x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:53 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x0, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:53 executing program 1 (fault-call:18 fault-nth:18): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:53 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 839.419629] FAULT_INJECTION: forcing a failure. [ 839.419629] name failslab, interval 1, probability 0, space 0, times 0 [ 839.430974] CPU: 0 PID: 22308 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 839.438250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 839.447597] Call Trace: [ 839.450202] dump_stack+0x194/0x24d [ 839.453840] ? arch_local_irq_restore+0x53/0x53 [ 839.458502] ? __save_stack_trace+0x7e/0xd0 [ 839.462824] should_fail+0x8c0/0xa40 2018/03/31 10:16:53 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:53 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 839.466537] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 839.471638] ? kasan_kmalloc+0xad/0xe0 [ 839.475516] ? kmem_cache_alloc_trace+0x136/0x740 [ 839.480353] ? __memcg_init_list_lru_node+0x169/0x270 [ 839.485551] ? __list_lru_init+0x544/0x750 [ 839.489790] ? sget_userns+0x691/0xe40 [ 839.493670] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 839.498434] ? do_mount+0xea4/0x2bb0 [ 839.502147] ? SyS_mount+0xab/0x120 [ 839.505769] ? do_syscall_64+0x281/0x940 [ 839.509828] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 839.515194] ? find_held_lock+0x35/0x1d0 2018/03/31 10:16:53 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x0, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:53 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:53 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 839.519257] ? __lock_is_held+0xb6/0x140 [ 839.523337] ? check_same_owner+0x320/0x320 [ 839.527664] ? rcu_note_context_switch+0x710/0x710 [ 839.532590] should_failslab+0xec/0x120 [ 839.536552] kmem_cache_alloc_trace+0x4b/0x740 [ 839.541121] ? __kmalloc_node+0x33/0x70 [ 839.545092] ? __kmalloc_node+0x33/0x70 [ 839.549067] ? rcu_read_lock_sched_held+0x108/0x120 [ 839.554085] __memcg_init_list_lru_node+0x169/0x270 [ 839.559100] ? list_lru_add+0x7c0/0x7c0 [ 839.563070] ? __kmalloc_node+0x47/0x70 [ 839.567043] __list_lru_init+0x544/0x750 [ 839.571090] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 839.576962] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 839.581956] ? __lockdep_init_map+0xe4/0x650 [ 839.586340] ? lockdep_init_map+0x9/0x10 [ 839.590382] sget_userns+0x691/0xe40 [ 839.594071] ? set_anon_super+0x20/0x20 [ 839.598033] ? put_filp+0x90/0x90 [ 839.601470] ? destroy_unused_super.part.6+0xd0/0xd0 [ 839.606548] ? alloc_vfsmnt+0x762/0x9c0 [ 839.610501] ? path_lookupat+0x238/0xba0 [ 839.614544] ? mnt_free_id.isra.21+0x50/0x50 [ 839.618933] ? trace_hardirqs_off+0x10/0x10 [ 839.623236] ? putname+0xee/0x130 [ 839.626673] ? cap_capable+0x1b5/0x230 [ 839.630542] ? security_capable+0x8e/0xc0 [ 839.634675] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 839.639840] ? ns_capable_common+0xcf/0x160 [ 839.644138] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 839.649305] mount_ns+0x6d/0x190 [ 839.652648] rpc_mount+0x9e/0xd0 [ 839.655987] mount_fs+0x66/0x2d0 [ 839.659330] vfs_kern_mount.part.26+0xc6/0x4a0 [ 839.663891] ? may_umount+0xa0/0xa0 [ 839.667501] ? _raw_read_unlock+0x22/0x30 [ 839.671629] ? __get_fs_type+0x8a/0xc0 [ 839.675499] do_mount+0xea4/0x2bb0 [ 839.679021] ? __might_fault+0x110/0x1d0 [ 839.683067] ? copy_mount_string+0x40/0x40 [ 839.687274] ? check_same_owner+0x320/0x320 [ 839.691570] ? __check_object_size+0x8b/0x530 [ 839.696050] ? __might_sleep+0x95/0x190 [ 839.700000] ? kasan_check_write+0x14/0x20 [ 839.704215] ? _copy_from_user+0x99/0x110 [ 839.708337] ? memdup_user+0x5e/0x90 [ 839.712033] ? copy_mount_options+0x1f7/0x2e0 [ 839.716508] SyS_mount+0xab/0x120 [ 839.719936] ? copy_mnt_ns+0xb30/0xb30 [ 839.723804] do_syscall_64+0x281/0x940 [ 839.727668] ? vmalloc_sync_all+0x30/0x30 [ 839.731793] ? _raw_spin_unlock_irq+0x27/0x70 [ 839.736263] ? finish_task_switch+0x1c1/0x7e0 [ 839.740734] ? syscall_return_slowpath+0x550/0x550 [ 839.745643] ? syscall_return_slowpath+0x2ac/0x550 [ 839.750548] ? prepare_exit_to_usermode+0x350/0x350 [ 839.755540] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 839.760883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 839.765704] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 839.770865] RIP: 0033:0x454e79 [ 839.774032] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 839.781725] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 839.788971] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 839.796215] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 839.803459] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 839.810716] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000012 2018/03/31 10:16:53 executing program 1 (fault-call:18 fault-nth:19): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:53 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() [ 840.028137] FAULT_INJECTION: forcing a failure. [ 840.028137] name failslab, interval 1, probability 0, space 0, times 0 [ 840.039446] CPU: 1 PID: 22332 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 840.046716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 840.056062] Call Trace: [ 840.058648] dump_stack+0x194/0x24d [ 840.062275] ? arch_local_irq_restore+0x53/0x53 [ 840.066930] ? __save_stack_trace+0x7e/0xd0 [ 840.071244] should_fail+0x8c0/0xa40 [ 840.074959] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 840.080062] ? kasan_kmalloc+0xad/0xe0 [ 840.083948] ? kmem_cache_alloc_trace+0x136/0x740 [ 840.088791] ? __memcg_init_list_lru_node+0x169/0x270 [ 840.093984] ? __list_lru_init+0x544/0x750 [ 840.098220] ? sget_userns+0x691/0xe40 [ 840.102101] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 840.106843] ? do_mount+0xea4/0x2bb0 [ 840.110529] ? SyS_mount+0xab/0x120 [ 840.114140] ? do_syscall_64+0x281/0x940 [ 840.118189] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 840.123534] ? find_held_lock+0x35/0x1d0 [ 840.127574] ? __lock_is_held+0xb6/0x140 [ 840.131615] ? check_same_owner+0x320/0x320 [ 840.135926] ? rcu_note_context_switch+0x710/0x710 [ 840.140836] should_failslab+0xec/0x120 [ 840.144794] kmem_cache_alloc_trace+0x4b/0x740 [ 840.149352] ? __kmalloc_node+0x33/0x70 [ 840.153299] ? __kmalloc_node+0x33/0x70 [ 840.157249] ? rcu_read_lock_sched_held+0x108/0x120 [ 840.162250] __memcg_init_list_lru_node+0x169/0x270 [ 840.167245] ? list_lru_add+0x7c0/0x7c0 [ 840.171199] ? __kmalloc_node+0x47/0x70 [ 840.175153] __list_lru_init+0x544/0x750 [ 840.179191] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 840.185062] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 840.190058] ? __lockdep_init_map+0xe4/0x650 [ 840.194442] ? lockdep_init_map+0x9/0x10 [ 840.198479] sget_userns+0x691/0xe40 [ 840.202169] ? set_anon_super+0x20/0x20 [ 840.206119] ? put_filp+0x90/0x90 [ 840.209546] ? destroy_unused_super.part.6+0xd0/0xd0 [ 840.214622] ? alloc_vfsmnt+0x762/0x9c0 [ 840.218577] ? path_lookupat+0x238/0xba0 [ 840.222612] ? mnt_free_id.isra.21+0x50/0x50 [ 840.226993] ? trace_hardirqs_off+0x10/0x10 [ 840.231292] ? putname+0xee/0x130 [ 840.234721] ? cap_capable+0x1b5/0x230 [ 840.238586] ? security_capable+0x8e/0xc0 [ 840.242710] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 840.247882] ? ns_capable_common+0xcf/0x160 [ 840.252181] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 840.257344] mount_ns+0x6d/0x190 [ 840.260687] rpc_mount+0x9e/0xd0 [ 840.264035] mount_fs+0x66/0x2d0 [ 840.267378] vfs_kern_mount.part.26+0xc6/0x4a0 [ 840.271935] ? may_umount+0xa0/0xa0 [ 840.275540] ? _raw_read_unlock+0x22/0x30 [ 840.279662] ? __get_fs_type+0x8a/0xc0 [ 840.283525] do_mount+0xea4/0x2bb0 [ 840.287039] ? __might_fault+0x110/0x1d0 [ 840.291083] ? copy_mount_string+0x40/0x40 [ 840.295298] ? check_same_owner+0x320/0x320 [ 840.299608] ? __check_object_size+0x8b/0x530 [ 840.304093] ? __might_sleep+0x95/0x190 [ 840.308051] ? kasan_check_write+0x14/0x20 [ 840.312267] ? _copy_from_user+0x99/0x110 [ 840.316406] ? memdup_user+0x5e/0x90 [ 840.320112] ? copy_mount_options+0x1f7/0x2e0 [ 840.324602] SyS_mount+0xab/0x120 [ 840.328051] ? copy_mnt_ns+0xb30/0xb30 [ 840.331938] do_syscall_64+0x281/0x940 [ 840.335817] ? vmalloc_sync_all+0x30/0x30 [ 840.339958] ? _raw_spin_unlock_irq+0x27/0x70 [ 840.344442] ? finish_task_switch+0x1c1/0x7e0 [ 840.348925] ? syscall_return_slowpath+0x550/0x550 [ 840.353833] ? syscall_return_slowpath+0x2ac/0x550 [ 840.358740] ? prepare_exit_to_usermode+0x350/0x350 [ 840.363739] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 840.369079] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 840.373895] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 840.379057] RIP: 0033:0x454e79 [ 840.382225] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 840.389906] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 840.397147] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 840.404388] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 840.411631] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 840.418873] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000013 2018/03/31 10:16:54 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:54 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:54 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:54 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") close(0xffffffffffffffff) 2018/03/31 10:16:54 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:54 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x0, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:54 executing program 1 (fault-call:18 fault-nth:20): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:54 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:54 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 840.971575] FAULT_INJECTION: forcing a failure. [ 840.971575] name failslab, interval 1, probability 0, space 0, times 0 [ 840.982881] CPU: 0 PID: 22368 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 840.990669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.000015] Call Trace: [ 841.002604] dump_stack+0x194/0x24d [ 841.006236] ? arch_local_irq_restore+0x53/0x53 [ 841.010903] ? __save_stack_trace+0x7e/0xd0 [ 841.015229] should_fail+0x8c0/0xa40 2018/03/31 10:16:54 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:54 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:54 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 841.018950] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 841.024059] ? kasan_kmalloc+0xad/0xe0 [ 841.027941] ? kmem_cache_alloc_trace+0x136/0x740 [ 841.032781] ? __memcg_init_list_lru_node+0x169/0x270 [ 841.037972] ? __list_lru_init+0x544/0x750 [ 841.042201] ? sget_userns+0x691/0xe40 [ 841.046084] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 841.050841] ? do_mount+0xea4/0x2bb0 [ 841.054556] ? SyS_mount+0xab/0x120 [ 841.058178] ? do_syscall_64+0x281/0x940 [ 841.062238] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 841.067602] ? find_held_lock+0x35/0x1d0 [ 841.071653] ? __lock_is_held+0xb6/0x140 [ 841.075696] ? check_same_owner+0x320/0x320 [ 841.079998] ? rcu_note_context_switch+0x710/0x710 [ 841.084911] should_failslab+0xec/0x120 [ 841.088864] kmem_cache_alloc_trace+0x4b/0x740 [ 841.093422] ? __kmalloc_node+0x33/0x70 [ 841.097377] ? __kmalloc_node+0x33/0x70 [ 841.101331] ? rcu_read_lock_sched_held+0x108/0x120 [ 841.106329] __memcg_init_list_lru_node+0x169/0x270 [ 841.111327] ? list_lru_add+0x7c0/0x7c0 [ 841.115280] ? __kmalloc_node+0x47/0x70 [ 841.119234] __list_lru_init+0x544/0x750 [ 841.123282] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 841.129160] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 841.134160] ? __lockdep_init_map+0xe4/0x650 [ 841.138545] ? lockdep_init_map+0x9/0x10 [ 841.142592] sget_userns+0x691/0xe40 [ 841.146279] ? set_anon_super+0x20/0x20 [ 841.150227] ? put_filp+0x90/0x90 [ 841.153658] ? destroy_unused_super.part.6+0xd0/0xd0 [ 841.158738] ? alloc_vfsmnt+0x762/0x9c0 [ 841.162686] ? path_lookupat+0x238/0xba0 [ 841.166732] ? mnt_free_id.isra.21+0x50/0x50 [ 841.171135] ? trace_hardirqs_off+0x10/0x10 [ 841.175442] ? putname+0xee/0x130 [ 841.178879] ? cap_capable+0x1b5/0x230 [ 841.182753] ? security_capable+0x8e/0xc0 [ 841.186881] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 841.192055] ? ns_capable_common+0xcf/0x160 [ 841.196360] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 841.201532] mount_ns+0x6d/0x190 [ 841.204884] rpc_mount+0x9e/0xd0 [ 841.208234] mount_fs+0x66/0x2d0 [ 841.211587] vfs_kern_mount.part.26+0xc6/0x4a0 [ 841.216152] ? may_umount+0xa0/0xa0 [ 841.219755] ? _raw_read_unlock+0x22/0x30 [ 841.223879] ? __get_fs_type+0x8a/0xc0 [ 841.227744] do_mount+0xea4/0x2bb0 [ 841.231263] ? __might_fault+0x110/0x1d0 [ 841.235304] ? copy_mount_string+0x40/0x40 [ 841.239519] ? check_same_owner+0x320/0x320 [ 841.243816] ? __check_object_size+0x8b/0x530 [ 841.248309] ? __might_sleep+0x95/0x190 [ 841.252264] ? kasan_check_write+0x14/0x20 [ 841.256477] ? _copy_from_user+0x99/0x110 [ 841.260600] ? memdup_user+0x5e/0x90 [ 841.264288] ? copy_mount_options+0x1f7/0x2e0 [ 841.268766] SyS_mount+0xab/0x120 [ 841.272191] ? copy_mnt_ns+0xb30/0xb30 [ 841.276062] do_syscall_64+0x281/0x940 [ 841.279926] ? vmalloc_sync_all+0x30/0x30 [ 841.284051] ? _raw_spin_unlock_irq+0x27/0x70 [ 841.288524] ? finish_task_switch+0x1c1/0x7e0 [ 841.292997] ? syscall_return_slowpath+0x550/0x550 [ 841.297912] ? syscall_return_slowpath+0x2ac/0x550 [ 841.302832] ? prepare_exit_to_usermode+0x350/0x350 [ 841.307841] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 841.313191] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 841.318029] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 841.323201] RIP: 0033:0x454e79 [ 841.326366] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 841.334053] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 841.341308] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 841.348554] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 841.355797] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 841.363045] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000014 2018/03/31 10:16:55 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") close(0xffffffffffffffff) 2018/03/31 10:16:55 executing program 1 (fault-call:18 fault-nth:21): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:55 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x0, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 841.538802] FAULT_INJECTION: forcing a failure. [ 841.538802] name failslab, interval 1, probability 0, space 0, times 0 [ 841.550091] CPU: 1 PID: 22394 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 841.557364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.566713] Call Trace: [ 841.569305] dump_stack+0x194/0x24d [ 841.572924] ? arch_local_irq_restore+0x53/0x53 [ 841.577578] ? __save_stack_trace+0x7e/0xd0 [ 841.581892] should_fail+0x8c0/0xa40 [ 841.585592] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 841.590672] ? kasan_kmalloc+0xad/0xe0 [ 841.594543] ? kmem_cache_alloc_trace+0x136/0x740 [ 841.599369] ? __memcg_init_list_lru_node+0x169/0x270 [ 841.604536] ? __list_lru_init+0x544/0x750 [ 841.608747] ? sget_userns+0x691/0xe40 [ 841.612613] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 841.617347] ? do_mount+0xea4/0x2bb0 [ 841.621044] ? SyS_mount+0xab/0x120 [ 841.624655] ? do_syscall_64+0x281/0x940 [ 841.628700] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 841.634054] ? find_held_lock+0x35/0x1d0 [ 841.638096] ? __lock_is_held+0xb6/0x140 [ 841.642138] ? check_same_owner+0x320/0x320 [ 841.646436] ? rcu_note_context_switch+0x710/0x710 [ 841.651342] should_failslab+0xec/0x120 [ 841.655301] kmem_cache_alloc_trace+0x4b/0x740 [ 841.659871] ? __kmalloc_node+0x33/0x70 [ 841.663834] __memcg_init_list_lru_node+0x169/0x270 [ 841.668829] ? list_lru_add+0x7c0/0x7c0 [ 841.672788] ? __kmalloc_node+0x47/0x70 [ 841.676738] __list_lru_init+0x544/0x750 [ 841.680782] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 841.686646] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 841.691649] ? __lockdep_init_map+0xe4/0x650 [ 841.696049] ? lockdep_init_map+0x9/0x10 [ 841.700091] sget_userns+0x691/0xe40 [ 841.703777] ? set_anon_super+0x20/0x20 [ 841.707724] ? put_filp+0x90/0x90 [ 841.711154] ? destroy_unused_super.part.6+0xd0/0xd0 [ 841.716231] ? alloc_vfsmnt+0x762/0x9c0 [ 841.720181] ? path_lookupat+0x238/0xba0 [ 841.724215] ? mnt_free_id.isra.21+0x50/0x50 [ 841.728600] ? trace_hardirqs_off+0x10/0x10 [ 841.732897] ? putname+0xee/0x130 [ 841.736326] ? cap_capable+0x1b5/0x230 [ 841.740191] ? security_capable+0x8e/0xc0 [ 841.744327] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 841.749504] ? ns_capable_common+0xcf/0x160 [ 841.753813] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 841.758984] mount_ns+0x6d/0x190 [ 841.762329] rpc_mount+0x9e/0xd0 [ 841.765676] mount_fs+0x66/0x2d0 [ 841.769035] vfs_kern_mount.part.26+0xc6/0x4a0 [ 841.773595] ? may_umount+0xa0/0xa0 [ 841.777200] ? _raw_read_unlock+0x22/0x30 [ 841.781328] ? __get_fs_type+0x8a/0xc0 [ 841.785193] do_mount+0xea4/0x2bb0 [ 841.788709] ? __might_fault+0x110/0x1d0 [ 841.792747] ? copy_mount_string+0x40/0x40 [ 841.796958] ? check_same_owner+0x320/0x320 [ 841.801261] ? __check_object_size+0x8b/0x530 [ 841.805742] ? __might_sleep+0x95/0x190 [ 841.809696] ? kasan_check_write+0x14/0x20 [ 841.813906] ? _copy_from_user+0x99/0x110 [ 841.818044] ? memdup_user+0x5e/0x90 [ 841.822051] ? copy_mount_options+0x1f7/0x2e0 [ 841.826528] SyS_mount+0xab/0x120 [ 841.829955] ? copy_mnt_ns+0xb30/0xb30 [ 841.833821] do_syscall_64+0x281/0x940 [ 841.837689] ? vmalloc_sync_all+0x30/0x30 [ 841.841816] ? _raw_spin_unlock_irq+0x27/0x70 [ 841.846289] ? finish_task_switch+0x1c1/0x7e0 [ 841.850769] ? syscall_return_slowpath+0x550/0x550 [ 841.855679] ? syscall_return_slowpath+0x2ac/0x550 [ 841.860588] ? prepare_exit_to_usermode+0x350/0x350 [ 841.865589] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 841.870935] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 841.875777] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 841.880944] RIP: 0033:0x454e79 [ 841.884111] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 841.891809] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 841.899055] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 841.906304] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 841.913557] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 841.920808] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000015 2018/03/31 10:16:55 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:55 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.'}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:55 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x0, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:55 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:55 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:55 executing program 1 (fault-call:18 fault-nth:22): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:55 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x0, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:55 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") close(0xffffffffffffffff) 2018/03/31 10:16:55 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x0, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 842.071995] FAULT_INJECTION: forcing a failure. [ 842.071995] name failslab, interval 1, probability 0, space 0, times 0 [ 842.083369] CPU: 0 PID: 22421 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 842.090643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 842.099984] Call Trace: [ 842.102571] dump_stack+0x194/0x24d [ 842.106196] ? arch_local_irq_restore+0x53/0x53 [ 842.111032] ? __save_stack_trace+0x7e/0xd0 [ 842.115360] should_fail+0x8c0/0xa40 2018/03/31 10:16:55 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) gettid() close(0xffffffffffffffff) 2018/03/31 10:16:55 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:55 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 842.119075] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 842.124867] ? kasan_kmalloc+0xad/0xe0 [ 842.128745] ? kmem_cache_alloc_trace+0x136/0x740 [ 842.133582] ? __memcg_init_list_lru_node+0x169/0x270 [ 842.138771] ? __list_lru_init+0x544/0x750 [ 842.142995] ? sget_userns+0x691/0xe40 [ 842.146867] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 842.151608] ? do_mount+0xea4/0x2bb0 [ 842.155317] ? SyS_mount+0xab/0x120 [ 842.158941] ? do_syscall_64+0x281/0x940 [ 842.162993] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 842.168342] ? find_held_lock+0x35/0x1d0 [ 842.172385] ? __lock_is_held+0xb6/0x140 [ 842.176437] ? check_same_owner+0x320/0x320 [ 842.180739] ? rcu_note_context_switch+0x710/0x710 [ 842.185651] should_failslab+0xec/0x120 [ 842.189605] kmem_cache_alloc_trace+0x4b/0x740 [ 842.194169] ? __kmalloc_node+0x33/0x70 [ 842.198131] __memcg_init_list_lru_node+0x169/0x270 [ 842.203130] ? list_lru_add+0x7c0/0x7c0 [ 842.207081] ? __kmalloc_node+0x47/0x70 [ 842.211040] __list_lru_init+0x544/0x750 [ 842.215085] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 842.220949] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 842.225942] ? __lockdep_init_map+0xe4/0x650 [ 842.230328] ? lockdep_init_map+0x9/0x10 [ 842.234378] sget_userns+0x691/0xe40 [ 842.238210] ? set_anon_super+0x20/0x20 [ 842.242182] ? put_filp+0x90/0x90 [ 842.245615] ? destroy_unused_super.part.6+0xd0/0xd0 [ 842.250693] ? alloc_vfsmnt+0x762/0x9c0 [ 842.254642] ? path_lookupat+0x238/0xba0 [ 842.258679] ? mnt_free_id.isra.21+0x50/0x50 [ 842.263068] ? trace_hardirqs_off+0x10/0x10 [ 842.267367] ? putname+0xee/0x130 [ 842.270797] ? cap_capable+0x1b5/0x230 [ 842.274668] ? security_capable+0x8e/0xc0 [ 842.278804] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 842.283972] ? ns_capable_common+0xcf/0x160 [ 842.288431] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 842.293696] mount_ns+0x6d/0x190 [ 842.297045] rpc_mount+0x9e/0xd0 [ 842.300387] mount_fs+0x66/0x2d0 [ 842.303732] vfs_kern_mount.part.26+0xc6/0x4a0 [ 842.308287] ? may_umount+0xa0/0xa0 [ 842.311898] ? _raw_read_unlock+0x22/0x30 [ 842.316031] ? __get_fs_type+0x8a/0xc0 [ 842.319905] do_mount+0xea4/0x2bb0 [ 842.323421] ? __might_fault+0x110/0x1d0 [ 842.327457] ? copy_mount_string+0x40/0x40 [ 842.331667] ? check_same_owner+0x320/0x320 [ 842.335972] ? __check_object_size+0x8b/0x530 [ 842.340453] ? __might_sleep+0x95/0x190 [ 842.344410] ? kasan_check_write+0x14/0x20 [ 842.348620] ? _copy_from_user+0x99/0x110 [ 842.352743] ? memdup_user+0x5e/0x90 [ 842.356431] ? copy_mount_options+0x1f7/0x2e0 [ 842.360901] SyS_mount+0xab/0x120 [ 842.364332] ? copy_mnt_ns+0xb30/0xb30 [ 842.368205] do_syscall_64+0x281/0x940 [ 842.372077] ? vmalloc_sync_all+0x30/0x30 [ 842.376202] ? _raw_spin_unlock_irq+0x27/0x70 [ 842.380682] ? finish_task_switch+0x1c1/0x7e0 [ 842.385159] ? syscall_return_slowpath+0x550/0x550 [ 842.390064] ? syscall_return_slowpath+0x2ac/0x550 [ 842.394971] ? prepare_exit_to_usermode+0x350/0x350 [ 842.399964] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 842.405302] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 842.410131] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 842.415302] RIP: 0033:0x454e79 [ 842.418464] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 842.426145] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 842.433397] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 842.440649] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 842.447894] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 842.455138] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000016 2018/03/31 10:16:56 executing program 1 (fault-call:18 fault-nth:23): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:56 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.'