslab+0x124/0x180 [ 654.617028] should_failslab+0x9/0x14 [ 654.620831] kmem_cache_alloc_trace+0x2cb/0x780 [ 654.625495] ? kasan_kmalloc+0xc4/0xe0 [ 654.629382] __memcg_init_list_lru_node+0x185/0x2d0 [ 654.634393] ? kvfree_rcu+0x20/0x20 [ 654.638016] ? __kmalloc_node+0x47/0x70 [ 654.641985] __list_lru_init+0x4d6/0x840 [ 654.646036] ? up_write+0x7b/0x220 [ 654.649570] ? list_lru_destroy+0x500/0x500 [ 654.653884] ? prealloc_shrinker+0x124/0x450 [ 654.658285] ? prealloc_shrinker+0x21c/0x450 [ 654.662698] ? inactive_list_is_low+0x850/0x850 [ 654.667365] ? __lockdep_init_map+0x105/0x590 [ 654.671863] alloc_super+0x9a6/0xb10 [ 654.675574] ? destroy_unused_super.part.11+0x110/0x110 [ 654.680933] ? lock_downgrade+0x8f0/0x8f0 [ 654.685075] ? lock_acquire+0x1e4/0x540 [ 654.689046] ? kasan_check_read+0x11/0x20 [ 654.693186] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 654.697766] ? kasan_check_write+0x14/0x20 [ 654.701997] ? do_raw_spin_lock+0xc1/0x200 [ 654.706229] sget_userns+0x276/0x860 [ 654.709935] ? v9fs_kill_super+0xa0/0xa0 [ 654.713994] ? vfs_get_super+0x270/0x270 [ 654.718068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 654.723601] ? ns_capable_common+0x13f/0x170 [ 654.728004] ? v9fs_kill_super+0xa0/0xa0 [ 654.732062] sget+0x10b/0x150 [ 654.735163] v9fs_mount+0xe2/0x900 [ 654.738699] ? v9fs_drop_inode+0x150/0x150 [ 654.742928] legacy_get_tree+0x118/0x440 [ 654.746986] vfs_get_tree+0x1cb/0x5c0 [ 654.750781] do_mount+0x6c1/0x1fb0 [ 654.754321] ? kasan_check_read+0x11/0x20 [ 654.758467] ? do_raw_spin_unlock+0xa7/0x2f0 [ 654.762874] ? copy_mount_string+0x40/0x40 [ 654.767102] ? retint_kernel+0x10/0x10 [ 654.770986] ? copy_mount_options+0x1f0/0x380 [ 654.775477] ? copy_mount_options+0x1fa/0x380 [ 654.779966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 654.785495] ? copy_mount_options+0x285/0x380 [ 654.789989] ksys_mount+0x12d/0x140 [ 654.793609] __x64_sys_mount+0xbe/0x150 [ 654.797582] do_syscall_64+0x1b9/0x820 [ 654.801462] ? finish_task_switch+0x1d3/0x870 [ 654.805951] ? syscall_return_slowpath+0x5e0/0x5e0 [ 654.810872] ? syscall_return_slowpath+0x31d/0x5e0 [ 654.815969] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 654.820980] ? prepare_exit_to_usermode+0x291/0x3b0 [ 654.825991] ? perf_trace_sys_enter+0xb10/0xb10 [ 654.830652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 654.835491] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 654.840673] RIP: 0033:0x455e29 02:46:35 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:36 executing program 6 (fault-call:7 fault-nth:56): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 654.843846] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 654.863111] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 654.870901] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 654.878165] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 654.885425] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 654.892689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 654.899948] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000037 02:46:36 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',vfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x3, 0x4002) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r2, 0x3) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:36 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:36 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:36 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x7}}], 0x1, 0x0) 02:46:36 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x7000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:36 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4000000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:36 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 655.094774] FAULT_INJECTION: forcing a failure. [ 655.094774] name failslab, interval 1, probability 0, space 0, times 0 [ 655.106137] CPU: 0 PID: 8171 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 655.114453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 655.123799] Call Trace: [ 655.126389] dump_stack+0x1c9/0x2b4 [ 655.130023] ? dump_stack_print_info.cold.2+0x52/0x52 [ 655.135212] should_fail.cold.4+0xa/0x11 [ 655.139270] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 655.144394] ? is_bpf_text_address+0xd7/0x170 [ 655.148890] ? kernel_text_address+0x79/0xf0 [ 655.153299] ? __kernel_text_address+0xd/0x40 [ 655.157789] ? unwind_get_return_address+0x61/0xa0 [ 655.162731] ? __save_stack_trace+0x8d/0xf0 [ 655.167057] ? save_stack+0xa9/0xd0 [ 655.170685] ? lock_acquire+0x1e4/0x540 [ 655.174652] ? fs_reclaim_acquire+0x20/0x20 [ 655.178968] ? lock_downgrade+0x8f0/0x8f0 [ 655.183109] ? ksys_mount+0x12d/0x140 [ 655.186932] ? check_same_owner+0x340/0x340 [ 655.191251] ? rcu_note_context_switch+0x730/0x730 [ 655.196182] __should_failslab+0x124/0x180 [ 655.200417] should_failslab+0x9/0x14 [ 655.204214] kmem_cache_alloc_trace+0x2cb/0x780 [ 655.208878] ? kasan_kmalloc+0xc4/0xe0 [ 655.212770] __memcg_init_list_lru_node+0x185/0x2d0 [ 655.217778] ? kvfree_rcu+0x20/0x20 [ 655.221398] ? __kmalloc_node+0x47/0x70 [ 655.225374] __list_lru_init+0x4d6/0x840 [ 655.229430] ? up_write+0x7b/0x220 [ 655.232967] ? list_lru_destroy+0x500/0x500 [ 655.237297] ? prealloc_shrinker+0x124/0x450 [ 655.241701] ? prealloc_shrinker+0x21c/0x450 [ 655.246103] ? inactive_list_is_low+0x850/0x850 [ 655.250768] ? __lockdep_init_map+0x105/0x590 [ 655.255283] alloc_super+0x9a6/0xb10 [ 655.258997] ? destroy_unused_super.part.11+0x110/0x110 [ 655.264358] ? lock_downgrade+0x8f0/0x8f0 [ 655.268503] ? lock_acquire+0x1e4/0x540 [ 655.272480] ? kasan_check_read+0x11/0x20 [ 655.276621] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 655.281200] ? kasan_check_write+0x14/0x20 [ 655.285427] ? do_raw_spin_lock+0xc1/0x200 [ 655.289658] sget_userns+0x276/0x860 [ 655.293366] ? v9fs_kill_super+0xa0/0xa0 [ 655.297424] ? vfs_get_super+0x270/0x270 [ 655.301497] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 655.307026] ? ns_capable_common+0x13f/0x170 [ 655.311432] ? v9fs_kill_super+0xa0/0xa0 [ 655.315487] sget+0x10b/0x150 [ 655.318589] v9fs_mount+0xe2/0x900 [ 655.322124] ? v9fs_drop_inode+0x150/0x150 [ 655.326352] legacy_get_tree+0x118/0x440 [ 655.330410] vfs_get_tree+0x1cb/0x5c0 [ 655.334205] do_mount+0x6c1/0x1fb0 [ 655.337738] ? check_same_owner+0x340/0x340 [ 655.342053] ? lock_release+0xa30/0xa30 [ 655.346023] ? copy_mount_string+0x40/0x40 [ 655.350255] ? kasan_kmalloc+0xc4/0xe0 [ 655.354144] ? kmem_cache_alloc_trace+0x318/0x780 [ 655.358984] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 655.364513] ? _copy_from_user+0xdf/0x150 [ 655.368657] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 655.374189] ? copy_mount_options+0x285/0x380 [ 655.378680] ksys_mount+0x12d/0x140 [ 655.382303] __x64_sys_mount+0xbe/0x150 [ 655.386278] do_syscall_64+0x1b9/0x820 [ 655.390173] ? syscall_slow_exit_work+0x500/0x500 [ 655.395013] ? syscall_return_slowpath+0x5e0/0x5e0 [ 655.399938] ? syscall_return_slowpath+0x31d/0x5e0 [ 655.405618] ? prepare_exit_to_usermode+0x291/0x3b0 [ 655.410630] ? perf_trace_sys_enter+0xb10/0xb10 [ 655.415294] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 655.420132] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 655.425311] RIP: 0033:0x455e29 02:46:36 executing program 6 (fault-call:7 fault-nth:57): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 655.428490] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 655.447755] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 655.455459] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 655.462730] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 655.469991] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 655.477277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 655.484538] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000038 02:46:36 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 655.599538] 9pnet: Insufficient options for proto=fd 02:46:36 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 655.626624] 9pnet: Insufficient options for proto=fd 02:46:36 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x4}}], 0x1, 0x0) 02:46:36 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) listxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)=""/106, 0x6a) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7472616e733d66642c72c61e21e43d", @ANYRESHEX=r0, @ANYBLOB="2c77663d060400f42e64c9311168e2f74b", @ANYRESHEX=r1, @ANYBLOB="f600"]) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f0000000a00)=""/4096, &(0x7f0000000480)=0x1000) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="7472796e734d580008c2d02f8b748ede87e100004cf9a1ab5d5bd89bf00000", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000800)='/dev/vga_arbiter\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffff9c, 0x84, 0x75, &(0x7f00000008c0)={0x0, 0x2}, &(0x7f0000000940)=0x8) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000980)={r4, 0x8}, &(0x7f00000009c0)=0x8) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:36 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:36 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 655.806844] FAULT_INJECTION: forcing a failure. [ 655.806844] name failslab, interval 1, probability 0, space 0, times 0 [ 655.818217] CPU: 1 PID: 8191 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 655.826529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 655.835873] Call Trace: [ 655.838465] dump_stack+0x1c9/0x2b4 [ 655.842093] ? dump_stack_print_info.cold.2+0x52/0x52 [ 655.847285] should_fail.cold.4+0xa/0x11 [ 655.851348] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 655.856448] ? is_bpf_text_address+0xd7/0x170 [ 655.860943] ? kernel_text_address+0x79/0xf0 [ 655.865347] ? __kernel_text_address+0xd/0x40 [ 655.869840] ? unwind_get_return_address+0x61/0xa0 [ 655.874767] ? __save_stack_trace+0x8d/0xf0 [ 655.879094] ? save_stack+0xa9/0xd0 [ 655.882727] ? lock_acquire+0x1e4/0x540 [ 655.886700] ? fs_reclaim_acquire+0x20/0x20 [ 655.891020] ? lock_downgrade+0x8f0/0x8f0 [ 655.895163] ? ksys_mount+0x12d/0x140 [ 655.898964] ? check_same_owner+0x340/0x340 [ 655.903280] ? rcu_note_context_switch+0x730/0x730 [ 655.908209] __should_failslab+0x124/0x180 [ 655.912442] should_failslab+0x9/0x14 [ 655.916238] kmem_cache_alloc_trace+0x2cb/0x780 [ 655.920906] ? kasan_kmalloc+0xc4/0xe0 [ 655.924795] __memcg_init_list_lru_node+0x185/0x2d0 [ 655.929808] ? kvfree_rcu+0x20/0x20 [ 655.933433] ? __kmalloc_node+0x47/0x70 [ 655.937402] __list_lru_init+0x4d6/0x840 [ 655.941456] ? up_write+0x7b/0x220 [ 655.944993] ? list_lru_destroy+0x500/0x500 [ 655.949312] ? prealloc_shrinker+0x124/0x450 [ 655.953719] ? prealloc_shrinker+0x21c/0x450 [ 655.958126] ? inactive_list_is_low+0x850/0x850 [ 655.962793] ? __lockdep_init_map+0x105/0x590 [ 655.967286] alloc_super+0x9a6/0xb10 [ 655.971000] ? destroy_unused_super.part.11+0x110/0x110 [ 655.976362] ? lock_downgrade+0x8f0/0x8f0 [ 655.980506] ? lock_acquire+0x1e4/0x540 [ 655.984479] ? kasan_check_read+0x11/0x20 [ 655.988624] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 655.993205] ? kasan_check_write+0x14/0x20 [ 655.997432] ? do_raw_spin_lock+0xc1/0x200 [ 656.001664] sget_userns+0x276/0x860 [ 656.005376] ? v9fs_kill_super+0xa0/0xa0 [ 656.009433] ? vfs_get_super+0x270/0x270 [ 656.013506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 656.019039] ? ns_capable_common+0x13f/0x170 [ 656.023447] ? v9fs_kill_super+0xa0/0xa0 [ 656.027506] sget+0x10b/0x150 [ 656.030612] v9fs_mount+0xe2/0x900 [ 656.034150] ? v9fs_drop_inode+0x150/0x150 [ 656.038378] legacy_get_tree+0x118/0x440 [ 656.042435] vfs_get_tree+0x1cb/0x5c0 [ 656.046231] do_mount+0x6c1/0x1fb0 [ 656.049771] ? kasan_check_write+0x14/0x20 [ 656.054001] ? copy_mount_string+0x40/0x40 [ 656.058229] ? kasan_kmalloc+0xc4/0xe0 [ 656.062116] ? kmem_cache_alloc_trace+0x318/0x780 [ 656.066957] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 656.072494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 656.078029] ? copy_mount_options+0x285/0x380 [ 656.082520] ksys_mount+0x12d/0x140 [ 656.086143] __x64_sys_mount+0xbe/0x150 [ 656.090114] do_syscall_64+0x1b9/0x820 [ 656.093999] ? finish_task_switch+0x1d3/0x870 [ 656.098491] ? syscall_return_slowpath+0x5e0/0x5e0 [ 656.103419] ? syscall_return_slowpath+0x31d/0x5e0 [ 656.108344] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 656.113363] ? prepare_exit_to_usermode+0x291/0x3b0 [ 656.118375] ? perf_trace_sys_enter+0xb10/0xb10 [ 656.123040] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 656.127879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 656.133059] RIP: 0033:0x455e29 [ 656.136235] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 656.155501] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 656.163205] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 656.170468] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 656.177731] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 656.184996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 656.192259] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000039 02:46:37 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:37 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4e19010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:37 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:37 executing program 6 (fault-call:7 fault-nth:58): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 656.222704] 9pnet: Insufficient options for proto=fd [ 656.234696] 9pnet_virtio: no channels available for device (null) 02:46:37 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x40030000000000}}], 0x1, 0x0) 02:46:37 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:37 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) flistxattr(r0, &(0x7f0000000940)=""/4096, 0x1000) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{0x0, 0x0, 0x4}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{0xfffffffffffffffc}, 0x0, 0x0, 0x7, './file0'}, {{0x0, 0x1}, 0x20, 0x4, 0x1, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 656.264432] 9pnet: Insufficient options for proto=fd [ 656.281521] 9pnet_virtio: no channels available for device (null) 02:46:37 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xa, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:37 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xffffff7f00000000}}], 0x1, 0x0) 02:46:37 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:37 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 656.429287] FAULT_INJECTION: forcing a failure. [ 656.429287] name failslab, interval 1, probability 0, space 0, times 0 [ 656.440691] CPU: 1 PID: 8223 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 656.449006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 656.458365] Call Trace: [ 656.460963] dump_stack+0x1c9/0x2b4 [ 656.464596] ? dump_stack_print_info.cold.2+0x52/0x52 [ 656.469792] ? __kernel_text_address+0xd/0x40 [ 656.474286] ? unwind_get_return_address+0x61/0xa0 [ 656.479221] should_fail.cold.4+0xa/0x11 [ 656.483281] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 656.488383] ? save_stack+0xa9/0xd0 [ 656.492009] ? save_stack+0x43/0xd0 [ 656.495629] ? kasan_kmalloc+0xc4/0xe0 [ 656.499516] ? kmem_cache_alloc_trace+0x152/0x780 [ 656.504412] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 656.509596] ? __list_lru_init+0x4d6/0x840 [ 656.513828] ? alloc_super+0x9a6/0xb10 [ 656.517720] ? sget+0x10b/0x150 [ 656.520997] ? v9fs_mount+0xe2/0x900 [ 656.524708] ? legacy_get_tree+0x118/0x440 [ 656.528941] ? vfs_get_tree+0x1cb/0x5c0 [ 656.532910] ? do_mount+0x6c1/0x1fb0 [ 656.536639] ? ksys_mount+0x12d/0x140 [ 656.540452] ? __x64_sys_mount+0xbe/0x150 [ 656.544597] ? do_syscall_64+0x1b9/0x820 [ 656.548744] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 656.554124] ? save_stack+0xa9/0xd0 [ 656.557755] ? lock_acquire+0x1e4/0x540 [ 656.561726] ? fs_reclaim_acquire+0x20/0x20 [ 656.566046] ? lock_downgrade+0x8f0/0x8f0 [ 656.570190] ? ksys_mount+0x12d/0x140 [ 656.573991] ? check_same_owner+0x340/0x340 [ 656.578307] ? rcu_note_context_switch+0x730/0x730 [ 656.583237] __should_failslab+0x124/0x180 [ 656.587469] should_failslab+0x9/0x14 [ 656.591272] kmem_cache_alloc_trace+0x2cb/0x780 [ 656.595937] ? kasan_kmalloc+0xc4/0xe0 [ 656.599828] __memcg_init_list_lru_node+0x185/0x2d0 [ 656.604841] ? kvfree_rcu+0x20/0x20 [ 656.608465] ? __kmalloc_node+0x47/0x70 [ 656.612435] __list_lru_init+0x4d6/0x840 [ 656.616488] ? up_write+0x7b/0x220 [ 656.620022] ? list_lru_destroy+0x500/0x500 [ 656.624343] ? prealloc_shrinker+0x124/0x450 02:46:37 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 656.628746] ? prealloc_shrinker+0x21c/0x450 [ 656.633157] ? inactive_list_is_low+0x850/0x850 [ 656.637834] ? __lockdep_init_map+0x105/0x590 [ 656.642626] alloc_super+0x9a6/0xb10 [ 656.646384] ? destroy_unused_super.part.11+0x110/0x110 [ 656.651756] ? lock_downgrade+0x8f0/0x8f0 [ 656.655913] ? lock_acquire+0x1e4/0x540 [ 656.659909] ? kasan_check_read+0x11/0x20 [ 656.664083] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 656.668672] ? kasan_check_write+0x14/0x20 [ 656.672913] ? do_raw_spin_lock+0xc1/0x200 [ 656.677159] sget_userns+0x276/0x860 [ 656.680875] ? v9fs_kill_super+0xa0/0xa0 [ 656.684941] ? vfs_get_super+0x270/0x270 [ 656.689021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 656.694565] ? ns_capable_common+0x13f/0x170 [ 656.698978] ? v9fs_kill_super+0xa0/0xa0 [ 656.703043] sget+0x10b/0x150 [ 656.706157] v9fs_mount+0xe2/0x900 [ 656.709704] ? v9fs_drop_inode+0x150/0x150 [ 656.713941] legacy_get_tree+0x118/0x440 [ 656.718008] vfs_get_tree+0x1cb/0x5c0 [ 656.721813] do_mount+0x6c1/0x1fb0 [ 656.725353] ? check_same_owner+0x340/0x340 [ 656.729677] ? lock_release+0xa30/0xa30 [ 656.733661] ? copy_mount_string+0x40/0x40 [ 656.737906] ? kasan_kmalloc+0xc4/0xe0 [ 656.741801] ? kmem_cache_alloc_trace+0x318/0x780 [ 656.746656] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 656.752192] ? _copy_from_user+0xdf/0x150 [ 656.756344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 656.761891] ? copy_mount_options+0x285/0x380 [ 656.766396] ksys_mount+0x12d/0x140 [ 