}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:56 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) gettid() close(0xffffffffffffffff) [ 842.606749] FAULT_INJECTION: forcing a failure. [ 842.606749] name failslab, interval 1, probability 0, space 0, times 0 [ 842.618073] CPU: 1 PID: 22443 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 842.625340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 842.634686] Call Trace: [ 842.637282] dump_stack+0x194/0x24d [ 842.640911] ? arch_local_irq_restore+0x53/0x53 [ 842.645577] ? __save_stack_trace+0x7e/0xd0 [ 842.649903] should_fail+0x8c0/0xa40 [ 842.653631] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 842.658740] ? kasan_kmalloc+0xad/0xe0 [ 842.662642] ? kmem_cache_alloc_trace+0x136/0x740 [ 842.667499] ? __memcg_init_list_lru_node+0x169/0x270 [ 842.672676] ? __list_lru_init+0x544/0x750 [ 842.676888] ? sget_userns+0x691/0xe40 [ 842.680762] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 842.685502] ? do_mount+0xea4/0x2bb0 [ 842.689190] ? SyS_mount+0xab/0x120 [ 842.692794] ? do_syscall_64+0x281/0x940 [ 842.696864] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 842.702226] ? find_held_lock+0x35/0x1d0 [ 842.706288] ? __lock_is_held+0xb6/0x140 [ 842.710337] ? check_same_owner+0x320/0x320 [ 842.714637] ? rcu_note_context_switch+0x710/0x710 [ 842.719543] should_failslab+0xec/0x120 [ 842.723496] kmem_cache_alloc_trace+0x4b/0x740 [ 842.728062] ? __kmalloc_node+0x33/0x70 [ 842.732016] ? __kmalloc_node+0x33/0x70 [ 842.735979] ? rcu_read_lock_sched_held+0x108/0x120 [ 842.740980] __memcg_init_list_lru_node+0x169/0x270 [ 842.745976] ? list_lru_add+0x7c0/0x7c0 [ 842.749928] ? __kmalloc_node+0x47/0x70 [ 842.753879] __list_lru_init+0x544/0x750 [ 842.757916] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 842.763789] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 842.768780] ? __lockdep_init_map+0xe4/0x650 [ 842.773165] ? lockdep_init_map+0x9/0x10 [ 842.777202] sget_userns+0x691/0xe40 [ 842.780894] ? set_anon_super+0x20/0x20 [ 842.784844] ? put_filp+0x90/0x90 [ 842.788271] ? destroy_unused_super.part.6+0xd0/0xd0 [ 842.793358] ? alloc_vfsmnt+0x762/0x9c0 [ 842.797307] ? path_lookupat+0x238/0xba0 [ 842.801341] ? mnt_free_id.isra.21+0x50/0x50 [ 842.805725] ? trace_hardirqs_off+0x10/0x10 [ 842.810031] ? putname+0xee/0x130 [ 842.813461] ? cap_capable+0x1b5/0x230 [ 842.817324] ? security_capable+0x8e/0xc0 [ 842.821448] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 842.826618] ? ns_capable_common+0xcf/0x160 [ 842.830927] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 842.836100] mount_ns+0x6d/0x190 [ 842.839442] rpc_mount+0x9e/0xd0 [ 842.842784] mount_fs+0x66/0x2d0 [ 842.846133] vfs_kern_mount.part.26+0xc6/0x4a0 [ 842.850699] ? may_umount+0xa0/0xa0 [ 842.854307] ? _raw_read_unlock+0x22/0x30 [ 842.858427] ? __get_fs_type+0x8a/0xc0 [ 842.862294] do_mount+0xea4/0x2bb0 [ 842.865810] ? __might_fault+0x110/0x1d0 [ 842.869848] ? copy_mount_string+0x40/0x40 [ 842.874062] ? check_same_owner+0x320/0x320 [ 842.878362] ? __check_object_size+0x8b/0x530 [ 842.882837] ? __might_sleep+0x95/0x190 [ 842.886792] ? kasan_check_write+0x14/0x20 [ 842.891003] ? _copy_from_user+0x99/0x110 [ 842.895139] ? memdup_user+0x5e/0x90 [ 842.898836] ? copy_mount_options+0x1f7/0x2e0 [ 842.903308] SyS_mount+0xab/0x120 [ 842.906736] ? copy_mnt_ns+0xb30/0xb30 [ 842.910600] do_syscall_64+0x281/0x940 [ 842.914466] ? vmalloc_sync_all+0x30/0x30 [ 842.918588] ? _raw_spin_unlock_irq+0x27/0x70 [ 842.923057] ? finish_task_switch+0x1c1/0x7e0 [ 842.927526] ? syscall_return_slowpath+0x550/0x550 [ 842.932432] ? syscall_return_slowpath+0x2ac/0x550 [ 842.937334] ? prepare_exit_to_usermode+0x350/0x350 [ 842.942334] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 842.947682] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 842.952508] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 842.957685] RIP: 0033:0x454e79 [ 842.960855] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 842.968554] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 842.975804] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 842.983057] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 842.990308] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 842.997569] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000017 2018/03/31 10:16:56 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:56 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x0, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:56 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) gettid() close(0xffffffffffffffff) 2018/03/31 10:16:56 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:56 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) 2018/03/31 10:16:56 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x0, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:56 executing program 1 (fault-call:18 fault-nth:24): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:56 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.'}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:56 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:56 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:56 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:56 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x0, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 843.164671] FAULT_INJECTION: forcing a failure. [ 843.164671] name failslab, interval 1, probability 0, space 0, times 0 [ 843.176104] CPU: 1 PID: 22476 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 843.183376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 843.192721] Call Trace: [ 843.195311] dump_stack+0x194/0x24d [ 843.198940] ? arch_local_irq_restore+0x53/0x53 [ 843.203608] ? __save_stack_trace+0x7e/0xd0 [ 843.207933] should_fail+0x8c0/0xa40 [ 843.211655] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 843.216745] ? kasan_kmalloc+0xad/0xe0 [ 843.220622] ? kmem_cache_alloc_trace+0x136/0x740 [ 843.225454] ? __memcg_init_list_lru_node+0x169/0x270 [ 843.230618] ? __list_lru_init+0x544/0x750 [ 843.234827] ? sget_userns+0x691/0xe40 [ 843.238690] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 843.243418] ? do_mount+0xea4/0x2bb0 [ 843.247104] ? SyS_mount+0xab/0x120 [ 843.250709] ? do_syscall_64+0x281/0x940 [ 843.254758] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 843.260104] ? find_held_lock+0x35/0x1d0 [ 843.264142] ? __lock_is_held+0xb6/0x140 [ 843.268183] ? check_same_owner+0x320/0x320 [ 843.272478] ? rcu_note_context_switch+0x710/0x710 [ 843.277388] should_failslab+0xec/0x120 [ 843.281338] kmem_cache_alloc_trace+0x4b/0x740 [ 843.285895] ? __kmalloc_node+0x33/0x70 [ 843.289845] ? __kmalloc_node+0x33/0x70 [ 843.293801] ? rcu_read_lock_sched_held+0x108/0x120 [ 843.298809] __memcg_init_list_lru_node+0x169/0x270 [ 843.303817] ? list_lru_add+0x7c0/0x7c0 [ 843.307772] ? __kmalloc_node+0x47/0x70 [ 843.311724] __list_lru_init+0x544/0x750 [ 843.315762] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 843.321621] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 843.326612] ? __lockdep_init_map+0xe4/0x650 [ 843.330996] ? lockdep_init_map+0x9/0x10 [ 843.335040] sget_userns+0x691/0xe40 [ 843.338725] ? set_anon_super+0x20/0x20 [ 843.342676] ? put_filp+0x90/0x90 [ 843.346107] ? destroy_unused_super.part.6+0xd0/0xd0 [ 843.351188] ? alloc_vfsmnt+0x762/0x9c0 [ 843.355145] ? path_lookupat+0x238/0xba0 [ 843.359179] ? mnt_free_id.isra.21+0x50/0x50 [ 843.363564] ? trace_hardirqs_off+0x10/0x10 [ 843.367860] ? putname+0xee/0x130 [ 843.371288] ? cap_capable+0x1b5/0x230 [ 843.375151] ? security_capable+0x8e/0xc0 [ 843.379275] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 843.384438] ? ns_capable_common+0xcf/0x160 [ 843.388735] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 843.393899] mount_ns+0x6d/0x190 [ 843.397241] rpc_mount+0x9e/0xd0 [ 843.400582] mount_fs+0x66/0x2d0 [ 843.403932] vfs_kern_mount.part.26+0xc6/0x4a0 [ 843.408493] ? may_umount+0xa0/0xa0 [ 843.412094] ? _raw_read_unlock+0x22/0x30 [ 843.416218] ? __get_fs_type+0x8a/0xc0 [ 843.420079] do_mount+0xea4/0x2bb0 [ 843.423592] ? __might_fault+0x110/0x1d0 [ 843.427628] ? copy_mount_string+0x40/0x40 [ 843.431841] ? check_same_owner+0x320/0x320 [ 843.436148] ? __check_object_size+0x8b/0x530 [ 843.440625] ? __might_sleep+0x95/0x190 [ 843.444579] ? kasan_check_write+0x14/0x20 [ 843.448795] ? _copy_from_user+0x99/0x110 [ 843.452916] ? memdup_user+0x5e/0x90 [ 843.456601] ? copy_mount_options+0x1f7/0x2e0 [ 843.461069] SyS_mount+0xab/0x120 [ 843.464494] ? copy_mnt_ns+0xb30/0xb30 [ 843.468357] do_syscall_64+0x281/0x940 [ 843.472224] ? vmalloc_sync_all+0x30/0x30 [ 843.476347] ? _raw_spin_unlock_irq+0x27/0x70 [ 843.480817] ? finish_task_switch+0x1c1/0x7e0 [ 843.485290] ? syscall_return_slowpath+0x550/0x550 [ 843.490194] ? syscall_return_slowpath+0x2ac/0x550 [ 843.495097] ? prepare_exit_to_usermode+0x350/0x350 [ 843.500088] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 843.505428] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 843.510247] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 843.515412] RIP: 0033:0x454e79 [ 843.518574] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 843.526254] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 843.533495] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 843.540737] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 843.547982] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 843.555232] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000018 2018/03/31 10:16:57 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:57 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00'}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:57 executing program 1 (fault-call:18 fault-nth:25): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 843.744097] FAULT_INJECTION: forcing a failure. [ 843.744097] name failslab, interval 1, probability 0, space 0, times 0 [ 843.755445] CPU: 1 PID: 22502 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 843.762710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 843.772051] Call Trace: [ 843.774643] dump_stack+0x194/0x24d [ 843.778272] ? arch_local_irq_restore+0x53/0x53 [ 843.782935] ? __save_stack_trace+0x7e/0xd0 [ 843.787250] should_fail+0x8c0/0xa40 [ 843.790958] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 843.796065] ? kasan_kmalloc+0xad/0xe0 [ 843.799940] ? kmem_cache_alloc_trace+0x136/0x740 [ 843.804759] ? __memcg_init_list_lru_node+0x169/0x270 [ 843.809925] ? __list_lru_init+0x544/0x750 [ 843.814141] ? sget_userns+0x691/0xe40 [ 843.818016] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 843.823100] ? do_mount+0xea4/0x2bb0 [ 843.826786] ? SyS_mount+0xab/0x120 [ 843.830388] ? do_syscall_64+0x281/0x940 [ 843.834424] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 843.839767] ? find_held_lock+0x35/0x1d0 [ 843.843812] ? __lock_is_held+0xb6/0x140 [ 843.847865] ? check_same_owner+0x320/0x320 [ 843.852165] ? rcu_note_context_switch+0x710/0x710 [ 843.857081] should_failslab+0xec/0x120 [ 843.861046] kmem_cache_alloc_trace+0x4b/0x740 [ 843.865606] ? __kmalloc_node+0x33/0x70 [ 843.869560] ? __kmalloc_node+0x33/0x70 [ 843.873507] ? rcu_read_lock_sched_held+0x108/0x120 [ 843.878507] __memcg_init_list_lru_node+0x169/0x270 [ 843.883503] ? list_lru_add+0x7c0/0x7c0 [ 843.887463] ? __kmalloc_node+0x47/0x70 [ 843.891415] __list_lru_init+0x544/0x750 [ 843.895455] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 843.901316] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 843.906306] ? __lockdep_init_map+0xe4/0x650 [ 843.910691] ? lockdep_init_map+0x9/0x10 [ 843.914729] sget_userns+0x691/0xe40 [ 843.918417] ? set_anon_super+0x20/0x20 [ 843.922369] ? put_filp+0x90/0x90 [ 843.925798] ? destroy_unused_super.part.6+0xd0/0xd0 [ 843.930875] ? alloc_vfsmnt+0x762/0x9c0 [ 843.934822] ? path_lookupat+0x238/0xba0 [ 843.938859] ? mnt_free_id.isra.21+0x50/0x50 [ 843.943242] ? trace_hardirqs_off+0x10/0x10 [ 843.947549] ? putname+0xee/0x130 [ 843.950991] ? cap_capable+0x1b5/0x230 [ 843.954861] ? security_capable+0x8e/0xc0 [ 843.958993] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 843.964177] ? ns_capable_common+0xcf/0x160 [ 843.968486] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 843.973656] mount_ns+0x6d/0x190 [ 843.977004] rpc_mount+0x9e/0xd0 [ 843.980356] mount_fs+0x66/0x2d0 [ 843.983707] vfs_kern_mount.part.26+0xc6/0x4a0 [ 843.988269] ? may_umount+0xa0/0xa0 [ 843.991877] ? _raw_read_unlock+0x22/0x30 [ 843.996009] ? __get_fs_type+0x8a/0xc0 [ 843.999888] do_mount+0xea4/0x2bb0 [ 844.003407] ? __might_fault+0x110/0x1d0 [ 844.007451] ? copy_mount_string+0x40/0x40 [ 844.011671] ? check_same_owner+0x320/0x320 [ 844.015974] ? __check_object_size+0x8b/0x530 [ 844.020460] ? __might_sleep+0x95/0x190 [ 844.024421] ? kasan_check_write+0x14/0x20 [ 844.028629] ? _copy_from_user+0x99/0x110 [ 844.032750] ? memdup_user+0x5e/0x90 [ 844.036435] ? copy_mount_options+0x1f7/0x2e0 [ 844.040913] SyS_mount+0xab/0x120 [ 844.044355] ? copy_mnt_ns+0xb30/0xb30 [ 844.048235] do_syscall_64+0x281/0x940 [ 844.052115] ? vmalloc_sync_all+0x30/0x30 [ 844.056257] ? _raw_spin_unlock_irq+0x27/0x70 [ 844.060750] ? finish_task_switch+0x1c1/0x7e0 [ 844.065241] ? syscall_return_slowpath+0x550/0x550 [ 844.070158] ? syscall_return_slowpath+0x2ac/0x550 [ 844.075078] ? prepare_exit_to_usermode+0x350/0x350 [ 844.080089] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 844.085442] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 844.090266] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 844.095430] RIP: 0033:0x454e79 [ 844.098597] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 844.106279] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 844.113521] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 844.120766] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 844.128016] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 844.135263] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000019 2018/03/31 10:16:57 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x0, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:57 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x0, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:57 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00'}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:57 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:57 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:57 executing program 1 (fault-call:18 fault-nth:26): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:57 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) 2018/03/31 10:16:57 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, 0xffffffffffffffff, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) [ 844.257081] FAULT_INJECTION: forcing a failure. [ 844.257081] name failslab, interval 1, probability 0, space 0, times 0 [ 844.268449] CPU: 0 PID: 22532 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 844.275721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.285066] Call Trace: [ 844.287657] dump_stack+0x194/0x24d [ 844.291289] ? arch_local_irq_restore+0x53/0x53 [ 844.295952] ? __save_stack_trace+0x7e/0xd0 [ 844.300279] should_fail+0x8c0/0xa40 [ 844.303980] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 844.309086] ? kasan_kmalloc+0xad/0xe0 [ 844.312969] ? kmem_cache_alloc_trace+0x136/0x740 [ 844.317820] ? __memcg_init_list_lru_node+0x169/0x270 [ 844.323013] ? __list_lru_init+0x544/0x750 [ 844.327235] ? sget_userns+0x691/0xe40 [ 844.331100] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 844.335832] ? do_mount+0xea4/0x2bb0 [ 844.339521] ? SyS_mount+0xab/0x120 [ 844.343120] ? do_syscall_64+0x281/0x940 [ 844.347158] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 844.352501] ? find_held_lock+0x35/0x1d0 [ 844.356538] ? __lock_is_held+0xb6/0x140 [ 844.360581] ? check_same_owner+0x320/0x320 [ 844.364887] ? rcu_note_context_switch+0x710/0x710 [ 844.369803] should_failslab+0xec/0x120 [ 844.373763] kmem_cache_alloc_trace+0x4b/0x740 [ 844.378329] ? __kmalloc_node+0x33/0x70 [ 844.382288] __memcg_init_list_lru_node+0x169/0x270 [ 844.387291] ? list_lru_add+0x7c0/0x7c0 [ 844.391249] ? __kmalloc_node+0x47/0x70 [ 844.395207] __list_lru_init+0x544/0x750 [ 844.399255] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 844.405118] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 844.410118] ? __lockdep_init_map+0xe4/0x650 [ 844.414513] ? lockdep_init_map+0x9/0x10 [ 844.418555] sget_userns+0x691/0xe40 [ 844.422248] ? set_anon_super+0x20/0x20 [ 844.426206] ? put_filp+0x90/0x90 [ 844.429634] ? destroy_unused_super.part.6+0xd0/0xd0 [ 844.434719] ? alloc_vfsmnt+0x762/0x9c0 [ 844.438675] ? path_lookupat+0x238/0xba0 [ 844.442715] ? mnt_free_id.isra.21+0x50/0x50 [ 844.447110] ? trace_hardirqs_off+0x10/0x10 [ 844.451406] ? putname+0xee/0x130 [ 844.454837] ? cap_capable+0x1b5/0x230 [ 844.458702] ? security_capable+0x8e/0xc0 [ 844.462828] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 844.468005] ? ns_capable_common+0xcf/0x160 [ 844.472311] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 844.477478] mount_ns+0x6d/0x190 [ 844.480825] rpc_mount+0x9e/0xd0 [ 844.484172] mount_fs+0x66/0x2d0 [ 844.487518] vfs_kern_mount.part.26+0xc6/0x4a0 [ 844.492084] ? may_umount+0xa0/0xa0 [ 844.495689] ? _raw_read_unlock+0x22/0x30 [ 844.499815] ? __get_fs_type+0x8a/0xc0 [ 844.503681] do_mount+0xea4/0x2bb0 [ 844.507196] ? __might_fault+0x110/0x1d0 [ 844.511241] ? copy_mount_string+0x40/0x40 [ 844.515456] ? check_same_owner+0x320/0x320 [ 844.519754] ? __check_object_size+0x8b/0x530 [ 844.524226] ? __might_sleep+0x95/0x190 [ 844.528177] ? kasan_check_write+0x14/0x20 [ 844.532389] ? _copy_from_user+0x99/0x110 [ 844.536513] ? memdup_user+0x5e/0x90 [ 844.540209] ? copy_mount_options+0x1f7/0x2e0 [ 844.544686] SyS_mount+0xab/0x120 [ 844.548112] ? copy_mnt_ns+0xb30/0xb30 [ 844.551980] do_syscall_64+0x281/0x940 [ 844.555848] ? vmalloc_sync_all+0x30/0x30 [ 844.559975] ? _raw_spin_unlock_irq+0x27/0x70 [ 844.564451] ? finish_task_switch+0x1c1/0x7e0 [ 844.568928] ? syscall_return_slowpath+0x550/0x550 [ 844.573832] ? syscall_return_slowpath+0x2ac/0x550 [ 844.578734] ? prepare_exit_to_usermode+0x350/0x350 [ 844.583725] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 844.589074] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 844.593904] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 844.599079] RIP: 0033:0x454e79 2018/03/31 10:16:58 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:58 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00'}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:58 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x0, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:58 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:58 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x0, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 844.602240] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 844.609921] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 844.617167] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 844.624410] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 844.631654] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 844.638900] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000001a 2018/03/31 10:16:58 executing program 1 (fault-call:18 fault-nth:27): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:58 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:58 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:58 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x0, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 844.800538] FAULT_INJECTION: forcing a failure. [ 844.800538] name failslab, interval 1, probability 0, space 0, times 0 [ 844.811923] CPU: 0 PID: 22554 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 844.819195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.828549] Call Trace: [ 844.831144] dump_stack+0x194/0x24d [ 844.834774] ? arch_local_irq_restore+0x53/0x53 [ 844.839444] ? __save_stack_trace+0x7e/0xd0 [ 844.843767] should_fail+0x8c0/0xa40 [ 844.847492] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 844.852600] ? kasan_kmalloc+0xad/0xe0 [ 844.856495] ? kmem_cache_alloc_trace+0x136/0x740 [ 844.861342] ? __memcg_init_list_lru_node+0x169/0x270 [ 844.866532] ? __list_lru_init+0x544/0x750 [ 844.870767] ? sget_userns+0x691/0xe40 [ 844.874646] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 844.879396] ? do_mount+0xea4/0x2bb0 [ 844.883105] ? SyS_mount+0xab/0x120 [ 844.886733] ? do_syscall_64+0x281/0x940 [ 844.890792] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 844.896154] ? find_held_lock+0x35/0x1d0 2018/03/31 10:16:58 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:58 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 844.900218] ? __lock_is_held+0xb6/0x140 [ 844.904286] ? check_same_owner+0x320/0x320 [ 844.908612] ? rcu_note_context_switch+0x710/0x710 [ 844.913545] should_failslab+0xec/0x120 [ 844.917521] kmem_cache_alloc_trace+0x4b/0x740 [ 844.922103] ? __kmalloc_node+0x33/0x70 [ 844.926064] ? __kmalloc_node+0x33/0x70 [ 844.930024] ? rcu_read_lock_sched_held+0x108/0x120 [ 844.935042] __memcg_init_list_lru_node+0x169/0x270 [ 844.940048] ? list_lru_add+0x7c0/0x7c0 [ 844.944009] ? __kmalloc_node+0x47/0x70 [ 844.947977] __list_lru_init+0x544/0x750 [ 844.952033] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 844.957904] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 844.962908] ? __lockdep_init_map+0xe4/0x650 [ 844.967297] ? lockdep_init_map+0x9/0x10 [ 844.971344] sget_userns+0x691/0xe40 [ 844.975041] ? set_anon_super+0x20/0x20 [ 844.978990] ? put_filp+0x90/0x90 [ 844.982419] ? destroy_unused_super.part.6+0xd0/0xd0 [ 844.987866] ? alloc_vfsmnt+0x762/0x9c0 [ 844.991814] ? path_lookupat+0x238/0xba0 [ 844.995853] ? mnt_free_id.isra.21+0x50/0x50 [ 845.000244] ? trace_hardirqs_off+0x10/0x10 [ 845.004550] ? putname+0xee/0x130 [ 845.007981] ? cap_capable+0x1b5/0x230 [ 845.011848] ? security_capable+0x8e/0xc0 [ 845.015982] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 845.021156] ? ns_capable_common+0xcf/0x160 [ 845.025454] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 845.030624] mount_ns+0x6d/0x190 [ 845.033977] rpc_mount+0x9e/0xd0 [ 845.037317] mount_fs+0x66/0x2d0 [ 845.040659] vfs_kern_mount.part.26+0xc6/0x4a0 [ 845.045216] ? may_umount+0xa0/0xa0 [ 845.048818] ? _raw_read_unlock+0x22/0x30 [ 845.052943] ? __get_fs_type+0x8a/0xc0 [ 845.056809] do_mount+0xea4/0x2bb0 [ 845.060331] ? __might_fault+0x110/0x1d0 [ 845.064377] ? copy_mount_string+0x40/0x40 [ 845.068587] ? check_same_owner+0x320/0x320 [ 845.072890] ? __check_object_size+0x8b/0x530 [ 845.077365] ? __might_sleep+0x95/0x190 [ 845.081318] ? kasan_check_write+0x14/0x20 [ 845.085526] ? _copy_from_user+0x99/0x110 [ 845.089657] ? memdup_user+0x5e/0x90 [ 845.093350] ? copy_mount_options+0x1f7/0x2e0 [ 845.097828] SyS_mount+0xab/0x120 2018/03/31 10:16:58 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) [ 845.101264] ? copy_mnt_ns+0xb30/0xb30 [ 845.105144] do_syscall_64+0x281/0x940 [ 845.109018] ? vmalloc_sync_all+0x30/0x30 [ 845.113149] ? _raw_spin_unlock_irq+0x27/0x70 [ 845.117627] ? finish_task_switch+0x1c1/0x7e0 [ 845.122109] ? syscall_return_slowpath+0x550/0x550 [ 845.127035] ? syscall_return_slowpath+0x2ac/0x550 [ 845.131953] ? prepare_exit_to_usermode+0x350/0x350 [ 845.136963] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 845.142322] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 845.147167] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 845.152341] RIP: 0033:0x454e79 [ 845.155513] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 845.163209] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 845.170455] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 845.177699] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 845.184944] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 845.192189] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000001b 2018/03/31 10:16:59 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x0, 0x8, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:59 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:59 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:59 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x0, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:59 executing program 1 (fault-call:18 fault-nth:28): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:16:59 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:16:59 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, 0xffffffffffffffff, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:59 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={0xffffffffffffffff, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:16:59 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 846.194269] FAULT_INJECTION: forcing a failure. [ 846.194269] name failslab, interval 1, probability 0, space 0, times 0 [ 846.205574] CPU: 0 PID: 22593 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 846.212839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 846.222180] Call Trace: [ 846.224765] dump_stack+0x194/0x24d [ 846.228398] ? arch_local_irq_restore+0x53/0x53 [ 846.233052] ? __save_stack_trace+0x7e/0xd0 [ 846.237357] should_fail+0x8c0/0xa40 [ 846.241059] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 846.246149] ? kasan_kmalloc+0xad/0xe0 [ 846.250021] ? kmem_cache_alloc_trace+0x136/0x740 [ 846.254848] ? __memcg_init_list_lru_node+0x169/0x270 [ 846.260034] ? __list_lru_init+0x544/0x750 [ 846.264260] ? sget_userns+0x691/0xe40 [ 846.268134] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 846.272870] ? do_mount+0xea4/0x2bb0 [ 846.276573] ? SyS_mount+0xab/0x120 [ 846.280187] ? do_syscall_64+0x281/0x940 [ 846.284232] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 846.289584] ? find_held_lock+0x35/0x1d0 [ 846.293634] ? __lock_is_held+0xb6/0x140 [ 846.297672] ? check_same_owner+0x320/0x320 [ 846.301974] ? rcu_note_context_switch+0x710/0x710 [ 846.306885] should_failslab+0xec/0x120 [ 846.310856] kmem_cache_alloc_trace+0x4b/0x740 [ 846.315424] ? __kmalloc_node+0x33/0x70 [ 846.319395] ? __kmalloc_node+0x33/0x70 [ 846.323350] ? rcu_read_lock_sched_held+0x108/0x120 [ 846.328353] __memcg_init_list_lru_node+0x169/0x270 [ 846.333344] ? list_lru_add+0x7c0/0x7c0 [ 846.337296] ? __kmalloc_node+0x47/0x70 [ 846.341256] __list_lru_init+0x544/0x750 [ 846.345297] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 846.351157] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 846.356158] ? __lockdep_init_map+0xe4/0x650 [ 846.360557] ? lockdep_init_map+0x9/0x10 [ 846.364595] sget_userns+0x691/0xe40 [ 846.368283] ? set_anon_super+0x20/0x20 [ 846.372234] ? put_filp+0x90/0x90 [ 846.375663] ? destroy_unused_super.part.6+0xd0/0xd0 [ 846.380739] ? alloc_vfsmnt+0x762/0x9c0 [ 846.384688] ? path_lookupat+0x238/0xba0 [ 846.388724] ? mnt_free_id.isra.21+0x50/0x50 [ 846.393110] ? trace_hardirqs_off+0x10/0x10 [ 846.397411] ? putname+0xee/0x130 [ 846.400844] ? cap_capable+0x1b5/0x230 [ 846.404709] ? security_capable+0x8e/0xc0 [ 846.408840] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 846.414016] ? ns_capable_common+0xcf/0x160 [ 846.418332] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 846.423505] mount_ns+0x6d/0x190 [ 846.426847] rpc_mount+0x9e/0xd0 [ 846.430199] mount_fs+0x66/0x2d0 [ 846.433539] vfs_kern_mount.part.26+0xc6/0x4a0 [ 846.438096] ? may_umount+0xa0/0xa0 [ 846.441708] ? _raw_read_unlock+0x22/0x30 [ 846.445837] ? __get_fs_type+0x8a/0xc0 [ 846.449702] do_mount+0xea4/0x2bb0 [ 846.453222] ? __might_fault+0x110/0x1d0 [ 846.457258] ? copy_mount_string+0x40/0x40 [ 846.461476] ? check_same_owner+0x320/0x320 [ 846.465786] ? __check_object_size+0x8b/0x530 [ 846.470276] ? __might_sleep+0x95/0x190 [ 846.474235] ? kasan_check_write+0x14/0x20 [ 846.478451] ? _copy_from_user+0x99/0x110 [ 846.482576] ? memdup_user+0x5e/0x90 [ 846.486264] ? copy_mount_options+0x1f7/0x2e0 [ 846.490741] SyS_mount+0xab/0x120 [ 846.494169] ? copy_mnt_ns+0xb30/0xb30 [ 846.498050] do_syscall_64+0x281/0x940 [ 846.501935] ? vmalloc_sync_all+0x30/0x30 [ 846.506060] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 846.511570] ? syscall_return_slowpath+0x550/0x550 [ 846.516478] ? syscall_return_slowpath+0x2ac/0x550 [ 846.521392] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 846.526732] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 846.531564] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 846.536734] RIP: 0033:0x454e79 2018/03/31 10:17:00 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x0, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 846.539896] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 846.547578] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 846.554826] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 846.562087] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 846.569349] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 846.576612] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000001c 2018/03/31 10:17:00 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x0, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:00 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:00 executing program 1 (fault-call:18 fault-nth:29): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:00 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 846.731529] FAULT_INJECTION: forcing a failure. [ 846.731529] name failslab, interval 1, probability 0, space 0, times 0 [ 846.742814] CPU: 1 PID: 22622 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 846.750080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 846.759425] Call Trace: [ 846.762010] dump_stack+0x194/0x24d [ 846.765639] ? arch_local_irq_restore+0x53/0x53 [ 846.770304] ? __save_stack_trace+0x7e/0xd0 [ 846.774626] should_fail+0x8c0/0xa40 [ 846.778341] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 846.783437] ? kasan_kmalloc+0xad/0xe0 [ 846.787325] ? kmem_cache_alloc_trace+0x136/0x740 [ 846.792165] ? __memcg_init_list_lru_node+0x169/0x270 [ 846.797351] ? __list_lru_init+0x544/0x750 [ 846.801577] ? sget_userns+0x691/0xe40 [ 846.805452] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 846.810183] ? do_mount+0xea4/0x2bb0 [ 846.813871] ? SyS_mount+0xab/0x120 [ 846.817474] ? do_syscall_64+0x281/0x940 [ 846.821516] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 846.826860] ? find_held_lock+0x35/0x1d0 [ 846.830897] ? __lock_is_held+0xb6/0x140 [ 846.834940] ? check_same_owner+0x320/0x320 [ 846.839239] ? rcu_note_context_switch+0x710/0x710 [ 846.844148] should_failslab+0xec/0x120 [ 846.848100] kmem_cache_alloc_trace+0x4b/0x740 [ 846.852658] ? __kmalloc_node+0x33/0x70 [ 846.856613] __memcg_init_list_lru_node+0x169/0x270 [ 846.861607] ? list_lru_add+0x7c0/0x7c0 [ 846.865559] ? __kmalloc_node+0x47/0x70 [ 846.869511] __list_lru_init+0x544/0x750 [ 846.873551] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 846.879412] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 846.884408] ? __lockdep_init_map+0xe4/0x650 [ 846.889012] ? lockdep_init_map+0x9/0x10 [ 846.893064] sget_userns+0x691/0xe40 [ 846.896757] ? set_anon_super+0x20/0x20 [ 846.900705] ? put_filp+0x90/0x90 [ 846.904132] ? destroy_unused_super.part.6+0xd0/0xd0 [ 846.909216] ? alloc_vfsmnt+0x762/0x9c0 [ 846.913170] ? path_lookupat+0x238/0xba0 [ 846.917206] ? mnt_free_id.isra.21+0x50/0x50 [ 846.921588] ? trace_hardirqs_off+0x10/0x10 [ 846.925889] ? putname+0xee/0x130 [ 846.929322] ? cap_capable+0x1b5/0x230 [ 846.933186] ? security_capable+0x8e/0xc0 [ 846.937312] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 846.942478] ? ns_capable_common+0xcf/0x160 [ 846.946774] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 846.951941] mount_ns+0x6d/0x190 [ 846.955290] rpc_mount+0x9e/0xd0 [ 846.958635] mount_fs+0x66/0x2d0 [ 846.961988] vfs_kern_mount.part.26+0xc6/0x4a0 [ 846.966550] ? may_umount+0xa0/0xa0 [ 846.970153] ? _raw_read_unlock+0x22/0x30 [ 846.974280] ? __get_fs_type+0x8a/0xc0 [ 846.978147] do_mount+0xea4/0x2bb0 [ 846.981666] ? __might_fault+0x110/0x1d0 [ 846.985713] ? copy_mount_string+0x40/0x40 [ 846.989933] ? check_same_owner+0x320/0x320 [ 846.994237] ? __check_object_size+0x8b/0x530 [ 846.998719] ? __might_sleep+0x95/0x190 [ 847.002676] ? kasan_check_write+0x14/0x20 [ 847.006887] ? _copy_from_user+0x99/0x110 [ 847.011015] ? memdup_user+0x5e/0x90 [ 847.014709] ? copy_mount_options+0x1f7/0x2e0 [ 847.019181] SyS_mount+0xab/0x120 [ 847.022607] ? copy_mnt_ns+0xb30/0xb30 [ 847.026474] do_syscall_64+0x281/0x940 [ 847.030349] ? vmalloc_sync_all+0x30/0x30 [ 847.034469] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 847.039978] ? syscall_return_slowpath+0x550/0x550 [ 847.044888] ? syscall_return_slowpath+0x2ac/0x550 [ 847.049802] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 847.055139] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 847.059959] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 847.065121] RIP: 0033:0x454e79 [ 847.068284] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 847.075966] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 2018/03/31 10:17:00 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x0, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:00 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x0, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:00 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:00 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, 0xffffffffffffffff, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:00 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955"}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:00 executing program 1 (fault-call:18 fault-nth:30): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:00 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:00 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={0xffffffffffffffff, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) [ 847.083208] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 847.090456] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 847.097702] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 847.104951] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000001d [ 847.247792] FAULT_INJECTION: forcing a failure. [ 847.247792] name failslab, interval 1, probability 0, space 0, times 0 [ 847.259149] CPU: 1 PID: 22654 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 847.266424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.275772] Call Trace: [ 847.278372] dump_stack+0x194/0x24d [ 847.282020] ? arch_local_irq_restore+0x53/0x53 [ 847.286687] ? __save_stack_trace+0x7e/0xd0 [ 847.291014] should_fail+0x8c0/0xa40 2018/03/31 10:17:00 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955"}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:01 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680), 0x0, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:01 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 847.294732] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 847.299835] ? kasan_kmalloc+0xad/0xe0 [ 847.303717] ? kmem_cache_alloc_trace+0x136/0x740 [ 847.308563] ? __memcg_init_list_lru_node+0x169/0x270 [ 847.313745] ? __list_lru_init+0x544/0x750 [ 847.317976] ? sget_userns+0x691/0xe40 [ 847.321858] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 847.326601] ? do_mount+0xea4/0x2bb0 [ 847.330289] ? SyS_mount+0xab/0x120 [ 847.333892] ? do_syscall_64+0x281/0x940 [ 847.337934] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 847.343275] ? find_held_lock+0x35/0x1d0 [ 847.347322] ? __lock_is_held+0xb6/0x140 [ 847.351383] ? check_same_owner+0x320/0x320 [ 847.355690] ? rcu_note_context_switch+0x710/0x710 [ 847.360612] should_failslab+0xec/0x120 [ 847.364574] kmem_cache_alloc_trace+0x4b/0x740 [ 847.369143] ? __kmalloc_node+0x33/0x70 [ 847.373096] ? __kmalloc_node+0x33/0x70 [ 847.377055] ? rcu_read_lock_sched_held+0x108/0x120 [ 847.382058] __memcg_init_list_lru_node+0x169/0x270 [ 847.387063] ? list_lru_add+0x7c0/0x7c0 [ 847.391032] ? __kmalloc_node+0x47/0x70 [ 847.394996] __list_lru_init+0x544/0x750 [ 847.399055] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 847.404934] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 847.409939] ? __lockdep_init_map+0xe4/0x650 [ 847.414337] ? lockdep_init_map+0x9/0x10 [ 847.418387] sget_userns+0x691/0xe40 [ 847.422084] ? set_anon_super+0x20/0x20 [ 847.426048] ? put_filp+0x90/0x90 [ 847.429478] ? destroy_unused_super.part.6+0xd0/0xd0 [ 847.434559] ? alloc_vfsmnt+0x762/0x9c0 [ 847.438509] ? path_lookupat+0x238/0xba0 [ 847.442552] ? mnt_free_id.isra.21+0x50/0x50 [ 847.446939] ? trace_hardirqs_off+0x10/0x10 [ 847.451236] ? putname+0xee/0x130 [ 847.454667] ? cap_capable+0x1b5/0x230 [ 847.458536] ? security_capable+0x8e/0xc0 [ 847.462668] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 847.467833] ? ns_capable_common+0xcf/0x160 [ 847.472132] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 847.477299] mount_ns+0x6d/0x190 [ 847.480653] rpc_mount+0x9e/0xd0 [ 847.484004] mount_fs+0x66/0x2d0 [ 847.487359] vfs_kern_mount.part.26+0xc6/0x4a0 [ 847.491925] ? may_umount+0xa0/0xa0 [ 847.495538] ? _raw_read_unlock+0x22/0x30 [ 847.499669] ? __get_fs_type+0x8a/0xc0 [ 847.503544] do_mount+0xea4/0x2bb0 [ 847.507074] ? __might_fault+0x110/0x1d0 [ 847.511117] ? copy_mount_string+0x40/0x40 [ 847.515325] ? check_same_owner+0x320/0x320 [ 847.519624] ? __check_object_size+0x8b/0x530 [ 847.524097] ? __might_sleep+0x95/0x190 [ 847.528059] ? kasan_check_write+0x14/0x20 [ 847.532279] ? _copy_from_user+0x99/0x110 [ 847.536416] ? memdup_user+0x5e/0x90 [ 847.540113] ? copy_mount_options+0x1f7/0x2e0 [ 847.544585] SyS_mount+0xab/0x120 [ 847.548015] ? copy_mnt_ns+0xb30/0xb30 [ 847.551889] do_syscall_64+0x281/0x940 [ 847.555754] ? vmalloc_sync_all+0x30/0x30 [ 847.559877] ? _raw_spin_unlock_irq+0x27/0x70 [ 847.564353] ? finish_task_switch+0x1c1/0x7e0 [ 847.568830] ? syscall_return_slowpath+0x550/0x550 [ 847.573740] ? syscall_return_slowpath+0x2ac/0x550 [ 847.578647] ? prepare_exit_to_usermode+0x350/0x350 [ 847.583647] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 847.588991] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 847.593813] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 847.598979] RIP: 0033:0x454e79 [ 847.602156] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 847.609855] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 847.617107] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 847.624357] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 847.631606] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 847.638851] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000001e 2018/03/31 10:17:01 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x0, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:01 executing program 1 (fault-call:18 fault-nth:31): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:01 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x0, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:01 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680), 0x0, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 847.785268] FAULT_INJECTION: forcing a failure. [ 847.785268] name failslab, interval 1, probability 0, space 0, times 0 [ 847.796561] CPU: 1 PID: 22677 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 847.803835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.813186] Call Trace: [ 847.815767] dump_stack+0x194/0x24d [ 847.820045] ? arch_local_irq_restore+0x53/0x53 [ 847.824719] ? mutex_lock_io_nested+0x1900/0x1900 [ 847.829562] ? __memcg_init_list_lru_node+0x169/0x270 [ 847.834753] should_fail+0x8c0/0xa40 [ 847.838467] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 847.843570] ? trace_hardirqs_off+0x10/0x10 [ 847.847897] ? lock_downgrade+0x980/0x980 [ 847.852047] ? trace_hardirqs_off+0x10/0x10 [ 847.856372] ? find_held_lock+0x35/0x1d0 [ 847.860433] ? __lock_is_held+0xb6/0x140 [ 847.864499] ? check_same_owner+0x320/0x320 [ 847.868817] ? rcu_note_context_switch+0x710/0x710 [ 847.873748] ? rcu_note_context_switch+0x710/0x710 [ 847.878682] should_failslab+0xec/0x120 [ 847.882655] __kmalloc+0x63/0x760 [ 847.886104] ? __kmalloc_node+0x47/0x70 [ 847.890078] ? __list_lru_init+0xcf/0x750 [ 847.894214] __list_lru_init+0xcf/0x750 [ 847.898167] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 847.904040] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 847.909047] ? lockdep_init_map+0x9/0x10 [ 847.913102] sget_userns+0x6b1/0xe40 [ 847.916806] ? set_anon_super+0x20/0x20 [ 847.920756] ? put_filp+0x90/0x90 [ 847.924200] ? destroy_unused_super.part.6+0xd0/0xd0 [ 847.929293] ? alloc_vfsmnt+0x762/0x9c0 [ 847.933249] ? path_lookupat+0x238/0xba0 [ 847.937289] ? mnt_free_id.isra.21+0x50/0x50 [ 847.941697] ? trace_hardirqs_off+0x10/0x10 [ 847.946013] ? putname+0xee/0x130 [ 847.949463] ? cap_capable+0x1b5/0x230 [ 847.953335] ? security_capable+0x8e/0xc0 [ 847.957461] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 847.962635] ? ns_capable_common+0xcf/0x160 [ 847.966950] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 847.972115] mount_ns+0x6d/0x190 [ 847.975470] rpc_mount+0x9e/0xd0 [ 847.978826] mount_fs+0x66/0x2d0 [ 847.982180] vfs_kern_mount.part.26+0xc6/0x4a0 [ 847.986745] ? may_umount+0xa0/0xa0 [ 847.990358] ? _raw_read_unlock+0x22/0x30 [ 847.994485] ? __get_fs_type+0x8a/0xc0 [ 847.998365] do_mount+0xea4/0x2bb0 [ 848.001896] ? __might_fault+0x110/0x1d0 [ 848.005952] ? copy_mount_string+0x40/0x40 [ 848.010166] ? check_same_owner+0x320/0x320 [ 848.014466] ? __check_object_size+0x8b/0x530 [ 848.018944] ? __might_sleep+0x95/0x190 [ 848.022909] ? kasan_check_write+0x14/0x20 [ 848.027127] ? _copy_from_user+0x99/0x110 [ 848.031250] ? memdup_user+0x5e/0x90 [ 848.034936] ? copy_mount_options+0x1f7/0x2e0 [ 848.039406] SyS_mount+0xab/0x120 [ 848.042839] ? copy_mnt_ns+0xb30/0xb30 [ 848.046701] do_syscall_64+0x281/0x940 [ 848.050567] ? vmalloc_sync_all+0x30/0x30 [ 848.054718] ? _raw_spin_unlock_irq+0x27/0x70 [ 848.059189] ? finish_task_switch+0x1c1/0x7e0 [ 848.063674] ? syscall_return_slowpath+0x550/0x550 [ 848.068588] ? syscall_return_slowpath+0x2ac/0x550 [ 848.073494] ? prepare_exit_to_usermode+0x350/0x350 [ 848.078487] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 848.083824] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 848.088643] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 848.093806] RIP: 0033:0x454e79 [ 848.096972] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 848.104665] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 848.111921] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 848.119176] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 848.126433] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 848.133690] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000001f 2018/03/31 10:17:01 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:01 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={0xffffffffffffffff, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:01 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955"}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)=[{0xd0, 0x1ff, 0x5, "3126a756ba74b10e6e581710a6757c915b07acf3b1761ee1105a81901fb67db27dc4fcbbe59ad92681c0e550fbfc6f31708550b073b7336cd5d2b7c92dab5b55235f3abcb40b3a3bcac4529a80853370ebddd0d72b32d5515bd021192a604d066f919fcb0a1fc983840fb57a8217ee0714d9a28a996ffeb7904265bd337b4e7c352e83b248cfab39ea4307babd74794b5bce9e22b52e79998fdb18ac3359252f91d0a698679b6d3c2bcf8598e6b5fa602ceeac6283b72b2f061074"}], 0xd0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:01 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x0, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:01 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:01 executing program 1 (fault-call:18 fault-nth:32): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:01 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680), 0x0, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:01 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0x0) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:02 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 848.288147] FAULT_INJECTION: forcing a failure. [ 848.288147] name failslab, interval 1, probability 0, space 0, times 0 [ 848.299465] CPU: 0 PID: 22712 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 848.306739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 848.316090] Call Trace: [ 848.318660] dump_stack+0x194/0x24d [ 848.322276] ? arch_local_irq_restore+0x53/0x53 [ 848.326934] should_fail+0x8c0/0xa40 [ 848.330625] ? is_bpf_text_address+0xa4/0x120 [ 848.335107] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 848.340199] ? __kernel_text_address+0xd/0x40 [ 848.344685] ? unwind_get_return_address+0x61/0xa0 [ 848.349613] ? find_held_lock+0x35/0x1d0 [ 848.353658] ? __lock_is_held+0xb6/0x140 [ 848.357710] ? check_same_owner+0x320/0x320 [ 848.362030] ? rcu_note_context_switch+0x710/0x710 [ 848.366961] should_failslab+0xec/0x120 [ 848.370923] kmem_cache_alloc_trace+0x4b/0x740 [ 848.375488] ? __kmalloc_node+0x33/0x70 [ 848.379444] ? __kmalloc_node+0x33/0x70 [ 848.383392] ? rcu_read_lock_sched_held+0x108/0x120 [ 848.388399] __memcg_init_list_lru_node+0x169/0x270 [ 848.393399] ? list_lru_add+0x7c0/0x7c0 [ 848.397364] ? __kmalloc_node+0x47/0x70 [ 848.401316] __list_lru_init+0x544/0x750 [ 848.405355] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 848.411228] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 848.416230] ? lockdep_init_map+0x9/0x10 [ 848.420268] sget_userns+0x6b1/0xe40 [ 848.423964] ? set_anon_super+0x20/0x20 [ 848.427924] ? put_filp+0x90/0x90 [ 848.431362] ? destroy_unused_super.part.6+0xd0/0xd0 [ 848.436453] ? alloc_vfsmnt+0x762/0x9c0 [ 848.440401] ? path_lookupat+0x238/0xba0 [ 848.444436] ? mnt_free_id.isra.21+0x50/0x50 [ 848.448821] ? trace_hardirqs_off+0x10/0x10 [ 848.453116] ? putname+0xee/0x130 [ 848.456545] ? cap_capable+0x1b5/0x230 [ 848.460411] ? security_capable+0x8e/0xc0 [ 848.464534] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 848.469700] ? ns_capable_common+0xcf/0x160 [ 848.474003] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 848.479174] mount_ns+0x6d/0x190 [ 848.482516] rpc_mount+0x9e/0xd0 [ 848.485856] mount_fs+0x66/0x2d0 [ 848.489203] vfs_kern_mount.part.26+0xc6/0x4a0 [ 848.493770] ? may_umount+0xa0/0xa0 [ 848.497370] ? _raw_read_unlock+0x22/0x30 [ 848.501493] ? __get_fs_type+0x8a/0xc0 [ 848.505358] do_mount+0xea4/0x2bb0 [ 848.508877] ? __might_fault+0x110/0x1d0 [ 848.512922] ? copy_mount_string+0x40/0x40 [ 848.517138] ? check_same_owner+0x320/0x320 [ 848.521435] ? __check_object_size+0x8b/0x530 [ 848.525907] ? __might_sleep+0x95/0x190 [ 848.529860] ? kasan_check_write+0x14/0x20 [ 848.534073] ? _copy_from_user+0x99/0x110 [ 848.538195] ? memdup_user+0x5e/0x90 [ 848.541882] ? copy_mount_options+0x1f7/0x2e0 [ 848.546350] SyS_mount+0xab/0x120 [ 848.549782] ? copy_mnt_ns+0xb30/0xb30 [ 848.553649] do_syscall_64+0x281/0x940 [ 848.557513] ? vmalloc_sync_all+0x30/0x30 [ 848.561635] ? _raw_spin_unlock_irq+0x27/0x70 [ 848.566108] ? finish_task_switch+0x1c1/0x7e0 [ 848.570577] ? syscall_return_slowpath+0x550/0x550 [ 848.575482] ? syscall_return_slowpath+0x2ac/0x550 [ 848.580386] ? prepare_exit_to_usermode+0x350/0x350 [ 848.585377] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 848.590724] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 848.595550] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 848.600711] RIP: 0033:0x454e79 [ 848.603874] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 848.611554] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 848.618800] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 848.626057] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 2018/03/31 10:17:02 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 848.633307] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 848.640549] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000020 2018/03/31 10:17:02 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:02 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:02 executing program 1 (fault-call:18 fault-nth:33): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:02 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 848.776716] FAULT_INJECTION: forcing a failure. [ 848.776716] name failslab, interval 1, probability 0, space 0, times 0 [ 848.788014] CPU: 1 PID: 22730 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 848.795289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 848.804638] Call Trace: [ 848.807226] dump_stack+0x194/0x24d [ 848.810869] ? arch_local_irq_restore+0x53/0x53 [ 848.815541] should_fail+0x8c0/0xa40 [ 848.819259] ? is_bpf_text_address+0xa4/0x120 2018/03/31 10:17:02 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x0, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:02 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:02 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x0, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 848.823754] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 848.828858] ? __kernel_text_address+0xd/0x40 [ 848.833354] ? unwind_get_return_address+0x61/0xa0 [ 848.838303] ? find_held_lock+0x35/0x1d0 [ 848.842364] ? __lock_is_held+0xb6/0x140 [ 848.846436] ? check_same_owner+0x320/0x320 [ 848.850763] ? rcu_note_context_switch+0x710/0x710 [ 848.855691] should_failslab+0xec/0x120 [ 848.859662] kmem_cache_alloc_trace+0x4b/0x740 [ 848.864255] ? __kmalloc_node+0x33/0x70 [ 848.868245] ? __kmalloc_node+0x33/0x70 [ 848.872221] ? rcu_read_lock_sched_held+0x108/0x120 [ 848.877256] __memcg_init_list_lru_node+0x169/0x270 [ 848.882271] ? list_lru_add+0x7c0/0x7c0 [ 848.886248] ? __kmalloc_node+0x47/0x70 [ 848.890219] __list_lru_init+0x544/0x750 [ 848.894290] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 848.900170] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 848.905180] ? lockdep_init_map+0x9/0x10 [ 848.909228] sget_userns+0x6b1/0xe40 [ 848.912920] ? set_anon_super+0x20/0x20 [ 848.916870] ? put_filp+0x90/0x90 [ 848.920297] ? destroy_unused_super.part.6+0xd0/0xd0 [ 848.925381] ? alloc_vfsmnt+0x762/0x9c0 [ 848.929332] ? path_lookupat+0x238/0xba0 [ 848.933369] ? mnt_free_id.isra.21+0x50/0x50 [ 848.937754] ? trace_hardirqs_off+0x10/0x10 [ 848.942061] ? putname+0xee/0x130 [ 848.945498] ? cap_capable+0x1b5/0x230 [ 848.949371] ? security_capable+0x8e/0xc0 [ 848.953498] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 848.958664] ? ns_capable_common+0xcf/0x160 [ 848.962963] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 848.968131] mount_ns+0x6d/0x190 [ 848.971474] rpc_mount+0x9e/0xd0 [ 848.974817] mount_fs+0x66/0x2d0 [ 848.978161] vfs_kern_mount.part.26+0xc6/0x4a0 [ 848.982719] ? may_umount+0xa0/0xa0 [ 848.986330] ? _raw_read_unlock+0x22/0x30 [ 848.990461] ? __get_fs_type+0x8a/0xc0 [ 848.994325] do_mount+0xea4/0x2bb0 [ 848.997839] ? __might_fault+0x110/0x1d0 [ 849.001884] ? copy_mount_string+0x40/0x40 [ 849.006101] ? check_same_owner+0x320/0x320 [ 849.010398] ? __check_object_size+0x8b/0x530 [ 849.014873] ? __might_sleep+0x95/0x190 [ 849.018841] ? kasan_check_write+0x14/0x20 [ 849.023057] ? _copy_from_user+0x99/0x110 [ 849.027179] ? memdup_user+0x5e/0x90 [ 849.030867] ? copy_mount_options+0x1f7/0x2e0 [ 849.035343] SyS_mount+0xab/0x120 [ 849.038772] ? copy_mnt_ns+0xb30/0xb30 [ 849.042636] do_syscall_64+0x281/0x940 [ 849.046500] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 849.052024] ? syscall_return_slowpath+0x550/0x550 [ 849.056940] ? syscall_return_slowpath+0x2ac/0x550 [ 849.061854] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 849.067204] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 849.072036] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 849.077210] RIP: 0033:0x454e79 [ 849.080377] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 849.088060] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 849.095308] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 849.102561] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 849.109806] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 849.117058] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000021 2018/03/31 10:17:02 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:02 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:02 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:02 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:02 executing program 1 (fault-call:18 fault-nth:34): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:02 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0x0) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:02 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x0, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:02 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 849.310755] FAULT_INJECTION: forcing a failure. [ 849.310755] name failslab, interval 1, probability 0, space 0, times 0 [ 849.322113] CPU: 0 PID: 22757 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 849.329389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 849.338736] Call Trace: [ 849.341323] dump_stack+0x194/0x24d [ 849.344950] ? arch_local_irq_restore+0x53/0x53 [ 849.349611] ? __save_stack_trace+0x7e/0xd0 [ 849.353933] should_fail+0x8c0/0xa40 [ 849.357647] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 849.362746] ? kasan_kmalloc+0xad/0xe0 [ 849.366637] ? kmem_cache_alloc_trace+0x136/0x740 [ 849.371480] ? __memcg_init_list_lru_node+0x169/0x270 [ 849.376657] ? __list_lru_init+0x544/0x750 [ 849.380870] ? sget_userns+0x6b1/0xe40 [ 849.384740] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 849.389475] ? do_mount+0xea4/0x2bb0 [ 849.393169] ? SyS_mount+0xab/0x120 [ 849.396776] ? do_syscall_64+0x281/0x940 [ 849.400817] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 849.406161] ? find_held_lock+0x35/0x1d0 [ 849.410205] ? __lock_is_held+0xb6/0x140 [ 849.414272] ? check_same_owner+0x320/0x320 [ 849.418576] ? rcu_note_context_switch+0x710/0x710 [ 849.423491] should_failslab+0xec/0x120 [ 849.427451] kmem_cache_alloc_trace+0x4b/0x740 [ 849.432021] ? __kmalloc_node+0x33/0x70 [ 849.435977] ? __kmalloc_node+0x33/0x70 [ 849.439937] ? rcu_read_lock_sched_held+0x108/0x120 [ 849.444948] __memcg_init_list_lru_node+0x169/0x270 [ 849.449950] ? list_lru_add+0x7c0/0x7c0 [ 849.453900] ? __kmalloc_node+0x47/0x70 [ 849.457850] __list_lru_init+0x544/0x750 [ 849.461887] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 849.467747] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 849.472742] ? lockdep_init_map+0x9/0x10 [ 849.476780] sget_userns+0x6b1/0xe40 [ 849.480475] ? set_anon_super+0x20/0x20 [ 849.484426] ? put_filp+0x90/0x90 [ 849.487859] ? destroy_unused_super.part.6+0xd0/0xd0 [ 849.492946] ? alloc_vfsmnt+0x762/0x9c0 [ 849.496893] ? path_lookupat+0x238/0xba0 [ 849.500933] ? mnt_free_id.isra.21+0x50/0x50 [ 849.505315] ? trace_hardirqs_off+0x10/0x10 [ 849.509610] ? putname+0xee/0x130 [ 849.513046] ? cap_capable+0x1b5/0x230 [ 849.516913] ? security_capable+0x8e/0xc0 [ 849.521045] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 849.526210] ? ns_capable_common+0xcf/0x160 [ 849.530507] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 849.535677] mount_ns+0x6d/0x190 [ 849.539039] rpc_mount+0x9e/0xd0 [ 849.542383] mount_fs+0x66/0x2d0 [ 849.545726] vfs_kern_mount.part.26+0xc6/0x4a0 [ 849.550279] ? may_umount+0xa0/0xa0 [ 849.553882] ? _raw_read_unlock+0x22/0x30 [ 849.558016] ? __get_fs_type+0x8a/0xc0 [ 849.561886] do_mount+0xea4/0x2bb0 [ 849.565408] ? __might_fault+0x110/0x1d0 [ 849.569451] ? copy_mount_string+0x40/0x40 [ 849.573656] ? check_same_owner+0x320/0x320 [ 849.577953] ? __check_object_size+0x8b/0x530 [ 849.582425] ? __might_sleep+0x95/0x190 [ 849.586375] ? kasan_check_write+0x14/0x20 [ 849.590590] ? _copy_from_user+0x99/0x110 [ 849.594722] ? memdup_user+0x5e/0x90 [ 849.598418] ? copy_mount_options+0x1f7/0x2e0 [ 849.602887] SyS_mount+0xab/0x120 [ 849.606312] ? copy_mnt_ns+0xb30/0xb30 [ 849.610184] do_syscall_64+0x281/0x940 [ 849.614052] ? vmalloc_sync_all+0x30/0x30 [ 849.618171] ? _raw_spin_unlock_irq+0x27/0x70 [ 849.622643] ? finish_task_switch+0x1c1/0x7e0 [ 849.627112] ? syscall_return_slowpath+0x550/0x550 [ 849.632019] ? syscall_return_slowpath+0x2ac/0x550 [ 849.636929] ? prepare_exit_to_usermode+0x350/0x350 [ 849.641921] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 849.647259] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 849.652084] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 849.657254] RIP: 0033:0x454e79 2018/03/31 10:17:03 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 849.660420] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 849.668109] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 849.675351] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 849.682598] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 849.689847] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 849.697103] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000022 2018/03/31 10:17:03 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:03 executing program 1 (fault-call:18 fault-nth:35): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:03 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:03 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:03 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:03 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee", 0xa}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:03 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:03 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:03 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 849.985157] FAULT_INJECTION: forcing a failure. [ 849.985157] name failslab, interval 1, probability 0, space 0, times 0 [ 849.996505] CPU: 0 PID: 22802 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 850.003781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 850.013137] Call Trace: [ 850.015722] dump_stack+0x194/0x24d [ 850.019349] ? arch_local_irq_restore+0x53/0x53 [ 850.024016] ? __save_stack_trace+0x7e/0xd0 [ 850.028343] should_fail+0x8c0/0xa40 [ 850.032057] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 850.037151] ? kasan_kmalloc+0xad/0xe0 [ 850.041025] ? kmem_cache_alloc_trace+0x136/0x740 [ 850.045845] ? __memcg_init_list_lru_node+0x169/0x270 [ 850.051013] ? __list_lru_init+0x544/0x750 [ 850.055232] ? sget_userns+0x6b1/0xe40 [ 850.059098] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 850.063828] ? do_mount+0xea4/0x2bb0 [ 850.067515] ? SyS_mount+0xab/0x120 [ 850.071123] ? do_syscall_64+0x281/0x940 [ 850.075165] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 850.080507] ? find_held_lock+0x35/0x1d0 [ 850.084545] ? __lock_is_held+0xb6/0x140 [ 850.088588] ? check_same_owner+0x320/0x320 [ 850.092886] ? rcu_note_context_switch+0x710/0x710 [ 850.097806] should_failslab+0xec/0x120 [ 850.101769] kmem_cache_alloc_trace+0x4b/0x740 [ 850.106331] ? __kmalloc_node+0x33/0x70 [ 850.110292] ? __kmalloc_node+0x33/0x70 [ 850.114253] ? rcu_read_lock_sched_held+0x108/0x120 [ 850.119250] __memcg_init_list_lru_node+0x169/0x270 [ 850.124252] ? list_lru_add+0x7c0/0x7c0 [ 850.128207] ? __kmalloc_node+0x47/0x70 [ 850.132165] __list_lru_init+0x544/0x750 [ 850.136203] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 850.142078] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 850.147077] ? lockdep_init_map+0x9/0x10 [ 850.151114] sget_userns+0x6b1/0xe40 [ 850.154801] ? set_anon_super+0x20/0x20 [ 850.158757] ? put_filp+0x90/0x90 [ 850.162185] ? destroy_unused_super.part.6+0xd0/0xd0 [ 850.167263] ? alloc_vfsmnt+0x762/0x9c0 [ 850.171209] ? path_lookupat+0x238/0xba0 [ 850.175243] ? mnt_free_id.isra.21+0x50/0x50 [ 850.179626] ? trace_hardirqs_off+0x10/0x10 [ 850.183924] ? putname+0xee/0x130 [ 850.187354] ? cap_capable+0x1b5/0x230 [ 850.191234] ? security_capable+0x8e/0xc0 [ 850.195365] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 850.200529] ? ns_capable_common+0xcf/0x160 [ 850.204838] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 850.210012] mount_ns+0x6d/0x190 [ 850.213362] rpc_mount+0x9e/0xd0 [ 850.216706] mount_fs+0x66/0x2d0 [ 850.220047] vfs_kern_mount.part.26+0xc6/0x4a0 [ 850.224610] ? may_umount+0xa0/0xa0 [ 850.228230] ? _raw_read_unlock+0x22/0x30 [ 850.232368] ? __get_fs_type+0x8a/0xc0 2018/03/31 10:17:03 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:03 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:03 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee", 0xa}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 850.236255] do_mount+0xea4/0x2bb0 [ 850.239786] ? __might_fault+0x110/0x1d0 [ 850.243842] ? copy_mount_string+0x40/0x40 [ 850.248072] ? check_same_owner+0x320/0x320 [ 850.252389] ? __check_object_size+0x8b/0x530 [ 850.256871] ? __might_sleep+0x95/0x190 [ 850.260837] ? kasan_check_write+0x14/0x20 [ 850.265063] ? _copy_from_user+0x99/0x110 [ 850.269201] ? memdup_user+0x5e/0x90 [ 850.272904] ? copy_mount_options+0x1f7/0x2e0 [ 850.277394] SyS_mount+0xab/0x120 [ 850.280843] ? copy_mnt_ns+0xb30/0xb30 [ 850.284728] do_syscall_64+0x281/0x940 [ 850.288609] ? vmalloc_sync_all+0x30/0x30 [ 850.292758] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 850.298290] ? syscall_return_slowpath+0x550/0x550 [ 850.303216] ? syscall_return_slowpath+0x2ac/0x550 [ 850.308145] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 850.313501] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 850.318343] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 850.323520] RIP: 0033:0x454e79 [ 850.326700] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 850.334400] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 850.341671] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 850.348934] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 850.356206] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 850.363464] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000023 2018/03/31 10:17:04 executing program 1 (fault-call:18 fault-nth:36): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:04 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:04 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0x0) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:04 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee", 0xa}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:04 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:04 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980)}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:04 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:04 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x0, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 851.259954] FAULT_INJECTION: forcing a failure. [ 851.259954] name failslab, interval 1, probability 0, space 0, times 0 [ 851.271270] CPU: 1 PID: 22842 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 851.278544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 851.287895] Call Trace: [ 851.290504] dump_stack+0x194/0x24d [ 851.294139] ? arch_local_irq_restore+0x53/0x53 [ 851.298808] ? __save_stack_trace+0x7e/0xd0 [ 851.303131] should_fail+0x8c0/0xa40 2018/03/31 10:17:05 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x0, &(0x7f00000004c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:05 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 851.306847] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 851.311950] ? kasan_kmalloc+0xad/0xe0 [ 851.315841] ? kmem_cache_alloc_trace+0x136/0x740 [ 851.320683] ? __memcg_init_list_lru_node+0x169/0x270 [ 851.325866] ? __list_lru_init+0x544/0x750 [ 851.330102] ? sget_userns+0x6b1/0xe40 [ 851.333985] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 851.338728] ? do_mount+0xea4/0x2bb0 [ 851.342430] ? SyS_mount+0xab/0x120 [ 851.346051] ? do_syscall_64+0x281/0x940 [ 851.350112] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 851.355481] ? find_held_lock+0x35/0x1d0 [ 851.359551] ? __lock_is_held+0xb6/0x140 [ 851.363618] ? check_same_owner+0x320/0x320 [ 851.367933] ? rcu_note_context_switch+0x710/0x710 [ 851.372842] should_failslab+0xec/0x120 [ 851.376802] kmem_cache_alloc_trace+0x4b/0x740 [ 851.381373] ? __kmalloc_node+0x33/0x70 [ 851.385323] ? __kmalloc_node+0x33/0x70 [ 851.389275] ? rcu_read_lock_sched_held+0x108/0x120 [ 851.394272] __memcg_init_list_lru_node+0x169/0x270 [ 851.399266] ? list_lru_add+0x7c0/0x7c0 [ 851.403215] ? __kmalloc_node+0x47/0x70 [ 851.407166] __list_lru_init+0x544/0x750 [ 851.411223] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 851.417105] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 851.422102] ? lockdep_init_map+0x9/0x10 [ 851.426140] sget_userns+0x6b1/0xe40 [ 851.429832] ? set_anon_super+0x20/0x20 [ 851.433790] ? put_filp+0x90/0x90 [ 851.437216] ? destroy_unused_super.part.6+0xd0/0xd0 [ 851.442295] ? alloc_vfsmnt+0x762/0x9c0 [ 851.446249] ? path_lookupat+0x238/0xba0 [ 851.450291] ? mnt_free_id.isra.21+0x50/0x50 [ 851.454674] ? trace_hardirqs_off+0x10/0x10 [ 851.458972] ? putname+0xee/0x130 [ 851.462400] ? cap_capable+0x1b5/0x230 [ 851.466269] ? security_capable+0x8e/0xc0 [ 851.470398] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 851.475569] ? ns_capable_common+0xcf/0x160 [ 851.479867] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 851.485037] mount_ns+0x6d/0x190 [ 851.488394] rpc_mount+0x9e/0xd0 [ 851.491735] mount_fs+0x66/0x2d0 [ 851.495077] vfs_kern_mount.part.26+0xc6/0x4a0 [ 851.499634] ? may_umount+0xa0/0xa0 [ 851.503234] ? _raw_read_unlock+0x22/0x30 [ 851.507357] ? __get_fs_type+0x8a/0xc0 [ 851.511218] do_mount+0xea4/0x2bb0 [ 851.514731] ? __might_fault+0x110/0x1d0 [ 851.518774] ? copy_mount_string+0x40/0x40 [ 851.522981] ? check_same_owner+0x320/0x320 [ 851.527287] ? __check_object_size+0x8b/0x530 [ 851.531757] ? __might_sleep+0x95/0x190 [ 851.535718] ? kasan_check_write+0x14/0x20 [ 851.539936] ? _copy_from_user+0x99/0x110 [ 851.544063] ? memdup_user+0x5e/0x90 [ 851.547758] ? copy_mount_options+0x1f7/0x2e0 [ 851.552235] SyS_mount+0xab/0x120 [ 851.555663] ? copy_mnt_ns+0xb30/0xb30 [ 851.559535] do_syscall_64+0x281/0x940 [ 851.563398] ? vmalloc_sync_all+0x30/0x30 [ 851.567528] ? _raw_spin_unlock_irq+0x27/0x70 [ 851.572009] ? finish_task_switch+0x1c1/0x7e0 [ 851.576489] ? syscall_return_slowpath+0x550/0x550 [ 851.581393] ? syscall_return_slowpath+0x2ac/0x550 [ 851.586297] ? prepare_exit_to_usermode+0x350/0x350 [ 851.591298] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 851.596650] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 851.601472] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 851.606640] RIP: 0033:0x454e79 [ 851.609810] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 851.617495] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 851.624740] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 851.631990] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 851.639242] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 851.646484] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000024 2018/03/31 10:17:05 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x0) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:05 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:05 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115", 0xf}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:05 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:05 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x0, &(0x7f00000004c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:05 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:05 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:05 executing program 1 (fault-call:18 fault-nth:37): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:06 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x0, &(0x7f00000004c0)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 852.268826] FAULT_INJECTION: forcing a failure. [ 852.268826] name failslab, interval 1, probability 0, space 0, times 0 [ 852.280149] CPU: 0 PID: 22874 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 852.287422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 852.296762] Call Trace: [ 852.299350] dump_stack+0x194/0x24d [ 852.302976] ? arch_local_irq_restore+0x53/0x53 [ 852.307631] ? __save_stack_trace+0x7e/0xd0 [ 852.311953] should_fail+0x8c0/0xa40 [ 852.315655] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 852.320745] ? kasan_kmalloc+0xad/0xe0 [ 852.324615] ? kmem_cache_alloc_trace+0x136/0x740 [ 852.329437] ? __memcg_init_list_lru_node+0x169/0x270 [ 852.334599] ? __list_lru_init+0x544/0x750 [ 852.338810] ? sget_userns+0x6b1/0xe40 [ 852.342672] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 852.347404] ? do_mount+0xea4/0x2bb0 [ 852.351098] ? SyS_mount+0xab/0x120 [ 852.354708] ? do_syscall_64+0x281/0x940 [ 852.358752] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 852.364103] ? find_held_lock+0x35/0x1d0 [ 852.368162] ? __lock_is_held+0xb6/0x140 [ 852.372205] ? check_same_owner+0x320/0x320 [ 852.376509] ? rcu_note_context_switch+0x710/0x710 [ 852.381426] should_failslab+0xec/0x120 [ 852.385388] kmem_cache_alloc_trace+0x4b/0x740 [ 852.389945] ? __kmalloc_node+0x33/0x70 [ 852.393902] __memcg_init_list_lru_node+0x169/0x270 [ 852.398902] ? list_lru_add+0x7c0/0x7c0 [ 852.402854] ? __kmalloc_node+0x47/0x70 [ 852.406824] __list_lru_init+0x544/0x750 [ 852.410877] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 852.416751] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 852.421748] ? lockdep_init_map+0x9/0x10 [ 852.425794] sget_userns+0x6b1/0xe40 [ 852.429492] ? set_anon_super+0x20/0x20 [ 852.433441] ? put_filp+0x90/0x90 [ 852.436867] ? destroy_unused_super.part.6+0xd0/0xd0 [ 852.441950] ? alloc_vfsmnt+0x762/0x9c0 [ 852.445909] ? path_lookupat+0x238/0xba0 [ 852.449952] ? mnt_free_id.isra.21+0x50/0x50 [ 852.454337] ? trace_hardirqs_off+0x10/0x10 [ 852.458634] ? putname+0xee/0x130 [ 852.462069] ? cap_capable+0x1b5/0x230 [ 852.465936] ? security_capable+0x8e/0xc0 [ 852.470071] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 852.475236] ? ns_capable_common+0xcf/0x160 [ 852.479543] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 852.484707] mount_ns+0x6d/0x190 [ 852.488060] rpc_mount+0x9e/0xd0 [ 852.491406] mount_fs+0x66/0x2d0 [ 852.494746] vfs_kern_mount.part.26+0xc6/0x4a0 [ 852.499307] ? may_umount+0xa0/0xa0 [ 852.502910] ? _raw_read_unlock+0x22/0x30 [ 852.507039] ? __get_fs_type+0x8a/0xc0 [ 852.510910] do_mount+0xea4/0x2bb0 [ 852.514439] ? __might_fault+0x110/0x1d0 [ 852.518498] ? copy_mount_string+0x40/0x40 [ 852.522754] ? check_same_owner+0x320/0x320 [ 852.527051] ? __check_object_size+0x8b/0x530 [ 852.531534] ? __might_sleep+0x95/0x190 [ 852.535506] ? kasan_check_write+0x14/0x20 [ 852.539719] ? _copy_from_user+0x99/0x110 [ 852.543845] ? memdup_user+0x5e/0x90 [ 852.547533] ? copy_mount_options+0x1f7/0x2e0 [ 852.552001] SyS_mount+0xab/0x120 [ 852.555437] ? copy_mnt_ns+0xb30/0xb30 [ 852.559307] do_syscall_64+0x281/0x940 [ 852.563176] ? vmalloc_sync_all+0x30/0x30 [ 852.567304] ? _raw_spin_unlock_irq+0x27/0x70 [ 852.571773] ? finish_task_switch+0x1c1/0x7e0 [ 852.576245] ? syscall_return_slowpath+0x550/0x550 [ 852.581150] ? syscall_return_slowpath+0x2ac/0x550 [ 852.586055] ? prepare_exit_to_usermode+0x350/0x350 [ 852.591047] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 852.596385] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 852.601211] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 852.606381] RIP: 0033:0x454e79 [ 852.609543] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 2018/03/31 10:17:06 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:06 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 852.617224] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 852.624476] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 852.631728] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 852.638972] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 852.646221] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000025 2018/03/31 10:17:06 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115", 0xf}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:06 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x0) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:06 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:06 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:06 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:06 executing program 1 (fault-call:18 fault-nth:38): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 852.902486] FAULT_INJECTION: forcing a failure. [ 852.902486] name failslab, interval 1, probability 0, space 0, times 0 [ 852.913806] CPU: 1 PID: 22920 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 852.921079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 852.930427] Call Trace: [ 852.933015] dump_stack+0x194/0x24d [ 852.936644] ? arch_local_irq_restore+0x53/0x53 [ 852.941300] ? __save_stack_trace+0x7e/0xd0 [ 852.945606] should_fail+0x8c0/0xa40 [ 852.949309] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 852.954397] ? kasan_kmalloc+0xad/0xe0 [ 852.958262] ? kmem_cache_alloc_trace+0x136/0x740 [ 852.963088] ? __memcg_init_list_lru_node+0x169/0x270 [ 852.968257] ? __list_lru_init+0x544/0x750 [ 852.972471] ? sget_userns+0x6b1/0xe40 [ 852.976339] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 852.981069] ? do_mount+0xea4/0x2bb0 [ 852.984758] ? SyS_mount+0xab/0x120 [ 852.988365] ? do_syscall_64+0x281/0x940 [ 852.992404] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 852.997766] ? find_held_lock+0x35/0x1d0 [ 853.001805] ? __lock_is_held+0xb6/0x140 [ 853.005860] ? check_same_owner+0x320/0x320 [ 853.010170] ? rcu_note_context_switch+0x710/0x710 [ 853.015078] should_failslab+0xec/0x120 [ 853.019042] kmem_cache_alloc_trace+0x4b/0x740 [ 853.023610] ? __kmalloc_node+0x33/0x70 [ 853.027560] ? __kmalloc_node+0x33/0x70 [ 853.031514] ? rcu_read_lock_sched_held+0x108/0x120 [ 853.036518] __memcg_init_list_lru_node+0x169/0x270 [ 853.041520] ? list_lru_add+0x7c0/0x7c0 [ 853.045470] ? __kmalloc_node+0x47/0x70 [ 853.049425] __list_lru_init+0x544/0x750 [ 853.053484] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 853.059352] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 853.064357] ? lockdep_init_map+0x9/0x10 [ 853.068405] sget_userns+0x6b1/0xe40 [ 853.072529] ? set_anon_super+0x20/0x20 [ 853.076489] ? put_filp+0x90/0x90 [ 853.079926] ? destroy_unused_super.part.6+0xd0/0xd0 [ 853.085012] ? alloc_vfsmnt+0x762/0x9c0 [ 853.088968] ? path_lookupat+0x238/0xba0 [ 853.093013] ? mnt_free_id.isra.21+0x50/0x50 [ 853.097415] ? trace_hardirqs_off+0x10/0x10 [ 853.101721] ? putname+0xee/0x130 [ 853.105159] ? cap_capable+0x1b5/0x230 [ 853.109040] ? security_capable+0x8e/0xc0 [ 853.113171] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 853.118346] ? ns_capable_common+0xcf/0x160 [ 853.122649] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 