656.770031] __x64_sys_mount+0xbe/0x150 [ 656.774015] do_syscall_64+0x1b9/0x820 02:46:37 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x6, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 656.777904] ? finish_task_switch+0x1d3/0x870 [ 656.782406] ? syscall_return_slowpath+0x5e0/0x5e0 [ 656.787347] ? syscall_return_slowpath+0x31d/0x5e0 [ 656.792301] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 656.797330] ? prepare_exit_to_usermode+0x291/0x3b0 [ 656.802354] ? perf_trace_sys_enter+0xb10/0xb10 [ 656.807029] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 656.811884] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 656.817074] RIP: 0033:0x455e29 02:46:37 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:37 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 656.820258] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 656.839527] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 656.847242] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 656.854514] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 656.861786] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 656.869059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:37 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000480)={{{@in=@broadcast, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@loopback}}, &(0x7f0000000080)=0xe8) getresgid(&(0x7f00000002c0)=0x0, &(0x7f0000000300), &(0x7f0000000380)) fchown(r1, r2, r3) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 656.876331] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000003a 02:46:38 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:38 executing program 6 (fault-call:7 fault-nth:59): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:38 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf71a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:38 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:38 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x2000000000000000}}], 0x1, 0x0) 02:46:38 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970e1", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:38 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="3970c0", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 657.102410] FS-Cache: Duplicate cookie detected [ 657.102574] FAULT_INJECTION: forcing a failure. [ 657.102574] name failslab, interval 1, probability 0, space 0, times 0 [ 657.107175] FS-Cache: O-cookie c=00000000dd5133e3 [p=000000002649bb4d fl=222 nc=0 na=1] [ 657.107193] FS-Cache: O-cookie d=00000000d5b355fb n=000000005f44850d [ 657.118398] CPU: 0 PID: 8269 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 657.118412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 657.126568] FS-Cache: O-key=[10] ' [ 657.133012] Call Trace: [ 657.133039] dump_stack+0x1c9/0x2b4 [ 657.133063] ? dump_stack_print_info.cold.2+0x52/0x52 [ 657.141434] 34 [ 657.150691] ? __kernel_text_address+0xd/0x40 [ 657.150703] ? unwind_get_return_address+0x61/0xa0 [ 657.150721] should_fail.cold.4+0xa/0x11 [ 657.154243] 32 [ 657.156804] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 657.156823] ? save_stack+0xa9/0xd0 [ 657.160426] 39 [ 657.165587] ? save_stack+0x43/0xd0 [ 657.165599] ? kasan_kmalloc+0xc4/0xe0 [ 657.165609] ? kmem_cache_alloc_trace+0x152/0x780 [ 657.165627] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 657.167408] 35 [ 657.171876] ? __list_lru_init+0x4d6/0x840 [ 657.171887] ? alloc_super+0x9a6/0xb10 [ 657.171903] ? sget+0x10b/0x150 [ 657.176811] 33 [ 657.180840] ? v9fs_mount+0xe2/0x900 [ 657.180852] ? legacy_get_tree+0x118/0x440 [ 657.180868] ? vfs_get_tree+0x1cb/0x5c0 [ 657.182647] 32 [ 657.187723] ? do_mount+0x6c1/0x1fb0 [ 657.187734] ? ksys_mount+0x12d/0x140 [ 657.187751] ? __x64_sys_mount+0xbe/0x150 [ 657.191353] 34 [ 657.193128] ? do_syscall_64+0x1b9/0x820 [ 657.193141] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 657.193159] ? save_stack+0xa9/0xd0 [ 657.196763] 33 [ 657.200625] ? lock_acquire+0x1e4/0x540 [ 657.200641] ? fs_reclaim_acquire+0x20/0x20 [ 657.205536] 39 [ 657.210671] ? lock_downgrade+0x8f0/0x8f0 [ 657.210682] ? ksys_mount+0x12d/0x140 [ 657.210699] ? check_same_owner+0x340/0x340 [ 657.212479] 38 [ 657.216687] ? rcu_note_context_switch+0x730/0x730 [ 657.216707] __should_failslab+0x124/0x180 [ 657.220572] ' [ 657.223827] should_failslab+0x9/0x14 [ 657.223844] kmem_cache_alloc_trace+0x2cb/0x780 [ 657.225640] FS-Cache: N-cookie c=0000000017058ce3 [p=000000002649bb4d fl=2 nc=0 na=1] [ 657.229316] ? kasan_kmalloc+0xc4/0xe0 [ 657.229337] __memcg_init_list_lru_node+0x185/0x2d0 [ 657.233555] FS-Cache: N-cookie d=00000000d5b355fb n=00000000758a25c4 [ 657.237503] ? kvfree_rcu+0x20/0x20 [ 657.237518] ? __kmalloc_node+0x47/0x70 [ 657.237535] __list_lru_init+0x4d6/0x840 [ 657.239389] FS-Cache: N-key=[10] ' [ 657.243072] ? up_write+0x7b/0x220 [ 657.243091] ? list_lru_destroy+0x500/0x500 [ 657.246870] 34 [ 657.250991] ? prealloc_shrinker+0x124/0x450 [ 657.251009] ? prealloc_shrinker+0x21c/0x450 [ 657.252794] 32 [ 657.256840] ? inactive_list_is_low+0x850/0x850 [ 657.256853] ? __lockdep_init_map+0x105/0x590 [ 657.256871] alloc_super+0x9a6/0xb10 [ 657.262212] 39 [ 657.265810] ? destroy_unused_super.part.11+0x110/0x110 [ 657.265828] ? lock_downgrade+0x8f0/0x8f0 [ 657.267611] 35 [ 657.271550] ? lock_acquire+0x1e4/0x540 [ 657.271565] ? kasan_check_read+0x11/0x20 [ 657.271576] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 657.271593] ? kasan_check_write+0x14/0x20 [ 657.275895] 33 [ 657.277666] ? do_raw_spin_lock+0xc1/0x200 [ 657.277685] sget_userns+0x276/0x860 [ 657.281812] 32 [ 657.285584] ? v9fs_kill_super+0xa0/0xa0 [ 657.285608] ? vfs_get_super+0x270/0x270 [ 657.289905] 34 [ 657.291701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 657.296621] 33 [ 657.300812] ? ns_capable_common+0x13f/0x170 [ 657.300829] ? v9fs_kill_super+0xa0/0xa0 [ 657.302519] 39 [ 657.306290] sget+0x10b/0x150 [ 657.306309] v9fs_mount+0xe2/0x900 [ 657.310953] 38 [ 657.318906] ? v9fs_drop_inode+0x150/0x150 [ 657.318924] legacy_get_tree+0x118/0x440 [ 657.322789] ' [ 657.327777] vfs_get_tree+0x1cb/0x5c0 [ 657.327794] do_mount+0x6c1/0x1fb0 [ 657.477368] ? kasan_check_write+0x14/0x20 [ 657.481600] ? copy_mount_string+0x40/0x40 [ 657.485836] ? kasan_kmalloc+0xc4/0xe0 [ 657.489719] ? kmem_cache_alloc_trace+0x318/0x780 [ 657.494560] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 657.500097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 657.505627] ? copy_mount_options+0x285/0x380 [ 657.510122] ksys_mount+0x12d/0x140 [ 657.513745] __x64_sys_mount+0xbe/0x150 [ 657.517716] do_syscall_64+0x1b9/0x820 [ 657.521599] ? finish_task_switch+0x1d3/0x870 [ 657.526094] ? syscall_return_slowpath+0x5e0/0x5e0 [ 657.531023] ? syscall_return_slowpath+0x31d/0x5e0 [ 657.535949] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 657.540961] ? prepare_exit_to_usermode+0x291/0x3b0 [ 657.545971] ? perf_trace_sys_enter+0xb10/0xb10 [ 657.550637] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 657.555481] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 657.560662] RIP: 0033:0x455e29 [ 657.563845] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 657.583115] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 657.590830] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 02:46:38 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:38 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff070000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:38 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x7000000}}], 0x1, 0x0) 02:46:38 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000580)={0x15, 0x65, 0xffff, 0x10001, 0x8, '9P2000.L'}, 0x15) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) remap_file_pages(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4, 0x7ff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfd8\x00=', @ANYRESHEX=r0, @ANYBLOB="030066106e6f3d43bccc92bd80cfcd316aedfd281509149dda33ef3f0d07e209a565ef859a24036876c1e4304ae12b4bbf6e30cc8de8416d457d85dd478ac90dcfb93cfbc820280e21c7957becfeec17", @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000000080)='./file0\x00', &(0x7f0000000540)=[&(0x7f00000002c0)='rfdno', &(0x7f0000000300)='keyringkeyringppp0wlan0\x00', &(0x7f0000000380)='rfdno', &(0x7f0000000480)='access', &(0x7f00000004c0)='bdev&@\x00', &(0x7f0000000500)='\\md5sum\x00'], &(0x7f0000000580)) [ 657.598099] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 657.605365] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 657.612628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 657.619890] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000003b 02:46:38 executing program 6 (fault-call:7 fault-nth:60): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:38 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x3, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:38 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:38 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x1}) 02:46:38 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x3e8}}], 0x1, 0x0) 02:46:38 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="39707f", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:39 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 657.936122] 9pnet: Insufficient options for proto=fd [ 657.948486] 9pnet: Insufficient options for proto=fd [ 657.959210] FAULT_INJECTION: forcing a failure. [ 657.959210] name failslab, interval 1, probability 0, space 0, times 0 [ 657.970505] CPU: 1 PID: 8303 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 657.978817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 657.988159] Call Trace: [ 657.990745] dump_stack+0x1c9/0x2b4 [ 657.994371] ? dump_stack_print_info.cold.2+0x52/0x52 [ 657.999560] ? __kernel_text_address+0xd/0x40 [ 658.004046] ? unwind_get_return_address+0x61/0xa0 [ 658.008972] should_fail.cold.4+0xa/0x11 [ 658.013030] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 658.018129] ? save_stack+0xa9/0xd0 [ 658.021749] ? save_stack+0x43/0xd0 [ 658.025373] ? kasan_kmalloc+0xc4/0xe0 [ 658.029253] ? kmem_cache_alloc_trace+0x152/0x780 [ 658.034088] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 658.039269] ? __list_lru_init+0x4d6/0x840 [ 658.043499] ? alloc_super+0x9a6/0xb10 [ 658.047386] ? sget+0x10b/0x150 [ 658.050660] ? v9fs_mount+0xe2/0x900 [ 658.054372] ? legacy_get_tree+0x118/0x440 [ 658.058599] ? vfs_get_tree+0x1cb/0x5c0 [ 658.062564] ? do_mount+0x6c1/0x1fb0 [ 658.066269] ? ksys_mount+0x12d/0x140 [ 658.070061] ? __x64_sys_mount+0xbe/0x150 [ 658.074204] ? do_syscall_64+0x1b9/0x820 [ 658.078259] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 658.083620] ? save_stack+0xa9/0xd0 [ 658.087249] ? lock_acquire+0x1e4/0x540 [ 658.091220] ? fs_reclaim_acquire+0x20/0x20 [ 658.095539] ? lock_downgrade+0x8f0/0x8f0 [ 658.099679] ? ksys_mount+0x12d/0x140 [ 658.103476] ? check_same_owner+0x340/0x340 [ 658.107795] ? rcu_note_context_switch+0x730/0x730 [ 658.112725] __should_failslab+0x124/0x180 [ 658.116957] should_failslab+0x9/0x14 [ 658.120753] kmem_cache_alloc_trace+0x2cb/0x780 [ 658.125416] ? kasan_kmalloc+0xc4/0xe0 [ 658.129301] __memcg_init_list_lru_node+0x185/0x2d0 [ 658.134317] ? kvfree_rcu+0x20/0x20 [ 658.137938] ? __kmalloc_node+0x47/0x70 [ 658.141912] __list_lru_init+0x4d6/0x840 [ 658.145965] ? up_write+0x7b/0x220 [ 658.149503] ? list_lru_destroy+0x500/0x500 [ 658.153821] ? prealloc_shrinker+0x124/0x450 [ 658.158229] ? prealloc_shrinker+0x21c/0x450 [ 658.162633] ? inactive_list_is_low+0x850/0x850 [ 658.167302] ? __lockdep_init_map+0x105/0x590 [ 658.171794] alloc_super+0x9a6/0xb10 [ 658.175510] ? destroy_unused_super.part.11+0x110/0x110 [ 658.180877] ? lock_downgrade+0x8f0/0x8f0 [ 658.185017] ? lock_acquire+0x1e4/0x540 [ 658.188994] ? kasan_check_read+0x11/0x20 [ 658.193137] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 658.197717] ? kasan_check_write+0x14/0x20 [ 658.201947] ? do_raw_spin_lock+0xc1/0x200 [ 658.206178] sget_userns+0x276/0x860 [ 658.209887] ? v9fs_kill_super+0xa0/0xa0 [ 658.213945] ? vfs_get_super+0x270/0x270 [ 658.218018] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 658.223552] ? ns_capable_common+0x13f/0x170 [ 658.227958] ? v9fs_kill_super+0xa0/0xa0 [ 658.232011] sget+0x10b/0x150 [ 658.235111] v9fs_mount+0xe2/0x900 [ 658.238653] ? v9fs_drop_inode+0x150/0x150 [ 658.242880] legacy_get_tree+0x118/0x440 [ 658.246940] vfs_get_tree+0x1cb/0x5c0 [ 658.250740] do_mount+0x6c1/0x1fb0 [ 658.254275] ? kasan_check_write+0x14/0x20 [ 658.258513] ? copy_mount_string+0x40/0x40 [ 658.262740] ? kasan_kmalloc+0xc4/0xe0 [ 658.266641] ? kmem_cache_alloc_trace+0x318/0x780 [ 658.271480] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 658.277020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 658.282553] ? copy_mount_options+0x285/0x380 [ 658.287045] ksys_mount+0x12d/0x140 [ 658.290671] __x64_sys_mount+0xbe/0x150 [ 658.294641] do_syscall_64+0x1b9/0x820 [ 658.298528] ? finish_task_switch+0x1d3/0x870 [ 658.303022] ? syscall_return_slowpath+0x5e0/0x5e0 [ 658.307948] ? syscall_return_slowpath+0x31d/0x5e0 [ 658.312875] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 658.317895] ? prepare_exit_to_usermode+0x291/0x3b0 [ 658.322904] ? perf_trace_sys_enter+0xb10/0xb10 [ 658.327571] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 658.332409] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 658.337588] RIP: 0033:0x455e29 [ 658.340765] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 658.360547] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 658.368249] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 658.375514] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:39 executing program 6 (fault-call:7 fault-nth:61): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:39 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RMKDIR(r1, &(0x7f0000000080)={0x14, 0x49, 0x2, {0x10, 0x3, 0x8}}, 0x14) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a60000002901000000000000000000000000000000000000000000000000640189c0002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c6530"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 658.382776] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 658.390038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 658.397301] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000003c 02:46:39 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11946, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:39 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x1}) 02:46:39 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xa000000}}], 0x1, 0x0) 02:46:39 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="3970fe", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:39 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:39 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffff7f, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:39 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000140)={0x1}) 02:46:39 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1c00}}], 0x1, 0x0) [ 658.652216] FAULT_INJECTION: forcing a failure. [ 658.652216] name failslab, interval 1, probability 0, space 0, times 0 [ 658.663510] CPU: 1 PID: 8335 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 658.671818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.681163] Call Trace: [ 658.683753] dump_stack+0x1c9/0x2b4 [ 658.687388] ? dump_stack_print_info.cold.2+0x52/0x52 [ 658.692582] ? __kernel_text_address+0xd/0x40 [ 658.697075] ? unwind_get_return_address+0x61/0xa0 [ 658.702009] should_fail.cold.4+0xa/0x11 [ 658.706068] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 658.711171] ? save_stack+0xa9/0xd0 [ 658.714794] ? save_stack+0x43/0xd0 [ 658.718414] ? kasan_kmalloc+0xc4/0xe0 [ 658.722299] ? kmem_cache_alloc_trace+0x152/0x780 [ 658.727143] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 658.732324] ? __list_lru_init+0x4d6/0x840 [ 658.736554] ? alloc_super+0x9a6/0xb10 [ 658.740438] ? sget+0x10b/0x150 [ 658.743722] ? v9fs_mount+0xe2/0x900 [ 658.747440] ? legacy_get_tree+0x118/0x440 02:46:39 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) r2 = syz_open_dev$sndpcmc(&(0x7f0000000380)='/dev/snd/pcmC#D#c\x00', 0x100, 0xf9d01ab5cbdb8d5d) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000480)={0x0, 0xb6}, &(0x7f00000004c0)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000500)={0x9, 0xffffffff00000001, 0x2, 0x1, 0x6, 0x9, 0x3, 0x10000, r3}, 0x20) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000680)={r3, 0x20, 0x2, [0x8, 0x1]}, 0xc) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766646c6f3dcf30631e99a0a3d8c15ee590e16883718225e39912196281d195a6e77a51963e42ebe7874790661a20e869423d748923931525020f1ea9034d0015258a1f57bb0ef36784d9", @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r4 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) ioctl$KVM_ASSIGN_PCI_DEVICE(r4, 0x8040ae69, &(0x7f0000000080)={0x1, 0x6051, 0xffffffff00000001, 0x1, 0x1}) r5 = getpid() prlimit64(r5, 0xa, &(0x7f00000002c0)={0x6, 0x200}, &(0x7f0000000300)) bind(r4, &(0x7f0000000600)=@in={0x2, 0x4e20, @multicast1=0xe0000001}, 0x2) [ 658.751686] ? vfs_get_tree+0x1cb/0x5c0 [ 658.755664] ? do_mount+0x6c1/0x1fb0 [ 658.759385] ? ksys_mount+0x12d/0x140 [ 658.763190] ? __x64_sys_mount+0xbe/0x150 [ 658.767344] ? do_syscall_64+0x1b9/0x820 [ 658.771498] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 658.776871] ? save_stack+0xa9/0xd0 [ 658.780508] ? lock_acquire+0x1e4/0x540 [ 658.784494] ? fs_reclaim_acquire+0x20/0x20 [ 658.788821] ? lock_downgrade+0x8f0/0x8f0 [ 658.792971] ? ksys_mount+0x12d/0x140 [ 658.796778] ? check_same_owner+0x340/0x340 [ 658.801109] ? rcu_note_context_switch+0x730/0x730 [ 658.806043] __should_failslab+0x124/0x180 [ 658.810294] should_failslab+0x9/0x14 [ 658.814101] kmem_cache_alloc_trace+0x2cb/0x780 [ 658.818779] ? kasan_kmalloc+0xc4/0xe0 [ 658.822677] __memcg_init_list_lru_node+0x185/0x2d0 [ 658.827696] ? kvfree_rcu+0x20/0x20 [ 658.831335] ? __kmalloc_node+0x47/0x70 [ 658.835315] __list_lru_init+0x4d6/0x840 [ 658.839377] ? up_write+0x7b/0x220 [ 658.842915] ? list_lru_destroy+0x500/0x500 [ 658.847240] ? prealloc_shrinker+0x124/0x450 02:46:39 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x2e000700, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:39 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1}) 02:46:39 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x400300}}], 0x1, 0x0) [ 658.851656] ? prealloc_shrinker+0x21c/0x450 [ 658.856067] ? inactive_list_is_low+0x850/0x850 [ 658.860742] ? __lockdep_init_map+0x105/0x590 [ 658.865240] alloc_super+0x9a6/0xb10 [ 658.868963] ? destroy_unused_super.part.11+0x110/0x110 [ 658.874335] ? lock_downgrade+0x8f0/0x8f0 [ 658.878494] ? lock_acquire+0x1e4/0x540 [ 658.882482] ? kasan_check_read+0x11/0x20 [ 658.886636] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 658.891226] ? kasan_check_write+0x14/0x20 [ 658.895479] ? do_raw_spin_lock+0xc1/0x200 [ 658.899723] sget_userns+0x276/0x860 02:46:40 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1000000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 658.903435] ? v9fs_kill_super+0xa0/0xa0 [ 658.907504] ? vfs_get_super+0x270/0x270 [ 658.911583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 658.917148] ? ns_capable_common+0x13f/0x170 [ 658.921561] ? v9fs_kill_super+0xa0/0xa0 [ 658.925621] sget+0x10b/0x150 [ 658.928730] v9fs_mount+0xe2/0x900 [ 658.932270] ? v9fs_drop_inode+0x150/0x150 [ 658.936504] legacy_get_tree+0x118/0x440 [ 658.940564] vfs_get_tree+0x1cb/0x5c0 [ 658.944366] do_mount+0x6c1/0x1fb0 [ 658.947912] ? copy_mount_string+0x40/0x40 [ 658.952150] ? retint_kernel+0x10/0x10 [ 658.956044] ? copy_mount_options+0x213/0x380 [ 658.960545] ? write_comp_data+0x6c/0x70 [ 658.964611] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 658.970153] ? copy_mount_options+0x285/0x380 [ 658.974652] ksys_mount+0x12d/0x140 [ 658.978298] __x64_sys_mount+0xbe/0x150 [ 658.982271] do_syscall_64+0x1b9/0x820 [ 658.986156] ? finish_task_switch+0x1d3/0x870 [ 658.990653] ? syscall_return_slowpath+0x5e0/0x5e0 [ 658.995585] ? syscall_return_slowpath+0x31d/0x5e0 02:46:40 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 659.000517] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 659.005532] ? prepare_exit_to_usermode+0x291/0x3b0 [ 659.010548] ? perf_trace_sys_enter+0xb10/0xb10 [ 659.015216] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 659.020064] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 659.025253] RIP: 0033:0x455e29 [ 659.028430] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 659.047621] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 659.055334] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 659.062603] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 659.069876] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 659.077146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 659.084415] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000003d 02:46:40 executing program 6 (fault-call:7 fault-nth:62): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:40 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:40 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:40 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1}) 02:46:40 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf000}}], 0x1, 0x0) 02:46:40 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 659.110599] 9pnet: Insufficient options for proto=fd [ 659.126894] 9pnet: Insufficient options for proto=fd 02:46:40 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x1, 0x0) ioctl$KVM_GET_TSC_KHZ(r2, 0xaea3) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a6000000290100000000000000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f05000000300000000000000000000000000000000000000000000007002e2f668a6c65300000000000000000000000000000000000000000000007002e2f66696c6530000000000000000a72fb62f300000000000000000000000000000007002e2f"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="0c6163736573733de87574d32baf179a07aacb8a0875a82a1292c491487f549f1664e87bcfcc6a4a4db8c3c09fa758e8d101669cadd96cb56865fec1b3f78d26a84714bd91687daa2cd54d48c9c8369e930cf5faac98b1dd7af13331822ce9dc6e0019436e40e5ff95df94d239769544d2f11cddd88bdb24d271d73dd0f62f53778ac9eea50c9ea92d1aec573b14f3a6f4da2bd91b31e9d15df446c934cfbcbedbbbc859cfb69b8b8297e55abb57289f32be9be87233fe4eea9f772d", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:40 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x400000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:40 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="397005", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:40 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:40 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1}) 02:46:40 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe00}}], 0x1, 0x0) [ 659.292239] FAULT_INJECTION: forcing a failure. [ 659.292239] name failslab, interval 1, probability 0, space 0, times 0 [ 659.303486] CPU: 0 PID: 8390 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 659.311798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 659.321144] Call Trace: [ 659.323732] dump_stack+0x1c9/0x2b4 [ 659.327360] ? dump_stack_print_info.cold.2+0x52/0x52 [ 659.332548] ? __kernel_text_address+0xd/0x40 [ 659.337041] ? unwind_get_return_address+0x61/0xa0 [ 659.341967] should_fail.cold.4+0xa/0x11 [ 659.346025] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 659.351125] ? save_stack+0xa9/0xd0 [ 659.354750] ? save_stack+0x43/0xd0 [ 659.358372] ? kasan_kmalloc+0xc4/0xe0 [ 659.362252] ? kmem_cache_alloc_trace+0x152/0x780 [ 659.367090] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 659.372270] ? __list_lru_init+0x4d6/0x840 [ 659.376499] ? alloc_super+0x9a6/0xb10 [ 659.380380] ? sget+0x10b/0x150 [ 659.383654] ? v9fs_mount+0xe2/0x900 [ 659.387362] ? legacy_get_tree+0x118/0x440 [ 659.391590] ? vfs_get_tree+0x1cb/0x5c0 [ 659.395611] ? do_mount+0x6c1/0x1fb0 [ 659.399319] ? ksys_mount+0x12d/0x140 [ 659.403871] ? __x64_sys_mount+0xbe/0x150 [ 659.408013] ? do_syscall_64+0x1b9/0x820 [ 659.412068] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 659.417429] ? save_stack+0xa9/0xd0 [ 659.421053] ? lock_acquire+0x1e4/0x540 [ 659.425020] ? fs_reclaim_acquire+0x20/0x20 [ 659.429339] ? lock_downgrade+0x8f0/0x8f0 [ 659.433478] ? ksys_mount+0x12d/0x140 [ 659.437275] ? check_same_owner+0x340/0x340 [ 659.441592] ? rcu_note_context_switch+0x730/0x730 [ 659.446519] __should_failslab+0x124/0x180 [ 659.450751] should_failslab+0x9/0x14 [ 659.454549] kmem_cache_alloc_trace+0x2cb/0x780 [ 659.459210] ? kasan_kmalloc+0xc4/0xe0 [ 659.463102] __memcg_init_list_lru_node+0x185/0x2d0 [ 659.468113] ? kvfree_rcu+0x20/0x20 [ 659.471734] ? __kmalloc_node+0x47/0x70 [ 659.475707] __list_lru_init+0x4d6/0x840 [ 659.479758] ? up_write+0x7b/0x220 [ 659.483293] ? list_lru_destroy+0x500/0x500 [ 659.487616] ? prealloc_shrinker+0x124/0x450 [ 659.492018] ? prealloc_shrinker+0x21c/0x450 [ 659.496421] ? inactive_list_is_low+0x850/0x850 [ 659.501087] ? __lockdep_init_map+0x105/0x590 [ 659.505595] alloc_super+0x9a6/0xb10 [ 659.509306] ? destroy_unused_super.part.11+0x110/0x110 [ 659.514666] ? lock_downgrade+0x8f0/0x8f0 [ 659.518806] ? lock_acquire+0x1e4/0x540 [ 659.522776] ? kasan_check_read+0x11/0x20 [ 659.526949] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 659.531530] ? kasan_check_write+0x14/0x20 [ 659.535758] ? do_raw_spin_lock+0xc1/0x200 [ 659.539988] sget_userns+0x276/0x860 [ 659.543697] ? v9fs_kill_super+0xa0/0xa0 [ 659.547755] ? vfs_get_super+0x270/0x270 [ 659.551828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 659.557358] ? ns_capable_common+0x13f/0x170 [ 659.561765] ? v9fs_kill_super+0xa0/0xa0 [ 659.565819] sget+0x10b/0x150 [ 659.568923] v9fs_mount+0xe2/0x900 [ 659.572460] ? v9fs_drop_inode+0x150/0x150 [ 659.576691] legacy_get_tree+0x118/0x440 [ 659.580747] vfs_get_tree+0x1cb/0x5c0 [ 659.584546] do_mount+0x6c1/0x1fb0 [ 659.588081] ? check_same_owner+0x340/0x340 [ 659.592397] ? lock_release+0xa30/0xa30 [ 659.596367] ? copy_mount_string+0x40/0x40 [ 659.600596] ? kasan_kmalloc+0xc4/0xe0 [ 659.604480] ? kmem_cache_alloc_trace+0x318/0x780 [ 659.609318] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 659.614849] ? _copy_from_user+0xdf/0x150 [ 659.618991] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 659.624519] ? copy_mount_options+0x285/0x380 [ 659.629011] ksys_mount+0x12d/0x140 [ 659.632635] __x64_sys_mount+0xbe/0x150 [ 659.636603] do_syscall_64+0x1b9/0x820 [ 659.640482] ? finish_task_switch+0x1d3/0x870 [ 659.644970] ? syscall_return_slowpath+0x5e0/0x5e0 [ 659.649899] ? syscall_return_slowpath+0x31d/0x5e0 [ 659.654824] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 659.659834] ? prepare_exit_to_usermode+0x291/0x3b0 [ 659.664846] ? perf_trace_sys_enter+0xb10/0xb10 [ 659.669509] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 659.674350] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 659.679531] RIP: 0033:0x455e29 [ 659.682704] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 659.701972] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 659.709675] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 659.716936] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 659.724197] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 659.731458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:40 executing program 6 (fault-call:7 fault-nth:63): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 659.738716] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000003e [ 659.811938] 9pnet: Insufficient options for proto=fd [ 659.830441] 9pnet: Insufficient options for proto=fd 02:46:40 executing program 4: r0 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x200080, 0x0) ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f00000002c0)={0x800, 0xfd, 0x1, 0x9, 0xfffffffffffffffa, 0x2}) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r2, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c}) write$P9_RGETATTR(r2, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r2, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:41 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x8000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:41 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:41 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1}) 02:46:41 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf0}}], 0x1, 0x0) 02:46:41 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:41 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="397004", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 660.079837] FAULT_INJECTION: forcing a failure. [ 660.079837] name failslab, interval 1, probability 0, space 0, times 0 [ 660.091121] CPU: 0 PID: 8419 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 660.099426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 660.108768] Call Trace: [ 660.111359] dump_stack+0x1c9/0x2b4 [ 660.114986] ? dump_stack_print_info.cold.2+0x52/0x52 [ 660.120172] ? __kernel_text_address+0xd/0x40 [ 660.124661] ? unwind_get_return_address+0x61/0xa0 [ 660.129588] should_fail.cold.4+0xa/0x11 [ 660.133652] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 660.138755] ? save_stack+0xa9/0xd0 [ 660.142376] ? save_stack+0x43/0xd0 [ 660.145999] ? kasan_kmalloc+0xc4/0xe0 [ 660.149882] ? kmem_cache_alloc_trace+0x152/0x780 [ 660.154722] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 660.159903] ? __list_lru_init+0x4d6/0x840 [ 660.164131] ? alloc_super+0x9a6/0xb10 [ 660.168015] ? sget+0x10b/0x150 [ 660.171290] ? v9fs_mount+0xe2/0x900 [ 660.174996] ? legacy_get_tree+0x118/0x440 [ 660.179234] ? vfs_get_tree+0x1cb/0x5c0 [ 660.183211] ? do_mount+0x6c1/0x1fb0 [ 660.186921] ? ksys_mount+0x12d/0x140 [ 660.190716] ? __x64_sys_mount+0xbe/0x150 [ 660.194864] ? do_syscall_64+0x1b9/0x820 [ 660.198923] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 660.204293] ? save_stack+0xa9/0xd0 [ 660.207919] ? lock_acquire+0x1e4/0x540 [ 660.211891] ? fs_reclaim_acquire+0x20/0x20 [ 660.216209] ? lock_downgrade+0x8f0/0x8f0 [ 660.220351] ? lock_downgrade+0x8f0/0x8f0 [ 660.224495] ? check_same_owner+0x340/0x340 [ 660.228809] ? do_raw_spin_unlock+0xa7/0x2f0 [ 660.233217] ? rcu_note_context_switch+0x730/0x730 [ 660.238145] __should_failslab+0x124/0x180 [ 660.242378] should_failslab+0x9/0x14 [ 660.246177] kmem_cache_alloc_trace+0x2cb/0x780 [ 660.250846] ? kasan_kmalloc+0xc4/0xe0 [ 660.254733] __memcg_init_list_lru_node+0x185/0x2d0 [ 660.259746] ? kvfree_rcu+0x20/0x20 [ 660.263372] ? __kmalloc_node+0x47/0x70 [ 660.267342] __list_lru_init+0x4d6/0x840 [ 660.271397] ? up_write+0x7b/0x220 [ 660.274931] ? list_lru_destroy+0x500/0x500 [ 660.279247] ? prealloc_shrinker+0x124/0x450 [ 660.283654] ? prealloc_shrinker+0x21c/0x450 [ 660.288058] ? inactive_list_is_low+0x850/0x850 [ 660.292725] ? __lockdep_init_map+0x105/0x590 [ 660.297226] alloc_super+0x9a6/0xb10 [ 660.300940] ? destroy_unused_super.part.11+0x110/0x110 [ 660.306299] ? lock_downgrade+0x8f0/0x8f0 [ 660.310441] ? lock_acquire+0x1e4/0x540 [ 660.314417] ? kasan_check_read+0x11/0x20 [ 660.318561] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 660.323145] ? kasan_check_write+0x14/0x20 [ 660.327372] ? do_raw_spin_lock+0xc1/0x200 [ 660.331604] sget_userns+0x276/0x860 [ 660.335312] ? v9fs_kill_super+0xa0/0xa0 [ 660.339369] ? vfs_get_super+0x270/0x270 [ 660.343443] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 660.348975] ? ns_capable_common+0x13f/0x170 [ 660.353383] ? v9fs_kill_super+0xa0/0xa0 [ 660.357439] sget+0x10b/0x150 [ 660.360544] v9fs_mount+0xe2/0x900 [ 660.364080] ? v9fs_drop_inode+0x150/0x150 [ 660.368307] legacy_get_tree+0x118/0x440 [ 660.372379] vfs_get_tree+0x1cb/0x5c0 [ 660.376174] do_mount+0x6c1/0x1fb0 [ 660.379709] ? check_same_owner+0x340/0x340 [ 660.384022] ? lock_release+0xa30/0xa30 [ 660.387992] ? copy_mount_string+0x40/0x40 [ 660.392225] ? kasan_kmalloc+0xc4/0xe0 [ 660.396110] ? kmem_cache_alloc_trace+0x318/0x780 [ 660.400950] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 660.406484] ? _copy_from_user+0xdf/0x150 [ 660.410628] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 660.416157] ? copy_mount_options+0x285/0x380 [ 660.420647] ksys_mount+0x12d/0x140 [ 660.424273] __x64_sys_mount+0xbe/0x150 [ 660.428245] do_syscall_64+0x1b9/0x820 [ 660.432129] ? syscall_return_slowpath+0x5e0/0x5e0 [ 660.437054] ? syscall_return_slowpath+0x31d/0x5e0 [ 660.441984] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 660.446996] ? prepare_exit_to_usermode+0x291/0x3b0 [ 660.452015] ? perf_trace_sys_enter+0xb10/0xb10 [ 660.456681] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 660.461524] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 660.466705] RIP: 0033:0x455e29 [ 660.469882] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 660.489149] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 660.496851] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 660.504114] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 660.511376] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 660.518636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 660.525897] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000003f 02:46:41 executing program 6 (fault-call:7 fault-nth:64): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:41 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766646e6f16", @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x6b}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:41 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1}) 02:46:41 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11948, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:41 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe}}], 0x1, 0x0) 02:46:41 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe00000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 660.829640] FAULT_INJECTION: forcing a failure. [ 660.829640] name failslab, interval 1, probability 0, space 0, times 0 [ 660.841042] CPU: 0 PID: 8445 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 660.849360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 660.858709] Call Trace: [ 660.861298] dump_stack+0x1c9/0x2b4 [ 660.864930] ? dump_stack_print_info.cold.2+0x52/0x52 [ 660.870119] ? __kernel_text_address+0xd/0x40 [ 660.874699] ? unwind_get_return_address+0x61/0xa0 [ 660.879629] should_fail.cold.4+0xa/0x11 [ 660.883687] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 660.888797] ? save_stack+0xa9/0xd0 [ 660.892420] ? save_stack+0x43/0xd0 [ 660.896046] ? kasan_kmalloc+0xc4/0xe0 [ 660.899928] ? kmem_cache_alloc_trace+0x152/0x780 [ 660.904769] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 660.909957] ? __list_lru_init+0x4d6/0x840 [ 660.914193] ? alloc_super+0x9a6/0xb10 [ 660.918079] ? sget+0x10b/0x150 [ 660.921351] ? v9fs_mount+0xe2/0x900 [ 660.925059] ? legacy_get_tree+0x118/0x440 02:46:41 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:41 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = epoll_create1(0x0) fcntl$lock(r0, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r0, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r0, 0x7, &(0x7f0000000140)={0x1}) [ 660.929289] ? vfs_get_tree+0x1cb/0x5c0 [ 660.933258] ? do_mount+0x6c1/0x1fb0 [ 660.936965] ? ksys_mount+0x12d/0x140 [ 660.940758] ? __x64_sys_mount+0xbe/0x150 [ 660.944910] ? do_syscall_64+0x1b9/0x820 [ 660.948966] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 660.954337] ? save_stack+0xa9/0xd0 [ 660.957965] ? lock_acquire+0x1e4/0x540 [ 660.961936] ? fs_reclaim_acquire+0x20/0x20 [ 660.966254] ? lock_downgrade+0x8f0/0x8f0 [ 660.970400] ? ksys_mount+0x12d/0x140 [ 660.974201] ? check_same_owner+0x340/0x340 [ 660.978528] ? rcu_note_context_switch+0x730/0x730 [ 660.983460] __should_failslab+0x124/0x180 [ 660.987695] should_failslab+0x9/0x14 [ 660.991490] kmem_cache_alloc_trace+0x2cb/0x780 [ 660.996153] ? kasan_kmalloc+0xc4/0xe0 [ 661.000045] __memcg_init_list_lru_node+0x185/0x2d0 [ 661.005060] ? kvfree_rcu+0x20/0x20 [ 661.008682] ? __kmalloc_node+0x47/0x70 [ 661.012657] __list_lru_init+0x4d6/0x840 [ 661.016717] ? up_write+0x7b/0x220 [ 661.020256] ? list_lru_destroy+0x500/0x500 [ 661.024571] ? prealloc_shrinker+0x124/0x450 [ 661.028978] ? prealloc_shrinker+0x21c/0x450 [ 661.033381] ? inactive_list_is_low+0x850/0x850 [ 661.038050] ? __lockdep_init_map+0x105/0x590 [ 661.042545] alloc_super+0x9a6/0xb10 [ 661.046262] ? destroy_unused_super.part.11+0x110/0x110 [ 661.051622] ? lock_downgrade+0x8f0/0x8f0 [ 661.055808] ? lock_acquire+0x1e4/0x540 [ 661.059788] ? kasan_check_read+0x11/0x20 [ 661.063931] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 661.068508] ? kasan_check_write+0x14/0x20 [ 661.072778] ? do_raw_spin_lock+0xc1/0x200 [ 661.077014] sget_userns+0x276/0x860 [ 661.080726] ? v9fs_kill_super+0xa0/0xa0 [ 661.084790] ? vfs_get_super+0x270/0x270 [ 661.088864] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 661.094395] ? ns_capable_common+0x13f/0x170 [ 661.098819] ? v9fs_kill_super+0xa0/0xa0 [ 661.102871] sget+0x10b/0x150 [ 661.105976] v9fs_mount+0xe2/0x900 [ 661.109511] ? v9fs_drop_inode+0x150/0x150 [ 661.113739] legacy_get_tree+0x118/0x440 [ 661.117802] vfs_get_tree+0x1cb/0x5c0 [ 661.121600] do_mount+0x6c1/0x1fb0 [ 661.125136] ? kasan_check_write+0x14/0x20 [ 661.129366] ? copy_mount_string+0x40/0x40 [ 661.133596] ? retint_kernel+0x10/0x10 [ 661.137482] ? copy_mount_options+0x213/0x380 [ 661.141977] ? __sanitizer_cov_trace_const_cmp4+0x11/0x20 [ 661.147515] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 661.153047] ? copy_mount_options+0x285/0x380 [ 661.157542] ksys_mount+0x12d/0x140 [ 661.161170] __x64_sys_mount+0xbe/0x150 [ 661.165142] do_syscall_64+0x1b9/0x820 [ 661.169023] ? finish_task_switch+0x1d3/0x870 [ 661.173516] ? syscall_return_slowpath+0x5e0/0x5e0 [ 661.178442] ? syscall_return_slowpath+0x31d/0x5e0 [ 661.183396] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 661.188408] ? prepare_exit_to_usermode+0x291/0x3b0 [ 661.193421] ? perf_trace_sys_enter+0xb10/0xb10 [ 661.198089] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 661.202929] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 661.208108] RIP: 0033:0x455e29 [ 661.211284] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:46:42 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 661.230546] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 661.238251] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 661.245516] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 661.252776] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 661.260037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 661.267297] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000040 02:46:42 executing program 6 (fault-call:7 fault-nth:65): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:42 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe0}}], 0x1, 0x0) [ 661.322302] 9pnet: Insufficient options for proto=fd [ 661.335536] 9pnet: Insufficient options for proto=fd 02:46:42 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfc1a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:42 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x37b, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c0200646e6f35", @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000480)='/dev/qat_adf_ctl\x00', 0x4a8c80, 0x0) ioctl$TUNGETFEATURES(r2, 0x800454cf, &(0x7f00000004c0)) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000080)) r3 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) accept4(r3, &(0x7f00000002c0)=@un=@abs, &(0x7f0000000380)=0x80, 0x80000) 02:46:42 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x9, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:42 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:42 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf0ffff}}], 0x1, 0x0) 02:46:42 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:42 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 661.599989] FAULT_INJECTION: forcing a failure. [ 661.599989] name failslab, interval 1, probability 0, space 0, times 0 [ 661.611328] CPU: 0 PID: 8471 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 661.619643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 661.629008] Call Trace: [ 661.631597] dump_stack+0x1c9/0x2b4 [ 661.635224] ? dump_stack_print_info.cold.2+0x52/0x52 [ 661.640413] ? __kernel_text_address+0xd/0x40 [ 661.644905] ? unwind_get_return_address+0x61/0xa0 [ 661.649849] should_fail.cold.4+0xa/0x11 [ 661.653910] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 661.659026] ? save_stack+0xa9/0xd0 [ 661.662652] ? save_stack+0x43/0xd0 [ 661.666272] ? kasan_kmalloc+0xc4/0xe0 [ 661.670153] ? kmem_cache_alloc_trace+0x152/0x780 [ 661.675006] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 661.680190] ? __list_lru_init+0x4d6/0x840 [ 661.684421] ? alloc_super+0x9a6/0xb10 [ 661.688304] ? sget+0x10b/0x150 [ 661.691579] ? v9fs_mount+0xe2/0x900 [ 661.695288] ? legacy_get_tree+0x118/0x440 [ 661.699526] ? vfs_get_tree+0x1cb/0x5c0 [ 661.703495] ? do_mount+0x6c1/0x1fb0 [ 661.707202] ? ksys_mount+0x12d/0x140 [ 661.710994] ? __x64_sys_mount+0xbe/0x150 [ 661.715135] ? do_syscall_64+0x1b9/0x820 [ 661.719191] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 661.724552] ? save_stack+0xa9/0xd0 [ 661.728179] ? lock_acquire+0x1e4/0x540 [ 661.732145] ? fs_reclaim_acquire+0x20/0x20 [ 661.736467] ? lock_downgrade+0x8f0/0x8f0 [ 661.740610] ? ksys_mount+0x12d/0x140 [ 661.744413] ? check_same_owner+0x340/0x340 [ 661.748730] ? rcu_note_context_switch+0x730/0x730 [ 661.753656] __should_failslab+0x124/0x180 [ 661.757888] should_failslab+0x9/0x14 [ 661.761683] kmem_cache_alloc_trace+0x2cb/0x780 [ 661.766351] ? kasan_kmalloc+0xc4/0xe0 [ 661.770241] __memcg_init_list_lru_node+0x185/0x2d0 [ 661.775254] ? kvfree_rcu+0x20/0x20 [ 661.778877] ? __kmalloc_node+0x47/0x70 [ 661.782847] __list_lru_init+0x4d6/0x840 [ 661.786904] ? up_write+0x7b/0x220 [ 661.790440] ? list_lru_destroy+0x500/0x500 [ 661.794753] ? prealloc_shrinker+0x124/0x450 [ 661.799158] ? prealloc_shrinker+0x21c/0x450 [ 661.803560] ? inactive_list_is_low+0x850/0x850 [ 661.808223] ? __lockdep_init_map+0x105/0x590 [ 661.812739] alloc_super+0x9a6/0xb10 [ 661.816452] ? destroy_unused_super.part.11+0x110/0x110 [ 661.821813] ? lock_downgrade+0x8f0/0x8f0 [ 661.825953] ? lock_acquire+0x1e4/0x540 [ 661.829927] ? kasan_check_read+0x11/0x20 [ 661.834068] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 661.838645] ? kasan_check_write+0x14/0x20 [ 661.842875] ? do_raw_spin_lock+0xc1/0x200 [ 661.847108] sget_userns+0x276/0x860 [ 661.850817] ? v9fs_kill_super+0xa0/0xa0 [ 661.854874] ? vfs_get_super+0x270/0x270 [ 661.858948] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 661.864477] ? ns_capable_common+0x13f/0x170 [ 661.868878] ? v9fs_kill_super+0xa0/0xa0 [ 661.872931] sget+0x10b/0x150 [ 661.876032] v9fs_mount+0xe2/0x900 [ 661.879572] ? v9fs_drop_inode+0x150/0x150 [ 661.883799] legacy_get_tree+0x118/0x440 [ 661.887860] vfs_get_tree+0x1cb/0x5c0 [ 661.891658] do_mount+0x6c1/0x1fb0 [ 661.895191] ? kasan_check_write+0x14/0x20 [ 661.899420] ? copy_mount_string+0x40/0x40 [ 661.903651] ? kasan_kmalloc+0xc4/0xe0 [ 661.907535] ? kmem_cache_alloc_trace+0x318/0x780 [ 661.912378] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 661.917913] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 661.923444] ? copy_mount_options+0x285/0x380 [ 661.927937] ksys_mount+0x12d/0x140 [ 661.931559] __x64_sys_mount+0xbe/0x150 [ 661.935530] do_syscall_64+0x1b9/0x820 [ 661.939408] ? finish_task_switch+0x1d3/0x870 [ 661.943896] ? syscall_return_slowpath+0x5e0/0x5e0 [ 661.948822] ? syscall_return_slowpath+0x31d/0x5e0 [ 661.953750] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 661.958766] ? prepare_exit_to_usermode+0x291/0x3b0 [ 661.963781] ? perf_trace_sys_enter+0xb10/0xb10 [ 661.968444] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 661.973286] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 661.978465] RIP: 0033:0x455e29 [ 661.981640] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 662.000907] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 662.008611] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 662.015870] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 662.023134] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 662.030393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 662.037654] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000041 02:46:43 executing program 6 (fault-call:7 fault-nth:66): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 662.051452] 9pnet: Insufficient options for proto=fd 02:46:43 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xa00000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 662.072450] 9pnet: Insufficient options for proto=fd 02:46:43 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x96f, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:43 executing program 4: pipe2$9p(&(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f00000002c0)=""/81, &(0x7f00000000c0)=0x51) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) r3 = open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r3, 0x114, 0xa, &(0x7f0000000380)={0x1, '6'}, 0x2) 02:46:43 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe000000}}], 0x1, 0x0) 02:46:43 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:43 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="39707f", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:43 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff1a010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 662.249744] FAULT_INJECTION: forcing a failure. [ 662.249744] name failslab, interval 1, probability 0, space 0, times 0 [ 662.261119] CPU: 1 PID: 8504 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 662.269446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.278796] Call Trace: [ 662.281394] dump_stack+0x1c9/0x2b4 [ 662.285028] ? dump_stack_print_info.cold.2+0x52/0x52 [ 662.290231] ? __kernel_text_address+0xd/0x40 [ 662.294748] ? unwind_get_return_address+0x61/0xa0 [ 662.299683] should_fail.cold.4+0xa/0x11 [ 662.303748] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 662.308851] ? save_stack+0xa9/0xd0 [ 662.312462] ? save_stack+0x43/0xd0 [ 662.316071] ? kasan_kmalloc+0xc4/0xe0 [ 662.319939] ? kmem_cache_alloc_trace+0x152/0x780 [ 662.324765] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 662.329933] ? __list_lru_init+0x4d6/0x840 [ 662.334156] ? alloc_super+0x9a6/0xb10 [ 662.338030] ? sget+0x10b/0x150 [ 662.341296] ? v9fs_mount+0xe2/0x900 [ 662.344991] ? legacy_get_tree+0x118/0x440 [ 662.349211] ? vfs_get_tree+0x1cb/0x5c0 [ 662.353168] ? do_mount+0x6c1/0x1fb0 [ 662.356861] ? ksys_mount+0x12d/0x140 [ 662.360645] ? __x64_sys_mount+0xbe/0x150 [ 662.364779] ? do_syscall_64+0x1b9/0x820 [ 662.368836] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 662.374191] ? save_stack+0xa9/0xd0 [ 662.377804] ? lock_acquire+0x1e4/0x540 [ 662.381760] ? fs_reclaim_acquire+0x20/0x20 [ 662.386065] ? lock_downgrade+0x8f0/0x8f0 [ 662.390195] ? ksys_mount+0x12d/0x140 [ 662.393996] ? check_same_owner+0x340/0x340 [ 662.398307] ? rcu_note_context_switch+0x730/0x730 [ 662.403223] __should_failslab+0x124/0x180 [ 662.407446] should_failslab+0x9/0x14 [ 662.411230] kmem_cache_alloc_trace+0x2cb/0x780 [ 662.415880] ? kasan_kmalloc+0xc4/0xe0 [ 662.419757] __memcg_init_list_lru_node+0x185/0x2d0 [ 662.424755] ? kvfree_rcu+0x20/0x20 [ 662.428366] ? __kmalloc_node+0x47/0x70 [ 662.432322] __list_lru_init+0x4d6/0x840 [ 662.436366] ? up_write+0x7b/0x220 [ 662.439891] ? list_lru_destroy+0x500/0x500 [ 662.444195] ? prealloc_shrinker+0x124/0x450 [ 662.448584] ? prealloc_shrinker+0x21c/0x450 [ 662.452974] ? inactive_list_is_low+0x850/0x850 [ 662.457637] ? __lockdep_init_map+0x105/0x590 [ 662.462114] alloc_super+0x9a6/0xb10 [ 662.465812] ? destroy_unused_super.part.11+0x110/0x110 [ 662.471161] ? lock_downgrade+0x8f0/0x8f0 [ 662.475290] ? lock_acquire+0x1e4/0x540 [ 662.479249] ? kasan_check_read+0x11/0x20 [ 662.483378] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 662.487945] ? kasan_check_write+0x14/0x20 [ 662.492166] ? do_raw_spin_lock+0xc1/0x200 [ 662.496393] sget_userns+0x276/0x860 [ 662.500090] ? v9fs_kill_super+0xa0/0xa0 [ 662.504139] ? vfs_get_super+0x270/0x270 [ 662.508206] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 662.513738] ? ns_capable_common+0x13f/0x170 [ 662.518127] ? v9fs_kill_super+0xa0/0xa0 [ 662.522172] sget+0x10b/0x150 [ 662.525270] v9fs_mount+0xe2/0x900 [ 662.528798] ? v9fs_drop_inode+0x150/0x150 [ 662.533018] legacy_get_tree+0x118/0x440 [ 662.537064] vfs_get_tree+0x1cb/0x5c0 [ 662.540849] do_mount+0x6c1/0x1fb0 [ 662.544387] ? kasan_check_write+0x14/0x20 [ 662.548614] ? copy_mount_string+0x40/0x40 [ 662.552831] ? kasan_kmalloc+0xc4/0xe0 [ 662.556702] ? kmem_cache_alloc_trace+0x318/0x780 [ 662.561528] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 662.567058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 662.572577] ? copy_mount_options+0x285/0x380 [ 662.577054] ksys_mount+0x12d/0x140 [ 662.580663] __x64_sys_mount+0xbe/0x150 [ 662.584625] do_syscall_64+0x1b9/0x820 [ 662.588504] ? syscall_return_slowpath+0x5e0/0x5e0 [ 662.593416] ? syscall_return_slowpath+0x31d/0x5e0 [ 662.598326] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 662.603326] ? prepare_exit_to_usermode+0x291/0x3b0 [ 662.608323] ? perf_trace_sys_enter+0xb10/0xb10 [ 662.612975] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 662.617804] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 662.622972] RIP: 0033:0x455e29 [ 662.626139] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 02:46:43 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970ff", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 662.645305] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 662.652995] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 662.660247] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 662.667508] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 662.674758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 662.682012] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000042 02:46:43 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x700}}], 0x1, 0x0) [ 662.714293] IPVS: length: 81 != 8 02:46:43 executing program 6 (fault-call:7 fault-nth:67): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:43 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11944, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 662.738936] IPVS: length: 81 != 8 02:46:43 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000480)={{{@in=@rand_addr, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@loopback}}, &(0x7f00000002c0)=0xe8) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond_slave_0\x00', r3}) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:43 executing program 5: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:44 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe803}}], 0x1, 0x0) [ 662.922352] FAULT_INJECTION: forcing a failure. [ 662.922352] name failslab, interval 1, probability 0, space 0, times 0 [ 662.933754] CPU: 1 PID: 8541 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 662.942064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.951411] Call Trace: [ 662.954006] dump_stack+0x1c9/0x2b4 [ 662.957632] ? dump_stack_print_info.cold.2+0x52/0x52 [ 662.962826] ? __debug_object_init+0x581/0x12e0 [ 662.967494] ? lock_downgrade+0x8f0/0x8f0 02:46:44 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x20000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:44 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4919010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 662.971641] should_fail.cold.4+0xa/0x11 [ 662.975700] ? kasan_check_read+0x11/0x20 [ 662.979842] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 662.984939] ? kasan_check_write+0x14/0x20 [ 662.989256] ? trace_hardirqs_on+0xd/0x10 [ 662.993401] ? __debug_object_init+0x581/0x12e0 [ 662.998063] ? kasan_check_read+0x11/0x20 [ 663.002212] ? debug_object_free+0x690/0x690 [ 663.006612] ? kasan_check_write+0x14/0x20 [ 663.010850] ? lock_acquire+0x1e4/0x540 [ 663.014826] ? fs_reclaim_acquire+0x20/0x20 02:46:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 663.019151] ? lock_downgrade+0x8f0/0x8f0 [ 663.023303] ? check_same_owner+0x340/0x340 [ 663.027624] ? wb_congested_get_create+0x187/0x470 [ 663.032557] ? rcu_note_context_switch+0x730/0x730 [ 663.037485] __should_failslab+0x124/0x180 [ 663.041715] should_failslab+0x9/0x14 [ 663.045510] kmem_cache_alloc_trace+0x2cb/0x780 [ 663.050175] ? kasan_check_write+0x14/0x20 [ 663.054406] ? do_raw_spin_lock+0xc1/0x200 [ 663.058636] wb_congested_get_create+0x1d2/0x470 [ 663.063388] ? wb_wakeup_delayed+0xf0/0xf0 [ 663.067619] ? __lockdep_init_map+0x105/0x590 [ 663.072111] wb_init+0x636/0xa00 [ 663.075472] ? bdi_put+0x180/0x180 [ 663.079007] ? bdi_alloc_node+0x67/0xe0 [ 663.082979] ? super_setup_bdi+0x7f/0xb0 [ 663.087046] ? __lockdep_init_map+0x105/0x590 [ 663.091537] ? legacy_get_tree+0x118/0x440 [ 663.095768] ? lockdep_init_map+0x9/0x10 [ 663.099825] ? debug_mutex_init+0x2d/0x60 [ 663.103972] ? __ia32_sys_membarrier+0x150/0x150 [ 663.108721] ? __lockdep_init_map+0x105/0x590 [ 663.113212] ? __init_waitqueue_head+0x9e/0x150 [ 663.117877] ? __lockdep_init_map+0x105/0x590 [ 663.122366] ? lockdep_init_map+0x9/0x10 [ 663.126422] ? __raw_spin_lock_init+0x2d/0x100 [ 663.130997] bdi_init+0x30d/0x4d0 [ 663.134445] ? wb_init+0xa00/0xa00 [ 663.137980] ? kasan_unpoison_shadow+0x35/0x50 [ 663.142556] ? kasan_kmalloc+0xc4/0xe0 [ 663.146441] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 663.151716] bdi_alloc_node+0x81/0xe0 [ 663.155514] super_setup_bdi_name+0x95/0x240 [ 663.159920] ? kill_block_super+0x100/0x100 [ 663.164239] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.169772] ? ns_capable_common+0x13f/0x170 [ 663.174177] super_setup_bdi+0x7f/0xb0 [ 663.178060] v9fs_mount+0x268/0x900 [ 663.181688] ? v9fs_drop_inode+0x150/0x150 [ 663.185916] legacy_get_tree+0x118/0x440 [ 663.189973] vfs_get_tree+0x1cb/0x5c0 [ 663.193769] do_mount+0x6c1/0x1fb0 [ 663.197305] ? check_same_owner+0x340/0x340 [ 663.201623] ? lock_release+0xa30/0xa30 [ 663.205593] ? copy_mount_string+0x40/0x40 [ 663.209827] ? retint_kernel+0x10/0x10 [ 663.213716] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 663.219252] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.224790] ? copy_mount_options+0x285/0x380 [ 