853.127811] mount_ns+0x6d/0x190 [ 853.131154] rpc_mount+0x9e/0xd0 [ 853.134496] mount_fs+0x66/0x2d0 [ 853.137838] vfs_kern_mount.part.26+0xc6/0x4a0 [ 853.142393] ? may_umount+0xa0/0xa0 [ 853.145996] ? _raw_read_unlock+0x22/0x30 [ 853.150123] ? __get_fs_type+0x8a/0xc0 [ 853.153987] do_mount+0xea4/0x2bb0 [ 853.157503] ? __might_fault+0x110/0x1d0 [ 853.161540] ? copy_mount_string+0x40/0x40 [ 853.165748] ? check_same_owner+0x320/0x320 [ 853.170061] ? __check_object_size+0x8b/0x530 [ 853.174537] ? __might_sleep+0x95/0x190 [ 853.178487] ? kasan_check_write+0x14/0x20 [ 853.182706] ? _copy_from_user+0x99/0x110 [ 853.186844] ? memdup_user+0x5e/0x90 [ 853.190547] ? copy_mount_options+0x1f7/0x2e0 [ 853.195031] SyS_mount+0xab/0x120 [ 853.198477] ? copy_mnt_ns+0xb30/0xb30 [ 853.202349] do_syscall_64+0x281/0x940 [ 853.206215] ? vmalloc_sync_all+0x30/0x30 [ 853.210343] ? _raw_spin_unlock_irq+0x27/0x70 [ 853.214813] ? finish_task_switch+0x1c1/0x7e0 [ 853.219282] ? syscall_return_slowpath+0x550/0x550 [ 853.224185] ? syscall_return_slowpath+0x2ac/0x550 [ 853.229089] ? prepare_exit_to_usermode+0x350/0x350 [ 853.234079] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 853.239418] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 853.244237] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 853.249400] RIP: 0033:0x454e79 [ 853.252562] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 853.260246] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 853.267494] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 853.274739] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 853.281982] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 853.289227] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000026 2018/03/31 10:17:07 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115", 0xf}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:07 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x0) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:07 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:07 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:07 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:07 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:07 executing program 1 (fault-call:18 fault-nth:39): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:07 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:07 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r1 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r1, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r0, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r0}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:07 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(0xffffffffffffffff, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:07 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7", 0x11}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:07 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 853.453865] FAULT_INJECTION: forcing a failure. [ 853.453865] name failslab, interval 1, probability 0, space 0, times 0 [ 853.465187] CPU: 0 PID: 22949 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 853.472455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 853.481802] Call Trace: [ 853.484387] dump_stack+0x194/0x24d [ 853.488017] ? arch_local_irq_restore+0x53/0x53 [ 853.492680] ? __save_stack_trace+0x7e/0xd0 [ 853.497005] should_fail+0x8c0/0xa40 [ 853.500722] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 853.505814] ? kasan_kmalloc+0xad/0xe0 [ 853.509680] ? kmem_cache_alloc_trace+0x136/0x740 [ 853.514507] ? __memcg_init_list_lru_node+0x169/0x270 [ 853.519682] ? __list_lru_init+0x544/0x750 [ 853.523893] ? sget_userns+0x6b1/0xe40 [ 853.527760] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 853.532489] ? do_mount+0xea4/0x2bb0 [ 853.536178] ? SyS_mount+0xab/0x120 [ 853.539780] ? do_syscall_64+0x281/0x940 [ 853.543821] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 853.549163] ? find_held_lock+0x35/0x1d0 [ 853.553203] ? __lock_is_held+0xb6/0x140 [ 853.557254] ? check_same_owner+0x320/0x320 [ 853.561577] ? rcu_note_context_switch+0x710/0x710 [ 853.566489] should_failslab+0xec/0x120 [ 853.570454] kmem_cache_alloc_trace+0x4b/0x740 [ 853.575028] ? __kmalloc_node+0x33/0x70 [ 853.578985] ? __kmalloc_node+0x33/0x70 [ 853.582934] ? rcu_read_lock_sched_held+0x108/0x120 [ 853.587938] __memcg_init_list_lru_node+0x169/0x270 [ 853.592942] ? list_lru_add+0x7c0/0x7c0 [ 853.596893] ? __kmalloc_node+0x47/0x70 [ 853.600846] __list_lru_init+0x544/0x750 [ 853.604884] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 853.610744] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 853.615740] ? lockdep_init_map+0x9/0x10 [ 853.619779] sget_userns+0x6b1/0xe40 [ 853.623471] ? set_anon_super+0x20/0x20 [ 853.627420] ? put_filp+0x90/0x90 [ 853.630857] ? destroy_unused_super.part.6+0xd0/0xd0 [ 853.635942] ? alloc_vfsmnt+0x762/0x9c0 [ 853.639899] ? path_lookupat+0x238/0xba0 [ 853.643941] ? mnt_free_id.isra.21+0x50/0x50 [ 853.648328] ? trace_hardirqs_off+0x10/0x10 [ 853.652622] ? putname+0xee/0x130 [ 853.656054] ? cap_capable+0x1b5/0x230 [ 853.659918] ? security_capable+0x8e/0xc0 [ 853.664050] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 853.669231] ? ns_capable_common+0xcf/0x160 [ 853.673538] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 853.678704] mount_ns+0x6d/0x190 [ 853.682047] rpc_mount+0x9e/0xd0 [ 853.685399] mount_fs+0x66/0x2d0 [ 853.688743] vfs_kern_mount.part.26+0xc6/0x4a0 [ 853.693297] ? may_umount+0xa0/0xa0 [ 853.696900] ? _raw_read_unlock+0x22/0x30 [ 853.701028] ? __get_fs_type+0x8a/0xc0 [ 853.704892] do_mount+0xea4/0x2bb0 [ 853.708407] ? __might_fault+0x110/0x1d0 [ 853.712452] ? copy_mount_string+0x40/0x40 [ 853.716678] ? check_same_owner+0x320/0x320 [ 853.720983] ? __check_object_size+0x8b/0x530 [ 853.725453] ? __might_sleep+0x95/0x190 [ 853.729409] ? kasan_check_write+0x14/0x20 [ 853.733624] ? _copy_from_user+0x99/0x110 [ 853.737763] ? memdup_user+0x5e/0x90 [ 853.741461] ? copy_mount_options+0x1f7/0x2e0 [ 853.745934] SyS_mount+0xab/0x120 [ 853.749364] ? copy_mnt_ns+0xb30/0xb30 [ 853.753235] do_syscall_64+0x281/0x940 [ 853.757103] ? vmalloc_sync_all+0x30/0x30 [ 853.761224] ? _raw_spin_unlock_irq+0x27/0x70 [ 853.765692] ? finish_task_switch+0x1c1/0x7e0 [ 853.770163] ? syscall_return_slowpath+0x550/0x550 [ 853.775065] ? syscall_return_slowpath+0x2ac/0x550 [ 853.779968] ? prepare_exit_to_usermode+0x350/0x350 [ 853.784966] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 853.790326] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 853.795161] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 853.800328] RIP: 0033:0x454e79 2018/03/31 10:17:07 executing program 1 (fault-call:18 fault-nth:40): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 853.803494] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 853.811175] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 853.818427] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 853.825677] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 853.832923] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 853.840168] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000027 2018/03/31 10:17:07 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:07 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r1 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r1, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r0, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r0}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:07 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 853.969690] FAULT_INJECTION: forcing a failure. [ 853.969690] name failslab, interval 1, probability 0, space 0, times 0 [ 853.981092] CPU: 1 PID: 22971 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 853.988365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 853.997715] Call Trace: [ 854.000315] dump_stack+0x194/0x24d [ 854.003959] ? arch_local_irq_restore+0x53/0x53 [ 854.008631] ? __save_stack_trace+0x7e/0xd0 [ 854.012966] should_fail+0x8c0/0xa40 [ 854.016690] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 854.021795] ? kasan_kmalloc+0xad/0xe0 [ 854.025685] ? kmem_cache_alloc_trace+0x136/0x740 [ 854.030528] ? __memcg_init_list_lru_node+0x169/0x270 [ 854.035720] ? __list_lru_init+0x544/0x750 [ 854.039953] ? sget_userns+0x6b1/0xe40 [ 854.043841] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 854.048596] ? do_mount+0xea4/0x2bb0 [ 854.052310] ? SyS_mount+0xab/0x120 [ 854.055932] ? do_syscall_64+0x281/0x940 [ 854.059982] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 854.065326] ? find_held_lock+0x35/0x1d0 [ 854.069369] ? __lock_is_held+0xb6/0x140 [ 854.073414] ? check_same_owner+0x320/0x320 [ 854.077724] ? rcu_note_context_switch+0x710/0x710 [ 854.082641] should_failslab+0xec/0x120 [ 854.086598] kmem_cache_alloc_trace+0x4b/0x740 [ 854.091165] ? __kmalloc_node+0x33/0x70 [ 854.095122] ? __kmalloc_node+0x33/0x70 [ 854.099075] ? rcu_read_lock_sched_held+0x108/0x120 [ 854.104076] __memcg_init_list_lru_node+0x169/0x270 [ 854.109079] ? list_lru_add+0x7c0/0x7c0 [ 854.113036] ? __kmalloc_node+0x47/0x70 [ 854.117005] __list_lru_init+0x544/0x750 [ 854.121054] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 854.126918] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 854.131914] ? lockdep_init_map+0x9/0x10 [ 854.135953] sget_userns+0x6b1/0xe40 [ 854.139641] ? set_anon_super+0x20/0x20 [ 854.143602] ? put_filp+0x90/0x90 [ 854.147043] ? destroy_unused_super.part.6+0xd0/0xd0 [ 854.152126] ? alloc_vfsmnt+0x762/0x9c0 [ 854.156076] ? path_lookupat+0x238/0xba0 [ 854.160111] ? mnt_free_id.isra.21+0x50/0x50 [ 854.164501] ? trace_hardirqs_off+0x10/0x10 [ 854.168801] ? putname+0xee/0x130 [ 854.172234] ? cap_capable+0x1b5/0x230 [ 854.176109] ? security_capable+0x8e/0xc0 [ 854.180242] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 854.185428] ? ns_capable_common+0xcf/0x160 [ 854.189733] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 854.194899] mount_ns+0x6d/0x190 [ 854.198253] rpc_mount+0x9e/0xd0 [ 854.201613] mount_fs+0x66/0x2d0 [ 854.204972] vfs_kern_mount.part.26+0xc6/0x4a0 [ 854.209536] ? may_umount+0xa0/0xa0 [ 854.213138] ? _raw_read_unlock+0x22/0x30 [ 854.217267] ? __get_fs_type+0x8a/0xc0 [ 854.221132] do_mount+0xea4/0x2bb0 [ 854.224648] ? __might_fault+0x110/0x1d0 [ 854.228683] ? copy_mount_string+0x40/0x40 [ 854.232898] ? check_same_owner+0x320/0x320 [ 854.237206] ? __check_object_size+0x8b/0x530 [ 854.241687] ? __might_sleep+0x95/0x190 [ 854.245645] ? kasan_check_write+0x14/0x20 [ 854.249858] ? _copy_from_user+0x99/0x110 [ 854.253984] ? memdup_user+0x5e/0x90 [ 854.257671] ? copy_mount_options+0x1f7/0x2e0 [ 854.262143] SyS_mount+0xab/0x120 [ 854.265571] ? copy_mnt_ns+0xb30/0xb30 [ 854.269434] do_syscall_64+0x281/0x940 [ 854.273300] ? vmalloc_sync_all+0x30/0x30 [ 854.277430] ? _raw_spin_unlock_irq+0x27/0x70 [ 854.281900] ? finish_task_switch+0x1c1/0x7e0 [ 854.286369] ? syscall_return_slowpath+0x550/0x550 [ 854.291273] ? syscall_return_slowpath+0x2ac/0x550 [ 854.296181] ? prepare_exit_to_usermode+0x350/0x350 [ 854.301172] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 854.306514] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 854.311351] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 854.316527] RIP: 0033:0x454e79 [ 854.319702] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 854.327397] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 854.334644] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 854.341889] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 854.349134] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 854.356402] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000028 2018/03/31 10:17:08 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7", 0x11}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:08 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(0xffffffffffffffff, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:08 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001a"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:08 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r1 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r1, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r0, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r0}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:08 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:08 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:08 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:08 executing program 1 (fault-call:18 fault-nth:41): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 854.503693] FAULT_INJECTION: forcing a failure. [ 854.503693] name failslab, interval 1, probability 0, space 0, times 0 [ 854.515064] CPU: 1 PID: 22998 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 854.522341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 854.531690] Call Trace: [ 854.534279] dump_stack+0x194/0x24d [ 854.537907] ? arch_local_irq_restore+0x53/0x53 [ 854.542574] ? __save_stack_trace+0x7e/0xd0 [ 854.546896] should_fail+0x8c0/0xa40 [ 854.550613] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 854.555717] ? kasan_kmalloc+0xad/0xe0 [ 854.559604] ? kmem_cache_alloc_trace+0x136/0x740 [ 854.564444] ? __memcg_init_list_lru_node+0x169/0x270 [ 854.569634] ? __list_lru_init+0x544/0x750 [ 854.573869] ? sget_userns+0x6b1/0xe40 [ 854.577754] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 854.582506] ? do_mount+0xea4/0x2bb0 [ 854.586213] ? SyS_mount+0xab/0x120 [ 854.589846] ? do_syscall_64+0x281/0x940 [ 854.593903] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 854.599271] ? find_held_lock+0x35/0x1d0 2018/03/31 10:17:08 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7", 0x11}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:08 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001a"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:08 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(0xffffffffffffffff, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 854.603332] ? __lock_is_held+0xb6/0x140 [ 854.607406] ? check_same_owner+0x320/0x320 [ 854.611719] ? rcu_note_context_switch+0x710/0x710 [ 854.616640] should_failslab+0xec/0x120 [ 854.620598] kmem_cache_alloc_trace+0x4b/0x740 [ 854.625170] ? __kmalloc_node+0x33/0x70 [ 854.629133] ? __kmalloc_node+0x33/0x70 [ 854.633089] ? rcu_read_lock_sched_held+0x108/0x120 [ 854.638090] __memcg_init_list_lru_node+0x169/0x270 [ 854.643087] ? list_lru_add+0x7c0/0x7c0 [ 854.647044] ? __kmalloc_node+0x47/0x70 [ 854.651011] __list_lru_init+0x544/0x750 [ 854.655064] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 854.660927] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 854.665935] ? lockdep_init_map+0x9/0x10 [ 854.669981] sget_userns+0x6b1/0xe40 [ 854.673669] ? set_anon_super+0x20/0x20 [ 854.677617] ? put_filp+0x90/0x90 [ 854.681052] ? destroy_unused_super.part.6+0xd0/0xd0 [ 854.686138] ? alloc_vfsmnt+0x762/0x9c0 [ 854.690092] ? path_lookupat+0x238/0xba0 [ 854.694128] ? mnt_free_id.isra.21+0x50/0x50 [ 854.698514] ? trace_hardirqs_off+0x10/0x10 [ 854.702827] ? putname+0xee/0x130 [ 854.706261] ? cap_capable+0x1b5/0x230 [ 854.710126] ? security_capable+0x8e/0xc0 [ 854.714250] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 854.719423] ? ns_capable_common+0xcf/0x160 [ 854.723739] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 854.728913] mount_ns+0x6d/0x190 [ 854.732265] rpc_mount+0x9e/0xd0 [ 854.735613] mount_fs+0x66/0x2d0 [ 854.738957] vfs_kern_mount.part.26+0xc6/0x4a0 [ 854.743516] ? may_umount+0xa0/0xa0 [ 854.747127] ? _raw_read_unlock+0x22/0x30 [ 854.751261] ? __get_fs_type+0x8a/0xc0 [ 854.755137] do_mount+0xea4/0x2bb0 [ 854.758672] ? __might_fault+0x110/0x1d0 [ 854.762716] ? copy_mount_string+0x40/0x40 [ 854.766924] ? check_same_owner+0x320/0x320 [ 854.771221] ? __check_object_size+0x8b/0x530 [ 854.775697] ? __might_sleep+0x95/0x190 [ 854.779665] ? kasan_check_write+0x14/0x20 [ 854.783884] ? _copy_from_user+0x99/0x110 [ 854.788021] ? memdup_user+0x5e/0x90 [ 854.791723] ? copy_mount_options+0x1f7/0x2e0 [ 854.796211] SyS_mount+0xab/0x120 [ 854.799647] ? copy_mnt_ns+0xb30/0xb30 [ 854.803523] do_syscall_64+0x281/0x940 [ 854.807396] ? vmalloc_sync_all+0x30/0x30 [ 854.811526] ? _raw_spin_unlock_irq+0x27/0x70 [ 854.816012] ? finish_task_switch+0x1c1/0x7e0 [ 854.820498] ? syscall_return_slowpath+0x550/0x550 [ 854.825405] ? syscall_return_slowpath+0x2ac/0x550 [ 854.830308] ? prepare_exit_to_usermode+0x350/0x350 [ 854.835312] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 854.840657] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 854.845475] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 854.850638] RIP: 0033:0x454e79 [ 854.853802] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 854.861489] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 854.868737] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 854.875989] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 854.883239] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 854.890491] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000029 2018/03/31 10:17:08 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:08 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:08 executing program 1 (fault-call:18 fault-nth:42): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:08 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df", 0x12}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 855.039895] FAULT_INJECTION: forcing a failure. [ 855.039895] name failslab, interval 1, probability 0, space 0, times 0 [ 855.051374] CPU: 0 PID: 23027 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 855.058647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 855.067993] Call Trace: [ 855.070579] dump_stack+0x194/0x24d [ 855.074211] ? arch_local_irq_restore+0x53/0x53 [ 855.078872] ? __save_stack_trace+0x7e/0xd0 [ 855.083194] should_fail+0x8c0/0xa40 [ 855.086909] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 855.092008] ? kasan_kmalloc+0xad/0xe0 [ 855.095890] ? kmem_cache_alloc_trace+0x136/0x740 [ 855.100720] ? __memcg_init_list_lru_node+0x169/0x270 [ 855.105887] ? __list_lru_init+0x544/0x750 [ 855.110105] ? sget_userns+0x6b1/0xe40 [ 855.113968] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 855.118697] ? do_mount+0xea4/0x2bb0 [ 855.122385] ? SyS_mount+0xab/0x120 [ 855.125983] ? do_syscall_64+0x281/0x940 [ 855.130031] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 855.135386] ? find_held_lock+0x35/0x1d0 [ 855.139427] ? __lock_is_held+0xb6/0x140 [ 855.143473] ? check_same_owner+0x320/0x320 [ 855.147771] ? rcu_note_context_switch+0x710/0x710 [ 855.152675] should_failslab+0xec/0x120 [ 855.156626] kmem_cache_alloc_trace+0x4b/0x740 [ 855.161186] ? __kmalloc_node+0x33/0x70 [ 855.165134] ? __kmalloc_node+0x33/0x70 [ 855.169086] ? rcu_read_lock_sched_held+0x108/0x120 [ 855.174083] __memcg_init_list_lru_node+0x169/0x270 [ 855.179077] ? list_lru_add+0x7c0/0x7c0 [ 855.183032] ? __kmalloc_node+0x47/0x70 [ 855.186988] __list_lru_init+0x544/0x750 [ 855.191040] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 855.196906] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 855.201907] ? lockdep_init_map+0x9/0x10 [ 855.205943] sget_userns+0x6b1/0xe40 [ 855.209635] ? set_anon_super+0x20/0x20 [ 855.213599] ? put_filp+0x90/0x90 [ 855.217041] ? destroy_unused_super.part.6+0xd0/0xd0 [ 855.222118] ? alloc_vfsmnt+0x762/0x9c0 [ 855.226067] ? path_lookupat+0x238/0xba0 [ 855.230111] ? mnt_free_id.isra.21+0x50/0x50 [ 855.234509] ? trace_hardirqs_off+0x10/0x10 [ 855.238820] ? putname+0xee/0x130 [ 855.242264] ? cap_capable+0x1b5/0x230 [ 855.246134] ? security_capable+0x8e/0xc0 [ 855.250257] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 855.255429] ? ns_capable_common+0xcf/0x160 [ 855.259738] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 855.264908] mount_ns+0x6d/0x190 [ 855.268259] rpc_mount+0x9e/0xd0 [ 855.271620] mount_fs+0x66/0x2d0 [ 855.274963] vfs_kern_mount.part.26+0xc6/0x4a0 [ 855.279531] ? may_umount+0xa0/0xa0 [ 855.283139] ? _raw_read_unlock+0x22/0x30 [ 855.287277] ? __get_fs_type+0x8a/0xc0 [ 855.291146] do_mount+0xea4/0x2bb0 [ 855.294663] ? __might_fault+0x110/0x1d0 [ 855.298707] ? copy_mount_string+0x40/0x40 [ 855.302917] ? check_same_owner+0x320/0x320 [ 855.307226] ? __check_object_size+0x8b/0x530 [ 855.311702] ? __might_sleep+0x95/0x190 [ 855.315663] ? kasan_check_write+0x14/0x20 [ 855.319872] ? _copy_from_user+0x99/0x110 [ 855.323999] ? memdup_user+0x5e/0x90 [ 855.327695] ? copy_mount_options+0x1f7/0x2e0 [ 855.332167] SyS_mount+0xab/0x120 [ 855.335593] ? copy_mnt_ns+0xb30/0xb30 [ 855.339452] do_syscall_64+0x281/0x940 [ 855.343315] ? vmalloc_sync_all+0x30/0x30 [ 855.347439] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 855.352952] ? syscall_return_slowpath+0x550/0x550 [ 855.357856] ? syscall_return_slowpath+0x2ac/0x550 [ 855.362766] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 855.368108] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 855.372930] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 855.378232] RIP: 0033:0x454e79 [ 855.381399] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 855.389093] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 855.396348] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 855.403590] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 855.410836] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 855.418079] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000002a 2018/03/31 10:17:09 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001a"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:09 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:09 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00'}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:09 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:09 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:09 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00'}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:09 executing program 1 (fault-call:18 fault-nth:43): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:09 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df", 0x12}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 855.583574] FAULT_INJECTION: forcing a failure. [ 855.583574] name failslab, interval 1, probability 0, space 0, times 0 [ 855.594893] CPU: 1 PID: 23056 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 855.602166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 855.611518] Call Trace: [ 855.614116] dump_stack+0x194/0x24d [ 855.617754] ? arch_local_irq_restore+0x53/0x53 [ 855.622416] ? __save_stack_trace+0x7e/0xd0 [ 855.626740] should_fail+0x8c0/0xa40 2018/03/31 10:17:09 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:09 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e711670"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:09 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00'}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 855.630470] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 855.635578] ? kasan_kmalloc+0xad/0xe0 [ 855.639462] ? kmem_cache_alloc_trace+0x136/0x740 [ 855.644297] ? __memcg_init_list_lru_node+0x169/0x270 [ 855.649489] ? __list_lru_init+0x544/0x750 [ 855.653719] ? sget_userns+0x6b1/0xe40 [ 855.657608] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 855.662359] ? do_mount+0xea4/0x2bb0 [ 855.666066] ? SyS_mount+0xab/0x120 [ 855.669683] ? do_syscall_64+0x281/0x940 [ 855.673742] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 855.679120] ? find_held_lock+0x35/0x1d0 2018/03/31 10:17:09 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df", 0x12}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:09 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 855.683182] ? __lock_is_held+0xb6/0x140 [ 855.687249] ? check_same_owner+0x320/0x320 [ 855.691579] ? rcu_note_context_switch+0x710/0x710 [ 855.696503] should_failslab+0xec/0x120 [ 855.700463] kmem_cache_alloc_trace+0x4b/0x740 [ 855.705031] ? __kmalloc_node+0x33/0x70 [ 855.708985] ? __kmalloc_node+0x33/0x70 [ 855.712939] ? rcu_read_lock_sched_held+0x108/0x120 [ 855.717947] __memcg_init_list_lru_node+0x169/0x270 [ 855.722946] ? list_lru_add+0x7c0/0x7c0 [ 855.726896] ? __kmalloc_node+0x47/0x70 [ 855.730848] __list_lru_init+0x544/0x750 [ 855.734888] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 855.740751] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 855.745763] ? lockdep_init_map+0x9/0x10 [ 855.749809] sget_userns+0x6b1/0xe40 [ 855.753503] ? set_anon_super+0x20/0x20 [ 855.757464] ? put_filp+0x90/0x90 [ 855.760891] ? destroy_unused_super.part.6+0xd0/0xd0 [ 