663.229282] ksys_mount+0x12d/0x140 [ 663.232908] __x64_sys_mount+0xbe/0x150 [ 663.237390] do_syscall_64+0x1b9/0x820 [ 663.241275] ? finish_task_switch+0x1d3/0x870 [ 663.245769] ? syscall_return_slowpath+0x5e0/0x5e0 [ 663.250706] ? syscall_return_slowpath+0x31d/0x5e0 [ 663.255632] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 663.260643] ? prepare_exit_to_usermode+0x291/0x3b0 [ 663.265654] ? perf_trace_sys_enter+0xb10/0xb10 [ 663.270322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 663.275168] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 663.280348] RIP: 0033:0x455e29 [ 663.283526] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 663.302797] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 663.310502] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 02:46:44 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970d7", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 663.317764] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 663.325026] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 663.332300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 663.339558] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000043 02:46:44 executing program 6 (fault-call:7 fault-nth:68): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:44 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:44 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000002c0)={0xffffffff}, 0x13f, 0xa}}, 0x20) write$RDMA_USER_CM_CMD_REJECT(r2, &(0x7f0000000480)={0x9, 0x108, 0xfa00, {r3, 0x61, '\x00 \x00', "7dc27b3e63a726ce0597757a9412f3da87f731c4c0626dd24d96a0f8f5603290dd1620ec9b468fee59f8baf2c095d3257e1f25f4eb7fbf89f826a93950ef447cecf0570d63d593ff0f1ad36ed39efb5abc1008d814f3cb36c9545ffa5538b2bd4012b65208951fe493634b1fdd8dd3f9a7ff1593b32cd3e4717e2f737a5f3d003f3f462eede2d28a6cf5ff3c2a5a778517259f2516e8e7505f967d8dbf0d55dfd5e660c5402099384e8988a140c8f2fc9c4e7a648be18ac6cab9aa69f44fb5f7f70adc4e12006ebaa84713d523a23538beca790f8f3b51c4aaf7d0e1eb638609e58d3e7c978d0eb4692a1aac1a99aa78562e210ee836ee4abed94d824581fc44"}}, 0x110) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans,rfdno=\x00\x00\x00', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB="2c00abdfb89f339f37e296407c6b37ccb5c629fd8de5ae6890de7c"]) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) getsockname$netlink(r0, &(0x7f0000000380), &(0x7f00000005c0)=0xc) 02:46:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:44 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x2}}], 0x1, 0x0) 02:46:44 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:44 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x900, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 663.672734] FAULT_INJECTION: forcing a failure. [ 663.672734] name failslab, interval 1, probability 0, space 0, times 0 [ 663.684022] CPU: 1 PID: 8568 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 663.692345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 663.701698] Call Trace: [ 663.704295] dump_stack+0x1c9/0x2b4 [ 663.707927] ? dump_stack_print_info.cold.2+0x52/0x52 [ 663.713127] should_fail.cold.4+0xa/0x11 [ 663.717196] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 663.722305] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 663.727849] ? rcu_note_context_switch+0x730/0x730 [ 663.732788] ? up_write+0x7b/0x220 [ 663.736332] ? up_read+0x110/0x110 [ 663.739881] ? down_read+0x1d0/0x1d0 [ 663.743608] ? lock_acquire+0x1e4/0x540 [ 663.747590] ? fs_reclaim_acquire+0x20/0x20 [ 663.751921] ? lock_downgrade+0x8f0/0x8f0 [ 663.756073] ? sget_userns+0x2c2/0x860 [ 663.759964] ? check_same_owner+0x340/0x340 [ 663.764291] ? rcu_note_context_switch+0x730/0x730 02:46:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 663.769238] __should_failslab+0x124/0x180 [ 663.773481] should_failslab+0x9/0x14 [ 663.777286] kmem_cache_alloc_node_trace+0x26f/0x770 [ 663.782399] bdi_alloc_node+0x67/0xe0 [ 663.786202] super_setup_bdi_name+0x95/0x240 [ 663.790613] ? kill_block_super+0x100/0x100 [ 663.794941] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.800486] ? ns_capable_common+0x13f/0x170 [ 663.804908] super_setup_bdi+0x7f/0xb0 [ 663.808804] v9fs_mount+0x268/0x900 [ 663.812436] ? v9fs_drop_inode+0x150/0x150 [ 663.816680] legacy_get_tree+0x118/0x440 02:46:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 663.820749] vfs_get_tree+0x1cb/0x5c0 [ 663.824559] do_mount+0x6c1/0x1fb0 [ 663.828103] ? kasan_check_write+0x14/0x20 [ 663.832344] ? copy_mount_string+0x40/0x40 [ 663.836584] ? retint_kernel+0x10/0x10 [ 663.840480] ? copy_mount_options+0x213/0x380 [ 663.844975] ? copy_mount_options+0x19c/0x380 [ 663.849473] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.855013] ? copy_mount_options+0x285/0x380 [ 663.859518] ksys_mount+0x12d/0x140 [ 663.863148] __x64_sys_mount+0xbe/0x150 [ 663.867126] do_syscall_64+0x1b9/0x820 02:46:44 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 663.871011] ? finish_task_switch+0x1d3/0x870 [ 663.875522] ? syscall_return_slowpath+0x5e0/0x5e0 [ 663.880455] ? syscall_return_slowpath+0x31d/0x5e0 [ 663.885389] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 663.890407] ? prepare_exit_to_usermode+0x291/0x3b0 [ 663.895427] ? perf_trace_sys_enter+0xb10/0xb10 [ 663.900101] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 663.904956] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 663.910139] RIP: 0033:0x455e29 02:46:45 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x0, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 663.913318] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 663.932594] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 663.940308] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 663.947581] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 663.954852] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 663.962121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:45 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970fe", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 663.969385] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000044 [ 663.992280] 9pnet_virtio: no channels available for device (null) 02:46:45 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xa}}], 0x1, 0x0) 02:46:45 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:45 executing program 6 (fault-call:7 fault-nth:69): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:45 executing program 4: pipe2$9p(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000380)='./file0\x00', 0x1) r2 = dup2(r1, r0) recvmsg$kcm(r2, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000100)=""/15, 0xf}, {&(0x7f0000000140)=""/19, 0x13}, {&(0x7f0000000480)=""/15, 0xf}, {&(0x7f0000000500)=""/71, 0x47}, {&(0x7f0000000580)=""/133, 0x85}, {&(0x7f0000000640)=""/206, 0xce}, {&(0x7f0000000740)=""/84, 0x54}, {&(0x7f00000007c0)=""/106, 0x6a}, {&(0x7f0000000940)=""/190, 0xbe}], 0x9, &(0x7f0000000ac0)=""/128, 0x80, 0x3ff}, 0x40000002) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x200, 0x0) ioctl$PIO_UNISCRNMAP(r3, 0x4b6a, &(0x7f00000002c0)="caea2e775f0e7a2cf1b0f542553788875f1914a5aa5e6e407932a82b73a18666621122ed09debb5b9f2d425d3447390b503ce3ea8b5c01f0f8ec93665170bd2861") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1, {0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x6b3, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:45 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 664.019191] 9pnet_virtio: no channels available for device (null) 02:46:45 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:45 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11af8, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:45 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe803000000000000}}], 0x1, 0x0) 02:46:45 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\t', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:45 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:45 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="397002", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 664.188985] FAULT_INJECTION: forcing a failure. [ 664.188985] name failslab, interval 1, probability 0, space 0, times 0 [ 664.200406] CPU: 0 PID: 8611 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 664.208722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.218076] Call Trace: [ 664.220666] dump_stack+0x1c9/0x2b4 [ 664.224293] ? dump_stack_print_info.cold.2+0x52/0x52 [ 664.229480] ? debug_object_free+0x690/0x690 [ 664.233886] ? lock_release+0xa30/0xa30 [ 664.237858] should_fail.cold.4+0xa/0x11 [ 664.241918] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 664.247038] ? is_bpf_text_address+0xd7/0x170 [ 664.251539] ? __lockdep_init_map+0x105/0x590 [ 664.256032] ? __lockdep_init_map+0x105/0x590 [ 664.260540] ? __lockdep_init_map+0x105/0x590 [ 664.265033] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 664.270568] ? put_dec_trunc8+0x273/0x300 [ 664.274709] ? put_dec+0x3b/0xf0 [ 664.278089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 664.283747] ? lock_acquire+0x1e4/0x540 [ 664.287718] ? fs_reclaim_acquire+0x20/0x20 [ 664.292123] ? lock_downgrade+0x8f0/0x8f0 [ 664.296272] ? check_same_owner+0x340/0x340 [ 664.300592] ? device_pm_sleep_init+0xf0/0x210 [ 664.305172] ? rcu_note_context_switch+0x730/0x730 [ 664.310099] __should_failslab+0x124/0x180 [ 664.314340] should_failslab+0x9/0x14 [ 664.318137] __kmalloc_track_caller+0x2c4/0x760 [ 664.322803] ? pointer+0x990/0x990 [ 664.326339] ? kvasprintf_const+0x67/0x190 [ 664.330587] kvasprintf+0xb1/0x140 [ 664.334123] ? bust_spinlocks+0xe0/0xe0 [ 664.338095] ? kasan_kmalloc+0xc4/0xe0 [ 664.341979] kvasprintf_const+0x67/0x190 [ 664.346035] kobject_set_name_vargs+0x5b/0x150 [ 664.350625] device_create_groups_vargs+0x1ce/0x270 [ 664.355640] device_create_vargs+0x46/0x60 [ 664.359876] bdi_register_va.part.12+0xc3/0x9c0 [ 664.364715] ? lockdep_init_map+0x9/0x10 [ 664.368770] ? cgwb_kill+0x640/0x640 [ 664.372502] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 664.378031] ? bdi_init+0x3d0/0x4d0 [ 664.381650] ? wb_init+0xa00/0xa00 [ 664.385187] ? kasan_unpoison_shadow+0x35/0x50 [ 664.389766] ? kasan_kmalloc+0xc4/0xe0 [ 664.393650] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 664.398924] bdi_register_va+0x68/0x80 [ 664.402808] super_setup_bdi_name+0x12d/0x240 [ 664.407299] ? kill_block_super+0x100/0x100 [ 664.411617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 664.417148] ? ns_capable_common+0x13f/0x170 [ 664.421562] super_setup_bdi+0x7f/0xb0 [ 664.425445] v9fs_mount+0x268/0x900 [ 664.429072] ? v9fs_drop_inode+0x150/0x150 [ 664.433301] legacy_get_tree+0x118/0x440 [ 664.437356] vfs_get_tree+0x1cb/0x5c0 [ 664.441151] do_mount+0x6c1/0x1fb0 [ 664.444689] ? kasan_check_write+0x14/0x20 [ 664.448920] ? copy_mount_string+0x40/0x40 [ 664.453153] ? kasan_kmalloc+0xc4/0xe0 [ 664.457035] ? kmem_cache_alloc_trace+0x318/0x780 [ 664.461877] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 664.467413] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 664.472946] ? copy_mount_options+0x285/0x380 [ 664.477439] ksys_mount+0x12d/0x140 [ 664.481073] __x64_sys_mount+0xbe/0x150 [ 664.485044] do_syscall_64+0x1b9/0x820 [ 664.488924] ? syscall_slow_exit_work+0x500/0x500 [ 664.493766] ? syscall_return_slowpath+0x5e0/0x5e0 [ 664.498690] ? syscall_return_slowpath+0x31d/0x5e0 [ 664.503618] ? prepare_exit_to_usermode+0x291/0x3b0 [ 664.508630] ? perf_trace_sys_enter+0xb10/0xb10 [ 664.513309] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 664.518150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 664.523331] RIP: 0033:0x455e29 02:46:45 executing program 6 (fault-call:7 fault-nth:70): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 664.526507] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 664.545768] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 664.553476] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 664.560738] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 664.567998] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 664.575272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 664.582533] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000045 02:46:45 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) write$P9_RWSTAT(r1, &(0x7f0000000080)={0x7, 0x7f, 0x1}, 0x7) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:45 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe087ffffffff, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:45 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x700000000000000}}], 0x1, 0x0) 02:46:45 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)) r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:45 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:46 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:46 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970e0", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:46 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ppp\x00', 0x3, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000a00)={'ip_vti0\x00', 0x200}) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) syz_mount_image$jfs(&(0x7f0000000080)='jfs\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x7, &(0x7f0000000940)=[{&(0x7f0000000580)="d7c34e187f9a1fde025b7f3bdd9a952837b2e7528e9591c9b13a52f446f7fdde98f136c54725b22ca74c977d011f3283fbd183fe48405da8ae1b4504dced36af06", 0x41, 0x10001}, {&(0x7f0000000600)="f9c0fc00e7cc65af8d7738203b45e02a7667184c1e44657fc8c754156fa48d028cf8dcf32f2b762a393fdad21fc234daae9f13dcb917d0d905c049fefa246ced8bc90bd7693968661f19d5083d836c7aa2ac38aace459e9f6221fb878f2b41d6538b9ed98ef3c4a5e9df85c1781894f5a445bdfdcc3986d188080f696ed3dec54de2200c16e7eab14bb3c34d47b951c8b6897395e55a39b5cbba744a24ee6416", 0xa0, 0x8}, {&(0x7f00000006c0)="e5870271ba74cce23eeedec5afd8e81370aec21ed4a00f7ede8305c84bf83e902451e690615e8e38672788ac4dda32c800b2f5e25cd39e6d19122b403630b0e0e3267198085c1bbcc09c138c13e2fe36a6f66c528feae3a16ed93a4dcb742f7a3a23d1bd60ecb15987860af299e647fdf67f22fe73789215fcd774dea676f6a3ffb9aed0709b0a493b5d55908929c7c26c1bab3c27ef43669d200fe12e55aa82d2055899a7e5f56bade0", 0xaa, 0x7ff}, {&(0x7f0000000780)="cd933e556ee20dd397eb6b91c2b77c364195a9e3cc36e56c26d4955bf8ccca1460aaeafce634b49063fac508f1206453402465d1e1cd29", 0x37, 0x46}, {&(0x7f00000007c0)="1958dd92373f956a4d0b1f0281abfc5d419cad9f411cbac8bd0ccc56a088ad31b3ebd5e0f44d66e657697e5da125af4a3cda41004b7de4d3d30fab8c", 0x3c, 0x6}, {&(0x7f0000000800)="a0c769f353cda67aeb4c2f79f6b11385c8e8f6f5e47d60262055", 0x1a, 0xfffffffffffffffa}, {&(0x7f0000000840)="20c557765cb39abe4927d40a018395f780b66f287bd539e68d38", 0x1a, 0x3}], 0x200000, &(0x7f0000000880)={[{@nodiscard='nodiscard', 0x2c}, {@errors_continue='errors=continue', 0x2c}, {@integrity='integrity', 0x2c}, {@resize_size={'resize', 0x3d, [0x32, 0x78, 0x30, 0x37, 0x35, 0x0, 0x3f, 0x78, 0x2d, 0x33]}, 0x2c}, {@resize='resize', 0x2c}, {@errors_continue='errors=continue', 0x2c}, {@nodiscard='nodiscard', 0x2c}]}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a6000000290100000000000000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000200000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002ea9dc000000000000000000000000000000000000000000000000000007002e2f66e96c65300000000000000000000000000000000000000000000007002e2f66696c6530"], 0xa6) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000002000)=@framed={{0xffffffb7, 0x0, 0x0, 0x0, 0x0, 0x7}, [], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f0000006f3d)=""/195}, 0x48) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg(r4, &(0x7f0000000580)={&(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2=0xe0000002}}}, 0x26, &(0x7f00000001c0), 0x0, &(0x7f0000000200)}, 0x0) setsockopt$sock_attach_bpf(r4, 0x1, 0x34, &(0x7f0000009000)=r3, 0x4) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="2c7766646e6f3d7e94e69bf7708873ae5a160648a77bce9adb247f66a48a661d48be5817e83698a23388e744a6b92b50810abc1e3ed750bbc10b7725bc9bfc6d557f4af3532bcc6e9c5cc1775f55a8f00e80479225542fa6b0c67b174e68780e15170307e7e1e4ccd295da58f5ae1b513e3f87ce63d36e3ad89a04187a9f97f24dc637cc2b7fe276ddd455f58ca6c4762d88ea48c9b9360895c4953f53", @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) open(&(0x7f0000000180)='./file0\x00', 0xe3aa7194276885d, 0x0) 02:46:46 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x4000000}}], 0x1, 0x0) [ 664.932475] FAULT_INJECTION: forcing a failure. [ 664.932475] name failslab, interval 1, probability 0, space 0, times 0 [ 664.943748] CPU: 1 PID: 8645 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 664.952063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.961414] Call Trace: [ 664.964008] dump_stack+0x1c9/0x2b4 [ 664.967648] ? dump_stack_print_info.cold.2+0x52/0x52 [ 664.972850] should_fail.cold.4+0xa/0x11 [ 664.976918] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 664.982036] ? lock_downgrade+0x8f0/0x8f0 [ 664.986193] ? kasan_check_read+0x11/0x20 [ 664.990339] ? do_raw_spin_unlock+0xa7/0x2f0 [ 664.994734] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 664.999307] ? kasan_check_write+0x14/0x20 [ 665.003531] ? do_raw_spin_lock+0xc1/0x200 [ 665.007771] ? trace_hardirqs_on+0xd/0x10 [ 665.011917] ? lock_acquire+0x1e4/0x540 [ 665.015893] ? fs_reclaim_acquire+0x20/0x20 [ 665.020215] ? lock_downgrade+0x8f0/0x8f0 [ 665.024374] ? check_same_owner+0x340/0x340 02:46:46 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe8030000}}], 0x1, 0x0) 02:46:46 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 665.028706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.034251] ? rcu_note_context_switch+0x730/0x730 [ 665.039188] __should_failslab+0x124/0x180 [ 665.043430] should_failslab+0x9/0x14 [ 665.047237] kmem_cache_alloc_trace+0x2cb/0x780 [ 665.051911] ? lockdep_init_map+0x9/0x10 [ 665.055986] ? debug_mutex_init+0x2d/0x60 [ 665.060139] device_create_groups_vargs+0xa7/0x270 [ 665.065072] device_create_vargs+0x46/0x60 [ 665.069313] bdi_register_va.part.12+0xc3/0x9c0 [ 665.073980] ? lockdep_init_map+0x9/0x10 [ 665.078041] ? cgwb_kill+0x640/0x640 [ 665.081760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.087296] ? bdi_init+0x3d0/0x4d0 [ 665.090926] ? wb_init+0xa00/0xa00 [ 