855.765970] ? alloc_vfsmnt+0x762/0x9c0 [ 855.769921] ? path_lookupat+0x238/0xba0 [ 855.773958] ? mnt_free_id.isra.21+0x50/0x50 [ 855.778340] ? trace_hardirqs_off+0x10/0x10 [ 855.782634] ? putname+0xee/0x130 [ 855.786066] ? cap_capable+0x1b5/0x230 [ 855.789936] ? security_capable+0x8e/0xc0 [ 855.794077] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 855.799253] ? ns_capable_common+0xcf/0x160 [ 855.803552] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 855.808717] mount_ns+0x6d/0x190 [ 855.812066] rpc_mount+0x9e/0xd0 [ 855.815410] mount_fs+0x66/0x2d0 [ 855.819219] vfs_kern_mount.part.26+0xc6/0x4a0 [ 855.823779] ? may_umount+0xa0/0xa0 [ 855.827385] ? _raw_read_unlock+0x22/0x30 [ 855.831510] ? __get_fs_type+0x8a/0xc0 [ 855.835375] do_mount+0xea4/0x2bb0 [ 855.838892] ? __might_fault+0x110/0x1d0 [ 855.842935] ? copy_mount_string+0x40/0x40 [ 855.847152] ? check_same_owner+0x320/0x320 [ 855.851448] ? __check_object_size+0x8b/0x530 [ 855.855920] ? __might_sleep+0x95/0x190 [ 855.859872] ? kasan_check_write+0x14/0x20 [ 855.864089] ? _copy_from_user+0x99/0x110 [ 855.868215] ? memdup_user+0x5e/0x90 [ 855.871901] ? copy_mount_options+0x1f7/0x2e0 [ 855.876369] SyS_mount+0xab/0x120 [ 855.879795] ? copy_mnt_ns+0xb30/0xb30 [ 855.883658] do_syscall_64+0x281/0x940 [ 855.887527] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 855.893043] ? syscall_return_slowpath+0x550/0x550 [ 855.897949] ? syscall_return_slowpath+0x2ac/0x550 [ 855.902857] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 855.908196] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 855.913026] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 855.918195] RIP: 0033:0x454e79 [ 855.921358] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 855.929043] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 855.936292] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 855.943538] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 855.950785] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 855.958035] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000002b 2018/03/31 10:17:09 executing program 1 (fault-call:18 fault-nth:44): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:09 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:09 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:09 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00'}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 856.097641] FAULT_INJECTION: forcing a failure. [ 856.097641] name failslab, interval 1, probability 0, space 0, times 0 [ 856.109099] CPU: 1 PID: 23079 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 856.116371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 856.125723] Call Trace: [ 856.128309] dump_stack+0x194/0x24d [ 856.131941] ? arch_local_irq_restore+0x53/0x53 [ 856.136610] ? __save_stack_trace+0x7e/0xd0 [ 856.140924] should_fail+0x8c0/0xa40 [ 856.144625] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 856.149707] ? kasan_kmalloc+0xad/0xe0 [ 856.153578] ? kmem_cache_alloc_trace+0x136/0x740 [ 856.158396] ? __memcg_init_list_lru_node+0x169/0x270 [ 856.163559] ? __list_lru_init+0x544/0x750 [ 856.167769] ? sget_userns+0x6b1/0xe40 [ 856.171633] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 856.176370] ? do_mount+0xea4/0x2bb0 [ 856.180068] ? SyS_mount+0xab/0x120 [ 856.183673] ? do_syscall_64+0x281/0x940 [ 856.187713] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 856.193067] ? find_held_lock+0x35/0x1d0 [ 856.197108] ? __lock_is_held+0xb6/0x140 [ 856.201152] ? check_same_owner+0x320/0x320 [ 856.205455] ? rcu_note_context_switch+0x710/0x710 [ 856.210363] should_failslab+0xec/0x120 [ 856.214314] kmem_cache_alloc_trace+0x4b/0x740 [ 856.218875] ? __kmalloc_node+0x33/0x70 [ 856.222832] ? __kmalloc_node+0x33/0x70 [ 856.226791] ? rcu_read_lock_sched_held+0x108/0x120 [ 856.231788] __memcg_init_list_lru_node+0x169/0x270 [ 856.236793] ? list_lru_add+0x7c0/0x7c0 [ 856.240753] ? __kmalloc_node+0x47/0x70 [ 856.244721] __list_lru_init+0x544/0x750 [ 856.248770] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 856.254642] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 856.259637] ? lockdep_init_map+0x9/0x10 [ 856.263677] sget_userns+0x6b1/0xe40 [ 856.267368] ? set_anon_super+0x20/0x20 [ 856.271324] ? put_filp+0x90/0x90 [ 856.274752] ? destroy_unused_super.part.6+0xd0/0xd0 [ 856.279830] ? alloc_vfsmnt+0x762/0x9c0 [ 856.283782] ? path_lookupat+0x238/0xba0 [ 856.287829] ? mnt_free_id.isra.21+0x50/0x50 [ 856.292216] ? trace_hardirqs_off+0x10/0x10 [ 856.296523] ? putname+0xee/0x130 [ 856.299960] ? cap_capable+0x1b5/0x230 [ 856.303823] ? security_capable+0x8e/0xc0 [ 856.307949] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 856.313122] ? ns_capable_common+0xcf/0x160 [ 856.317437] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 856.322609] mount_ns+0x6d/0x190 [ 856.325953] rpc_mount+0x9e/0xd0 [ 856.329296] mount_fs+0x66/0x2d0 [ 856.332647] vfs_kern_mount.part.26+0xc6/0x4a0 [ 856.337204] ? may_umount+0xa0/0xa0 [ 856.340809] ? _raw_read_unlock+0x22/0x30 [ 856.344933] ? __get_fs_type+0x8a/0xc0 [ 856.348800] do_mount+0xea4/0x2bb0 [ 856.352319] ? __might_fault+0x110/0x1d0 [ 856.356359] ? copy_mount_string+0x40/0x40 [ 856.360570] ? check_same_owner+0x320/0x320 [ 856.364869] ? __check_object_size+0x8b/0x530 [ 856.369342] ? __might_sleep+0x95/0x190 [ 856.373296] ? kasan_check_write+0x14/0x20 [ 856.377509] ? _copy_from_user+0x99/0x110 [ 856.381636] ? memdup_user+0x5e/0x90 [ 856.385325] ? copy_mount_options+0x1f7/0x2e0 [ 856.389796] SyS_mount+0xab/0x120 [ 856.393228] ? copy_mnt_ns+0xb30/0xb30 [ 856.397101] do_syscall_64+0x281/0x940 [ 856.400968] ? vmalloc_sync_all+0x30/0x30 [ 856.405093] ? _raw_spin_unlock_irq+0x27/0x70 [ 856.409564] ? finish_task_switch+0x1c1/0x7e0 [ 856.414041] ? syscall_return_slowpath+0x550/0x550 [ 856.418951] ? syscall_return_slowpath+0x2ac/0x550 [ 856.423853] ? prepare_exit_to_usermode+0x350/0x350 [ 856.428844] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 856.434194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 856.439020] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 856.444191] RIP: 0033:0x454e79 [ 856.447353] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 856.455044] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 856.462294] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 856.469539] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 856.476803] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 856.484063] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000002c 2018/03/31 10:17:10 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x0) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:10 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00'}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:10 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e711670"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:10 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:10 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:10 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x0, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:10 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:10 executing program 1 (fault-call:18 fault-nth:45): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:10 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x0) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:10 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x6, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e711670"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:10 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 856.689886] FAULT_INJECTION: forcing a failure. [ 856.689886] name failslab, interval 1, probability 0, space 0, times 0 [ 856.701244] CPU: 1 PID: 23110 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 856.708526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 856.717884] Call Trace: [ 856.720472] dump_stack+0x194/0x24d [ 856.724103] ? arch_local_irq_restore+0x53/0x53 [ 856.728768] ? __save_stack_trace+0x7e/0xd0 [ 856.733092] should_fail+0x8c0/0xa40 2018/03/31 10:17:10 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x0, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 856.736808] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 856.741911] ? kasan_kmalloc+0xad/0xe0 [ 856.745796] ? kmem_cache_alloc_trace+0x136/0x740 [ 856.750637] ? __memcg_init_list_lru_node+0x169/0x270 [ 856.755838] ? __list_lru_init+0x544/0x750 [ 856.760073] ? sget_userns+0x6b1/0xe40 [ 856.763955] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 856.768708] ? do_mount+0xea4/0x2bb0 [ 856.772418] ? SyS_mount+0xab/0x120 [ 856.776045] ? do_syscall_64+0x281/0x940 [ 856.780089] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 856.785430] ? find_held_lock+0x35/0x1d0 [ 856.789470] ? __lock_is_held+0xb6/0x140 [ 856.793512] ? check_same_owner+0x320/0x320 [ 856.797811] ? rcu_note_context_switch+0x710/0x710 [ 856.802719] should_failslab+0xec/0x120 [ 856.806678] kmem_cache_alloc_trace+0x4b/0x740 [ 856.811235] ? __kmalloc_node+0x33/0x70 [ 856.815183] ? __kmalloc_node+0x33/0x70 [ 856.819135] ? rcu_read_lock_sched_held+0x108/0x120 [ 856.824133] __memcg_init_list_lru_node+0x169/0x270 [ 856.829126] ? list_lru_add+0x7c0/0x7c0 [ 856.833079] ? __kmalloc_node+0x47/0x70 [ 856.837040] __list_lru_init+0x544/0x750 [ 856.841090] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 856.846951] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 856.851947] ? lockdep_init_map+0x9/0x10 [ 856.855994] sget_userns+0x6b1/0xe40 [ 856.859696] ? set_anon_super+0x20/0x20 [ 856.863654] ? put_filp+0x90/0x90 [ 856.867087] ? destroy_unused_super.part.6+0xd0/0xd0 [ 856.872169] ? alloc_vfsmnt+0x762/0x9c0 [ 856.876119] ? path_lookupat+0x238/0xba0 [ 856.880166] ? mnt_free_id.isra.21+0x50/0x50 [ 856.884549] ? trace_hardirqs_off+0x10/0x10 [ 856.888847] ? putname+0xee/0x130 [ 856.892276] ? cap_capable+0x1b5/0x230 [ 856.896141] ? security_capable+0x8e/0xc0 [ 856.900267] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 856.905440] ? ns_capable_common+0xcf/0x160 [ 856.909750] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 856.914922] mount_ns+0x6d/0x190 [ 856.918264] rpc_mount+0x9e/0xd0 [ 856.921607] mount_fs+0x66/0x2d0 [ 856.924948] vfs_kern_mount.part.26+0xc6/0x4a0 [ 856.929502] ? may_umount+0xa0/0xa0 [ 856.933104] ? _raw_read_unlock+0x22/0x30 [ 856.937227] ? __get_fs_type+0x8a/0xc0 [ 856.941088] do_mount+0xea4/0x2bb0 [ 856.944607] ? __might_fault+0x110/0x1d0 [ 856.948650] ? copy_mount_string+0x40/0x40 [ 856.952861] ? check_same_owner+0x320/0x320 [ 856.957156] ? __check_object_size+0x8b/0x530 [ 856.961629] ? __might_sleep+0x95/0x190 [ 856.965581] ? kasan_check_write+0x14/0x20 [ 856.969796] ? _copy_from_user+0x99/0x110 [ 856.973930] ? memdup_user+0x5e/0x90 [ 856.977616] ? copy_mount_options+0x1f7/0x2e0 [ 856.982086] SyS_mount+0xab/0x120 [ 856.985519] ? copy_mnt_ns+0xb30/0xb30 [ 856.989387] do_syscall_64+0x281/0x940 [ 856.993257] ? vmalloc_sync_all+0x30/0x30 [ 856.997389] ? _raw_spin_unlock_irq+0x27/0x70 [ 857.001860] ? finish_task_switch+0x1c1/0x7e0 [ 857.006337] ? syscall_return_slowpath+0x550/0x550 [ 857.011248] ? syscall_return_slowpath+0x2ac/0x550 [ 857.016159] ? prepare_exit_to_usermode+0x350/0x350 [ 857.021159] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 857.026497] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 857.031315] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 857.036477] RIP: 0033:0x454e79 2018/03/31 10:17:10 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 857.039638] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.047330] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 857.054575] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 857.061818] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 857.069064] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 857.076311] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000002d 2018/03/31 10:17:10 executing program 1 (fault-call:18 fault-nth:46): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 857.210606] FAULT_INJECTION: forcing a failure. [ 857.210606] name failslab, interval 1, probability 0, space 0, times 0 [ 857.221909] CPU: 0 PID: 23140 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 857.229173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.238520] Call Trace: [ 857.241105] dump_stack+0x194/0x24d [ 857.244732] ? arch_local_irq_restore+0x53/0x53 [ 857.249396] ? __save_stack_trace+0x7e/0xd0 [ 857.253712] should_fail+0x8c0/0xa40 [ 857.257404] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 857.262486] ? kasan_kmalloc+0xad/0xe0 [ 857.266350] ? kmem_cache_alloc_trace+0x136/0x740 [ 857.271169] ? __memcg_init_list_lru_node+0x169/0x270 [ 857.276335] ? __list_lru_init+0x544/0x750 [ 857.280544] ? sget_userns+0x6b1/0xe40 [ 857.284408] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 857.289157] ? do_mount+0xea4/0x2bb0 [ 857.292846] ? SyS_mount+0xab/0x120 [ 857.296446] ? do_syscall_64+0x281/0x940 [ 857.300484] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 857.305828] ? find_held_lock+0x35/0x1d0 [ 857.309866] ? __lock_is_held+0xb6/0x140 [ 857.313918] ? check_same_owner+0x320/0x320 [ 857.318225] ? rcu_note_context_switch+0x710/0x710 [ 857.323150] should_failslab+0xec/0x120 [ 857.327114] kmem_cache_alloc_trace+0x4b/0x740 [ 857.331676] ? __kmalloc_node+0x33/0x70 [ 857.335630] __memcg_init_list_lru_node+0x169/0x270 [ 857.340624] ? list_lru_add+0x7c0/0x7c0 [ 857.344571] ? __kmalloc_node+0x47/0x70 [ 857.348532] __list_lru_init+0x544/0x750 [ 857.352581] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 857.358448] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 857.363443] ? lockdep_init_map+0x9/0x10 [ 857.367480] sget_userns+0x6b1/0xe40 [ 857.371167] ? set_anon_super+0x20/0x20 [ 857.375116] ? put_filp+0x90/0x90 [ 857.378546] ? destroy_unused_super.part.6+0xd0/0xd0 [ 857.383632] ? alloc_vfsmnt+0x762/0x9c0 [ 857.387588] ? path_lookupat+0x238/0xba0 [ 857.391630] ? mnt_free_id.isra.21+0x50/0x50 [ 857.396021] ? trace_hardirqs_off+0x10/0x10 [ 857.400330] ? putname+0xee/0x130 [ 857.403762] ? cap_capable+0x1b5/0x230 [ 857.407623] ? security_capable+0x8e/0xc0 [ 857.411750] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 857.416922] ? ns_capable_common+0xcf/0x160 [ 857.421221] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 857.426391] mount_ns+0x6d/0x190 [ 857.429753] rpc_mount+0x9e/0xd0 [ 857.433108] mount_fs+0x66/0x2d0 [ 857.436464] vfs_kern_mount.part.26+0xc6/0x4a0 [ 857.441030] ? may_umount+0xa0/0xa0 [ 857.444637] ? _raw_read_unlock+0x22/0x30 [ 857.448762] ? __get_fs_type+0x8a/0xc0 [ 857.452639] do_mount+0xea4/0x2bb0 [ 857.456157] ? __might_fault+0x110/0x1d0 [ 857.460193] ? copy_mount_string+0x40/0x40 [ 857.464414] ? check_same_owner+0x320/0x320 [ 857.468715] ? __check_object_size+0x8b/0x530 [ 857.473195] ? __might_sleep+0x95/0x190 [ 857.477159] ? kasan_check_write+0x14/0x20 [ 857.481377] ? _copy_from_user+0x99/0x110 [ 857.485514] ? memdup_user+0x5e/0x90 [ 857.489214] ? copy_mount_options+0x1f7/0x2e0 [ 857.493690] SyS_mount+0xab/0x120 [ 857.497121] ? copy_mnt_ns+0xb30/0xb30 [ 857.500986] do_syscall_64+0x281/0x940 [ 857.504855] ? vmalloc_sync_all+0x30/0x30 [ 857.508986] ? _raw_spin_unlock_irq+0x27/0x70 [ 857.513463] ? finish_task_switch+0x1c1/0x7e0 [ 857.517939] ? syscall_return_slowpath+0x550/0x550 [ 857.522845] ? syscall_return_slowpath+0x2ac/0x550 [ 857.527750] ? prepare_exit_to_usermode+0x350/0x350 [ 857.532745] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 857.538095] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 857.542914] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 857.548076] RIP: 0033:0x454e79 [ 857.551244] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 857.558945] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 857.566202] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 857.573456] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 857.580716] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 857.587974] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000002e 2018/03/31 10:17:11 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd9770000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:11 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x0) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:11 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:11 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:11 executing program 1 (fault-call:18 fault-nth:47): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:11 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(0xffffffffffffffff, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:11 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00'}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:11 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x0, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:11 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00'}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:11 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd9770000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:11 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 857.744540] FAULT_INJECTION: forcing a failure. [ 857.744540] name failslab, interval 1, probability 0, space 0, times 0 [ 857.755933] CPU: 1 PID: 23169 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 857.763200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.772543] Call Trace: [ 857.775126] dump_stack+0x194/0x24d [ 857.778751] ? arch_local_irq_restore+0x53/0x53 [ 857.783414] ? __save_stack_trace+0x7e/0xd0 [ 857.787736] should_fail+0x8c0/0xa40 2018/03/31 10:17:11 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:11 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0x0, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 857.791449] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 857.796551] ? kasan_kmalloc+0xad/0xe0 [ 857.800433] ? kmem_cache_alloc_trace+0x136/0x740 [ 857.805269] ? __memcg_init_list_lru_node+0x169/0x270 [ 857.810452] ? __list_lru_init+0x544/0x750 [ 857.814684] ? sget_userns+0x6b1/0xe40 [ 857.818990] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 857.823732] ? do_mount+0xea4/0x2bb0 [ 857.827426] ? SyS_mount+0xab/0x120 [ 857.831039] ? do_syscall_64+0x281/0x940 [ 857.835085] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 857.840427] ? find_held_lock+0x35/0x1d0 [ 857.844476] ? __lock_is_held+0xb6/0x140 [ 857.848518] ? check_same_owner+0x320/0x320 [ 857.852825] ? rcu_note_context_switch+0x710/0x710 [ 857.857737] should_failslab+0xec/0x120 [ 857.861689] kmem_cache_alloc_trace+0x4b/0x740 [ 857.866249] ? __kmalloc_node+0x33/0x70 [ 857.870197] ? __kmalloc_node+0x33/0x70 [ 857.874146] ? rcu_read_lock_sched_held+0x108/0x120 [ 857.879139] __memcg_init_list_lru_node+0x169/0x270 [ 857.884134] ? list_lru_add+0x7c0/0x7c0 [ 857.888084] ? __kmalloc_node+0x47/0x70 [ 857.892043] __list_lru_init+0x544/0x750 [ 857.896093] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 857.901956] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 857.906948] ? lockdep_init_map+0x9/0x10 [ 857.910984] sget_userns+0x6b1/0xe40 [ 857.914670] ? set_anon_super+0x20/0x20 [ 857.918622] ? put_filp+0x90/0x90 [ 857.922052] ? destroy_unused_super.part.6+0xd0/0xd0 [ 857.927132] ? alloc_vfsmnt+0x762/0x9c0 [ 857.931083] ? path_lookupat+0x238/0xba0 [ 857.935118] ? mnt_free_id.isra.21+0x50/0x50 [ 857.939503] ? trace_hardirqs_off+0x10/0x10 [ 857.943799] ? putname+0xee/0x130 [ 857.947228] ? cap_capable+0x1b5/0x230 [ 857.951096] ? security_capable+0x8e/0xc0 [ 857.955223] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 857.960389] ? ns_capable_common+0xcf/0x160 [ 857.964684] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 857.969856] mount_ns+0x6d/0x190 [ 857.973210] rpc_mount+0x9e/0xd0 [ 857.976560] mount_fs+0x66/0x2d0 [ 857.979908] vfs_kern_mount.part.26+0xc6/0x4a0 [ 857.984471] ? may_umount+0xa0/0xa0 [ 857.988092] ? _raw_read_unlock+0x22/0x30 [ 857.992221] ? __get_fs_type+0x8a/0xc0 [ 857.996087] do_mount+0xea4/0x2bb0 [ 857.999600] ? __might_fault+0x110/0x1d0 [ 858.003644] ? copy_mount_string+0x40/0x40 [ 858.007862] ? check_same_owner+0x320/0x320 [ 858.012165] ? __check_object_size+0x8b/0x530 [ 858.016647] ? __might_sleep+0x95/0x190 [ 858.020608] ? kasan_check_write+0x14/0x20 [ 858.024820] ? _copy_from_user+0x99/0x110 [ 858.028946] ? memdup_user+0x5e/0x90 [ 858.032634] ? copy_mount_options+0x1f7/0x2e0 [ 858.037105] SyS_mount+0xab/0x120 [ 858.040530] ? copy_mnt_ns+0xb30/0xb30 [ 858.044393] do_syscall_64+0x281/0x940 [ 858.048253] ? vmalloc_sync_all+0x30/0x30 [ 858.052377] ? _raw_spin_unlock_irq+0x27/0x70 [ 858.056856] ? finish_task_switch+0x1c1/0x7e0 [ 858.061327] ? syscall_return_slowpath+0x550/0x550 [ 858.066239] ? syscall_return_slowpath+0x2ac/0x550 [ 858.071149] ? prepare_exit_to_usermode+0x350/0x350 [ 858.076146] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 858.081488] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 858.086317] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 858.091479] RIP: 0033:0x454e79 [ 858.094646] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 858.102347] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 858.109599] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 858.116843] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 858.124089] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 858.131334] R13: 00000000000003fa R14: 00000000006f8010 R15: 000000000000002f 2018/03/31 10:17:11 executing program 1 (fault-call:18 fault-nth:48): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 858.189215] hugetlbfs: Bad mount option: "èhD>™&?TFëü&Õ;•1«JðîXNhûŽ8´e’pÛKS" 2018/03/31 10:17:11 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00'}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:11 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:12 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:12 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x7, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd9770000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 858.289893] FAULT_INJECTION: forcing a failure. [ 858.289893] name failslab, interval 1, probability 0, space 0, times 0 [ 858.301204] CPU: 1 PID: 23192 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 858.308476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.317827] Call Trace: [ 858.320415] dump_stack+0x194/0x24d [ 858.324048] ? arch_local_irq_restore+0x53/0x53 [ 858.328714] ? __save_stack_trace+0x7e/0xd0 [ 858.333037] should_fail+0x8c0/0xa40 [ 858.336752] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 858.341852] ? kasan_kmalloc+0xad/0xe0 [ 858.345737] ? kmem_cache_alloc_trace+0x136/0x740 [ 858.350578] ? __memcg_init_list_lru_node+0x169/0x270 [ 858.355752] ? __list_lru_init+0x544/0x750 [ 858.359964] ? sget_userns+0x6b1/0xe40 [ 858.363836] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 858.368583] ? do_mount+0xea4/0x2bb0 [ 858.372282] ? SyS_mount+0xab/0x120 [ 858.375887] ? do_syscall_64+0x281/0x940 [ 858.379931] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 858.385276] ? find_held_lock+0x35/0x1d0 [ 858.389316] ? __lock_is_held+0xb6/0x140 [ 858.393361] ? check_same_owner+0x320/0x320 [ 858.397660] ? rcu_note_context_switch+0x710/0x710 [ 858.402573] should_failslab+0xec/0x120 [ 858.406527] kmem_cache_alloc_trace+0x4b/0x740 [ 858.411089] ? __kmalloc_node+0x33/0x70 [ 858.415051] ? __kmalloc_node+0x33/0x70 [ 858.419020] ? rcu_read_lock_sched_held+0x108/0x120 [ 858.424032] __memcg_init_list_lru_node+0x169/0x270 [ 858.429044] ? list_lru_add+0x7c0/0x7c0 [ 858.433009] ? __kmalloc_node+0x47/0x70 [ 858.436984] __list_lru_init+0x544/0x750 [ 858.441045] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 858.446931] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 858.451929] ? lockdep_init_map+0x9/0x10 [ 858.455973] sget_userns+0x6b1/0xe40 [ 858.459668] ? set_anon_super+0x20/0x20 [ 858.463628] ? put_filp+0x90/0x90 [ 858.467070] ? destroy_unused_super.part.6+0xd0/0xd0 [ 858.472155] ? alloc_vfsmnt+0x762/0x9c0 [ 858.476111] ? path_lookupat+0x238/0xba0 [ 858.480153] ? mnt_free_id.isra.21+0x50/0x50 [ 858.484553] ? trace_hardirqs_off+0x10/0x10 [ 858.488865] ? putname+0xee/0x130 [ 858.492319] ? cap_capable+0x1b5/0x230 [ 858.496206] ? security_capable+0x8e/0xc0 [ 858.500343] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 858.505514] ? ns_capable_common+0xcf/0x160 [ 858.509814] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 858.514982] mount_ns+0x6d/0x190 [ 858.518325] rpc_mount+0x9e/0xd0 [ 858.521668] mount_fs+0x66/0x2d0 [ 858.525018] vfs_kern_mount.part.26+0xc6/0x4a0 [ 858.529594] ? may_umount+0xa0/0xa0 [ 858.533208] ? _raw_read_unlock+0x22/0x30 [ 858.537342] ? __get_fs_type+0x8a/0xc0 [ 858.541216] do_mount+0xea4/0x2bb0 [ 858.544732] ? __might_fault+0x110/0x1d0 [ 858.548771] ? copy_mount_string+0x40/0x40 [ 858.552977] ? check_same_owner+0x320/0x320 [ 858.557276] ? __check_object_size+0x8b/0x530 [ 858.561747] ? __might_sleep+0x95/0x190 [ 858.565700] ? kasan_check_write+0x14/0x20 [ 858.569911] ? _copy_from_user+0x99/0x110 [ 858.574043] ? memdup_user+0x5e/0x90 [ 858.577730] ? copy_mount_options+0x1f7/0x2e0 [ 858.582200] SyS_mount+0xab/0x120 [ 858.585639] ? copy_mnt_ns+0xb30/0xb30 [ 858.589502] do_syscall_64+0x281/0x940 [ 858.593363] ? vmalloc_sync_all+0x30/0x30 [ 858.597491] ? _raw_spin_unlock_irq+0x27/0x70 [ 858.601969] ? finish_task_switch+0x1c1/0x7e0 [ 858.606447] ? syscall_return_slowpath+0x550/0x550 [ 858.611365] ? syscall_return_slowpath+0x2ac/0x550 [ 858.616287] ? prepare_exit_to_usermode+0x350/0x350 [ 858.621296] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 858.626652] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 858.631493] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 858.636671] RIP: 0033:0x454e79 [ 858.639856] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 858.647558] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 858.654803] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 858.662050] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 858.669297] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 858.676544] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000030 2018/03/31 10:17:12 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0x0, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:12 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r4}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r5 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r4}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r6 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r5, 0xb, r6, 0x1) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r7}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:12 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00'}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:12 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:12 executing program 1 (fault-call:18 fault-nth:49): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:12 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:12 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x0, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:12 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd977000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 858.828811] hugetlbfs: Bad mount option: "èhD>™&?TFëü&Õ;•1«JðîXNhûŽ8´e’pÛKS" [ 858.850502] FAULT_INJECTION: forcing a failure. [ 858.850502] name failslab, interval 1, probability 0, space 0, times 0 [ 858.861877] CPU: 0 PID: 23224 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 858.869146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.878497] Call Trace: [ 858.881087] dump_stack+0x194/0x24d [ 858.884710] ? arch_local_irq_restore+0x53/0x53 [ 858.889377] ? __save_stack_trace+0x7e/0xd0 [ 858.893716] should_fail+0x8c0/0xa40 [ 858.897433] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 858.902533] ? kasan_kmalloc+0xad/0xe0 [ 858.906416] ? kmem_cache_alloc_trace+0x136/0x740 [ 858.911257] ? __memcg_init_list_lru_node+0x169/0x270 [ 858.916445] ? __list_lru_init+0x544/0x750 [ 858.920679] ? sget_userns+0x6b1/0xe40 [ 858.924562] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 858.929313] ? do_mount+0xea4/0x2bb0 [ 858.933030] ? SyS_mount+0xab/0x120 [ 858.936655] ? do_syscall_64+0x281/0x940 [ 858.940716] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 858.946083] ? find_held_lock+0x35/0x1d0 [ 858.950145] ? __lock_is_held+0xb6/0x140 [ 858.954211] ? check_same_owner+0x320/0x320 [ 858.958534] ? rcu_note_context_switch+0x710/0x710 [ 858.963466] should_failslab+0xec/0x120 [ 858.967436] kmem_cache_alloc_trace+0x4b/0x740 [ 858.972018] ? __kmalloc_node+0x33/0x70 2018/03/31 10:17:12 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:12 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd977000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:12 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:12 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0x0, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:12 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x0, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 858.975993] ? __kmalloc_node+0x33/0x70 [ 858.979970] ? rcu_read_lock_sched_held+0x108/0x120 [ 858.984987] __memcg_init_list_lru_node+0x169/0x270 [ 858.990573] ? list_lru_add+0x7c0/0x7c0 [ 858.994549] ? __kmalloc_node+0x47/0x70 [ 858.998529] __list_lru_init+0x544/0x750 [ 859.002580] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 859.008453] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 859.013454] ? lockdep_init_map+0x9/0x10 [ 859.017492] sget_userns+0x6b1/0xe40 [ 859.021184] ? set_anon_super+0x20/0x20 [ 859.025151] ? put_filp+0x90/0x90 [ 859.028580] ? destroy_unused_super.part.6+0xd0/0xd0 [ 859.033656] ? alloc_vfsmnt+0x762/0x9c0 [ 859.037604] ? path_lookupat+0x238/0xba0 [ 859.041640] ? mnt_free_id.isra.21+0x50/0x50 [ 859.046034] ? trace_hardirqs_off+0x10/0x10 [ 859.050343] ? putname+0xee/0x130 [ 859.053780] ? cap_capable+0x1b5/0x230 [ 859.057644] ? security_capable+0x8e/0xc0 [ 859.061767] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 859.066929] ? ns_capable_common+0xcf/0x160 [ 859.071234] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 859.076396] mount_ns+0x6d/0x190 [ 859.079736] rpc_mount+0x9e/0xd0 [ 859.083074] mount_fs+0x66/0x2d0 [ 859.086415] vfs_kern_mount.part.26+0xc6/0x4a0 [ 859.090980] ? may_umount+0xa0/0xa0 [ 859.094586] ? _raw_read_unlock+0x22/0x30 [ 859.098715] ? __get_fs_type+0x8a/0xc0 [ 859.102579] do_mount+0xea4/0x2bb0 [ 859.106092] ? __might_fault+0x110/0x1d0 [ 859.110131] ? copy_mount_string+0x40/0x40 [ 859.114337] ? check_same_owner+0x320/0x320 [ 859.118633] ? __check_object_size+0x8b/0x530 [ 859.123105] ? __might_sleep+0x95/0x190 [ 859.127055] ? kasan_check_write+0x14/0x20 [ 859.131264] ? _copy_from_user+0x99/0x110 [ 859.135385] ? memdup_user+0x5e/0x90 [ 859.139070] ? copy_mount_options+0x1f7/0x2e0 [ 859.143540] SyS_mount+0xab/0x120 [ 859.146968] ? copy_mnt_ns+0xb30/0xb30 [ 859.150832] do_syscall_64+0x281/0x940 [ 859.154693] ? vmalloc_sync_all+0x30/0x30 [ 859.158824] ? _raw_spin_unlock_irq+0x27/0x70 [ 859.163295] ? finish_task_switch+0x1c1/0x7e0 [ 859.167765] ? syscall_return_slowpath+0x550/0x550 [ 859.172667] ? syscall_return_slowpath+0x2ac/0x550 [ 859.177570] ? prepare_exit_to_usermode+0x350/0x350 [ 859.182562] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 859.187900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 859.192717] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 859.197878] RIP: 0033:0x454e79 [ 859.201045] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 859.208729] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 859.215973] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 859.223217] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 859.230463] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 859.237715] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000031 2018/03/31 10:17:13 executing program 1 (fault-call:18 fault-nth:50): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 859.319983] hugetlbfs: Bad mount option: "èhD>™&?TFëü&Õ;•1«JðîXNhûŽ8´e’pÛKS" [ 859.369874] FAULT_INJECTION: forcing a failure. [ 859.369874] name failslab, interval 1, probability 0, space 0, times 0 [ 859.381325] CPU: 1 PID: 23255 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 859.388597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 859.397943] Call Trace: [ 859.400528] dump_stack+0x194/0x24d [ 859.404156] ? arch_local_irq_restore+0x53/0x53 [ 859.408827] ? __save_stack_trace+0x7e/0xd0 [ 859.413156] should_fail+0x8c0/0xa40 [ 859.416877] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 859.421979] ? kasan_kmalloc+0xad/0xe0 [ 859.425864] ? kmem_cache_alloc_trace+0x136/0x740 [ 859.430696] ? __memcg_init_list_lru_node+0x169/0x270 [ 859.435861] ? __list_lru_init+0x544/0x750 [ 859.440081] ? sget_userns+0x6b1/0xe40 [ 859.443947] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 859.448678] ? do_mount+0xea4/0x2bb0 [ 859.452367] ? SyS_mount+0xab/0x120 [ 859.455982] ? do_syscall_64+0x281/0x940 [ 859.460037] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 859.465379] ? find_held_lock+0x35/0x1d0 [ 859.469415] ? __lock_is_held+0xb6/0x140 [ 859.473458] ? check_same_owner+0x320/0x320 [ 859.477761] ? rcu_note_context_switch+0x710/0x710 [ 859.482668] should_failslab+0xec/0x120 [ 859.486628] kmem_cache_alloc_trace+0x4b/0x740 [ 859.491201] ? __kmalloc_node+0x33/0x70 [ 859.495166] __memcg_init_list_lru_node+0x169/0x270 [ 859.500157] ? list_lru_add+0x7c0/0x7c0 [ 859.504109] ? __kmalloc_node+0x47/0x70 [ 859.508060] __list_lru_init+0x544/0x750 [ 859.512106] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 859.517975] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 859.522968] ? lockdep_init_map+0x9/0x10 [ 859.527014] sget_userns+0x6b1/0xe40 [ 859.530707] ? set_anon_super+0x20/0x20 [ 859.534665] ? put_filp+0x90/0x90 [ 859.538102] ? destroy_unused_super.part.6+0xd0/0xd0 [ 859.543179] ? alloc_vfsmnt+0x762/0x9c0 [ 859.547127] ? path_lookupat+0x238/0xba0 [ 859.551164] ? mnt_free_id.isra.21+0x50/0x50 [ 859.555548] ? trace_hardirqs_off+0x10/0x10 [ 859.559848] ? putname+0xee/0x130 [ 859.563278] ? cap_capable+0x1b5/0x230 [ 859.567147] ? security_capable+0x8e/0xc0 [ 859.571279] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 859.576443] ? ns_capable_common+0xcf/0x160 [ 859.580746] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 859.585911] mount_ns+0x6d/0x190 [ 859.589252] rpc_mount+0x9e/0xd0 [ 859.592594] mount_fs+0x66/0x2d0 [ 859.595936] vfs_kern_mount.part.26+0xc6/0x4a0 [ 859.600499] ? may_umount+0xa0/0xa0 [ 859.604105] ? _raw_read_unlock+0x22/0x30 [ 859.608230] ? __get_fs_type+0x8a/0xc0 [ 859.612094] do_mount+0xea4/0x2bb0 [ 859.615613] ? __might_fault+0x110/0x1d0 [ 859.619651] ? copy_mount_string+0x40/0x40 [ 859.623864] ? check_same_owner+0x320/0x320 [ 859.628162] ? __check_object_size+0x8b/0x530 [ 859.632635] ? __might_sleep+0x95/0x190 [ 859.636588] ? kasan_check_write+0x14/0x20 [ 859.640800] ? _copy_from_user+0x99/0x110 [ 859.644925] ? memdup_user+0x5e/0x90 [ 859.648613] ? copy_mount_options+0x1f7/0x2e0 [ 859.653095] SyS_mount+0xab/0x120 [ 859.656532] ? copy_mnt_ns+0xb30/0xb30 [ 859.660394] do_syscall_64+0x281/0x940 [ 859.664257] ? vmalloc_sync_all+0x30/0x30 [ 859.668380] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 859.673893] ? syscall_return_slowpath+0x550/0x550 [ 859.678796] ? syscall_return_slowpath+0x2ac/0x550 [ 859.683704] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 859.689043] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 859.693866] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 859.699038] RIP: 0033:0x454e79 [ 859.702216] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 859.709914] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 859.717171] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 859.724420] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 859.731665] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 859.738907] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000032 2018/03/31 10:17:13 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x0, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:13 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:13 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:13 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd977000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:13 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:13 executing program 1 (fault-call:18 fault-nth:51): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:13 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:13 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r4}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r5 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r4}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r6 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r5, 0xb, r6, 0x1) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r7}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:13 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:13 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:13 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x0, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 859.886233] FAULT_INJECTION: forcing a failure. [ 859.886233] name failslab, interval 1, probability 0, space 0, times 0 [ 859.897559] CPU: 0 PID: 23280 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 859.904826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 859.914169] Call Trace: [ 859.916757] dump_stack+0x194/0x24d [ 859.920389] ? arch_local_irq_restore+0x53/0x53 [ 859.925064] ? __save_stack_trace+0x7e/0xd0 [ 859.929392] should_fail+0x8c0/0xa40 2018/03/31 10:17:13 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd9770000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:13 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 859.933099] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 859.938198] ? kasan_kmalloc+0xad/0xe0 [ 859.942081] ? kmem_cache_alloc_trace+0x136/0x740 [ 859.946910] ? __memcg_init_list_lru_node+0x169/0x270 [ 859.952078] ? __list_lru_init+0x544/0x750 [ 859.956293] ? sget_userns+0x6b1/0xe40 [ 859.960167] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 859.964922] ? do_mount+0xea4/0x2bb0 [ 859.968634] ? SyS_mount+0xab/0x120 [ 859.972256] ? do_syscall_64+0x281/0x940 [ 859.976312] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 859.981674] ? find_held_lock+0x35/0x1d0 [ 859.985721] ? __lock_is_held+0xb6/0x140 [ 859.989764] ? check_same_owner+0x320/0x320 [ 859.994074] ? rcu_note_context_switch+0x710/0x710 [ 859.998988] should_failslab+0xec/0x120 [ 860.002946] kmem_cache_alloc_trace+0x4b/0x740 [ 860.007506] ? __kmalloc_node+0x33/0x70 [ 860.011464] __memcg_init_list_lru_node+0x169/0x270 [ 860.016457] ? list_lru_add+0x7c0/0x7c0 [ 860.020405] ? __kmalloc_node+0x47/0x70 [ 860.024356] __list_lru_init+0x544/0x750 [ 860.028395] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 860.034259] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 860.039251] ? lockdep_init_map+0x9/0x10 [ 860.043289] sget_userns+0x6b1/0xe40 [ 860.046984] ? set_anon_super+0x20/0x20 [ 860.050939] ? put_filp+0x90/0x90 [ 860.054367] ? destroy_unused_super.part.6+0xd0/0xd0 [ 860.059444] ? alloc_vfsmnt+0x762/0x9c0 [ 860.063393] ? path_lookupat+0x238/0xba0 [ 860.067434] ? mnt_free_id.isra.21+0x50/0x50 [ 860.071828] ? trace_hardirqs_off+0x10/0x10 [ 860.076131] ? putname+0xee/0x130 [ 860.079568] ? cap_capable+0x1b5/0x230 [ 860.083439] ? security_capable+0x8e/0xc0 [ 860.087563] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 860.092734] ? ns_capable_common+0xcf/0x160 [ 860.097045] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 860.102213] mount_ns+0x6d/0x190 [ 860.105557] rpc_mount+0x9e/0xd0 [ 860.108897] mount_fs+0x66/0x2d0 [ 860.112253] vfs_kern_mount.part.26+0xc6/0x4a0 [ 860.116815] ? may_umount+0xa0/0xa0 [ 860.120425] ? _raw_read_unlock+0x22/0x30 [ 860.124556] ? __get_fs_type+0x8a/0xc0 [ 860.128418] do_mount+0xea4/0x2bb0 [ 860.131938] ? __might_fault+0x110/0x1d0 [ 860.135985] ? copy_mount_string+0x40/0x40 [ 860.140203] ? check_same_owner+0x320/0x320 [ 860.144499] ? __check_object_size+0x8b/0x530 [ 860.148968] ? __might_sleep+0x95/0x190 [ 860.152918] ? kasan_check_write+0x14/0x20 [ 860.157133] ? _copy_from_user+0x99/0x110 [ 860.161264] ? memdup_user+0x5e/0x90 [ 860.164960] ? copy_mount_options+0x1f7/0x2e0 [ 860.169430] SyS_mount+0xab/0x120 [ 860.172859] ? copy_mnt_ns+0xb30/0xb30 [ 860.176723] do_syscall_64+0x281/0x940 [ 860.180591] ? vmalloc_sync_all+0x30/0x30 [ 860.184717] ? _raw_spin_unlock_irq+0x27/0x70 [ 860.189188] ? finish_task_switch+0x1c1/0x7e0 [ 860.193661] ? syscall_return_slowpath+0x550/0x550 [ 860.198564] ? syscall_return_slowpath+0x2ac/0x550 [ 860.203469] ? prepare_exit_to_usermode+0x350/0x350 [ 860.208462] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 860.213803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 860.218623] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 860.223785] RIP: 0033:0x454e79 [ 860.226947] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 860.234628] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 860.241874] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 860.249118] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 860.256360] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 860.263603] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000033 2018/03/31 10:17:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 1 (fault-call:18 fault-nth:52): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x0, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)) mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:14 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd9770000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 860.467480] FAULT_INJECTION: forcing a failure. [ 860.467480] name failslab, interval 1, probability 0, space 0, times 0 [ 860.478928] CPU: 1 PID: 23310 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 860.486207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 860.495558] Call Trace: [ 860.498148] dump_stack+0x194/0x24d [ 860.501772] ? arch_local_irq_restore+0x53/0x53 [ 860.506437] ? __save_stack_trace+0x7e/0xd0 [ 860.510764] should_fail+0x8c0/0xa40 [ 860.514476] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 860.519578] ? kasan_kmalloc+0xad/0xe0 [ 860.523463] ? kmem_cache_alloc_trace+0x136/0x740 [ 860.528306] ? __memcg_init_list_lru_node+0x169/0x270 [ 860.533497] ? __list_lru_init+0x544/0x750 [ 860.537743] ? sget_userns+0x6b1/0xe40 [ 860.541642] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 860.546397] ? do_mount+0xea4/0x2bb0 [ 860.550111] ? SyS_mount+0xab/0x120 [ 860.553740] ? do_syscall_64+0x281/0x940 [ 860.557796] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 860.563160] ? find_held_lock+0x35/0x1d0 [ 860.567218] ? __lock_is_held+0xb6/0x140 [ 860.571278] ? check_same_owner+0x320/0x320 [ 860.575597] ? rcu_note_context_switch+0x710/0x710 [ 860.580532] should_failslab+0xec/0x120 [ 860.584513] kmem_cache_alloc_trace+0x4b/0x740 [ 860.589087] ? __kmalloc_node+0x33/0x70 [ 860.593047] ? __kmalloc_node+0x33/0x70 [ 860.596998] ? rcu_read_lock_sched_held+0x108/0x120 [ 860.602008] __memcg_init_list_lru_node+0x169/0x270 [ 860.607022] ? list_lru_add+0x7c0/0x7c0 [ 860.610983] ? __kmalloc_node+0x47/0x70 [ 860.614944] __list_lru_init+0x544/0x750 [ 860.618985] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 860.624848] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 860.629852] ? lockdep_init_map+0x9/0x10 [ 860.633898] sget_userns+0x6b1/0xe40 [ 860.637594] ? set_anon_super+0x20/0x20 [ 860.641557] ? put_filp+0x90/0x90 [ 860.644994] ? destroy_unused_super.part.6+0xd0/0xd0 [ 860.650079] ? alloc_vfsmnt+0x762/0x9c0 [ 860.654043] ? path_lookupat+0x238/0xba0 [ 860.658089] ? mnt_free_id.isra.21+0x50/0x50 [ 860.662473] ? trace_hardirqs_off+0x10/0x10 [ 860.666771] ? putname+0xee/0x130 [ 860.670201] ? cap_capable+0x1b5/0x230 [ 860.674066] ? security_capable+0x8e/0xc0 [ 860.678192] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 860.683364] ? ns_capable_common+0xcf/0x160 [ 860.687674] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 860.692842] mount_ns+0x6d/0x190 [ 860.696184] rpc_mount+0x9e/0xd0 [ 860.699539] mount_fs+0x66/0x2d0 [ 860.702896] vfs_kern_mount.part.26+0xc6/0x4a0 [ 860.707466] ? may_umount+0xa0/0xa0 [ 860.711076] ? _raw_read_unlock+0x22/0x30 [ 860.715197] ? __get_fs_type+0x8a/0xc0 [ 860.719060] do_mount+0xea4/0x2bb0 [ 860.722575] ? __might_fault+0x110/0x1d0 [ 860.726622] ? copy_mount_string+0x40/0x40 [ 860.730850] ? check_same_owner+0x320/0x320 [ 860.735146] ? __check_object_size+0x8b/0x530 [ 860.739618] ? __might_sleep+0x95/0x190 [ 860.743581] ? kasan_check_write+0x14/0x20 [ 860.747806] ? _copy_from_user+0x99/0x110 [ 860.751929] ? memdup_user+0x5e/0x90 [ 860.755617] ? copy_mount_options+0x1f7/0x2e0 [ 860.760087] SyS_mount+0xab/0x120 [ 860.763532] ? copy_mnt_ns+0xb30/0xb30 [ 860.767413] do_syscall_64+0x281/0x940 [ 860.771291] ? vmalloc_sync_all+0x30/0x30 [ 860.775422] ? _raw_spin_unlock_irq+0x27/0x70 [ 860.779893] ? finish_task_switch+0x1c1/0x7e0 [ 860.784364] ? syscall_return_slowpath+0x550/0x550 [ 860.789281] ? syscall_return_slowpath+0x2ac/0x550 [ 860.794191] ? prepare_exit_to_usermode+0x350/0x350 [ 860.799199] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 860.804557] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 860.809395] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 860.814559] RIP: 0033:0x454e79 [ 860.817725] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 860.825426] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 860.832679] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 860.839926] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 860.847179] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 860.854435] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000034 2018/03/31 10:17:14 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:14 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:14 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd9770000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r4}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r5 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r4}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r6 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r5, 0xb, r6, 0x1) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r7}, 0x10) r8 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:14 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x0, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 1 (fault-call:18 fault-nth:53): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:14 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:14 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) [ 860.998724] FAULT_INJECTION: forcing a failure. [ 860.998724] name failslab, interval 1, probability 0, space 0, times 0 [ 861.010082] CPU: 1 PID: 23344 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 861.017370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.026725] Call Trace: [ 861.029311] dump_stack+0x194/0x24d [ 861.032939] ? arch_local_irq_restore+0x53/0x53 [ 861.037602] ? __save_stack_trace+0x7e/0xd0 [ 861.041916] should_fail+0x8c0/0xa40 2018/03/31 10:17:14 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:14 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 861.045620] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 861.050732] ? kasan_kmalloc+0xad/0xe0 [ 861.054615] ? kmem_cache_alloc_trace+0x136/0x740 [ 861.059454] ? __memcg_init_list_lru_node+0x169/0x270 [ 861.064638] ? __list_lru_init+0x544/0x750 [ 861.068870] ? sget_userns+0x6b1/0xe40 [ 861.072753] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 861.077510] ? do_mount+0xea4/0x2bb0 [ 861.081220] ? SyS_mount+0xab/0x120 [ 861.084838] ? do_syscall_64+0x281/0x940 [ 861.088887] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 861.094245] ? find_held_lock+0x35/0x1d0 [ 861.098285] ? __lock_is_held+0xb6/0x140 [ 861.102342] ? check_same_owner+0x320/0x320 [ 861.106658] ? rcu_note_context_switch+0x710/0x710 [ 861.111584] should_failslab+0xec/0x120 [ 861.115543] kmem_cache_alloc_trace+0x4b/0x740 [ 861.120102] ? __kmalloc_node+0x33/0x70 [ 861.124066] ? __kmalloc_node+0x33/0x70 [ 861.128031] ? rcu_read_lock_sched_held+0x108/0x120 [ 861.133037] __memcg_init_list_lru_node+0x169/0x270 [ 861.138037] ? list_lru_add+0x7c0/0x7c0 [ 861.141997] ? __kmalloc_node+0x47/0x70 [ 861.145968] __list_lru_init+0x544/0x750 [ 861.150020] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 861.155894] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 861.160897] ? lockdep_init_map+0x9/0x10 [ 861.164935] sget_userns+0x6b1/0xe40 [ 861.168621] ? set_anon_super+0x20/0x20 [ 861.172571] ? put_filp+0x90/0x90 [ 861.175997] ? destroy_unused_super.part.6+0xd0/0xd0 [ 861.181083] ? alloc_vfsmnt+0x762/0x9c0 [ 861.185041] ? path_lookupat+0x238/0xba0 [ 861.189082] ? mnt_free_id.isra.21+0x50/0x50 [ 861.193465] ? trace_hardirqs_off+0x10/0x10 [ 861.197759] ? putname+0xee/0x130 [ 861.201192] ? cap_capable+0x1b5/0x230 [ 861.205057] ? security_capable+0x8e/0xc0 [ 861.209185] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 861.214356] ? ns_capable_common+0xcf/0x160 [ 861.218651] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 