665.094470] ? kasan_unpoison_shadow+0x35/0x50 [ 665.099059] ? kasan_kmalloc+0xc4/0xe0 [ 665.102944] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 665.108211] bdi_register_va+0x68/0x80 [ 665.112085] super_setup_bdi_name+0x12d/0x240 [ 665.116579] ? kill_block_super+0x100/0x100 [ 665.120907] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.126456] ? ns_capable_common+0x13f/0x170 02:46:46 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xeffdffff}}], 0x1, 0x0) [ 665.130871] super_setup_bdi+0x7f/0xb0 [ 665.134759] v9fs_mount+0x268/0x900 [ 665.138392] ? v9fs_drop_inode+0x150/0x150 [ 665.142620] legacy_get_tree+0x118/0x440 [ 665.146676] vfs_get_tree+0x1cb/0x5c0 [ 665.150476] do_mount+0x6c1/0x1fb0 [ 665.152791] FS-Cache: Duplicate cookie detected [ 665.154016] ? kasan_check_write+0x14/0x20 [ 665.154034] ? copy_mount_string+0x40/0x40 [ 665.154049] ? kasan_kmalloc+0xc4/0xe0 [ 665.154065] ? kmem_cache_alloc_trace+0x318/0x780 [ 665.154085] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 665.158748] FS-Cache: O-cookie c=00000000db29f100 [p=000000002649bb4d fl=222 nc=0 na=1] [ 665.162954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.162974] ? copy_mount_options+0x285/0x380 [ 665.167243] FS-Cache: O-cookie d=00000000d5b355fb n=00000000a34ffdac [ 665.171103] ksys_mount+0x12d/0x140 [ 665.171122] __x64_sys_mount+0xbe/0x150 [ 665.175944] FS-Cache: O-key=[10] ' [ 665.181454] do_syscall_64+0x1b9/0x820 [ 665.181466] ? finish_task_switch+0x1d3/0x870 [ 665.181483] ? syscall_return_slowpath+0x5e0/0x5e0 [ 665.189602] 34 [ 665.195113] ? syscall_return_slowpath+0x31d/0x5e0 [ 665.195131] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 665.199598] 32 [ 665.206066] ? prepare_exit_to_usermode+0x291/0x3b0 [ 665.206083] ? perf_trace_sys_enter+0xb10/0xb10 [ 665.209682] 39 [ 665.213633] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 665.213653] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 665.217167] 35 [ 665.221026] RIP: 0033:0x455e29 [ 665.221033] Code: [ 665.225506] 33 [ 665.230400] 1d ba fb ff c3 [ 665.232200] 33 [ 665.237611] 66 2e 0f 1f 84 00 00 00 [ 665.242638] 32 [ 665.244405] 00 00 66 90 48 89 f8 48 89 [ 665.249435] 32 [ 665.254067] f7 48 89 d6 48 [ 665.255870] 33 [ 665.260673] 89 ca 4d 89 c2 [ 665.265860] 39 [ 665.267624] 4d 89 c8 4c [ 665.270807] ' [ 665.272967] 8b 4c 24 08 0f [ 665.274778] FS-Cache: N-cookie c=000000005a39fab5 [p=000000002649bb4d fl=2 nc=0 na=1] [ 665.277663] 05 <48> 3d 01 f0 [ 665.279468] FS-Cache: N-cookie d=00000000d5b355fb n=00000000cb193253 [ 665.283140] ff ff 0f 83 eb [ 665.284940] FS-Cache: N-key=[10] ' [ 665.288875] b9 fb ff c3 66 [ 665.290676] 34 [ 665.293604] 2e 0f 1f 84 00 [ 665.295409] 32 [ 665.298300] 00 00 00 [ 665.298319] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 [ 665.300098] 39 [ 665.302762] ORIG_RAX: 00000000000000a5 [ 665.302771] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 665.302782] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 665.304474] 35 [ 665.307375] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 02:46:46 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:46 executing program 6 (fault-call:7 fault-nth:71): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 665.307381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 665.307393] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000046 [ 665.315335] 333332323339' 02:46:46 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:46 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:46 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:46 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x4319010000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:46 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe000}}], 0x1, 0x0) 02:46:46 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 665.611853] jfs: Unrecognized mount option "resize=2x075" or missing value [ 665.650904] 9pnet: Insufficient options for proto=fd [ 665.666887] FAULT_INJECTION: forcing a failure. [ 665.666887] name failslab, interval 1, probability 0, space 0, times 0 [ 665.678198] CPU: 0 PID: 8688 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 665.686509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.695849] Call Trace: [ 665.698440] dump_stack+0x1c9/0x2b4 [ 665.702064] ? dump_stack_print_info.cold.2+0x52/0x52 [ 665.707254] ? debug_object_free+0x690/0x690 [ 665.711658] ? lock_release+0xa30/0xa30 [ 665.715634] should_fail.cold.4+0xa/0x11 [ 665.719693] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 665.724788] ? is_bpf_text_address+0xd7/0x170 [ 665.729283] ? __lockdep_init_map+0x105/0x590 [ 665.733776] ? __lockdep_init_map+0x105/0x590 [ 665.738269] ? __lockdep_init_map+0x105/0x590 [ 665.742772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.748309] ? put_dec_trunc8+0x273/0x300 [ 665.752454] ? put_dec+0x3b/0xf0 [ 665.755820] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.761360] ? lock_acquire+0x1e4/0x540 [ 665.765328] ? fs_reclaim_acquire+0x20/0x20 [ 665.769652] ? lock_downgrade+0x8f0/0x8f0 [ 665.773800] ? check_same_owner+0x340/0x340 [ 665.778119] ? device_pm_sleep_init+0xf0/0x210 [ 665.782715] ? rcu_note_context_switch+0x730/0x730 [ 665.787640] __should_failslab+0x124/0x180 [ 665.791876] should_failslab+0x9/0x14 [ 665.795671] __kmalloc_track_caller+0x2c4/0x760 [ 665.800335] ? pointer+0x990/0x990 [ 665.803879] ? kvasprintf_const+0x67/0x190 [ 665.808110] kvasprintf+0xb1/0x140 [ 665.811647] ? bust_spinlocks+0xe0/0xe0 [ 665.815617] ? kasan_kmalloc+0xc4/0xe0 [ 665.819510] kvasprintf_const+0x67/0x190 [ 665.823604] kobject_set_name_vargs+0x5b/0x150 [ 665.828184] device_create_groups_vargs+0x1ce/0x270 [ 665.833197] device_create_vargs+0x46/0x60 [ 665.837429] bdi_register_va.part.12+0xc3/0x9c0 [ 665.842116] ? lockdep_init_map+0x9/0x10 [ 665.846170] ? cgwb_kill+0x640/0x640 [ 665.849882] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.855412] ? bdi_init+0x3d0/0x4d0 [ 665.859032] ? wb_init+0xa00/0xa00 [ 665.862566] ? kasan_unpoison_shadow+0x35/0x50 [ 665.867147] ? kasan_kmalloc+0xc4/0xe0 [ 665.871034] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 665.876312] bdi_register_va+0x68/0x80 [ 665.880195] super_setup_bdi_name+0x12d/0x240 [ 665.884684] ? kill_block_super+0x100/0x100 [ 665.889004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.894553] ? ns_capable_common+0x13f/0x170 [ 665.898962] super_setup_bdi+0x7f/0xb0 [ 665.902847] v9fs_mount+0x268/0x900 [ 665.906469] ? v9fs_drop_inode+0x150/0x150 [ 665.910712] legacy_get_tree+0x118/0x440 [ 665.914775] vfs_get_tree+0x1cb/0x5c0 [ 665.918574] do_mount+0x6c1/0x1fb0 [ 665.922113] ? kasan_check_write+0x14/0x20 [ 665.926352] ? copy_mount_string+0x40/0x40 [ 665.930598] ? retint_kernel+0x10/0x10 [ 665.934489] ? copy_mount_options+0x1a1/0x380 [ 665.938982] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 665.943822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.949362] ? copy_mount_options+0x285/0x380 [ 665.953855] ksys_mount+0x12d/0x140 [ 665.957480] __x64_sys_mount+0xbe/0x150 [ 665.961454] do_syscall_64+0x1b9/0x820 [ 665.965334] ? finish_task_switch+0x1d3/0x870 [ 665.969837] ? syscall_return_slowpath+0x5e0/0x5e0 [ 665.974761] ? syscall_return_slowpath+0x31d/0x5e0 [ 665.979687] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 665.984698] ? prepare_exit_to_usermode+0x291/0x3b0 [ 665.989711] ? perf_trace_sys_enter+0xb10/0xb10 [ 665.994390] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 665.999234] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 666.004414] RIP: 0033:0x455e29 [ 666.007592] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 666.026858] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 666.034749] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 666.042011] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 666.049275] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 666.056538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:47 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="397002", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:47 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:47 executing program 6 (fault-call:7 fault-nth:72): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 666.063812] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000047 [ 666.084342] jfs: Unrecognized mount option "resize=2x075" or missing value [ 666.104365] 9pnet: Insufficient options for proto=fd 02:46:47 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d, 0x1}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d, 0x4}, 0x2c}, {@nodevmap='nodevmap', 0x2c}]}}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000080)=ANY=[], 0x48a) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:47 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfe1a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:47 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d34") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:47 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x34000}}], 0x1, 0x0) 02:46:47 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xffffff7f, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:47 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 666.382789] FAULT_INJECTION: forcing a failure. [ 666.382789] name failslab, interval 1, probability 0, space 0, times 0 [ 666.394096] CPU: 1 PID: 8718 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 666.402417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.411772] Call Trace: [ 666.414371] dump_stack+0x1c9/0x2b4 [ 666.418006] ? dump_stack_print_info.cold.2+0x52/0x52 [ 666.423206] ? kasan_check_write+0x14/0x20 [ 666.427449] should_fail.cold.4+0xa/0x11 [ 666.431519] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 666.436629] ? mutex_trylock+0x2b0/0x2b0 [ 666.440705] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 666.445721] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 666.450475] ? lock_acquire+0x1e4/0x540 [ 666.454446] ? fs_reclaim_acquire+0x20/0x20 [ 666.458764] ? lock_downgrade+0x8f0/0x8f0 [ 666.462921] ? check_same_owner+0x340/0x340 [ 666.467247] ? lock_acquire+0x1e4/0x540 [ 666.471219] ? get_device_parent.isra.27+0xcd/0x5a0 [ 666.476230] ? rcu_note_context_switch+0x730/0x730 [ 666.481158] __should_failslab+0x124/0x180 [ 666.485391] should_failslab+0x9/0x14 [ 666.489192] __kmalloc_track_caller+0x2c4/0x760 [ 666.493864] ? trace_hardirqs_on+0x10/0x10 [ 666.498095] ? kstrdup_const+0x66/0x80 [ 666.501978] kstrdup+0x39/0x70 [ 666.505168] kstrdup_const+0x66/0x80 [ 666.508882] __kernfs_new_node+0xb0/0x5a0 [ 666.513025] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 666.517776] ? kmem_cache_alloc_trace+0x152/0x780 [ 666.522617] ? device_private_init+0x9f/0x240 [ 666.527105] ? device_add+0xef7/0x16f0 [ 666.530987] ? device_create_vargs+0x46/0x60 [ 666.535396] ? lock_acquire+0x1e4/0x540 [ 666.539362] ? kobject_add_internal+0x31c/0xad0 [ 666.544027] ? lock_downgrade+0x8f0/0x8f0 [ 666.548172] kernfs_new_node+0x80/0xf0 [ 666.552054] kernfs_create_dir_ns+0x3d/0x140 [ 666.556462] sysfs_create_dir_ns+0xbe/0x1d0 [ 666.560779] kobject_add_internal+0x35c/0xad0 [ 666.565278] ? kobj_ns_type_registered+0x60/0x60 [ 666.570031] ? lock_downgrade+0x8f0/0x8f0 [ 666.574173] ? refcount_add_not_zero+0x330/0x330 [ 666.578926] ? kasan_check_read+0x11/0x20 [ 666.583071] kobject_add+0x13f/0x1b0 [ 666.586777] ? kset_create_and_add+0x190/0x190 [ 666.591361] ? mutex_unlock+0xd/0x10 [ 666.595101] device_add+0x3c4/0x16f0 [ 666.598812] ? kasan_kmalloc+0xc4/0xe0 [ 666.602698] ? device_private_init+0x240/0x240 [ 666.607276] ? kfree+0x15e/0x260 [ 666.610640] ? kfree_const+0x5e/0x70 [ 666.614349] device_create_groups_vargs+0x1ff/0x270 [ 666.619360] device_create_vargs+0x46/0x60 [ 666.623591] bdi_register_va.part.12+0xc3/0x9c0 [ 666.628252] ? lockdep_init_map+0x9/0x10 [ 666.632305] ? cgwb_kill+0x640/0x640 [ 666.636012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 666.641541] ? bdi_init+0x3d0/0x4d0 [ 666.645163] ? wb_init+0xa00/0xa00 [ 666.648696] ? kasan_unpoison_shadow+0x35/0x50 [ 666.653273] ? kasan_kmalloc+0xc4/0xe0 [ 666.657159] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 666.662433] bdi_register_va+0x68/0x80 [ 666.666320] super_setup_bdi_name+0x12d/0x240 [ 666.670808] ? kill_block_super+0x100/0x100 [ 666.675130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 666.680664] ? ns_capable_common+0x13f/0x170 [ 666.685068] super_setup_bdi+0x7f/0xb0 [ 666.688952] v9fs_mount+0x268/0x900 [ 666.692575] ? v9fs_drop_inode+0x150/0x150 [ 666.696804] legacy_get_tree+0x118/0x440 [ 666.700860] vfs_get_tree+0x1cb/0x5c0 [ 666.704655] do_mount+0x6c1/0x1fb0 [ 666.708193] ? kasan_check_write+0x14/0x20 [ 666.712424] ? copy_mount_string+0x40/0x40 [ 666.716657] ? retint_kernel+0x10/0x10 [ 666.720540] ? copy_mount_options+0x1f0/0x380 [ 666.725033] ? copy_mount_options+0x1fa/0x380 [ 666.729526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 666.735060] ? copy_mount_options+0x285/0x380 [ 666.739551] ksys_mount+0x12d/0x140 [ 666.743171] __x64_sys_mount+0xbe/0x150 [ 666.747141] do_syscall_64+0x1b9/0x820 [ 666.751024] ? finish_task_switch+0x1d3/0x870 [ 666.755514] ? syscall_return_slowpath+0x5e0/0x5e0 [ 666.760438] ? syscall_return_slowpath+0x31d/0x5e0 [ 666.765365] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 666.770379] ? prepare_exit_to_usermode+0x291/0x3b0 [ 666.775409] ? perf_trace_sys_enter+0xb10/0xb10 [ 666.780074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 666.784912] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 666.790095] RIP: 0033:0x455e29 [ 666.793273] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 666.812532] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 666.820236] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 666.827516] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 02:46:47 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x200000000000000}}], 0x1, 0x0) 02:46:47 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xff000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:47 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:47 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:47 executing program 6 (fault-call:7 fault-nth:73): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 666.834783] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 666.842045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 666.849308] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000048 [ 666.856715] kobject_add_internal failed for 9p-1285 (error: -12 parent: bdi) 02:46:48 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x7002e, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:48 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="397010", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:48 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:48 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1c00000000000000}}], 0x1, 0x0) 02:46:48 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11afd, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 667.071138] FAULT_INJECTION: forcing a failure. [ 667.071138] name failslab, interval 1, probability 0, space 0, times 0 [ 667.082414] CPU: 0 PID: 8750 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 667.090708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.100040] Call Trace: [ 667.102618] dump_stack+0x1c9/0x2b4 [ 667.106229] ? dump_stack_print_info.cold.2+0x52/0x52 [ 667.111410] should_fail.cold.4+0xa/0x11 [ 667.115455] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 667.120542] ? __isolate_free_page+0x690/0x690 [ 667.125112] ? __account_cfs_rq_runtime+0x770/0x770 [ 667.130115] ? trace_hardirqs_on+0x10/0x10 [ 667.134334] ? trace_hardirqs_on+0x10/0x10 [ 667.138554] ? trace_hardirqs_on+0x10/0x10 [ 667.142778] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 667.147782] __should_failslab+0x124/0x180 [ 667.152009] should_failslab+0x9/0x14 [ 667.155797] kmem_cache_alloc+0x47/0x760 [ 667.159840] ? lock_acquire+0x1e4/0x540 [ 667.163796] ? is_bpf_text_address+0xae/0x170 [ 667.168272] ? lock_downgrade+0x8f0/0x8f0 [ 667.172405] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 667.178100] idr_get_free+0x887/0x10d0 [ 667.181976] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 667.186886] ? __kernel_text_address+0xd/0x40 [ 667.191363] ? unwind_get_return_address+0x61/0xa0 [ 667.196277] ? __save_stack_trace+0x8d/0xf0 [ 667.200586] ? save_stack+0xa9/0xd0 [ 667.204194] ? save_stack+0x43/0xd0 [ 667.207801] ? kasan_kmalloc+0xc4/0xe0 [ 667.211670] ? kasan_slab_alloc+0x12/0x20 [ 667.215808] ? kmem_cache_alloc+0x12e/0x760 [ 667.220115] ? __kernfs_new_node+0xef/0x5a0 [ 667.224415] ? kernfs_new_node+0x80/0xf0 [ 667.228456] ? kernfs_create_dir_ns+0x3d/0x140 [ 667.233031] ? sysfs_create_dir_ns+0xbe/0x1d0 [ 667.237514] ? kobject_add_internal+0x35c/0xad0 [ 667.242174] ? kobject_add+0x13f/0x1b0 [ 667.246044] ? device_create_groups_vargs+0x1ff/0x270 [ 667.251213] ? device_create_vargs+0x46/0x60 [ 667.255607] ? bdi_register_va.part.12+0xc3/0x9c0 [ 667.260437] ? bdi_register_va+0x68/0x80 [ 667.264484] ? super_setup_bdi_name+0x12d/0x240 [ 667.269132] ? super_setup_bdi+0x7f/0xb0 [ 667.273178] ? v9fs_mount+0x268/0x900 [ 667.276959] ? vfs_get_tree+0x1cb/0x5c0 [ 667.280914] ? do_mount+0x6c1/0x1fb0 [ 667.284608] ? ksys_mount+0x12d/0x140 [ 667.288399] ? __x64_sys_mount+0xbe/0x150 [ 667.292529] ? do_syscall_64+0x1b9/0x820 [ 667.296570] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 667.301914] ? fs_reclaim_acquire+0x20/0x20 [ 667.306218] ? lock_downgrade+0x8f0/0x8f0 [ 667.310358] idr_alloc_u32+0x1d4/0x3a0 [ 667.314250] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 667.319074] ? lock_acquire+0x1e4/0x540 [ 667.323034] ? __kernfs_new_node+0x116/0x5a0 [ 667.327436] idr_alloc_cyclic+0x173/0x360 [ 667.331569] ? idr_alloc+0x1b0/0x1b0 [ 667.335265] ? kasan_check_write+0x14/0x20 [ 667.339479] ? do_raw_spin_lock+0xc1/0x200 [ 667.343699] __kernfs_new_node+0x1ab/0x5a0 [ 667.347926] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 667.352664] ? kmem_cache_alloc_trace+0x152/0x780 [ 667.357497] ? device_private_init+0x9f/0x240 [ 667.361971] ? device_add+0xef7/0x16f0 [ 667.365842] ? device_create_vargs+0x46/0x60 [ 667.370233] ? lock_acquire+0x1e4/0x540 [ 667.374187] ? kobject_add_internal+0x31c/0xad0 [ 667.378836] ? lock_downgrade+0x8f0/0x8f0 [ 667.382971] kernfs_new_node+0x80/0xf0 [ 667.386842] kernfs_create_dir_ns+0x3d/0x140 [ 667.391234] sysfs_create_dir_ns+0xbe/0x1d0 [ 667.395535] kobject_add_internal+0x35c/0xad0 [ 667.400015] ? kobj_ns_type_registered+0x60/0x60 [ 667.405580] ? lock_downgrade+0x8f0/0x8f0 [ 667.409715] ? refcount_add_not_zero+0x330/0x330 [ 667.414453] ? kasan_check_read+0x11/0x20 [ 667.418584] kobject_add+0x13f/0x1b0 [ 667.422282] ? kset_create_and_add+0x190/0x190 [ 667.426851] ? mutex_unlock+0xd/0x10 [ 667.430551] device_add+0x3c4/0x16f0 [ 667.434249] ? kasan_kmalloc+0xc4/0xe0 [ 667.438118] ? device_private_init+0x240/0x240 [ 667.442684] ? kfree+0x15e/0x260 [ 667.446035] ? kfree_const+0x5e/0x70 [ 667.449733] device_create_groups_vargs+0x1ff/0x270 [ 667.454733] device_create_vargs+0x46/0x60 [ 667.458950] bdi_register_va.part.12+0xc3/0x9c0 [ 667.463601] ? lockdep_init_map+0x9/0x10 [ 667.467642] ? cgwb_kill+0x640/0x640 [ 667.471343] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 667.476860] ? bdi_init+0x3d0/0x4d0 [ 667.480470] ? wb_init+0xa00/0xa00 [ 667.483994] ? kasan_unpoison_shadow+0x35/0x50 [ 667.488561] ? kasan_kmalloc+0xc4/0xe0 [ 667.492435] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 667.497694] bdi_register_va+0x68/0x80 [ 667.501566] super_setup_bdi_name+0x12d/0x240 [ 667.506046] ? kill_block_super+0x100/0x100 [ 667.510351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 667.515870] ? ns_capable_common+0x13f/0x170 [ 667.520264] super_setup_bdi+0x7f/0xb0 [ 667.524137] v9fs_mount+0x268/0x900 [ 667.527748] ? v9fs_drop_inode+0x150/0x150 [ 667.531964] legacy_get_tree+0x118/0x440 [ 667.536010] vfs_get_tree+0x1cb/0x5c0 [ 667.539799] do_mount+0x6c1/0x1fb0 [ 667.543323] ? check_same_owner+0x340/0x340 [ 667.547626] ? lock_release+0xa30/0xa30 [ 667.551586] ? copy_mount_string+0x40/0x40 [ 667.555801] ? retint_kernel+0x10/0x10 [ 667.559674] ? copy_mount_options+0x1f0/0x380 [ 667.564154] ? copy_mount_options+0x202/0x380 [ 667.568635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 667.574156] ? copy_mount_options+0x285/0x380 [ 667.578637] ksys_mount+0x12d/0x140 [ 667.582249] __x64_sys_mount+0xbe/0x150 [ 667.586211] do_syscall_64+0x1b9/0x820 [ 667.590090] ? syscall_slow_exit_work+0x500/0x500 [ 667.594917] ? syscall_return_slowpath+0x5e0/0x5e0 [ 667.599829] ? syscall_return_slowpath+0x31d/0x5e0 [ 667.604743] ? prepare_exit_to_usermode+0x291/0x3b0 [ 667.609741] ? perf_trace_sys_enter+0xb10/0xb10 [ 667.614399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 667.619224] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 667.624401] RIP: 0033:0x455e29 [ 667.627565] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 667.646733] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 667.654420] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 667.661668] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 667.668916] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 667.676172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 667.683427] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000049 02:46:48 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000080)={0xfffffffffffffd1b, 0x4d, 0x1}, 0x6) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:48 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:48 executing program 6 (fault-call:7 fault-nth:74): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:48 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xc0ed0000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:48 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f76") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:48 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xf401}}], 0x1, 0x0) 02:46:48 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfffffff6, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:48 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="3970de", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:48 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="3970ff", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:48 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:49 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1100000000000000}}], 0x1, 0x0) 02:46:49 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfeffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) [ 667.941426] FAULT_INJECTION: forcing a failure. [ 667.941426] name failslab, interval 1, probability 0, space 0, times 0 [ 667.952707] CPU: 1 PID: 8780 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 667.961018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.970363] Call Trace: [ 667.972948] dump_stack+0x1c9/0x2b4 [ 667.976608] ? dump_stack_print_info.cold.2+0x52/0x52 [ 667.981820] ? __mutex_lock+0x6c4/0x1680 [ 667.985882] should_fail.cold.4+0xa/0x11 [ 667.989942] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 667.995037] ? __mutex_lock+0x6c4/0x1680 [ 667.999093] ? kernfs_add_one+0x4f/0x4d0 [ 668.003153] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 668.008690] ? trace_hardirqs_on+0x10/0x10 [ 668.012928] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 668.017885] ? radix_tree_iter_replace+0x49/0x60 [ 668.022639] ? kernfs_add_one+0x2d4/0x4d0 [ 668.026881] ? lock_acquire+0x1e4/0x540 [ 668.030851] ? fs_reclaim_acquire+0x20/0x20 [ 668.035167] ? lock_downgrade+0x8f0/0x8f0 [ 668.039311] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 668.044248] ? check_same_owner+0x340/0x340 [ 668.048563] ? do_raw_spin_unlock+0xa7/0x2f0 [ 668.052965] ? rcu_note_context_switch+0x730/0x730 [ 668.057892] ? kasan_check_write+0x14/0x20 [ 668.062125] __should_failslab+0x124/0x180 [ 668.066386] should_failslab+0x9/0x14 [ 668.070203] kmem_cache_alloc+0x2af/0x760 [ 668.074347] ? __kernfs_new_node+0x426/0x5a0 [ 668.078753] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 668.083766] __kernfs_new_node+0xef/0x5a0 [ 668.087912] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 668.092669] ? lock_acquire+0x1e4/0x540 [ 668.096641] ? sysfs_do_create_link_sd.isra.2+0x82/0x130 [ 668.102090] ? lock_downgrade+0x8f0/0x8f0 [ 668.106243] ? kasan_check_read+0x11/0x20 [ 668.110386] ? do_raw_spin_unlock+0xa7/0x2f0 [ 668.114793] kernfs_new_node+0x80/0xf0 [ 668.118679] kernfs_create_link+0x33/0x180 [ 668.122912] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 668.128183] sysfs_create_link+0x65/0xc0 [ 668.132239] device_add+0x4a1/0x16f0 [ 668.135947] ? kasan_kmalloc+0xc4/0xe0 [ 668.139830] ? device_private_init+0x240/0x240 [ 668.144406] ? kfree+0x15e/0x260 [ 668.147771] ? kfree_const+0x5e/0x70 [ 668.151480] device_create_groups_vargs+0x1ff/0x270 [ 668.156493] device_create_vargs+0x46/0x60 [ 668.160724] bdi_register_va.part.12+0xc3/0x9c0 [ 668.165431] ? lockdep_init_map+0x9/0x10 [ 668.169487] ? cgwb_kill+0x640/0x640 [ 668.173200] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.178730] ? bdi_init+0x3d0/0x4d0 [ 668.182368] ? wb_init+0xa00/0xa00 [ 668.185901] ? kasan_unpoison_shadow+0x35/0x50 [ 668.190478] ? kasan_kmalloc+0xc4/0xe0 [ 668.194362] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 668.199634] bdi_register_va+0x68/0x80 [ 668.203523] super_setup_bdi_name+0x12d/0x240 [ 668.208012] ? kill_block_super+0x100/0x100 [ 668.212333] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.217862] ? ns_capable_common+0x13f/0x170 [ 668.222272] super_setup_bdi+0x7f/0xb0 [ 668.226156] v9fs_mount+0x268/0x900 [ 668.229778] ? v9fs_drop_inode+0x150/0x150 [ 668.234005] legacy_get_tree+0x118/0x440 [ 668.238064] vfs_get_tree+0x1cb/0x5c0 [ 668.241859] do_mount+0x6c1/0x1fb0 [ 668.245394] ? kasan_check_read+0x11/0x20 [ 668.249537] ? do_raw_spin_unlock+0xa7/0x2f0 [ 668.253943] ? copy_mount_string+0x40/0x40 [ 668.258174] ? retint_kernel+0x10/0x10 [ 668.262057] ? copy_mount_options+0x1f0/0x380 [ 668.266545] ? copy_mount_options+0x202/0x380 [ 668.271036] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.276565] ? copy_mount_options+0x285/0x380 [ 668.281142] ksys_mount+0x12d/0x140 [ 668.284767] __x64_sys_mount+0xbe/0x150 [ 668.288739] do_syscall_64+0x1b9/0x820 [ 668.292620] ? syscall_return_slowpath+0x5e0/0x5e0 [ 668.297546] ? syscall_return_slowpath+0x31d/0x5e0 [ 668.302466] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 668.307478] ? prepare_exit_to_usermode+0x291/0x3b0 [ 668.312490] ? perf_trace_sys_enter+0xb10/0xb10 [ 668.317152] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 668.321989] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 668.327170] RIP: 0033:0x455e29 [ 668.330350] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 668.349644] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 668.357695] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 668.364955] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 668.372215] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 668.379474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:49 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:49 executing program 4: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="646e568c87437fdd550c7b6f3d000000722650ad00000000", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="a6000000290100000000000000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c653000000000000000001100000000600000000000000000c67c5b5172941b9c84b016993a802e07002e2f66696c653000000000000000000000fc000000000000000000000007002e2f665b6c65300000000000000000000000000000000000000000000007002e2f66696c65307c222a8bc3482b76246ef2776198d57d57fb"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) socket(0x19, 0x80004, 0xfffffffffffffe01) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 668.386736] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000004a 02:46:49 executing program 6 (fault-call:7 fault-nth:75): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:49 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:49 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xa00000000000000}}], 0x1, 0x0) 02:46:49 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:49 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xf41a0100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:49 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x45190100, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f7620") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 668.527064] 9pnet_virtio: no channels available for device (null) [ 668.565134] 9pnet_virtio: no channels available for device (null) [ 668.598120] FAULT_INJECTION: forcing a failure. [ 668.598120] name failslab, interval 1, probability 0, space 0, times 0 [ 668.609499] CPU: 0 PID: 8824 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 668.617807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.627150] Call Trace: [ 668.629738] dump_stack+0x1c9/0x2b4 [ 668.633366] ? dump_stack_print_info.cold.2+0x52/0x52 [ 668.638552] ? __mutex_lock+0x6c4/0x1680 [ 668.642607] ? kernfs_add_one+0x4f/0x4d0 [ 668.646663] should_fail.cold.4+0xa/0x11 [ 668.650722] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 668.655818] ? radix_tree_iter_replace+0x49/0x60 [ 668.660569] ? idr_alloc_u32+0x208/0x3a0 [ 668.664625] ? kernfs_add_one+0x2d4/0x4d0 [ 668.668770] ? kasan_check_write+0x14/0x20 [ 668.673003] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 668.677927] ? lock_downgrade+0x8f0/0x8f0 [ 668.682070] ? wait_for_completion+0x8d0/0x8d0 [ 668.686648] ? lock_acquire+0x1e4/0x540 [ 668.690615] ? fs_reclaim_acquire+0x20/0x20 [ 668.694934] ? lock_downgrade+0x8f0/0x8f0 [ 668.699080] ? check_same_owner+0x340/0x340 [ 668.703398] ? rcu_note_context_switch+0x730/0x730 [ 668.708332] __should_failslab+0x124/0x180 [ 668.712564] should_failslab+0x9/0x14 [ 668.716364] kmem_cache_alloc+0x2af/0x760 [ 668.720506] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 668.726039] ? kernfs_link_sibling+0x1d2/0x3b0 [ 668.730618] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 668.735634] __kernfs_new_node+0xef/0x5a0 [ 668.739779] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 668.744530] ? lock_release+0xa30/0xa30 [ 668.748499] ? check_same_owner+0x340/0x340 [ 668.752813] ? kernfs_get+0x24/0x30 [ 668.756437] ? rcu_note_context_switch+0x730/0x730 [ 668.761364] ? acpi_get_bus_type+0x9f/0xc0 [ 668.765592] ? lock_downgrade+0x8f0/0x8f0 [ 668.769734] kernfs_new_node+0x80/0xf0 [ 668.773630] __kernfs_create_file+0x4d/0x330 [ 668.778038] sysfs_add_file_mode_ns+0x21a/0x560 [ 668.782703] sysfs_create_file_ns+0x8b/0xb0 [ 668.787025] device_create_file+0xf4/0x1e0 [ 668.791254] ? acpi_bind_one+0x8f0/0x8f0 [ 668.795309] device_add+0x40b/0x16f0 [ 668.799019] ? kasan_kmalloc+0xc4/0xe0 [ 668.802901] ? device_private_init+0x240/0x240 [ 668.807480] ? kfree+0x15e/0x260 [ 668.810840] ? kfree_const+0x5e/0x70 [ 668.814548] device_create_groups_vargs+0x1ff/0x270 [ 668.819557] device_create_vargs+0x46/0x60 [ 668.823790] bdi_register_va.part.12+0xc3/0x9c0 [ 668.828453] ? lockdep_init_map+0x9/0x10 [ 668.832505] ? cgwb_kill+0x640/0x640 [ 668.836218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.841745] ? bdi_init+0x3d0/0x4d0 [ 668.845371] ? wb_init+0xa00/0xa00 [ 668.848907] ? kasan_unpoison_shadow+0x35/0x50 [ 668.853482] ? kasan_kmalloc+0xc4/0xe0 [ 668.857365] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 668.862639] bdi_register_va+0x68/0x80 [ 668.866523] super_setup_bdi_name+0x12d/0x240 [ 668.871016] ? kill_block_super+0x100/0x100 [ 668.875337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.880867] ? ns_capable_common+0x13f/0x170 [ 668.885275] super_setup_bdi+0x7f/0xb0 [ 668.889160] v9fs_mount+0x268/0x900 [ 668.892784] ? v9fs_drop_inode+0x150/0x150 [ 668.897015] legacy_get_tree+0x118/0x440 [ 668.901073] vfs_get_tree+0x1cb/0x5c0 [ 668.904876] do_mount+0x6c1/0x1fb0 [ 668.908416] ? copy_mount_string+0x40/0x40 [ 668.912649] ? retint_kernel+0x10/0x10 [ 668.916537] ? copy_mount_options+0x213/0x380 [ 668.921028] ? write_comp_data+0x1b/0x70 [ 668.925092] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.930622] ? copy_mount_options+0x285/0x380 [ 668.935115] ksys_mount+0x12d/0x140 [ 668.938737] __x64_sys_mount+0xbe/0x150 [ 668.942709] do_syscall_64+0x1b9/0x820 [ 668.946593] ? finish_task_switch+0x1d3/0x870 [ 668.951088] ? syscall_return_slowpath+0x5e0/0x5e0 [ 668.956011] ? syscall_return_slowpath+0x31d/0x5e0 [ 668.960934] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 668.965945] ? prepare_exit_to_usermode+0x291/0x3b0 [ 668.970962] ? perf_trace_sys_enter+0xb10/0xb10 [ 668.975625] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 668.980469] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 668.985651] RIP: 0033:0x455e29 [ 668.988826] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 669.008092] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 669.015796] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 669.023061] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 669.030325] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 669.037585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:50 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)=ANY=[@ANYBLOB="a6000000290100000000000000000000000000000000000000000000000000000007002e2f66696c653000000000ecffffff000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000000000000007002e2f66696c6530c071c084622e6d4a3f00c1f7aaba0000000000000000000000000000000000000000000007002e2f66696c65300000000000000000000000000000000000"], 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) 02:46:50 executing program 6 (fault-call:7 fault-nth:76): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 669.044852] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000004b 02:46:50 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xeffdffff00000000}}], 0x1, 0x0) 02:46:50 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:50 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:50 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1f00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:50 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xe00, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:50 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x4) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) dup3(r1, r1, 0x80000) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_uid={'access', 0x3d}, 0x2c}]}}) open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) [ 669.402607] FAULT_INJECTION: forcing a failure. [ 669.402607] name failslab, interval 1, probability 0, space 0, times 0 [ 669.413902] CPU: 1 PID: 8853 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 669.422211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.431558] Call Trace: [ 669.434143] dump_stack+0x1c9/0x2b4 [ 669.437770] ? dump_stack_print_info.cold.2+0x52/0x52 [ 669.442964] ? __mutex_lock+0x6c4/0x1680 [ 669.447031] should_fail.cold.4+0xa/0x11 [ 669.451086] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 669.456182] ? __mutex_lock+0x6c4/0x1680 [ 669.460239] ? kernfs_add_one+0x4f/0x4d0 [ 669.464298] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 669.469834] ? trace_hardirqs_on+0x10/0x10 [ 669.474065] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 669.478986] ? radix_tree_iter_replace+0x49/0x60 [ 669.483738] ? kernfs_add_one+0x2d4/0x4d0 [ 669.487880] ? lock_acquire+0x1e4/0x540 [ 669.491850] ? fs_reclaim_acquire+0x20/0x20 [ 669.496165] ? lock_downgrade+0x8f0/0x8f0 [ 669.500309] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 669.505240] ? check_same_owner+0x340/0x340 [ 669.509562] ? do_raw_spin_unlock+0xa7/0x2f0 [ 669.513968] ? rcu_note_context_switch+0x730/0x730 [ 669.518891] ? kasan_check_write+0x14/0x20 [ 669.523122] __should_failslab+0x124/0x180 [ 669.527357] should_failslab+0x9/0x14 [ 669.531154] kmem_cache_alloc+0x2af/0x760 [ 669.535297] ? __kernfs_new_node+0x426/0x5a0 [ 669.539703] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 669.544716] __kernfs_new_node+0xef/0x5a0 [ 669.548861] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 669.553612] ? lock_acquire+0x1e4/0x540 [ 669.557582] ? sysfs_do_create_link_sd.isra.2+0x82/0x130 [ 669.563026] ? lock_downgrade+0x8f0/0x8f0 [ 669.567185] ? kasan_check_read+0x11/0x20 [ 669.571332] ? do_raw_spin_unlock+0xa7/0x2f0 [ 669.575735] kernfs_new_node+0x80/0xf0 [ 669.579619] kernfs_create_link+0x33/0x180 [ 669.583853] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 669.589123] sysfs_create_link+0x65/0xc0 [ 669.593176] device_add+0x4a1/0x16f0 [ 669.596884] ? kasan_kmalloc+0xc4/0xe0 02:46:50 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xe0000000}}], 0x1, 0x0) [ 669.600771] ? device_private_init+0x240/0x240 [ 669.605347] ? kfree+0x15e/0x260 [ 669.608712] ? kfree_const+0x5e/0x70 [ 669.612423] device_create_groups_vargs+0x1ff/0x270 [ 669.617447] device_create_vargs+0x46/0x60 [ 669.621682] bdi_register_va.part.12+0xc3/0x9c0 [ 669.626348] ? lockdep_init_map+0x9/0x10 [ 669.630407] ? cgwb_kill+0x640/0x640 [ 669.634124] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 669.639665] ? bdi_init+0x3d0/0x4d0 [ 669.643294] ? wb_init+0xa00/0xa00 [ 669.646841] ? kasan_unpoison_shadow+0x35/0x50 02:46:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 669.651428] ? kasan_kmalloc+0xc4/0xe0 [ 669.655321] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 669.660603] bdi_register_va+0x68/0x80 [ 669.664501] super_setup_bdi_name+0x12d/0x240 [ 669.669002] ? kill_block_super+0x100/0x100 [ 669.673329] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 669.678870] ? ns_capable_common+0x13f/0x170 [ 669.683285] super_setup_bdi+0x7f/0xb0 [ 669.687179] v9fs_mount+0x268/0x900 [ 669.690813] ? v9fs_drop_inode+0x150/0x150 [ 669.695046] legacy_get_tree+0x118/0x440 [ 669.699110] vfs_get_tree+0x1cb/0x5c0 [ 669.702912] do_mount+0x6c1/0x1fb0 [ 669.706458] ? kasan_check_write+0x14/0x20 [ 669.710695] ? copy_mount_string+0x40/0x40 [ 669.714930] ? kasan_kmalloc+0xc4/0xe0 [ 669.718819] ? kmem_cache_alloc_trace+0x318/0x780 [ 669.723667] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 669.729208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 669.734746] ? copy_mount_options+0x285/0x380 [ 669.739243] ksys_mount+0x12d/0x140 [ 669.742868] __x64_sys_mount+0xbe/0x150 [ 669.746841] do_syscall_64+0x1b9/0x820 02:46:50 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0xfffffff0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:50 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="39708c", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) [ 669.750725] ? finish_task_switch+0x1d3/0x870 [ 669.755216] ? syscall_return_slowpath+0x5e0/0x5e0 [ 669.760142] ? syscall_return_slowpath+0x31d/0x5e0 [ 669.765075] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 669.770094] ? prepare_exit_to_usermode+0x291/0x3b0 [ 669.775113] ? perf_trace_sys_enter+0xb10/0xb10 [ 669.779786] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 669.784636] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 669.789836] RIP: 0033:0x455e29 [ 669.793014] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 669.812281] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 669.819994] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 [ 669.827259] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 669.834559] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 669.841828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 02:46:50 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x900}}], 0x1, 0x0) [ 669.849184] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000004c 02:46:51 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x300000000000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) 02:46:51 executing program 6 (fault-call:7 fault-nth:77): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:51 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)="397003", 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) 02:46:51 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)="397003", 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:51 executing program 4: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d, 0xffff}, 0x7) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x80, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000200)={0x5, 0x0, 0x1, r2}) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r2, 0x800442d2, &(0x7f0000000240)={0x8, &(0x7f0000000480)=[{0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @random}, {0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @remote}, {}, {0x0, 0x0, 0x0, @remote}]}) ioctl$TIOCLINUX2(r2, 0x541c, &(0x7f00000002c0)={0x2, 0x7, 0xc14, 0x7, 0x8, 0x1}) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000580)={0x6, 0xec48, 0x80, 0x101, 0x9, 0x0, 0x0, 0x2, 0x400, 0x1, 0x4}, 0xb) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x3, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='Awfclo=', @ANYRESHEX=r1, @ANYBLOB=',access=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000280)=0x1, 0x4) init_module(&(0x7f0000000300)='ppp0^\x00', 0x6, &(0x7f0000000380)='9p\x00') open(&(0x7f0000000180)='./file0\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r0) 02:46:51 executing program 0: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)={[{@gid={'gid', 0x3d, [0x8bec9582d594fd50, 0x0, 0x7b, 0x37, 0x78, 0x3f]}, 0x2c}, {@nls={'nls', 0x3d, 'macgreek'}, 0x2c}]}) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x11949, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_L='version=9p2000.L', 0x2c}]}}) 02:46:51 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0x1c}}], 0x1, 0x0) 02:46:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x0, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 670.089459] FAULT_INJECTION: forcing a failure. [ 670.089459] name failslab, interval 1, probability 0, space 0, times 0 [ 670.100764] CPU: 1 PID: 8897 Comm: syz-executor6 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 670.109072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.118424] Call Trace: [ 670.121009] dump_stack+0x1c9/0x2b4 [ 670.124633] ? dump_stack_print_info.cold.2+0x52/0x52 [ 670.129816] ? rcu_note_context_switch+0x730/0x730 [ 670.134747] should_fail.cold.4+0xa/0x11 [ 670.138803] ? kasan_check_write+0x14/0x20 [ 670.143032] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 670.148126] ? kernfs_activate+0x8e/0x2c0 [ 670.152269] ? ___ratelimit.cold.2+0x6b/0x6b [ 670.156673] ? mutex_trylock+0x2b0/0x2b0 [ 670.160737] ? kasan_check_write+0x14/0x20 [ 670.164968] ? __radix_tree_replace+0x188/0x2f0 [ 670.169627] ? kernfs_add_one+0x4f/0x4d0 [ 670.173683] ? kernfs_activate+0x21a/0x2c0 [ 670.177915] ? lock_downgrade+0x8f0/0x8f0 [ 670.182060] ? lock_acquire+0x1e4/0x540 [ 670.186029] ? fs_reclaim_acquire+0x20/0x20 [ 670.190346] ? lock_downgrade+0x8f0/0x8f0 [ 670.194494] ? check_same_owner+0x340/0x340 [ 670.198809] ? kasan_check_write+0x14/0x20 [ 670.203043] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 670.207969] ? rcu_note_context_switch+0x730/0x730 [ 670.212895] __should_failslab+0x124/0x180 [ 670.217129] should_failslab+0x9/0x14 [ 670.220925] kmem_cache_alloc+0x2af/0x760 [ 670.225071] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 670.230000] ? kasan_check_write+0x14/0x20 [ 670.234231] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 670.239245] __kernfs_new_node+0xef/0x5a0 [ 670.243390] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 670.248139] ? mutex_unlock+0xd/0x10 [ 670.251848] ? kernfs_activate+0x21a/0x2c0 [ 670.256076] ? kernfs_walk_and_get_ns+0x340/0x340 [ 670.260919] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 670.266452] ? kernfs_link_sibling+0x1d2/0x3b0 [ 670.271032] kernfs_new_node+0x80/0xf0 [ 670.274919] __kernfs_create_file+0x4d/0x330 [ 670.279323] sysfs_add_file_mode_ns+0x21a/0x560 [ 670.283990] internal_create_group+0x282/0x970 [ 670.288623] sysfs_create_groups+0x9b/0x150 [ 670.292942] device_add+0x67e/0x16f0 [ 670.296652] ? kasan_kmalloc+0xc4/0xe0 [ 670.300533] ? device_private_init+0x240/0x240 [ 670.305106] ? kfree+0x15e/0x260 [ 670.308472] ? kfree_const+0x5e/0x70 [ 670.312184] device_create_groups_vargs+0x1ff/0x270 [ 670.317194] device_create_vargs+0x46/0x60 [ 670.321423] bdi_register_va.part.12+0xc3/0x9c0 [ 670.326087] ? lockdep_init_map+0x9/0x10 [ 670.330143] ? cgwb_kill+0x640/0x640 [ 670.333855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.339397] ? bdi_init+0x3d0/0x4d0 [ 670.343015] ? wb_init+0xa00/0xa00 [ 670.346566] ? kasan_unpoison_shadow+0x35/0x50 [ 670.351145] ? kasan_kmalloc+0xc4/0xe0 [ 670.355033] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 670.360306] bdi_register_va+0x68/0x80 [ 670.364192] super_setup_bdi_name+0x12d/0x240 [ 670.368682] ? kill_block_super+0x100/0x100 [ 670.373009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.378540] ? ns_capable_common+0x13f/0x170 [ 670.382949] super_setup_bdi+0x7f/0xb0 [ 670.386835] v9fs_mount+0x268/0x900 [ 670.390460] ? v9fs_drop_inode+0x150/0x150 [ 670.394686] legacy_get_tree+0x118/0x440 [ 670.398745] vfs_get_tree+0x1cb/0x5c0 [ 670.402539] do_mount+0x6c1/0x1fb0 [ 670.406072] ? check_same_owner+0x340/0x340 [ 670.410386] ? lock_release+0xa30/0xa30 [ 670.414359] ? copy_mount_string+0x40/0x40 [ 670.418592] ? kasan_kmalloc+0xc4/0xe0 [ 670.422480] ? kmem_cache_alloc_trace+0x318/0x780 [ 670.427319] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 670.432849] ? _copy_from_user+0xdf/0x150 [ 670.436992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.442523] ? copy_mount_options+0x285/0x380 [ 670.447012] ksys_mount+0x12d/0x140 [ 670.450635] __x64_sys_mount+0xbe/0x150 [ 670.454608] do_syscall_64+0x1b9/0x820 [ 670.458489] ? finish_task_switch+0x1d3/0x870 [ 670.462978] ? syscall_return_slowpath+0x5e0/0x5e0 [ 670.467907] ? syscall_return_slowpath+0x31d/0x5e0 [ 670.472831] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 670.477842] ? prepare_exit_to_usermode+0x291/0x3b0 [ 670.482853] ? perf_trace_sys_enter+0xb10/0xb10 [ 670.487521] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 670.492361] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 670.497542] RIP: 0033:0x455e29 [ 670.500719] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 670.519980] RSP: 002b:00007fc21f6e0c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 670.527679] RAX: ffffffffffffffda RBX: 00007fc21f6e16d4 RCX: 0000000000455e29 02:46:51 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffb000/0x2000)=nil) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000840)=""/4096) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x1000000, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:51 executing program 3: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap='mmap', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@privport='privport', 0x2c}]}}) [ 670.534938] RDX: 0000000020000780 RSI: 0000000020000480 RDI: 0000000000000000 [ 670.542196] RBP: 000000000072bea0 R08: 00000000200007c0 R09: 0000000000000000 [ 670.549458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 670.556719] R13: 00000000004c05ca R14: 00000000004d0070 R15: 000000000000004d 02:46:51 executing program 7: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000500)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:51 executing program 6 (fault-call:7 fault-nth:78): pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) syz_mount_image$ntfs(&(0x7f0000000080)='ntfs\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000ac0)=[{&(0x7f0000000500)='}', 0x1, 0xffffffffffffff01}], 0x1000, &(0x7f0000000740)) write$P9_RREADDIR(r1, &(0x7f00000003c0)={0xa6, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}, {{}, 0x0, 0x0, 0x7, './file0'}]}}, 0xa6) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000007c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) 02:46:51 executing program 2: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000200)={{{@in6=@loopback={0x0, 0x1}, @in=@multicast2=0xe0000002, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@multicast1=0xe0000001, 0x0, 0x2b}, 0x0, @in6=@dev={0xfe, 0x80}, 0x0, 0x0, 0x0, 0x1}}, 0xe8) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000740)=@in={0x2, 0xc67a}, 0x59, &(0x7f0000000600), 0x0, &(0x7f0000000280), 0x0, 0xfffffdef}}], 0x1, 0x0) 02:46:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = epoll_create1(0x0) fcntl$lock(r1, 0x0, &(0x7f0000000000)={0x1}) fcntl$lock(r1, 0x7, &(0x7f0000000180)={0x0, 0x0, 0x101, 0x8}) fcntl$lock(r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4005d52}) fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1}) [ 670.679975] kasan: CONFIG_KASAN_INLINE enabled [ 670.684597] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 670.691971] general protection fault: 0000 [#1] SMP KASAN [ 670.697501] CPU: 0 PID: 8916 Comm: syz-executor4 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 670.705794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.715138] RIP: 0010:kfree+0xa0/0x260 [ 670.718999] Code: 82 cb 01 00 00 48 ba 00 00 00 80 ff 77 00 00 48 01 c2 48 89 df 48 b8 00 00 00 00 00 ea ff ff 48 c1 ea 0c 48 c1 e2 06 48 01 c2 <48> 8b 42 08 a8 01 48 8d 48 ff 48 0f 45 d1 4c 8b 6a 18 49 63 75 74 [ 670.738196] RSP: 0018:ffff88016efaf5d0 EFLAGS: 00010007 [ 670.743539] RAX: ffffea0000000000 RBX: 09f91d7d2cb7c200 RCX: 1ffff1002ddf5ed8 [ 670.750793] RDX: 0027d055f4b2df00 RSI: ffffffff876f3b49 RDI: 09f91d7d2cb7c200 [ 670.758062] RBP: ffff88016efaf5f0 R08: ffff8801a8000640 R09: ffffed002ddf5df8 [ 670.765312] R10: ffffed0039de83b0 R11: 0000000000000001 R12: 0000000000000286 [ 670.772569] R13: ffffffff876f3b83 R14: ffff88016efaf740 R15: ffff880171d638c0 [ 670.779949] FS: 00007f7eaeda5700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 670.788156] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 670.794021] CR2: 000000000044f940 CR3: 00000001c699f000 CR4: 00000000001406f0 [ 670.801275] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 670.808541] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 670.815797] Call Trace: [ 670.818382] p9_client_create+0xf43/0x16c9 [ 670.822611] ? p9_client_read+0xc60/0xc60 [ 670.826742] ? kasan_check_read+0x11/0x20 [ 670.830872] ? lock_acquire+0x1e4/0x540 [ 670.834833] ? fs_reclaim_acquire+0x20/0x20 [ 670.839149] ? lock_release+0xa30/0xa30 [ 670.843112] ? __lockdep_init_map+0x105/0x590 [ 670.847590] ? kasan_check_write+0x14/0x20 [ 670.851818] ? __init_rwsem+0x1cc/0x2a0 [ 670.855769] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 670.860768] ? __kmalloc_track_caller+0x311/0x760 [ 670.865592] ? save_stack+0xa9/0xd0 [ 670.869200] ? save_stack+0x43/0xd0 [ 670.872805] ? kasan_kmalloc+0xc4/0xe0 [ 670.876673] ? kmem_cache_alloc_trace+0x152/0x780 [ 670.881495] ? memcpy+0x45/0x50 [ 670.884757] v9fs_session_init+0x21a/0x1a80 [ 670.889059] ? rcu_note_context_switch+0x730/0x730 [ 670.893966] ? do_mount+0x69e/0x1fb0 [ 670.897674] ? lock_acquire+0x1e4/0x540 [ 670.901640] ? v9fs_show_options+0x7e0/0x7e0 [ 670.906034] ? lock_release+0xa30/0xa30 [ 670.909989] ? check_same_owner+0x340/0x340 [ 670.914291] ? lock_downgrade+0x8f0/0x8f0 [ 670.918419] ? kasan_unpoison_shadow+0x35/0x50 [ 670.922979] ? kasan_kmalloc+0xc4/0xe0 [ 670.926847] ? kmem_cache_alloc_trace+0x318/0x780 [ 670.931669] ? kasan_unpoison_shadow+0x35/0x50 [ 670.936239] ? kasan_kmalloc+0xc4/0xe0 [ 670.940120] v9fs_mount+0x7c/0x900 [ 670.943642] ? v9fs_drop_inode+0x150/0x150 [ 670.947857] legacy_get_tree+0x118/0x440 [ 670.951899] vfs_get_tree+0x1cb/0x5c0 [ 670.955682] do_mount+0x6c1/0x1fb0 [ 670.959203] ? kasan_check_read+0x11/0x20 [ 670.963331] ? do_raw_spin_unlock+0xa7/0x2f0 [ 670.967719] ? copy_mount_string+0x40/0x40 [ 670.971931] ? kasan_kmalloc+0xc4/0xe0 [ 670.975811] ? kmem_cache_alloc_trace+0x318/0x780 [ 670.980650] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.986178] ? copy_mount_options+0x285/0x380 [ 670.990655] ksys_mount+0x12d/0x140 [ 670.994264] __x64_sys_mount+0xbe/0x150 [ 670.998219] do_syscall_64+0x1b9/0x820 [ 671.002084] ? finish_task_switch+0x1d3/0x870 [ 671.006558] ? syscall_return_slowpath+0x5e0/0x5e0 [ 671.011473] ? syscall_return_slowpath+0x31d/0x5e0 [ 671.016391] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 671.021391] ? prepare_exit_to_usermode+0x291/0x3b0 [ 671.026386] ? perf_trace_sys_enter+0xb10/0xb10 [ 671.031037] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 671.035863] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 671.041033] RIP: 0033:0x455e29 [ 671.044203] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 671.063352] RSP: 002b:00007f7eaeda4c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 671.071040] RAX: ffffffffffffffda RBX: 00007f7eaeda56d4 RCX: 0000000000455e29 [ 671.078297] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000 [ 671.085543] RBP: 000000000072bea0 R08: 00000000200001c0 R09: 0000000000000000 [ 671.092795] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 671.100046] R13: 00000000004c05ca R14: 00000000004d0070 R15: 0000000000000000 [ 671.107295] Modules linked in: [ 671.110469] Dumping ftrace buffer: [ 671.113986] (ftrace buffer empty) [ 671.117691] ---[ end trace b98f32b432d779df ]--- [ 671.122431] RIP: 0010:kfree+0xa0/0x260 [ 671.126289] Code: 82 cb 01 00 00 48 ba 00 00 00 80 ff 77 00 00 48 01 c2 48 89 df 48 b8 00 00 00 00 00 ea ff ff 48 c1 ea 0c 48 c1 e2 06 48 01 c2 <48> 8b 42 08 a8 01 48 8d 48 ff 48 0f 45 d1 4c 8b 6a 18 49 63 75 74 [ 671.145412] RSP: 0018:ffff88016efaf5d0 EFLAGS: 00010007 [ 671.150756] RAX: ffffea0000000000 RBX: 09f91d7d2cb7c200 RCX: 1ffff1002ddf5ed8 [ 671.158099] RDX: 0027d055f4b2df00 RSI: ffffffff876f3b49 RDI: 09f91d7d2cb7c200 [ 671.165351] RBP: ffff88016efaf5f0 R08: ffff8801a8000640 R09: ffffed002ddf5df8 [ 671.172604] R10: ffffed0039de83b0 R11: 0000000000000001 R12: 0000000000000286 [ 671.179861] R13: ffffffff876f3b83 R14: ffff88016efaf740 R15: ffff880171d638c0 [ 671.187123] FS: 00007f7eaeda5700(0000) GS:ffff8801dae00000(0000) knlGS:0000000000000000 [ 671.195347] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 671.201205] CR2: 000000000044f940 CR3: 00000001c699f000 CR4: 00000000001406f0 [ 671.208457] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 671.215707] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 671.222953] Kernel panic - not syncing: Fatal exception [ 671.228727] Dumping ftrace buffer: [ 671.232242] (ftrace buffer empty) [ 671.235930] Kernel Offset: disabled [ 671.239536] Rebooting in 86400 seconds..