861.223817] mount_ns+0x6d/0x190 [ 861.227173] rpc_mount+0x9e/0xd0 [ 861.230518] mount_fs+0x66/0x2d0 [ 861.233860] vfs_kern_mount.part.26+0xc6/0x4a0 [ 861.238418] ? may_umount+0xa0/0xa0 [ 861.242028] ? _raw_read_unlock+0x22/0x30 [ 861.246157] ? __get_fs_type+0x8a/0xc0 [ 861.250030] do_mount+0xea4/0x2bb0 [ 861.253554] ? __might_fault+0x110/0x1d0 [ 861.257609] ? copy_mount_string+0x40/0x40 [ 861.261822] ? check_same_owner+0x320/0x320 [ 861.266127] ? __check_object_size+0x8b/0x530 [ 861.270598] ? __might_sleep+0x95/0x190 [ 861.274553] ? kasan_check_write+0x14/0x20 [ 861.278781] ? _copy_from_user+0x99/0x110 [ 861.282912] ? memdup_user+0x5e/0x90 [ 861.286607] ? copy_mount_options+0x1f7/0x2e0 [ 861.291085] SyS_mount+0xab/0x120 [ 861.294515] ? copy_mnt_ns+0xb30/0xb30 [ 861.298377] do_syscall_64+0x281/0x940 [ 861.302240] ? vmalloc_sync_all+0x30/0x30 [ 861.306371] ? _raw_spin_unlock_irq+0x27/0x70 [ 861.310854] ? finish_task_switch+0x1c1/0x7e0 [ 861.315329] ? syscall_return_slowpath+0x550/0x550 [ 861.320233] ? syscall_return_slowpath+0x2ac/0x550 [ 861.325139] ? prepare_exit_to_usermode+0x350/0x350 [ 861.330143] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 861.335489] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 861.340308] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 861.345470] RIP: 0033:0x454e79 [ 861.348634] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 861.356323] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 861.363578] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 861.370822] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 861.378064] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 861.385305] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000035 2018/03/31 10:17:15 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x0, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:15 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:15 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd977000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 1 (fault-call:18 fault-nth:54): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:15 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x0, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 861.590863] FAULT_INJECTION: forcing a failure. [ 861.590863] name failslab, interval 1, probability 0, space 0, times 0 [ 861.602182] CPU: 0 PID: 23375 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 861.609452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.618799] Call Trace: [ 861.621393] dump_stack+0x194/0x24d [ 861.625025] ? arch_local_irq_restore+0x53/0x53 [ 861.629692] ? __save_stack_trace+0x7e/0xd0 [ 861.634025] should_fail+0x8c0/0xa40 [ 861.637742] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 861.642850] ? kasan_kmalloc+0xad/0xe0 [ 861.646736] ? kmem_cache_alloc_trace+0x136/0x740 [ 861.651570] ? __memcg_init_list_lru_node+0x169/0x270 [ 861.656748] ? __list_lru_init+0x544/0x750 [ 861.660996] ? sget_userns+0x6b1/0xe40 [ 861.664878] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 861.669629] ? do_mount+0xea4/0x2bb0 [ 861.673339] ? SyS_mount+0xab/0x120 [ 861.676952] ? do_syscall_64+0x281/0x940 [ 861.681006] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 861.686376] ? find_held_lock+0x35/0x1d0 [ 861.690450] ? __lock_is_held+0xb6/0x140 [ 861.694514] ? check_same_owner+0x320/0x320 [ 861.698844] ? rcu_note_context_switch+0x710/0x710 [ 861.703775] should_failslab+0xec/0x120 [ 861.707740] kmem_cache_alloc_trace+0x4b/0x740 [ 861.712309] ? __kmalloc_node+0x33/0x70 [ 861.716272] __memcg_init_list_lru_node+0x169/0x270 [ 861.721275] ? list_lru_add+0x7c0/0x7c0 [ 861.725235] ? __kmalloc_node+0x47/0x70 [ 861.729189] __list_lru_init+0x544/0x750 [ 861.733227] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 861.739093] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 861.744095] ? lockdep_init_map+0x9/0x10 [ 861.748136] sget_userns+0x6b1/0xe40 [ 861.751826] ? set_anon_super+0x20/0x20 [ 861.755782] ? put_filp+0x90/0x90 [ 861.759219] ? destroy_unused_super.part.6+0xd0/0xd0 [ 861.764304] ? alloc_vfsmnt+0x762/0x9c0 [ 861.768262] ? path_lookupat+0x238/0xba0 [ 861.772316] ? mnt_free_id.isra.21+0x50/0x50 [ 861.776721] ? trace_hardirqs_off+0x10/0x10 [ 861.781030] ? putname+0xee/0x130 [ 861.784470] ? cap_capable+0x1b5/0x230 [ 861.788334] ? security_capable+0x8e/0xc0 [ 861.792470] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 861.797639] ? ns_capable_common+0xcf/0x160 [ 861.801948] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 861.807125] mount_ns+0x6d/0x190 [ 861.810476] rpc_mount+0x9e/0xd0 [ 861.813839] mount_fs+0x66/0x2d0 [ 861.817186] vfs_kern_mount.part.26+0xc6/0x4a0 [ 861.821746] ? may_umount+0xa0/0xa0 [ 861.825355] ? _raw_read_unlock+0x22/0x30 [ 861.829484] ? __get_fs_type+0x8a/0xc0 [ 861.833346] do_mount+0xea4/0x2bb0 [ 861.836861] ? __might_fault+0x110/0x1d0 [ 861.840907] ? copy_mount_string+0x40/0x40 [ 861.845124] ? check_same_owner+0x320/0x320 [ 861.849420] ? __check_object_size+0x8b/0x530 [ 861.853894] ? __might_sleep+0x95/0x190 [ 861.857848] ? kasan_check_write+0x14/0x20 [ 861.862061] ? _copy_from_user+0x99/0x110 [ 861.866187] ? memdup_user+0x5e/0x90 [ 861.869886] ? copy_mount_options+0x1f7/0x2e0 [ 861.874372] SyS_mount+0xab/0x120 [ 861.877814] ? copy_mnt_ns+0xb30/0xb30 [ 861.881679] do_syscall_64+0x281/0x940 [ 861.885540] ? vmalloc_sync_all+0x30/0x30 [ 861.889670] ? _raw_spin_unlock_irq+0x27/0x70 [ 861.894159] ? finish_task_switch+0x1c1/0x7e0 [ 861.898641] ? syscall_return_slowpath+0x550/0x550 [ 861.903557] ? syscall_return_slowpath+0x2ac/0x550 [ 861.908482] ? prepare_exit_to_usermode+0x350/0x350 [ 861.913491] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 861.918843] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 861.923674] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 861.928853] RIP: 0033:0x454e79 [ 861.932032] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 861.939728] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 861.946973] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 861.954220] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 861.961463] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 861.968708] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000036 2018/03/31 10:17:15 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680), 0x0, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:15 executing program 5: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x0, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:15 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd977000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 1 (fault-call:18 fault-nth:55): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:15 executing program 0: r0 = getpid() r1 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x80}, r0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = perf_event_open(&(0x7f0000000240)={0x7, 0x70, 0xebda, 0x8, 0x8, 0x4, 0x0, 0xe58, 0x10, 0x2, 0x100, 0x2, 0x7fff, 0x31c, 0x0, 0x26f1, 0xb07, 0xbb5, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x1, 0xfffffffffffffff7, 0xfffffffffffffe00, 0xa83a, 0x3f, 0x2, 0x3, 0x1, 0x3, 0xfffffffffffff001, 0x51, 0x0, 0x81, 0x9d4, 0x8, 0x0, 0x4, 0x2, @perf_config_ext={0x10000, 0xffff}, 0x8, 0x1, 0x9, 0x4, 0x0, 0x36e, 0x200}, r0, 0x7, r1, 0xa) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f00000023c0)="56125a44390d7cbbdf2badd5dd2d5f172bb70a406049a6bd45e38faed5fa5eebd4db40dc83e1e469b14592f615f4cd1a683b4cfe6f5740278c2e9cb8759912681abb") mkdir(&(0x7f0000002340)='./file1\x00', 0x8) r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002440), 0x4) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000002540)) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000002480)={&(0x7f0000002380)='./file0/file0\x00', r5}, 0x10) ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000002300)=0x4) r6 = gettid() ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000002680)={r1, r5}) mkdir(&(0x7f000075bff8)='./file0\x00', 0x0) recvmsg$kcm(r2, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000001200), 0x0, &(0x7f0000001240)=""/134, 0x35, 0xfff}, 0x2004) r7 = perf_event_open(&(0x7f000000a000)={0x1, 0x78, 0x0, 0x0, 0xb140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x800000, 0x0, @perf_bp={&(0x7f0000000000), 0x800000}, 0x0, 0x20000000, 0x6, 0x400010, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180)) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000002580)) perf_event_open(&(0x7f0000000100)={0x0, 0x70, 0x8, 0x7, 0x4, 0x2, 0x0, 0x3f, 0x1, 0x2, 0x401, 0x2, 0x80, 0xffffffffffffff7c, 0x0, 0x8, 0x7, 0x3f, 0x8, 0xffffffff, 0x5, 0x140000000000, 0x1, 0x0, 0x7fff, 0x3, 0x7ff, 0x8000, 0xff, 0x800, 0x7, 0x1, 0x0, 0xa3ad, 0x2, 0x2, 0xfffffffffffff000, 0x32, 0x0, 0x8, 0x1, @perf_bp={&(0x7f00000000c0), 0xb}, 0x8000, 0xfffffffffffffffd, 0xfff, 0x2, 0xb20, 0x2, 0x6}, r6, 0xb, r7, 0x1) perf_event_open(&(0x7f00000001c0)={0x3, 0x70, 0x4594dab1, 0x0, 0xc600000000000000, 0x1, 0x0, 0xd53f, 0x80008, 0x1, 0x8001, 0x44d1, 0x3, 0x1, 0x10001, 0x100, 0x40, 0x7, 0x15c000000000000, 0x0, 0x42, 0x7, 0x1, 0x8, 0x1, 0x7, 0x0, 0x81, 0x3, 0x5, 0x4, 0x1, 0x5, 0x0, 0xfffffffffffffff8, 0x1, 0x0, 0xffff, 0x0, 0x2, 0x1, @perf_config_ext={0x1ff}, 0x430, 0x401, 0x100000000, 0x1, 0x0, 0x890b, 0x80000000}, r6, 0x5, r4, 0x1) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000002600)={0xb, 0x68abe69a, 0x7, 0x1f89, 0x1, 0x1, 0x2}, 0x2c) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x2400, 0x9b0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000002640)={&(0x7f00000025c0)='./file1\x00', r8}, 0x10) r9 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000001180)={&(0x7f0000001140)='./file0\x00', 0x0, 0x18}, 0x10) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r9, 0x0, 0x40, 0x1000, &(0x7f00000011c0)="110c68225f202f3c7be01c3389ccdca32544dc95f28f76c339293bf3d657fc95df9c7a4c3cef0af2c6346a89d2b52cdb06963cf1e53d198edf8df2c4a60085bb", &(0x7f0000001300)=""/4096, 0x3, 0x4}, 0x28) 2018/03/31 10:17:15 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x0, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:15 executing program 3: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000f00)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000000b40)={&(0x7f00000004c0)=@ipx={0x4, 0x9, 0x0, "5f67c17b6955", 0x5}, 0x80, &(0x7f0000000940), 0x0, &(0x7f0000000980), 0x0, 0x884}, 0x20000800) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x0, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680), 0x0, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000680)={&(0x7f0000000600)='./file1\x00', 0x0, 0x18}, 0x10) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f00000005c0)='.', r2}, 0x10) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r3}, 0x10) mkdir(&(0x7f0000000140)='.', 0x0) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB="000000000060dc591049d900000000000000001aaf18c508dd9c668f5658d074c6a37e711600000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd977000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d9") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:15 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x0, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 862.115373] FAULT_INJECTION: forcing a failure. [ 862.115373] name failslab, interval 1, probability 0, space 0, times 0 [ 862.126883] CPU: 1 PID: 23411 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 862.134150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 862.143493] Call Trace: [ 862.146079] dump_stack+0x194/0x24d [ 862.149707] ? arch_local_irq_restore+0x53/0x53 [ 862.154377] ? find_held_lock+0x35/0x1d0 [ 862.158444] should_fail+0x8c0/0xa40 [ 862.162144] ? __list_lru_init+0x352/0x750 [ 862.166355] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 862.171434] ? trace_hardirqs_off+0x10/0x10 [ 862.175741] ? find_first_zero_bit+0x93/0xe0 [ 862.180127] ? trace_hardirqs_off+0x10/0x10 [ 862.184422] ? find_held_lock+0x35/0x1d0 [ 862.188457] ? __lock_is_held+0xb6/0x140 [ 862.192505] ? check_same_owner+0x320/0x320 [ 862.196808] ? lock_downgrade+0x980/0x980 [ 862.200933] ? rcu_note_context_switch+0x710/0x710 [ 862.205840] ? find_held_lock+0x35/0x1d0 [ 862.209989] should_failslab+0xec/0x120 [ 862.213953] __kmalloc+0x63/0x760 [ 862.217378] ? lock_downgrade+0x980/0x980 [ 862.221506] ? register_shrinker+0x10e/0x2d0 [ 862.225889] ? trace_event_raw_event_module_request+0x320/0x320 [ 862.231926] register_shrinker+0x10e/0x2d0 [ 862.236135] ? __bpf_trace_mm_vmscan_wakeup_kswapd+0x40/0x40 [ 862.241923] ? memcpy+0x45/0x50 [ 862.245182] sget_userns+0xbbf/0xe40 [ 862.248870] ? set_anon_super+0x20/0x20 [ 862.252820] ? put_filp+0x90/0x90 [ 862.256265] ? destroy_unused_super.part.6+0xd0/0xd0 [ 862.261359] ? mnt_free_id.isra.21+0x50/0x50 [ 862.265744] ? trace_hardirqs_off+0x10/0x10 [ 862.270045] ? putname+0xee/0x130 [ 862.273475] ? cap_capable+0x1b5/0x230 [ 862.277345] ? security_capable+0x8e/0xc0 [ 862.281473] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 862.286638] ? ns_capable_common+0xcf/0x160 [ 862.290937] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 862.296108] mount_ns+0x6d/0x190 [ 862.299460] rpc_mount+0x9e/0xd0 [ 862.302800] mount_fs+0x66/0x2d0 [ 862.306145] vfs_kern_mount.part.26+0xc6/0x4a0 [ 862.310700] ? may_umount+0xa0/0xa0 [ 862.314303] ? _raw_read_unlock+0x22/0x30 [ 862.318427] ? __get_fs_type+0x8a/0xc0 [ 862.322287] do_mount+0xea4/0x2bb0 [ 862.325807] ? __might_fault+0x110/0x1d0 [ 862.329849] ? copy_mount_string+0x40/0x40 [ 862.334063] ? check_same_owner+0x320/0x320 [ 862.338361] ? __check_object_size+0x8b/0x530 [ 862.342832] ? __might_sleep+0x95/0x190 [ 862.346786] ? kasan_check_write+0x14/0x20 [ 862.350996] ? _copy_from_user+0x99/0x110 [ 862.355125] ? memdup_user+0x5e/0x90 [ 862.358817] ? copy_mount_options+0x1f7/0x2e0 [ 862.363295] SyS_mount+0xab/0x120 [ 862.366720] ? copy_mnt_ns+0xb30/0xb30 [ 862.370581] do_syscall_64+0x281/0x940 [ 862.374440] ? vmalloc_sync_all+0x30/0x30 [ 862.378568] ? _raw_spin_unlock_irq+0x27/0x70 [ 862.383051] ? finish_task_switch+0x1c1/0x7e0 [ 862.387523] ? syscall_return_slowpath+0x550/0x550 [ 862.392433] ? syscall_return_slowpath+0x2ac/0x550 [ 862.397342] ? prepare_exit_to_usermode+0x350/0x350 [ 862.402331] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 862.407672] ? trace_hardirqs_off_thunk+0x1a/0x1c 2018/03/31 10:17:16 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r1 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r1, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r2 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, 0xffffffffffffffff, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00'}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 862.412489] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 862.417654] RIP: 0033:0x454e79 [ 862.420816] RSP: 002b:00007f2898d49c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 862.428499] RAX: ffffffffffffffda RBX: 00007f2898d4a6d4 RCX: 0000000000454e79 [ 862.435742] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 862.442989] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 862.450239] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000016 [ 862.457496] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000037 2018/03/31 10:17:16 executing program 2: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0x0, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:16 executing program 1 (fault-call:18 fault-nth:56): bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0xea, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000600)) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) 2018/03/31 10:17:16 executing program 7: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d9") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:16 executing program 4: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000400)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$inet6(0xa, 0x5, 0x3ff, &(0x7f0000000480)={0xffffffffffffffff}) sendmsg(r0, &(0x7f0000002940)={&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x4, 0x2, 0x0, 0x3, {0xa, 0x4e22, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x9e}}}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000640)="f946f5723b972f619aee893da5f115cab7df1b", 0x13}], 0x1, &(0x7f00000016c0)=ANY=[]}, 0x8005) mount(&(0x7f0000000440)='.', &(0x7f0000002a80)='./file0\x00', &(0x7f0000002a00)='hugetlbfs\x00', 0xfffffffffffffffd, &(0x7f0000002ac0)="e86805443e99263f548d46ebfc1b26d53b9531ab4a1d12f0ee584e68fb8e9038b4659270db4b5300fb8e5d2a0ee7f8d95f0c65d3576ebecf78b9ceefa69e47") mkdir(&(0x7f0000000000)='./file1\x00', 0x0) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000444000)) bpf$OBJ_GET_PROG(0x7, &(0x7f00000029c0)={&(0x7f0000002980)='.', 0x0, 0x18}, 0x10) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x0, &(0x7f000002f000)) mount(&(0x7f0000000040)='.', &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)='binfmt_misc\x00', 0x0, &(0x7f0000000100)) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x0, &(0x7f00000e7000)) r2 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)={&(0x7f0000000100)='./file0/file0\x00', r2}, 0x10) mkdir(&(0x7f0000000140)='.', 0x100) mount(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)='anon_inodefs\x00', 0x2000, &(0x7f0000000240)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f0000e08fff)='.', &(0x7f00005e9000)='cifs\x00', 0x2000, &(0x7f0000ad5000)) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xe, 0x8, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000fb8fd76b1bff0000000000000000000000000095000000000000001aad18c508dd9c668f5658d074c6a37e7116700776c90c6dd97700000000000000000000"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0xbb, &(0x7f0000000300)=""/187}, 0x48) 2018/03/31 10:17:16 executing program 6: bpf$MAP_CREATE(0x0, &(0x7f0000011fd4)={0x5, 0x3, 0x4, 0x1, 0x0, 0x1}, 0x2c) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000011000)={0xd, 0x101, 0x4, 0x3ff, 0x1, 0xffffffffffffffff, 0x3, [0x115]}, 0x2c) socketpair$packet(0x11, 0x6, 0x300, &(0x7f0000000280)) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)={0xb, 0x7e, 0x3, 0x1, 0x11}, 0x2c) mount(&(0x7f0000000b80)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000200)) r2 = socket$kcm(0x29, 0x2, 0x0) socketpair(0x2, 0x0, 0x7fff, &(0x7f0000000640)) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000240)) sendmsg$kcm(r2, &(0x7f0000000bc0)={&(0x7f00000007c0)=@rc={0x1f, {0x5, 0x50000000, 0xaa2, 0x613, 0x4, 0x1ff}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000840)="09c9453aa30d8c5fba221fa2413f12c580837b2ae292e3ee8dd00098c404125a1a2e63840f82a2f69c3927af43b828422484aaeeceebcbe76e999bd3930c9b7c2995484407f9166e39c2069a88b63a980b9b5ffc880f4b89dde5adae6c7fb84ed98cbac860214dfb0b28d1b2e2d58aefebdfe515334f2ffa46be22ef7a4b3a276cb70a27c9e9f5de0a20bad24cbe2b89aee9693c2f8f186ea59fcfc4ebec7188cca0418d4583a6f1730f62416d70cd62555eb4f58ea831d1fea9956a2cba0049f23bf0b249f5de2ce0dc303808d70b0ccab3c7f37e949e", 0xd7}], 0x1, &(0x7f0000000980), 0x0, 0x20004805}, 0x4010) r3 = perf_event_open(&(0x7f0000000500)={0x3, 0x70, 0x2367, 0x0, 0x1, 0x6, 0x0, 0x78b1, 0x1, 0x0, 0x4992c766, 0xff, 0x81, 0x100, 0x40, 0x3, 0x9, 0x8, 0x1, 0x10000, 0x1182, 0x6, 0x90e, 0x9, 0x7ff, 0x5da, 0x8, 0x0, 0x30, 0x20, 0x7fffffff, 0x6, 0x401, 0x2, 0x1000, 0x8001, 0x1ff, 0xfffffffffffffff8, 0x0, 0x2, 0x0, @perf_config_ext={0x5, 0x8}, 0x1ab23, 0x3f, 0x8, 0x5, 0x6, 0x0, 0x6}, 0xffffffffffffffff, 0x10, r1, 0x1) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000004c0)) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000006c0)={&(0x7f0000000680)='./file0\x00', r0}, 0x10) ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, 0xffffffffffffffff) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000000)={&(0x7f0000000080)='./file0/file0\x00', r1}, 0x10) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000700)) bpf$MAP_CREATE(0x0, &(0x7f0000002cc0)={0x5, 0x100, 0x56c96e7a, 0x0, 0xa, 0xffffffffffffffff, 0x4000000009}, 0x2c) mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000480)='rpc_pipefs\x00', 0x200000, 0x0) mount(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000980)='fuseblk\x00', 0xa11800, &(0x7f0000000240)) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x2400, 0x80) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000400)={&(0x7f0000000380)='./file0/file0\x00', 0x0, 0x10}, 0x10) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000ac0)='./file0/file0\x00', &(0x7f0000000780)='fuse\x00', 0x37002, &(0x7f0000000b00)="b9fc179e3093dec540697d223abb3839b14e772b8e26e104100ff9d93ed91f6955f5701ede88ca117893a87cc6135e36851cf411dcc16f4f5e3821f842d1386ebb19beb5df3ae0dcd0460f4076fd3132dae2c7417db05ddf70e4d3f97fc272d6f129c8") gettid() close(0xffffffffffffffff) [ 862.586766] ------------[ cut here ]------------ [ 862.591651] refcount_t: increment on 0; use-after-free. [ 862.597179] WARNING: CPU: 0 PID: 11547 at lib/refcount.c:153 refcount_inc+0x47/0x50 [ 862.604961] Kernel panic - not syncing: panic_on_warn set ... [ 862.604961] [ 862.612315] CPU: 0 PID: 11547 Comm: syz-executor1 Not tainted 4.16.0-rc6+ #43 [ 862.619571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 862.628913] Call Trace: [ 862.631495] dump_stack+0x194/0x24d [ 862.635111] ? arch_local_irq_restore+0x53/0x53 [ 862.639775] ? vsnprintf+0x1ed/0x1900 [ 862.643645] panic+0x1e4/0x41c [ 862.646830] ? refcount_error_report+0x214/0x214 [ 862.651589] ? show_regs_print_info+0x18/0x18 [ 862.656065] ? __warn+0x1c1/0x200 [ 862.659496] ? refcount_inc+0x47/0x50 [ 862.663270] __warn+0x1dc/0x200 [ 862.666524] ? refcount_inc+0x47/0x50 [ 862.670301] report_bug+0x1f4/0x2b0 [ 862.673962] fixup_bug.part.10+0x37/0x80 [ 862.678003] do_error_trap+0x2d7/0x3e0 [ 862.681872] ? vprintk_default+0x28/0x30 [ 862.685906] ? math_error+0x400/0x400 [ 862.689680] ? printk+0xaa/0xca [ 862.692935] ? show_regs_print_info+0x18/0x18 [ 862.697409] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 862.702227] do_invalid_op+0x1b/0x20 [ 862.705921] invalid_op+0x1b/0x40 [ 862.709358] RIP: 0010:refcount_inc+0x47/0x50 [ 862.713755] RSP: 0018:ffff8801d1167860 EFLAGS: 00010286 [ 862.719099] RAX: dffffc0000000008 RBX: ffff8801af1bc0c4 RCX: ffffffff815b423e [ 862.726343] RDX: 0000000000000000 RSI: 1ffff1003a22cebc RDI: 1ffff1003a22ce91 [ 862.733587] RBP: ffff8801d1167868 R08: 0000000000000000 R09: 0000000000000000 [ 862.740832] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d1167af8 [ 862.748076] R13: ffff8801b07f6a93 R14: ffff8801af1bc0c0 R15: ffff8801b07f6b01 [ 862.755341] ? vprintk_func+0x5e/0xc0 [ 862.759159] sk_alloc+0x3f9/0x1440 [ 862.762676] ? sock_def_error_report+0x5e0/0x5e0 [ 862.767406] ? __raw_spin_lock_init+0x2d/0x100 [ 862.771971] ? trace_hardirqs_off+0x10/0x10 [ 862.776275] ? do_raw_write_unlock+0x290/0x290 [ 862.780843] ? trace_hardirqs_off+0x10/0x10 [ 862.785149] ? __raw_spin_lock_init+0x1c/0x100 [ 862.789712] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 862.794707] ? find_held_lock+0x35/0x1d0 [ 862.798792] ? inet_create+0x3fc/0xf50 [ 862.802655] ? lock_downgrade+0x980/0x980 [ 862.806786] ? lock_release+0xa40/0xa40 [ 862.810734] ? lock_downgrade+0x980/0x980 [ 862.814866] inet_create+0x47c/0xf50 [ 862.818558] ? ipip_gro_receive+0xf0/0xf0 [ 862.822678] ? __lock_is_held+0xb6/0x140 [ 862.826717] __sock_create+0x4d4/0x850 [ 862.830595] ? kernel_sock_ip_overhead+0x4c0/0x4c0 [ 862.835508] ? user_path_create+0x40/0x40 [ 862.839638] SyS_socket+0xeb/0x1d0 [ 862.843159] ? fillonedir+0x250/0x250 [ 862.846942] ? move_addr_to_kernel+0x60/0x60 [ 862.851327] ? getname_flags+0x256/0x580 [ 862.855373] ? do_syscall_64+0xb7/0x940 [ 862.859333] ? move_addr_to_kernel+0x60/0x60 [ 862.863730] do_syscall_64+0x281/0x940 [ 862.867596] ? vmalloc_sync_all+0x30/0x30 [ 862.871718] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 862.877238] ? syscall_return_slowpath+0x550/0x550 [ 862.882147] ? syscall_return_slowpath+0x2ac/0x550 [ 862.887059] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 862.892399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 862.897215] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 862.902378] RIP: 0033:0x4579a7 [ 862.905553] RSP: 002b:00007ffec19fca98 EFLAGS: 00000206 ORIG_RAX: 0000000000000029 [ 862.913243] RAX: ffffffffffffffda RBX: 00000000000001c2 RCX: 00000000004579a7 [ 862.920490] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 862.927742] RBP: 00000000000d292e R08: 0000000000000000 R09: 0000000000000001 [ 862.934987] R10: 000000000000000a R11: 0000000000000206 R12: 000000000000038d [ 862.942233] R13: 000000000000001a R14: 000000000000038d R15: 00000000000d2781 [ 862.950043] Dumping ftrace buffer: [ 862.953622] (ftrace buffer empty) [ 862.957304] Kernel Offset: disabled [ 862.960904] Rebooting in 86400 seconds..